An IS auditor finds that application servers had inconsistent security settings leading to potential vulnerabilities. Which of the following is the BEST recommendation by the IS auditor?
A. Improve the change management process
B. Perform a configuration review
C. Establish security metrics
D. Perform a penetration test
A. Improve the change management process
B. Perform a configuration review
C. Establish security metrics
D. Perform a penetration test