SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Uses server and host keys to authenticate systems
Inside Global Address
no ip http server
SSH1
AUX Vulnerability
2. Geolocational positioning
NTP Vulnerabilities
TCP/UDP Daytime Vulnerability
Three Physical Security Vulnerabilities
HTTP Tunneling
3. Local and Remote
login local
Two Types of Router Access
Rerouting
Layer 2 Tunneling Protocol (L2TP)
4. Ip accesslist extended <name1> - permit IP any any reflect <filename> - ip accesslist extended <name2> - evaluate <filename> - int f0/0 - ip access-group <name1> out - ip access-group <name2> in
TCP/UDP Chargen Vulnerability
Third Part of the IOS Version
TCP/UDP Daytime Vulnerability
Syntax for Reflexive ACLs
5. Users - Host PC's - IP Addresses
Finger Vulnerabilities
TLS/SSL Layer
TCP/UDP Echo Vulnerability
IPSec AH Operating Layer
6. Transport and Tunnel
Two Modes of IPSec
ACL to block IP multicast
Privilege Level 1
Tunneling
7. Interim Build Number
Fourth Part of the IOS Version
TCP Load Distribution
Static NAT
Cisco Discovery Protocol (CDP)
8. Software that passively monitors the connection requests flowing through the router; if a connection fails - the software sends a Reset to the server to clear up its state
Third Part of the IOS Version
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
TCP Intercept Watch Mode
IP Spoofing
9. ESP - SSH - SSL/TLP
HTTP Tunneling
Reflexive ACL
no service tcp-small-servers
Encrypted Tunneling Methods
10. Command used to disable HTTP Server
Flags used by Established Line
SSH Identifier
no ip http server
no ip redirect
11. Layer 3
IP Source Routing Vulnerabilities
ACL to block a Land Attack
Privilege Level 0
IPSec AH Operating Layer
12. Uses SSL port 443
Two Types of Router Access
HTTPS Strength
User Account Vulnerabilites
ESP Identifier
13. Allows the source IP host to specify a route through the IP network
IP Source Routing
Train Identifier 'S'
TCP Intercept
Train Identifier 'B'
14. TCP only - used to filter inbound traffic while allowing return TCP sessions - can be spoofed by attackers and cannot be used with Active FTP
Established Line
ntp disable
Privilege Level 15
Inside
15. Software that blocks packets from unreachable hosts - thus allowing only reachable external hosts to initiate connections to a host on an internal network
Denial of Service (DoS)
TCP Intercept
Unicast Reverse-Path Forwarding (uRPF)
SSH Identifier
16. When a router acts as an intermediary for ARP queries on selected interfaces and enabling transparent access between multiple LAN segments
ACL to block spoofed IPs
Layer 2 Tunneling Protocol (L2TP)
Common uses of Access Lists
Proxy ARP
17. Cryptographic protocols that provide secure communications on the Internet for such thing as WWW - email - faxing - IM - and other data transfers
L2TP Identifier
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
Integrity Validation
IP Spoofing
18. Attack that involves transmitting a volume of connections that cannot be completed at the destination - causing the queue to fill up and denying service to legitimate user
TCP SYN Attack
Three Physical Security Vulnerabilities
ACL to block IP multicast
SSH1
19. Protocol that allows data to be exchanged using a secure channel between two computers via encryption
GRE Identifier
Extended ACL format
Secure Shell (SSH)
Outside Local Address
20. Protocol used to keep their time-of-day clocks accurate and in sync
Network Time Protocol (NTP)
Extended ACL format
Layer 2 Tunneling Protocol (L2TP)
Lower IP Standard ACL Range
21. What Local and Global refer to in NAT
uRPF Strength
SSH Identifier
Networks
Standard ACL format
22. These ACLs filter by network or host IP address and only filter on source
BOOTP Vulnerabilities
Standard IP ACLs
Generic Routing Encapsulation (GRE)
DNS Lookup Vulnerability
23. Startup-config can be deleted - copied - changed
Reflexive ACL
Inside Global Address
GRE Identifier
Boot Network Vulnerabilities
24. Uses only host keys to authenticate systems
SSH Operating Layer
Core Layer
Sixth (Optional) Part of the IOS Version
SSH2
25. Rebuild Number
Devices
Sixth (Optional) Part of the IOS Version
Three Layers of Hierarchical Model
BOOTP
26. Traffic is passed in plaintext
DNS Lookup Vulnerability
HTTP Vulnerability
inger Server
Inside
27. Helps to mitigate problems that are caused by the introduction of malformed or spoofed IP source addresses into a network by discarding packets lacking a verifiable IP source address
inger Server
HTTP Tunneling
Standard ACL format
Unicast Reverse-Path Forwarding (uRPF)
28. Forces the user to enter both a valid username and password
Distributed Denial of Service Attacks
HTTP Identifier
no ip mask-reply
login local
29. The environment - catastrophic events an unauthorized access
Smurf Attack
Encrypted Tunneling Methods
Three Physical Security Vulnerabilities
Network Address Translation (NAT)
30. An extension of static mapping which allows for one global address to be mapped to multiple inside addresses; can be used for websites with multiple back end servers
UDP Traceroute Port Range
TCP Load Distribution
HTTP Vulnerability
SSH Identifier
31. Accounts without passwords - Type 7 encryption - account privilege higher than 1 - able to be fingered
login local
Transport Mode
User Account Vulnerabilites
Anti-Replay
32. Time can be changed - Routing Table can be killed
Reflexive ACL
NTP Vulnerabilities
HTTP Vulnerability
ACL to block spoofed IPs
33. Refers to addresses used on the organization's private network
Inside
ACL to block TCP SYN Attack
Global Addresses
SSH
34. Device - Hostname - IOS - IP Address - Ports - Model
Sixth (Optional) Part of the IOS Version
Train Identifier 'S'
CDP Vulnerabilities
Train Identifier 'T'
35. 0x2F - or 47
GRE Identifier
TCP/UDP Echo Vulnerability
Eavesdropping and Information Theft
Cisco Discovery Protocol (CDP)
36. Layer 7
TCP/UDP Echo Vulnerability
SSH Operating Layer
Authenticating Peers
Higher IP Extended ACL Range
37. Command used to disable NTP on an interface
Tunnel Mode
ntp disable
L2TP Operating Layer
ACL to block a Land Attack
38. Plaintext
Finger Vulnerabilities
Tunnel Mode
Telnet - HTTP - SNMP Vulnerability
Outside Local Address
39. Service Provider
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
40. Smurf attacks - can enumerate the network
echo - chargen - discard - daytime
IP Direct Broadcast Vulnerabilties
TLS/SSL Identifier
Layer 2 Tunneling Protocol (L2TP)
41. Commands to disable Finger Server
ESP Identifier
ACL to block incoming loopback packets
no ip finger - no service finger
Masquerading
42. Refers to the addresses on the public internet
no cdp run
Outside
ntp disable
IP Unreachable Vulnerabilities
43. Public IP address after translation
Encrypting Traffic
Outside Global Address
Network Time Protocol (NTP)
SSH
44. 2000-2699
Lower IP Extended ACL Range
Privilege Level 0
Inside Global Address
Fifth Part of the IOS Version
45. An alternative for both standard and extended ACLs that allow you to refer to an ACL by a descriptive name instead of a number
Network Time Protocol (NTP)
Encrypting Traffic
Named ACL
uRPF Strength
46. Layer 5
L2TP Operating Layer
Boot Network Vulnerabilities
inger Server
Fifth Part of the IOS Version
47. Dialer List - Routing Maps - Dynamic Routing Protocols - Controlling Remote Access - NAT'ing - Traffic Filtering
Privilege Level 1
Uses for ACLs
Telnet - HTTP - SNMP Vulnerability
TCP/UDP Discard Vulnerability
48. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet
Land Attack
IP Source Routing
TCP/UDP Daytime Vulnerability
IP Spoofing
49. Ip access-list <standard | extended> name - permit TCP any any established
Distribution Layer
Third Part of the IOS Version
Named ACL Format
IP Spoofing
50. Local IP address before translation
Land Attack
IPSec AH Identifier
no cdp run
Inside Local Address
