SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Can stop spoofed IP addresses
TCP/UDP Discard Vulnerability
uRPF Strength
Proxy ARP Vulnerabilities
Common uses of Access Lists
2. Interim Build Number
Fourth Part of the IOS Version
Layer 2 Tunneling Protocol (L2TP)
IP Spoofing
echo - chargen - discard - daytime
3. Mode where the entire packet is encrypted and/or authenticated - requiring a new IP packet to be encapsulated
Local Addresses
Inside Local Address
Tunnel Mode
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
4. Tunnel Mode Protocol provides integrity - authentication - and non-repudiation and operates directly on top of IP
ACL to block a Land Attack
Authentication Header (AH)
Encrypting Traffic
First Part of IOS Version
5. Refers to addresses used on the organization's private network
Local Addresses
Proxy ARP
Outside
ESP Identifier
6. Public IP address after translation
UDP Traceroute Port Range
Outside Global Address
SNMP
login local
7. Router to Router Denial of Service
TCP SYN Attack
Established Line
Third Part of the IOS Version
TCP/UDP Echo Vulnerability
8. Privilege level that restricts users to five commands (enable - disable - exit - help quit)
IP Source Routing
HTTP Operating Layer
Denial of Service (DoS)
Privilege Level 0
9. Top of the hierarchy - responsible for transporting large amounts of traffic both reliably and quickly and switching traffic as fast as possible throughout the internet
Core Layer
no service tcp-small-servers
no ip mask-reply
Higher IP Standard ACL Range
10. DENY IP 224.0.0.0 15.255.255.255 ANY
ACL to block IP multicast
Encrypting Traffic
Proxy ARP
Access Layer
11. Protects against repeating of secure sessions
Finger Vulnerabilities
Cisco Express Forwarding (CEF)
Anti-Replay
Smurf Attack
12. Time can be changed - Routing Table can be killed
NTP Vulnerabilities
TCP Intercept Watch Mode
Reflexive ACL
Access Layer
13. Routing mode depended on by uRPF in order to function
Privilege Level 0
SNMP
Dynamic NAT
Cisco Express Forwarding (CEF)
14. The environment - catastrophic events an unauthorized access
Eavesdropping and Information Theft
General Format of Cisco IOS Version
inger Server
Three Physical Security Vulnerabilities
15. DENY IP <Network ID> <Network WC Mask> ANY
ACL to block spoofed IPs
syslog
Cisco Express Forwarding (CEF)
IP Mask Reply Vulnerabilities
16. Service Provider
17. Layer 5
ACL to block a Land Attack
Privilege Levels 2-13
L2TP Operating Layer
Distributed Denial of Service Attacks
18. Four TCP/UDP Small Server commands recommended to disable
echo - chargen - discard - daytime
Global Addresses
Privilege Levels 2-13
IPSec AH Operating Layer
19. Layer 3
ESP Identifier
GRE Operating Layer
ACL to block IP multicast
Third Part of the IOS Version
20. Release Number
Encapsulation Security Payload (ESP)
IPSec AH Operating Layer
Authenticating Peers
Third Part of the IOS Version
21. 1300-1999
User Account Vulnerabilites
Networks
TCP/UDP Daytime Vulnerability
Higher IP Standard ACL Range
22. Mode where only the payload of the IP packet is encrypted and/or authenticated
Transport Mode
TCP/UDP Chargen Vulnerability
Networks
DNS Lookup Vulnerability
23. ACK and RST
Internet Protocol Security (IPSec)
Secure Shell (SSH)
SNMP
Flags used by Established Line
24. Cryptographic protocols that provide secure communications on the Internet for such thing as WWW - email - faxing - IM - and other data transfers
Layer 2 Tunneling Protocol (L2TP)
Fifth Part of the IOS Version
Cisco Discovery Protocol (CDP)
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
25. Command used to disable NTP on an interface
Network-to-Network Communications
ntp disable
no ip redirect
IP Spoofing
26. This layer controls user and workgroup acess to the Internetwork resources at the local level using segmentation of networks to create separate collision domains - AKA an organization's trusted network
Secure Shell (SSH)
IP Spoofing
Access Layer
Three Layers of Hierarchical Model
27. Uses SSL port 443
SNMP
HTTPS Strength
login local
SSH2
28. Smurf attacks - can enumerate the network
DNS Lookup Vulnerability
Fifth Part of the IOS Version
IP Direct Broadcast Vulnerabilties
Encrypted Tunneling Methods
29. An alternative for both standard and extended ACLs that allow you to refer to an ACL by a descriptive name instead of a number
Named ACL
L2TP Identifier
Devices
HTTP Vulnerability
30. Access-list <number <deny | permit> source source-wildcard source-qualifier destination dest-wildcard dest-qualifier <log | log-input>
Proxy ARP Vulnerabilities
Lower IP Standard ACL Range
Extended ACL format
Two Modes of IPSec
31. Allows the source IP host to specify a route through the IP network
IP Unreachable Vulnerabilities
IP Source Routing
Inside
Authentication Header (AH)
32. Allows for a one-to-one translation of local to global addresses; used by web servers and mail servers so that users can connect to them via their global address
IP Direct Broadcast Vulnerabilties
Encrypted Tunneling Methods
Static NAT
ntp disable
33. Command to disable CDP on a router
SNMP Trap
HTTP Tunneling
no cdp run
echo - chargen - discard - daytime
34. Attack that involves a multitude of compromised system attack a single target - denying service to it by exploiting one 'master' system that communicates with other 'zombie' systems
SSH Identifier
Distributed Denial of Service Attacks
Uses for ACLs
Anti-Replay
35. What Transport Mode is used for
Inside Global Address
Privilege Level 1
ACL to block telnet
Host-to-Host Communications
36. These ACLs filter by network or host IP addresses andspecific protocol type or port numbers - filters by source and destination
no ip bootp server
TCP/UDP Daytime Vulnerability
Extended IP ACLs
Access Layer
37. Also known as Configuration Auto-Loading - allows routers to load their startup configuration from the network
Two Protocols of Tunnel Mode
Boot Network
SSH Identifier
Reflexive ACL
38. Lists interfaces - routing table - ARP table - physical and network addresses - time last booted
IPSec AH Identifier
Proxy ARP
Devices
SNMP Vulnerabilities
39. Buffer Overflow
Privilege Level 15
Sixth (Optional) Part of the IOS Version
TCP/UDP Chargen Vulnerability
ntp disable
40. Permits a host on one LAN segment to initiate a physical broadcast on a different LAN segment
DNS Lookup Vulnerability
Authentication Header (AH)
IP Directed Broadcast
Sixth (Optional) Part of the IOS Version
41. Dialer List - Routing Maps - Dynamic Routing Protocols - Controlling Remote Access - NAT'ing - Traffic Filtering
Anti-Replay
Uses for ACLs
BOOTP Vulnerabilities
HTTP Operating Layer
42. Protocol used to keep their time-of-day clocks accurate and in sync
no ip bootp server
Local Addresses
Network Time Protocol (NTP)
IP Direct Broadcast Vulnerabilties
43. Cisco default tunneling protocol that uses multicast addressing without encryption and is designed to encapsulate a wide variety of network layer packets inside IP tunneling packets
Fourth Part of the IOS Version
Outside
Generic Routing Encapsulation (GRE)
Networks
44. Minor Version
Second Part of IOS Version
Host-to-Host Communications
NTP Vulnerabilities
Train Identifier 'S'
45. TCP and UDP Port 161
Second Part of IOS Version
Syntax for Reflexive ACLs
SNMP
IP Unreachable Vulnerabilities
46. DENY IP 127.0.0.0 0.255.255.255 ANY
IP Mask Reply Vulnerabilities
Named ACL Format
TCP Intercept
ACL to block incoming loopback packets
47. No Known Vulnerability
Named ACL
Established Line
Fifth Part of the IOS Version
TCP/UDP Discard Vulnerability
48. Command to disable UDP small server on a router
Sixth (Optional) Part of the IOS Version
no service udp-small-servers
SSH2
Three Layers of Hierarchical Model
49. Layer 3
IPSec AH Operating Layer
IP Spoofing
ACL to block a Land Attack
uRPF Strength
50. Two - one Inbound or Evaluated and one Outbound or Reflected
TCP Load Distribution
CDP Vulnerabilities
Minimum ACLs Required for Reflexive ACLs
User Account Vulnerabilites
