A company contracts a security engineer to perform a penetration test of its client-facing web portal. Which of the following activities would be MOST appropriate? 

Answer options:

A. Use a protocol analyzer against the site to see if data input can be replayed from the browser
B. Scan the website through an interception proxy and identify areas for the code injection
C. Scan the site with a port scanner to identify vulnerable services running on the web server
D. Use network enumeration tools to identify if the server is running behind a load balancer

C