SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Router to Router Denial of Service
IP Directed Broadcast
Network-to-Network Communications
TCP/UDP Echo Vulnerability
SNMP Vulnerabilities
2. An extension of static mapping which allows for one global address to be mapped to multiple inside addresses; can be used for websites with multiple back end servers
SNMP
ACL to block TCP SYN Attack
SNMP Vulnerabilities
TCP Load Distribution
3. Service Provider
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
4. Command to disable TCP small server on a router
no ip bootp server
no service tcp-small-servers
IP Direct Broadcast Vulnerabilties
Session Hijacking
5. An alternative for both standard and extended ACLs that allow you to refer to an ACL by a descriptive name instead of a number
TCP/UDP Echo Vulnerability
Three Layers of Hierarchical Model
Named ACL
ESP Operating Layer
6. Provides nonrepudiation - ensuring that traffic is from a trusted party
Authenticating Peers
GRE Operating Layer
Masquerading
Encrypting Traffic
7. Router threat that refers to willful attempts to cause such disruptions by overwhelming the targeted system with improperly formatted traffic
ACL to block spoofed IPs
Fifth Part of the IOS Version
Privilege Levels 2-13
Denial of Service (DoS)
8. A suite of protocols for securing Internet Protocol communications by authenticating and/or encrypting each IP packet in a data stream
no ip bootp server
SSH Identifier
Internet Protocol Security (IPSec)
Access Layer
9. Breaks LAN security perimeter extends LAN to Layer 2
HTTP Operating Layer
IP Directed Broadcast
no cdp run
Proxy ARP Vulnerabilities
10. 1300-1999
Denial of Service (DoS)
BOOTP Vulnerabilities
Host-to-Host Communications
Higher IP Standard ACL Range
11. Also known as Configuration Auto-Loading - allows routers to load their startup configuration from the network
IP Mask Reply Vulnerabilities
IPSec AH Operating Layer
Named ACL
Boot Network
12. 33400-34400
Privilege Level 1
UDP Traceroute Port Range
no ip redirect
SSH Operating Layer
13. Rewrites the and/or destination IP address of IP packets as they pass through a router or firewall from private to public addresses
Smurf Attack
Network Address Translation (NAT)
Reflexive ACL
IP Mask Reply Vulnerabilities
14. Translates multiple local addresses to a pool of global addresses by having the firewall select the first available global address; retains the global address for the duration of the connection
TLS/SSL Layer
TCP/UDP Daytime Vulnerability
Dynamic NAT
Reflexive ACL
15. Block spoofed IP packets - block loopback packets - block IP multicast if unused - block ICMP redirects - Block telnet if not used
Common uses of Access Lists
General Format of Cisco IOS Version
Flags used by Established Line
Local Addresses
16. Software that passively monitors the connection requests flowing through the router; if a connection fails - the software sends a Reset to the server to clear up its state
Two Protocols of Tunnel Mode
IP Direct Broadcast Vulnerabilties
IP Source Routing Vulnerabilities
TCP Intercept Watch Mode
17. PERMIT TCP ANY ANY ESTABLISHED
Unicast Reverse-Path Forwarding (uRPF)
Common uses of Access Lists
ACL to block TCP SYN Attack
Reflexive ACL
18. Layer 3
Higher IP Standard ACL Range
GRE Operating Layer
Layer 2 Tunneling Protocol (L2TP)
SSH Operating Layer
19. Refers to the addresses on the public internet
SNMP Vulnerabilities
Outside
Privilege Levels 2-13
Proxy ARP
20. DENY IP 224.0.0.0 15.255.255.255 ANY
ACL to block IP multicast
HTTP Operating Layer
GRE Operating Layer
ntp disable
21. Ip accesslist extended <name1> - permit IP any any reflect <filename> - ip accesslist extended <name2> - evaluate <filename> - int f0/0 - ip access-group <name1> out - ip access-group <name2> in
ESP Identifier
SSH Operating Layer
Reflexive ACL
Syntax for Reflexive ACLs
22. Tunnel Mode Protocol provides integrity - authentication - and non-repudiation and operates directly on top of IP
Access Layer
Authentication Header (AH)
TLS/SSL Layer
Route Injection Attack
23. Layer 5
TLS/SSL Layer
L2TP Operating Layer
TCP/UDP Chargen Vulnerability
Unicast Reverse-Path Forwarding (uRPF)
24. Local IP address before translation
Three Layers of Hierarchical Model
Inside Local Address
SSH Operating Layer
IP Source Routing
25. Enterprise
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
26. DENY TCP ANY HOST <IP Address> EQ 23
ACL to block telnet
Devices
Two Protocols of Tunnel Mode
General Format of Cisco IOS Version
27. DNS Poisoning
Outside
Inside Local Address
NTP Vulnerabilities
DNS Lookup Vulnerability
28. 2000-2699
IP Mask Reply Vulnerabilities
Lower IP Extended ACL Range
no service udp-small-servers
Encrypting Traffic
29. Allows packets to be filtered based on upper-layer session information - only uses extended temporary ACL's and must be named - applied on border routers
Second Part of IOS Version
L2TP Identifier
no cdp run
Reflexive ACL
30. A method of bypassing firewall or proxy restrictions by making the firewall think that it is getting traffic from a web browser
HTTP Tunneling
SSH1
Cisco Discovery Protocol (CDP)
Minimum ACLs Required for Reflexive ACLs
31. The host can specify which route to take - which bypasses security
TLS/SSL Identifier
IP Source Routing Vulnerabilities
Devices
Higher IP Standard ACL Range
32. None - uses attach application protocol's layer
SNMP Vulnerabilities
SSH1
TLS/SSL Layer
Static NAT
33. Routing mode depended on by uRPF in order to function
Cisco Express Forwarding (CEF)
ACL to block a Land Attack
TCP/UDP Echo Vulnerability
Core Layer
34. Layer 3
Extended IP ACLs
IPSec AH Operating Layer
ESP Operating Layer
SSH1
35. Router threat that includes manipulating router updates to cause traffic to flow to unauthorized destinations
Syntax for Reflexive ACLs
Route Injection Attack
Standard IP ACLs
Generic Routing Encapsulation (GRE)
36. Layer 7
Lower IP Extended ACL Range
Static NAT
HTTP Operating Layer
ACL to block incoming loopback packets
37. Two FIN bits or one RST bit
Outside Global Address
Minimum ACLs Required for Reflexive ACLs
TCP Load Distribution
Requirements for Reflexive TCP to be removed
38. Cisco default tunneling protocol that uses multicast addressing without encryption and is designed to encapsulate a wide variety of network layer packets inside IP tunneling packets
Generic Routing Encapsulation (GRE)
no cdp run
echo - chargen - discard - daytime
Layer 2 Tunneling Protocol (L2TP)
39. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet
Masquerading
HTTP Identifier
TCP/UDP Daytime Vulnerability
IP Directed Broadcast
40. UDP Port 514
BOOTP
Access Layer
Lower IP Extended ACL Range
syslog
41. Permits a host on one LAN segment to initiate a physical broadcast on a different LAN segment
IP Directed Broadcast
Lower IP Extended ACL Range
Cisco Express Forwarding (CEF)
Local Addresses
42. Geolocational positioning
syslog
Network-to-Network Communications
TCP/UDP Daytime Vulnerability
Reflexive ACL
43. Local and Remote
TCP Load Distribution
SSH Identifier
Two Types of Router Access
Named ACL
44. 0x32 - or 50
ESP Identifier
TCP/UDP Daytime Vulnerability
Established Line
Route Injection Attack
45. Major Version - Minor Version - Release - Interim Build - Release Train Identifier
IP Directed Broadcast
TCP/UDP Echo Vulnerability
TCP Intercept
General Format of Cisco IOS Version
46. Smurf attacks - can enumerate the network
TCP Intercept Watch Mode
BOOTP Vulnerabilities
Established Line
IP Direct Broadcast Vulnerabilties
47. Technology
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
48. Proprietary - used by Cisco routers and switches use to identify each other on LAN and WAN segments
L2TP Operating Layer
SSH Identifier
Cisco Discovery Protocol (CDP)
Outside
49. Time can be changed - Routing Table can be killed
Local Addresses
NTP Vulnerabilities
no ip bootp server
Encrypting Traffic
50. Lists interfaces - routing table - ARP table - physical and network addresses - time last booted
SNMP Vulnerabilities
Flags used by Established Line
no cdp run
Overloading
