A healthcare institution recently hired you to review their security measures. You discover that they have not been monitoring access to publicly available information that could be used for social engineering attacks. Which type of reconnaissance is the institution most vulnerable to?
Penetration testing
Active reconnaissance
Passive reconnaissance
Active scanning