SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Uses only host keys to authenticate systems
Transport Mode
SSH2
Requirements for Reflexive TCP to be removed
Networks
2. Privilege levels that can have passwords assigned to them
Distribution Layer
Privilege Levels 2-13
Privilege Level 1
Inside
3. Refers to the organization's private network
Masquerading
GRE Operating Layer
Networks
Inside
4. Ip accesslist extended <name1> - permit IP any any reflect <filename> - ip accesslist extended <name2> - evaluate <filename> - int f0/0 - ip access-group <name1> out - ip access-group <name2> in
Host-to-Host Communications
Syntax for Reflexive ACLs
Common uses of Access Lists
Network-to-Network Communications
5. Accounts without passwords - Type 7 encryption - account privilege higher than 1 - able to be fingered
Telnet - HTTP - SNMP Vulnerability
Outside Local Address
ESP Operating Layer
User Account Vulnerabilites
6. Command used to disable the ICMP message Host Unreachable
Land Attack
no ip unreachable
TLS/SSL Layer
IPSec AH Operating Layer
7. Interim Build Number
Fourth Part of the IOS Version
HTTP Operating Layer
L2TP Operating Layer
Internet Protocol Security (IPSec)
8. 1300-1999
Extended ACL format
Proxy ARP
Authentication Header (AH)
Higher IP Standard ACL Range
9. Attack that involves sending a large amount of UDP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet
Standard ACL format
ESP Identifier
Fraggle Attack
Sixth (Optional) Part of the IOS Version
10. DNS Poisoning
TCP SYN Attack
Three Physical Security Vulnerabilities
Denial of Service (DoS)
DNS Lookup Vulnerability
11. Attack that involves transmitting a volume of connections that cannot be completed at the destination - causing the queue to fill up and denying service to legitimate user
TCP SYN Attack
Smurf Attack
SSH2
Access Layer
12. Commands to disable Finger Server
no ip finger - no service finger
SSH Identifier
syslog
Privilege Levels 2-13
13. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet
Privilege Levels 2-13
Finger Vulnerabilities
BOOTP
IP Spoofing
14. DENY IP 127.0.0.0 0.255.255.255 ANY
Standard ACL format
IPSec AH Identifier
ACL to block incoming loopback packets
Land Attack
15. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet
Tunneling
Masquerading
uRPF Strength
Network Address Translation (NAT)
16. Attack that involves a multitude of compromised system attack a single target - denying service to it by exploiting one 'master' system that communicates with other 'zombie' systems
Fourth Part of the IOS Version
Inside
Distributed Denial of Service Attacks
Smurf Attack
17. Two - one Inbound or Evaluated and one Outbound or Reflected
SNMP
Minimum ACLs Required for Reflexive ACLs
Host-to-Host Communications
SNMP Vulnerabilities
18. Router threat that refers to willful attempts to cause such disruptions by overwhelming the targeted system with improperly formatted traffic
First Part of IOS Version
Denial of Service (DoS)
ntp disable
Two Types of Router Access
19. Attack that involves sending a large amount of ICMP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet
Smurf Attack
IP Source Routing
Tunneling
SSH
20. Command used to disable the ICMP message Redirect
Network-to-Network Communications
no ip redirect
Train Idenifier 'E'
Devices
21. Tunnel Mode Protocol provides confidentiality - along with authentication and integrity protection with encryption
SSH Identifier
ACL to block telnet
Encapsulation Security Payload (ESP)
TCP/UDP Daytime Vulnerability
22. Release Number
Third Part of the IOS Version
Three Layers of Hierarchical Model
login local
ESP Identifier
23. Protects against repeating of secure sessions
Two Modes of IPSec
SSH1
Anti-Replay
HTTPS Strength
24. Command to disable CDP on a router
no cdp run
NTP Vulnerabilities
Distributed Denial of Service Attacks
Train Identifier 'B'
25. Uses SSL port 443
ACL to block incoming loopback packets
Tunneling
HTTPS Strength
First Part of IOS Version
26. TCP Port 80
HTTP Vulnerability
Outside
HTTP Identifier
Privilege Levels 2-13
27. Plaintext
Telnet - HTTP - SNMP Vulnerability
Boot Network Vulnerabilities
ESP Operating Layer
Route Injection Attack
28. Refers to addresses used on the organization's private network
Three Layers of Hierarchical Model
no ip unreachable
Global Addresses
Two Protocols of Tunnel Mode
29. 0x33 or 51
IPSec AH Identifier
ACL to block a Smurf Attack or Fraggle Attack
Denial of Service (DoS)
Outside
30. UDP Port 514
TCP Intercept Watch Mode
IP Source Routing
Distribution Layer
syslog
31. Minor Version
Two Protocols of Tunnel Mode
Second Part of IOS Version
Authentication Header (AH)
no service udp-small-servers
32. Layer 3
Extended ACL format
Extended IP ACLs
Inside Local Address
IPSec AH Operating Layer
33. Router to Router Denial of Service
IP Mask Reply Vulnerabilities
IP Spoofing
Privilege Levels 2-13
TCP/UDP Echo Vulnerability
34. Refers to the addresses on the public internet
Uses for ACLs
Outside
IP Spoofing
SSH2
35. Provides confidentiality - so it cannot be read by unauthorized parties
ACL to block a Smurf Attack or Fraggle Attack
GRE Identifier
Encrypting Traffic
IP Source Routing Vulnerabilities
36. This server is used for querying a host about its logged in users
inger Server
no ip bootp server
Unicast Reverse-Path Forwarding (uRPF)
Train Identifier 'S'
37. Can discover vulnerabilities - network stats - and firewall discovery
Train Identifier 'S'
TCP SYN Attack
Smurf Attack
IP Unreachable Vulnerabilities
38. Access-list <number> <deny | permit> source source-wildcard log
HTTP Tunneling
syslog
uRPF Strength
Standard ACL format
39. Cisco default tunneling protocol that uses multicast addressing without encryption and is designed to encapsulate a wide variety of network layer packets inside IP tunneling packets
Named ACL
Host-to-Host Communications
Generic Routing Encapsulation (GRE)
Syntax for Reflexive ACLs
40. Ip access-list <standard | extended> name - permit TCP any any established
Rerouting
Distribution Layer
Privilege Level 15
Named ACL Format
41. ESP - SSH - SSL/TLP
Privilege Level 0
ACL to block IP multicast
Encrypted Tunneling Methods
Inside Global Address
42. Attack that involves sending a packet to the router with the same IP address in the source and destination address fields - as well as the same port number in the source and destination port field - causing a denial of service
Second Part of IOS Version
CDP Vulnerabilities
Established Line
Land Attack
43. Dialer List - Routing Maps - Dynamic Routing Protocols - Controlling Remote Access - NAT'ing - Traffic Filtering
Uses for ACLs
TCP/UDP Chargen Vulnerability
Encapsulation Security Payload (ESP)
Standard ACL format
44. Provides a checksum - ensuring traffic has not been modified along it's path
Integrity Validation
Two Protocols of Tunnel Mode
IP Source Routing
Anti-Replay
45. Users - Host PC's - IP Addresses
SNMP Vulnerabilities
Host-to-Host Communications
Finger Vulnerabilities
ACL to block TCP SYN Attack
46. Public IP address after translation
Outside Global Address
Secure Shell (SSH)
Lower IP Standard ACL Range
SSH Operating Layer
47. Router threat that involves the unauthorized viewing and collection of network traffic; usually accomplished with a packet sniffing program
Eavesdropping and Information Theft
Standard ACL format
Authentication Header (AH)
IP Source Routing Vulnerabilities
48. War dialing
TCP/UDP Daytime Vulnerability
SSH2
IPSec AH Operating Layer
AUX Vulnerability
49. Access - Distribution - Core
Three Layers of Hierarchical Model
Local Addresses
TCP/UDP Daytime Vulnerability
Extended ACL format
50. Top of the hierarchy - responsible for transporting large amounts of traffic both reliably and quickly and switching traffic as fast as possible throughout the internet
SSH Identifier
Named ACL Format
IP Directed Broadcast
Core Layer
