SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Release Number
Boot Network
Requirements for Reflexive TCP to be removed
SNMP Vulnerabilities
Third Part of the IOS Version
2. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet
IP Spoofing
Named ACL Format
NTP Vulnerabilities
TCP/UDP Daytime Vulnerability
3. Command to disable BOOTP Server
AUX Vulnerability
Named ACL Format
no ip bootp server
inger Server
4. Commands to disable Finger Server
no ip finger - no service finger
Distributed Denial of Service Attacks
TCP/UDP Echo Vulnerability
Session Hijacking
5. DENY IP 224.0.0.0 15.255.255.255 ANY
ACL to block IP multicast
IP Source Routing
Three Layers of Hierarchical Model
Anti-Replay
6. 0-99
Proxy ARP Vulnerabilities
Lower IP Standard ACL Range
Named ACL Format
no service tcp-small-servers
7. UDP Port 1701
TCP/UDP Daytime Vulnerability
L2TP Identifier
Three Physical Security Vulnerabilities
Train Identifier 'S'
8. Privilege level that restricts users to five commands (enable - disable - exit - help quit)
Third Part of the IOS Version
Privilege Level 0
SSH
TCP Load Distribution
9. Ip accesslist extended <name1> - permit IP any any reflect <filename> - ip accesslist extended <name2> - evaluate <filename> - int f0/0 - ip access-group <name1> out - ip access-group <name2> in
Tunneling
Syntax for Reflexive ACLs
ESP Operating Layer
Boot Network
10. What Tunnel Mode is used for
Privilege Level 0
Uses for ACLs
Network-to-Network Communications
Standard ACL format
11. DENY IP HOST <Inbound IP Address> HOST <Inbound IP Address>
no cdp run
Denial of Service (DoS)
ACL to block telnet
ACL to block a Land Attack
12. DENY TCP ANY HOST <IP Address> EQ 23
Network-to-Network Communications
L2TP Identifier
Secure Shell (SSH)
ACL to block telnet
13. Attack that involves a multitude of compromised system attack a single target - denying service to it by exploiting one 'master' system that communicates with other 'zombie' systems
Distributed Denial of Service Attacks
Named ACL Format
Core Layer
Three Physical Security Vulnerabilities
14. Rewrites the and/or destination IP address of IP packets as they pass through a router or firewall from private to public addresses
Common uses of Access Lists
Authenticating Peers
Network Address Translation (NAT)
Privilege Levels 2-13
15. When a router acts as an intermediary for ARP queries on selected interfaces and enabling transparent access between multiple LAN segments
Proxy ARP
Inside Local Address
User Account Vulnerabilites
HTTP Identifier
16. Buffer Overflow
Train Identifier 'S'
TCP/UDP Chargen Vulnerability
IPSec AH Operating Layer
ACL to block telnet
17. Also known as Configuration Auto-Loading - allows routers to load their startup configuration from the network
Train Identifier 'S'
Standard ACL format
Boot Network
Proxy ARP
18. Privilege level that is restricted to basic level operations
HTTP Operating Layer
Network Address Translation (NAT)
Generic Routing Encapsulation (GRE)
Privilege Level 1
19. Ip access-list <standard | extended> name - permit TCP any any established
Session Hijacking
Named ACL Format
Two Types of Router Access
Train Identifier 'T'
20. Software that blocks packets from unreachable hosts - thus allowing only reachable external hosts to initiate connections to a host on an internal network
Denial of Service (DoS)
Finger Vulnerabilities
TCP Intercept
no ip mask-reply
21. Allows the source IP host to specify a route through the IP network
Encapsulation Security Payload (ESP)
Tunneling
Train Identifier 'T'
IP Source Routing
22. Provides confidentiality - so it cannot be read by unauthorized parties
Network Address Translation (NAT)
Encrypting Traffic
GRE Identifier
no ip http server
23. What Inside and Outside refer to in NAT
Devices
SSH1
Masquerading
Boot Network
24. Lists interfaces - routing table - ARP table - physical and network addresses - time last booted
Finger Vulnerabilities
Inside Local Address
Reflexive ACL
SNMP Vulnerabilities
25. Interim Build Number
ACL to block a Land Attack
Inside Global Address
Lower IP Standard ACL Range
Fourth Part of the IOS Version
26. Device - Hostname - IOS - IP Address - Ports - Model
Inside Local Address
Second Part of IOS Version
Host-to-Host Communications
CDP Vulnerabilities
27. ACK and RST
Syntax for Reflexive ACLs
Flags used by Established Line
TCP/UDP Daytime Vulnerability
Authenticating Peers
28. Users - Host PC's - IP Addresses
Inside Local Address
HTTP Operating Layer
Finger Vulnerabilities
Integrity Validation
29. Can copy - poison - corrupt - or delete the IOS
no ip mask-reply
IP Unreachable Vulnerabilities
Requirements for Reflexive TCP to be removed
BOOTP Vulnerabilities
30. Attack that involves sending a packet to the router with the same IP address in the source and destination address fields - as well as the same port number in the source and destination port field - causing a denial of service
syslog
TCP/UDP Chargen Vulnerability
Two Protocols of Tunnel Mode
Land Attack
31. Permits a host on one LAN segment to initiate a physical broadcast on a different LAN segment
Train Identifier 'S'
IP Directed Broadcast
GRE Identifier
Network Address Translation (NAT)
32. 0x32 - or 50
TCP Intercept
Reflexive ACL
Unauthorized Access
ESP Identifier
33. None - uses attached application protocol's port
Reflexive ACL
TLS/SSL Identifier
no ip http server
Static NAT
34. An extension of static mapping which allows for one global address to be mapped to multiple inside addresses; can be used for websites with multiple back end servers
ACL to block TCP SYN Attack
TCP Load Distribution
Transport Mode
Static NAT
35. Broadcast
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
36. Protocol that allows data to be exchanged using a secure channel between two computers via encryption
Secure Shell (SSH)
ESP Identifier
Flags used by Established Line
SSH1
37. Command used to disable the ICMP message Address Mask Reply
no ip mask-reply
SSH Identifier
Networks
Distribution Layer
38. Access-list <number <deny | permit> source source-wildcard source-qualifier destination dest-wildcard dest-qualifier <log | log-input>
Extended ACL format
IP Source Routing
Route Injection Attack
Three Physical Security Vulnerabilities
39. ESP - SSH - SSL/TLP
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
Three Layers of Hierarchical Model
no service tcp-small-servers
Encrypted Tunneling Methods
40. Layer 3
Fourth Part of the IOS Version
Integrity Validation
ESP Operating Layer
Anti-Replay
41. Technology
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
42. Layer 5
Standard ACL format
L2TP Operating Layer
Boot Network
Overloading
43. Mode where only the payload of the IP packet is encrypted and/or authenticated
Train Identifier 'T'
Transport Mode
GRE Identifier
Fifth Part of the IOS Version
44. Translates multiple local addresses to a pool of global addresses by having the firewall select the first available global address; retains the global address for the duration of the connection
Higher IP Extended ACL Range
Proxy ARP Vulnerabilities
General Format of Cisco IOS Version
Dynamic NAT
45. Command to disable UDP small server on a router
HTTPS Strength
Sixth (Optional) Part of the IOS Version
Unicast Reverse-Path Forwarding (uRPF)
no service udp-small-servers
46. Minor Version
no ip http server
Cisco Express Forwarding (CEF)
Three Layers of Hierarchical Model
Second Part of IOS Version
47. Traffic is passed in plaintext
HTTP Vulnerability
TLS/SSL Identifier
Two Protocols of Tunnel Mode
Boot Network Vulnerabilities
48. Router threat that refers to willful attempts to cause such disruptions by overwhelming the targeted system with improperly formatted traffic
ACL to block a Smurf Attack or Fraggle Attack
Uses for ACLs
Denial of Service (DoS)
Sixth (Optional) Part of the IOS Version
49. Software that passively monitors the connection requests flowing through the router; if a connection fails - the software sends a Reset to the server to clear up its state
TCP Intercept Watch Mode
ntp disable
Train Idenifier 'E'
Common uses of Access Lists
50. Refers to the addresses on the public internet
IP Unreachable Vulnerabilities
Boot Network Vulnerabilities
Outside
Authenticating Peers