SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Plaintext
Named ACL
Telnet - HTTP - SNMP Vulnerability
Tunneling
ESP Operating Layer
2. What Tunnel Mode is used for
Second Part of IOS Version
Privilege Levels 2-13
Network-to-Network Communications
Networks
3. The communication layer between the two other layers and provides network security - including ACLs - firewalls - any general public access servers and address translation; also known as the isolation LAN or DMZ
SSH
TCP/UDP Daytime Vulnerability
Distributed Denial of Service Attacks
Distribution Layer
4. Public IP address before translation
Outside Local Address
Devices
IPSec AH Identifier
ntp disable
5. 1300-1999
Higher IP Standard ACL Range
TCP SYN Attack
Overloading
Inside
6. Protocol used to keep their time-of-day clocks accurate and in sync
Network Time Protocol (NTP)
SSH
Inside Local Address
TCP Intercept
7. Can copy - poison - corrupt - or delete the IOS
BOOTP Vulnerabilities
Third Part of the IOS Version
Two Modes of IPSec
Lower IP Extended ACL Range
8. Router to Router Denial of Service
Boot Network
ESP Operating Layer
Denial of Service (DoS)
TCP/UDP Echo Vulnerability
9. Smurf attacks - can enumerate the network
IP Source Routing Vulnerabilities
L2TP Identifier
IP Direct Broadcast Vulnerabilties
HTTP Tunneling
10. Privilege level that is restricted to basic level operations
SSH
IP Unreachable Vulnerabilities
Privilege Level 1
BOOTP Vulnerabilities
11. Data link layer protocol used for tunneling network traffic between two peers over an existing network - often used with IPsec to secure packets
Named ACL
Layer 2 Tunneling Protocol (L2TP)
Requirements for Reflexive TCP to be removed
TCP/UDP Echo Vulnerability
12. Ip access-list <standard | extended> name - permit TCP any any established
TCP Intercept
Finger Vulnerabilities
Boot Network
Named ACL Format
13. Attack that involves sending a large amount of ICMP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet
Smurf Attack
BOOTP Vulnerabilities
ACL to block telnet
Privilege Level 15
14. Layer 7
Sixth (Optional) Part of the IOS Version
no ip finger - no service finger
Anti-Replay
HTTP Operating Layer
15. What Inside and Outside refer to in NAT
Cisco Express Forwarding (CEF)
SSH
Devices
Reflexive ACL
16. Router threat that refers to willful attempts to cause such disruptions by overwhelming the targeted system with improperly formatted traffic
Denial of Service (DoS)
Authentication Header (AH)
Secure Shell (SSH)
Dynamic NAT
17. 0x2F - or 47
Layer 2 Tunneling Protocol (L2TP)
HTTP Tunneling
GRE Identifier
TCP/UDP Echo Vulnerability
18. Transport and Tunnel
HTTPS Strength
IPSec AH Operating Layer
Two Modes of IPSec
Encrypting Traffic
19. Protects against repeating of secure sessions
Higher IP Extended ACL Range
no ip bootp server
Anti-Replay
ntp disable
20. Attack that involves a multitude of compromised system attack a single target - denying service to it by exploiting one 'master' system that communicates with other 'zombie' systems
Distributed Denial of Service Attacks
SSH Identifier
uRPF Strength
GRE Identifier
21. Refers to the addresses on the public internet
Syntax for Reflexive ACLs
Outside
Uses for ACLs
Common uses of Access Lists
22. Attack that involves transmitting a volume of connections that cannot be completed at the destination - causing the queue to fill up and denying service to legitimate user
TCP SYN Attack
no ip unreachable
HTTPS Strength
Requirements for Reflexive TCP to be removed
23. Provides confidentiality - so it cannot be read by unauthorized parties
Rerouting
Encrypting Traffic
Denial of Service (DoS)
ACL to block TCP SYN Attack
24. TCP and UDP Port 161
Transport Mode
SNMP
Second Part of IOS Version
Static NAT
25. Command used to disable the ICMP message Address Mask Reply
ACL to block spoofed IPs
ntp disable
SNMP Vulnerabilities
no ip mask-reply
26. Uses server and host keys to authenticate systems
Tunneling
Overloading
SSH1
no ip http server
27. Top of the hierarchy - responsible for transporting large amounts of traffic both reliably and quickly and switching traffic as fast as possible throughout the internet
Land Attack
Access List Rules
Access Layer
Core Layer
28. Allows the source IP host to specify a route through the IP network
NTP Vulnerabilities
IP Source Routing
Smurf Attack
TCP/UDP Daytime Vulnerability
29. These ACLs filter by network or host IP address and only filter on source
Network Time Protocol (NTP)
BOOTP Vulnerabilities
Standard IP ACLs
Smurf Attack
30. Refers to addresses used on the organization's private network
Encrypting Traffic
IP Spoofing
Local Addresses
TCP Intercept Watch Mode
31. Permits a host on one LAN segment to initiate a physical broadcast on a different LAN segment
IP Directed Broadcast
Lower IP Standard ACL Range
Fraggle Attack
Lower IP Extended ACL Range
32. When a router acts as an intermediary for ARP queries on selected interfaces and enabling transparent access between multiple LAN segments
ACL to block TCP SYN Attack
AUX Vulnerability
Proxy ARP
Core Layer
33. Rebuild Number
TCP/UDP Discard Vulnerability
Smurf Attack
Sixth (Optional) Part of the IOS Version
no ip unreachable
34. Technology
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
35. Mode where only the payload of the IP packet is encrypted and/or authenticated
Smurf Attack
Transport Mode
Inside Global Address
Access List Rules
36. 0x33 or 51
IPSec AH Identifier
Authenticating Peers
Privilege Level 0
ACL to block IP multicast
37. Command used to disable NTP on an interface
ntp disable
Flags used by Established Line
Finger Vulnerabilities
Network-to-Network Communications
38. Access - Distribution - Core
IP Source Routing
Three Layers of Hierarchical Model
Fraggle Attack
Dynamic NAT
39. Uses SSL port 443
IP Directed Broadcast
Established Line
HTTPS Strength
Cisco Discovery Protocol (CDP)
40. None - uses attach application protocol's layer
User Account Vulnerabilites
Integrity Validation
TLS/SSL Layer
Outside
41. 33400-34400
Layer 2 Tunneling Protocol (L2TP)
UDP Traceroute Port Range
Route Injection Attack
ACL to block TCP SYN Attack
42. Can stop spoofed IP addresses
Layer 2 Tunneling Protocol (L2TP)
Overloading
uRPF Strength
TCP/UDP Discard Vulnerability
43. DENY IP 224.0.0.0 15.255.255.255 ANY
Access List Rules
Smurf Attack
GRE Operating Layer
ACL to block IP multicast
44. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet
IP Spoofing
IPSec AH Operating Layer
TCP SYN Attack
no service tcp-small-servers
45. Datagram protocol used by some hosts to load their operating system over the network via a central repository of IOS software
Higher IP Extended ACL Range
TCP Load Distribution
BOOTP
Privilege Level 15
46. Traffic is passed in plaintext
TCP/UDP Daytime Vulnerability
SSH Identifier
HTTP Vulnerability
Common uses of Access Lists
47. Proprietary - used by Cisco routers and switches use to identify each other on LAN and WAN segments
Cisco Discovery Protocol (CDP)
Third Part of the IOS Version
L2TP Identifier
Lower IP Standard ACL Range
48. Broadcast
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
49. Commands to disable Finger Server
SSH2
Requirements for Reflexive TCP to be removed
no ip finger - no service finger
General Format of Cisco IOS Version
50. A method of bypassing firewall or proxy restrictions by making the firewall think that it is getting traffic from a web browser
Lower IP Standard ACL Range
HTTP Tunneling
SSH
Tunnel Mode
