A client has provided you with the rules of engagement for an upcoming penetration testing exercise on their e-commerce platform. However, the client has not specified any constraints regarding the time of day the testing should occur. Which of the following is the MOST professional approach to handle this situation?
Schedule the testing during typical off-peak hours for e-commerce platforms to minimize potential impact.
Suggest that testing be performed during evening hours assuming it is less likely to affect the client's operations.
Assume testing is allowed during business hours as no constraints were mentioned and proceed with the planned activities.
Seek clarification from the client regarding preferred testing times to avoid disruption to their business operations.