SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Buffer Overflow
Land Attack
UDP Traceroute Port Range
TCP/UDP Chargen Vulnerability
TCP/UDP Daytime Vulnerability
2. Data link layer protocol used for tunneling network traffic between two peers over an existing network - often used with IPsec to secure packets
Layer 2 Tunneling Protocol (L2TP)
Named ACL
Internet Protocol Security (IPSec)
Finger Vulnerabilities
3. TCP only - used to filter inbound traffic while allowing return TCP sessions - can be spoofed by attackers and cannot be used with Active FTP
Secure Shell (SSH)
Established Line
Privilege Level 0
TCP/UDP Echo Vulnerability
4. Smurf attacks - can enumerate the network
Secure Shell (SSH)
Privilege Level 15
Three Layers of Hierarchical Model
IP Direct Broadcast Vulnerabilties
5. Must be made at global config mode - created from CON/VTY session or text file - read top to bottom - applied at the interface and only one ACL per direction - per protocol - per interface
Fraggle Attack
Finger Vulnerabilities
Boot Network Vulnerabilities
Access List Rules
6. Can copy - poison - corrupt - or delete the IOS
Local Addresses
Lower IP Extended ACL Range
IP Direct Broadcast Vulnerabilties
BOOTP Vulnerabilities
7. Command used to disable the ICMP message Address Mask Reply
Flags used by Established Line
inger Server
no ip mask-reply
Inside Global Address
8. Refers to the organization's private network
Encrypting Traffic
Inside
ACL to block spoofed IPs
Network Address Translation (NAT)
9. This layer controls user and workgroup acess to the Internetwork resources at the local level using segmentation of networks to create separate collision domains - AKA an organization's trusted network
Common uses of Access Lists
Access Layer
login local
syslog
10. Command used to disable NTP on an interface
no ip unreachable
Uses for ACLs
SNMP Trap
ntp disable
11. Dialer List - Routing Maps - Dynamic Routing Protocols - Controlling Remote Access - NAT'ing - Traffic Filtering
Denial of Service (DoS)
Privilege Levels 2-13
Uses for ACLs
ACL to block telnet
12. Can stop spoofed IP addresses
uRPF Strength
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
Smurf Attack
Denial of Service (DoS)
13. Router threat that refers to willful attempts to cause such disruptions by overwhelming the targeted system with improperly formatted traffic
TLS/SSL Identifier
Overloading
Anti-Replay
Denial of Service (DoS)
14. 33400-34400
UDP Traceroute Port Range
Outside Global Address
SNMP Vulnerabilities
Flags used by Established Line
15. Attack that involves a multitude of compromised system attack a single target - denying service to it by exploiting one 'master' system that communicates with other 'zombie' systems
SNMP Vulnerabilities
Distributed Denial of Service Attacks
Devices
Access Layer
16. When a router acts as an intermediary for ARP queries on selected interfaces and enabling transparent access between multiple LAN segments
Three Layers of Hierarchical Model
Proxy ARP
Two Modes of IPSec
IP Directed Broadcast
17. Plaintext
Telnet - HTTP - SNMP Vulnerability
no ip mask-reply
Devices
Encrypted Tunneling Methods
18. What Local and Global refer to in NAT
SSH
Networks
Host-to-Host Communications
no ip unreachable
19. Attack that involves sending a large amount of UDP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet
Privilege Level 1
Fraggle Attack
TCP Intercept
Encrypted Tunneling Methods
20. Device - Hostname - IOS - IP Address - Ports - Model
TLS/SSL Identifier
CDP Vulnerabilities
Anti-Replay
HTTP Identifier
21. What Tunnel Mode is used for
Second Part of IOS Version
ACL to block IP multicast
Network-to-Network Communications
login local
22. PERMIT TCP ANY ANY ESTABLISHED
IP Direct Broadcast Vulnerabilties
ACL to block TCP SYN Attack
Extended IP ACLs
IP Mask Reply Vulnerabilities
23. Interim Build Number
SNMP Vulnerabilities
Syntax for Reflexive ACLs
Devices
Fourth Part of the IOS Version
24. Uses only host keys to authenticate systems
SSH2
SSH
HTTP Operating Layer
Boot Network
25. DENY IP ANY HOST <Broadcast Address>
Inside Local Address
ACL to block a Smurf Attack or Fraggle Attack
Reflexive ACL
Tunneling
26. This server is used for querying a host about its logged in users
Overloading
inger Server
Train Identifier 'T'
Devices
27. 0x2F - or 47
IP Source Routing
GRE Identifier
Generic Routing Encapsulation (GRE)
L2TP Operating Layer
28. Command to disable CDP on a router
IP Unreachable Vulnerabilities
Flags used by Established Line
no cdp run
Sixth (Optional) Part of the IOS Version
29. Command used to disable the ICMP message Redirect
Local Addresses
Flags used by Established Line
no ip redirect
First Part of IOS Version
30. Refers to addresses used on the organization's private network
IP Unreachable Vulnerabilities
no ip bootp server
Encrypting Traffic
Local Addresses
31. A suite of protocols for securing Internet Protocol communications by authenticating and/or encrypting each IP packet in a data stream
Internet Protocol Security (IPSec)
inger Server
TLS/SSL Identifier
Higher IP Extended ACL Range
32. A method of bypassing firewall or proxy restrictions by making the firewall think that it is getting traffic from a web browser
SNMP Vulnerabilities
Static NAT
HTTP Tunneling
Train Identifier 'B'
33. 0x32 - or 50
Transport Mode
Higher IP Standard ACL Range
Eavesdropping and Information Theft
ESP Identifier
34. Access-list <number <deny | permit> source source-wildcard source-qualifier destination dest-wildcard dest-qualifier <log | log-input>
Overloading
Extended ACL format
Flags used by Established Line
Three Physical Security Vulnerabilities
35. Local IP address before translation
Inside Local Address
Sixth (Optional) Part of the IOS Version
Distributed Denial of Service Attacks
Dynamic NAT
36. Permits a host on one LAN segment to initiate a physical broadcast on a different LAN segment
Global Addresses
Finger Vulnerabilities
IP Directed Broadcast
TCP Intercept
37. Accounts without passwords - Type 7 encryption - account privilege higher than 1 - able to be fingered
CDP Vulnerabilities
User Account Vulnerabilites
echo - chargen - discard - daytime
Anti-Replay
38. Service Provider
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
39. Attack that involves sending a large amount of ICMP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet
Masquerading
Smurf Attack
Extended ACL format
HTTP Vulnerability
40. Minor Version
Core Layer
Second Part of IOS Version
SNMP Trap
Lower IP Standard ACL Range
41. Private IP address after translation
First Part of IOS Version
Boot Network Vulnerabilities
no ip bootp server
Inside Global Address
42. Top of the hierarchy - responsible for transporting large amounts of traffic both reliably and quickly and switching traffic as fast as possible throughout the internet
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
Named ACL
ESP Identifier
Core Layer
43. ESP - SSH - SSL/TLP
Minimum ACLs Required for Reflexive ACLs
Access List Rules
Encrypted Tunneling Methods
Named ACL
44. Transport and Tunnel
Two Modes of IPSec
Encapsulation Security Payload (ESP)
IPSec AH Operating Layer
Global Addresses
45. What Transport Mode is used for
SSH2
Inside
Host-to-Host Communications
Finger Vulnerabilities
46. DENY IP <Network ID> <Network WC Mask> ANY
BOOTP Vulnerabilities
First Part of IOS Version
Named ACL
ACL to block spoofed IPs
47. Cryptographic protocols that provide secure communications on the Internet for such thing as WWW - email - faxing - IM - and other data transfers
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
Minimum ACLs Required for Reflexive ACLs
Unauthorized Access
Dynamic NAT
48. Command used to disable the ICMP message Host Unreachable
Two Types of Router Access
Integrity Validation
Access Layer
no ip unreachable
49. UDP Port 1701
TCP/UDP Echo Vulnerability
First Part of IOS Version
Access Layer
L2TP Identifier
50. TCP Port 22
SSH Identifier
Cisco Express Forwarding (CEF)
Unauthorized Access
IP Unreachable Vulnerabilities
