Test your basic knowledge |

Router Security

Subject : it-skills
Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Router to Router Denial of Service






2. Provides a checksum - ensuring traffic has not been modified along it's path






3. Helps to mitigate problems that are caused by the introduction of malformed or spoofed IP source addresses into a network by discarding packets lacking a verifiable IP source address






4. These ACLs filter by network or host IP addresses andspecific protocol type or port numbers - filters by source and destination






5. Four TCP/UDP Small Server commands recommended to disable






6. Buffer Overflow






7. The communication layer between the two other layers and provides network security - including ACLs - firewalls - any general public access servers and address translation; also known as the isolation LAN or DMZ






8. DENY TCP ANY HOST <IP Address> EQ 23






9. UDP Port 514






10. Time can be changed - Routing Table can be killed






11. Router threat that involves a hacker inserting a spoofed TCP/IP packet into a stream - thereby enabling commands to be executed on the remote host






12. Two - one Inbound or Evaluated and one Outbound or Reflected






13. Command used to disable the ICMP message Address Mask Reply






14. Datagram protocol used by some hosts to load their operating system over the network via a central repository of IOS software






15. TCP Port 22






16. Mode where only the payload of the IP packet is encrypted and/or authenticated






17. Command to disable CDP on a router






18. Public IP address before translation






19. These ACLs filter by network or host IP address and only filter on source






20. Smurf attacks - can enumerate the network






21. Privilege level that is restricted to basic level operations






22. What Inside and Outside refer to in NAT






23. Layer 3






24. Layer 7






25. Layer 3






26. The host can specify which route to take - which bypasses security






27. Provides confidentiality - so it cannot be read by unauthorized parties






28. 33400-34400






29. Router threat where access by an entity or individual other than authorized users






30. Dialer List - Routing Maps - Dynamic Routing Protocols - Controlling Remote Access - NAT'ing - Traffic Filtering






31. Traffic is passed in plaintext






32. A secure alternative to telnet for remote administration that supported in Enterprise versions of Cisco IOS






33. Attack that involves a multitude of compromised system attack a single target - denying service to it by exploiting one 'master' system that communicates with other 'zombie' systems






34. This server is used for querying a host about its logged in users






35. Uses SSL port 443






36. Accounts without passwords - Type 7 encryption - account privilege higher than 1 - able to be fingered






37. Refers to addresses used on the organization's private network






38. None - uses attach application protocol's layer






39. Startup-config can be deleted - copied - changed






40. TCP and UDP Port 161






41. Protects against repeating of secure sessions






42. UDP Port 1701






43. Device - Hostname - IOS - IP Address - Ports - Model






44. TCP Port 80






45. Protocol that allows data to be exchanged using a secure channel between two computers via encryption






46. No Known Vulnerability






47. An alternative for both standard and extended ACLs that allow you to refer to an ACL by a descriptive name instead of a number






48. Ip accesslist extended <name1> - permit IP any any reflect <filename> - ip accesslist extended <name2> - evaluate <filename> - int f0/0 - ip access-group <name1> out - ip access-group <name2> in






49. Major Version - Minor Version - Release - Interim Build - Release Train Identifier






50. When a router acts as an intermediary for ARP queries on selected interfaces and enabling transparent access between multiple LAN segments