SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. DENY IP 224.0.0.0 15.255.255.255 ANY
Core Layer
Telnet - HTTP - SNMP Vulnerability
ACL to block IP multicast
Inside
2. The communication layer between the two other layers and provides network security - including ACLs - firewalls - any general public access servers and address translation; also known as the isolation LAN or DMZ
Inside Global Address
SSH Identifier
IP Unreachable Vulnerabilities
Distribution Layer
3. Transport and Tunnel
TCP SYN Attack
Two Modes of IPSec
Three Layers of Hierarchical Model
Access Layer
4. When a router acts as an intermediary for ARP queries on selected interfaces and enabling transparent access between multiple LAN segments
Proxy ARP
Extended IP ACLs
Extended ACL format
Static NAT
5. Access-list <number> <deny | permit> source source-wildcard log
Networks
First Part of IOS Version
User Account Vulnerabilites
Standard ACL format
6. Users - Host PC's - IP Addresses
Encapsulation Security Payload (ESP)
Telnet - HTTP - SNMP Vulnerability
Finger Vulnerabilities
Core Layer
7. When one network protocol called the payload protocol is encapsulated within a different delivery network - or provide a secure path through an untrusted network
Transport Mode
GRE Operating Layer
Tunneling
TCP/UDP Daytime Vulnerability
8. Allows for a one-to-one translation of local to global addresses; used by web servers and mail servers so that users can connect to them via their global address
Static NAT
ACL to block TCP SYN Attack
Devices
Fraggle Attack
9. Refers to addresses used on the organization's private network
HTTPS Strength
Network-to-Network Communications
Outside Global Address
Global Addresses
10. Mode where the entire packet is encrypted and/or authenticated - requiring a new IP packet to be encapsulated
Secure Shell (SSH)
Three Layers of Hierarchical Model
Finger Vulnerabilities
Tunnel Mode
11. Traffic is passed in plaintext
Standard IP ACLs
HTTP Vulnerability
TCP Intercept
Uses for ACLs
12. Smurf attacks - can enumerate the network
login local
HTTP Vulnerability
Cisco Express Forwarding (CEF)
IP Direct Broadcast Vulnerabilties
13. Authentication Header (AH) and Encapsulated Security Payload (ESP)
Two Protocols of Tunnel Mode
ACL to block a Land Attack
echo - chargen - discard - daytime
ACL to block incoming loopback packets
14. Router threat that involves the unauthorized viewing and collection of network traffic; usually accomplished with a packet sniffing program
Eavesdropping and Information Theft
Outside Local Address
HTTP Tunneling
Network Address Translation (NAT)
15. ESP - SSH - SSL/TLP
Network-to-Network Communications
Encrypted Tunneling Methods
TCP/UDP Echo Vulnerability
Layer 2 Tunneling Protocol (L2TP)
16. Can discover vulnerabilities - network stats - and firewall discovery
TCP/UDP Echo Vulnerability
ACL to block incoming loopback packets
IP Unreachable Vulnerabilities
ACL to block IP multicast
17. Rewrites the and/or destination IP address of IP packets as they pass through a router or firewall from private to public addresses
User Account Vulnerabilites
Standard IP ACLs
Network Address Translation (NAT)
SSH Operating Layer
18. Enterprise
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
19. 0x32 - or 50
Higher IP Extended ACL Range
ESP Identifier
uRPF Strength
Standard IP ACLs
20. 0x33 or 51
HTTPS Strength
Two Protocols of Tunnel Mode
Local Addresses
IPSec AH Identifier
21. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet
Tunneling
Devices
Extended IP ACLs
Masquerading
22. Cryptographic protocols that provide secure communications on the Internet for such thing as WWW - email - faxing - IM - and other data transfers
HTTP Identifier
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
Privilege Level 0
Unicast Reverse-Path Forwarding (uRPF)
23. An extension of static mapping which allows for one global address to be mapped to multiple inside addresses; can be used for websites with multiple back end servers
GRE Operating Layer
TCP Intercept
TCP Load Distribution
Overloading
24. Tunnel Mode Protocol provides integrity - authentication - and non-repudiation and operates directly on top of IP
L2TP Operating Layer
Authentication Header (AH)
Requirements for Reflexive TCP to be removed
no ip unreachable
25. Attack that involves sending a packet to the router with the same IP address in the source and destination address fields - as well as the same port number in the source and destination port field - causing a denial of service
Boot Network Vulnerabilities
echo - chargen - discard - daytime
ACL to block a Smurf Attack or Fraggle Attack
Land Attack
26. Command to disable TCP small server on a router
IP Directed Broadcast
no service tcp-small-servers
Global Addresses
Extended ACL format
27. Provides nonrepudiation - ensuring that traffic is from a trusted party
Authenticating Peers
ACL to block telnet
SNMP Vulnerabilities
CDP Vulnerabilities
28. TCP only - used to filter inbound traffic while allowing return TCP sessions - can be spoofed by attackers and cannot be used with Active FTP
Established Line
uRPF Strength
IP Spoofing
Network Time Protocol (NTP)
29. Breaks LAN security perimeter extends LAN to Layer 2
Proxy ARP Vulnerabilities
inger Server
Authentication Header (AH)
Rerouting
30. Broadcast
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
31. Privilege levels that can have passwords assigned to them
Train Identifier 'B'
Privilege Levels 2-13
BOOTP
NTP Vulnerabilities
32. Interim Build Number
Fourth Part of the IOS Version
IP Directed Broadcast
Secure Shell (SSH)
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
33. Translates multiple local addresses to a pool of global addresses by having the firewall select the first available global address; retains the global address for the duration of the connection
login local
Requirements for Reflexive TCP to be removed
no ip redirect
Dynamic NAT
34. Mode where only the payload of the IP packet is encrypted and/or authenticated
HTTP Tunneling
no service tcp-small-servers
Requirements for Reflexive TCP to be removed
Transport Mode
35. Forces the user to enter both a valid username and password
login local
ACL to block a Land Attack
TCP Intercept
SNMP Trap
36. 0-99
Second Part of IOS Version
Access Layer
User Account Vulnerabilites
Lower IP Standard ACL Range
37. Command to disable BOOTP Server
no ip bootp server
Outside Local Address
Layer 2 Tunneling Protocol (L2TP)
Second Part of IOS Version
38. UDP Port 514
HTTP Operating Layer
Static NAT
no ip redirect
syslog
39. Command used to disable HTTP Server
Local Addresses
Common uses of Access Lists
Higher IP Standard ACL Range
no ip http server
40. Commands to disable Finger Server
Fourth Part of the IOS Version
ACL to block TCP SYN Attack
no ip finger - no service finger
no ip bootp server
41. Refers to addresses used on the organization's private network
Higher IP Extended ACL Range
Proxy ARP
Local Addresses
TCP Intercept Watch Mode
42. Technology
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
43. Privilege level that has Global administration capabilities
Privilege Level 15
ACL to block a Land Attack
Common uses of Access Lists
IP Spoofing
44. Router to Router Denial of Service
Network-to-Network Communications
Extended IP ACLs
Inside Local Address
TCP/UDP Echo Vulnerability
45. ACK and RST
Masquerading
Flags used by Established Line
Boot Network
Proxy ARP Vulnerabilities
46. TCP and UDP Port 161
HTTP Vulnerability
SNMP
Three Layers of Hierarchical Model
First Part of IOS Version
47. Datagram protocol used by some hosts to load their operating system over the network via a central repository of IOS software
Inside
Secure Shell (SSH)
First Part of IOS Version
BOOTP
48. Software that blocks packets from unreachable hosts - thus allowing only reachable external hosts to initiate connections to a host on an internal network
TCP Load Distribution
HTTPS Strength
TCP Intercept
AUX Vulnerability
49. These ACLs filter by network or host IP addresses andspecific protocol type or port numbers - filters by source and destination
Land Attack
Named ACL
Extended IP ACLs
Inside Global Address
50. Device - Hostname - IOS - IP Address - Ports - Model
no ip finger - no service finger
SNMP Trap
HTTP Identifier
CDP Vulnerabilities
