SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Transport and Tunnel
Proxy ARP
Two Modes of IPSec
SSH
Proxy ARP Vulnerabilities
2. TCP and UDP Port 161
ACL to block telnet
SNMP
SNMP Trap
Authenticating Peers
3. Uses SSL port 443
Requirements for Reflexive TCP to be removed
HTTPS Strength
no ip redirect
Sixth (Optional) Part of the IOS Version
4. When one network protocol called the payload protocol is encapsulated within a different delivery network - or provide a secure path through an untrusted network
Tunneling
no ip mask-reply
Extended ACL format
Sixth (Optional) Part of the IOS Version
5. What Local and Global refer to in NAT
HTTPS Strength
Denial of Service (DoS)
Networks
BOOTP Vulnerabilities
6. Protocol used to keep their time-of-day clocks accurate and in sync
Finger Vulnerabilities
Fourth Part of the IOS Version
no service udp-small-servers
Network Time Protocol (NTP)
7. Ip access-list <standard | extended> name - permit TCP any any established
Train Identifier 'B'
syslog
Integrity Validation
Named ACL Format
8. A method of bypassing firewall or proxy restrictions by making the firewall think that it is getting traffic from a web browser
ACL to block TCP SYN Attack
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
HTTP Tunneling
HTTP Operating Layer
9. TCP Port 80
TCP/UDP Daytime Vulnerability
inger Server
HTTP Identifier
Train Identifier 'T'
10. DENY TCP ANY HOST <IP Address> EQ 23
Boot Network Vulnerabilities
SNMP Trap
ACL to block telnet
Train Identifier 'S'
11. None - uses attach application protocol's layer
SSH1
Minimum ACLs Required for Reflexive ACLs
TLS/SSL Layer
Inside
12. UDP Port 514
TCP/UDP Chargen Vulnerability
Core Layer
syslog
Denial of Service (DoS)
13. Layer 5
Secure Shell (SSH)
Outside Local Address
L2TP Operating Layer
SSH Identifier
14. Routing mode depended on by uRPF in order to function
Cisco Express Forwarding (CEF)
TCP/UDP Echo Vulnerability
Proxy ARP Vulnerabilities
SSH Operating Layer
15. Minor Version
Privilege Level 0
Lower IP Standard ACL Range
Privilege Level 15
Second Part of IOS Version
16. Cisco default tunneling protocol that uses multicast addressing without encryption and is designed to encapsulate a wide variety of network layer packets inside IP tunneling packets
Host-to-Host Communications
Generic Routing Encapsulation (GRE)
no service udp-small-servers
Network Time Protocol (NTP)
17. Tunnel Mode Protocol provides confidentiality - along with authentication and integrity protection with encryption
Unicast Reverse-Path Forwarding (uRPF)
GRE Operating Layer
ACL to block telnet
Encapsulation Security Payload (ESP)
18. Access - Distribution - Core
Boot Network
Distribution Layer
Three Layers of Hierarchical Model
Extended ACL format
19. PERMIT TCP ANY ANY ESTABLISHED
ACL to block IP multicast
Named ACL Format
Unauthorized Access
ACL to block TCP SYN Attack
20. None - uses attached application protocol's port
Network-to-Network Communications
TLS/SSL Identifier
Masquerading
Extended IP ACLs
21. TCP only - used to filter inbound traffic while allowing return TCP sessions - can be spoofed by attackers and cannot be used with Active FTP
Train Identifier 'B'
IP Mask Reply Vulnerabilities
SSH Operating Layer
Established Line
22. Startup-config can be deleted - copied - changed
Boot Network Vulnerabilities
Host-to-Host Communications
Three Layers of Hierarchical Model
Route Injection Attack
23. ESP - SSH - SSL/TLP
Integrity Validation
Encrypted Tunneling Methods
Tunnel Mode
DNS Lookup Vulnerability
24. Privilege level that has Global administration capabilities
Train Idenifier 'E'
Privilege Level 15
Extended ACL format
SNMP
25. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet
IP Spoofing
Fourth Part of the IOS Version
GRE Identifier
Lower IP Extended ACL Range
26. Router to Router Denial of Service
Networks
Boot Network
TCP/UDP Echo Vulnerability
HTTP Operating Layer
27. Layer 7
Rerouting
Network Time Protocol (NTP)
Privilege Level 15
HTTP Operating Layer
28. Proprietary - used by Cisco routers and switches use to identify each other on LAN and WAN segments
Privilege Level 0
Cisco Discovery Protocol (CDP)
Boot Network Vulnerabilities
inger Server
29. Broadcast
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
30. An extension of static mapping which allows for one global address to be mapped to multiple inside addresses; can be used for websites with multiple back end servers
Three Physical Security Vulnerabilities
TCP Load Distribution
L2TP Identifier
Authentication Header (AH)
31. Cryptographic protocols that provide secure communications on the Internet for such thing as WWW - email - faxing - IM - and other data transfers
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
IP Unreachable Vulnerabilities
Outside Global Address
Layer 2 Tunneling Protocol (L2TP)
32. What Tunnel Mode is used for
Two Types of Router Access
Proxy ARP
TLS/SSL Layer
Network-to-Network Communications
33. UDP Port 1701
TCP/UDP Chargen Vulnerability
Privilege Level 0
L2TP Identifier
no ip http server
34. Two - one Inbound or Evaluated and one Outbound or Reflected
SNMP
Minimum ACLs Required for Reflexive ACLs
GRE Identifier
inger Server
35. This layer controls user and workgroup acess to the Internetwork resources at the local level using segmentation of networks to create separate collision domains - AKA an organization's trusted network
Route Injection Attack
Access Layer
TCP Intercept Watch Mode
no cdp run
36. Command to disable TCP small server on a router
Unauthorized Access
Boot Network Vulnerabilities
no service tcp-small-servers
ESP Operating Layer
37. Software that blocks packets from unreachable hosts - thus allowing only reachable external hosts to initiate connections to a host on an internal network
Train Identifier 'S'
SSH1
TCP Intercept
no ip finger - no service finger
38. 2000-2699
Inside Local Address
Flags used by Established Line
DNS Lookup Vulnerability
Lower IP Extended ACL Range
39. Permits a host on one LAN segment to initiate a physical broadcast on a different LAN segment
IP Directed Broadcast
Cisco Discovery Protocol (CDP)
Smurf Attack
Higher IP Standard ACL Range
40. Command used to disable HTTP Server
Three Physical Security Vulnerabilities
no ip http server
TLS/SSL Identifier
AUX Vulnerability
41. Command to disable BOOTP Server
no ip bootp server
Network Time Protocol (NTP)
Third Part of the IOS Version
TLS/SSL Layer
42. Ip accesslist extended <name1> - permit IP any any reflect <filename> - ip accesslist extended <name2> - evaluate <filename> - int f0/0 - ip access-group <name1> out - ip access-group <name2> in
Outside Global Address
Reflexive ACL
Syntax for Reflexive ACLs
ACL to block incoming loopback packets
43. The communication layer between the two other layers and provides network security - including ACLs - firewalls - any general public access servers and address translation; also known as the isolation LAN or DMZ
BOOTP
Extended ACL format
Distribution Layer
Tunneling
44. Allows for a one-to-one translation of local to global addresses; used by web servers and mail servers so that users can connect to them via their global address
Static NAT
Overloading
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
no ip bootp server
45. When a router acts as an intermediary for ARP queries on selected interfaces and enabling transparent access between multiple LAN segments
Smurf Attack
Proxy ARP
Dynamic NAT
Local Addresses
46. Plaintext
Finger Vulnerabilities
Integrity Validation
Telnet - HTTP - SNMP Vulnerability
Inside Global Address
47. DENY IP ANY HOST <Broadcast Address>
Uses for ACLs
Privilege Level 1
ACL to block a Smurf Attack or Fraggle Attack
Three Layers of Hierarchical Model
48. Attack that involves sending a large amount of ICMP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet
Smurf Attack
Sixth (Optional) Part of the IOS Version
Anti-Replay
Route Injection Attack
49. Rebuild Number
Sixth (Optional) Part of the IOS Version
GRE Operating Layer
IP Unreachable Vulnerabilities
Higher IP Extended ACL Range
50. No Known Vulnerability
Route Injection Attack
Standard IP ACLs
Fifth Part of the IOS Version
TCP/UDP Discard Vulnerability