SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. ESP - SSH - SSL/TLP
Three Layers of Hierarchical Model
Cisco Discovery Protocol (CDP)
IP Directed Broadcast
Encrypted Tunneling Methods
2. Attack that involves a multitude of compromised system attack a single target - denying service to it by exploiting one 'master' system that communicates with other 'zombie' systems
Access Layer
Distributed Denial of Service Attacks
Higher IP Extended ACL Range
Syntax for Reflexive ACLs
3. Permits a host on one LAN segment to initiate a physical broadcast on a different LAN segment
IP Direct Broadcast Vulnerabilties
IP Directed Broadcast
Syntax for Reflexive ACLs
Unauthorized Access
4. Data link layer protocol used for tunneling network traffic between two peers over an existing network - often used with IPsec to secure packets
Tunneling
inger Server
Layer 2 Tunneling Protocol (L2TP)
ACL to block a Land Attack
5. What Inside and Outside refer to in NAT
Network Time Protocol (NTP)
Unicast Reverse-Path Forwarding (uRPF)
Dynamic NAT
Devices
6. Rewrites the and/or destination IP address of IP packets as they pass through a router or firewall from private to public addresses
Privilege Level 15
Network Address Translation (NAT)
Uses for ACLs
Core Layer
7. Protocol used to keep their time-of-day clocks accurate and in sync
Network Time Protocol (NTP)
ACL to block spoofed IPs
Reflexive ACL
Transport Mode
8. What Local and Global refer to in NAT
Named ACL Format
Train Identifier 'T'
GRE Operating Layer
Networks
9. Uses only host keys to authenticate systems
SSH2
Eavesdropping and Information Theft
Global Addresses
no ip redirect
10. 2000-2699
Higher IP Extended ACL Range
First Part of IOS Version
L2TP Operating Layer
IP Unreachable Vulnerabilities
11. Command used to disable the ICMP message Redirect
no ip redirect
Named ACL Format
Established Line
ACL to block TCP SYN Attack
12. Enterprise
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
13. TCP and UDP Port 162
Reflexive ACL
SNMP Trap
Access Layer
Finger Vulnerabilities
14. Attack that involves sending a packet to the router with the same IP address in the source and destination address fields - as well as the same port number in the source and destination port field - causing a denial of service
AUX Vulnerability
Land Attack
Network Address Translation (NAT)
Distributed Denial of Service Attacks
15. The environment - catastrophic events an unauthorized access
Three Physical Security Vulnerabilities
IPSec AH Operating Layer
Fifth Part of the IOS Version
Lower IP Extended ACL Range
16. Command to disable UDP small server on a router
inger Server
echo - chargen - discard - daytime
ACL to block incoming loopback packets
no service udp-small-servers
17. Service Provider
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
18. Protects against repeating of secure sessions
no ip redirect
Anti-Replay
Lower IP Extended ACL Range
ACL to block telnet
19. TCP Port 80
SSH Identifier
SSH
HTTP Identifier
Fifth Part of the IOS Version
20. This server is used for querying a host about its logged in users
Privilege Level 1
TLS/SSL Layer
Lower IP Extended ACL Range
inger Server
21. Attack that involves transmitting a volume of connections that cannot be completed at the destination - causing the queue to fill up and denying service to legitimate user
TLS/SSL Identifier
TCP SYN Attack
GRE Operating Layer
Train Identifier 'T'
22. Helps to mitigate problems that are caused by the introduction of malformed or spoofed IP source addresses into a network by discarding packets lacking a verifiable IP source address
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
Networks
IP Spoofing
Unicast Reverse-Path Forwarding (uRPF)
23. An alternative for both standard and extended ACLs that allow you to refer to an ACL by a descriptive name instead of a number
Cisco Express Forwarding (CEF)
no ip redirect
Train Identifier 'B'
Named ACL
24. A suite of protocols for securing Internet Protocol communications by authenticating and/or encrypting each IP packet in a data stream
Encrypting Traffic
Unicast Reverse-Path Forwarding (uRPF)
no service udp-small-servers
Internet Protocol Security (IPSec)
25. Plaintext
Network-to-Network Communications
Finger Vulnerabilities
Telnet - HTTP - SNMP Vulnerability
TCP/UDP Daytime Vulnerability
26. Allows for a one-to-one translation of local to global addresses; used by web servers and mail servers so that users can connect to them via their global address
TCP Intercept Watch Mode
Static NAT
Telnet - HTTP - SNMP Vulnerability
HTTP Vulnerability
27. Command used to disable the ICMP message Host Unreachable
SSH
no ip unreachable
Inside Global Address
BOOTP Vulnerabilities
28. Technology
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
29. Refers to the organization's private network
Named ACL
Inside
Outside
Lower IP Extended ACL Range
30. TCP Port 22
TCP Intercept
no service udp-small-servers
NTP Vulnerabilities
SSH Identifier
31. Ip accesslist extended <name1> - permit IP any any reflect <filename> - ip accesslist extended <name2> - evaluate <filename> - int f0/0 - ip access-group <name1> out - ip access-group <name2> in
Syntax for Reflexive ACLs
SNMP
TCP/UDP Daytime Vulnerability
Local Addresses
32. UDP Port 1701
TCP Intercept
L2TP Identifier
Fourth Part of the IOS Version
no service tcp-small-servers
33. Two - one Inbound or Evaluated and one Outbound or Reflected
NTP Vulnerabilities
SSH
DNS Lookup Vulnerability
Minimum ACLs Required for Reflexive ACLs
34. Cisco default tunneling protocol that uses multicast addressing without encryption and is designed to encapsulate a wide variety of network layer packets inside IP tunneling packets
syslog
Generic Routing Encapsulation (GRE)
Smurf Attack
ACL to block incoming loopback packets
35. Dialer List - Routing Maps - Dynamic Routing Protocols - Controlling Remote Access - NAT'ing - Traffic Filtering
Inside Local Address
TLS/SSL Layer
Uses for ACLs
inger Server
36. Minor Version
no ip mask-reply
Second Part of IOS Version
Tunneling
Smurf Attack
37. DENY TCP ANY HOST <IP Address> EQ 23
L2TP Identifier
Standard IP ACLs
Secure Shell (SSH)
ACL to block telnet
38. Layer 7
IP Source Routing Vulnerabilities
Unicast Reverse-Path Forwarding (uRPF)
HTTP Operating Layer
no ip finger - no service finger
39. Must be made at global config mode - created from CON/VTY session or text file - read top to bottom - applied at the interface and only one ACL per direction - per protocol - per interface
Session Hijacking
Outside Global Address
Access List Rules
Smurf Attack
40. DNS Poisoning
GRE Identifier
General Format of Cisco IOS Version
Fifth Part of the IOS Version
DNS Lookup Vulnerability
41. DENY IP 127.0.0.0 0.255.255.255 ANY
syslog
ACL to block incoming loopback packets
BOOTP
Secure Shell (SSH)
42. An extension of static mapping which allows for one global address to be mapped to multiple inside addresses; can be used for websites with multiple back end servers
uRPF Strength
ACL to block IP multicast
TCP Load Distribution
TCP SYN Attack
43. This layer controls user and workgroup acess to the Internetwork resources at the local level using segmentation of networks to create separate collision domains - AKA an organization's trusted network
Sixth (Optional) Part of the IOS Version
Access Layer
IP Mask Reply Vulnerabilities
NTP Vulnerabilities
44. Privilege levels that can have passwords assigned to them
Privilege Levels 2-13
no service udp-small-servers
ACL to block a Land Attack
ACL to block telnet
45. Attack that involves sending a large amount of ICMP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet
Privilege Level 1
ACL to block TCP SYN Attack
Smurf Attack
User Account Vulnerabilites
46. TCP and UDP Port 161
SNMP
Network-to-Network Communications
Distribution Layer
Tunneling
47. Public IP address before translation
Outside Local Address
ACL to block a Smurf Attack or Fraggle Attack
no service tcp-small-servers
Network Address Translation (NAT)
48. What Tunnel Mode is used for
Network-to-Network Communications
IP Spoofing
ACL to block a Land Attack
SSH Operating Layer
49. Can copy - poison - corrupt - or delete the IOS
BOOTP Vulnerabilities
ESP Identifier
Inside Global Address
Networks
50. Startup-config can be deleted - copied - changed
Boot Network Vulnerabilities
no ip http server
Two Modes of IPSec
HTTP Vulnerability
