SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The host can specify which route to take - which bypasses security
Eavesdropping and Information Theft
DNS Lookup Vulnerability
HTTP Operating Layer
IP Source Routing Vulnerabilities
2. Form of dynamic NAT that maps multiple unregistered IP addresses to a single registered IP address by using different ports; limited to ~64 -000 hosts
Overloading
IPSec AH Identifier
Distribution Layer
Train Identifier 'T'
3. Attack that involves a multitude of compromised system attack a single target - denying service to it by exploiting one 'master' system that communicates with other 'zombie' systems
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
no service tcp-small-servers
Distributed Denial of Service Attacks
Tunnel Mode
4. Layer 3
SNMP Trap
inger Server
IPSec AH Operating Layer
HTTP Vulnerability
5. Router threat that involves a hacker inserting a spoofed TCP/IP packet into a stream - thereby enabling commands to be executed on the remote host
Session Hijacking
TCP Intercept
Lower IP Standard ACL Range
TCP Intercept Watch Mode
6. Attack that involves sending a large amount of UDP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet
Established Line
uRPF Strength
TCP/UDP Chargen Vulnerability
Fraggle Attack
7. Startup-config can be deleted - copied - changed
Boot Network Vulnerabilities
Inside Global Address
IP Directed Broadcast
Privilege Level 1
8. Command to disable BOOTP Server
ACL to block IP multicast
no ip bootp server
Inside Global Address
Encrypting Traffic
9. DNS Poisoning
Route Injection Attack
ACL to block spoofed IPs
DNS Lookup Vulnerability
Integrity Validation
10. Transport and Tunnel
IP Spoofing
GRE Operating Layer
Dynamic NAT
Two Modes of IPSec
11. Layer 3
ESP Operating Layer
TLS/SSL Layer
TCP/UDP Daytime Vulnerability
Secure Shell (SSH)
12. DENY IP 127.0.0.0 0.255.255.255 ANY
Land Attack
ACL to block incoming loopback packets
uRPF Strength
TCP Load Distribution
13. Can obtain CIDR and router ID
Proxy ARP
SNMP Vulnerabilities
TCP SYN Attack
IP Mask Reply Vulnerabilities
14. Router threat that refers to willful attempts to cause such disruptions by overwhelming the targeted system with improperly formatted traffic
Denial of Service (DoS)
inger Server
Layer 2 Tunneling Protocol (L2TP)
ACL to block spoofed IPs
15. Privilege level that restricts users to five commands (enable - disable - exit - help quit)
Privilege Level 0
SSH
AUX Vulnerability
Distribution Layer
16. Attack that involves sending a packet to the router with the same IP address in the source and destination address fields - as well as the same port number in the source and destination port field - causing a denial of service
GRE Identifier
Fourth Part of the IOS Version
BOOTP Vulnerabilities
Land Attack
17. Can discover vulnerabilities - network stats - and firewall discovery
IP Unreachable Vulnerabilities
GRE Identifier
Tunnel Mode
SSH Identifier
18. This server is used for querying a host about its logged in users
no cdp run
Unauthorized Access
inger Server
Land Attack
19. Can copy - poison - corrupt - or delete the IOS
BOOTP Vulnerabilities
HTTPS Strength
Masquerading
Overloading
20. Privilege levels that can have passwords assigned to them
IP Directed Broadcast
IP Direct Broadcast Vulnerabilties
Privilege Levels 2-13
Reflexive ACL
21. Uses SSL port 443
HTTPS Strength
Extended IP ACLs
Masquerading
TCP Load Distribution
22. Ip accesslist extended <name1> - permit IP any any reflect <filename> - ip accesslist extended <name2> - evaluate <filename> - int f0/0 - ip access-group <name1> out - ip access-group <name2> in
ntp disable
Syntax for Reflexive ACLs
IPSec AH Identifier
General Format of Cisco IOS Version
23. Service Provider
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
24. Router threat where access by an entity or individual other than authorized users
DNS Lookup Vulnerability
Uses for ACLs
Unauthorized Access
Second Part of IOS Version
25. What Inside and Outside refer to in NAT
Outside
BOOTP Vulnerabilities
Devices
no ip unreachable
26. Datagram protocol used by some hosts to load their operating system over the network via a central repository of IOS software
Inside
Established Line
BOOTP
TCP Intercept
27. 0x32 - or 50
ESP Identifier
no ip finger - no service finger
IP Directed Broadcast
syslog
28. A secure alternative to telnet for remote administration that supported in Enterprise versions of Cisco IOS
SNMP
Train Identifier 'B'
Encrypting Traffic
SSH
29. Software that blocks packets from unreachable hosts - thus allowing only reachable external hosts to initiate connections to a host on an internal network
TCP Intercept
Masquerading
Eavesdropping and Information Theft
TCP/UDP Chargen Vulnerability
30. ACK and RST
General Format of Cisco IOS Version
Outside
L2TP Identifier
Flags used by Established Line
31. A method of bypassing firewall or proxy restrictions by making the firewall think that it is getting traffic from a web browser
TCP/UDP Echo Vulnerability
ACL to block telnet
HTTP Tunneling
Authenticating Peers
32. Commands to disable Finger Server
Lower IP Standard ACL Range
no ip finger - no service finger
inger Server
Access Layer
33. Enterprise
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
34. ESP - SSH - SSL/TLP
Network-to-Network Communications
Masquerading
Syntax for Reflexive ACLs
Encrypted Tunneling Methods
35. Users - Host PC's - IP Addresses
UDP Traceroute Port Range
NTP Vulnerabilities
Finger Vulnerabilities
Tunneling
36. Protocol used to keep their time-of-day clocks accurate and in sync
SNMP Trap
syslog
Network Time Protocol (NTP)
Denial of Service (DoS)
37. When one network protocol called the payload protocol is encapsulated within a different delivery network - or provide a secure path through an untrusted network
Train Identifier 'S'
Tunneling
ACL to block spoofed IPs
Finger Vulnerabilities
38. Major Version - Minor Version - Release - Interim Build - Release Train Identifier
ACL to block telnet
General Format of Cisco IOS Version
ACL to block IP multicast
Boot Network
39. Layer 7
Extended ACL format
Transport Mode
HTTP Operating Layer
ACL to block spoofed IPs
40. DENY TCP ANY HOST <IP Address> EQ 23
UDP Traceroute Port Range
ACL to block telnet
Encrypted Tunneling Methods
Syntax for Reflexive ACLs
41. Tunnel Mode Protocol provides integrity - authentication - and non-repudiation and operates directly on top of IP
ACL to block a Smurf Attack or Fraggle Attack
DNS Lookup Vulnerability
Standard ACL format
Authentication Header (AH)
42. Major Version
First Part of IOS Version
Unicast Reverse-Path Forwarding (uRPF)
L2TP Operating Layer
no cdp run
43. Local and Remote
Tunneling
Two Types of Router Access
Unauthorized Access
no ip finger - no service finger
44. Release Train Identifier
Fifth Part of the IOS Version
Train Identifier 'B'
UDP Traceroute Port Range
Extended IP ACLs
45. Allows for a one-to-one translation of local to global addresses; used by web servers and mail servers so that users can connect to them via their global address
Syntax for Reflexive ACLs
L2TP Identifier
IP Unreachable Vulnerabilities
Static NAT
46. 0x33 or 51
IPSec AH Identifier
TCP Intercept Watch Mode
Lower IP Standard ACL Range
Tunnel Mode
47. UDP Port 1701
NTP Vulnerabilities
L2TP Identifier
TLS/SSL Layer
no ip unreachable
48. Forces the user to enter both a valid username and password
login local
Dynamic NAT
Sixth (Optional) Part of the IOS Version
Internet Protocol Security (IPSec)
49. War dialing
no ip bootp server
AUX Vulnerability
Local Addresses
login local
50. Access - Distribution - Core
Outside Global Address
Privilege Level 0
UDP Traceroute Port Range
Three Layers of Hierarchical Model
