SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Refers to addresses used on the organization's private network
Global Addresses
TCP SYN Attack
Train Identifier 'T'
Privilege Levels 2-13
2. This server is used for querying a host about its logged in users
Access List Rules
SSH
uRPF Strength
inger Server
3. These ACLs filter by network or host IP addresses andspecific protocol type or port numbers - filters by source and destination
Extended IP ACLs
Inside Local Address
TCP SYN Attack
Network-to-Network Communications
4. Helps to mitigate problems that are caused by the introduction of malformed or spoofed IP source addresses into a network by discarding packets lacking a verifiable IP source address
Smurf Attack
echo - chargen - discard - daytime
IPSec AH Identifier
Unicast Reverse-Path Forwarding (uRPF)
5. An alternative for both standard and extended ACLs that allow you to refer to an ACL by a descriptive name instead of a number
Devices
Named ACL
Network-to-Network Communications
Standard IP ACLs
6. What Local and Global refer to in NAT
Networks
no ip mask-reply
Outside
Access List Rules
7. Software that blocks packets from unreachable hosts - thus allowing only reachable external hosts to initiate connections to a host on an internal network
Minimum ACLs Required for Reflexive ACLs
IPSec AH Identifier
TCP Intercept
SNMP Vulnerabilities
8. Tunnel Mode Protocol provides confidentiality - along with authentication and integrity protection with encryption
Encapsulation Security Payload (ESP)
Train Identifier 'S'
Inside Global Address
Boot Network Vulnerabilities
9. Privilege levels that can have passwords assigned to them
echo - chargen - discard - daytime
Privilege Levels 2-13
SSH2
SSH
10. Cryptographic protocols that provide secure communications on the Internet for such thing as WWW - email - faxing - IM - and other data transfers
IP Source Routing Vulnerabilities
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
Denial of Service (DoS)
ACL to block IP multicast
11. What Tunnel Mode is used for
no ip bootp server
Train Idenifier 'E'
inger Server
Network-to-Network Communications
12. Can discover vulnerabilities - network stats - and firewall discovery
IP Unreachable Vulnerabilities
Fifth Part of the IOS Version
SSH
Three Layers of Hierarchical Model
13. Authentication Header (AH) and Encapsulated Security Payload (ESP)
Two Protocols of Tunnel Mode
Fraggle Attack
SSH Operating Layer
login local
14. Command used to disable HTTP Server
no ip http server
Session Hijacking
no cdp run
CDP Vulnerabilities
15. Geolocational positioning
IP Mask Reply Vulnerabilities
TCP/UDP Daytime Vulnerability
Anti-Replay
Uses for ACLs
16. Broadcast
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
17. Command used to disable NTP on an interface
SNMP
ntp disable
Three Physical Security Vulnerabilities
Outside
18. Traffic is passed in plaintext
Named ACL
Transport Mode
no ip bootp server
HTTP Vulnerability
19. Protocol used to keep their time-of-day clocks accurate and in sync
Network-to-Network Communications
Inside Global Address
Network Time Protocol (NTP)
SSH Identifier
20. Mode where only the payload of the IP packet is encrypted and/or authenticated
Privilege Level 0
Cisco Express Forwarding (CEF)
Global Addresses
Transport Mode
21. TCP and UDP Port 162
Distribution Layer
IP Source Routing Vulnerabilities
SNMP Trap
Fifth Part of the IOS Version
22. Time can be changed - Routing Table can be killed
login local
Access List Rules
NTP Vulnerabilities
General Format of Cisco IOS Version
23. Local and Remote
NTP Vulnerabilities
Standard ACL format
TCP Load Distribution
Two Types of Router Access
24. ESP - SSH - SSL/TLP
Transport Mode
Encrypted Tunneling Methods
Proxy ARP Vulnerabilities
ACL to block incoming loopback packets
25. 0-99
Devices
Lower IP Standard ACL Range
Network-to-Network Communications
HTTP Tunneling
26. 33400-34400
UDP Traceroute Port Range
TCP/UDP Chargen Vulnerability
no service udp-small-servers
Outside
27. TCP only - used to filter inbound traffic while allowing return TCP sessions - can be spoofed by attackers and cannot be used with Active FTP
Flags used by Established Line
Train Identifier 'S'
no ip bootp server
Established Line
28. Refers to addresses used on the organization's private network
Local Addresses
UDP Traceroute Port Range
SSH Identifier
Privilege Level 15
29. Command to disable CDP on a router
Tunnel Mode
Standard IP ACLs
no cdp run
Denial of Service (DoS)
30. Lists interfaces - routing table - ARP table - physical and network addresses - time last booted
Named ACL
SSH1
SNMP Vulnerabilities
Dynamic NAT
31. Two - one Inbound or Evaluated and one Outbound or Reflected
Minimum ACLs Required for Reflexive ACLs
Train Identifier 'S'
Telnet - HTTP - SNMP Vulnerability
TCP Intercept
32. UDP Port 1701
Privilege Level 1
L2TP Identifier
HTTP Operating Layer
Fifth Part of the IOS Version
33. 0x32 - or 50
Core Layer
ESP Identifier
L2TP Operating Layer
SSH Operating Layer
34. Public IP address before translation
CDP Vulnerabilities
Privilege Level 15
IP Direct Broadcast Vulnerabilties
Outside Local Address
35. A suite of protocols for securing Internet Protocol communications by authenticating and/or encrypting each IP packet in a data stream
Uses for ACLs
Internet Protocol Security (IPSec)
Network Address Translation (NAT)
Authentication Header (AH)
36. DENY IP 224.0.0.0 15.255.255.255 ANY
ACL to block IP multicast
Third Part of the IOS Version
GRE Identifier
DNS Lookup Vulnerability
37. Public IP address after translation
Named ACL Format
Outside Global Address
HTTPS Strength
HTTP Operating Layer
38. The host can specify which route to take - which bypasses security
Standard IP ACLs
IP Spoofing
Named ACL Format
IP Source Routing Vulnerabilities
39. Proprietary - used by Cisco routers and switches use to identify each other on LAN and WAN segments
First Part of IOS Version
Proxy ARP
Session Hijacking
Cisco Discovery Protocol (CDP)
40. Privilege level that is restricted to basic level operations
IPSec AH Identifier
Requirements for Reflexive TCP to be removed
Eavesdropping and Information Theft
Privilege Level 1
41. Command to disable TCP small server on a router
SSH2
Minimum ACLs Required for Reflexive ACLs
IP Direct Broadcast Vulnerabilties
no service tcp-small-servers
42. Mode where the entire packet is encrypted and/or authenticated - requiring a new IP packet to be encapsulated
ACL to block TCP SYN Attack
Cisco Discovery Protocol (CDP)
Outside
Tunnel Mode
43. War dialing
IPSec AH Identifier
AUX Vulnerability
TCP Intercept Watch Mode
IP Direct Broadcast Vulnerabilties
44. Form of dynamic NAT that maps multiple unregistered IP addresses to a single registered IP address by using different ports; limited to ~64 -000 hosts
Requirements for Reflexive TCP to be removed
Higher IP Extended ACL Range
Third Part of the IOS Version
Overloading
45. Major Version
Telnet - HTTP - SNMP Vulnerability
no service tcp-small-servers
TCP/UDP Chargen Vulnerability
First Part of IOS Version
46. Major Version - Minor Version - Release - Interim Build - Release Train Identifier
General Format of Cisco IOS Version
no ip http server
Inside Local Address
Overloading
47. Cisco default tunneling protocol that uses multicast addressing without encryption and is designed to encapsulate a wide variety of network layer packets inside IP tunneling packets
Generic Routing Encapsulation (GRE)
TCP Intercept Watch Mode
Train Identifier 'B'
Requirements for Reflexive TCP to be removed
48. Breaks LAN security perimeter extends LAN to Layer 2
Proxy ARP Vulnerabilities
ESP Identifier
IPSec AH Operating Layer
inger Server
49. Users - Host PC's - IP Addresses
no ip bootp server
SSH2
Finger Vulnerabilities
IP Direct Broadcast Vulnerabilties
50. Allows the source IP host to specify a route through the IP network
IPSec AH Identifier
IP Source Routing
Privilege Level 1
TCP Intercept
