SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Interim Build Number
TCP Load Distribution
Fourth Part of the IOS Version
IPSec AH Identifier
Named ACL
2. The host can specify which route to take - which bypasses security
IP Source Routing Vulnerabilities
Authentication Header (AH)
Inside
Three Physical Security Vulnerabilities
3. Local IP address before translation
Inside Local Address
Denial of Service (DoS)
Boot Network
ACL to block telnet
4. Rebuild Number
SSH Identifier
Global Addresses
Network Address Translation (NAT)
Sixth (Optional) Part of the IOS Version
5. Smurf attacks - can enumerate the network
Privilege Level 1
Inside Global Address
IP Direct Broadcast Vulnerabilties
TLS/SSL Identifier
6. ACK and RST
SSH2
Flags used by Established Line
Sixth (Optional) Part of the IOS Version
BOOTP Vulnerabilities
7. 2000-2699
Authenticating Peers
Higher IP Extended ACL Range
Extended ACL format
Train Identifier 'T'
8. Translates multiple local addresses to a pool of global addresses by having the firewall select the first available global address; retains the global address for the duration of the connection
Encrypted Tunneling Methods
SSH2
Two Types of Router Access
Dynamic NAT
9. Protocol that allows data to be exchanged using a secure channel between two computers via encryption
Lower IP Standard ACL Range
SSH Operating Layer
Tunneling
Secure Shell (SSH)
10. A suite of protocols for securing Internet Protocol communications by authenticating and/or encrypting each IP packet in a data stream
Internet Protocol Security (IPSec)
Standard IP ACLs
Second Part of IOS Version
Networks
11. Startup-config can be deleted - copied - changed
Unicast Reverse-Path Forwarding (uRPF)
Fifth Part of the IOS Version
Boot Network Vulnerabilities
no ip unreachable
12. Access-list <number> <deny | permit> source source-wildcard log
Standard ACL format
Extended ACL format
Transport Mode
Train Idenifier 'E'
13. Routing mode depended on by uRPF in order to function
Cisco Express Forwarding (CEF)
SNMP
IPSec AH Identifier
Unauthorized Access
14. Data link layer protocol used for tunneling network traffic between two peers over an existing network - often used with IPsec to secure packets
TCP Load Distribution
Networks
Outside Global Address
Layer 2 Tunneling Protocol (L2TP)
15. Release Number
L2TP Operating Layer
Two Protocols of Tunnel Mode
Third Part of the IOS Version
Lower IP Extended ACL Range
16. Local and Remote
no service tcp-small-servers
Local Addresses
Secure Shell (SSH)
Two Types of Router Access
17. Public IP address after translation
TCP/UDP Discard Vulnerability
Outside Global Address
TCP Intercept
Privilege Level 15
18. Dialer List - Routing Maps - Dynamic Routing Protocols - Controlling Remote Access - NAT'ing - Traffic Filtering
UDP Traceroute Port Range
IP Source Routing Vulnerabilities
Uses for ACLs
Static NAT
19. DNS Poisoning
DNS Lookup Vulnerability
Inside Local Address
BOOTP Vulnerabilities
Two Types of Router Access
20. When one network protocol called the payload protocol is encapsulated within a different delivery network - or provide a secure path through an untrusted network
Transport Mode
Tunneling
Network Time Protocol (NTP)
Privilege Levels 2-13
21. Can stop spoofed IP addresses
ntp disable
uRPF Strength
Third Part of the IOS Version
Requirements for Reflexive TCP to be removed
22. When a router acts as an intermediary for ARP queries on selected interfaces and enabling transparent access between multiple LAN segments
Inside
Higher IP Standard ACL Range
Network Time Protocol (NTP)
Proxy ARP
23. TCP and UDP Port 161
SNMP
Standard ACL format
Networks
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
24. Also known as Configuration Auto-Loading - allows routers to load their startup configuration from the network
Tunneling
Higher IP Standard ACL Range
SNMP Vulnerabilities
Boot Network
25. Uses SSL port 443
HTTPS Strength
Named ACL Format
TCP/UDP Echo Vulnerability
Cisco Express Forwarding (CEF)
26. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet
ESP Identifier
Finger Vulnerabilities
Route Injection Attack
IP Spoofing
27. Protects against repeating of secure sessions
Authentication Header (AH)
Sixth (Optional) Part of the IOS Version
IP Source Routing Vulnerabilities
Anti-Replay
28. DENY IP 224.0.0.0 15.255.255.255 ANY
HTTP Identifier
IP Source Routing Vulnerabilities
Tunneling
ACL to block IP multicast
29. 33400-34400
ACL to block a Land Attack
Overloading
HTTP Operating Layer
UDP Traceroute Port Range
30. Access - Distribution - Core
no ip finger - no service finger
Inside Local Address
Three Layers of Hierarchical Model
IP Source Routing
31. Attack that involves sending a large amount of UDP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet
Unauthorized Access
Fraggle Attack
Proxy ARP
Sixth (Optional) Part of the IOS Version
32. Layer 7
SSH1
HTTP Operating Layer
ntp disable
Cisco Discovery Protocol (CDP)
33. Forces the user to enter both a valid username and password
IPSec AH Identifier
Privilege Level 15
login local
Two Protocols of Tunnel Mode
34. Authentication Header (AH) and Encapsulated Security Payload (ESP)
Cisco Discovery Protocol (CDP)
ACL to block telnet
SNMP Vulnerabilities
Two Protocols of Tunnel Mode
35. Rewrites the and/or destination IP address of IP packets as they pass through a router or firewall from private to public addresses
Encrypted Tunneling Methods
Integrity Validation
Two Protocols of Tunnel Mode
Network Address Translation (NAT)
36. War dialing
Encapsulation Security Payload (ESP)
IP Mask Reply Vulnerabilities
Distribution Layer
AUX Vulnerability
37. Command to disable BOOTP Server
Privilege Level 15
NTP Vulnerabilities
no ip bootp server
Extended IP ACLs
38. Layer 3
Access List Rules
Fourth Part of the IOS Version
ESP Operating Layer
Higher IP Extended ACL Range
39. Router threat that involves the unauthorized viewing and collection of network traffic; usually accomplished with a packet sniffing program
IP Source Routing
TCP Load Distribution
ACL to block IP multicast
Eavesdropping and Information Theft
40. TCP Port 80
HTTP Identifier
SSH
TCP/UDP Echo Vulnerability
IP Spoofing
41. Permits a host on one LAN segment to initiate a physical broadcast on a different LAN segment
Dynamic NAT
Land Attack
IP Directed Broadcast
Cisco Express Forwarding (CEF)
42. Attack that involves transmitting a volume of connections that cannot be completed at the destination - causing the queue to fill up and denying service to legitimate user
Transport Mode
TCP SYN Attack
Train Idenifier 'E'
Encapsulation Security Payload (ESP)
43. Broadcast
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
44. The communication layer between the two other layers and provides network security - including ACLs - firewalls - any general public access servers and address translation; also known as the isolation LAN or DMZ
Distribution Layer
Privilege Levels 2-13
ACL to block a Land Attack
TLS/SSL Layer
45. Must be made at global config mode - created from CON/VTY session or text file - read top to bottom - applied at the interface and only one ACL per direction - per protocol - per interface
HTTPS Strength
Land Attack
Access List Rules
Syntax for Reflexive ACLs
46. Router threat that includes manipulating router updates to cause traffic to flow to unauthorized destinations
ESP Operating Layer
Tunneling
Fourth Part of the IOS Version
Rerouting
47. Uses only host keys to authenticate systems
SSH2
TCP Load Distribution
First Part of IOS Version
Three Layers of Hierarchical Model
48. Commands to disable Finger Server
Internet Protocol Security (IPSec)
no cdp run
IP Direct Broadcast Vulnerabilties
no ip finger - no service finger
49. Service Provider
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
50. ESP - SSH - SSL/TLP
Encrypted Tunneling Methods
Networks
GRE Identifier
Lower IP Standard ACL Range
