SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Dialer List - Routing Maps - Dynamic Routing Protocols - Controlling Remote Access - NAT'ing - Traffic Filtering
Integrity Validation
Uses for ACLs
Two Modes of IPSec
Boot Network Vulnerabilities
2. Can copy - poison - corrupt - or delete the IOS
Higher IP Standard ACL Range
IP Source Routing
BOOTP Vulnerabilities
Three Layers of Hierarchical Model
3. Attack that involves sending a large amount of ICMP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet
Privilege Level 0
no ip mask-reply
Smurf Attack
UDP Traceroute Port Range
4. An extension of static mapping which allows for one global address to be mapped to multiple inside addresses; can be used for websites with multiple back end servers
General Format of Cisco IOS Version
Smurf Attack
TCP Load Distribution
Reflexive ACL
5. 2000-2699
Cisco Express Forwarding (CEF)
Lower IP Extended ACL Range
Transport Mode
Privilege Level 0
6. Attack that involves sending a packet to the router with the same IP address in the source and destination address fields - as well as the same port number in the source and destination port field - causing a denial of service
Land Attack
Extended ACL format
IP Direct Broadcast Vulnerabilties
TCP Intercept Watch Mode
7. Lists interfaces - routing table - ARP table - physical and network addresses - time last booted
Outside
echo - chargen - discard - daytime
Higher IP Extended ACL Range
SNMP Vulnerabilities
8. Mode where the entire packet is encrypted and/or authenticated - requiring a new IP packet to be encapsulated
Uses for ACLs
Outside Global Address
Tunnel Mode
IP Directed Broadcast
9. Router to Router Denial of Service
TCP/UDP Echo Vulnerability
Established Line
GRE Identifier
Network Time Protocol (NTP)
10. Plaintext
Telnet - HTTP - SNMP Vulnerability
HTTP Operating Layer
Train Idenifier 'E'
Train Identifier 'B'
11. Command to disable CDP on a router
Fifth Part of the IOS Version
no cdp run
IP Spoofing
Global Addresses
12. Provides a checksum - ensuring traffic has not been modified along it's path
Integrity Validation
Tunneling
IP Source Routing
Second Part of IOS Version
13. Ip accesslist extended <name1> - permit IP any any reflect <filename> - ip accesslist extended <name2> - evaluate <filename> - int f0/0 - ip access-group <name1> out - ip access-group <name2> in
Syntax for Reflexive ACLs
HTTP Tunneling
TCP Intercept
Cisco Express Forwarding (CEF)
14. Layer 3
Syntax for Reflexive ACLs
ESP Operating Layer
Generic Routing Encapsulation (GRE)
SNMP Vulnerabilities
15. Local and Remote
Two Types of Router Access
Two Protocols of Tunnel Mode
Boot Network
no cdp run
16. What Transport Mode is used for
ACL to block TCP SYN Attack
Access List Rules
Host-to-Host Communications
General Format of Cisco IOS Version
17. Command to disable UDP small server on a router
no service udp-small-servers
Host-to-Host Communications
TCP/UDP Echo Vulnerability
TCP SYN Attack
18. Software that passively monitors the connection requests flowing through the router; if a connection fails - the software sends a Reset to the server to clear up its state
Outside Global Address
Train Identifier 'B'
TCP Intercept Watch Mode
Train Identifier 'T'
19. Device - Hostname - IOS - IP Address - Ports - Model
L2TP Identifier
TCP/UDP Echo Vulnerability
Extended ACL format
CDP Vulnerabilities
20. Allows the source IP host to specify a route through the IP network
Flags used by Established Line
Overloading
Established Line
IP Source Routing
21. Protects against repeating of secure sessions
Layer 2 Tunneling Protocol (L2TP)
Lower IP Extended ACL Range
Outside
Anti-Replay
22. Minor Version
Second Part of IOS Version
no cdp run
SNMP Trap
Authenticating Peers
23. Router threat that refers to willful attempts to cause such disruptions by overwhelming the targeted system with improperly formatted traffic
Cisco Discovery Protocol (CDP)
Local Addresses
Denial of Service (DoS)
SNMP
24. Uses only host keys to authenticate systems
SSH Operating Layer
SSH2
TCP/UDP Discard Vulnerability
Boot Network Vulnerabilities
25. Two FIN bits or one RST bit
TCP Load Distribution
Requirements for Reflexive TCP to be removed
SSH Operating Layer
AUX Vulnerability
26. Form of dynamic NAT that maps multiple unregistered IP addresses to a single registered IP address by using different ports; limited to ~64 -000 hosts
inger Server
Network-to-Network Communications
Overloading
Second Part of IOS Version
27. A suite of protocols for securing Internet Protocol communications by authenticating and/or encrypting each IP packet in a data stream
Internet Protocol Security (IPSec)
Overloading
no ip mask-reply
Train Identifier 'T'
28. Permits a host on one LAN segment to initiate a physical broadcast on a different LAN segment
Secure Shell (SSH)
IP Directed Broadcast
Lower IP Standard ACL Range
Boot Network
29. Cryptographic protocols that provide secure communications on the Internet for such thing as WWW - email - faxing - IM - and other data transfers
inger Server
SNMP
TCP Intercept Watch Mode
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
30. Smurf attacks - can enumerate the network
Denial of Service (DoS)
Local Addresses
IP Direct Broadcast Vulnerabilties
Proxy ARP
31. Datagram protocol used by some hosts to load their operating system over the network via a central repository of IOS software
BOOTP
Two Protocols of Tunnel Mode
Train Identifier 'S'
Fifth Part of the IOS Version
32. Software that blocks packets from unreachable hosts - thus allowing only reachable external hosts to initiate connections to a host on an internal network
TCP Intercept
Tunnel Mode
Eavesdropping and Information Theft
TLS/SSL Layer
33. Enterprise
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
34. DENY TCP ANY HOST <IP Address> EQ 23
Privilege Levels 2-13
ESP Operating Layer
ACL to block telnet
Route Injection Attack
35. Rewrites the and/or destination IP address of IP packets as they pass through a router or firewall from private to public addresses
ACL to block a Land Attack
Network Address Translation (NAT)
TLS/SSL Layer
Overloading
36. Routing mode depended on by uRPF in order to function
Cisco Express Forwarding (CEF)
SSH2
Static NAT
Second Part of IOS Version
37. Privilege levels that can have passwords assigned to them
Encrypted Tunneling Methods
Privilege Levels 2-13
no ip unreachable
Inside Global Address
38. Transport and Tunnel
Static NAT
Two Modes of IPSec
Two Protocols of Tunnel Mode
Tunneling
39. Can obtain CIDR and router ID
Network Time Protocol (NTP)
Authentication Header (AH)
Outside
IP Mask Reply Vulnerabilities
40. None - uses attached application protocol's port
TLS/SSL Identifier
NTP Vulnerabilities
Session Hijacking
Distribution Layer
41. Allows for a one-to-one translation of local to global addresses; used by web servers and mail servers so that users can connect to them via their global address
DNS Lookup Vulnerability
AUX Vulnerability
Static NAT
First Part of IOS Version
42. Protocol that allows data to be exchanged using a secure channel between two computers via encryption
Secure Shell (SSH)
Fourth Part of the IOS Version
Tunneling
no ip mask-reply
43. What Tunnel Mode is used for
IP Source Routing
Extended IP ACLs
Network-to-Network Communications
Named ACL Format
44. Access - Distribution - Core
Distributed Denial of Service Attacks
Requirements for Reflexive TCP to be removed
Extended ACL format
Three Layers of Hierarchical Model
45. Private IP address after translation
Inside Global Address
Access List Rules
uRPF Strength
Cisco Express Forwarding (CEF)
46. What Inside and Outside refer to in NAT
SSH
Devices
HTTPS Strength
Route Injection Attack
47. No Known Vulnerability
Telnet - HTTP - SNMP Vulnerability
ACL to block telnet
TCP/UDP Discard Vulnerability
Networks
48. Provides confidentiality - so it cannot be read by unauthorized parties
Privilege Levels 2-13
Two Protocols of Tunnel Mode
Encrypting Traffic
Rerouting
49. Accounts without passwords - Type 7 encryption - account privilege higher than 1 - able to be fingered
Third Part of the IOS Version
Session Hijacking
User Account Vulnerabilites
Tunnel Mode
50. Command used to disable the ICMP message Redirect
HTTP Tunneling
TCP/UDP Discard Vulnerability
Two Modes of IPSec
no ip redirect