SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. PERMIT TCP ANY ANY ESTABLISHED
Higher IP Standard ACL Range
ACL to block TCP SYN Attack
IP Directed Broadcast
Privilege Levels 2-13
2. Accounts without passwords - Type 7 encryption - account privilege higher than 1 - able to be fingered
User Account Vulnerabilites
TLS/SSL Identifier
no cdp run
SSH Identifier
3. Public IP address before translation
Outside Local Address
inger Server
Tunneling
Privilege Level 1
4. Access-list <number <deny | permit> source source-wildcard source-qualifier destination dest-wildcard dest-qualifier <log | log-input>
Extended ACL format
TCP Intercept Watch Mode
Standard IP ACLs
Cisco Express Forwarding (CEF)
5. TCP and UDP Port 161
Three Layers of Hierarchical Model
Host-to-Host Communications
SNMP
Unicast Reverse-Path Forwarding (uRPF)
6. Allows the source IP host to specify a route through the IP network
GRE Identifier
Access List Rules
User Account Vulnerabilites
IP Source Routing
7. Interim Build Number
Second Part of IOS Version
Fourth Part of the IOS Version
UDP Traceroute Port Range
syslog
8. Major Version - Minor Version - Release - Interim Build - Release Train Identifier
SSH Operating Layer
Access Layer
ACL to block TCP SYN Attack
General Format of Cisco IOS Version
9. Attack that involves sending a packet to the router with the same IP address in the source and destination address fields - as well as the same port number in the source and destination port field - causing a denial of service
no ip mask-reply
Land Attack
Train Identifier 'T'
HTTP Vulnerability
10. Dialer List - Routing Maps - Dynamic Routing Protocols - Controlling Remote Access - NAT'ing - Traffic Filtering
Local Addresses
Uses for ACLs
Three Layers of Hierarchical Model
SNMP Vulnerabilities
11. Allows for a one-to-one translation of local to global addresses; used by web servers and mail servers so that users can connect to them via their global address
SSH2
Minimum ACLs Required for Reflexive ACLs
ntp disable
Static NAT
12. 0-99
Cisco Express Forwarding (CEF)
Land Attack
Lower IP Standard ACL Range
Eavesdropping and Information Theft
13. DNS Poisoning
Boot Network
DNS Lookup Vulnerability
TCP/UDP Daytime Vulnerability
Train Identifier 'T'
14. Attack that involves sending a large amount of ICMP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet
SNMP Trap
ACL to block incoming loopback packets
Smurf Attack
BOOTP Vulnerabilities
15. Command used to disable the ICMP message Address Mask Reply
Encapsulation Security Payload (ESP)
Train Idenifier 'E'
no ip mask-reply
TLS/SSL Layer
16. Layer 7
HTTP Operating Layer
Route Injection Attack
BOOTP
Network-to-Network Communications
17. Router to Router Denial of Service
TCP/UDP Echo Vulnerability
Two Types of Router Access
SNMP Vulnerabilities
SSH Identifier
18. The communication layer between the two other layers and provides network security - including ACLs - firewalls - any general public access servers and address translation; also known as the isolation LAN or DMZ
Train Identifier 'S'
Outside Local Address
Distribution Layer
Privilege Levels 2-13
19. Two - one Inbound or Evaluated and one Outbound or Reflected
ACL to block telnet
CDP Vulnerabilities
Minimum ACLs Required for Reflexive ACLs
uRPF Strength
20. Software that blocks packets from unreachable hosts - thus allowing only reachable external hosts to initiate connections to a host on an internal network
no ip bootp server
Land Attack
TCP Intercept
Uses for ACLs
21. Command to disable TCP small server on a router
Distribution Layer
Tunnel Mode
ACL to block spoofed IPs
no service tcp-small-servers
22. Router threat that occurs when an attacker manipulates IP packets to falsify IP addresses - causing network disruptions as the router attempts to process the packet
Integrity Validation
Denial of Service (DoS)
Masquerading
Core Layer
23. DENY IP 127.0.0.0 0.255.255.255 ANY
ntp disable
Extended ACL format
IP Source Routing
ACL to block incoming loopback packets
24. Commands to disable Finger Server
Requirements for Reflexive TCP to be removed
no ip mask-reply
no ip finger - no service finger
TCP SYN Attack
25. When one network protocol called the payload protocol is encapsulated within a different delivery network - or provide a secure path through an untrusted network
ACL to block a Smurf Attack or Fraggle Attack
Train Identifier 'T'
HTTPS Strength
Tunneling
26. Layer 3
TLS/SSL Identifier
GRE Operating Layer
DNS Lookup Vulnerability
Inside Local Address
27. Can obtain CIDR and router ID
IP Mask Reply Vulnerabilities
SSH Operating Layer
L2TP Operating Layer
TLS/SSL Layer
28. Service Provider
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
29. Protocol that allows data to be exchanged using a secure channel between two computers via encryption
HTTP Tunneling
ACL to block IP multicast
Secure Shell (SSH)
Access Layer
30. Local and Remote
TCP SYN Attack
Two Types of Router Access
TLS/SSL Layer
Access Layer
31. When a router acts as an intermediary for ARP queries on selected interfaces and enabling transparent access between multiple LAN segments
Privilege Level 0
Proxy ARP
SSH Identifier
IP Direct Broadcast Vulnerabilties
32. Traffic is passed in plaintext
TCP/UDP Echo Vulnerability
Session Hijacking
HTTP Vulnerability
Reflexive ACL
33. Proprietary - used by Cisco routers and switches use to identify each other on LAN and WAN segments
Boot Network Vulnerabilities
IP Source Routing
HTTPS Strength
Cisco Discovery Protocol (CDP)
34. Rewrites the and/or destination IP address of IP packets as they pass through a router or firewall from private to public addresses
ACL to block telnet
L2TP Operating Layer
Denial of Service (DoS)
Network Address Translation (NAT)
35. Forces the user to enter both a valid username and password
Second Part of IOS Version
login local
Cisco Express Forwarding (CEF)
Train Identifier 'T'
36. Protocol used to keep their time-of-day clocks accurate and in sync
Denial of Service (DoS)
Network Time Protocol (NTP)
Train Identifier 'B'
Network Address Translation (NAT)
37. Top of the hierarchy - responsible for transporting large amounts of traffic both reliably and quickly and switching traffic as fast as possible throughout the internet
Core Layer
TLS/SSL Layer
Fourth Part of the IOS Version
Standard IP ACLs
38. Command used to disable NTP on an interface
Cisco Discovery Protocol (CDP)
TCP/UDP Discard Vulnerability
ntp disable
Masquerading
39. Release Number
Core Layer
Third Part of the IOS Version
no service udp-small-servers
Authentication Header (AH)
40. Enterprise
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
41. Uses SSL port 443
Established Line
HTTPS Strength
Syntax for Reflexive ACLs
Extended IP ACLs
42. Refers to addresses used on the organization's private network
Three Physical Security Vulnerabilities
Global Addresses
Privilege Level 0
Encrypting Traffic
43. Layer 7
Fifth Part of the IOS Version
ACL to block a Smurf Attack or Fraggle Attack
SSH Operating Layer
BOOTP
44. Buffer Overflow
Inside Global Address
no service udp-small-servers
Higher IP Standard ACL Range
TCP/UDP Chargen Vulnerability
45. Provides a checksum - ensuring traffic has not been modified along it's path
Integrity Validation
Local Addresses
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
Minimum ACLs Required for Reflexive ACLs
46. Tunnel Mode Protocol provides confidentiality - along with authentication and integrity protection with encryption
no ip http server
Encapsulation Security Payload (ESP)
Flags used by Established Line
Higher IP Extended ACL Range
47. Plaintext
GRE Operating Layer
Train Identifier 'B'
Telnet - HTTP - SNMP Vulnerability
no ip bootp server
48. Ip accesslist extended <name1> - permit IP any any reflect <filename> - ip accesslist extended <name2> - evaluate <filename> - int f0/0 - ip access-group <name1> out - ip access-group <name2> in
GRE Operating Layer
Outside
Syntax for Reflexive ACLs
IP Directed Broadcast
49. Four TCP/UDP Small Server commands recommended to disable
ACL to block telnet
echo - chargen - discard - daytime
TCP/UDP Echo Vulnerability
Inside Global Address
50. Mode where only the payload of the IP packet is encrypted and/or authenticated
Transport Mode
Authenticating Peers
Unauthorized Access
IP Unreachable Vulnerabilities