SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Attack that involves transmitting a volume of connections that cannot be completed at the destination - causing the queue to fill up and denying service to legitimate user
HTTP Identifier
Smurf Attack
Cisco Discovery Protocol (CDP)
TCP SYN Attack
2. Four TCP/UDP Small Server commands recommended to disable
Network Time Protocol (NTP)
echo - chargen - discard - daytime
Generic Routing Encapsulation (GRE)
Train Identifier 'B'
3. 0x32 - or 50
ESP Identifier
Encrypted Tunneling Methods
no ip bootp server
Two Protocols of Tunnel Mode
4. Traffic is passed in plaintext
Encrypting Traffic
NTP Vulnerabilities
HTTP Vulnerability
no cdp run
5. ACK and RST
Lower IP Standard ACL Range
Global Addresses
Flags used by Established Line
IP Mask Reply Vulnerabilities
6. Tunnel Mode Protocol provides confidentiality - along with authentication and integrity protection with encryption
IPSec AH Identifier
Encapsulation Security Payload (ESP)
TLS/SSL Identifier
BOOTP
7. Release Train Identifier
no ip unreachable
Rerouting
Session Hijacking
Fifth Part of the IOS Version
8. Technology
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
9. Major Version - Minor Version - Release - Interim Build - Release Train Identifier
Common uses of Access Lists
Boot Network Vulnerabilities
General Format of Cisco IOS Version
Fourth Part of the IOS Version
10. Transport and Tunnel
TCP Intercept
Authentication Header (AH)
ntp disable
Two Modes of IPSec
11. Translates multiple local addresses to a pool of global addresses by having the firewall select the first available global address; retains the global address for the duration of the connection
SSH Identifier
Dynamic NAT
SSH1
Inside Local Address
12. DNS Poisoning
Unicast Reverse-Path Forwarding (uRPF)
Extended ACL format
ACL to block TCP SYN Attack
DNS Lookup Vulnerability
13. TCP and UDP Port 161
no cdp run
Standard IP ACLs
SNMP
Global Addresses
14. Refers to the organization's private network
GRE Operating Layer
IPSec AH Identifier
Access Layer
Inside
15. Layer 7
Finger Vulnerabilities
HTTP Operating Layer
no cdp run
Flags used by Established Line
16. When a router acts as an intermediary for ARP queries on selected interfaces and enabling transparent access between multiple LAN segments
SNMP Trap
Standard IP ACLs
Syntax for Reflexive ACLs
Proxy ARP
17. DENY IP HOST <Inbound IP Address> HOST <Inbound IP Address>
Unicast Reverse-Path Forwarding (uRPF)
Inside Local Address
ACL to block a Land Attack
Telnet - HTTP - SNMP Vulnerability
18. Privilege levels that can have passwords assigned to them
Privilege Levels 2-13
Extended IP ACLs
Smurf Attack
TCP Load Distribution
19. Form of dynamic NAT that maps multiple unregistered IP addresses to a single registered IP address by using different ports; limited to ~64 -000 hosts
Overloading
TCP Load Distribution
Two Modes of IPSec
Distribution Layer
20. Forces the user to enter both a valid username and password
Common uses of Access Lists
login local
Third Part of the IOS Version
Flags used by Established Line
21. Privilege level that restricts users to five commands (enable - disable - exit - help quit)
Requirements for Reflexive TCP to be removed
Privilege Level 0
Extended IP ACLs
Lower IP Extended ACL Range
22. Interim Build Number
Fourth Part of the IOS Version
Outside
IPSec AH Identifier
Authentication Header (AH)
23. Attack that involves a multitude of compromised system attack a single target - denying service to it by exploiting one 'master' system that communicates with other 'zombie' systems
Distributed Denial of Service Attacks
Rerouting
Network Address Translation (NAT)
Privilege Level 0
24. PERMIT TCP ANY ANY ESTABLISHED
ACL to block TCP SYN Attack
Telnet - HTTP - SNMP Vulnerability
Encapsulation Security Payload (ESP)
Encrypting Traffic
25. Refers to addresses used on the organization's private network
SSH Identifier
Telnet - HTTP - SNMP Vulnerability
ESP Identifier
Global Addresses
26. Can copy - poison - corrupt - or delete the IOS
BOOTP Vulnerabilities
Local Addresses
Three Layers of Hierarchical Model
HTTP Vulnerability
27. Users - Host PC's - IP Addresses
ESP Identifier
IP Mask Reply Vulnerabilities
Finger Vulnerabilities
Distributed Denial of Service Attacks
28. Accounts without passwords - Type 7 encryption - account privilege higher than 1 - able to be fingered
Route Injection Attack
User Account Vulnerabilites
NTP Vulnerabilities
SSH1
29. Breaks LAN security perimeter extends LAN to Layer 2
Access Layer
Network Address Translation (NAT)
Proxy ARP Vulnerabilities
no ip http server
30. What Inside and Outside refer to in NAT
GRE Identifier
Devices
inger Server
Network-to-Network Communications
31. A secure alternative to telnet for remote administration that supported in Enterprise versions of Cisco IOS
ESP Operating Layer
SSH
L2TP Operating Layer
Privilege Level 1
32. 1300-1999
Higher IP Standard ACL Range
Three Layers of Hierarchical Model
Two Types of Router Access
AUX Vulnerability
33. Ip access-list <standard | extended> name - permit TCP any any established
First Part of IOS Version
Named ACL Format
Authenticating Peers
Land Attack
34. Refers to the addresses on the public internet
Outside
IP Directed Broadcast
TLS/SSL Layer
Integrity Validation
35. When one network protocol called the payload protocol is encapsulated within a different delivery network - or provide a secure path through an untrusted network
SNMP
Tunneling
Network-to-Network Communications
no ip bootp server
36. Dialer List - Routing Maps - Dynamic Routing Protocols - Controlling Remote Access - NAT'ing - Traffic Filtering
Common uses of Access Lists
L2TP Identifier
Uses for ACLs
SSH1
37. What Transport Mode is used for
HTTP Operating Layer
AUX Vulnerability
Common uses of Access Lists
Host-to-Host Communications
38. Privilege level that is restricted to basic level operations
Privilege Level 1
Anti-Replay
Established Line
no ip finger - no service finger
39. Layer 3
Rerouting
Telnet - HTTP - SNMP Vulnerability
GRE Operating Layer
Privilege Level 15
40. Data link layer protocol used for tunneling network traffic between two peers over an existing network - often used with IPsec to secure packets
HTTP Tunneling
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
Layer 2 Tunneling Protocol (L2TP)
Dynamic NAT
41. Local and Remote
Fraggle Attack
SNMP
NTP Vulnerabilities
Two Types of Router Access
42. Ip accesslist extended <name1> - permit IP any any reflect <filename> - ip accesslist extended <name2> - evaluate <filename> - int f0/0 - ip access-group <name1> out - ip access-group <name2> in
Syntax for Reflexive ACLs
SNMP Trap
Encrypting Traffic
HTTPS Strength
43. Block spoofed IP packets - block loopback packets - block IP multicast if unused - block ICMP redirects - Block telnet if not used
IP Unreachable Vulnerabilities
Common uses of Access Lists
Generic Routing Encapsulation (GRE)
Host-to-Host Communications
44. Can discover vulnerabilities - network stats - and firewall discovery
HTTP Identifier
Land Attack
IP Unreachable Vulnerabilities
IP Source Routing
45. Broadcast
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
46. None - uses attach application protocol's layer
Standard IP ACLs
TLS/SSL Layer
Secure Shell (SSH)
Named ACL
47. Command used to disable the ICMP message Address Mask Reply
no ip mask-reply
Unauthorized Access
Higher IP Standard ACL Range
Privilege Level 15
48. Can stop spoofed IP addresses
Two Types of Router Access
uRPF Strength
Internet Protocol Security (IPSec)
ACL to block spoofed IPs
49. Cryptographic protocols that provide secure communications on the Internet for such thing as WWW - email - faxing - IM - and other data transfers
Network Address Translation (NAT)
BOOTP
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
Boot Network
50. DENY IP 224.0.0.0 15.255.255.255 ANY
no service tcp-small-servers
Train Idenifier 'E'
ACL to block IP multicast
Two Protocols of Tunnel Mode
