Test your basic knowledge |

Router Security

Subject : it-skills
Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Tunnel Mode Protocol provides confidentiality - along with authentication and integrity protection with encryption






2. Permits a host on one LAN segment to initiate a physical broadcast on a different LAN segment






3. Access - Distribution - Core






4. Minor Version






5. Local and Remote






6. Provides confidentiality - so it cannot be read by unauthorized parties






7. Mode where the entire packet is encrypted and/or authenticated - requiring a new IP packet to be encapsulated






8. No Known Vulnerability






9. Command to disable UDP small server on a router






10. Commands to disable Finger Server






11. These ACLs filter by network or host IP address and only filter on source






12. What Inside and Outside refer to in NAT






13. Form of dynamic NAT that maps multiple unregistered IP addresses to a single registered IP address by using different ports; limited to ~64 -000 hosts






14. An extension of static mapping which allows for one global address to be mapped to multiple inside addresses; can be used for websites with multiple back end servers






15. When a router acts as an intermediary for ARP queries on selected interfaces and enabling transparent access between multiple LAN segments






16. Allows for a one-to-one translation of local to global addresses; used by web servers and mail servers so that users can connect to them via their global address






17. Router to Router Denial of Service






18. DNS Poisoning






19. Access-list <number> <deny | permit> source source-wildcard log






20. The communication layer between the two other layers and provides network security - including ACLs - firewalls - any general public access servers and address translation; also known as the isolation LAN or DMZ






21. Provides a checksum - ensuring traffic has not been modified along it's path






22. Rewrites the and/or destination IP address of IP packets as they pass through a router or firewall from private to public addresses






23. Traffic is passed in plaintext






24. Major Version - Minor Version - Release - Interim Build - Release Train Identifier






25. Privilege level that is restricted to basic level operations






26. Geolocational positioning






27. 0x2F - or 47






28. Interim Build Number






29. Breaks LAN security perimeter extends LAN to Layer 2






30. 33400-34400






31. Command to disable CDP on a router






32. Authentication Header (AH) and Encapsulated Security Payload (ESP)






33. Uses only host keys to authenticate systems






34. A secure alternative to telnet for remote administration that supported in Enterprise versions of Cisco IOS






35. The host can specify which route to take - which bypasses security






36. Layer 3






37. ESP - SSH - SSL/TLP






38. Smurf attacks - can enumerate the network






39. Datagram protocol used by some hosts to load their operating system over the network via a central repository of IOS software






40. Dialer List - Routing Maps - Dynamic Routing Protocols - Controlling Remote Access - NAT'ing - Traffic Filtering






41. 0x32 - or 50






42. Private IP address after translation






43. Command used to disable the ICMP message Address Mask Reply






44. PERMIT TCP ANY ANY ESTABLISHED






45. 0x33 or 51






46. The environment - catastrophic events an unauthorized access






47. Rebuild Number






48. Attack that involves a multitude of compromised system attack a single target - denying service to it by exploiting one 'master' system that communicates with other 'zombie' systems






49. Layer 5






50. Router threat where access by an entity or individual other than authorized users