Test your basic knowledge |

Router Security

Subject : it-skills
Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. TCP only - used to filter inbound traffic while allowing return TCP sessions - can be spoofed by attackers and cannot be used with Active FTP






2. TCP and UDP Port 162






3. Translates multiple local addresses to a pool of global addresses by having the firewall select the first available global address; retains the global address for the duration of the connection






4. 1300-1999






5. Privilege levels that can have passwords assigned to them






6. Rebuild Number






7. Tunnel Mode Protocol provides confidentiality - along with authentication and integrity protection with encryption






8. Command used to disable NTP on an interface






9. This server is used for querying a host about its logged in users






10. Protocol used to keep their time-of-day clocks accurate and in sync






11. Release Number






12. Startup-config can be deleted - copied - changed






13. When one network protocol called the payload protocol is encapsulated within a different delivery network - or provide a secure path through an untrusted network






14. Datagram protocol used by some hosts to load their operating system over the network via a central repository of IOS software






15. An alternative for both standard and extended ACLs that allow you to refer to an ACL by a descriptive name instead of a number






16. The communication layer between the two other layers and provides network security - including ACLs - firewalls - any general public access servers and address translation; also known as the isolation LAN or DMZ






17. Major Version






18. Attack that involves sending a large amount of UDP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet






19. Allows the source IP host to specify a route through the IP network






20. UDP Port 514






21. A secure alternative to telnet for remote administration that supported in Enterprise versions of Cisco IOS






22. Layer 5






23. Forces the user to enter both a valid username and password






24. Provides nonrepudiation - ensuring that traffic is from a trusted party






25. No Known Vulnerability






26. Command used to disable HTTP Server






27. Form of dynamic NAT that maps multiple unregistered IP addresses to a single registered IP address by using different ports; limited to ~64 -000 hosts






28. Refers to the addresses on the public internet






29. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet






30. Attack that involves transmitting a volume of connections that cannot be completed at the destination - causing the queue to fill up and denying service to legitimate user






31. 33400-34400






32. Access - Distribution - Core






33. None - uses attached application protocol's port






34. Ip accesslist extended <name1> - permit IP any any reflect <filename> - ip accesslist extended <name2> - evaluate <filename> - int f0/0 - ip access-group <name1> out - ip access-group <name2> in






35. Ip access-list <standard | extended> name - permit TCP any any established






36. The environment - catastrophic events an unauthorized access






37. Two - one Inbound or Evaluated and one Outbound or Reflected






38. Users - Host PC's - IP Addresses






39. Release Train Identifier






40. What Transport Mode is used for






41. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet






42. PERMIT TCP ANY ANY ESTABLISHED






43. Protects against repeating of secure sessions






44. Can stop spoofed IP addresses






45. These ACLs filter by network or host IP addresses andspecific protocol type or port numbers - filters by source and destination






46. Command to disable BOOTP Server






47. Command to disable TCP small server on a router






48. What Inside and Outside refer to in NAT






49. The host can specify which route to take - which bypasses security






50. Command to disable UDP small server on a router