SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. TCP only - used to filter inbound traffic while allowing return TCP sessions - can be spoofed by attackers and cannot be used with Active FTP
HTTP Identifier
Network Address Translation (NAT)
Established Line
IP Source Routing
2. ACK and RST
Network-to-Network Communications
ACL to block spoofed IPs
Flags used by Established Line
CDP Vulnerabilities
3. Public IP address before translation
echo - chargen - discard - daytime
SSH
Transport Mode
Outside Local Address
4. Major Version
Unauthorized Access
First Part of IOS Version
IPSec AH Operating Layer
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
5. None - uses attached application protocol's port
TLS/SSL Identifier
ACL to block a Smurf Attack or Fraggle Attack
Route Injection Attack
GRE Operating Layer
6. Attack that involves transmitting a volume of connections that cannot be completed at the destination - causing the queue to fill up and denying service to legitimate user
User Account Vulnerabilites
TCP SYN Attack
Tunnel Mode
SNMP
7. Router threat that involves a hacker inserting a spoofed TCP/IP packet into a stream - thereby enabling commands to be executed on the remote host
Two Protocols of Tunnel Mode
ACL to block a Smurf Attack or Fraggle Attack
Three Layers of Hierarchical Model
Session Hijacking
8. Can obtain CIDR and router ID
Distributed Denial of Service Attacks
IP Mask Reply Vulnerabilities
ESP Operating Layer
ACL to block IP multicast
9. None - uses attach application protocol's layer
UDP Traceroute Port Range
Unicast Reverse-Path Forwarding (uRPF)
General Format of Cisco IOS Version
TLS/SSL Layer
10. An alternative for both standard and extended ACLs that allow you to refer to an ACL by a descriptive name instead of a number
Unicast Reverse-Path Forwarding (uRPF)
Named ACL
IPSec AH Operating Layer
Tunneling
11. Command to disable TCP small server on a router
Minimum ACLs Required for Reflexive ACLs
no service tcp-small-servers
Local Addresses
Generic Routing Encapsulation (GRE)
12. UDP Port 1701
Tunneling
Telnet - HTTP - SNMP Vulnerability
Established Line
L2TP Identifier
13. Time can be changed - Routing Table can be killed
Second Part of IOS Version
NTP Vulnerabilities
Inside
BOOTP
14. Uses only host keys to authenticate systems
Internet Protocol Security (IPSec)
SSH2
Local Addresses
Distributed Denial of Service Attacks
15. Lists interfaces - routing table - ARP table - physical and network addresses - time last booted
no cdp run
SNMP Vulnerabilities
Lower IP Standard ACL Range
Land Attack
16. Allows for a one-to-one translation of local to global addresses; used by web servers and mail servers so that users can connect to them via their global address
Rerouting
Reflexive ACL
Static NAT
Two Modes of IPSec
17. These ACLs filter by network or host IP addresses andspecific protocol type or port numbers - filters by source and destination
Third Part of the IOS Version
Fraggle Attack
Layer 2 Tunneling Protocol (L2TP)
Extended IP ACLs
18. Mode where the entire packet is encrypted and/or authenticated - requiring a new IP packet to be encapsulated
Tunnel Mode
Established Line
HTTPS Strength
SSH1
19. A method of bypassing firewall or proxy restrictions by making the firewall think that it is getting traffic from a web browser
TCP/UDP Daytime Vulnerability
echo - chargen - discard - daytime
HTTP Tunneling
Boot Network
20. Service Provider
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
21. DENY TCP ANY HOST <IP Address> EQ 23
IP Source Routing
Standard IP ACLs
ACL to block telnet
Privilege Level 0
22. Router threat where access by an entity or individual other than authorized users
TLS/SSL Layer
Land Attack
Unauthorized Access
Cisco Express Forwarding (CEF)
23. Attack that involves sending a large amount of ICMP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet
HTTP Tunneling
Smurf Attack
TCP Intercept
BOOTP Vulnerabilities
24. Command used to disable the ICMP message Redirect
no ip redirect
Encrypting Traffic
Tunneling
SSH1
25. 33400-34400
TCP Intercept
Local Addresses
Authenticating Peers
UDP Traceroute Port Range
26. A secure alternative to telnet for remote administration that supported in Enterprise versions of Cisco IOS
Unauthorized Access
SSH
Denial of Service (DoS)
no ip http server
27. Minor Version
Second Part of IOS Version
TCP Intercept Watch Mode
Privilege Levels 2-13
Route Injection Attack
28. DENY IP 224.0.0.0 15.255.255.255 ANY
Cisco Express Forwarding (CEF)
Secure Shell (SSH)
Generic Routing Encapsulation (GRE)
ACL to block IP multicast
29. Broadcast
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
30. Command used to disable the ICMP message Address Mask Reply
Inside Local Address
no service udp-small-servers
no ip mask-reply
TCP/UDP Chargen Vulnerability
31. Ip access-list <standard | extended> name - permit TCP any any established
Tunnel Mode
Requirements for Reflexive TCP to be removed
IP Source Routing Vulnerabilities
Named ACL Format
32. What Local and Global refer to in NAT
Networks
Established Line
Privilege Level 15
HTTP Tunneling
33. Data link layer protocol used for tunneling network traffic between two peers over an existing network - often used with IPsec to secure packets
Dynamic NAT
Core Layer
Privilege Level 1
Layer 2 Tunneling Protocol (L2TP)
34. 0x32 - or 50
IP Unreachable Vulnerabilities
ESP Identifier
General Format of Cisco IOS Version
Authentication Header (AH)
35. Layer 7
Eavesdropping and Information Theft
HTTP Operating Layer
no ip unreachable
Higher IP Extended ACL Range
36. Two - one Inbound or Evaluated and one Outbound or Reflected
Session Hijacking
Minimum ACLs Required for Reflexive ACLs
TCP Intercept Watch Mode
TCP/UDP Echo Vulnerability
37. Layer 7
no cdp run
Three Physical Security Vulnerabilities
AUX Vulnerability
SSH Operating Layer
38. Smurf attacks - can enumerate the network
SSH Operating Layer
L2TP Operating Layer
IP Direct Broadcast Vulnerabilties
Outside
39. When one network protocol called the payload protocol is encapsulated within a different delivery network - or provide a secure path through an untrusted network
Unauthorized Access
Overloading
Tunneling
SNMP
40. The environment - catastrophic events an unauthorized access
NTP Vulnerabilities
Network Address Translation (NAT)
CDP Vulnerabilities
Three Physical Security Vulnerabilities
41. Block spoofed IP packets - block loopback packets - block IP multicast if unused - block ICMP redirects - Block telnet if not used
IP Unreachable Vulnerabilities
Minimum ACLs Required for Reflexive ACLs
Syntax for Reflexive ACLs
Common uses of Access Lists
42. Rewrites the and/or destination IP address of IP packets as they pass through a router or firewall from private to public addresses
Proxy ARP
Extended IP ACLs
Network Address Translation (NAT)
Authenticating Peers
43. Can discover vulnerabilities - network stats - and firewall discovery
Core Layer
First Part of IOS Version
Tunnel Mode
IP Unreachable Vulnerabilities
44. What Tunnel Mode is used for
Network-to-Network Communications
NTP Vulnerabilities
Named ACL
ACL to block spoofed IPs
45. Plaintext
Telnet - HTTP - SNMP Vulnerability
BOOTP
Two Protocols of Tunnel Mode
Two Modes of IPSec
46. Privilege level that is restricted to basic level operations
First Part of IOS Version
Privilege Level 1
Common uses of Access Lists
Smurf Attack
47. Mode where only the payload of the IP packet is encrypted and/or authenticated
Transport Mode
Privilege Level 15
ACL to block a Smurf Attack or Fraggle Attack
ACL to block incoming loopback packets
48. Enterprise
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
49. Also known as Configuration Auto-Loading - allows routers to load their startup configuration from the network
Outside Global Address
HTTP Identifier
no ip finger - no service finger
Boot Network
50. Interim Build Number
SSH Operating Layer
Unauthorized Access
TLS/SSL Layer
Fourth Part of the IOS Version
