SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Tunnel Mode Protocol provides integrity - authentication - and non-repudiation and operates directly on top of IP
Authentication Header (AH)
User Account Vulnerabilites
SSH
Fourth Part of the IOS Version
2. Command to disable UDP small server on a router
SSH Identifier
no service udp-small-servers
Syntax for Reflexive ACLs
Named ACL
3. Router threat that includes manipulating router updates to cause traffic to flow to unauthorized destinations
Network-to-Network Communications
Cisco Discovery Protocol (CDP)
Privilege Level 1
Route Injection Attack
4. 0x33 or 51
IPSec AH Identifier
Two Types of Router Access
TCP/UDP Echo Vulnerability
ACL to block IP multicast
5. Access-list <number <deny | permit> source source-wildcard source-qualifier destination dest-wildcard dest-qualifier <log | log-input>
Third Part of the IOS Version
Extended ACL format
Privilege Level 0
Devices
6. Router threat that refers to willful attempts to cause such disruptions by overwhelming the targeted system with improperly formatted traffic
BOOTP
Train Identifier 'T'
Denial of Service (DoS)
Standard ACL format
7. Allows for a one-to-one translation of local to global addresses; used by web servers and mail servers so that users can connect to them via their global address
Network Time Protocol (NTP)
Static NAT
DNS Lookup Vulnerability
TCP/UDP Echo Vulnerability
8. Layer 5
Unauthorized Access
L2TP Operating Layer
IP Source Routing
Dynamic NAT
9. Commands to disable Finger Server
Secure Shell (SSH)
no ip finger - no service finger
Network-to-Network Communications
login local
10. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet
Established Line
Tunneling
IP Spoofing
HTTP Operating Layer
11. Refers to the organization's private network
Global Addresses
Cisco Express Forwarding (CEF)
Internet Protocol Security (IPSec)
Inside
12. Transport and Tunnel
Reflexive ACL
Two Modes of IPSec
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
ACL to block a Smurf Attack or Fraggle Attack
13. TCP Port 80
Internet Protocol Security (IPSec)
HTTP Identifier
TCP SYN Attack
no ip redirect
14. Protects against repeating of secure sessions
Anti-Replay
uRPF Strength
IP Mask Reply Vulnerabilities
Networks
15. Mode where only the payload of the IP packet is encrypted and/or authenticated
Transport Mode
Train Identifier 'B'
ACL to block IP multicast
Encrypted Tunneling Methods
16. 2000-2699
TLS/SSL Layer
ESP Identifier
Lower IP Extended ACL Range
HTTP Identifier
17. Top of the hierarchy - responsible for transporting large amounts of traffic both reliably and quickly and switching traffic as fast as possible throughout the internet
GRE Identifier
Fourth Part of the IOS Version
SSH2
Core Layer
18. Buffer Overflow
ACL to block spoofed IPs
echo - chargen - discard - daytime
AUX Vulnerability
TCP/UDP Chargen Vulnerability
19. Release Number
Telnet - HTTP - SNMP Vulnerability
Network-to-Network Communications
ESP Operating Layer
Third Part of the IOS Version
20. TCP and UDP Port 162
SNMP Trap
Outside Global Address
HTTP Operating Layer
Three Layers of Hierarchical Model
21. This layer controls user and workgroup acess to the Internetwork resources at the local level using segmentation of networks to create separate collision domains - AKA an organization's trusted network
Access Layer
BOOTP Vulnerabilities
Fraggle Attack
Reflexive ACL
22. Access-list <number> <deny | permit> source source-wildcard log
Standard ACL format
Two Modes of IPSec
Internet Protocol Security (IPSec)
Layer 2 Tunneling Protocol (L2TP)
23. 0-99
Outside Local Address
Lower IP Standard ACL Range
Three Layers of Hierarchical Model
Minimum ACLs Required for Reflexive ACLs
24. Command to disable BOOTP Server
no ip bootp server
Higher IP Standard ACL Range
Third Part of the IOS Version
GRE Identifier
25. A suite of protocols for securing Internet Protocol communications by authenticating and/or encrypting each IP packet in a data stream
L2TP Operating Layer
Network-to-Network Communications
ACL to block telnet
Internet Protocol Security (IPSec)
26. Privilege level that restricts users to five commands (enable - disable - exit - help quit)
Privilege Level 0
Extended IP ACLs
GRE Operating Layer
HTTP Tunneling
27. Router threat where access by an entity or individual other than authorized users
inger Server
Unauthorized Access
Telnet - HTTP - SNMP Vulnerability
Established Line
28. Four TCP/UDP Small Server commands recommended to disable
HTTP Identifier
Access List Rules
Unauthorized Access
echo - chargen - discard - daytime
29. What Transport Mode is used for
Two Types of Router Access
Standard ACL format
Tunnel Mode
Host-to-Host Communications
30. Attack that involves transmitting a volume of connections that cannot be completed at the destination - causing the queue to fill up and denying service to legitimate user
HTTPS Strength
TCP SYN Attack
ntp disable
Cisco Express Forwarding (CEF)
31. Allows the source IP host to specify a route through the IP network
Access List Rules
HTTP Tunneling
IP Source Routing
no cdp run
32. Router threat that involves a hacker inserting a spoofed TCP/IP packet into a stream - thereby enabling commands to be executed on the remote host
Outside
Session Hijacking
Cisco Express Forwarding (CEF)
SSH
33. Local IP address before translation
inger Server
Inside Local Address
TCP Intercept Watch Mode
NTP Vulnerabilities
34. DENY IP HOST <Inbound IP Address> HOST <Inbound IP Address>
TCP Intercept Watch Mode
ACL to block a Land Attack
Named ACL Format
First Part of IOS Version
35. Routing mode depended on by uRPF in order to function
Secure Shell (SSH)
Cisco Express Forwarding (CEF)
Train Identifier 'T'
IPSec AH Operating Layer
36. PERMIT TCP ANY ANY ESTABLISHED
ACL to block TCP SYN Attack
TCP Load Distribution
Sixth (Optional) Part of the IOS Version
TCP/UDP Discard Vulnerability
37. Device - Hostname - IOS - IP Address - Ports - Model
Cisco Express Forwarding (CEF)
Eavesdropping and Information Theft
CDP Vulnerabilities
Outside Local Address
38. What Inside and Outside refer to in NAT
Global Addresses
Devices
Lower IP Standard ACL Range
IP Direct Broadcast Vulnerabilties
39. Broadcast
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
40. Two - one Inbound or Evaluated and one Outbound or Reflected
Minimum ACLs Required for Reflexive ACLs
Boot Network Vulnerabilities
no ip unreachable
Denial of Service (DoS)
41. Software that passively monitors the connection requests flowing through the router; if a connection fails - the software sends a Reset to the server to clear up its state
Route Injection Attack
TCP Intercept Watch Mode
Cisco Express Forwarding (CEF)
Outside Local Address
42. ESP - SSH - SSL/TLP
Dynamic NAT
Proxy ARP
Encrypted Tunneling Methods
uRPF Strength
43. Release Train Identifier
Fifth Part of the IOS Version
Rerouting
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
SSH Identifier
44. War dialing
AUX Vulnerability
Telnet - HTTP - SNMP Vulnerability
SSH2
Uses for ACLs
45. The communication layer between the two other layers and provides network security - including ACLs - firewalls - any general public access servers and address translation; also known as the isolation LAN or DMZ
BOOTP
Boot Network Vulnerabilities
Distribution Layer
Boot Network
46. Privilege level that has Global administration capabilities
Privilege Level 15
Minimum ACLs Required for Reflexive ACLs
Host-to-Host Communications
Higher IP Extended ACL Range
47. Attack that involves sending a large amount of ICMP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet
no service tcp-small-servers
Smurf Attack
ESP Operating Layer
IP Direct Broadcast Vulnerabilties
48. Datagram protocol used by some hosts to load their operating system over the network via a central repository of IOS software
Privilege Levels 2-13
BOOTP
Inside Global Address
no ip mask-reply
49. 2000-2699
Local Addresses
Higher IP Extended ACL Range
Transport Mode
Fourth Part of the IOS Version
50. Forces the user to enter both a valid username and password
Eavesdropping and Information Theft
login local
Proxy ARP Vulnerabilities
Higher IP Standard ACL Range
