SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Public IP address before translation
SSH Operating Layer
Networks
ESP Identifier
Outside Local Address
2. Attack that involves sending a large amount of ICMP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet
Minimum ACLs Required for Reflexive ACLs
Two Types of Router Access
login local
Smurf Attack
3. ACK and RST
Cisco Express Forwarding (CEF)
Flags used by Established Line
uRPF Strength
Proxy ARP Vulnerabilities
4. Geolocational positioning
ESP Operating Layer
TCP/UDP Daytime Vulnerability
IP Direct Broadcast Vulnerabilties
IP Mask Reply Vulnerabilities
5. Technology
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
6. DENY IP 127.0.0.0 0.255.255.255 ANY
Second Part of IOS Version
Uses for ACLs
ACL to block incoming loopback packets
no ip bootp server
7. Device - Hostname - IOS - IP Address - Ports - Model
TCP SYN Attack
TCP/UDP Discard Vulnerability
CDP Vulnerabilities
Extended ACL format
8. Uses only host keys to authenticate systems
SSH2
Privilege Level 15
Reflexive ACL
Inside
9. Router threat that includes manipulating router updates to cause traffic to flow to unauthorized destinations
Extended IP ACLs
Encapsulation Security Payload (ESP)
Unicast Reverse-Path Forwarding (uRPF)
Route Injection Attack
10. 33400-34400
IP Spoofing
Lower IP Standard ACL Range
UDP Traceroute Port Range
no ip finger - no service finger
11. Attack that involves transmitting a volume of connections that cannot be completed at the destination - causing the queue to fill up and denying service to legitimate user
TCP SYN Attack
Extended ACL format
SNMP
Second Part of IOS Version
12. Layer 3
no ip unreachable
Authenticating Peers
ESP Operating Layer
SNMP Trap
13. When one network protocol called the payload protocol is encapsulated within a different delivery network - or provide a secure path through an untrusted network
Fifth Part of the IOS Version
Distribution Layer
Two Modes of IPSec
Tunneling
14. When a router acts as an intermediary for ARP queries on selected interfaces and enabling transparent access between multiple LAN segments
Proxy ARP
Networks
Host-to-Host Communications
Local Addresses
15. Two - one Inbound or Evaluated and one Outbound or Reflected
Unauthorized Access
IPSec AH Operating Layer
Minimum ACLs Required for Reflexive ACLs
Internet Protocol Security (IPSec)
16. Local and Remote
Dynamic NAT
Fourth Part of the IOS Version
Two Types of Router Access
IP Direct Broadcast Vulnerabilties
17. Router to Router Denial of Service
ACL to block telnet
Outside Global Address
BOOTP Vulnerabilities
TCP/UDP Echo Vulnerability
18. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet
Third Part of the IOS Version
uRPF Strength
TCP Intercept
IP Spoofing
19. DENY IP HOST <Inbound IP Address> HOST <Inbound IP Address>
Transport Mode
GRE Identifier
ACL to block a Land Attack
Train Identifier 'S'
20. A method of bypassing firewall or proxy restrictions by making the firewall think that it is getting traffic from a web browser
TCP/UDP Discard Vulnerability
AUX Vulnerability
syslog
HTTP Tunneling
21. The communication layer between the two other layers and provides network security - including ACLs - firewalls - any general public access servers and address translation; also known as the isolation LAN or DMZ
Distribution Layer
Network Address Translation (NAT)
HTTP Tunneling
TLS/SSL Identifier
22. None - uses attach application protocol's layer
SNMP Trap
TLS/SSL Layer
General Format of Cisco IOS Version
L2TP Operating Layer
23. What Local and Global refer to in NAT
Extended IP ACLs
ACL to block incoming loopback packets
Networks
Outside
24. Provides confidentiality - so it cannot be read by unauthorized parties
Extended IP ACLs
SNMP Trap
Encrypting Traffic
NTP Vulnerabilities
25. Layer 3
ACL to block a Smurf Attack or Fraggle Attack
no ip bootp server
GRE Operating Layer
ACL to block telnet
26. Command used to disable the ICMP message Address Mask Reply
SSH Operating Layer
TCP/UDP Chargen Vulnerability
no ip mask-reply
Denial of Service (DoS)
27. Command to disable BOOTP Server
Inside Local Address
no ip bootp server
Network Address Translation (NAT)
Minimum ACLs Required for Reflexive ACLs
28. Can copy - poison - corrupt - or delete the IOS
Masquerading
no ip unreachable
BOOTP Vulnerabilities
Boot Network Vulnerabilities
29. Command to disable UDP small server on a router
Unauthorized Access
no service udp-small-servers
TCP/UDP Echo Vulnerability
Outside Local Address
30. Accounts without passwords - Type 7 encryption - account privilege higher than 1 - able to be fingered
User Account Vulnerabilites
Cisco Discovery Protocol (CDP)
ACL to block a Smurf Attack or Fraggle Attack
Common uses of Access Lists
31. Refers to the organization's private network
GRE Operating Layer
TCP/UDP Chargen Vulnerability
ACL to block a Smurf Attack or Fraggle Attack
Inside
32. Attack that involves sending a packet to the router with the same IP address in the source and destination address fields - as well as the same port number in the source and destination port field - causing a denial of service
Land Attack
ESP Operating Layer
ntp disable
Standard IP ACLs
33. Commands to disable Finger Server
no ip finger - no service finger
Smurf Attack
Telnet - HTTP - SNMP Vulnerability
Overloading
34. Service Provider
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
35. TCP Port 80
HTTP Identifier
Third Part of the IOS Version
UDP Traceroute Port Range
TCP Load Distribution
36. Command used to disable the ICMP message Host Unreachable
SNMP Vulnerabilities
no ip unreachable
Extended ACL format
Third Part of the IOS Version
37. Access - Distribution - Core
Generic Routing Encapsulation (GRE)
Flags used by Established Line
L2TP Identifier
Three Layers of Hierarchical Model
38. Can obtain CIDR and router ID
Reflexive ACL
IP Mask Reply Vulnerabilities
Fourth Part of the IOS Version
Privilege Level 0
39. TCP and UDP Port 162
General Format of Cisco IOS Version
SNMP Trap
Authentication Header (AH)
SNMP
40. Breaks LAN security perimeter extends LAN to Layer 2
ntp disable
Encrypting Traffic
Smurf Attack
Proxy ARP Vulnerabilities
41. Must be made at global config mode - created from CON/VTY session or text file - read top to bottom - applied at the interface and only one ACL per direction - per protocol - per interface
Access List Rules
Privilege Level 1
HTTP Operating Layer
Network-to-Network Communications
42. These ACLs filter by network or host IP address and only filter on source
Standard IP ACLs
SSH Operating Layer
Network-to-Network Communications
Privilege Level 1
43. Protects against repeating of secure sessions
Eavesdropping and Information Theft
Anti-Replay
SSH2
SNMP Trap
44. Public IP address after translation
no ip bootp server
Outside Global Address
Tunnel Mode
Host-to-Host Communications
45. Forces the user to enter both a valid username and password
HTTPS Strength
NTP Vulnerabilities
Authenticating Peers
login local
46. Form of dynamic NAT that maps multiple unregistered IP addresses to a single registered IP address by using different ports; limited to ~64 -000 hosts
Third Part of the IOS Version
Access Layer
Overloading
ntp disable
47. This server is used for querying a host about its logged in users
TCP SYN Attack
Privilege Level 1
inger Server
Network Address Translation (NAT)
48. Allows the source IP host to specify a route through the IP network
IP Source Routing
Secure Shell (SSH)
BOOTP
Standard IP ACLs
49. DNS Poisoning
DNS Lookup Vulnerability
UDP Traceroute Port Range
Lower IP Extended ACL Range
Syntax for Reflexive ACLs
50. Broadcast
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
