SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Layer 7
no ip mask-reply
Train Identifier 'B'
HTTP Operating Layer
Secure Shell (SSH)
2. Authentication Header (AH) and Encapsulated Security Payload (ESP)
Two Protocols of Tunnel Mode
Internet Protocol Security (IPSec)
Network-to-Network Communications
Train Identifier 'S'
3. Minor Version
Telnet - HTTP - SNMP Vulnerability
Higher IP Extended ACL Range
Second Part of IOS Version
TCP Intercept Watch Mode
4. Uses only host keys to authenticate systems
Proxy ARP Vulnerabilities
SSH2
TCP Load Distribution
IPSec AH Identifier
5. DENY IP HOST <Inbound IP Address> HOST <Inbound IP Address>
IP Directed Broadcast
no ip mask-reply
CDP Vulnerabilities
ACL to block a Land Attack
6. Router threat that involves the unauthorized viewing and collection of network traffic; usually accomplished with a packet sniffing program
Privilege Levels 2-13
Telnet - HTTP - SNMP Vulnerability
Boot Network
Eavesdropping and Information Theft
7. Lists interfaces - routing table - ARP table - physical and network addresses - time last booted
Telnet - HTTP - SNMP Vulnerability
ACL to block spoofed IPs
Networks
SNMP Vulnerabilities
8. Major Version - Minor Version - Release - Interim Build - Release Train Identifier
Transport Mode
General Format of Cisco IOS Version
BOOTP Vulnerabilities
Finger Vulnerabilities
9. Interim Build Number
Integrity Validation
Encrypted Tunneling Methods
Reflexive ACL
Fourth Part of the IOS Version
10. These ACLs filter by network or host IP address and only filter on source
Train Identifier 'T'
Tunnel Mode
ACL to block a Land Attack
Standard IP ACLs
11. Translates multiple local addresses to a pool of global addresses by having the firewall select the first available global address; retains the global address for the duration of the connection
SNMP
Dynamic NAT
no ip http server
Boot Network
12. 0-99
Lower IP Standard ACL Range
Network-to-Network Communications
Land Attack
no ip mask-reply
13. The host can specify which route to take - which bypasses security
Authenticating Peers
Static NAT
IP Source Routing Vulnerabilities
Generic Routing Encapsulation (GRE)
14. Cryptographic protocols that provide secure communications on the Internet for such thing as WWW - email - faxing - IM - and other data transfers
no service tcp-small-servers
Requirements for Reflexive TCP to be removed
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
IP Direct Broadcast Vulnerabilties
15. Routing mode depended on by uRPF in order to function
Smurf Attack
Cisco Express Forwarding (CEF)
ESP Identifier
Higher IP Extended ACL Range
16. Access-list <number <deny | permit> source source-wildcard source-qualifier destination dest-wildcard dest-qualifier <log | log-input>
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
Network-to-Network Communications
SNMP Trap
Extended ACL format
17. Refers to the organization's private network
L2TP Operating Layer
Inside
L2TP Identifier
Fourth Part of the IOS Version
18. Command used to disable HTTP Server
IPSec AH Identifier
SSH2
Overloading
no ip http server
19. 0x33 or 51
Outside Global Address
login local
IPSec AH Identifier
Anti-Replay
20. Startup-config can be deleted - copied - changed
Lower IP Standard ACL Range
Syntax for Reflexive ACLs
Boot Network Vulnerabilities
NTP Vulnerabilities
21. Buffer Overflow
BOOTP
IP Mask Reply Vulnerabilities
TCP/UDP Chargen Vulnerability
SSH2
22. Command to disable UDP small server on a router
no cdp run
Telnet - HTTP - SNMP Vulnerability
no service udp-small-servers
Proxy ARP Vulnerabilities
23. TCP and UDP Port 161
Two Modes of IPSec
Transport Mode
Lower IP Extended ACL Range
SNMP
24. Uses server and host keys to authenticate systems
Authenticating Peers
SSH1
Encapsulation Security Payload (ESP)
no ip mask-reply
25. War dialing
AUX Vulnerability
Inside Local Address
Transport Mode
ACL to block incoming loopback packets
26. Router threat that includes manipulating router updates to cause traffic to flow to unauthorized destinations
Fifth Part of the IOS Version
Route Injection Attack
Authenticating Peers
ntp disable
27. Protocol used to keep their time-of-day clocks accurate and in sync
First Part of IOS Version
Network Time Protocol (NTP)
IPSec AH Identifier
no ip redirect
28. Command used to disable the ICMP message Redirect
Standard IP ACLs
no ip redirect
Higher IP Standard ACL Range
Telnet - HTTP - SNMP Vulnerability
29. Layer 3
Minimum ACLs Required for Reflexive ACLs
SSH
L2TP Operating Layer
IPSec AH Operating Layer
30. ESP - SSH - SSL/TLP
Encrypted Tunneling Methods
GRE Identifier
no ip finger - no service finger
ESP Identifier
31. Accounts without passwords - Type 7 encryption - account privilege higher than 1 - able to be fingered
User Account Vulnerabilites
Two Modes of IPSec
NTP Vulnerabilities
Finger Vulnerabilities
32. Proprietary - used by Cisco routers and switches use to identify each other on LAN and WAN segments
Higher IP Extended ACL Range
HTTP Tunneling
Encrypted Tunneling Methods
Cisco Discovery Protocol (CDP)
33. Service Provider
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
34. Refers to addresses used on the organization's private network
Authenticating Peers
Local Addresses
Distribution Layer
Static NAT
35. Transport and Tunnel
Inside
Two Modes of IPSec
Denial of Service (DoS)
SNMP Trap
36. Provides a checksum - ensuring traffic has not been modified along it's path
Generic Routing Encapsulation (GRE)
Devices
Network-to-Network Communications
Integrity Validation
37. None - uses attached application protocol's port
NTP Vulnerabilities
Rerouting
Network Time Protocol (NTP)
TLS/SSL Identifier
38. Public IP address before translation
Outside Local Address
Privilege Level 0
Higher IP Standard ACL Range
Secure Shell (SSH)
39. Release Number
ACL to block IP multicast
Networks
Third Part of the IOS Version
Encapsulation Security Payload (ESP)
40. Data link layer protocol used for tunneling network traffic between two peers over an existing network - often used with IPsec to secure packets
ESP Operating Layer
IP Direct Broadcast Vulnerabilties
echo - chargen - discard - daytime
Layer 2 Tunneling Protocol (L2TP)
41. Time can be changed - Routing Table can be killed
Boot Network Vulnerabilities
no cdp run
NTP Vulnerabilities
Inside
42. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet
Lower IP Extended ACL Range
IP Spoofing
uRPF Strength
echo - chargen - discard - daytime
43. Provides nonrepudiation - ensuring that traffic is from a trusted party
no ip finger - no service finger
Tunneling
Authenticating Peers
User Account Vulnerabilites
44. Cisco default tunneling protocol that uses multicast addressing without encryption and is designed to encapsulate a wide variety of network layer packets inside IP tunneling packets
Generic Routing Encapsulation (GRE)
TCP/UDP Echo Vulnerability
SNMP
Route Injection Attack
45. TCP Port 22
IP Directed Broadcast
GRE Identifier
SSH Identifier
Devices
46. Allows packets to be filtered based on upper-layer session information - only uses extended temporary ACL's and must be named - applied on border routers
ESP Operating Layer
no ip http server
Reflexive ACL
Flags used by Established Line
47. An extension of static mapping which allows for one global address to be mapped to multiple inside addresses; can be used for websites with multiple back end servers
TCP Load Distribution
Finger Vulnerabilities
IPSec AH Identifier
Privilege Level 0
48. No Known Vulnerability
TCP Load Distribution
ESP Operating Layer
TCP/UDP Discard Vulnerability
General Format of Cisco IOS Version
49. Mode where only the payload of the IP packet is encrypted and/or authenticated
IP Source Routing
Denial of Service (DoS)
Train Identifier 'T'
Transport Mode
50. 0x2F - or 47
L2TP Identifier
Uses for ACLs
IP Source Routing
GRE Identifier
