SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Can stop spoofed IP addresses
IP Directed Broadcast
IPSec AH Operating Layer
uRPF Strength
Two Modes of IPSec
2. Router threat that includes manipulating router updates to cause traffic to flow to unauthorized destinations
Rerouting
Higher IP Standard ACL Range
Named ACL Format
SNMP
3. Users - Host PC's - IP Addresses
ACL to block spoofed IPs
Established Line
Named ACL Format
Finger Vulnerabilities
4. Ip access-list <standard | extended> name - permit TCP any any established
uRPF Strength
TCP/UDP Discard Vulnerability
Named ACL Format
no cdp run
5. Authentication Header (AH) and Encapsulated Security Payload (ESP)
Named ACL
Two Protocols of Tunnel Mode
Inside Local Address
Static NAT
6. Four TCP/UDP Small Server commands recommended to disable
Lower IP Extended ACL Range
echo - chargen - discard - daytime
Train Idenifier 'E'
SNMP
7. Attack that involves sending a packet to the router with the same IP address in the source and destination address fields - as well as the same port number in the source and destination port field - causing a denial of service
Land Attack
Core Layer
ACL to block TCP SYN Attack
TCP/UDP Discard Vulnerability
8. Layer 7
SSH Operating Layer
ACL to block a Smurf Attack or Fraggle Attack
Cisco Express Forwarding (CEF)
Inside Global Address
9. What Transport Mode is used for
Finger Vulnerabilities
Host-to-Host Communications
Inside
Devices
10. 0-99
ACL to block IP multicast
Lower IP Standard ACL Range
Flags used by Established Line
HTTP Vulnerability
11. TCP and UDP Port 161
SSH2
TCP Intercept Watch Mode
SNMP
Extended ACL format
12. These ACLs filter by network or host IP addresses andspecific protocol type or port numbers - filters by source and destination
DNS Lookup Vulnerability
TCP Load Distribution
Finger Vulnerabilities
Extended IP ACLs
13. Provides nonrepudiation - ensuring that traffic is from a trusted party
Authenticating Peers
ACL to block spoofed IPs
TCP Load Distribution
Network-to-Network Communications
14. What Tunnel Mode is used for
Network-to-Network Communications
Train Identifier 'T'
TCP SYN Attack
Second Part of IOS Version
15. The environment - catastrophic events an unauthorized access
BOOTP Vulnerabilities
no cdp run
IP Mask Reply Vulnerabilities
Three Physical Security Vulnerabilities
16. Refers to the addresses on the public internet
Inside
Static NAT
Outside
Lower IP Standard ACL Range
17. 0x32 - or 50
Networks
SSH Operating Layer
ESP Identifier
IP Directed Broadcast
18. Startup-config can be deleted - copied - changed
Boot Network Vulnerabilities
Uses for ACLs
ESP Identifier
Three Layers of Hierarchical Model
19. Can obtain CIDR and router ID
Privilege Level 1
Third Part of the IOS Version
BOOTP Vulnerabilities
IP Mask Reply Vulnerabilities
20. Lists interfaces - routing table - ARP table - physical and network addresses - time last booted
Outside Local Address
Cisco Discovery Protocol (CDP)
SNMP Vulnerabilities
Fraggle Attack
21. TCP Port 22
Standard ACL format
Finger Vulnerabilities
Syntax for Reflexive ACLs
SSH Identifier
22. 0x33 or 51
Global Addresses
HTTP Operating Layer
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
IPSec AH Identifier
23. Service Provider
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
24. Refers to the organization's private network
Inside
Devices
Train Identifier 'B'
no ip unreachable
25. Breaks LAN security perimeter extends LAN to Layer 2
SSH
Rerouting
Proxy ARP Vulnerabilities
HTTP Operating Layer
26. Local and Remote
Two Types of Router Access
HTTP Identifier
Standard ACL format
ACL to block a Land Attack
27. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet
IP Source Routing
SSH Operating Layer
no service tcp-small-servers
IP Spoofing
28. Datagram protocol used by some hosts to load their operating system over the network via a central repository of IOS software
Boot Network Vulnerabilities
TCP/UDP Echo Vulnerability
ESP Operating Layer
BOOTP
29. Uses SSL port 443
HTTPS Strength
Finger Vulnerabilities
SSH1
Distribution Layer
30. PERMIT TCP ANY ANY ESTABLISHED
echo - chargen - discard - daytime
Host-to-Host Communications
ACL to block TCP SYN Attack
CDP Vulnerabilities
31. ESP - SSH - SSL/TLP
AUX Vulnerability
Privilege Level 0
Encrypting Traffic
Encrypted Tunneling Methods
32. Software that passively monitors the connection requests flowing through the router; if a connection fails - the software sends a Reset to the server to clear up its state
BOOTP Vulnerabilities
Transport Mode
TCP Intercept Watch Mode
Network Time Protocol (NTP)
33. Attack that involves a multitude of compromised system attack a single target - denying service to it by exploiting one 'master' system that communicates with other 'zombie' systems
Internet Protocol Security (IPSec)
Distributed Denial of Service Attacks
Route Injection Attack
ACL to block incoming loopback packets
34. 2000-2699
Proxy ARP
Train Identifier 'S'
Higher IP Extended ACL Range
no ip http server
35. Enterprise
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
36. Privilege level that has Global administration capabilities
ACL to block incoming loopback packets
Lower IP Extended ACL Range
Privilege Level 15
Fraggle Attack
37. Major Version - Minor Version - Release - Interim Build - Release Train Identifier
General Format of Cisco IOS Version
ACL to block telnet
no service udp-small-servers
Third Part of the IOS Version
38. Uses only host keys to authenticate systems
IP Direct Broadcast Vulnerabilties
SSH2
HTTP Operating Layer
Authentication Header (AH)
39. Protocol used to keep their time-of-day clocks accurate and in sync
ACL to block telnet
Network Time Protocol (NTP)
ACL to block incoming loopback packets
Encapsulation Security Payload (ESP)
40. Mode where the entire packet is encrypted and/or authenticated - requiring a new IP packet to be encapsulated
Networks
Tunnel Mode
TCP Load Distribution
Second Part of IOS Version
41. Router threat that involves the unauthorized viewing and collection of network traffic; usually accomplished with a packet sniffing program
ESP Operating Layer
Outside Global Address
SSH Operating Layer
Eavesdropping and Information Theft
42. Router threat that includes manipulating router updates to cause traffic to flow to unauthorized destinations
Cisco Express Forwarding (CEF)
SSH1
Route Injection Attack
Dynamic NAT
43. UDP Port 514
syslog
Boot Network Vulnerabilities
ACL to block a Smurf Attack or Fraggle Attack
TCP/UDP Daytime Vulnerability
44. Transport and Tunnel
TCP Intercept
Inside
ACL to block IP multicast
Two Modes of IPSec
45. Ip accesslist extended <name1> - permit IP any any reflect <filename> - ip accesslist extended <name2> - evaluate <filename> - int f0/0 - ip access-group <name1> out - ip access-group <name2> in
First Part of IOS Version
Syntax for Reflexive ACLs
Second Part of IOS Version
Fifth Part of the IOS Version
46. Router to Router Denial of Service
Rerouting
Land Attack
TCP/UDP Echo Vulnerability
Distribution Layer
47. Layer 7
Common uses of Access Lists
Three Layers of Hierarchical Model
HTTP Operating Layer
HTTP Tunneling
48. Translates multiple local addresses to a pool of global addresses by having the firewall select the first available global address; retains the global address for the duration of the connection
Inside Global Address
Tunnel Mode
Dynamic NAT
Unauthorized Access
49. DENY IP 127.0.0.0 0.255.255.255 ANY
ACL to block incoming loopback packets
no cdp run
Authenticating Peers
L2TP Operating Layer
50. Also known as Configuration Auto-Loading - allows routers to load their startup configuration from the network
Smurf Attack
no ip unreachable
Privilege Level 1
Boot Network