SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Dialer List - Routing Maps - Dynamic Routing Protocols - Controlling Remote Access - NAT'ing - Traffic Filtering
Overloading
Uses for ACLs
Eavesdropping and Information Theft
Encrypted Tunneling Methods
2. DENY IP 224.0.0.0 15.255.255.255 ANY
Lower IP Standard ACL Range
HTTPS Strength
ACL to block IP multicast
IP Source Routing
3. TCP and UDP Port 161
SNMP
Core Layer
Higher IP Extended ACL Range
Encrypted Tunneling Methods
4. An alternative for both standard and extended ACLs that allow you to refer to an ACL by a descriptive name instead of a number
no ip bootp server
SSH1
Named ACL
UDP Traceroute Port Range
5. Tunnel Mode Protocol provides confidentiality - along with authentication and integrity protection with encryption
Train Idenifier 'E'
no ip unreachable
ACL to block a Land Attack
Encapsulation Security Payload (ESP)
6. 0x32 - or 50
HTTP Operating Layer
Rerouting
Access Layer
ESP Identifier
7. Command used to disable HTTP Server
no ip http server
no service tcp-small-servers
L2TP Identifier
Train Identifier 'T'
8. Protects against repeating of secure sessions
TCP/UDP Chargen Vulnerability
Anti-Replay
Syntax for Reflexive ACLs
Network Address Translation (NAT)
9. Two FIN bits or one RST bit
ESP Operating Layer
no cdp run
Requirements for Reflexive TCP to be removed
Transport Mode
10. These ACLs filter by network or host IP addresses andspecific protocol type or port numbers - filters by source and destination
Extended IP ACLs
TCP SYN Attack
BOOTP
Host-to-Host Communications
11. 0x33 or 51
SNMP
TCP SYN Attack
Smurf Attack
IPSec AH Identifier
12. Four TCP/UDP Small Server commands recommended to disable
Core Layer
no ip unreachable
Second Part of IOS Version
echo - chargen - discard - daytime
13. Layer 3
Standard IP ACLs
ESP Operating Layer
Static NAT
TCP/UDP Daytime Vulnerability
14. These ACLs filter by network or host IP address and only filter on source
Train Identifier 'T'
Standard IP ACLs
Three Layers of Hierarchical Model
Route Injection Attack
15. Router threat that refers to willful attempts to cause such disruptions by overwhelming the targeted system with improperly formatted traffic
Outside
Inside
Rerouting
Denial of Service (DoS)
16. A suite of protocols for securing Internet Protocol communications by authenticating and/or encrypting each IP packet in a data stream
IPSec AH Operating Layer
Internet Protocol Security (IPSec)
Extended ACL format
IP Spoofing
17. Release Number
SNMP
IP Spoofing
Third Part of the IOS Version
Extended ACL format
18. No Known Vulnerability
TCP/UDP Discard Vulnerability
ACL to block spoofed IPs
TLS/SSL Layer
NTP Vulnerabilities
19. Command used to disable NTP on an interface
GRE Identifier
ntp disable
Proxy ARP Vulnerabilities
syslog
20. This server is used for querying a host about its logged in users
HTTP Identifier
Established Line
Privilege Levels 2-13
inger Server
21. Uses server and host keys to authenticate systems
uRPF Strength
Networks
Privilege Level 0
SSH1
22. When one network protocol called the payload protocol is encapsulated within a different delivery network - or provide a secure path through an untrusted network
Tunneling
Uses for ACLs
TCP/UDP Daytime Vulnerability
Outside Local Address
23. Technology
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
24. Lists interfaces - routing table - ARP table - physical and network addresses - time last booted
Privilege Level 1
ntp disable
SNMP Vulnerabilities
IP Direct Broadcast Vulnerabilties
25. Buffer Overflow
IP Unreachable Vulnerabilities
TCP/UDP Chargen Vulnerability
IP Source Routing
Secure Shell (SSH)
26. Datagram protocol used by some hosts to load their operating system over the network via a central repository of IOS software
TCP Intercept
BOOTP
Encapsulation Security Payload (ESP)
Tunnel Mode
27. Provides confidentiality - so it cannot be read by unauthorized parties
Three Physical Security Vulnerabilities
Layer 2 Tunneling Protocol (L2TP)
Devices
Encrypting Traffic
28. Command used to disable the ICMP message Redirect
no ip redirect
TCP SYN Attack
Extended IP ACLs
TCP/UDP Discard Vulnerability
29. Block spoofed IP packets - block loopback packets - block IP multicast if unused - block ICMP redirects - Block telnet if not used
SNMP Trap
DNS Lookup Vulnerability
Transport Mode
Common uses of Access Lists
30. Cisco default tunneling protocol that uses multicast addressing without encryption and is designed to encapsulate a wide variety of network layer packets inside IP tunneling packets
Transport Mode
HTTPS Strength
Inside Global Address
Generic Routing Encapsulation (GRE)
31. Access-list <number <deny | permit> source source-wildcard source-qualifier destination dest-wildcard dest-qualifier <log | log-input>
Internet Protocol Security (IPSec)
Extended ACL format
Access Layer
Higher IP Extended ACL Range
32. Allows packets to be filtered based on upper-layer session information - only uses extended temporary ACL's and must be named - applied on border routers
BOOTP
Privilege Level 15
Reflexive ACL
Proxy ARP
33. Plaintext
Lower IP Standard ACL Range
Telnet - HTTP - SNMP Vulnerability
Fifth Part of the IOS Version
Smurf Attack
34. TCP Port 80
Train Idenifier 'E'
Fraggle Attack
HTTP Identifier
Higher IP Standard ACL Range
35. Proprietary - used by Cisco routers and switches use to identify each other on LAN and WAN segments
Fraggle Attack
Cisco Discovery Protocol (CDP)
Two Modes of IPSec
Access Layer
36. Forces the user to enter both a valid username and password
Network Address Translation (NAT)
login local
Privilege Level 1
no ip bootp server
37. None - uses attach application protocol's layer
TCP/UDP Chargen Vulnerability
ESP Identifier
TLS/SSL Layer
Three Physical Security Vulnerabilities
38. ACK and RST
Distribution Layer
Boot Network
Flags used by Established Line
TLS/SSL Identifier
39. A secure alternative to telnet for remote administration that supported in Enterprise versions of Cisco IOS
SSH
TCP Intercept Watch Mode
Syntax for Reflexive ACLs
Secure Shell (SSH)
40. Router to Router Denial of Service
Global Addresses
TCP/UDP Echo Vulnerability
ntp disable
no service udp-small-servers
41. Data link layer protocol used for tunneling network traffic between two peers over an existing network - often used with IPsec to secure packets
ACL to block telnet
ACL to block IP multicast
Layer 2 Tunneling Protocol (L2TP)
IP Unreachable Vulnerabilities
42. Can obtain CIDR and router ID
no ip http server
Layer 2 Tunneling Protocol (L2TP)
Higher IP Extended ACL Range
IP Mask Reply Vulnerabilities
43. Layer 7
echo - chargen - discard - daytime
HTTP Operating Layer
Authenticating Peers
Uses for ACLs
44. Layer 3
IPSec AH Operating Layer
TCP/UDP Echo Vulnerability
Cisco Express Forwarding (CEF)
BOOTP
45. Privilege level that has Global administration capabilities
Outside Local Address
Internet Protocol Security (IPSec)
Privilege Level 15
Three Layers of Hierarchical Model
46. Release Train Identifier
Outside Global Address
Tunneling
Smurf Attack
Fifth Part of the IOS Version
47. 33400-34400
Integrity Validation
UDP Traceroute Port Range
Privilege Level 1
L2TP Identifier
48. Command to disable UDP small server on a router
Outside Global Address
HTTP Operating Layer
no service udp-small-servers
Telnet - HTTP - SNMP Vulnerability
49. Mode where only the payload of the IP packet is encrypted and/or authenticated
ESP Operating Layer
Transport Mode
SNMP Vulnerabilities
IP Direct Broadcast Vulnerabilties
50. Authentication Header (AH) and Encapsulated Security Payload (ESP)
Two Protocols of Tunnel Mode
GRE Operating Layer
TCP Load Distribution
IP Direct Broadcast Vulnerabilties
