Option B is the right one.
Individual Penetration test is the test used to identify the vulnerabilities in the application. This test will identify the vulnerabilities and try to exploit those.
OWSAP is open web security application project. This is the non profit organization which is used to provide accurate information about the security of the application. It will identify 10 vulnerabilities like injection, broken authentication, sensitive data exposure, etc..,
In the given statement, the organization has not detected any vulnerability in the new app because it may not have specific method or class to check the vulnerability.
So, independent penetration test have identified many vulnerabilities which have all methods or classes to identify those vulnerabilities.
Hence, option B is the right one, where it doesn't have methods of class to identify vulnerabilities.
-------
Comment for any doubts. Upvote if u like it.
Thank you.
10A As part of its SDLC, an organization scans all new applications for the OWASP Top...
A new version of the operating system is being planned for installation into your department’s production environment. What sort of testing would you recommend is done before your department goes live with the new version? Identify each type of testing and describe what is tested. Explain the rationale for performing each type of testing. [ your answer goes here ] Would the amount of testing and types of testing to be done be different if you were installing a security...