SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. When a router acts as an intermediary for ARP queries on selected interfaces and enabling transparent access between multiple LAN segments
Proxy ARP
Train Identifier 'B'
Flags used by Established Line
Inside Global Address
2. Uses SSL port 443
Encrypted Tunneling Methods
AUX Vulnerability
HTTPS Strength
Uses for ACLs
3. Software that blocks packets from unreachable hosts - thus allowing only reachable external hosts to initiate connections to a host on an internal network
Core Layer
Cisco Express Forwarding (CEF)
TCP Intercept
no ip bootp server
4. Uses only host keys to authenticate systems
HTTP Operating Layer
login local
SSH2
Train Idenifier 'E'
5. Breaks LAN security perimeter extends LAN to Layer 2
DNS Lookup Vulnerability
Proxy ARP Vulnerabilities
Tunneling
User Account Vulnerabilites
6. Can discover vulnerabilities - network stats - and firewall discovery
Devices
IP Unreachable Vulnerabilities
Access Layer
ESP Operating Layer
7. Command to disable BOOTP Server
Three Layers of Hierarchical Model
Outside Global Address
no ip bootp server
Inside
8. Layer 7
Outside Global Address
Encrypting Traffic
Flags used by Established Line
SSH Operating Layer
9. DENY IP 127.0.0.0 0.255.255.255 ANY
Core Layer
BOOTP
ACL to block incoming loopback packets
Lower IP Standard ACL Range
10. ESP - SSH - SSL/TLP
SSH
Encrypted Tunneling Methods
Inside Local Address
Encrypting Traffic
11. TCP and UDP Port 162
Standard ACL format
SNMP Trap
ACL to block telnet
Sixth (Optional) Part of the IOS Version
12. Forces the user to enter both a valid username and password
login local
HTTP Operating Layer
Layer 2 Tunneling Protocol (L2TP)
GRE Identifier
13. Accounts without passwords - Type 7 encryption - account privilege higher than 1 - able to be fingered
Boot Network
Requirements for Reflexive TCP to be removed
TCP/UDP Discard Vulnerability
User Account Vulnerabilites
14. Can obtain CIDR and router ID
Distributed Denial of Service Attacks
Uses for ACLs
TCP/UDP Daytime Vulnerability
IP Mask Reply Vulnerabilities
15. The host can specify which route to take - which bypasses security
Local Addresses
L2TP Identifier
IP Source Routing Vulnerabilities
Extended ACL format
16. Command used to disable the ICMP message Address Mask Reply
SSH Operating Layer
no ip mask-reply
Proxy ARP Vulnerabilities
Distribution Layer
17. Protocol used to keep their time-of-day clocks accurate and in sync
Network Time Protocol (NTP)
Higher IP Standard ACL Range
Authenticating Peers
Internet Protocol Security (IPSec)
18. 2000-2699
Fourth Part of the IOS Version
ACL to block IP multicast
Lower IP Extended ACL Range
Integrity Validation
19. Permits a host on one LAN segment to initiate a physical broadcast on a different LAN segment
IP Directed Broadcast
BOOTP
AUX Vulnerability
Fifth Part of the IOS Version
20. Privilege level that restricts users to five commands (enable - disable - exit - help quit)
Privilege Level 0
Two Types of Router Access
ACL to block IP multicast
Established Line
21. Access-list <number> <deny | permit> source source-wildcard log
HTTP Operating Layer
Standard ACL format
ACL to block a Smurf Attack or Fraggle Attack
uRPF Strength
22. Refers to the organization's private network
Inside
IP Mask Reply Vulnerabilities
Privilege Level 15
General Format of Cisco IOS Version
23. Command used to disable the ICMP message Redirect
Proxy ARP Vulnerabilities
login local
no ip http server
no ip redirect
24. What Inside and Outside refer to in NAT
SNMP
Devices
General Format of Cisco IOS Version
Named ACL
25. Transport and Tunnel
Network-to-Network Communications
Two Modes of IPSec
TCP/UDP Daytime Vulnerability
Secure Shell (SSH)
26. UDP Port 514
syslog
HTTP Operating Layer
no service udp-small-servers
UDP Traceroute Port Range
27. Router threat that involves the unauthorized viewing and collection of network traffic; usually accomplished with a packet sniffing program
Eavesdropping and Information Theft
BOOTP
HTTPS Strength
IP Source Routing Vulnerabilities
28. Layer 3
Standard IP ACLs
GRE Operating Layer
SSH Identifier
Two Types of Router Access
29. The environment - catastrophic events an unauthorized access
SSH1
Core Layer
L2TP Identifier
Three Physical Security Vulnerabilities
30. Ip access-list <standard | extended> name - permit TCP any any established
Global Addresses
Distributed Denial of Service Attacks
Two Protocols of Tunnel Mode
Named ACL Format
31. Software that passively monitors the connection requests flowing through the router; if a connection fails - the software sends a Reset to the server to clear up its state
Privilege Levels 2-13
TCP Intercept Watch Mode
Networks
SSH
32. Data link layer protocol used for tunneling network traffic between two peers over an existing network - often used with IPsec to secure packets
inger Server
Layer 2 Tunneling Protocol (L2TP)
IPSec AH Identifier
no ip bootp server
33. Command used to disable NTP on an interface
Transport Mode
Fifth Part of the IOS Version
ntp disable
Three Physical Security Vulnerabilities
34. ACK and RST
Host-to-Host Communications
Flags used by Established Line
echo - chargen - discard - daytime
Smurf Attack
35. Major Version - Minor Version - Release - Interim Build - Release Train Identifier
CDP Vulnerabilities
ACL to block a Smurf Attack or Fraggle Attack
General Format of Cisco IOS Version
Standard IP ACLs
36. These ACLs filter by network or host IP address and only filter on source
Standard IP ACLs
HTTPS Strength
Generic Routing Encapsulation (GRE)
DNS Lookup Vulnerability
37. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet
SSH2
Authenticating Peers
Train Idenifier 'E'
IP Spoofing
38. None - uses attach application protocol's layer
GRE Identifier
Encapsulation Security Payload (ESP)
TLS/SSL Layer
SSH
39. Two FIN bits or one RST bit
Requirements for Reflexive TCP to be removed
Distributed Denial of Service Attacks
Denial of Service (DoS)
L2TP Operating Layer
40. Ip accesslist extended <name1> - permit IP any any reflect <filename> - ip accesslist extended <name2> - evaluate <filename> - int f0/0 - ip access-group <name1> out - ip access-group <name2> in
General Format of Cisco IOS Version
CDP Vulnerabilities
Syntax for Reflexive ACLs
HTTP Operating Layer
41. Broadcast
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
42. Local IP address before translation
Inside Local Address
Encrypted Tunneling Methods
SSH1
login local
43. Plaintext
Two Types of Router Access
Telnet - HTTP - SNMP Vulnerability
Session Hijacking
Three Layers of Hierarchical Model
44. DENY TCP ANY HOST <IP Address> EQ 23
ACL to block telnet
Two Types of Router Access
Eavesdropping and Information Theft
Named ACL
45. DENY IP <Network ID> <Network WC Mask> ANY
ntp disable
Higher IP Standard ACL Range
uRPF Strength
ACL to block spoofed IPs
46. Device - Hostname - IOS - IP Address - Ports - Model
Requirements for Reflexive TCP to be removed
CDP Vulnerabilities
Unauthorized Access
IP Source Routing Vulnerabilities
47. Geolocational positioning
TCP/UDP Daytime Vulnerability
Extended ACL format
SSH2
Privilege Level 0
48. Tunnel Mode Protocol provides integrity - authentication - and non-repudiation and operates directly on top of IP
ACL to block telnet
no ip bootp server
Authentication Header (AH)
SSH Identifier
49. PERMIT TCP ANY ANY ESTABLISHED
SSH2
Tunneling
NTP Vulnerabilities
ACL to block TCP SYN Attack
50. A suite of protocols for securing Internet Protocol communications by authenticating and/or encrypting each IP packet in a data stream
Dynamic NAT
Three Physical Security Vulnerabilities
Minimum ACLs Required for Reflexive ACLs
Internet Protocol Security (IPSec)
