You are preparing for a penetration test within a European Union country that has strict privacy laws. Due to the nature of the test, you need to use packet sniffing tools to analyze network traffic. Which of the following actions is most appropriate according to tool restriction considerations?
Exclude the use of packet sniffing tools from the penetration test to avoid any conflict with the local privacy laws.
Use packet sniffing tools only during off-hours to minimize the impact on the client’s network and reduce the risk of violating privacy laws.
Request written authorization from the client specifically allowing the use of packet sniffing tools during the penetration test.
Proceed with using packet sniffing tools without client notification, since you are conducting a penetration test to enhance security.