A new security analyst is given the task of determining whether any of the company’s servers are vulnerable to a recently discovered attack on an old version of SSH. Which of the following is the quickest FIRST step toward determining the version of SSH running on these servers?
A. Passive scanning
B. Banner grabbing
C. Protocol analysis
D. Penetration testing