What is NOT a purpose of the gaining access phase?

In the context of the gaining access phase, the primary focus is on actually compromising a system and establishing ways to maintain that access. This involves actions like establishing a foothold in the system, which means gaining initial access and creating opportunities for further infiltration. Installing backdoor access tools is another critical component, as it ensures continued access even if the initial vulnerability is discovered and patched.

Collecting sensitive information can be part of the process once access is gained, as the attacker may want to gather confidential data to achieve their objectives, whether that’s exfiltration or further exploitation. However, surveying other network layers is generally part of information gathering or reconnaissance, which occurs before actual access is attained. It aims at understanding the environment and identifying potential vulnerabilities, rather than actions taken after access has been gained. Therefore, surveying other network layers does not align with the objectives of the gaining access phase.