Test your basic knowledge |

Router Security

Subject : it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. Attack that involves a multitude of compromised system attack a single target - denying service to it by exploiting one 'master' system that communicates with other 'zombie' systems
Privilege Level 1
Distributed Denial of Service Attacks
Layer 2 Tunneling Protocol (L2TP)
TCP/UDP Discard Vulnerability

2. Startup-config can be deleted - copied - changed
Established Line
Authenticating Peers
Boot Network Vulnerabilities
UDP Traceroute Port Range

3. Major Version - Minor Version - Release - Interim Build - Release Train Identifier
no service udp-small-servers
SSH2
Access List Rules
General Format of Cisco IOS Version

4. Layer 3
inger Server
no ip redirect
no ip bootp server
IPSec AH Operating Layer

5. Local IP address before translation
Access Layer
ESP Operating Layer
L2TP Operating Layer
Inside Local Address

6. War dialing
AUX Vulnerability
First Part of IOS Version
HTTP Tunneling
Standard ACL format

7. Command used to disable the ICMP message Host Unreachable
Layer 2 Tunneling Protocol (L2TP)
GRE Identifier
ACL to block a Smurf Attack or Fraggle Attack
no ip unreachable

8. Transport and Tunnel
Two Modes of IPSec
Uses for ACLs
Standard ACL format
Proxy ARP Vulnerabilities

9. Authentication Header (AH) and Encapsulated Security Payload (ESP)
Two Protocols of Tunnel Mode
SSH
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
IP Mask Reply Vulnerabilities

10. Can discover vulnerabilities - network stats - and firewall discovery
Two Types of Router Access
IP Unreachable Vulnerabilities
BOOTP Vulnerabilities
ACL to block incoming loopback packets

11. Router to Router Denial of Service
Secure Shell (SSH)
Access Layer
HTTP Tunneling
TCP/UDP Echo Vulnerability

12. None - uses attached application protocol's port
TCP/UDP Discard Vulnerability
TLS/SSL Identifier
Tunneling
SSH1

13. Command to disable BOOTP Server
HTTP Tunneling
Outside Global Address
SSH
no ip bootp server

14. TCP only - used to filter inbound traffic while allowing return TCP sessions - can be spoofed by attackers and cannot be used with Active FTP
ACL to block telnet
Encapsulation Security Payload (ESP)
GRE Identifier
Established Line

15. Refers to the addresses on the public internet
no ip bootp server
Outside
Integrity Validation
BOOTP Vulnerabilities

16. This server is used for querying a host about its logged in users
Three Layers of Hierarchical Model
inger Server
GRE Operating Layer
SNMP

17. Enterprise

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

18. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet
Unauthorized Access
Masquerading
Standard ACL format
TCP Intercept

19. Public IP address before translation
no ip redirect
Tunnel Mode
Outside Local Address
Train Identifier 'T'

20. Command used to disable the ICMP message Address Mask Reply
Transport Mode
no ip mask-reply
Anti-Replay
Privilege Level 15

21. Buffer Overflow
IP Mask Reply Vulnerabilities
TCP/UDP Chargen Vulnerability
UDP Traceroute Port Range
BOOTP Vulnerabilities

22. Layer 3
Unauthorized Access
Secure Shell (SSH)
ESP Operating Layer
Boot Network

23. Router threat that includes manipulating router updates to cause traffic to flow to unauthorized destinations
Rerouting
L2TP Identifier
HTTPS Strength
Anti-Replay

24. DENY IP 224.0.0.0 15.255.255.255 ANY
TCP Intercept
Dynamic NAT
ACL to block IP multicast
IPSec AH Operating Layer

25. Plaintext
ACL to block telnet
Fraggle Attack
SSH
Telnet - HTTP - SNMP Vulnerability

26. Uses SSL port 443
syslog
HTTPS Strength
IPSec AH Identifier
HTTP Identifier

27. These ACLs filter by network or host IP address and only filter on source
Proxy ARP Vulnerabilities
Core Layer
Standard IP ACLs
syslog

28. Interim Build Number
Fourth Part of the IOS Version
Inside
ESP Identifier
Proxy ARP Vulnerabilities

29. Broadcast

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

30. Attack that involves sending a large amount of ICMP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet
IP Direct Broadcast Vulnerabilties
IP Source Routing
Smurf Attack
Static NAT

31. Routing mode depended on by uRPF in order to function
Cisco Express Forwarding (CEF)
TCP Intercept Watch Mode
Dynamic NAT
Smurf Attack

32. Mode where the entire packet is encrypted and/or authenticated - requiring a new IP packet to be encapsulated
Tunnel Mode
Outside Global Address
Three Layers of Hierarchical Model
BOOTP

33. What Local and Global refer to in NAT
Networks
GRE Identifier
TCP/UDP Daytime Vulnerability
TLS/SSL Layer

34. Access-list <number> <deny | permit> source source-wildcard log
Standard ACL format
HTTP Identifier
Flags used by Established Line
IP Source Routing Vulnerabilities

35. Layer 7
HTTP Operating Layer
ACL to block TCP SYN Attack
Telnet - HTTP - SNMP Vulnerability
Reflexive ACL

36. Release Number
Boot Network Vulnerabilities
Reflexive ACL
Third Part of the IOS Version
L2TP Operating Layer

37. These ACLs filter by network or host IP addresses andspecific protocol type or port numbers - filters by source and destination
Two Modes of IPSec
Unauthorized Access
Extended IP ACLs
Access List Rules

38. Datagram protocol used by some hosts to load their operating system over the network via a central repository of IOS software
BOOTP
no service tcp-small-servers
Eavesdropping and Information Theft
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)

39. Access - Distribution - Core
Three Layers of Hierarchical Model
Fraggle Attack
Layer 2 Tunneling Protocol (L2TP)
no ip redirect

40. Allows packets to be filtered based on upper-layer session information - only uses extended temporary ACL's and must be named - applied on border routers
TCP/UDP Discard Vulnerability
IP Mask Reply Vulnerabilities
Reflexive ACL
L2TP Identifier

41. Technology

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

42. Layer 5
Cisco Discovery Protocol (CDP)
no ip bootp server
Access Layer
L2TP Operating Layer

43. Command used to disable the ICMP message Redirect
no ip redirect
Uses for ACLs
ACL to block incoming loopback packets
Standard IP ACLs

44. Commands to disable Finger Server
no ip finger - no service finger
SSH1
Privilege Level 1
Boot Network

45. Release Train Identifier
Devices
Train Idenifier 'E'
Fifth Part of the IOS Version
Global Addresses

46. Block spoofed IP packets - block loopback packets - block IP multicast if unused - block ICMP redirects - Block telnet if not used
no service tcp-small-servers
Common uses of Access Lists
Syntax for Reflexive ACLs
Third Part of the IOS Version

47. Top of the hierarchy - responsible for transporting large amounts of traffic both reliably and quickly and switching traffic as fast as possible throughout the internet
Encrypted Tunneling Methods
Core Layer
Smurf Attack
Network Address Translation (NAT)

48. Public IP address after translation
L2TP Operating Layer
Lower IP Extended ACL Range
Outside Global Address
Layer 2 Tunneling Protocol (L2TP)

49. Layer 3
Telnet - HTTP - SNMP Vulnerability
GRE Operating Layer
TCP/UDP Discard Vulnerability
Standard IP ACLs

50. Software that blocks packets from unreachable hosts - thus allowing only reachable external hosts to initiate connections to a host on an internal network
Unauthorized Access
TCP Intercept
TCP Intercept Watch Mode
L2TP Identifier