SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Datagram protocol used by some hosts to load their operating system over the network via a central repository of IOS software
syslog
BOOTP
Fifth Part of the IOS Version
Static NAT
2. Can copy - poison - corrupt - or delete the IOS
SSH Identifier
Encrypted Tunneling Methods
SNMP Vulnerabilities
BOOTP Vulnerabilities
3. Privilege level that has Global administration capabilities
ACL to block a Smurf Attack or Fraggle Attack
IP Directed Broadcast
Privilege Level 15
Inside Global Address
4. Release Number
Standard IP ACLs
Third Part of the IOS Version
Fourth Part of the IOS Version
Network Address Translation (NAT)
5. TCP and UDP Port 161
SNMP
Smurf Attack
Finger Vulnerabilities
Generic Routing Encapsulation (GRE)
6. Layer 3
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
ESP Operating Layer
no ip mask-reply
Static NAT
7. These ACLs filter by network or host IP addresses andspecific protocol type or port numbers - filters by source and destination
Extended IP ACLs
Outside
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
HTTP Identifier
8. ACK and RST
TCP/UDP Chargen Vulnerability
Flags used by Established Line
HTTP Operating Layer
Layer 2 Tunneling Protocol (L2TP)
9. 2000-2699
Lower IP Extended ACL Range
Two Protocols of Tunnel Mode
Route Injection Attack
Core Layer
10. ESP - SSH - SSL/TLP
Encrypted Tunneling Methods
Extended ACL format
Outside Local Address
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
11. Can obtain CIDR and router ID
IP Mask Reply Vulnerabilities
Lower IP Standard ACL Range
ACL to block incoming loopback packets
Dynamic NAT
12. Router threat where access by an entity or individual other than authorized users
Unauthorized Access
IP Mask Reply Vulnerabilities
Access Layer
Proxy ARP
13. Four TCP/UDP Small Server commands recommended to disable
Train Identifier 'B'
echo - chargen - discard - daytime
NTP Vulnerabilities
TCP SYN Attack
14. Router threat that refers to willful attempts to cause such disruptions by overwhelming the targeted system with improperly formatted traffic
SSH Identifier
Inside
Denial of Service (DoS)
ACL to block spoofed IPs
15. Tunnel Mode Protocol provides confidentiality - along with authentication and integrity protection with encryption
IP Directed Broadcast
Eavesdropping and Information Theft
Encapsulation Security Payload (ESP)
TCP Load Distribution
16. Layer 3
Networks
SSH
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
IPSec AH Operating Layer
17. Local and Remote
Core Layer
User Account Vulnerabilites
Two Types of Router Access
syslog
18. Permits a host on one LAN segment to initiate a physical broadcast on a different LAN segment
TCP/UDP Discard Vulnerability
HTTP Tunneling
IP Directed Broadcast
Telnet - HTTP - SNMP Vulnerability
19. PERMIT TCP ANY ANY ESTABLISHED
Sixth (Optional) Part of the IOS Version
ACL to block TCP SYN Attack
Fraggle Attack
Encapsulation Security Payload (ESP)
20. Top of the hierarchy - responsible for transporting large amounts of traffic both reliably and quickly and switching traffic as fast as possible throughout the internet
TCP/UDP Discard Vulnerability
Networks
Tunneling
Core Layer
21. Major Version - Minor Version - Release - Interim Build - Release Train Identifier
Third Part of the IOS Version
Authentication Header (AH)
HTTP Operating Layer
General Format of Cisco IOS Version
22. Block spoofed IP packets - block loopback packets - block IP multicast if unused - block ICMP redirects - Block telnet if not used
Common uses of Access Lists
Uses for ACLs
Fourth Part of the IOS Version
Privilege Level 1
23. Public IP address before translation
HTTP Identifier
Outside Local Address
Two Modes of IPSec
Inside Global Address
24. DENY IP ANY HOST <Broadcast Address>
Two Protocols of Tunnel Mode
ACL to block IP multicast
Privilege Level 0
ACL to block a Smurf Attack or Fraggle Attack
25. Mode where the entire packet is encrypted and/or authenticated - requiring a new IP packet to be encapsulated
ACL to block a Smurf Attack or Fraggle Attack
Tunnel Mode
SNMP
TCP SYN Attack
26. TCP only - used to filter inbound traffic while allowing return TCP sessions - can be spoofed by attackers and cannot be used with Active FTP
Three Physical Security Vulnerabilities
Established Line
ACL to block IP multicast
SNMP Trap
27. 33400-34400
Fraggle Attack
Session Hijacking
TCP/UDP Daytime Vulnerability
UDP Traceroute Port Range
28. 1300-1999
Smurf Attack
Authenticating Peers
Higher IP Standard ACL Range
AUX Vulnerability
29. Command to disable UDP small server on a router
BOOTP Vulnerabilities
TCP Intercept Watch Mode
no service udp-small-servers
L2TP Identifier
30. Plaintext
TLS/SSL Layer
SSH1
Inside Global Address
Telnet - HTTP - SNMP Vulnerability
31. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet
Global Addresses
Standard IP ACLs
IP Spoofing
Smurf Attack
32. Provides a checksum - ensuring traffic has not been modified along it's path
Integrity Validation
no ip unreachable
TCP Load Distribution
inger Server
33. Cisco default tunneling protocol that uses multicast addressing without encryption and is designed to encapsulate a wide variety of network layer packets inside IP tunneling packets
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
Authenticating Peers
Higher IP Standard ACL Range
Generic Routing Encapsulation (GRE)
34. Form of dynamic NAT that maps multiple unregistered IP addresses to a single registered IP address by using different ports; limited to ~64 -000 hosts
Flags used by Established Line
IP Spoofing
Overloading
GRE Identifier
35. Access-list <number> <deny | permit> source source-wildcard log
Higher IP Extended ACL Range
Standard ACL format
TCP Intercept
BOOTP
36. None - uses attach application protocol's layer
Uses for ACLs
TCP Intercept Watch Mode
no cdp run
TLS/SSL Layer
37. The communication layer between the two other layers and provides network security - including ACLs - firewalls - any general public access servers and address translation; also known as the isolation LAN or DMZ
ESP Identifier
Devices
Distribution Layer
Fourth Part of the IOS Version
38. Attack that involves transmitting a volume of connections that cannot be completed at the destination - causing the queue to fill up and denying service to legitimate user
IP Source Routing
BOOTP
TCP SYN Attack
Encrypting Traffic
39. TCP Port 22
SSH Identifier
User Account Vulnerabilites
Extended IP ACLs
Boot Network
40. Router to Router Denial of Service
Boot Network Vulnerabilities
Generic Routing Encapsulation (GRE)
TCP/UDP Echo Vulnerability
Boot Network
41. Allows for a one-to-one translation of local to global addresses; used by web servers and mail servers so that users can connect to them via their global address
TCP/UDP Chargen Vulnerability
Network Time Protocol (NTP)
Static NAT
no ip finger - no service finger
42. These ACLs filter by network or host IP address and only filter on source
Standard IP ACLs
Two Protocols of Tunnel Mode
uRPF Strength
echo - chargen - discard - daytime
43. An extension of static mapping which allows for one global address to be mapped to multiple inside addresses; can be used for websites with multiple back end servers
Anti-Replay
Outside
TCP Load Distribution
Cisco Express Forwarding (CEF)
44. Tunnel Mode Protocol provides integrity - authentication - and non-repudiation and operates directly on top of IP
Two Modes of IPSec
ACL to block spoofed IPs
Authentication Header (AH)
Two Types of Router Access
45. Refers to addresses used on the organization's private network
Minimum ACLs Required for Reflexive ACLs
Higher IP Extended ACL Range
Local Addresses
Tunneling
46. 0x33 or 51
IPSec AH Identifier
Finger Vulnerabilities
Extended IP ACLs
Tunneling
47. Can stop spoofed IP addresses
uRPF Strength
Layer 2 Tunneling Protocol (L2TP)
Eavesdropping and Information Theft
Session Hijacking
48. Broadcast
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
49. Uses only host keys to authenticate systems
Privilege Level 1
SSH2
Proxy ARP
Syntax for Reflexive ACLs
50. Service Provider
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
