You are assigned to assess the security posture of a client's network. During the initial phase, you decide to monitor the network traffic to identify potential data leakage or unsecured protocols in use. What is the most appropriate method to begin capturing network traffic without being detected by the client's network intrusion detection system?
Use port mirroring by configuring the switch to send a copy of all network packets to the port where you're connected.
Employ a passive network tap to mirror the data passing through without injecting traffic.
Perform Ethernet sniffing directly on the client's network, targeting the gateway for maximum traffic coverage without ARP spoofing.
Physically plug into an open network port in the client's premises and begin capturing all traffic with a network protocol analyzer.