SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Datagram protocol used by some hosts to load their operating system over the network via a central repository of IOS software
Inside Local Address
no ip bootp server
BOOTP
no service udp-small-servers
2. Privilege level that is restricted to basic level operations
Local Addresses
Privilege Level 1
IPSec AH Identifier
Fraggle Attack
3. When a router acts as an intermediary for ARP queries on selected interfaces and enabling transparent access between multiple LAN segments
Two Types of Router Access
Proxy ARP
Dynamic NAT
SSH
4. DENY IP 224.0.0.0 15.255.255.255 ANY
Higher IP Extended ACL Range
Privilege Level 15
ACL to block IP multicast
IP Mask Reply Vulnerabilities
5. TCP and UDP Port 161
DNS Lookup Vulnerability
SNMP
Unauthorized Access
Established Line
6. Router threat that involves a hacker inserting a spoofed TCP/IP packet into a stream - thereby enabling commands to be executed on the remote host
Global Addresses
IPSec AH Identifier
Named ACL
Session Hijacking
7. A method of bypassing firewall or proxy restrictions by making the firewall think that it is getting traffic from a web browser
Two Protocols of Tunnel Mode
HTTP Tunneling
Transport Mode
Sixth (Optional) Part of the IOS Version
8. Rebuild Number
DNS Lookup Vulnerability
Sixth (Optional) Part of the IOS Version
Encapsulation Security Payload (ESP)
Network Time Protocol (NTP)
9. Command used to disable the ICMP message Redirect
Distribution Layer
GRE Identifier
Standard IP ACLs
no ip redirect
10. Uses only host keys to authenticate systems
TCP/UDP Daytime Vulnerability
IPSec AH Operating Layer
ACL to block telnet
SSH2
11. Smurf attacks - can enumerate the network
Generic Routing Encapsulation (GRE)
IP Direct Broadcast Vulnerabilties
Outside
Devices
12. Software that passively monitors the connection requests flowing through the router; if a connection fails - the software sends a Reset to the server to clear up its state
Fourth Part of the IOS Version
Privilege Level 0
L2TP Identifier
TCP Intercept Watch Mode
13. Routing mode depended on by uRPF in order to function
Two Types of Router Access
User Account Vulnerabilites
Cisco Express Forwarding (CEF)
Third Part of the IOS Version
14. War dialing
Internet Protocol Security (IPSec)
IP Source Routing Vulnerabilities
AUX Vulnerability
Fourth Part of the IOS Version
15. An extension of static mapping which allows for one global address to be mapped to multiple inside addresses; can be used for websites with multiple back end servers
Second Part of IOS Version
TCP Load Distribution
no service tcp-small-servers
Train Idenifier 'E'
16. What Transport Mode is used for
Host-to-Host Communications
ACL to block a Smurf Attack or Fraggle Attack
IP Source Routing
Requirements for Reflexive TCP to be removed
17. Release Number
Syntax for Reflexive ACLs
Two Types of Router Access
uRPF Strength
Third Part of the IOS Version
18. Plaintext
Encapsulation Security Payload (ESP)
Outside Global Address
TLS/SSL Identifier
Telnet - HTTP - SNMP Vulnerability
19. Broadcast
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
20. DENY IP 127.0.0.0 0.255.255.255 ANY
IP Unreachable Vulnerabilities
ACL to block incoming loopback packets
Two Protocols of Tunnel Mode
Masquerading
21. UDP Port 1701
ESP Identifier
L2TP Identifier
TLS/SSL Identifier
Fifth Part of the IOS Version
22. Tunnel Mode Protocol provides confidentiality - along with authentication and integrity protection with encryption
Encapsulation Security Payload (ESP)
Distributed Denial of Service Attacks
no ip mask-reply
ACL to block a Smurf Attack or Fraggle Attack
23. Attack that involves transmitting a volume of connections that cannot be completed at the destination - causing the queue to fill up and denying service to legitimate user
TCP SYN Attack
IPSec AH Operating Layer
HTTP Vulnerability
Three Layers of Hierarchical Model
24. Attack that involves a multitude of compromised system attack a single target - denying service to it by exploiting one 'master' system that communicates with other 'zombie' systems
inger Server
Rerouting
Distributed Denial of Service Attacks
Access List Rules
25. 0x33 or 51
inger Server
Global Addresses
Three Physical Security Vulnerabilities
IPSec AH Identifier
26. Refers to the addresses on the public internet
Encapsulation Security Payload (ESP)
Outside
Authentication Header (AH)
no ip http server
27. Access-list <number <deny | permit> source source-wildcard source-qualifier destination dest-wildcard dest-qualifier <log | log-input>
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
HTTP Identifier
Extended ACL format
Second Part of IOS Version
28. Refers to the organization's private network
Privilege Level 1
Inside
Access Layer
HTTP Vulnerability
29. Lists interfaces - routing table - ARP table - physical and network addresses - time last booted
ntp disable
SSH1
SNMP Vulnerabilities
Network-to-Network Communications
30. Cisco default tunneling protocol that uses multicast addressing without encryption and is designed to encapsulate a wide variety of network layer packets inside IP tunneling packets
no ip unreachable
IP Direct Broadcast Vulnerabilties
Generic Routing Encapsulation (GRE)
HTTP Vulnerability
31. Top of the hierarchy - responsible for transporting large amounts of traffic both reliably and quickly and switching traffic as fast as possible throughout the internet
Train Identifier 'T'
Core Layer
ACL to block a Smurf Attack or Fraggle Attack
Standard ACL format
32. Users - Host PC's - IP Addresses
IP Spoofing
Finger Vulnerabilities
Overloading
IP Unreachable Vulnerabilities
33. Device - Hostname - IOS - IP Address - Ports - Model
CDP Vulnerabilities
Networks
no service tcp-small-servers
SNMP Trap
34. None - uses attached application protocol's port
Encrypted Tunneling Methods
Transport Mode
HTTP Operating Layer
TLS/SSL Identifier
35. Proprietary - used by Cisco routers and switches use to identify each other on LAN and WAN segments
Boot Network Vulnerabilities
ACL to block a Land Attack
Cisco Discovery Protocol (CDP)
Unicast Reverse-Path Forwarding (uRPF)
36. Provides nonrepudiation - ensuring that traffic is from a trusted party
Network Time Protocol (NTP)
Minimum ACLs Required for Reflexive ACLs
Tunnel Mode
Authenticating Peers
37. Public IP address after translation
Secure Shell (SSH)
ACL to block a Land Attack
Outside Global Address
CDP Vulnerabilities
38. Router threat where access by an entity or individual other than authorized users
TCP Intercept
Named ACL
Unauthorized Access
no ip finger - no service finger
39. Refers to addresses used on the organization's private network
Requirements for Reflexive TCP to be removed
Session Hijacking
IP Directed Broadcast
Local Addresses
40. Uses server and host keys to authenticate systems
SSH1
Syntax for Reflexive ACLs
Sixth (Optional) Part of the IOS Version
Networks
41. Data link layer protocol used for tunneling network traffic between two peers over an existing network - often used with IPsec to secure packets
Privilege Level 15
DNS Lookup Vulnerability
Layer 2 Tunneling Protocol (L2TP)
Three Physical Security Vulnerabilities
42. Major Version
First Part of IOS Version
Train Identifier 'T'
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
ESP Identifier
43. Allows the source IP host to specify a route through the IP network
no ip finger - no service finger
IP Source Routing
Reflexive ACL
Session Hijacking
44. Command used to disable the ICMP message Host Unreachable
IP Directed Broadcast
General Format of Cisco IOS Version
no ip unreachable
BOOTP
45. Router threat that includes manipulating router updates to cause traffic to flow to unauthorized destinations
Flags used by Established Line
Rerouting
login local
IP Direct Broadcast Vulnerabilties
46. The host can specify which route to take - which bypasses security
IP Source Routing Vulnerabilities
Tunneling
HTTP Tunneling
Three Physical Security Vulnerabilities
47. When one network protocol called the payload protocol is encapsulated within a different delivery network - or provide a secure path through an untrusted network
Encrypted Tunneling Methods
Tunneling
Fraggle Attack
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
48. Helps to mitigate problems that are caused by the introduction of malformed or spoofed IP source addresses into a network by discarding packets lacking a verifiable IP source address
Fifth Part of the IOS Version
Unicast Reverse-Path Forwarding (uRPF)
Anti-Replay
Static NAT
49. These ACLs filter by network or host IP addresses andspecific protocol type or port numbers - filters by source and destination
IP Source Routing
Core Layer
Outside
Extended IP ACLs
50. Mode where the entire packet is encrypted and/or authenticated - requiring a new IP packet to be encapsulated
Tunnel Mode
Anti-Replay
IP Spoofing
no service udp-small-servers
