Zenmap is the graphical User Interface representation for
NMAP Security Scanner. It is an open-source program designed to make NMAP easy
for starters to use. Typically, it is used to collect and identify a list of
hosts, OS, as well what services are running on them by using a port scanning
tool. It is used specifically for the scanning and vulnerability phase of
ethical hacking.
A network administrator who wishes to audit all the devices
on a specific IP scheme in a network can use NMAP. The admin can go ahead and
scan the ports to know exactly which ports are closed and which
are opened.
The answer is an Intruder Prevention System (IPS). An Intrusion Detection System (IDS) will detect an attack but will not block it.
Of course there is. On a simple level, consider a parent trying to locate their missing child. Someone might break into their social media accounts to see if there are messages that might help determine their whereabouts.
Consider a website hosting inappropriate pictures of children. Breaking into the server hosting the files and removing them is 100% ethical.
I'm sure you can think of more examples.