While conducting a vulnerability assessment, a cybersecurity analyst needs to passively map out the services and devices on the target network to prevent alerting the network's intrusion detection systems. Which method would be most appropriate for this task?
Sending ICMP echo requests ('ping') to enumerate live hosts
Using Nmap to perform a service discovery scan
Performing ARP cache poisoning to map out the network
Analyzing data from Internet-wide search engines such as Shodan