IT 338 Ethical Hacking Review Exam Q & A 2025

• During a penetration test, you discover an open port on the target

system. Which of the following is the most likely next step?

• Perform a denial of service attack
• Conduct a service version check
• Launch a phishing campaign
• Deploy a Trojan horse

Answer: B. Conduct a service version check

Rationale: After finding an open port, the next logical step is to

determine the version of the service running. This information can be used to identify known vulnerabilities.

• What is the primary goal of footprinting in cybersecurity?
• To map out the target network's architecture
• To delete logs and traces of reconnaissance activities
• To establish a backdoor for future access
• To disrupt the target's operations

Answer: A. To map out the target network's architecture

Rationale: Footprinting is the process of collecting as much information

as possible about a target system to find opportunities to penetrate it.

• Which scanning technique is most effective for avoiding detection by

intrusion detection systems (IDS)?

• Aggressive scanning
• Stealth scanning
• UDP scanning
• ARP scanning

Answer: B. Stealth scanning

Rationale: Stealth scanning techniques, such as SYN scans, are designed

to be less detectable by IDS by not completing the TCP handshake.

• In the context of ethical hacking, what is the main purpose of using

Trojans?

• To repair corrupted files
• To create a secure connection
• To gain unauthorized access to a system
• To encrypt data for confidentiality

Answer: C. To gain unauthorized access to a system

Rationale: Trojans are malicious programs that are used to provide a

backdoor to a system, allowing an attacker to gain unauthorized access.

• When conducting host reconnaissance, which of the following is a

primary target for gathering information?

• The physical location of the server room
• The operating system and network services
• The company's social media accounts
• The firewall's brand and model

Answer: B. The operating system and network services

Rationale: Host reconnaissance focuses on identifying the operating

system, services, and applications running on the target host, which are crucial for finding vulnerabilities.

• Which type of system attack specifically targets wireless network

protocols like WLAN?

• Phishing attack
• Man-in-the-middle attack
• SQL injection attack
• Deauthentication attack

Answer: D. Deauthentication attack

Rationale: A deauthentication attack targets wireless networks by

forcibly disconnecting devices from the network, often as a precursor to further attacks.

• What is the primary function of a firewall in a network security

context?

• To serve web pages
• To filter incoming and outgoing traffic
• To host websites
• To provide email services

Answer: B. To filter incoming and outgoing traffic

Rationale: A firewall is a network security device that monitors and

filters incoming and outgoing network traffic based on an organization's previously established security policies.

• Which of the following best describes the purpose of procedural

documentation in cybersecurity?

• To provide a narrative of the company's history
• To outline the steps for configuring a router
• To detail the processes and procedures for security tasks
• To advertise security services to potential clients

Answer: C. To detail the processes and procedures for security tasks

Rationale: Procedural documentation is essential for ensuring that

security tasks are performed consistently and correctly, according to the organization's standards.

• An Intrusion Detection System (IDS) generates an alert for potential

malicious activity. What is the most appropriate immediate action?

• Ignore the alert as a false positive
• Shut down the entire network
• Investigate the alert for potential security breaches
• Install a new IDS

Answer: C. Investigate the alert for potential security breaches

Rationale: When an IDS generates an alert, it is important to investigate

the potential breach to determine if it is a true positive and to take appropriate action.

• Which hacking technique involves the exploitation of vulnerabilities in

a system without the owner's permission or knowledge?

• Ethical hacking
• White hat hacking
• Black hat hacking
• Grey hat hacking

Answer: C. Black hat hacking

Rationale: Black hat hacking refers to the unauthorized and malicious

exploitation of systems, often for personal or financial gain, without the owner's consent.

• Which of the following activities involves gathering information to

identify potential vulnerabilities and targets for a penetration test?

• Footprinting
• Scanning