Which of the following provides the BEST audit evidence that a firewall is configured in compliance with the organization’s security policy?
A. Analyzing how the configuration changes are performed
B. Performing penetration testing
C. Analyzing log files
D. Reviewing the rule base
A. Analyzing how the configuration changes are performed
B. Performing penetration testing
C. Analyzing log files
D. Reviewing the rule base