An organization must comply with a new regulation that requires the organization to determine if an external attacker is able to gain access to its systems from outside the network.
Which of the following should the company conduct to meet the regulation’s criteria?
A . Conduct a compliance review
B . Conduct a vulnerability assessment
C . Conduct a black box penetration test
D . Conduct a full system audit
Answer: C