A penetration tester was hired to perform a penetration test for a bank. The tester began
searching for IP ranges owned by the bank, performing lookups on the bank’s DNS servers,
reading news articles online about the bank, watching what times the bank employees come into
work and leave from work, searching the bank’s job postings (paying special attention to IT related
jobs), and visiting the local dumpster for the bank’s corporate office. What phase of the penetration
test is the tester currently in?
A.
Information reporting
B.
Vulnerability assessment
C.
Active information gathering
D.
Passive information gathering
D