SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Software that blocks packets from unreachable hosts - thus allowing only reachable external hosts to initiate connections to a host on an internal network
ACL to block a Smurf Attack or Fraggle Attack
TCP Intercept
NTP Vulnerabilities
Lower IP Extended ACL Range
2. UDP Port 1701
TCP/UDP Echo Vulnerability
L2TP Identifier
Unauthorized Access
Sixth (Optional) Part of the IOS Version
3. Router threat where access by an entity or individual other than authorized users
Unauthorized Access
HTTPS Strength
Cisco Discovery Protocol (CDP)
Authentication Header (AH)
4. Traffic is passed in plaintext
GRE Operating Layer
no ip unreachable
HTTP Vulnerability
Global Addresses
5. Uses server and host keys to authenticate systems
SSH1
Cisco Express Forwarding (CEF)
Dynamic NAT
Third Part of the IOS Version
6. Tunnel Mode Protocol provides confidentiality - along with authentication and integrity protection with encryption
Encapsulation Security Payload (ESP)
Telnet - HTTP - SNMP Vulnerability
Third Part of the IOS Version
Fifth Part of the IOS Version
7. Geolocational positioning
Named ACL Format
TCP/UDP Daytime Vulnerability
Integrity Validation
Extended ACL format
8. Command used to disable HTTP Server
Access List Rules
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
no ip http server
IP Source Routing
9. What Transport Mode is used for
Host-to-Host Communications
Three Physical Security Vulnerabilities
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
IP Directed Broadcast
10. Router threat that includes manipulating router updates to cause traffic to flow to unauthorized destinations
Privilege Levels 2-13
Route Injection Attack
SSH1
TCP/UDP Discard Vulnerability
11. Allows packets to be filtered based on upper-layer session information - only uses extended temporary ACL's and must be named - applied on border routers
IP Mask Reply Vulnerabilities
Reflexive ACL
no service tcp-small-servers
Masquerading
12. Two FIN bits or one RST bit
HTTP Operating Layer
Secure Shell (SSH)
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
Requirements for Reflexive TCP to be removed
13. Mode where only the payload of the IP packet is encrypted and/or authenticated
Transport Mode
Unauthorized Access
Encapsulation Security Payload (ESP)
Two Modes of IPSec
14. 33400-34400
Fifth Part of the IOS Version
Secure Shell (SSH)
Standard IP ACLs
UDP Traceroute Port Range
15. The environment - catastrophic events an unauthorized access
Three Layers of Hierarchical Model
Three Physical Security Vulnerabilities
Named ACL
TCP/UDP Daytime Vulnerability
16. Privilege level that restricts users to five commands (enable - disable - exit - help quit)
Dynamic NAT
Privilege Level 0
Train Idenifier 'E'
Land Attack
17. Service Provider
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
18. What Tunnel Mode is used for
Network-to-Network Communications
no cdp run
Distributed Denial of Service Attacks
IP Unreachable Vulnerabilities
19. TCP Port 80
Established Line
Train Identifier 'B'
User Account Vulnerabilites
HTTP Identifier
20. Router threat that involves a hacker inserting a spoofed TCP/IP packet into a stream - thereby enabling commands to be executed on the remote host
ACL to block a Land Attack
Session Hijacking
DNS Lookup Vulnerability
Smurf Attack
21. Layer 3
Core Layer
Requirements for Reflexive TCP to be removed
ESP Operating Layer
Third Part of the IOS Version
22. Interim Build Number
IP Source Routing Vulnerabilities
Common uses of Access Lists
Fourth Part of the IOS Version
Generic Routing Encapsulation (GRE)
23. Helps to mitigate problems that are caused by the introduction of malformed or spoofed IP source addresses into a network by discarding packets lacking a verifiable IP source address
BOOTP Vulnerabilities
Unicast Reverse-Path Forwarding (uRPF)
Land Attack
Local Addresses
24. ACK and RST
Flags used by Established Line
Named ACL
Authenticating Peers
Encrypted Tunneling Methods
25. Private IP address after translation
Land Attack
Unauthorized Access
Inside Global Address
Core Layer
26. Uses only host keys to authenticate systems
Privilege Level 1
Host-to-Host Communications
SSH2
Route Injection Attack
27. UDP Port 514
Extended IP ACLs
syslog
L2TP Identifier
Cisco Express Forwarding (CEF)
28. Proprietary - used by Cisco routers and switches use to identify each other on LAN and WAN segments
BOOTP
TCP Intercept
Distributed Denial of Service Attacks
Cisco Discovery Protocol (CDP)
29. Layer 5
ESP Identifier
Tunneling
Standard IP ACLs
L2TP Operating Layer
30. DENY TCP ANY HOST <IP Address> EQ 23
TCP SYN Attack
IPSec AH Identifier
CDP Vulnerabilities
ACL to block telnet
31. Command used to disable the ICMP message Redirect
Proxy ARP Vulnerabilities
Three Physical Security Vulnerabilities
no ip redirect
ESP Operating Layer
32. Translates multiple local addresses to a pool of global addresses by having the firewall select the first available global address; retains the global address for the duration of the connection
Three Physical Security Vulnerabilities
Encrypted Tunneling Methods
Train Identifier 'T'
Dynamic NAT
33. 2000-2699
SSH Operating Layer
Outside
TCP/UDP Chargen Vulnerability
Lower IP Extended ACL Range
34. TCP and UDP Port 162
Cisco Express Forwarding (CEF)
TCP Load Distribution
BOOTP Vulnerabilities
SNMP Trap
35. Major Version - Minor Version - Release - Interim Build - Release Train Identifier
Privilege Level 1
Anti-Replay
SSH1
General Format of Cisco IOS Version
36. Privilege level that is restricted to basic level operations
Land Attack
Privilege Level 1
Flags used by Established Line
Higher IP Standard ACL Range
37. A suite of protocols for securing Internet Protocol communications by authenticating and/or encrypting each IP packet in a data stream
Layer 2 Tunneling Protocol (L2TP)
Internet Protocol Security (IPSec)
Tunneling
Network-to-Network Communications
38. Refers to addresses used on the organization's private network
Encrypting Traffic
IP Source Routing
Local Addresses
TCP Intercept
39. Form of dynamic NAT that maps multiple unregistered IP addresses to a single registered IP address by using different ports; limited to ~64 -000 hosts
uRPF Strength
Core Layer
Telnet - HTTP - SNMP Vulnerability
Overloading
40. Must be made at global config mode - created from CON/VTY session or text file - read top to bottom - applied at the interface and only one ACL per direction - per protocol - per interface
no service tcp-small-servers
Lower IP Extended ACL Range
Access List Rules
uRPF Strength
41. Device - Hostname - IOS - IP Address - Ports - Model
TLS/SSL Identifier
CDP Vulnerabilities
Boot Network
Proxy ARP Vulnerabilities
42. 1300-1999
Internet Protocol Security (IPSec)
ACL to block TCP SYN Attack
Higher IP Standard ACL Range
IP Direct Broadcast Vulnerabilties
43. Can stop spoofed IP addresses
uRPF Strength
SSH2
Reflexive ACL
IP Source Routing Vulnerabilities
44. This server is used for querying a host about its logged in users
login local
Train Identifier 'T'
inger Server
SSH Operating Layer
45. Command used to disable the ICMP message Address Mask Reply
Rerouting
no ip redirect
no ip mask-reply
Train Identifier 'T'
46. These ACLs filter by network or host IP addresses andspecific protocol type or port numbers - filters by source and destination
IP Spoofing
Networks
Two Modes of IPSec
Extended IP ACLs
47. Top of the hierarchy - responsible for transporting large amounts of traffic both reliably and quickly and switching traffic as fast as possible throughout the internet
Rerouting
Land Attack
Syntax for Reflexive ACLs
Core Layer
48. Attack that involves sending a large amount of ICMP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet
Encrypting Traffic
Smurf Attack
no ip mask-reply
Privilege Levels 2-13
49. DENY IP 224.0.0.0 15.255.255.255 ANY
Sixth (Optional) Part of the IOS Version
ACL to block IP multicast
Networks
Privilege Levels 2-13
50. Layer 3
GRE Operating Layer
Train Identifier 'T'
no ip bootp server
Cisco Express Forwarding (CEF)
