Explain the process of "footprinting," and why it is important to a security professional?

What will be an ideal response?

Footprinting is a process of finding information on a company's network. An important concept is that footprinting is passive, or non-intrusive; in other words, you aren't accessing information illegally or gathering unauthorized information with false credentials. With passive reconnaissance, you are not even engaging with the remote systems, but rather attempting to glean information about your target from other sources. Active footprinting, on the other hand, means you are prodding the target network in ways that might seem suspicious to network defenders. This includes things like port scans, DNS zone transfers, and interacting with a target's Web server.