SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. 33400-34400
Fourth Part of the IOS Version
UDP Traceroute Port Range
Unauthorized Access
Lower IP Standard ACL Range
2. Refers to addresses used on the organization's private network
Local Addresses
Privilege Levels 2-13
HTTP Vulnerability
Tunnel Mode
3. Refers to the organization's private network
Inside
SNMP
Fifth Part of the IOS Version
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
4. Traffic is passed in plaintext
GRE Operating Layer
Session Hijacking
Flags used by Established Line
HTTP Vulnerability
5. Local IP address before translation
Higher IP Standard ACL Range
GRE Operating Layer
ACL to block telnet
Inside Local Address
6. 2000-2699
Third Part of the IOS Version
Named ACL Format
Higher IP Extended ACL Range
Unicast Reverse-Path Forwarding (uRPF)
7. Technology
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
8. No Known Vulnerability
Syntax for Reflexive ACLs
Network Address Translation (NAT)
TCP/UDP Discard Vulnerability
Finger Vulnerabilities
9. Can copy - poison - corrupt - or delete the IOS
BOOTP Vulnerabilities
Extended ACL format
Extended IP ACLs
Lower IP Extended ACL Range
10. DNS Poisoning
no ip finger - no service finger
DNS Lookup Vulnerability
NTP Vulnerabilities
ACL to block TCP SYN Attack
11. Attack that involves transmitting a volume of connections that cannot be completed at the destination - causing the queue to fill up and denying service to legitimate user
Standard IP ACLs
Local Addresses
TCP SYN Attack
Proxy ARP Vulnerabilities
12. Layer 3
ntp disable
ESP Operating Layer
Higher IP Extended ACL Range
Integrity Validation
13. Time can be changed - Routing Table can be killed
CDP Vulnerabilities
Two Protocols of Tunnel Mode
Route Injection Attack
NTP Vulnerabilities
14. Also known as Configuration Auto-Loading - allows routers to load their startup configuration from the network
Boot Network Vulnerabilities
GRE Identifier
Boot Network
Flags used by Established Line
15. These ACLs filter by network or host IP addresses andspecific protocol type or port numbers - filters by source and destination
Network Address Translation (NAT)
ACL to block incoming loopback packets
Extended IP ACLs
no service udp-small-servers
16. TCP and UDP Port 161
Tunnel Mode
SNMP
Privilege Levels 2-13
Inside Global Address
17. What Tunnel Mode is used for
TCP/UDP Chargen Vulnerability
Inside Local Address
Network-to-Network Communications
SSH2
18. Privilege level that has Global administration capabilities
TCP Intercept
ACL to block telnet
Privilege Level 15
Train Identifier 'T'
19. Dialer List - Routing Maps - Dynamic Routing Protocols - Controlling Remote Access - NAT'ing - Traffic Filtering
Uses for ACLs
no ip http server
L2TP Operating Layer
Distributed Denial of Service Attacks
20. Access - Distribution - Core
Three Layers of Hierarchical Model
Inside Global Address
IPSec AH Operating Layer
TCP/UDP Discard Vulnerability
21. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet
no cdp run
IP Spoofing
BOOTP
TLS/SSL Identifier
22. Service Provider
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
23. Provides confidentiality - so it cannot be read by unauthorized parties
HTTP Tunneling
Encrypting Traffic
TCP/UDP Discard Vulnerability
Syntax for Reflexive ACLs
24. Attack that involves sending a large amount of UDP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet
Outside Local Address
Train Identifier 'B'
Fraggle Attack
Land Attack
25. Allows packets to be filtered based on upper-layer session information - only uses extended temporary ACL's and must be named - applied on border routers
Reflexive ACL
Encapsulation Security Payload (ESP)
uRPF Strength
Requirements for Reflexive TCP to be removed
26. Command used to disable NTP on an interface
ntp disable
Train Identifier 'B'
Encrypting Traffic
Named ACL
27. Helps to mitigate problems that are caused by the introduction of malformed or spoofed IP source addresses into a network by discarding packets lacking a verifiable IP source address
Networks
Overloading
inger Server
Unicast Reverse-Path Forwarding (uRPF)
28. DENY IP <Network ID> <Network WC Mask> ANY
ACL to block spoofed IPs
Local Addresses
Networks
Layer 2 Tunneling Protocol (L2TP)
29. Software that blocks packets from unreachable hosts - thus allowing only reachable external hosts to initiate connections to a host on an internal network
Access Layer
SNMP Vulnerabilities
TCP Intercept
TCP SYN Attack
30. 2000-2699
ACL to block TCP SYN Attack
Extended IP ACLs
Lower IP Extended ACL Range
syslog
31. Router threat that includes manipulating router updates to cause traffic to flow to unauthorized destinations
IP Direct Broadcast Vulnerabilties
Second Part of IOS Version
Route Injection Attack
SSH1
32. The environment - catastrophic events an unauthorized access
Established Line
no cdp run
Three Physical Security Vulnerabilities
Tunneling
33. 1300-1999
IP Spoofing
Tunnel Mode
Higher IP Standard ACL Range
Inside
34. Refers to the addresses on the public internet
IP Source Routing Vulnerabilities
Outside
HTTP Tunneling
IP Directed Broadcast
35. DENY IP 127.0.0.0 0.255.255.255 ANY
HTTP Identifier
ACL to block incoming loopback packets
Higher IP Extended ACL Range
Fraggle Attack
36. ESP - SSH - SSL/TLP
ACL to block telnet
Train Identifier 'S'
Train Idenifier 'E'
Encrypted Tunneling Methods
37. Permits a host on one LAN segment to initiate a physical broadcast on a different LAN segment
ACL to block telnet
IP Directed Broadcast
Authentication Header (AH)
no ip finger - no service finger
38. Breaks LAN security perimeter extends LAN to Layer 2
no ip finger - no service finger
Proxy ARP Vulnerabilities
Flags used by Established Line
ACL to block a Land Attack
39. Router to Router Denial of Service
ACL to block a Land Attack
Two Protocols of Tunnel Mode
Extended IP ACLs
TCP/UDP Echo Vulnerability
40. TCP Port 80
no ip finger - no service finger
General Format of Cisco IOS Version
Uses for ACLs
HTTP Identifier
41. Command used to disable HTTP Server
no ip http server
Lower IP Extended ACL Range
Uses for ACLs
Three Layers of Hierarchical Model
42. Transport and Tunnel
TCP Load Distribution
TCP/UDP Echo Vulnerability
Two Modes of IPSec
SSH Operating Layer
43. Accounts without passwords - Type 7 encryption - account privilege higher than 1 - able to be fingered
Extended ACL format
User Account Vulnerabilites
Fraggle Attack
SNMP Trap
44. Smurf attacks - can enumerate the network
Boot Network Vulnerabilities
uRPF Strength
Dynamic NAT
IP Direct Broadcast Vulnerabilties
45. Router threat that involves the unauthorized viewing and collection of network traffic; usually accomplished with a packet sniffing program
SSH1
TCP Intercept Watch Mode
Session Hijacking
Eavesdropping and Information Theft
46. Layer 7
L2TP Identifier
GRE Identifier
Named ACL Format
SSH Operating Layer
47. None - uses attached application protocol's port
no ip bootp server
General Format of Cisco IOS Version
TLS/SSL Identifier
TCP/UDP Echo Vulnerability
48. Datagram protocol used by some hosts to load their operating system over the network via a central repository of IOS software
Established Line
BOOTP
Three Physical Security Vulnerabilities
Rerouting
49. Routing mode depended on by uRPF in order to function
Cisco Express Forwarding (CEF)
IP Unreachable Vulnerabilities
Three Physical Security Vulnerabilities
Proxy ARP Vulnerabilities
50. What Local and Global refer to in NAT
Outside Local Address
Sixth (Optional) Part of the IOS Version
Networks
Inside
