SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What Inside and Outside refer to in NAT
L2TP Identifier
no cdp run
Tunneling
Devices
2. Software that blocks packets from unreachable hosts - thus allowing only reachable external hosts to initiate connections to a host on an internal network
Common uses of Access Lists
Network-to-Network Communications
Network Address Translation (NAT)
TCP Intercept
3. 2000-2699
Anti-Replay
Higher IP Extended ACL Range
ACL to block TCP SYN Attack
CDP Vulnerabilities
4. Privilege level that restricts users to five commands (enable - disable - exit - help quit)
HTTP Tunneling
Inside Local Address
ACL to block a Land Attack
Privilege Level 0
5. Command to disable CDP on a router
SNMP Vulnerabilities
no cdp run
L2TP Operating Layer
Session Hijacking
6. Forces the user to enter both a valid username and password
Named ACL
login local
ACL to block telnet
GRE Identifier
7. Broadcast
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
8. Accounts without passwords - Type 7 encryption - account privilege higher than 1 - able to be fingered
User Account Vulnerabilites
BOOTP
Finger Vulnerabilities
Global Addresses
9. When one network protocol called the payload protocol is encapsulated within a different delivery network - or provide a secure path through an untrusted network
Tunneling
no ip finger - no service finger
Network-to-Network Communications
ACL to block a Smurf Attack or Fraggle Attack
10. Layer 7
SSH Operating Layer
Outside Global Address
Inside Global Address
NTP Vulnerabilities
11. Privilege level that is restricted to basic level operations
Privilege Level 1
Fraggle Attack
IP Directed Broadcast
Two Protocols of Tunnel Mode
12. TCP and UDP Port 161
TCP/UDP Discard Vulnerability
SNMP
Overloading
Authenticating Peers
13. Breaks LAN security perimeter extends LAN to Layer 2
Generic Routing Encapsulation (GRE)
Static NAT
Proxy ARP Vulnerabilities
Privilege Level 15
14. Users - Host PC's - IP Addresses
HTTP Identifier
Finger Vulnerabilities
no ip finger - no service finger
Inside
15. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet
Masquerading
SNMP Trap
BOOTP Vulnerabilities
Second Part of IOS Version
16. 2000-2699
ACL to block TCP SYN Attack
TCP SYN Attack
IP Unreachable Vulnerabilities
Lower IP Extended ACL Range
17. Tunnel Mode Protocol provides confidentiality - along with authentication and integrity protection with encryption
Networks
Encapsulation Security Payload (ESP)
IP Unreachable Vulnerabilities
Higher IP Extended ACL Range
18. Command used to disable the ICMP message Address Mask Reply
Requirements for Reflexive TCP to be removed
no ip mask-reply
BOOTP
ACL to block a Smurf Attack or Fraggle Attack
19. When a router acts as an intermediary for ARP queries on selected interfaces and enabling transparent access between multiple LAN segments
Train Idenifier 'E'
no service tcp-small-servers
Proxy ARP
ESP Identifier
20. Attack that involves sending a large amount of UDP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet
Fraggle Attack
Proxy ARP
NTP Vulnerabilities
TCP/UDP Daytime Vulnerability
21. Form of dynamic NAT that maps multiple unregistered IP addresses to a single registered IP address by using different ports; limited to ~64 -000 hosts
Overloading
Layer 2 Tunneling Protocol (L2TP)
Integrity Validation
TCP Intercept
22. What Local and Global refer to in NAT
Networks
Higher IP Standard ACL Range
Outside Local Address
IP Unreachable Vulnerabilities
23. Service Provider
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
24. DENY IP HOST <Inbound IP Address> HOST <Inbound IP Address>
ACL to block a Land Attack
Uses for ACLs
Lower IP Standard ACL Range
Reflexive ACL
25. Geolocational positioning
Encapsulation Security Payload (ESP)
TCP/UDP Daytime Vulnerability
Dynamic NAT
L2TP Operating Layer
26. Technology
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
27. Mode where only the payload of the IP packet is encrypted and/or authenticated
Standard IP ACLs
Outside Local Address
Transport Mode
Uses for ACLs
28. Block spoofed IP packets - block loopback packets - block IP multicast if unused - block ICMP redirects - Block telnet if not used
Inside Global Address
Common uses of Access Lists
Network Time Protocol (NTP)
no ip redirect
29. Two FIN bits or one RST bit
Requirements for Reflexive TCP to be removed
Static NAT
Land Attack
Lower IP Standard ACL Range
30. 1300-1999
ACL to block a Smurf Attack or Fraggle Attack
Higher IP Standard ACL Range
L2TP Identifier
Route Injection Attack
31. Authentication Header (AH) and Encapsulated Security Payload (ESP)
ACL to block a Smurf Attack or Fraggle Attack
Two Protocols of Tunnel Mode
Sixth (Optional) Part of the IOS Version
Host-to-Host Communications
32. Routing mode depended on by uRPF in order to function
Cisco Express Forwarding (CEF)
Syntax for Reflexive ACLs
Train Identifier 'B'
SNMP
33. Datagram protocol used by some hosts to load their operating system over the network via a central repository of IOS software
HTTPS Strength
BOOTP
Access List Rules
Outside Global Address
34. Uses SSL port 443
Global Addresses
IP Source Routing
Fraggle Attack
HTTPS Strength
35. Helps to mitigate problems that are caused by the introduction of malformed or spoofed IP source addresses into a network by discarding packets lacking a verifiable IP source address
Cisco Discovery Protocol (CDP)
Unicast Reverse-Path Forwarding (uRPF)
General Format of Cisco IOS Version
Outside
36. Minor Version
Sixth (Optional) Part of the IOS Version
Second Part of IOS Version
IP Source Routing
TCP/UDP Daytime Vulnerability
37. Command to disable UDP small server on a router
uRPF Strength
Unauthorized Access
no service udp-small-servers
Lower IP Standard ACL Range
38. A method of bypassing firewall or proxy restrictions by making the firewall think that it is getting traffic from a web browser
HTTP Tunneling
Access Layer
IP Source Routing
Minimum ACLs Required for Reflexive ACLs
39. PERMIT TCP ANY ANY ESTABLISHED
Minimum ACLs Required for Reflexive ACLs
Network Address Translation (NAT)
ACL to block TCP SYN Attack
IP Unreachable Vulnerabilities
40. The host can specify which route to take - which bypasses security
no ip mask-reply
IP Source Routing Vulnerabilities
L2TP Identifier
Anti-Replay
41. Rebuild Number
ACL to block a Land Attack
Static NAT
Sixth (Optional) Part of the IOS Version
Inside Global Address
42. Release Number
Proxy ARP Vulnerabilities
Third Part of the IOS Version
Dynamic NAT
ACL to block spoofed IPs
43. Attack that involves sending a large amount of ICMP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet
Smurf Attack
TCP SYN Attack
General Format of Cisco IOS Version
Encrypted Tunneling Methods
44. None - uses attached application protocol's port
Lower IP Extended ACL Range
SNMP Trap
Networks
TLS/SSL Identifier
45. Privilege levels that can have passwords assigned to them
Privilege Levels 2-13
IP Unreachable Vulnerabilities
Named ACL
ACL to block TCP SYN Attack
46. Also known as Configuration Auto-Loading - allows routers to load their startup configuration from the network
Cisco Express Forwarding (CEF)
Third Part of the IOS Version
Lower IP Standard ACL Range
Boot Network
47. What Transport Mode is used for
User Account Vulnerabilites
Host-to-Host Communications
TCP Intercept
SSH Identifier
48. War dialing
Land Attack
IP Source Routing Vulnerabilities
AUX Vulnerability
BOOTP Vulnerabilities
49. The environment - catastrophic events an unauthorized access
Overloading
UDP Traceroute Port Range
Land Attack
Three Physical Security Vulnerabilities
50. Privilege level that has Global administration capabilities
Unicast Reverse-Path Forwarding (uRPF)
Privilege Level 15
Rerouting
Standard IP ACLs