ITC 341 MIDTERM EXAM STUDY
GUIDE 2025/2026 QUESTIONS AND
ANSWERS 100% PASS
Which step occurs first during the attack phase of a penetration test? - ANS Gaining access
Barry is participating in a cybersecurity wargame exercise. His role is to attempt to break into
adversary systems. What team is he on? - ANS Red team
Ben is preparing to conduct a cybersecurity risk assessment for his organization. If he chooses to
follow the standard process proposed by NIST, which one of the following steps would come
first? - ANS Identify threats
What is the first step during the attack phase of a penetration test? - ANS Gaining access
Which team in a cybersecurity wargame attempts to break into adversary systems? - ANS Red
team
What is the first step in the NIST standard process for a cybersecurity risk assessment? -
ANS Identify threats
What type of firewall protects against SQL injection and cross-site scripting? - ANS Web
Application Firewall (WAF)
1 @COPYRIGHT 2025/2026 ALLRIGHTS RESERVED.
,What risk management strategy did Paul use by implementing a network firewall? - ANS Risk
mitigation
When should penetration testers obtain written authorization for their test? - ANS During the
planning phase
Which security company originally created the base set of indicators for OpenIOC? -
ANS Mandiant
What type of threat actor targets governments and businesses for political reasons? -
ANS Hacktivists
What is frequently conducted in the requirements-gathering stage of intelligence gathering? -
ANS Review of security breaches or compromises
What type of assessment is particularly useful for identifying insider threats? -
ANS Behavioral assessment
Which threat actor typically has the greatest access to resources? - ANS Nation-state actors
What does Jason's intelligence about USB key drops represent? - ANS A possible attack vector
What tool is used to capture IP traffic information? - ANS NetFlow
What is the process of verifying that a Word document does not contain hidden content? -
ANS Metadata scrubbing
What type of server is indicated by the dhcpd.conf entry for host db1? - ANS Microsoft SQL
Server
2 @COPYRIGHT 2025/2026 ALLRIGHTS RESERVED.
, Which organization manages the global IP address space? - ANS IANA
What technique is used in the command 'dig axfr @dns-server example.com'? - ANS Zone
transfer
Which is not a common DNS anti-harvesting technique? - ANS Registering manually
What minimum level of impact must a system have under FISMA for discoverability
assessment? - ANS Moderate
Which federal law requires vulnerability scanning on information systems operated by federal
agencies? - ANS FISMA
Which activity is not part of the vulnerability management life cycle? - ANS Reporting
What approach to vulnerability scanning incorporates information from agents on target
servers? - ANS Agent-based scanning
What is the purpose of Common Platform Enumeration (CPE) in SCAP? - ANS CPE provides
standardized nomenclature for product names and versions.
What tool can administrators use to identify systems on a network before conducting
vulnerability scans? - ANS Asset inventory
What does SSO stand for in the context of user authentication? - ANS Single Sign-On,
allowing users to log into multiple services without re-entering credentials.
What design principle requires verification and validation of each action requested? -
ANS Zero trust
3 @COPYRIGHT 2025/2026 ALLRIGHTS RESERVED.
GUIDE 2025/2026 QUESTIONS AND
ANSWERS 100% PASS
Which step occurs first during the attack phase of a penetration test? - ANS Gaining access
Barry is participating in a cybersecurity wargame exercise. His role is to attempt to break into
adversary systems. What team is he on? - ANS Red team
Ben is preparing to conduct a cybersecurity risk assessment for his organization. If he chooses to
follow the standard process proposed by NIST, which one of the following steps would come
first? - ANS Identify threats
What is the first step during the attack phase of a penetration test? - ANS Gaining access
Which team in a cybersecurity wargame attempts to break into adversary systems? - ANS Red
team
What is the first step in the NIST standard process for a cybersecurity risk assessment? -
ANS Identify threats
What type of firewall protects against SQL injection and cross-site scripting? - ANS Web
Application Firewall (WAF)
1 @COPYRIGHT 2025/2026 ALLRIGHTS RESERVED.
,What risk management strategy did Paul use by implementing a network firewall? - ANS Risk
mitigation
When should penetration testers obtain written authorization for their test? - ANS During the
planning phase
Which security company originally created the base set of indicators for OpenIOC? -
ANS Mandiant
What type of threat actor targets governments and businesses for political reasons? -
ANS Hacktivists
What is frequently conducted in the requirements-gathering stage of intelligence gathering? -
ANS Review of security breaches or compromises
What type of assessment is particularly useful for identifying insider threats? -
ANS Behavioral assessment
Which threat actor typically has the greatest access to resources? - ANS Nation-state actors
What does Jason's intelligence about USB key drops represent? - ANS A possible attack vector
What tool is used to capture IP traffic information? - ANS NetFlow
What is the process of verifying that a Word document does not contain hidden content? -
ANS Metadata scrubbing
What type of server is indicated by the dhcpd.conf entry for host db1? - ANS Microsoft SQL
Server
2 @COPYRIGHT 2025/2026 ALLRIGHTS RESERVED.
, Which organization manages the global IP address space? - ANS IANA
What technique is used in the command 'dig axfr @dns-server example.com'? - ANS Zone
transfer
Which is not a common DNS anti-harvesting technique? - ANS Registering manually
What minimum level of impact must a system have under FISMA for discoverability
assessment? - ANS Moderate
Which federal law requires vulnerability scanning on information systems operated by federal
agencies? - ANS FISMA
Which activity is not part of the vulnerability management life cycle? - ANS Reporting
What approach to vulnerability scanning incorporates information from agents on target
servers? - ANS Agent-based scanning
What is the purpose of Common Platform Enumeration (CPE) in SCAP? - ANS CPE provides
standardized nomenclature for product names and versions.
What tool can administrators use to identify systems on a network before conducting
vulnerability scans? - ANS Asset inventory
What does SSO stand for in the context of user authentication? - ANS Single Sign-On,
allowing users to log into multiple services without re-entering credentials.
What design principle requires verification and validation of each action requested? -
ANS Zero trust
3 @COPYRIGHT 2025/2026 ALLRIGHTS RESERVED.
