SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Users - Host PC's - IP Addresses
Finger Vulnerabilities
SSH
HTTP Vulnerability
TCP/UDP Daytime Vulnerability
2. What Local and Global refer to in NAT
SNMP
TCP/UDP Daytime Vulnerability
HTTP Identifier
Networks
3. Interim Build Number
Tunneling
Fourth Part of the IOS Version
Encrypting Traffic
Encapsulation Security Payload (ESP)
4. Allows the source IP host to specify a route through the IP network
Inside
Encrypting Traffic
HTTP Vulnerability
IP Source Routing
5. Command to disable UDP small server on a router
Host-to-Host Communications
TLS/SSL Identifier
no service udp-small-servers
Uses for ACLs
6. Major Version
TCP/UDP Chargen Vulnerability
Encrypted Tunneling Methods
Train Idenifier 'E'
First Part of IOS Version
7. Provides nonrepudiation - ensuring that traffic is from a trusted party
Authenticating Peers
HTTP Identifier
Extended IP ACLs
Unicast Reverse-Path Forwarding (uRPF)
8. None - uses attached application protocol's port
TLS/SSL Identifier
Cisco Discovery Protocol (CDP)
echo - chargen - discard - daytime
ACL to block a Smurf Attack or Fraggle Attack
9. Refers to addresses used on the organization's private network
TCP Load Distribution
Land Attack
Global Addresses
Inside Global Address
10. Breaks LAN security perimeter extends LAN to Layer 2
IP Unreachable Vulnerabilities
Proxy ARP Vulnerabilities
Rerouting
Common uses of Access Lists
11. Access-list <number> <deny | permit> source source-wildcard log
IP Direct Broadcast Vulnerabilties
Boot Network Vulnerabilities
Standard ACL format
uRPF Strength
12. Can discover vulnerabilities - network stats - and firewall discovery
SNMP Trap
IP Unreachable Vulnerabilities
Fraggle Attack
HTTP Tunneling
13. A method of bypassing firewall or proxy restrictions by making the firewall think that it is getting traffic from a web browser
HTTP Tunneling
Access List Rules
AUX Vulnerability
IPSec AH Operating Layer
14. Privilege level that is restricted to basic level operations
Fraggle Attack
Privilege Level 1
TLS/SSL Layer
Standard ACL format
15. Refers to the organization's private network
Inside Local Address
Distribution Layer
SNMP Vulnerabilities
Inside
16. Software that passively monitors the connection requests flowing through the router; if a connection fails - the software sends a Reset to the server to clear up its state
TCP Intercept Watch Mode
HTTP Identifier
TCP/UDP Echo Vulnerability
no ip http server
17. Attack that involves sending a large amount of ICMP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet
Tunneling
Smurf Attack
Cisco Express Forwarding (CEF)
no ip unreachable
18. What Transport Mode is used for
Host-to-Host Communications
HTTP Identifier
Authenticating Peers
Static NAT
19. Command to disable TCP small server on a router
no service tcp-small-servers
Network-to-Network Communications
Outside Local Address
HTTP Operating Layer
20. Protects against repeating of secure sessions
Two Protocols of Tunnel Mode
CDP Vulnerabilities
Inside
Anti-Replay
21. Access - Distribution - Core
Higher IP Standard ACL Range
ESP Identifier
uRPF Strength
Three Layers of Hierarchical Model
22. Minor Version
IP Source Routing Vulnerabilities
GRE Operating Layer
DNS Lookup Vulnerability
Second Part of IOS Version
23. A secure alternative to telnet for remote administration that supported in Enterprise versions of Cisco IOS
HTTP Identifier
TCP/UDP Daytime Vulnerability
DNS Lookup Vulnerability
SSH
24. 2000-2699
Higher IP Extended ACL Range
IP Source Routing
ACL to block telnet
Uses for ACLs
25. Technology
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
26. UDP Port 1701
TCP/UDP Echo Vulnerability
TCP Load Distribution
TLS/SSL Layer
L2TP Identifier
27. Local and Remote
Access Layer
TLS/SSL Identifier
IP Spoofing
Two Types of Router Access
28. DENY TCP ANY HOST <IP Address> EQ 23
Smurf Attack
BOOTP Vulnerabilities
Finger Vulnerabilities
ACL to block telnet
29. Router threat where access by an entity or individual other than authorized users
Unauthorized Access
echo - chargen - discard - daytime
Standard IP ACLs
HTTPS Strength
30. Command used to disable the ICMP message Redirect
Smurf Attack
Denial of Service (DoS)
Network Address Translation (NAT)
no ip redirect
31. Command to disable CDP on a router
no cdp run
Train Identifier 'B'
IP Spoofing
ESP Operating Layer
32. Allows for a one-to-one translation of local to global addresses; used by web servers and mail servers so that users can connect to them via their global address
Outside Local Address
Minimum ACLs Required for Reflexive ACLs
Proxy ARP Vulnerabilities
Static NAT
33. 0-99
General Format of Cisco IOS Version
Lower IP Standard ACL Range
ACL to block IP multicast
IP Source Routing Vulnerabilities
34. Ip accesslist extended <name1> - permit IP any any reflect <filename> - ip accesslist extended <name2> - evaluate <filename> - int f0/0 - ip access-group <name1> out - ip access-group <name2> in
Syntax for Reflexive ACLs
Local Addresses
Overloading
CDP Vulnerabilities
35. 33400-34400
no ip http server
UDP Traceroute Port Range
Network Address Translation (NAT)
Standard ACL format
36. The communication layer between the two other layers and provides network security - including ACLs - firewalls - any general public access servers and address translation; also known as the isolation LAN or DMZ
TCP/UDP Chargen Vulnerability
no ip finger - no service finger
login local
Distribution Layer
37. Commands to disable Finger Server
Privilege Level 15
Dynamic NAT
Tunnel Mode
no ip finger - no service finger
38. Uses SSL port 443
Fraggle Attack
HTTPS Strength
Devices
Outside Global Address
39. Mode where the entire packet is encrypted and/or authenticated - requiring a new IP packet to be encapsulated
ACL to block telnet
IP Spoofing
Core Layer
Tunnel Mode
40. These ACLs filter by network or host IP addresses andspecific protocol type or port numbers - filters by source and destination
TCP/UDP Discard Vulnerability
SNMP
Layer 2 Tunneling Protocol (L2TP)
Extended IP ACLs
41. Ip access-list <standard | extended> name - permit TCP any any established
Privilege Level 0
General Format of Cisco IOS Version
ACL to block a Smurf Attack or Fraggle Attack
Named ACL Format
42. Attack that involves sending a packet to the router with the same IP address in the source and destination address fields - as well as the same port number in the source and destination port field - causing a denial of service
Land Attack
SSH Operating Layer
HTTPS Strength
Standard ACL format
43. When one network protocol called the payload protocol is encapsulated within a different delivery network - or provide a secure path through an untrusted network
HTTPS Strength
SSH Identifier
Tunneling
Boot Network Vulnerabilities
44. TCP Port 22
SSH Identifier
Anti-Replay
no service udp-small-servers
Finger Vulnerabilities
45. Attack that involves a multitude of compromised system attack a single target - denying service to it by exploiting one 'master' system that communicates with other 'zombie' systems
SNMP
Distributed Denial of Service Attacks
login local
Train Identifier 'T'
46. TCP only - used to filter inbound traffic while allowing return TCP sessions - can be spoofed by attackers and cannot be used with Active FTP
Static NAT
ntp disable
uRPF Strength
Established Line
47. Command used to disable the ICMP message Address Mask Reply
Core Layer
no ip redirect
IP Mask Reply Vulnerabilities
no ip mask-reply
48. Enterprise
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
49. DENY IP 224.0.0.0 15.255.255.255 ANY
Masquerading
ACL to block spoofed IPs
ACL to block IP multicast
no service tcp-small-servers
50. Access-list <number <deny | permit> source source-wildcard source-qualifier destination dest-wildcard dest-qualifier <log | log-input>
Cisco Express Forwarding (CEF)
HTTP Identifier
Extended ACL format
Authenticating Peers
