SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Service Provider
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
2. Command to disable CDP on a router
no cdp run
Integrity Validation
Core Layer
TLS/SSL Identifier
3. When one network protocol called the payload protocol is encapsulated within a different delivery network - or provide a secure path through an untrusted network
TCP Load Distribution
Telnet - HTTP - SNMP Vulnerability
Tunneling
Transport Mode
4. DENY TCP ANY HOST <IP Address> EQ 23
Transport Mode
ACL to block telnet
Reflexive ACL
L2TP Identifier
5. 2000-2699
Access Layer
Network Address Translation (NAT)
ACL to block IP multicast
Lower IP Extended ACL Range
6. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet
IP Spoofing
Denial of Service (DoS)
no ip mask-reply
no cdp run
7. 0x33 or 51
IPSec AH Identifier
Authenticating Peers
Privilege Level 15
TCP/UDP Echo Vulnerability
8. Layer 7
Lower IP Extended ACL Range
Train Identifier 'T'
SSH Operating Layer
HTTP Tunneling
9. Four TCP/UDP Small Server commands recommended to disable
echo - chargen - discard - daytime
SSH Operating Layer
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
NTP Vulnerabilities
10. Local IP address before translation
Higher IP Extended ACL Range
Devices
Inside Local Address
Smurf Attack
11. Command used to disable the ICMP message Host Unreachable
NTP Vulnerabilities
no ip unreachable
Rerouting
TCP Intercept
12. Interim Build Number
Syntax for Reflexive ACLs
Fourth Part of the IOS Version
Unauthorized Access
GRE Identifier
13. Router threat that involves a hacker inserting a spoofed TCP/IP packet into a stream - thereby enabling commands to be executed on the remote host
Uses for ACLs
HTTP Operating Layer
Privilege Level 0
Session Hijacking
14. DENY IP <Network ID> <Network WC Mask> ANY
HTTPS Strength
Inside
ACL to block spoofed IPs
Privilege Level 0
15. Command used to disable NTP on an interface
General Format of Cisco IOS Version
Two Protocols of Tunnel Mode
ntp disable
inger Server
16. DENY IP 127.0.0.0 0.255.255.255 ANY
ACL to block incoming loopback packets
Generic Routing Encapsulation (GRE)
Tunnel Mode
Host-to-Host Communications
17. Data link layer protocol used for tunneling network traffic between two peers over an existing network - often used with IPsec to secure packets
no ip unreachable
Outside
Layer 2 Tunneling Protocol (L2TP)
syslog
18. Software that passively monitors the connection requests flowing through the router; if a connection fails - the software sends a Reset to the server to clear up its state
TCP Intercept Watch Mode
Static NAT
Session Hijacking
Inside Local Address
19. Provides nonrepudiation - ensuring that traffic is from a trusted party
Standard ACL format
Authenticating Peers
Anti-Replay
SSH1
20. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet
General Format of Cisco IOS Version
Cisco Express Forwarding (CEF)
Masquerading
Proxy ARP
21. Rewrites the and/or destination IP address of IP packets as they pass through a router or firewall from private to public addresses
TCP Intercept Watch Mode
Standard IP ACLs
Host-to-Host Communications
Network Address Translation (NAT)
22. Attack that involves sending a packet to the router with the same IP address in the source and destination address fields - as well as the same port number in the source and destination port field - causing a denial of service
Land Attack
Tunnel Mode
Session Hijacking
IP Direct Broadcast Vulnerabilties
23. Also known as Configuration Auto-Loading - allows routers to load their startup configuration from the network
Smurf Attack
Boot Network
TCP Intercept Watch Mode
Overloading
24. Release Number
Third Part of the IOS Version
BOOTP
Sixth (Optional) Part of the IOS Version
User Account Vulnerabilites
25. Technology
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
26. Command used to disable HTTP Server
First Part of IOS Version
Masquerading
no ip redirect
no ip http server
27. 0x2F - or 47
Network-to-Network Communications
GRE Identifier
Outside Global Address
L2TP Identifier
28. 0-99
Distribution Layer
Lower IP Standard ACL Range
HTTP Identifier
Extended ACL format
29. Command to disable UDP small server on a router
ACL to block a Smurf Attack or Fraggle Attack
no service udp-small-servers
Encapsulation Security Payload (ESP)
Overloading
30. Permits a host on one LAN segment to initiate a physical broadcast on a different LAN segment
ESP Identifier
IP Directed Broadcast
Minimum ACLs Required for Reflexive ACLs
Privilege Level 0
31. This server is used for querying a host about its logged in users
HTTP Identifier
Tunnel Mode
IP Spoofing
inger Server
32. Privilege level that is restricted to basic level operations
Distribution Layer
Unauthorized Access
Standard ACL format
Privilege Level 1
33. Helps to mitigate problems that are caused by the introduction of malformed or spoofed IP source addresses into a network by discarding packets lacking a verifiable IP source address
Core Layer
Unicast Reverse-Path Forwarding (uRPF)
Requirements for Reflexive TCP to be removed
Second Part of IOS Version
34. Allows the source IP host to specify a route through the IP network
Local Addresses
Fourth Part of the IOS Version
IP Source Routing
ESP Operating Layer
35. DENY IP 224.0.0.0 15.255.255.255 ANY
HTTP Vulnerability
Two Protocols of Tunnel Mode
Uses for ACLs
ACL to block IP multicast
36. TCP Port 22
SSH Identifier
ESP Operating Layer
Session Hijacking
ESP Identifier
37. Attack that involves transmitting a volume of connections that cannot be completed at the destination - causing the queue to fill up and denying service to legitimate user
Higher IP Extended ACL Range
TCP SYN Attack
Standard IP ACLs
Fifth Part of the IOS Version
38. Dialer List - Routing Maps - Dynamic Routing Protocols - Controlling Remote Access - NAT'ing - Traffic Filtering
Extended ACL format
Networks
Uses for ACLs
IP Unreachable Vulnerabilities
39. Must be made at global config mode - created from CON/VTY session or text file - read top to bottom - applied at the interface and only one ACL per direction - per protocol - per interface
no ip http server
Access List Rules
HTTP Vulnerability
Outside
40. Refers to addresses used on the organization's private network
TCP/UDP Echo Vulnerability
Global Addresses
Extended ACL format
User Account Vulnerabilites
41. Ip access-list <standard | extended> name - permit TCP any any established
Named ACL Format
Three Physical Security Vulnerabilities
Authentication Header (AH)
Network Address Translation (NAT)
42. Uses only host keys to authenticate systems
SSH2
no service udp-small-servers
Flags used by Established Line
TLS/SSL Layer
43. A suite of protocols for securing Internet Protocol communications by authenticating and/or encrypting each IP packet in a data stream
Train Identifier 'T'
Standard ACL format
Internet Protocol Security (IPSec)
Two Modes of IPSec
44. What Local and Global refer to in NAT
Encrypting Traffic
Transport Mode
Networks
AUX Vulnerability
45. Access - Distribution - Core
Cisco Express Forwarding (CEF)
Overloading
Three Layers of Hierarchical Model
no service udp-small-servers
46. What Tunnel Mode is used for
SNMP Trap
Three Physical Security Vulnerabilities
Network-to-Network Communications
HTTPS Strength
47. PERMIT TCP ANY ANY ESTABLISHED
Proxy ARP
ACL to block TCP SYN Attack
Boot Network Vulnerabilities
TCP Intercept
48. Layer 3
GRE Operating Layer
NTP Vulnerabilities
Fourth Part of the IOS Version
Three Physical Security Vulnerabilities
49. Attack that involves sending a large amount of ICMP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet
Flags used by Established Line
Uses for ACLs
Access List Rules
Smurf Attack
50. DENY IP HOST <Inbound IP Address> HOST <Inbound IP Address>
Minimum ACLs Required for Reflexive ACLs
IP Mask Reply Vulnerabilities
Access Layer
ACL to block a Land Attack
