SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. TCP and UDP Port 162
SNMP Trap
AUX Vulnerability
Cisco Express Forwarding (CEF)
Two Types of Router Access
2. Can stop spoofed IP addresses
Established Line
Cisco Express Forwarding (CEF)
uRPF Strength
HTTP Tunneling
3. Ip access-list <standard | extended> name - permit TCP any any established
UDP Traceroute Port Range
Named ACL Format
Rerouting
Static NAT
4. Attack that involves sending a large amount of UDP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet
HTTPS Strength
TCP Load Distribution
Fraggle Attack
Tunnel Mode
5. Service Provider
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
6. Tunnel Mode Protocol provides confidentiality - along with authentication and integrity protection with encryption
Outside Local Address
TLS/SSL Identifier
SSH Identifier
Encapsulation Security Payload (ESP)
7. Provides nonrepudiation - ensuring that traffic is from a trusted party
Authenticating Peers
HTTP Operating Layer
TCP/UDP Discard Vulnerability
no ip finger - no service finger
8. Enterprise
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
9. Buffer Overflow
Dynamic NAT
GRE Identifier
BOOTP Vulnerabilities
TCP/UDP Chargen Vulnerability
10. A method of bypassing firewall or proxy restrictions by making the firewall think that it is getting traffic from a web browser
Distributed Denial of Service Attacks
HTTP Tunneling
IP Mask Reply Vulnerabilities
SSH Operating Layer
11. Refers to the organization's private network
Privilege Levels 2-13
IP Direct Broadcast Vulnerabilties
SSH
Inside
12. Traffic is passed in plaintext
HTTP Vulnerability
Encrypted Tunneling Methods
TLS/SSL Identifier
GRE Identifier
13. Permits a host on one LAN segment to initiate a physical broadcast on a different LAN segment
no ip redirect
Generic Routing Encapsulation (GRE)
no service udp-small-servers
IP Directed Broadcast
14. Transport and Tunnel
Authentication Header (AH)
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
Two Modes of IPSec
Reflexive ACL
15. Interim Build Number
Fourth Part of the IOS Version
TCP/UDP Chargen Vulnerability
CDP Vulnerabilities
User Account Vulnerabilites
16. Layer 3
SNMP Trap
GRE Operating Layer
syslog
Network Time Protocol (NTP)
17. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet
IP Directed Broadcast
Tunneling
Proxy ARP
IP Spoofing
18. None - uses attached application protocol's port
TCP/UDP Chargen Vulnerability
Privilege Level 15
Access List Rules
TLS/SSL Identifier
19. Routing mode depended on by uRPF in order to function
First Part of IOS Version
Cisco Express Forwarding (CEF)
ACL to block incoming loopback packets
ACL to block a Land Attack
20. Broadcast
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
21. Refers to addresses used on the organization's private network
SSH2
Global Addresses
Proxy ARP
Integrity Validation
22. Minor Version
Second Part of IOS Version
Boot Network
Sixth (Optional) Part of the IOS Version
Unicast Reverse-Path Forwarding (uRPF)
23. Can copy - poison - corrupt - or delete the IOS
ACL to block telnet
Privilege Level 1
Outside
BOOTP Vulnerabilities
24. Two FIN bits or one RST bit
Generic Routing Encapsulation (GRE)
Privilege Levels 2-13
Requirements for Reflexive TCP to be removed
BOOTP
25. What Local and Global refer to in NAT
Networks
Tunneling
Static NAT
Second Part of IOS Version
26. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet
TCP Load Distribution
Established Line
HTTP Identifier
Masquerading
27. Rebuild Number
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
ACL to block IP multicast
Sixth (Optional) Part of the IOS Version
First Part of IOS Version
28. 33400-34400
SNMP Vulnerabilities
UDP Traceroute Port Range
Unauthorized Access
Requirements for Reflexive TCP to be removed
29. Refers to addresses used on the organization's private network
TCP/UDP Echo Vulnerability
GRE Identifier
Local Addresses
Transport Mode
30. Local IP address before translation
Two Modes of IPSec
ntp disable
Inside Local Address
Distributed Denial of Service Attacks
31. Users - Host PC's - IP Addresses
Finger Vulnerabilities
TLS/SSL Layer
TCP Intercept
TCP Intercept Watch Mode
32. Layer 7
Boot Network
no service udp-small-servers
HTTP Operating Layer
SSH1
33. This server is used for querying a host about its logged in users
inger Server
SSH Identifier
AUX Vulnerability
Internet Protocol Security (IPSec)
34. 1300-1999
Higher IP Standard ACL Range
IP Unreachable Vulnerabilities
Dynamic NAT
Uses for ACLs
35. No Known Vulnerability
no ip bootp server
no service udp-small-servers
TCP/UDP Discard Vulnerability
Access Layer
36. TCP and UDP Port 161
Minimum ACLs Required for Reflexive ACLs
SNMP
TCP/UDP Daytime Vulnerability
ACL to block IP multicast
37. Tunnel Mode Protocol provides integrity - authentication - and non-repudiation and operates directly on top of IP
Third Part of the IOS Version
Fraggle Attack
Privilege Level 1
Authentication Header (AH)
38. Ip accesslist extended <name1> - permit IP any any reflect <filename> - ip accesslist extended <name2> - evaluate <filename> - int f0/0 - ip access-group <name1> out - ip access-group <name2> in
Dynamic NAT
ESP Operating Layer
Syntax for Reflexive ACLs
Named ACL Format
39. Smurf attacks - can enumerate the network
Local Addresses
IP Mask Reply Vulnerabilities
IP Direct Broadcast Vulnerabilties
Authenticating Peers
40. These ACLs filter by network or host IP addresses andspecific protocol type or port numbers - filters by source and destination
Extended IP ACLs
Proxy ARP
ACL to block telnet
Networks
41. Router threat that includes manipulating router updates to cause traffic to flow to unauthorized destinations
Route Injection Attack
TCP SYN Attack
Access List Rules
Inside
42. Form of dynamic NAT that maps multiple unregistered IP addresses to a single registered IP address by using different ports; limited to ~64 -000 hosts
Overloading
Two Types of Router Access
Dynamic NAT
HTTP Vulnerability
43. When a router acts as an intermediary for ARP queries on selected interfaces and enabling transparent access between multiple LAN segments
Common uses of Access Lists
Standard ACL format
Host-to-Host Communications
Proxy ARP
44. What Tunnel Mode is used for
Train Identifier 'B'
Telnet - HTTP - SNMP Vulnerability
SNMP
Network-to-Network Communications
45. 0x2F - or 47
GRE Identifier
ACL to block TCP SYN Attack
no service udp-small-servers
Standard ACL format
46. Protects against repeating of secure sessions
Anti-Replay
Tunneling
Extended IP ACLs
Requirements for Reflexive TCP to be removed
47. Must be made at global config mode - created from CON/VTY session or text file - read top to bottom - applied at the interface and only one ACL per direction - per protocol - per interface
inger Server
Access List Rules
Fraggle Attack
no service tcp-small-servers
48. DENY TCP ANY HOST <IP Address> EQ 23
Encapsulation Security Payload (ESP)
ACL to block telnet
Network-to-Network Communications
Layer 2 Tunneling Protocol (L2TP)
49. ESP - SSH - SSL/TLP
login local
Standard ACL format
Encrypted Tunneling Methods
Inside
50. Layer 7
Global Addresses
Three Physical Security Vulnerabilities
SSH Operating Layer
GRE Operating Layer