Which technique involves collecting information about a target without direct engagement?

Passive information gathering is a technique used to collect data about a target without directly interacting with it or engaging its defenses. This approach allows an attacker or an ethical hacker to accumulate information from publicly available sources, online databases, or other non-intrusive methods. By observing and collecting data without alerting the target, one can gain insights into the target's systems, personnel, or networks, which can be crucial for planning subsequent activities, whether they are for penetration testing or malicious attacks.

This method relies on research techniques such as searching through social media profiles, public records, and other internet resources. It ensures that the target remains unaware of the collection process, avoiding any actions that might trigger alarms or lead to countermeasures from the target. In contrast, techniques like active information gathering involve direct interaction and methods that may be detected, such as port scanning or sending unsolicited communication.