SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Router threat that involves the unauthorized viewing and collection of network traffic; usually accomplished with a packet sniffing program
Outside Local Address
Static NAT
Eavesdropping and Information Theft
Train Identifier 'T'
2. DENY IP 127.0.0.0 0.255.255.255 ANY
HTTPS Strength
Unauthorized Access
ACL to block incoming loopback packets
User Account Vulnerabilites
3. Layer 5
Extended IP ACLs
Generic Routing Encapsulation (GRE)
ACL to block incoming loopback packets
L2TP Operating Layer
4. Release Train Identifier
SSH Identifier
Fifth Part of the IOS Version
Networks
HTTP Vulnerability
5. Cryptographic protocols that provide secure communications on the Internet for such thing as WWW - email - faxing - IM - and other data transfers
echo - chargen - discard - daytime
no service udp-small-servers
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
Privilege Level 0
6. TCP and UDP Port 162
UDP Traceroute Port Range
SNMP Trap
Privilege Level 0
Cisco Express Forwarding (CEF)
7. 0x33 or 51
Transport Mode
L2TP Identifier
IPSec AH Identifier
Extended IP ACLs
8. What Local and Global refer to in NAT
Proxy ARP
Second Part of IOS Version
Networks
login local
9. Refers to addresses used on the organization's private network
Access Layer
Eavesdropping and Information Theft
TCP Intercept Watch Mode
Global Addresses
10. DNS Poisoning
no cdp run
DNS Lookup Vulnerability
Proxy ARP
Unauthorized Access
11. Can discover vulnerabilities - network stats - and firewall discovery
SNMP Vulnerabilities
IP Unreachable Vulnerabilities
no cdp run
L2TP Identifier
12. Also known as Configuration Auto-Loading - allows routers to load their startup configuration from the network
Higher IP Extended ACL Range
ACL to block telnet
Networks
Boot Network
13. Router threat where access by an entity or individual other than authorized users
Unauthorized Access
Static NAT
Encrypting Traffic
Minimum ACLs Required for Reflexive ACLs
14. Attack that involves a multitude of compromised system attack a single target - denying service to it by exploiting one 'master' system that communicates with other 'zombie' systems
Distributed Denial of Service Attacks
Train Identifier 'B'
ACL to block TCP SYN Attack
Distribution Layer
15. Rebuild Number
ESP Identifier
Sixth (Optional) Part of the IOS Version
TLS/SSL Identifier
Distributed Denial of Service Attacks
16. DENY IP <Network ID> <Network WC Mask> ANY
Third Part of the IOS Version
ACL to block spoofed IPs
ACL to block telnet
Proxy ARP Vulnerabilities
17. An alternative for both standard and extended ACLs that allow you to refer to an ACL by a descriptive name instead of a number
IPSec AH Identifier
no ip mask-reply
Named ACL
Outside
18. The environment - catastrophic events an unauthorized access
Outside
echo - chargen - discard - daytime
GRE Identifier
Three Physical Security Vulnerabilities
19. Command to disable TCP small server on a router
no service tcp-small-servers
Telnet - HTTP - SNMP Vulnerability
TCP/UDP Daytime Vulnerability
Extended IP ACLs
20. Router threat that involves a hacker inserting a spoofed TCP/IP packet into a stream - thereby enabling commands to be executed on the remote host
Extended IP ACLs
Session Hijacking
Inside
Secure Shell (SSH)
21. Layer 3
no ip mask-reply
Land Attack
IPSec AH Operating Layer
Networks
22. Time can be changed - Routing Table can be killed
NTP Vulnerabilities
Tunnel Mode
Static NAT
ESP Identifier
23. Four TCP/UDP Small Server commands recommended to disable
no ip finger - no service finger
Unicast Reverse-Path Forwarding (uRPF)
echo - chargen - discard - daytime
Two Modes of IPSec
24. Layer 7
IP Source Routing Vulnerabilities
Three Physical Security Vulnerabilities
SSH Operating Layer
Named ACL Format
25. A method of bypassing firewall or proxy restrictions by making the firewall think that it is getting traffic from a web browser
HTTP Tunneling
Transport Mode
HTTP Operating Layer
no service tcp-small-servers
26. Allows the source IP host to specify a route through the IP network
Cisco Express Forwarding (CEF)
no cdp run
IP Source Routing
TCP SYN Attack
27. The communication layer between the two other layers and provides network security - including ACLs - firewalls - any general public access servers and address translation; also known as the isolation LAN or DMZ
no cdp run
Distribution Layer
Route Injection Attack
Dynamic NAT
28. 33400-34400
UDP Traceroute Port Range
DNS Lookup Vulnerability
Denial of Service (DoS)
uRPF Strength
29. Layer 3
Authentication Header (AH)
IPSec AH Operating Layer
ESP Operating Layer
Standard ACL format
30. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet
Fraggle Attack
IP Spoofing
Lower IP Standard ACL Range
AUX Vulnerability
31. Traffic is passed in plaintext
HTTP Vulnerability
Named ACL Format
Route Injection Attack
Reflexive ACL
32. Provides nonrepudiation - ensuring that traffic is from a trusted party
Fourth Part of the IOS Version
Authenticating Peers
Host-to-Host Communications
TCP Load Distribution
33. Routing mode depended on by uRPF in order to function
Cisco Express Forwarding (CEF)
Secure Shell (SSH)
IP Spoofing
Train Identifier 'S'
34. Commands to disable Finger Server
IP Direct Broadcast Vulnerabilties
Train Identifier 'B'
no ip finger - no service finger
Encrypting Traffic
35. Provides confidentiality - so it cannot be read by unauthorized parties
Encrypting Traffic
Distributed Denial of Service Attacks
SNMP Trap
ACL to block a Smurf Attack or Fraggle Attack
36. Command used to disable the ICMP message Address Mask Reply
no ip mask-reply
Higher IP Extended ACL Range
ACL to block a Smurf Attack or Fraggle Attack
Uses for ACLs
37. No Known Vulnerability
L2TP Identifier
TCP/UDP Discard Vulnerability
ntp disable
Higher IP Extended ACL Range
38. What Transport Mode is used for
BOOTP
Host-to-Host Communications
HTTP Identifier
ACL to block a Land Attack
39. Protects against repeating of secure sessions
Anti-Replay
Unicast Reverse-Path Forwarding (uRPF)
login local
Cisco Discovery Protocol (CDP)
40. Local IP address before translation
TCP/UDP Discard Vulnerability
Established Line
GRE Operating Layer
Inside Local Address
41. Users - Host PC's - IP Addresses
login local
IP Unreachable Vulnerabilities
Finger Vulnerabilities
ACL to block telnet
42. Refers to the organization's private network
Inside
Transport Mode
Standard ACL format
Generic Routing Encapsulation (GRE)
43. Plaintext
Telnet - HTTP - SNMP Vulnerability
ACL to block a Land Attack
Access List Rules
Two Protocols of Tunnel Mode
44. PERMIT TCP ANY ANY ESTABLISHED
ACL to block TCP SYN Attack
Land Attack
Named ACL
NTP Vulnerabilities
45. Authentication Header (AH) and Encapsulated Security Payload (ESP)
no ip finger - no service finger
no ip http server
no cdp run
Two Protocols of Tunnel Mode
46. Rewrites the and/or destination IP address of IP packets as they pass through a router or firewall from private to public addresses
Boot Network
Network Address Translation (NAT)
First Part of IOS Version
no ip http server
47. Technology
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
48. Top of the hierarchy - responsible for transporting large amounts of traffic both reliably and quickly and switching traffic as fast as possible throughout the internet
no service udp-small-servers
Core Layer
Inside Global Address
inger Server
49. Tunnel Mode Protocol provides confidentiality - along with authentication and integrity protection with encryption
no ip mask-reply
Encapsulation Security Payload (ESP)
Named ACL
Dynamic NAT
50. Router threat that includes manipulating router updates to cause traffic to flow to unauthorized destinations
Proxy ARP Vulnerabilities
Rerouting
Overloading
no ip mask-reply
