In performing an authorized penetration test of an organization’s system security, a penetration tester
collects information pertaining to the application versions that reside on a server. Which of the following
is the best way to collect this type of information?

A.
Protocol analyzer

B.
Banner grabbing

C.
Port scanning

D.
Code review