An attacker successfully obtained all credit card information of a company's customers by following these steps. $1.$ The attacker found that a web server was vulnerable to XSS$.2.$ The attacker used the "Contact US$"$ web form to introduce JS code that downloads malware. $3.$ When reviewing the message, the administrator's computer was infected by a keyloger $4.$ The keylogger camptured the admisitrators credentials, which were sent to the attacker. $5.$ The attacker used the credentials to access the web application with administration privileges and obtain confidential information about the company's customers. Match each step with the corresponding action. A$.$ Exfiltration B$.$ Damage C$.$ Expansion D$.$ Reconnaissance E$.$ Exploitation