SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Router Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Router threat that involves the unauthorized viewing and collection of network traffic; usually accomplished with a packet sniffing program
Eavesdropping and Information Theft
Two Modes of IPSec
Generic Routing Encapsulation (GRE)
syslog
2. 0-99
Lower IP Standard ACL Range
TCP/UDP Discard Vulnerability
inger Server
Named ACL
3. A method of bypassing firewall or proxy restrictions by making the firewall think that it is getting traffic from a web browser
Two Protocols of Tunnel Mode
HTTP Tunneling
inger Server
no ip redirect
4. Access - Distribution - Core
Three Layers of Hierarchical Model
GRE Operating Layer
ESP Identifier
First Part of IOS Version
5. Users - Host PC's - IP Addresses
Authenticating Peers
Denial of Service (DoS)
Dynamic NAT
Finger Vulnerabilities
6. This server is used for querying a host about its logged in users
inger Server
ACL to block a Smurf Attack or Fraggle Attack
Rerouting
Land Attack
7. Command to disable BOOTP Server
Syntax for Reflexive ACLs
HTTP Operating Layer
no ip redirect
no ip bootp server
8. ACK and RST
SSH2
Flags used by Established Line
ACL to block IP multicast
HTTP Identifier
9. Public IP address before translation
Outside Local Address
Extended ACL format
ESP Operating Layer
Layer 2 Tunneling Protocol (L2TP)
10. Privilege level that has Global administration capabilities
TLS/SSL Identifier
Access List Rules
Land Attack
Privilege Level 15
11. Breaks LAN security perimeter extends LAN to Layer 2
Proxy ARP Vulnerabilities
ACL to block telnet
GRE Identifier
Authenticating Peers
12. Rewrites the and/or destination IP address of IP packets as they pass through a router or firewall from private to public addresses
Syntax for Reflexive ACLs
Network Address Translation (NAT)
Fourth Part of the IOS Version
Requirements for Reflexive TCP to be removed
13. Device - Hostname - IOS - IP Address - Ports - Model
Cisco Discovery Protocol (CDP)
ESP Operating Layer
CDP Vulnerabilities
no ip mask-reply
14. DENY IP HOST <Inbound IP Address> HOST <Inbound IP Address>
TCP SYN Attack
ACL to block a Land Attack
Integrity Validation
Train Identifier 'B'
15. Geolocational positioning
TCP Intercept
Boot Network
TCP/UDP Daytime Vulnerability
Common uses of Access Lists
16. Attack that involves a multitude of compromised system attack a single target - denying service to it by exploiting one 'master' system that communicates with other 'zombie' systems
IPSec AH Identifier
Flags used by Established Line
AUX Vulnerability
Distributed Denial of Service Attacks
17. Release Train Identifier
IP Directed Broadcast
Fifth Part of the IOS Version
TCP Load Distribution
SSH2
18. Layer 3
no cdp run
Boot Network
ESP Operating Layer
Inside Global Address
19. Protocol that allows data to be exchanged using a secure channel between two computers via encryption
Secure Shell (SSH)
uRPF Strength
Transport Mode
no cdp run
20. UDP Port 514
ACL to block incoming loopback packets
syslog
UDP Traceroute Port Range
no service tcp-small-servers
21. None - uses attached application protocol's port
IP Spoofing
TLS/SSL Identifier
SSH
Layer 2 Tunneling Protocol (L2TP)
22. Tunnel Mode Protocol provides integrity - authentication - and non-repudiation and operates directly on top of IP
Authentication Header (AH)
Secure Shell (SSH)
ACL to block incoming loopback packets
Tunneling
23. Commands to disable Finger Server
Integrity Validation
TCP/UDP Discard Vulnerability
no ip finger - no service finger
IP Source Routing Vulnerabilities
24. This layer controls user and workgroup acess to the Internetwork resources at the local level using segmentation of networks to create separate collision domains - AKA an organization's trusted network
Access Layer
Rerouting
HTTP Tunneling
Inside Local Address
25. 2000-2699
SSH Identifier
Networks
Lower IP Extended ACL Range
TCP SYN Attack
26. Form of dynamic NAT that maps multiple unregistered IP addresses to a single registered IP address by using different ports; limited to ~64 -000 hosts
Encrypted Tunneling Methods
SSH Operating Layer
Session Hijacking
Overloading
27. Proprietary - used by Cisco routers and switches use to identify each other on LAN and WAN segments
L2TP Identifier
Unicast Reverse-Path Forwarding (uRPF)
Cisco Discovery Protocol (CDP)
login local
28. Privilege level that restricts users to five commands (enable - disable - exit - help quit)
ESP Operating Layer
Privilege Level 0
Train Idenifier 'E'
HTTPS Strength
29. TCP and UDP Port 162
TLS/SSL Identifier
SNMP Trap
echo - chargen - discard - daytime
TCP/UDP Echo Vulnerability
30. What Local and Global refer to in NAT
SNMP Trap
HTTP Operating Layer
Networks
Train Identifier 'S'
31. Can copy - poison - corrupt - or delete the IOS
DNS Lookup Vulnerability
Third Part of the IOS Version
HTTP Identifier
BOOTP Vulnerabilities
32. Two - one Inbound or Evaluated and one Outbound or Reflected
IP Mask Reply Vulnerabilities
BOOTP
Extended IP ACLs
Minimum ACLs Required for Reflexive ACLs
33. Four TCP/UDP Small Server commands recommended to disable
Standard ACL format
SSH2
echo - chargen - discard - daytime
Fraggle Attack
34. Refers to the organization's private network
Inside
Common uses of Access Lists
TCP Intercept
SNMP Trap
35. Routing mode depended on by uRPF in order to function
Unicast Reverse-Path Forwarding (uRPF)
Three Layers of Hierarchical Model
User Account Vulnerabilites
Cisco Express Forwarding (CEF)
36. TCP and UDP Port 161
SNMP
TCP/UDP Discard Vulnerability
no service udp-small-servers
Standard ACL format
37. The host can specify which route to take - which bypasses security
IP Source Routing Vulnerabilities
BOOTP Vulnerabilities
Integrity Validation
Dynamic NAT
38. Must be made at global config mode - created from CON/VTY session or text file - read top to bottom - applied at the interface and only one ACL per direction - per protocol - per interface
SNMP
Network Time Protocol (NTP)
Access List Rules
Devices
39. UDP Port 1701
ACL to block TCP SYN Attack
L2TP Identifier
Lower IP Standard ACL Range
ACL to block a Smurf Attack or Fraggle Attack
40. Layer 7
IPSec AH Identifier
HTTP Operating Layer
Fourth Part of the IOS Version
Extended ACL format
41. Attack that involves sending a large amount of UDP Echo packets to a subnet's broadcast address with a spoofed source IP address from that subnet
uRPF Strength
Fraggle Attack
SSH1
Extended IP ACLs
42. 0x33 or 51
TLS/SSL Identifier
IPSec AH Identifier
IP Mask Reply Vulnerabilities
Two Modes of IPSec
43. Can discover vulnerabilities - network stats - and firewall discovery
Lower IP Extended ACL Range
no service udp-small-servers
Common uses of Access Lists
IP Unreachable Vulnerabilities
44. Uses SSL port 443
Route Injection Attack
Two Protocols of Tunnel Mode
HTTPS Strength
Common uses of Access Lists
45. Layer 7
ACL to block telnet
TCP/UDP Chargen Vulnerability
IPSec AH Operating Layer
SSH Operating Layer
46. Block spoofed IP packets - block loopback packets - block IP multicast if unused - block ICMP redirects - Block telnet if not used
Common uses of Access Lists
Transport Mode
Network Time Protocol (NTP)
Third Part of the IOS Version
47. Translates multiple local addresses to a pool of global addresses by having the firewall select the first available global address; retains the global address for the duration of the connection
ACL to block spoofed IPs
Train Idenifier 'E'
echo - chargen - discard - daytime
Dynamic NAT
48. Uses server and host keys to authenticate systems
Anti-Replay
SNMP Vulnerabilities
Standard ACL format
SSH1
49. Local and Remote
Higher IP Extended ACL Range
Two Types of Router Access
IPSec AH Operating Layer
Three Physical Security Vulnerabilities
50. Refers to addresses used on the organization's private network
Higher IP Standard ACL Range
Uses for ACLs
Local Addresses
ACL to block spoofed IPs
