In performing an authorized penetration test of an organization’s system security, a penetration tester collects
information pertaining to the application versions that reside on a server. Which of the following is the best way
to collect this type of information?
A.
Protocol analyzer
B.
Banner grabbing
C.
Port scanning
D.
Code review