SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Major Version
Proxy ARP Vulnerabilities
Privilege Levels 2-13
First Part of IOS Version
TCP/UDP Chargen Vulnerability
2. The communication layer between the two other layers and provides network security - including ACLs - firewalls - any general public access servers and address translation; also known as the isolation LAN or DMZ
Access Layer
BOOTP
Distribution Layer
Privilege Levels 2-13
3. Cisco default tunneling protocol that uses multicast addressing without encryption and is designed to encapsulate a wide variety of network layer packets inside IP tunneling packets
Generic Routing Encapsulation (GRE)
Encrypted Tunneling Methods
Train Idenifier 'E'
Secure Shell (SSH)
4. Allows packets to be filtered based on upper-layer session information - only uses extended temporary ACL's and must be named - applied on border routers
Reflexive ACL
BOOTP
IP Direct Broadcast Vulnerabilties
Unicast Reverse-Path Forwarding (uRPF)
5. An extension of static mapping which allows for one global address to be mapped to multiple inside addresses; can be used for websites with multiple back end servers
Distribution Layer
Outside Global Address
Local Addresses
TCP Load Distribution
6. A method of bypassing firewall or proxy restrictions by making the firewall think that it is getting traffic from a web browser
IPSec AH Identifier
Uses for ACLs
Established Line
HTTP Tunneling
7. Can stop spoofed IP addresses
BOOTP Vulnerabilities
TCP Load Distribution
uRPF Strength
TCP Intercept Watch Mode
8. Access - Distribution - Core
Network Time Protocol (NTP)
Named ACL Format
Three Layers of Hierarchical Model
Finger Vulnerabilities
9. DENY IP 127.0.0.0 0.255.255.255 ANY
ACL to block incoming loopback packets
Outside
Inside Local Address
Denial of Service (DoS)
10. Geolocational positioning
TCP/UDP Daytime Vulnerability
Train Idenifier 'E'
ESP Operating Layer
Reflexive ACL
11. Provides a checksum - ensuring traffic has not been modified along it's path
Boot Network
no ip mask-reply
Integrity Validation
Static NAT
12. Privilege levels that can have passwords assigned to them
Fifth Part of the IOS Version
Privilege Levels 2-13
Flags used by Established Line
Proxy ARP Vulnerabilities
13. Command used to disable the ICMP message Host Unreachable
no ip unreachable
Two Modes of IPSec
SSH
Boot Network
14. Smurf attacks - can enumerate the network
IP Direct Broadcast Vulnerabilties
User Account Vulnerabilites
ESP Identifier
Host-to-Host Communications
15. Local IP address before translation
Inside Local Address
TCP/UDP Daytime Vulnerability
Encrypted Tunneling Methods
Three Physical Security Vulnerabilities
16. PERMIT TCP ANY ANY ESTABLISHED
Privilege Levels 2-13
ACL to block TCP SYN Attack
IP Unreachable Vulnerabilities
Access Layer
17. Mode where only the payload of the IP packet is encrypted and/or authenticated
Transport Mode
Cisco Discovery Protocol (CDP)
BOOTP
Fraggle Attack
18. Uses SSL port 443
Secure Shell (SSH)
Two Modes of IPSec
Inside
HTTPS Strength
19. The host can specify which route to take - which bypasses security
IP Source Routing Vulnerabilities
TCP Intercept Watch Mode
TLS/SSL Layer
UDP Traceroute Port Range
20. Service Provider
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
21. ESP - SSH - SSL/TLP
Two Types of Router Access
Encrypted Tunneling Methods
no ip mask-reply
Uses for ACLs
22. When one network protocol called the payload protocol is encapsulated within a different delivery network - or provide a secure path through an untrusted network
IP Spoofing
Standard IP ACLs
Tunneling
DNS Lookup Vulnerability
23. Routing mode depended on by uRPF in order to function
ntp disable
Cisco Express Forwarding (CEF)
Syntax for Reflexive ACLs
Unauthorized Access
24. Local and Remote
Two Types of Router Access
Train Idenifier 'E'
no ip http server
Second Part of IOS Version
25. These ACLs filter by network or host IP addresses andspecific protocol type or port numbers - filters by source and destination
Extended IP ACLs
IP Mask Reply Vulnerabilities
Second Part of IOS Version
NTP Vulnerabilities
26. Authentication Header (AH) and Encapsulated Security Payload (ESP)
ACL to block incoming loopback packets
Privilege Level 15
login local
Two Protocols of Tunnel Mode
27. Mode where the entire packet is encrypted and/or authenticated - requiring a new IP packet to be encapsulated
SNMP
Lower IP Extended ACL Range
Tunnel Mode
ntp disable
28. Also known as Configuration Auto-Loading - allows routers to load their startup configuration from the network
ACL to block TCP SYN Attack
Outside Local Address
Boot Network
Syntax for Reflexive ACLs
29. Layer 3
Train Identifier 'T'
GRE Operating Layer
Layer 2 Tunneling Protocol (L2TP)
IPSec AH Identifier
30. Rewrites the and/or destination IP address of IP packets as they pass through a router or firewall from private to public addresses
Secure Shell (SSH)
Second Part of IOS Version
ACL to block IP multicast
Network Address Translation (NAT)
31. Device - Hostname - IOS - IP Address - Ports - Model
SNMP Trap
CDP Vulnerabilities
Encrypting Traffic
Fourth Part of the IOS Version
32. Ip accesslist extended <name1> - permit IP any any reflect <filename> - ip accesslist extended <name2> - evaluate <filename> - int f0/0 - ip access-group <name1> out - ip access-group <name2> in
Networks
Proxy ARP Vulnerabilities
Two Protocols of Tunnel Mode
Syntax for Reflexive ACLs
33. Top of the hierarchy - responsible for transporting large amounts of traffic both reliably and quickly and switching traffic as fast as possible throughout the internet
Core Layer
Extended IP ACLs
BOOTP Vulnerabilities
Encrypting Traffic
34. A suite of protocols for securing Internet Protocol communications by authenticating and/or encrypting each IP packet in a data stream
Transport Mode
Three Layers of Hierarchical Model
Internet Protocol Security (IPSec)
IP Direct Broadcast Vulnerabilties
35. Router threat that involves a hacker inserting a spoofed TCP/IP packet into a stream - thereby enabling commands to be executed on the remote host
Distributed Denial of Service Attacks
Session Hijacking
Two Protocols of Tunnel Mode
AUX Vulnerability
36. Broadcast
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
37. Protocol that allows data to be exchanged using a secure channel between two computers via encryption
Secure Shell (SSH)
Fourth Part of the IOS Version
IP Source Routing
Privilege Levels 2-13
38. Data link layer protocol used for tunneling network traffic between two peers over an existing network - often used with IPsec to secure packets
Tunnel Mode
HTTP Operating Layer
Layer 2 Tunneling Protocol (L2TP)
uRPF Strength
39. 0x2F - or 47
GRE Identifier
no ip unreachable
User Account Vulnerabilites
Encapsulation Security Payload (ESP)
40. Access-list <number> <deny | permit> source source-wildcard log
Dynamic NAT
no cdp run
Standard ACL format
Session Hijacking
41. Layer 3
no service udp-small-servers
ESP Operating Layer
Tunneling
Third Part of the IOS Version
42. UDP Port 514
no service udp-small-servers
syslog
L2TP Identifier
Inside Local Address
43. 33400-34400
Overloading
UDP Traceroute Port Range
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
ACL to block a Land Attack
44. Provides confidentiality - so it cannot be read by unauthorized parties
L2TP Operating Layer
Encrypting Traffic
Two Modes of IPSec
Overloading
45. Refers to addresses used on the organization's private network
Cisco Discovery Protocol (CDP)
inger Server
TCP/UDP Echo Vulnerability
Global Addresses
46. Privilege level that is restricted to basic level operations
Telnet - HTTP - SNMP Vulnerability
Privilege Level 1
Sixth (Optional) Part of the IOS Version
Common uses of Access Lists
47. TCP only - used to filter inbound traffic while allowing return TCP sessions - can be spoofed by attackers and cannot be used with Active FTP
Two Protocols of Tunnel Mode
Established Line
Sixth (Optional) Part of the IOS Version
CDP Vulnerabilities
48. Plaintext
IP Spoofing
Encrypted Tunneling Methods
Inside Local Address
Telnet - HTTP - SNMP Vulnerability
49. Tunnel Mode Protocol provides confidentiality - along with authentication and integrity protection with encryption
Outside
Three Layers of Hierarchical Model
UDP Traceroute Port Range
Encapsulation Security Payload (ESP)
50. DENY IP 224.0.0.0 15.255.255.255 ANY
ACL to block IP multicast
IPSec AH Identifier
Inside Local Address
Network Time Protocol (NTP)
