In performing an authorized penetration test of an organization’s system security, a penetration tester collects information pertaining to the application versions that
reside on a server. Which of the following is the best way to collect this type of information?
A.
Protocol analyzer
B.
Banner grabbing
C.
Port scanning
D.
Code review