After a cloud migration, a company hires a third party to conduct an assessment to detect any cloud infrastructure vulnerabilities. Which of the following BEST describes this process?

A. Hardening
B. Risk assessment
C. Penetration testing
D. Application scanning