SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Can copy - poison - corrupt - or delete the IOS
SNMP Trap
Integrity Validation
BOOTP Vulnerabilities
Static NAT
2. Technology
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
3. What Inside and Outside refer to in NAT
Devices
HTTPS Strength
IP Source Routing Vulnerabilities
no ip mask-reply
4. Attack that involves sending a large amount of ICMP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet
TCP Intercept Watch Mode
Outside Global Address
Smurf Attack
Internet Protocol Security (IPSec)
5. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet
Networks
Overloading
IP Spoofing
Masquerading
6. Attack that involves sending a large amount of UDP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet
Privilege Level 0
Inside Local Address
TLS/SSL Layer
Fraggle Attack
7. Release Number
Overloading
Third Part of the IOS Version
Outside Local Address
Eavesdropping and Information Theft
8. Router threat that includes manipulating router updates to cause traffic to flow to unauthorized destinations
Route Injection Attack
HTTP Vulnerability
IP Source Routing Vulnerabilities
Local Addresses
9. 1300-1999
Unicast Reverse-Path Forwarding (uRPF)
Higher IP Standard ACL Range
Eavesdropping and Information Theft
SSH1
10. Rebuild Number
Sixth (Optional) Part of the IOS Version
HTTP Vulnerability
Train Identifier 'T'
Higher IP Standard ACL Range
11. Software that blocks packets from unreachable hosts - thus allowing only reachable external hosts to initiate connections to a host on an internal network
no service tcp-small-servers
TCP Intercept
TLS/SSL Layer
HTTP Tunneling
12. Rewrites the and/or destination IP address of IP packets as they pass through a router or firewall from private to public addresses
Privilege Level 0
Fourth Part of the IOS Version
Network Address Translation (NAT)
Distributed Denial of Service Attacks
13. A secure alternative to telnet for remote administration that supported in Enterprise versions of Cisco IOS
Boot Network
Train Idenifier 'E'
Common uses of Access Lists
SSH
14. TCP only - used to filter inbound traffic while allowing return TCP sessions - can be spoofed by attackers and cannot be used with Active FTP
ntp disable
Transport Mode
no service tcp-small-servers
Established Line
15. Two - one Inbound or Evaluated and one Outbound or Reflected
Uses for ACLs
General Format of Cisco IOS Version
Anti-Replay
Minimum ACLs Required for Reflexive ACLs
16. Layer 3
no ip redirect
GRE Operating Layer
SNMP Vulnerabilities
Network-to-Network Communications
17. Four TCP/UDP Small Server commands recommended to disable
echo - chargen - discard - daytime
Denial of Service (DoS)
Train Idenifier 'E'
Boot Network Vulnerabilities
18. These ACLs filter by network or host IP address and only filter on source
Anti-Replay
TLS/SSL Identifier
Standard IP ACLs
Outside
19. Time can be changed - Routing Table can be killed
Network Address Translation (NAT)
NTP Vulnerabilities
Two Modes of IPSec
no ip unreachable
20. This layer controls user and workgroup acess to the Internetwork resources at the local level using segmentation of networks to create separate collision domains - AKA an organization's trusted network
Access Layer
Standard IP ACLs
Train Identifier 'B'
Secure Shell (SSH)
21. Command to disable TCP small server on a router
TLS/SSL Layer
CDP Vulnerabilities
no service tcp-small-servers
Requirements for Reflexive TCP to be removed
22. Two FIN bits or one RST bit
Requirements for Reflexive TCP to be removed
Named ACL
no ip unreachable
TCP/UDP Chargen Vulnerability
23. Router threat where access by an entity or individual other than authorized users
L2TP Identifier
no ip bootp server
Unauthorized Access
TCP/UDP Chargen Vulnerability
24. Uses server and host keys to authenticate systems
Land Attack
SSH1
Distribution Layer
Outside
25. Public IP address before translation
no service tcp-small-servers
Outside Local Address
Higher IP Extended ACL Range
TCP Intercept
26. Command used to disable the ICMP message Host Unreachable
ESP Identifier
syslog
ntp disable
no ip unreachable
27. Local IP address before translation
Inside Local Address
Common uses of Access Lists
Masquerading
Finger Vulnerabilities
28. Major Version - Minor Version - Release - Interim Build - Release Train Identifier
IP Directed Broadcast
Layer 2 Tunneling Protocol (L2TP)
Privilege Level 1
General Format of Cisco IOS Version
29. Command used to disable the ICMP message Redirect
no ip redirect
Core Layer
SNMP Trap
Minimum ACLs Required for Reflexive ACLs
30. Users - Host PC's - IP Addresses
AUX Vulnerability
Finger Vulnerabilities
Fourth Part of the IOS Version
Telnet - HTTP - SNMP Vulnerability
31. War dialing
AUX Vulnerability
CDP Vulnerabilities
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
Outside
32. Router threat that involves the unauthorized viewing and collection of network traffic; usually accomplished with a packet sniffing program
Extended IP ACLs
Eavesdropping and Information Theft
Layer 2 Tunneling Protocol (L2TP)
Authentication Header (AH)
33. ESP - SSH - SSL/TLP
GRE Operating Layer
Encrypted Tunneling Methods
GRE Identifier
SNMP Vulnerabilities
34. Allows for a one-to-one translation of local to global addresses; used by web servers and mail servers so that users can connect to them via their global address
Encapsulation Security Payload (ESP)
SNMP Vulnerabilities
ACL to block a Smurf Attack or Fraggle Attack
Static NAT
35. Command used to disable HTTP Server
no ip mask-reply
no ip http server
Access Layer
no ip finger - no service finger
36. Permits a host on one LAN segment to initiate a physical broadcast on a different LAN segment
no ip finger - no service finger
IP Directed Broadcast
TCP Load Distribution
Two Types of Router Access
37. When a router acts as an intermediary for ARP queries on selected interfaces and enabling transparent access between multiple LAN segments
inger Server
ESP Operating Layer
Two Protocols of Tunnel Mode
Proxy ARP
38. Provides a checksum - ensuring traffic has not been modified along it's path
Integrity Validation
Named ACL Format
NTP Vulnerabilities
Lower IP Extended ACL Range
39. Forces the user to enter both a valid username and password
Higher IP Standard ACL Range
login local
Common uses of Access Lists
Tunneling
40. Minor Version
Second Part of IOS Version
Standard ACL format
Named ACL Format
Higher IP Standard ACL Range
41. Provides nonrepudiation - ensuring that traffic is from a trusted party
no ip http server
Train Identifier 'B'
Authenticating Peers
Cisco Discovery Protocol (CDP)
42. TCP and UDP Port 162
SNMP Trap
Train Identifier 'S'
no ip redirect
General Format of Cisco IOS Version
43. Cryptographic protocols that provide secure communications on the Internet for such thing as WWW - email - faxing - IM - and other data transfers
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
NTP Vulnerabilities
IPSec AH Identifier
Encapsulation Security Payload (ESP)
44. DENY IP 127.0.0.0 0.255.255.255 ANY
ACL to block incoming loopback packets
Local Addresses
SSH
Eavesdropping and Information Theft
45. DENY IP HOST <Inbound IP Address> HOST <Inbound IP Address>
Static NAT
Inside
Sixth (Optional) Part of the IOS Version
ACL to block a Land Attack
46. Private IP address after translation
Finger Vulnerabilities
Inside Global Address
Eavesdropping and Information Theft
Fifth Part of the IOS Version
47. Ip access-list <standard | extended> name - permit TCP any any established
ACL to block incoming loopback packets
Two Protocols of Tunnel Mode
Named ACL Format
Dynamic NAT
48. Tunnel Mode Protocol provides integrity - authentication - and non-repudiation and operates directly on top of IP
Authentication Header (AH)
NTP Vulnerabilities
Denial of Service (DoS)
SSH Identifier
49. 0x32 - or 50
Boot Network
Inside Global Address
ESP Identifier
Secure Shell (SSH)
50. Layer 7
HTTP Operating Layer
Outside Global Address
no ip http server
Privilege Level 15
