SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Cisco default tunneling protocol that uses multicast addressing without encryption and is designed to encapsulate a wide variety of network layer packets inside IP tunneling packets
ESP Operating Layer
SNMP Vulnerabilities
Unicast Reverse-Path Forwarding (uRPF)
Generic Routing Encapsulation (GRE)
2. Can discover vulnerabilities - network stats - and firewall discovery
Train Identifier 'B'
IP Unreachable Vulnerabilities
Access List Rules
Fourth Part of the IOS Version
3. Major Version - Minor Version - Release - Interim Build - Release Train Identifier
ACL to block IP multicast
IP Unreachable Vulnerabilities
General Format of Cisco IOS Version
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
4. Can stop spoofed IP addresses
Land Attack
uRPF Strength
Unauthorized Access
IP Source Routing Vulnerabilities
5. Refers to the addresses on the public internet
Outside
Authentication Header (AH)
General Format of Cisco IOS Version
no cdp run
6. Geolocational positioning
no service udp-small-servers
TCP/UDP Daytime Vulnerability
Two Types of Router Access
no ip unreachable
7. Local and Remote
Two Types of Router Access
ACL to block IP multicast
ACL to block TCP SYN Attack
SNMP Trap
8. Local IP address before translation
NTP Vulnerabilities
Inside Local Address
Distribution Layer
Two Protocols of Tunnel Mode
9. Public IP address after translation
Three Layers of Hierarchical Model
ACL to block telnet
ACL to block incoming loopback packets
Outside Global Address
10. 1300-1999
Dynamic NAT
Named ACL
Higher IP Standard ACL Range
Third Part of the IOS Version
11. A secure alternative to telnet for remote administration that supported in Enterprise versions of Cisco IOS
HTTP Operating Layer
Standard ACL format
Access List Rules
SSH
12. Refers to the organization's private network
inger Server
IP Directed Broadcast
IP Spoofing
Inside
13. Router to Router Denial of Service
Route Injection Attack
Boot Network Vulnerabilities
Extended ACL format
TCP/UDP Echo Vulnerability
14. Layer 7
SSH Operating Layer
Proxy ARP Vulnerabilities
no ip redirect
ESP Operating Layer
15. What Local and Global refer to in NAT
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
inger Server
no ip unreachable
Networks
16. Permits a host on one LAN segment to initiate a physical broadcast on a different LAN segment
Inside
Network-to-Network Communications
Tunneling
IP Directed Broadcast
17. Two FIN bits or one RST bit
ACL to block TCP SYN Attack
Requirements for Reflexive TCP to be removed
IP Spoofing
no ip unreachable
18. Minor Version
uRPF Strength
Syntax for Reflexive ACLs
Second Part of IOS Version
L2TP Identifier
19. Privilege level that has Global administration capabilities
Anti-Replay
HTTP Vulnerability
Inside Local Address
Privilege Level 15
20. 2000-2699
login local
no service udp-small-servers
Lower IP Extended ACL Range
Telnet - HTTP - SNMP Vulnerability
21. Tunnel Mode Protocol provides integrity - authentication - and non-repudiation and operates directly on top of IP
Standard ACL format
Authentication Header (AH)
Network Time Protocol (NTP)
HTTP Tunneling
22. The host can specify which route to take - which bypasses security
Host-to-Host Communications
Secure Shell (SSH)
IP Source Routing Vulnerabilities
Smurf Attack
23. Privilege levels that can have passwords assigned to them
SSH2
Privilege Levels 2-13
Privilege Level 1
Network Address Translation (NAT)
24. When one network protocol called the payload protocol is encapsulated within a different delivery network - or provide a secure path through an untrusted network
Inside Local Address
Tunneling
TCP/UDP Chargen Vulnerability
SSH2
25. PERMIT TCP ANY ANY ESTABLISHED
Extended ACL format
Denial of Service (DoS)
IPSec AH Identifier
ACL to block TCP SYN Attack
26. Provides a checksum - ensuring traffic has not been modified along it's path
HTTP Vulnerability
Integrity Validation
no ip mask-reply
Fifth Part of the IOS Version
27. Startup-config can be deleted - copied - changed
ACL to block a Smurf Attack or Fraggle Attack
Two Modes of IPSec
TCP/UDP Daytime Vulnerability
Boot Network Vulnerabilities
28. Allows the source IP host to specify a route through the IP network
Network Time Protocol (NTP)
User Account Vulnerabilites
IPSec AH Operating Layer
IP Source Routing
29. Top of the hierarchy - responsible for transporting large amounts of traffic both reliably and quickly and switching traffic as fast as possible throughout the internet
Core Layer
Lower IP Extended ACL Range
ACL to block TCP SYN Attack
Three Physical Security Vulnerabilities
30. Lists interfaces - routing table - ARP table - physical and network addresses - time last booted
SNMP Vulnerabilities
Unauthorized Access
Finger Vulnerabilities
TCP/UDP Chargen Vulnerability
31. 0x2F - or 47
GRE Identifier
Standard IP ACLs
no ip http server
General Format of Cisco IOS Version
32. Router threat where access by an entity or individual other than authorized users
HTTP Vulnerability
uRPF Strength
TLS/SSL Identifier
Unauthorized Access
33. Layer 5
L2TP Operating Layer
Privilege Level 15
Network-to-Network Communications
ACL to block a Land Attack
34. Technology
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
35. Must be made at global config mode - created from CON/VTY session or text file - read top to bottom - applied at the interface and only one ACL per direction - per protocol - per interface
ESP Identifier
Access List Rules
SSH Operating Layer
Flags used by Established Line
36. Ip access-list <standard | extended> name - permit TCP any any established
IP Mask Reply Vulnerabilities
Proxy ARP
echo - chargen - discard - daytime
Named ACL Format
37. Router threat that includes manipulating router updates to cause traffic to flow to unauthorized destinations
TCP SYN Attack
Standard ACL format
TCP Intercept
Route Injection Attack
38. TCP and UDP Port 162
Global Addresses
Anti-Replay
SNMP Trap
Boot Network Vulnerabilities
39. TCP only - used to filter inbound traffic while allowing return TCP sessions - can be spoofed by attackers and cannot be used with Active FTP
General Format of Cisco IOS Version
Established Line
Lower IP Extended ACL Range
HTTP Identifier
40. Release Train Identifier
Fifth Part of the IOS Version
Static NAT
Minimum ACLs Required for Reflexive ACLs
NTP Vulnerabilities
41. Software that blocks packets from unreachable hosts - thus allowing only reachable external hosts to initiate connections to a host on an internal network
Local Addresses
Established Line
Boot Network
TCP Intercept
42. Command used to disable the ICMP message Redirect
Distributed Denial of Service Attacks
First Part of IOS Version
no ip redirect
Network Time Protocol (NTP)
43. Uses SSL port 443
HTTPS Strength
Host-to-Host Communications
Uses for ACLs
no ip unreachable
44. The communication layer between the two other layers and provides network security - including ACLs - firewalls - any general public access servers and address translation; also known as the isolation LAN or DMZ
Distribution Layer
Train Idenifier 'E'
Established Line
IP Unreachable Vulnerabilities
45. Router threat that involves a hacker inserting a spoofed TCP/IP packet into a stream - thereby enabling commands to be executed on the remote host
Session Hijacking
L2TP Operating Layer
ACL to block spoofed IPs
ACL to block telnet
46. 0-99
Lower IP Extended ACL Range
Lower IP Standard ACL Range
Overloading
login local
47. Provides confidentiality - so it cannot be read by unauthorized parties
Distributed Denial of Service Attacks
Access List Rules
Privilege Level 15
Encrypting Traffic
48. UDP Port 514
syslog
Outside
Standard IP ACLs
no ip mask-reply
49. A suite of protocols for securing Internet Protocol communications by authenticating and/or encrypting each IP packet in a data stream
Internet Protocol Security (IPSec)
SNMP Vulnerabilities
Named ACL Format
Masquerading
50. Layer 3
ACL to block incoming loopback packets
IPSec AH Operating Layer
Fifth Part of the IOS Version
IPSec AH Identifier
