A penetration tester visits a client's website and downloads the site's content. Which of the following actions is the penetration tester performing?

Unknown environment testing refers to the practice of assessing a system or network without prior knowledge of its architecture or components. This action typically involves active engagement and testing of the system's defenses, which is not the case here since the penetration tester is merely downloading content that is publicly accessible.

A vulnerability scan involves actively probing a system for known vulnerabilities by utilizing automated tools. This process requires interaction with the system to identify weaknesses, which contrasts with passive reconnaissance, where the tester only observes and collects information without direct interaction.

Due diligence typically refers to the comprehensive review or investigation conducted before a business transaction or decision. While it may involve gathering information, it does not specifically pertain to the act of downloading content from a website as a means of reconnaissance, which is more accurately described by passive reconnaissance.