SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Layer 3
ESP Operating Layer
Network Time Protocol (NTP)
TCP/UDP Daytime Vulnerability
Access Layer
2. Accounts without passwords - Type 7 encryption - account privilege higher than 1 - able to be fingered
User Account Vulnerabilites
Flags used by Established Line
Static NAT
AUX Vulnerability
3. Form of dynamic NAT that maps multiple unregistered IP addresses to a single registered IP address by using different ports; limited to ~64 -000 hosts
IP Directed Broadcast
Outside Local Address
Extended ACL format
Overloading
4. Service Provider
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
5. Routing mode depended on by uRPF in order to function
Cisco Express Forwarding (CEF)
Telnet - HTTP - SNMP Vulnerability
Flags used by Established Line
Boot Network
6. Layer 3
SNMP Trap
HTTP Operating Layer
IPSec AH Operating Layer
ACL to block telnet
7. No Known Vulnerability
Tunnel Mode
Cisco Express Forwarding (CEF)
Named ACL Format
TCP/UDP Discard Vulnerability
8. Layer 3
GRE Operating Layer
Masquerading
uRPF Strength
Inside Local Address
9. TCP and UDP Port 162
Unauthorized Access
Higher IP Extended ACL Range
Extended ACL format
SNMP Trap
10. Software that passively monitors the connection requests flowing through the router; if a connection fails - the software sends a Reset to the server to clear up its state
Named ACL Format
TCP Intercept Watch Mode
Lower IP Standard ACL Range
Tunnel Mode
11. Protocol that allows data to be exchanged using a secure channel between two computers via encryption
Secure Shell (SSH)
Higher IP Standard ACL Range
Route Injection Attack
SSH2
12. Command to disable UDP small server on a router
no service udp-small-servers
TCP/UDP Discard Vulnerability
Secure Shell (SSH)
Network Time Protocol (NTP)
13. Refers to addresses used on the organization's private network
Local Addresses
Denial of Service (DoS)
TCP/UDP Chargen Vulnerability
Privilege Level 0
14. Refers to the addresses on the public internet
Flags used by Established Line
TCP SYN Attack
Outside
no ip unreachable
15. Major Version - Minor Version - Release - Interim Build - Release Train Identifier
uRPF Strength
Requirements for Reflexive TCP to be removed
Uses for ACLs
General Format of Cisco IOS Version
16. Attack that involves sending a large amount of ICMP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet
IPSec AH Identifier
syslog
Two Modes of IPSec
Smurf Attack
17. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet
Privilege Level 1
IP Spoofing
TCP Intercept Watch Mode
Inside Local Address
18. The communication layer between the two other layers and provides network security - including ACLs - firewalls - any general public access servers and address translation; also known as the isolation LAN or DMZ
Devices
Two Protocols of Tunnel Mode
Distribution Layer
Outside Local Address
19. Uses server and host keys to authenticate systems
SSH1
Proxy ARP Vulnerabilities
Uses for ACLs
DNS Lookup Vulnerability
20. Protocol used to keep their time-of-day clocks accurate and in sync
Unauthorized Access
Train Idenifier 'E'
Network Time Protocol (NTP)
HTTP Vulnerability
21. Technology
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
22. Uses SSL port 443
Masquerading
UDP Traceroute Port Range
Finger Vulnerabilities
HTTPS Strength
23. Refers to addresses used on the organization's private network
IPSec AH Identifier
TLS/SSL Identifier
Global Addresses
syslog
24. Lists interfaces - routing table - ARP table - physical and network addresses - time last booted
IP Direct Broadcast Vulnerabilties
Syntax for Reflexive ACLs
SNMP Vulnerabilities
TCP/UDP Discard Vulnerability
25. Release Train Identifier
Fifth Part of the IOS Version
Host-to-Host Communications
TCP Load Distribution
BOOTP
26. Router threat that involves a hacker inserting a spoofed TCP/IP packet into a stream - thereby enabling commands to be executed on the remote host
UDP Traceroute Port Range
Session Hijacking
Host-to-Host Communications
Distribution Layer
27. Privilege level that has Global administration capabilities
TCP Intercept Watch Mode
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
Privilege Level 15
ACL to block TCP SYN Attack
28. Protects against repeating of secure sessions
Requirements for Reflexive TCP to be removed
User Account Vulnerabilites
Telnet - HTTP - SNMP Vulnerability
Anti-Replay
29. Can obtain CIDR and router ID
IP Mask Reply Vulnerabilities
SNMP Trap
IPSec AH Identifier
no ip mask-reply
30. 0x33 or 51
Boot Network Vulnerabilities
TCP Load Distribution
uRPF Strength
IPSec AH Identifier
31. Datagram protocol used by some hosts to load their operating system over the network via a central repository of IOS software
Tunneling
BOOTP
Session Hijacking
TCP Intercept
32. TCP Port 22
ACL to block incoming loopback packets
Lower IP Standard ACL Range
Established Line
SSH Identifier
33. Two FIN bits or one RST bit
Requirements for Reflexive TCP to be removed
Core Layer
AUX Vulnerability
ntp disable
34. Four TCP/UDP Small Server commands recommended to disable
UDP Traceroute Port Range
echo - chargen - discard - daytime
Tunnel Mode
Network-to-Network Communications
35. Provides nonrepudiation - ensuring that traffic is from a trusted party
Extended IP ACLs
Cisco Discovery Protocol (CDP)
Boot Network
Authenticating Peers
36. 0x32 - or 50
Session Hijacking
TLS/SSL Layer
ESP Identifier
Minimum ACLs Required for Reflexive ACLs
37. Attack that involves sending a large amount of UDP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet
Fraggle Attack
Transport Mode
Dynamic NAT
ntp disable
38. Transport and Tunnel
Two Modes of IPSec
Named ACL Format
Integrity Validation
User Account Vulnerabilites
39. The environment - catastrophic events an unauthorized access
Cisco Discovery Protocol (CDP)
Overloading
Three Physical Security Vulnerabilities
Privilege Level 15
40. Rewrites the and/or destination IP address of IP packets as they pass through a router or firewall from private to public addresses
Access Layer
SSH2
Network Address Translation (NAT)
no ip finger - no service finger
41. An extension of static mapping which allows for one global address to be mapped to multiple inside addresses; can be used for websites with multiple back end servers
HTTP Tunneling
Masquerading
TCP Load Distribution
Tunnel Mode
42. Also known as Configuration Auto-Loading - allows routers to load their startup configuration from the network
Global Addresses
Boot Network
Flags used by Established Line
Finger Vulnerabilities
43. Buffer Overflow
login local
Train Identifier 'T'
Eavesdropping and Information Theft
TCP/UDP Chargen Vulnerability
44. Allows for a one-to-one translation of local to global addresses; used by web servers and mail servers so that users can connect to them via their global address
no service udp-small-servers
uRPF Strength
Transport Mode
Static NAT
45. Local and Remote
Two Types of Router Access
Denial of Service (DoS)
Eavesdropping and Information Theft
Fraggle Attack
46. Time can be changed - Routing Table can be killed
Lower IP Standard ACL Range
NTP Vulnerabilities
SSH1
ESP Operating Layer
47. Command to disable CDP on a router
Standard IP ACLs
IP Direct Broadcast Vulnerabilties
ESP Identifier
no cdp run
48. War dialing
ntp disable
AUX Vulnerability
Overloading
Privilege Levels 2-13
49. Privilege levels that can have passwords assigned to them
Telnet - HTTP - SNMP Vulnerability
Privilege Levels 2-13
no cdp run
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
50. When a router acts as an intermediary for ARP queries on selected interfaces and enabling transparent access between multiple LAN segments
Proxy ARP
GRE Identifier
TLS/SSL Layer
Train Identifier 'S'
