08

Question 1

__________ stored software and configuration state of the router itself, contains interface addresses, static routes, usernames, passwords, and privileges

What is compromised once this is taken?

Answer 1

core configuration

Dynamic Configuration
Network Traffic

Question 2

__________ contains routing tables, ARP tables, and audit logs,
What is compromised once this is taken?

Answer 2

Dynamic configuration

Network Traffic

Question 3

_________ The information that routers manage, forward, and filter, such as permitted protocols and services

Answer 3

Network Traffic

Question 4

What is compromised once physical security is compromised?

Answer 4

everything

Question 5

Stp Security

The _________________ is a way of preserving the STP topology by preventing the processing of any BDPUs received on a port. If a BDPU is received the port is automatically disabled and ports must be recovered manually

Answer 5

BDPU Guard Service

Question 6

___________ provides a way to enforce the root bridge placement in the network, by not allowing a port to become a root port

Answer 6

Root Guard

Question 7

_________ negotiates trunking on VLAN aware switches allowing switches to automatically learn and change port configurations based on the information gathered on each port.

Answer 7

DTP

Question 8

In terms of security what should you do with vlans?

Answer 8

shut down any unused and never use the default vlan 1

Question 9

How port security learns the valid Mac address

____________ manually configured by the administrator

___________ learned __________ for traffic. stored in the address table but not in the running config

__________ Manually configured or learned dynamically from traffic. Also stored in the running configuration. The running configuration is then saved, making the addresses static

Answer 9

Static

Dynamic

Sticky

Question 10

Port Security violation actions

___________ administratively disables the port. Must be brought back up manually

__________ Forwards allowed traffic, drops violating traffic and increments the port security violation counter. Can also send an SNMP trap and send logs to syslog.

_________ Like restrict, but without logging violations

Answer 10

Shutdown

Restrict

Protect

Question 11

How do I disable CDP on an interface/globally?

Answer 11

global mode: no cdp run
specific int: no cdp run

Question 12

________/________ Occurs when an attacker manipulates and falsifies information and is used to hide an attacker’s identity

Answer 12

Masquerading/Spoofing

Question 13

__________ The exploitation of a valid computer session - sometimes also called a session key

Answer 13

Session Hijacking

Question 14

________ Includes manipulating router updates to cause traffic to flow to unauthorized destinations

Answer 14

Rerouting

Question 15

________ Refers to willful attempts to cause disruptions by overwhelming the targeted system.

Answer 15

Denial of Service

Question 16

_________ The unauthorized viewing and collection of network traffic

Answer 16

Eavesdropping and information theft

Question 17

Port ___ Service _____ This command echoes back whatever is typed

Answer 17

7echo

Question 18

Port __ Service ______ This service was originally designed to aid in troubleshooting links along a communications path.

Answer 18

9discard

Question 19

Port _____ Service __________ This command returns system date and time

Answer 19

13daytime

Question 20

Port ____ Service ________ generates a 72-charcter string of ASCII characters from the remote host.

Answer 20

19chargen

Question 21

Service _____ Network hierarchy could be changed at layer 2 and loops introduced. Mitigate with BDPU guard and root guard

Answer 21

STP

Question 22

Service ____ Vlan hopping attack

Answer 22

DTP

Question 23

Service _____ Gives too much information about neighbors

Answer 23

CDP

Question 24

Service _________ Port ______ enumeration of logged in users and correlated with time, when they are usually working.

Answer 24

79finger

Question 25

Service ________
Port _______ Change system times, updates, logs, time based ACLs, syncing

Answer 25

UDP 123NTP

Question 26

Service _________ Allows a device to load their configuration fro over the network. Posing as a BootP server allows an adversary to pass a config of their choosing, or DoS by denying one.

Answer 26

Boot Network

Question 27

Service ___________ showing what is unreachable, and sometimes why.

Service ______ informs a host that a packet was sent to the wrong destination, and tells the sending machine the correct destination

Service _______ tells you that target networks size

Answer 27

Destination unreachable

Ip redirect

ICMP Mask reply

Question 28

Service ______ DNS Poisoning

Answer 28

DNS lookups

Question 29

Service _____ port ____ zero knowledge needed to configure a device, Could allow access to machine @ priv 15 with no username/pswd

command:

Answer 29

80HTTP

Question 30

Service _____ port _____ secure protocol zero knowledge needed to secure

Answer 30

TCP 443HTTPS

Question 31

Service ______ specify the route a packet takes bypassing security measures and changes Source IP whcih can bypass ACLs

Answer 31

IP Source Routing

Question 32

Service ______
V1&V2: sends packets in clear text
V3: encrypted

Answer 32

SNMP

Question 33

Service _______ enables a Cisco router to act as intermediary for ARP, breaking the LAN security perimeter allowing mac addresses too be sent past the switch onto the network

Answer 33

Proxy ARP

Question 34

Service _________ permits a host on one LAN segment to send broadcast messages on a different LAN segment

What vulnerability?

Answer 34

IP Directed Broadcast
Smurf attack

Question 35

Service _____ only forwards packets with valid addresses, Relies on CEF

commands?

Answer 35

uRPF
global config: ip cef
specific int: ip verify unicast reverse-path

Question 36

Service_____ port_____ is proprietary to MircoTik, it is a configuration and management software tool

Answer 36

TCP 8281WinBox

Question 37

___________ involves a direct connection to the console port of a device with a terminal emulator program such as HyperTerminal, or dumb terminals

Answer 37

Local access

Question 38

Password Recovery can only occur on a _________ port

Answer 38

Console Port

Question 39

How do I enable SSH?

Answer 39

assign a domain name
ip domian name jcac.net
make account
go into VTY lines 0 15
Login local
transport input none
transport input ssh

Question 40

___________ logs errors and blocks packets. Service____
port ____

Answer 40

UDP 514Syslog

Question 41

Standard IP Access Lists
What is the

Answer 41

Standard IP Access Lists

Question 42

Standard IP Access Lists

Answer 42

Standard IP Access Lists

Question 43

Extended IP Access Lists

Answer 43

Extended IP Access Lists

Question 44

Extended IP Access Lists

Answer 44

Extended IP Access Lists