When conducting a web application security assessment with the web application audit framework, which of the following scenarios is the tool MOST suitable for?
Scanning an operating system for missing patches and misconfigurations.
Testing the strength of user credentials on a Windows Active Directory server.
Identifying potential SQL injection points and cross-site scripting vulnerabilities in a company's online shopping platform.
Analyzing real-time network traffic to identify potential data exfiltration attempts.