Your team has won a contract to infiltrate an organization. The company wants to have the attack be as realistic
as possible; therefore, they did not provide any information besides the company name.
What should be the first step in security testing the client?

A.
Reconnaissance

B.
Enumeration

C.
Scanning

D.
Escalation

Explanation:
Phases of hacking
Phase 1—Reconnaissance
Phase 2—Scanning
Phase 3—Gaining Access
Phase 4—Maintaining Access
Phase 5—Covering Tracks
Phase 1: Passive and Active Reconnaissance
Passive reconnaissance involves gathering information regarding a potential target without the targeted
individual’s or company’s knowledge.
Active reconnaissance involves probing the network to discover individual hosts, IP addresses, and services
on the network.References: http://hack-o-crack.blogspot.se/2010/12/five-stages-of-ethical-hacking.html