Your company has employed an outside security firm to act on various tests of your network. During the vulnerability scan, you will provide that company with logins for various systems (i.e., database server, application server, web server, etc.) to aid in their scan. Which of the following BEST describes this?

By providing the tester logins, you are allowing them to conduct a credentialed scan (i.e., a scan with an account or accounts that allow them access to check settings and configurations).
Known environment and partially known environment tests describe the level of knowledge the tester is given of the network. A privilege scan cannot be an unknown environment test, but it could be either known or partially known.
An intrusive scan is a term used for scans that attempt to exercise or use the vulnerability they find instead of attempting to avoid harm.
A gray-box test combines elements of both black-box and white-box testing. In this scenario, the tester has partial knowledge of the system (like architecture or source code) but not complete access.