This phase is Information Gathering, the first and most foundational step in an IoT penetration test methodology described in CEH-aligned material. The goal here is to build an accurate inventory of the IoT environment and understand how devices communicate, what hardware and software versions are present, and which protocols and interfaces are in use. Jordan is collecting device models, manufacturer names, firmware versions, and supported protocols such as Zigbee and BLE. That activity maps directly to enumeration and profiling of the target IoT ecosystem, which is performed before any intrusive testing. In CEH methodology terms, this step helps identify the attack surface, including wireless interfaces, management ports, cloud backends, mobile apps, and gateways that bridge IoT networks to enterprise networks.

Information gathering is crucial because IoT risk is highly dependent on specific device types and firmware builds. Knowing a firmware version can reveal whether known CVEs apply, whether default credentials are likely, or whether insecure services are commonly enabled. Identifying Zigbee and BLE indicates potential avenues for wireless assessment, such as insecure pairing, weak encryption or key handling, misconfigured access control, and protocol-specific weaknesses.

The other options occur later. Vulnerability scanning is the step where the tester actively checks the identified devices and services for weaknesses using scanners, enumeration probes, or targeted validation. Launch attacks and gain remote access are exploitation steps that follow planning and discovery. Since Jordan is only documenting and understanding the ecosystem, the correct step is Information gathering.