SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Provides nonrepudiation - ensuring that traffic is from a trusted party
UDP Traceroute Port Range
L2TP Operating Layer
Privilege Levels 2-13
Authenticating Peers
2. DENY IP HOST <Inbound IP Address> HOST <Inbound IP Address>
ACL to block a Land Attack
Boot Network
L2TP Identifier
GRE Operating Layer
3. These ACLs filter by network or host IP addresses andspecific protocol type or port numbers - filters by source and destination
Second Part of IOS Version
TCP/UDP Echo Vulnerability
Extended IP ACLs
syslog
4. What Inside and Outside refer to in NAT
GRE Identifier
ACL to block spoofed IPs
Devices
Core Layer
5. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet
Extended IP ACLs
Masquerading
Extended ACL format
SSH Identifier
6. Router threat that involves the unauthorized viewing and collection of network traffic; usually accomplished with a packet sniffing program
Sixth (Optional) Part of the IOS Version
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
Inside Global Address
Eavesdropping and Information Theft
7. Layer 5
TLS/SSL Identifier
Smurf Attack
L2TP Operating Layer
SNMP Vulnerabilities
8. Layer 7
Train Idenifier 'E'
no ip http server
IP Source Routing Vulnerabilities
HTTP Operating Layer
9. Layer 3
HTTPS Strength
Privilege Levels 2-13
Static NAT
IPSec AH Operating Layer
10. Block spoofed IP packets - block loopback packets - block IP multicast if unused - block ICMP redirects - Block telnet if not used
Unicast Reverse-Path Forwarding (uRPF)
Session Hijacking
Common uses of Access Lists
Networks
11. When a router acts as an intermediary for ARP queries on selected interfaces and enabling transparent access between multiple LAN segments
Proxy ARP
IP Direct Broadcast Vulnerabilties
SSH Operating Layer
Common uses of Access Lists
12. TCP Port 22
Core Layer
Reflexive ACL
Inside Local Address
SSH Identifier
13. Rebuild Number
Two Protocols of Tunnel Mode
Sixth (Optional) Part of the IOS Version
ACL to block a Smurf Attack or Fraggle Attack
Two Modes of IPSec
14. None - uses attach application protocol's layer
TLS/SSL Layer
SSH2
Dynamic NAT
SNMP
15. 1300-1999
Higher IP Standard ACL Range
SSH Operating Layer
Core Layer
IP Source Routing
16. Uses SSL port 443
BOOTP Vulnerabilities
Train Identifier 'B'
HTTPS Strength
ACL to block a Land Attack
17. Forces the user to enter both a valid username and password
login local
Proxy ARP Vulnerabilities
Named ACL
ESP Identifier
18. Privilege levels that can have passwords assigned to them
Privilege Levels 2-13
Local Addresses
IPSec AH Operating Layer
no ip mask-reply
19. Layer 7
Telnet - HTTP - SNMP Vulnerability
ESP Operating Layer
Devices
SSH Operating Layer
20. Traffic is passed in plaintext
TLS/SSL Identifier
Distributed Denial of Service Attacks
HTTP Vulnerability
IPSec AH Operating Layer
21. Provides confidentiality - so it cannot be read by unauthorized parties
Train Idenifier 'E'
Network Address Translation (NAT)
Denial of Service (DoS)
Encrypting Traffic
22. Dialer List - Routing Maps - Dynamic Routing Protocols - Controlling Remote Access - NAT'ing - Traffic Filtering
Privilege Level 1
SNMP Trap
Uses for ACLs
Outside Local Address
23. Lists interfaces - routing table - ARP table - physical and network addresses - time last booted
Inside Local Address
SNMP Vulnerabilities
Rerouting
GRE Operating Layer
24. Can discover vulnerabilities - network stats - and firewall discovery
IP Unreachable Vulnerabilities
TCP Intercept
Layer 2 Tunneling Protocol (L2TP)
ACL to block a Smurf Attack or Fraggle Attack
25. Command used to disable NTP on an interface
BOOTP Vulnerabilities
ntp disable
Second Part of IOS Version
IP Directed Broadcast
26. No Known Vulnerability
TCP/UDP Discard Vulnerability
ACL to block IP multicast
L2TP Identifier
Requirements for Reflexive TCP to be removed
27. Interim Build Number
Fourth Part of the IOS Version
ESP Operating Layer
L2TP Operating Layer
Second Part of IOS Version
28. Plaintext
Telnet - HTTP - SNMP Vulnerability
Boot Network Vulnerabilities
HTTP Identifier
Access Layer
29. Major Version
ntp disable
ESP Operating Layer
IP Unreachable Vulnerabilities
First Part of IOS Version
30. War dialing
Higher IP Extended ACL Range
IP Direct Broadcast Vulnerabilties
AUX Vulnerability
Cisco Express Forwarding (CEF)
31. Attack that involves a multitude of compromised system attack a single target - denying service to it by exploiting one 'master' system that communicates with other 'zombie' systems
Finger Vulnerabilities
Distributed Denial of Service Attacks
Two Protocols of Tunnel Mode
SNMP Trap
32. Software that passively monitors the connection requests flowing through the router; if a connection fails - the software sends a Reset to the server to clear up its state
AUX Vulnerability
Integrity Validation
echo - chargen - discard - daytime
TCP Intercept Watch Mode
33. The environment - catastrophic events an unauthorized access
CDP Vulnerabilities
Global Addresses
Three Physical Security Vulnerabilities
Session Hijacking
34. PERMIT TCP ANY ANY ESTABLISHED
ACL to block TCP SYN Attack
IPSec AH Identifier
Outside
ACL to block a Land Attack
35. Command to disable CDP on a router
TCP SYN Attack
Session Hijacking
no cdp run
Privilege Level 15
36. This layer controls user and workgroup acess to the Internetwork resources at the local level using segmentation of networks to create separate collision domains - AKA an organization's trusted network
Access Layer
Third Part of the IOS Version
Two Types of Router Access
Named ACL Format
37. Local and Remote
IP Mask Reply Vulnerabilities
Two Types of Router Access
Distribution Layer
Boot Network
38. Service Provider
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
39. Command to disable TCP small server on a router
Privilege Levels 2-13
no service tcp-small-servers
Named ACL Format
SNMP
40. Allows the source IP host to specify a route through the IP network
Tunneling
Reflexive ACL
IP Source Routing
Core Layer
41. Uses only host keys to authenticate systems
Session Hijacking
Tunnel Mode
Privilege Levels 2-13
SSH2
42. Datagram protocol used by some hosts to load their operating system over the network via a central repository of IOS software
IP Direct Broadcast Vulnerabilties
L2TP Identifier
BOOTP
Internet Protocol Security (IPSec)
43. A secure alternative to telnet for remote administration that supported in Enterprise versions of Cisco IOS
Lower IP Standard ACL Range
SSH
Boot Network Vulnerabilities
Local Addresses
44. Translates multiple local addresses to a pool of global addresses by having the firewall select the first available global address; retains the global address for the duration of the connection
Dynamic NAT
Network Address Translation (NAT)
BOOTP Vulnerabilities
ACL to block a Land Attack
45. Startup-config can be deleted - copied - changed
DNS Lookup Vulnerability
no ip unreachable
Boot Network Vulnerabilities
CDP Vulnerabilities
46. Cisco default tunneling protocol that uses multicast addressing without encryption and is designed to encapsulate a wide variety of network layer packets inside IP tunneling packets
Network-to-Network Communications
Generic Routing Encapsulation (GRE)
no ip finger - no service finger
Anti-Replay
47. 2000-2699
Access Layer
Encrypting Traffic
Lower IP Extended ACL Range
Networks
48. Attack that involves sending a large amount of UDP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet
Fraggle Attack
Tunnel Mode
Denial of Service (DoS)
Fifth Part of the IOS Version
49. Release Train Identifier
Train Identifier 'B'
HTTP Identifier
TCP Intercept
Fifth Part of the IOS Version
50. Router threat where access by an entity or individual other than authorized users
Third Part of the IOS Version
Two Modes of IPSec
Boot Network
Unauthorized Access
