Which option is NOT a method of passive information gathering?

Passive information gathering involves collecting information about a target without actively engaging with that target or their systems. This method relies on publicly available data and does not alert the target to the gathering process.

Job search databases and social networking sites fall under passive information gathering, as they allow an individual to extract valuable information about individuals or organizations without direct interaction. These platforms contain publicly shared information that can provide insights into the target's operations, personnel, and other relevant details.

Evaluating IP address allocations is also a method of passive information gathering. It involves analyzing public registries to determine how IP addresses are allocated, which can help identify the network structure and ownership of a system without direct contact.

Zone transfers, on the other hand, involve querying DNS servers to obtain complete information about the domain's records. This process can be considered an active method of information gathering since it requires interaction with the DNS server and can be detected by the server’s security mechanisms. It may even lead to alerts or defenses being triggered, distinguishing it from the more covert nature of passive information gathering methods. Therefore, zone transfers do not align with the definition of passive information gathering.