ITSY-1300 Final Review Questions with 100% Correct
Answers 2025 | 2026
Ethical hackers must obtain _________________ prior to
performing a scanning and vulnerability assessment on a live
production network. - ANSWER written authorization from the
client
Holly would like to run an annual major disaster recovery test
that is as thorough and realistic as possible. She also wants to
ensure that there is no disruption of activity at the primary site.
What option is best in this scenario? - ANSWER Parallel test
During which phase of a hacker's five-step approach does the
hacker scan a network to identify IP hosts, open ports, and
services enabled on servers and workstations? - ANSWER
Reconnaissance
In which type of attack does the attacker attempt to take over
an existing connection between two systems? - ANSWER
Session hijacking
,Which element of the security policy framework requires
approval from upper management and applies to the entire
organization? - ANSWER Policy
Which of the following interfaces enables you to scan several IP
addresses at once or type in an IP address to create a simple
scan of any machine? - ANSWER Nessus
Which of the following is a protocol analyzer tool (sometimes
called a "packet sniffer") that is used to capture IP traffic from a
variety of sources? - ANSWER Wireshark
Which one of the following measures the average amount of
time that it takes to repair a system, application, or
component? - ANSWER Mean time to repair (MTTR)
During the vulnerability assessment, any known vulnerabilities
or bugs will be flagged and identified by: - ANSWER Nessus
Which organization pursues standards for Internet of Things
(IoT) devices and is widely recognized as the authority for
,creating standards on the Internet? - ANSWER Internet
Engineering Task Force
Which of the following is used to transfer files using the File
Transfer Protocol (FTP) to and from the vWorkstation? -
ANSWER FileZilla
Tony is working with a law enforcement agency to place a
wiretap pursuant to a legitimate court corder. The wiretap will
monitor communications without making any modifications.
What type of wiretap is Tony placing? - ANSWER Passive
wiretap
Which compliance obligation includes security requirements
that apply specifically to federal government agencies in the
United States? - ANSWER Federal Information Security
Management Act (FISMA)
Which one of the following is the best example of an
authorization control? - ANSWER Access control lists
, Which security control is most helpful in protecting against
eavesdropping on wireless LAN (WLAN) data transmissions that
would jeopardize confidentiality? - ANSWER Applying strong
encryption
Which type of denial of service attack exploits the existence of
software flaws to disrupt a service? - ANSWER Logic attack
Which of the following allows analysts to view and analyze
network packet traces? - ANSWER NetWitness Investigator
Maria's company recently experienced a major system outage
due to the failure of a critical component. During that time
period, the company did not register any sales through its
online site. Which type of loss did the company experience as a
result of lost sales? - ANSWER Opportunity cost
Which of the following is used to perform a scan of the network
and create a network topology chart? - ANSWER Zenmap
Dawn is selecting an alternative processing facility for her
organization's primary data center. she would like to have a
Answers 2025 | 2026
Ethical hackers must obtain _________________ prior to
performing a scanning and vulnerability assessment on a live
production network. - ANSWER written authorization from the
client
Holly would like to run an annual major disaster recovery test
that is as thorough and realistic as possible. She also wants to
ensure that there is no disruption of activity at the primary site.
What option is best in this scenario? - ANSWER Parallel test
During which phase of a hacker's five-step approach does the
hacker scan a network to identify IP hosts, open ports, and
services enabled on servers and workstations? - ANSWER
Reconnaissance
In which type of attack does the attacker attempt to take over
an existing connection between two systems? - ANSWER
Session hijacking
,Which element of the security policy framework requires
approval from upper management and applies to the entire
organization? - ANSWER Policy
Which of the following interfaces enables you to scan several IP
addresses at once or type in an IP address to create a simple
scan of any machine? - ANSWER Nessus
Which of the following is a protocol analyzer tool (sometimes
called a "packet sniffer") that is used to capture IP traffic from a
variety of sources? - ANSWER Wireshark
Which one of the following measures the average amount of
time that it takes to repair a system, application, or
component? - ANSWER Mean time to repair (MTTR)
During the vulnerability assessment, any known vulnerabilities
or bugs will be flagged and identified by: - ANSWER Nessus
Which organization pursues standards for Internet of Things
(IoT) devices and is widely recognized as the authority for
,creating standards on the Internet? - ANSWER Internet
Engineering Task Force
Which of the following is used to transfer files using the File
Transfer Protocol (FTP) to and from the vWorkstation? -
ANSWER FileZilla
Tony is working with a law enforcement agency to place a
wiretap pursuant to a legitimate court corder. The wiretap will
monitor communications without making any modifications.
What type of wiretap is Tony placing? - ANSWER Passive
wiretap
Which compliance obligation includes security requirements
that apply specifically to federal government agencies in the
United States? - ANSWER Federal Information Security
Management Act (FISMA)
Which one of the following is the best example of an
authorization control? - ANSWER Access control lists
, Which security control is most helpful in protecting against
eavesdropping on wireless LAN (WLAN) data transmissions that
would jeopardize confidentiality? - ANSWER Applying strong
encryption
Which type of denial of service attack exploits the existence of
software flaws to disrupt a service? - ANSWER Logic attack
Which of the following allows analysts to view and analyze
network packet traces? - ANSWER NetWitness Investigator
Maria's company recently experienced a major system outage
due to the failure of a critical component. During that time
period, the company did not register any sales through its
online site. Which type of loss did the company experience as a
result of lost sales? - ANSWER Opportunity cost
Which of the following is used to perform a scan of the network
and create a network topology chart? - ANSWER Zenmap
Dawn is selecting an alternative processing facility for her
organization's primary data center. she would like to have a
