Soal ujian MTCNA

 

1.Mark all correct Statement about /export (rsc file)
         A.Exports logs from /log print 

         B.Exports full configuration of the router

         C. Exports only part of the configuration (for example /ip firewall)

         D.Exports scripts from /system script

         E.Exports files could not edited

Penjelasan: Export file hampir sama kayak backup tapi bedanya Export file bisa mengeksport satu konfigurasi saja contohnya /ip firewall. Export file juga bisa mengeksport seluruh konfigurasi

  2.For static routing functionality, additionally to the RouterOS system package, you will also need the following software package:

        A.None

        B.DHCP

        C.Routing

        D.Advance-Tools

Penjelasan: Static route memang tidak membutuhkan paket. Static Route memang sudah seperti Routing yang diberikan oleh seluruh alat.

  3. From which of the following locations can you obtain Winbox?

        A.Router’s webpage

        B.Files menu in your router

        C.Via the console cable

        D.mikrotik.com

Penjelasan: Winbox dapat ditemukan/diperoleh di Router's Webpage maupun di mikrotik.com. kamu tidak dapat menemukan Winbox di Menu files di dalam Router maupun lewat kabel console

  4.. Which default route will be active?

/ip route
add disabled=no distance=10 dst-address=0.0.0.0/0 gateway=1.1.1.1
add disabled=no distance=5 dst-address=0.0.0.0/0 gateway=2.2.2.2

        A.Route via gateway 1.1.1.1

        B.Route via gateway 2.2.2.2

Penjelasan: di dalam Static Route kita dapat menggunakan metode Fail Over dan Load Balancing nah dalam konfigurasi di soal itu menggunakan metode Fail Over yang dimana kita membuat jalur cadangan atau backup jika jalur utama mati/down. Dalam Fail Over itu mengkonfigurasikannnya dia membutuhkan Distance nah distance ini yang membedakan mana jalur utama dan mana jalur backup, Jalur kecil lah yang akan dipilih untuk menjadi Jalur utama dan distance terbesarlah yang dipilih untuk menjadi jalur cadangan

  5.What protocol is used for Ping and Trace Route?

        A.IP                                                                                       

        B.DHCP

        C.ICMP

        D.UDP

        E.TCP

Penjelasan:ICMP merupakan protokol yang digunakan untuk ngeping dan ngetraceroute. Untuk penjelasan lebih lanjut tentang ICMP kamu dapat melihat disini

  6./ interface wireless access-list is use for :

        A. Shows a list of clients MAC address to permit/deny registered to AP

        B. Autenticate Hotspot users

        C. Handles a list of clients MAC address to permit/deny connection to AP

        D. Contains the security profiles settings.

Penjelasan: Access List merupakan sebuah Wireless Tool yang berguna untuk melakukan Filtering pada AP. Access-List dapat memfilter siapa saja yang bisa connect ke AP melalui MAC Address maupun Single-Range. Access-List terbagi menjadi 2 yaitu Extended Access-List dan Standard Access-List. Standard Access-List memfilter menggunakan IP sedangkan Extended Access-List memfilter menggunakan Source maupun destination IP address.

  7.Collisions are possible in full-duplex Ethernet networks.

      FALSE

Penjelasan: Tidak semua Kesalahan dala networking itu berasal dari Ethernet. Semua kesalahan bisa terjadi mulai dari salah konfigurasi, kesalahan Router maupun kesalahan pada kabel sehingga jawaban yang tepat adalah False karena tidak semua kesalahan terjadi pada kabel

  8.How many layers does Open System Interconnection model have?

        A.12          

        B. 9

        C.6 

        D.5

        E.7

Penjelasan: Osi layer memiliki 7 model yang terbagi menjadi 2 kubu yaitu kubu Upper Layer dan Lower Layer. Upper Layer terdapat layer Application, Presentation, dan Session. Sedangkan Kubu Lower layer terdapat Transport, Network, Data Link, dan Physical

  9.It is impossible to disable user "admin" at the menu "/user

      FALSE

Penjelasan: Jika kamu pernah membuka Winbox dan membuka menu "User" maka kamu dapat mengetahui jawaban ini. User Admin merupakan Default User yang diberikan oleh Mikrotik agar dapat mengakses Winbox. User ini dapat kita Delete maupun kita Disable. so it Possible to DIsable Admin User

  10.Is ARP used in the IPv6 protocol ?  

     FALSE

Penjelasan: Address Resolution Protokol atau biasa disebut ARP ini biasa dipakai untuk Ipv4 nah jika ARP dipakai untuk Ipv4 terus Ipv6 makenya apa dong?? kalo Ipv6 itu memakai Neighbor Discovery Protocol atau biasa disebut NDP. NDP berguna untuk mencari node lain, menentukan alamat node lain dan mencari Router dalam satu lapisan link.

  11.Select valid SUBNET masks:

        A.255.192.0.0

        B.255.255.224.0

        C.192.0.0.0

        D.255.255.192.255

Penjelasan: Subnet mask adalah istilah teknologi informasi dalam bahasa Inggris yang mengacu kepada angka biner 32 bit yang digunakan untuk membedakan network ID dengan Host ID, menunjukan letak suatu host, apakah berada di jaringan lokal atau luar. untuk menentukannya bisa dilihat di gambar berikut 

  12.You need to reboot a RouterBoard after importing a previously exported rsc file to activate the new configuration.

      TRUE

Penjelasan:Reboot bisa dipakai saat kamu mengimport export file atau backup file karena jika kamu ga mereboot RouterBoard kamu maka backup file kamu atau export filenya tidak akan ke read sebelum kamu mereboot RouterBoardnya

  13.What is the maximum number of ARP entries on a Mikrotik RouterOS device ?

        A. Unlimited

        B. 2048

        C. 8192

        D. 10240

Penjelasan: Adress Resolution Protocol atau biasa dsebut ARP berguna untuk memetakan OSI Layer3: Ip Address ke OSI Layer2: Mac OSI. Saat Router digunakan Router memiliki entri table untuk ARP. Biasanya Biasanya ARP dibangun dengan Dinamis, tetapi untuk meningkatkan keamanan kamu dapat membangun sebagian atau seluruh entri yang kamu masukan ke dalam bentuk statis, dan maksimal entri yang dapat dimasukan adalah 8192 entri. Jika ingin mengetahui lebih lanjut tentang ARP kamu dapat mengkliknya disini

  14.What is term for the hardware coded address found on an interface?

        a. IP Address 

        b. Interface Address

        c. MAC Address 

        d. FQDN Address

 

  15.Which of the following protocols / port s are used for SNMP. (Simple Network Managemnt Protocol)?

       A.TCP 161

      B.TCP 162

      C. UDP 161

      D.TCP 123

      E. UDP 162

      F.TCP 25

Penjelasan: SNMP atau Simple Network Management Protocol adalah protokol internet standard yang digunakan untuk mengumpulkan dan mengorganisir informasi tentang perangkat yang dikelola di jaringan IP dan untuk memodifikasi inforamsi yang mengubah perilaku perangkat. Protokol bekerja pada UDP 161 dan UDP 162

  16.How many usable IP addresses are there in a 23-bit (255.255.254.0) subnet? 

        A.510

        B.254

        C.508

        D.512

Penjelasan: Yang dimaksud Usable IP adalah IP yang dapat dipakai di subnet 255.255.254.0 berarti soal ini menanyakan jumlah host dalam subnet 255.255.254.0 kamu dapat melihat di dalam gambar penjelasan no 11

  17.How many different priorities can be selected for queues in MikroTik RouterOS?

        A. 8

        B. 16

        C. 0 

        D. 1

Penjelasan: Mikrotik memberikan priorities sebanyak 8 priorities

  18.How many bits are in a subnet mask for an IPV4 network ?

       A.16

       B.none

        C.8

        D.32

Penjelasan: IPv4 menggunakan 32 bit dan membatasi ruan address sampai 4294967296 (2^32) karena keterbatasan IPv4 ini mendorong pembuatan IPv6 pada tahun 1990-an dan secara komersial digunakan pada tahun 2006 untuk mengetahui lebih lanjut tentang IPv4 kamu dapat mengklik disini

  19.Choose all valid hosts address range for subnet 15.242.55.62/27

      A. 15.242.55.31-15.242.55.62

      B. 15.242.55.32-15.242.55.63

      C. 15.242.55.33-15.242.55.62

      D. 15.242.55.33-15.242.55.63

Penjelasan: Jika kamu melihat gambar nomer 11 disitu dijelaskan bahwa /27 mempunyai 30 host, 1 network dan broadcast. Jika kita memulai network dari 15.242.55.0 berarti broadcastnya adalah 15.242.55.31 setelah itu kembali lagi ke network berarti network kedua dari /27 adalah 15.242.55.32 dan broadcastnya adalah 15.242.55.63 nah diantara 15.242.55.32 dan 15.242.55.63 itu adalah hostnya. Untuk menjawab soal ini kamu perlu mengerti tentang perhitungan subnetting.

 20.Which of the following actions are available for '/ip firewall mangle' (select all valid actions)
       A. change MSS
       B. mark connection
       C. Accept
       D. Jump
       E. Drop
       F. mark packet 

Penjelasan: Mangle adalah semacam "Penanda" yang paket dengan tanda khusus. Fasilitas yang menggunakan tanda-tanda dari mangle, seperti queue tree, NAT, dan Routing. Didalam action firewall mangle ada banyak kamu bisa lihat disini sebagiannya adalah Change MSS, Mark Connection, Accept, Jump, dan Mark Packet

  21. Mode wireless apakah yang bisa digunakan untuk mengkonfigurasikan WDS?
         A. ap-bridge
         B. nstreme-dual-slave
         C. bridge
         D. station-wds 
         E. Station

Penjelasan: WDS adalah dimana Station dapat menjadi AP dalam satu waktu namun dengan konsekuensi Bandwidth berkurang 50%. dan untuk membuat WDS kita membutuhkan mode wireless: Bridge, AP-Bridge, WDS-Slave, dan Station-WDS untuk mengetahui lebih lanjut silahkan klik disini

  22.You need to set up an E1(T1) connection with PPP configured. Which License level is needed?
       A.Level 4 
       B.It cannot be done in RouterOS.
       C.Level 5

Penjelasan:E1 adalah setandar yang dipakai di Eropa dan dipakai juga di Indonesia sedangkan T1 adalah Standard Amerika. Jika kamu mencari 

  23.Which of the following is NOT a valid MAC Address? [multiple answers]
        a. 95:B5D:EE:78:8A 
        b. 13:16:86:53:89:43
        c. 80:GF:AA:67:13:5D
        d. 88:0C:00:99:5F:EF
        e. EA:BA:AA:EE:FF:CB

Penjelasan: MAC address menggunakan Hexa desimal yang dimana maksimalnya adalah huruf "F" sehingga lebih dari "F" seperti G,H, dll.

  24.When sending out an ARP request, an IP host is expecting what kind of address for an answer? 

        A. VLAN ID

        B. IP address

        C. MAC Address

        D. 802.11g 

Penjelasan: ARP berguna untuk pemetaan dari tingkat OSI layer 3 ip address ke OSI Layer 2 Mac Address. ARP digunakan hanya di Ipv4 sedangkan untuk Ipv6 menggunakan protokol NDP

  25.Which option in configuration of a wireless card must be disabled to make router to permit only known clients listed in the access list to connect? 
A. Default Forward
B. Enable Access List
C. Default Authenticate
D. Security Profile

Penjelasan: Default Authenticate memungkinkan seluruh client dapat terhubung tanpa diseleksi oleh Router jika mode ini di non aktifkan maka kita dapat menentukan Kebijakan klient boleh terkoneksi ke Access Point atau tidak. Jika ingin terkoneksi ke Access Poitn maka pastikan terlebih dahulu Mac Address Device kamu sudah terdaftar apa belum di Access List jika belum maka kamu tidak akan bisa konek ke Access Point

  26.What is the default protocol/port of (secure) winbox?
A. TCP/8080
B. TCP/22
C. UDP/5678
D. TCP/8291

Penjelasan: Default Protocol/port untuk Winbox memakai port TCP/8291 sedangkan UDP/5678 untuk Mikrotik Neighborv Discovery Protocol, TCP/22 untuk SSH dan TCP/8080 untuk Web Proxy jika kamu ingin mengetahui lebih protocol apa saja yang digunakan oleh Mikrotik kamu dapat lihatnya disini

  27.A backup file from a MikroTik router is stored in plain text format
False

Penjelasan: Backup File tidak dapat disimpan dalam format biasa. Backup file tidak dapat dibuka dengan Notepad berbeda dengan Export File. Export File dapat dibuka dengan Notepad dan kamu bisa memilih konfigurasi mana yang mau di Eksport menjadi file sedang kan Backup langsung seluruh konfigurasi

  28.NStreme works only on 40mhz Channel width
False

Penjelasan: Nstreme tidak hanya bekerja pada Channel 40 Mhz, NStreme juga bekerja pada Channel 20 Mhz, dan 10 Mhz. Channel default dari NStreme adalah 20 Mhz.

  29. What kind of users are listed in the Secrets window of the PPP menu?

A.L2TP users

B.PPPOE users

C.Hotspot users

D.PPTP users

E.Winbox users

F.Wireless users

Penjelasan:MikroTik RouterOS memiliki klien RADIUS yang dapat mengotentikasi untuk koneksi PPP, PPPoE, PPTP, L2TP dan ISDN. Sedangkan Winbox Users, Wireless Users, dan Hotspot User bukan termasuk di dalam PPP menu.

  30./interface wireless access list is used for

A.Handles a list of Client's MAC Address to permit/deny connection to AP

B.Contains the security profiles settingsC.Shows a list of Client's MAC address that are already registered at AP

D.Authenticate Hotspot users

Penjelasan: Access List merupaka sebuah Fitur yang biasa digunakan untuk melakukan Filtering pada Access Point. Access List biasanya melakukan Filtering menggunakan Mac Address, Jika Mac Address kamu tidak terdaftar pada Access List yang berada di Access Point maka kamu tidak akan bisa konek/konek ke Access Point tersebut Tergantung admin. Sehingga fungsi dari Access List adalah Mengelola List Mac Address Client untuk diizinkan atau tidak terkoneksi ke AP

  31.Check the allowed input formats for wireless scan-list.

A. 5500,5700

B. 5500 5700

C. 5500/5700

D. 5500 - 5700

E. 5500-5700

Penjelasan: Scan-List dapat meScan seluruh Frequency mulai dari Frequency 2400 sampai Frequency 5700. Disini yang ditanyakan adalah Format atau penulisan untuk Wireless Scan-list bukan Frequency atau yang lainnya sehingga untuk menjawab soal ini kamu harus terliti. dan jawaban yang benar adalah yang E dimana tidak ada spasi steleah angka maupun sebelum angka.

  32. MAC layer by OSI model is also known as

A.Layer 3B.Layer 2

C.Layer 1D.Layer 6E.Layer 7

Penjelasn: Mac menggunakan OSI Layer 2 yang dimana termasuk kedalam OSI Data Link. OSI Layer 2 mentransfer data antara 2 device yang terhubung. OSI Layer 2 juga dapat mendeteksi dan mungkin memperbaiki kesalahan yang mungkin terjadi pada Layer 1.

  33.MikroTik RouterOS DHCP client can receive following options

A. Byte limitB. IP GatewayC. Rate limit

D. Uptime limitE. IP Address and Subnet 

Penjelasan:DHCP Client dapat diaktifkan di setiap antarmuka Ethernet seperti pada suatu waktu. DHCP Client akan menerima Ip Address,netmask, gateway default, dan dua alamat dns server. Uptime Limit akan diterima oleh DHCP Client jika Router yang mesetting DHCP Server juga menyeting Hotspot.

  34.Mark the queue types that are available in RouterOS

A. SFQ – Stochastic Fairness QueuingB. DRR - Deficit Round RobinC. FIFO - First In First Out (for Bytes or for Packets)D. LIFO - Last In First OutE. PCQ – Per Connection Queuing

F. RED – Random Early Detect (or Drop)

Penjelasan: queue berguna untuk melimit traffic. implementasi Queue di MikroTik RouterOS berdasarkan Hierarchical Token Bucket (HTB). HTB memungkinkan untuk membuat struktur antrian hirarkis dan menentukan hubungan antara antrian. Queue memiliki 4 type yaitu SFQ,PCQ,RED dan FIFO. FIFO terbagi lagi menjadi 3 yaitu BFIFO,PFIFO, dan MQ PFIFO.

  35.The basic unit of a physical network (OSI Layer 1) is the:

A.HeaderB.Bit

C.ByteD.Frame

Penjelasan:OSI Layer 1 bertanggung jawab dalam transmisi dan penerimaan data mentah dan tidak terstruktur dalam media fisik (Device). Transmisi mungkin di definisikan sebagai Simplex, half Duplex, dan Full Duplex. Protocol data unit yang digunakan OSI Layer 1 adalah Bit.

  36.Is it possible for a client to get an IP address but no gateway after a successful DHCP request? 
FALSE

Penjelasan: Seperti yang sudah saya jelaskan sebelumnya jika DHCP Client dihidupkan maka DHCP Client akan menerima Ip Address,netmask, gateway default, dan dua alamat dns server itu secara Default terkecuali untuk DNS Server. DHCP Client tidak akan menerima DNS Server jika di DHCP Servernya tidak di konfigurasi DNS Server. Tetap untuk Ip Address dan gateway Default itu akan diterima secara default.

  37.It is necessary to configure a local DNS server to be able to give out a DNS setting to clients via DHCP server.
TRUE

Penjelasan: Jawabannya true karena DHCP dapat mengirim DNS server untuk client. DHCP Server akan mengirim DNS Server ke client dan karena DHCP Client menerima  Ip Address,netmask, gateway default, dan dua alamat dns server maka DNS Server akan langsung diterima oleh Client

  38.Which of the following Routes statuses are possible?

A. S = Static

B. D = Drop

C. C = Connected

D. A = Active

Penjelasan: Route statuses atau Status Routing ada 12 jenis yaitu: disable(x), Active(A), Dynamic(D), Connect(C), Static(S), rip(r), BGP(b), Ospf(o), mme(m), Blackhole(B), Unreachable(U), dan Prohibit(P).

  39.Can you limit how many clients than are able to connect to access point (routeros)?
A. Yes, but only with access-lists
B. No it's not possible at all
C. Yes

Penjelasan: Kamu dapat melakukan melimit atau membatasi client yang dapat connect ke AP kamu hanya dengan cara Access List. Access List merupakan sebuah konfigurasi yang digunakan untuk melakukan Filtering terhadap client yang connect konfigurasi ini dijalankan di bagian Wireless

  40.In RouterOS queue configurations the word "total" usually represents

A. download

B. upload + download
C. download - upload

D. upload

Penjelasan: Queue merupaka konfigurasi yang digunakan untuk melimit atau membatasi Traffic entah itu Traffic download ataupun upload. Implementasi pada Queue berdasarkan  Hierarchical Token Bucket(HTB). HTB memungkinkan untuk membuat struktur antrian hirarkis dan menentukan hubungan antara antrian.HTB mempunyai 4 struktur yang berbeda yaitu:
global-in:mewakili semua interface masukan secara umum (masuknya antrian). Antrian melekat global di berlaku untuk lalu lintas yang diterima oleh router sebelum packet filtering
global-out:mewakili semua output interface pada umumnya (egress queue).
globa-total:mewakili semua interface input dan output bersama-sama (dengan kata lain itu adalah agregasi global-in dan global-out). Digunakan dalam kasus ketika pelanggan memiliki batas tunggal untuk kedua, upload dan download.
<Interface name>:merupakan satu antarmuka keluar tertentu. Hanya traffic ini yang ditujukan untuk pergi keluar melalui antarmuka ini akan melewati Queue HTB ini.
untuk lebih jelasnya kamu dapat melihatnya disini

  41.What packages allow ROS to perform static routing?

A.system

B.routing

C.multicast

D.wireless

Penjelasan: ROS merupakan singkatan RouterOS. Static Routing sudah termasiuk kedalam package system

  42.When backing up your router by using the Export file command, the following happens:

A. Win box usernames and passwords are backed up

B. The Export file can be edited with a standard text editor after its creation

C. You are requested to give the export file a name

Penjelasan: Export file berguna untuk membackup tetapi command ini berbeda backup file jika backup file tidak dapat dibuka lewat notepad sedangkan Export file dapat dibuka lewat notepad Export file juga diminta untuk memberi nama filenya.

  43.Wireless clients (mode=station) will work properly if bridged to ethernet

False   

  44.What is possible with Netinstall?

 A. MikroTik RouterOS reinstall

 B. MikroTik RouterOS configuration reset

 C. MikroTik RouterOS password reset with saving router's configuration

 

 Penjelasan:  Netinstall adalah program yang berjalan pada komputer Windows yang memungkinkan Anda untuk menginstal MikroTik RouterOS ke PC atau ke RouterBoard melalui jaringan Ethernet. Netinstall juga digunakan untuk menginstal ulang RouterOS dalam kasus di mana instalasi sebelumnya gagal, menjadi rusak atau password akses hilang.Netinstall juga berfungsi untuk mereset ulang Konfigurasi.

  45.Mark possible TCP states in the connection tracking table

 A. New

 B. Syn

 C. Related

 D. Invalid

 E. Established

 F. Closed

Penjelasan:Connection Tracking hanya ada 4 yaitu New, Related, Invalid, Established

  46.Mark correct statements about Backup Files

 A. Export files are not editable

 B. Backup files are not editable

 C. Backup files are editable

Penjelasan: seperti yang saya jelaskan sebelumnya perbedaan antara Backup File dan Export File adalah bahwa Export File dapat di edit di Notepad sedangkan Backup File tidak dapat diedit di Notepad

  47.What is the default TTL (time to live) on a router that an IP packet can experience before it will be discarded?

A.6O

B.30

C.1

D.64  

   48.You have 802.11b/g wireless card. What frequencies are available to you?

A.2327MHz

B.5210MHz

C.2412MHz

D.2422MHz

E.5800MHz

  49.Simple Queue number 0 defines 2M for upload and download for target IP 10.10.0.33.

Simple Queue number 1 defines 4M for upload and download for target IP 10.10.0.33. Client 10.10.0.33 is be able to obtain

 A. 2M upload/download

 B. 4M upload/download

 C. 0M upload/download

 D. 6M upload/download

Penjelasan: Data yang terbuat lebih dulu di Mikrotik itu yang akan di prose jadi misalkan kamu membuat konfigurasi 2M untuk upload terlebih dahulu maka Konfiguras itu yang akan dipakai.

  50.The network address is

A.The last address of the subnet

B.The first address of the subnet

C.The first usable address of the subnet

  51.If ARP=reply-only is configured on an interface, what will this interface do?

A.Accept all IP addresses listed in /ip arp as static entries

B.Accept all MAC-addresses listed in /ip arp as static entries

C.Add new MAC addresses in /ip arp list

D.Add new IP addresses in /ip arp list

E.Accept all IP/MAC combinations listed in /ip arp as static entries

  52. Which of the following IP addresses are publicly routable?

A.127.34.155.3

B.192.168.1.4

C.11.3.10.4

D.172.16.13.23

 Penjelasan:IP Public adalah IP address yang digunakan untuk lingkup internet, host yang menggunakan IP public dapat diakses oleh seluruh user yang tergabung diinternet baik secara langsung maupun tidak langsung (melalui proxy/NAT). Ip PRIVATE ada 3blok yaitu:

10.0.0.0 – 10.255.255.255 (Total Addresses: 16,777,216)
172.16.0.0 – 172.31.255.255 (Total Addresses: 1,048,576)
192.168.0.0 – 192.168.255.255 (Total Addresses: 65,536)

Selain itu, IP Public

  53.What does the firewall action "Redirect" do? Select all true statements.

 A. Redirects a packet to a specified port on the router

 B. Redirects a packet to the router

 C. Redirects a packet to a specified IP

 D. Redirects a packet to a specified port on a host in the network

  54.What is necessary for PPPoE client configuration?

 A. ip firewall nat masquerade rule

 B. Interface (on which PPPoE client is going to work)

 C. Static IP address on PPPoE client interface

Penjelasan: PPPOE berfungsi untuk mendistribusikan IP di modem ADSL. PPOE dipasang di Interface yang menuju ke client.

  55.MikroTik RouterOS commands can be run once a day by:

 A. /system cron

 B. /system watchdog

 C. /system scheduler

Penjelasan: command yang digunakan yang berguna untuk menjadwalkan kapan setingan terjadi adalah command /system scheduler

  56.The highest queue priority is

A. 16

B. 1

C. 256

D. 8

  57.For static routing functionality, additionally to the RouterOS 'system' package, you will also need the following software package:

 A. dhcp

 B. no extra package required

 C. routing

 D. advanced-tools

 Penjelasan: Static Route tidak menggunakan Package

  58.For user in local ppp secrets/ppp profiles database, it is possible to

 A. Allow only pppoe login

 B. Deny services (like telnet) only for this user or for one group of users

 C. Set max values for total transferred bytes (up- and download)

 D. Allow/deny use of more than one login by this user

 E. Allow login by pppoe and pptp, but deny login by l2tp  

  59.PPP Secrets are used for

 A. L2TP clients

 B. PPP clients

 C. IPSec clients

 D. Router users

 E. PPtP clients

 F. PPPoE client

  60.PPPoE server only works within one Ethernet broadcast domain that it is connected to. If there is a router between server and end-user host, it will not be able to create PPPoE tunnel to that PPPoE server. 

FALSE

  61.How many usable IP addresses are there in a 23-bit (255.255.254.0) subnet?

A 254

B. 510

C 512

D. 508

  62.What protocol does ping use?

A.UDP

B.ICMP

C.TCP

D.ARP

 Penjelasan: Ping menggunakan Protokol ICMP. untuk penjelasan lebih lanjut tentang Protokol yang digunakan bisa di dilihat 

  63.In MikroTik RouterOS, Layer-3 communication between 2 hosts can be achieved by using an address subnet of:

A./32

B./29

C./30

D./31

Penjelasan: /30 hanya mempunyai 2 host yang memungkinkan untuk dipakai.

  64.What does the firewall action "Redirect" do? Select all true statements.

 A. Redirects a packet to a specified port on the router

 B. Redirects a packet to the router

 C. Redirects a packet to a specified IP

 D. Redirects a packet to a specified port on a host in the network

  65.It is possible to use WPA and WPA2 authentication type at the same time with one security profile.

TRUE

  66. If ARP=reply-only is configured on an interface, what will this interface do

 A. Accept all IP addresses listed in /ip arp as static entries

 B. Add new MAC addresses in /ip arp list

 C. Accept all IP/MAC combinations listed in /ip arp as static entries

 D. Add new IP addresses in /ip arp list

 E. Accept all MAC-addresses listed in /ip arp as static entries

  67.Which of the following Routes statuses are possible?

 A. S = Static

 B. C = Connected

 C. D = Drop

 D. A = Active

Penjelasan:Route statuses atau Status Routing ada 12 jenis yaitu: disable(x), Active(A), Dynamic(D), Connect(C), Static(S), rip(r), BGP(b), Ospf(o), mme(m), Blackhole(B), Unreachable(U), dan Prohibit(P).

  68.Router A and B are both running as PPPoE servers on different broadcast domains of your network. Is it possible to set Router A to use "/ppp secret" accounts from Router B to authenticate PPPoE customers?

No

  69.Which is correct masquerade rule for 192.168.0.0/24 network on the router with outgoing interface=ether1?

A./ip firewall nat add action=masquerade chain=srcnat                       

B./ip firewall nat add action=masquerade chain=srcnat src-address=192.168.0.0/24  

C./ip firewall nat add action=masquerade out-interface=ether1 chain=dstnat

D./ip firewall nat add action=masquerade chain=srcnat out-interface=ether1

 70.Which option in the configuration of a wireless card must be disabled to cause the router to permit ONLY known clients listed in the access list to connect?

A.Default Forward

B.Enable Access List

C.Default Authenticate

D.Security Profile’

Penjelasan:Default Authenticate memungkinkan seluruh client dapat terhubung tanpa diseleksi oleh Router jika mode ini di non aktifkan maka kita dapat menentukan Kebijakan klient boleh terkoneksi ke Access Point atau tidak. Jika ingin terkoneksi ke Access Poitn maka pastikan terlebih dahulu Mac Address Device kamu sudah terdaftar apa belum di Access List jika belum maka kamu tidak akan bisa konek ke Access Point

  71.It is necessary to configure a local DNS server to be able to give out a DNS setting to clients via DHCP server.

TRUE
 
Penjelasan: Jawabannya true karena DHCP dapat mengirim DNS server untuk client. DHCP Server akan mengirim DNS Server ke client dan karena DHCP Client menerima  Ip Address,netmask, gateway default, dan dua alamat dns server maka DNS Server akan langsung diterima oleh Client

  72.To make all DNS requests coming from your network to resolve on your router (regardless of the clients’ configuration), which action would you specify for the DST-NAT rule?

A. masquerade
B. dst-nat
C. you can’t use DST-NAT to achieve this 
D. Redirect

  73.Is it posible to have PPTP Client an PPTP Server on one MikroTik router at same time? 

 TRUE

  74.You want to use PCQ and allow 256k maximum download and upload for each client. Choose correct argument values for the required queue.

A. kind=pcq pcq-limit=1256000 pcq-classifier=dst-address

B. kind=pcq pcq-limit=256000 pcq-classifier=dst-address

C. kind=pcq pcq-limit=5000000 pcq-classifier=src-address

D. kind=pcq pcq-limit=256000 pcq-classifier=src-address

E. kind=pcq pcq-limit=5000000 pcq-classifier=dst-address

Penjelasan: Soal Mikrotik biasanya diperlukan ketelitian saat menjawab karena beberapa soal dari Mikrotik ada yang menjebak. Nah, termasuk soal ini diperlukan ketelitian. Soal meminta traffic untuk Download dan Upload sebesar 256K jika ini soal yang memerlukan jawaban Multiple maka pilih saja keduanya.

  75.What is term for the hardware coded address found on an interface?

a. IP Address

b. Interface Address

c. MAC Address

d. FQDN Address

Penjelasan: Lagi-Lagi soal dari Mikrotik yang membutuhkan ketelitian. Istilah untuk coded Address yang ada di interface adalah IP address. kenapa bukan MAC Address??  Sedangkan MAC Address adalah coded untuk Device bukan Interface

  76.You have to connect to a RouterBOARD without any previous configuration. Select all possibilities to connect and do some basic configuration

 A. Serial Connection

 B. MAC-Winbox

 C. Attach monitor/keyboard

 D. Telnet

Penjelasan: Mikrotik mempunyai Ip default dan kamu bisa memakai Ip Defaultnya untuk login lewat Telnet, Serial Connection, dan MAC-Winbox

  77.Which computers would be able to communicate directly (without any routers involved)

A. 192.168.0.5/26 and 192.168.0.100

B. 10.5.5.1/24 and 10.5.5.100/25

C. 10.10.0.17/22 and 10.10.1.30/23

D. 192.168.17.15/29 and 192.168.17.20/28

  78.Which of these are possible solutions to bridge two networks over a wireless link:

A. Both devices in AP mode and enable WDS mode

B. One device in AP mode, another one in station-pseudobridge-clone

C. One device in AP mode, another one in station-pseudobridge

D. One device in AP mode, another one in station

  79.Which of the following is true for connection tracking

A. Enabling connection tracking reduces CPU usage in RouterOS

B. Connection tracking must be enabled for firewall to be effective

C. Connection tracking must be enable for NAT'ed network

D. Disable connection tracking for mangle to work

  80.What is marked by connection-state=established matcher?   

A. Packet is related to, but not part of an existing connection

B. Packet begins a new TCP connection

C. Packet does not correspond to any known connection

D. Packet belongs to an existing connection,for example a reply packet or a packet which belongs to already replied connection

  81.What wireless card can we use to achieve 100 Mbps actual wireless throughput?

A. 802.11 b/g

B. 802.11 a/b/g

C. 802.11 a

D. 802.11 a/n

E. 802.11 a/b/g/n

  82.The basic unit of a physical network (OSI Layer 1) is the:

A.Header

B.Bit

C.Byte

D.Frame

Penjelasan:OSI Layer 1 bertanggung jawab dalam transmisi dan penerimaan data mentah dan tidak terstruktur dalam media fisik (Device). Transmisi mungkin di definisikan sebagai Simplex, half Duplex, dan Full Duplex. Protocol data unit yang digunakan OSI Layer 1 adalah Bit.

  83.Check the allowed input formats for wireless scan-list.   

A. 5500,5700

B. 5500 5700

C. 5500/5700

D. 5500 - 5700

E. 5500-5700

Penjelasan: Scan-List dapat meScan seluruh Frequency mulai dari Frequency 2400 sampai Frequency 5700. Disini yang ditanyakan adalah Format atau penulisan untuk Wireless Scan-list bukan Frequency atau yang lainnya sehingga untuk menjawab soal ini kamu harus terliti. dan jawaban yang benar adalah yang E dimana tidak ada spasi steleah angka maupun sebelum angka.

  84.If you need to make sure that one computer in your Hotspot network can access the internet without Hotspot authentication, which menu allows you to do this?

A.Walled-garden
B.Users
C.IP bindings
D.Walled-garden IP

   85.Why is it useful to set a Radio Name on the radio interfaces?

A.To identify a station in a list of connected clients

B.To identify a station in the Access List

C.To identify a station in Neighbor discovery

  86.Action = Redirect is applied in

A.Chain=srcnat

B.Chain=foward

C.Chain=dstnat

  87.Which are necessary section in /queue simple to set bandwith limitation ?

A.Max-limit

B.Target-address, max limit

C.Target-address, max-limit, dst-address

D.Target-address, dst-address

  88.The hotspot feature can be used only on ethernet interfaces. You have to use a separate access point if you want to use this feature with wireless

No

  89.Collisions are possible in full-duplex Ethernet networks.
 False

Penjelasan: Tidak semua Kesalahan dala networking itu berasal dari Ethernet. Semua kesalahan bisa terjadi mulai dari salah konfigurasi, kesalahan Router maupun kesalahan pada kabel sehingga jawaban yang tepat adalah False karena tidak semua kesalahan terjadi pada kabel

  90.If a packet comes to a router and starts a new, previously unseen connection, which connection state would be applied to it?
A. new

B. established

C. unknown

D. invalid

E. no connection state would be applied to such packet

  91.Can you manually add drivers to RouterOS in case your PCI Ethernet card is not recognized, and it's a driver issue ?

No

  92.Possible actions of ip firewall filter are:

A.Accept

B.Add-to-address-list

C.Bounce

D.Tarp

E.Tarpit

F.Log

  93.You have 802.11b/g wireless card. What frequencies are available to you?

A.2327MHz

B.5210MHz

C.2412MHz

D.2422MHz

E.5800MHz

  94.NStreme works only on 40mhz Channel width

False

 Penjelasan: Nstreme tidak hanya bekerja pada Channel 40 Mhz, NStreme juga bekerja pada Channel 20 Mhz, dan 10 Mhz. Channel default dari NStreme adalah 20 Mhz.

  95.What Letter appear next to route, which is automatically created by ROS (RouterOS) when user adds a valid address to an active interface?

A.C

B.A

C.I

D.D

E.S

  96.A PC with IP 192.168.1.2 can access internet, and static ARP has been set for that IP address on gateway. When the PC Ethernet card failed, the user change it with a new card and set the same IP for it. What else should be done?

a. Old static ARP entry on gateway has to be updated for the new card

b. Nothing - it will work as before

c. MAC-address of the new card has to be changed to MAC address of old card

d. Another IP has to be added for Internet access

  97.How long is level 1 (demo) license valid?

A. 24 hours

B. Infinite time

C. 1 month 

D. 1 year

  98.If ARP=reply-only is configured on an interface, what will this interface do

A. Add new IP addresses in /ip arp list

B. Accept all IP/MAC combinations listed in /ip arp as static entries

C. Add new MAC addresses in /ip arp list

D. Accept all IP addresses listed in /ip arp as static entries

E. Accept all MAC-addresses listed in /ip arp as static entries

  99.MAC layer by OSI model is also known as

A.Layer 3

B.Layer 2

C.Layer 1

D.Layer 6

E.Layer 7

Penjelasn: Mac menggunakan OSI Layer 2 yang dimana termasuk kedalam OSI Data Link. OSI Layer 2 mentransfer data antara 2 device yang terhubung. OSI Layer 2 juga dapat mendeteksi dan mungkin memperbaiki kesalahan yang mungkin terjadi pada Layer 1.

  100.Mark all features that are compatible with Nstreme

A. WDS between a device in station-wds mode and a device in station-wds mode  X

B. Encryption X

C. WDS between a device in ap-bridge mode with a device in station-wds mode

D. Bridging a device in station mode with a device in ap-bridge mode X

 

Berikut soal-soal yang sering keluar dalam ujian sertifikasi MikroTik MTCNA.

1. /interface wireless access-list is use for :
a. Shows a list of clients MAC address to permit/deny registered to AP
b. Autenticate Hotspot users
c. Handles a list of clients MAC address to permit/deny connection to AP
d. Contains the security profiles settings.

2. Collisions are possible in full-duplex Ethernet networks.
False
True

3. How many layers does Open System Interconnection model have?
a. 12         
b. 9
c. 6
d. 5
e. 7

4. It is impossible to disable user "admin" at the menu "/user
False
True

5. Is ARP used in the IPv6 protocol ? 
 False
True

6. Select valid SUBNET masks:
a. 255.192.0.0
b. 255.255.224.0
c. 192.0.0.0
d. 255.255.192.255

7. You need to reboot a RouterBoard after importing a previously exported rsc file to activate the new configuration.
True
False

8. What is the maximum number of ARP entries on a Mikrotik RouterOS device ?
a. Unlimited
b. 2048
c. 8192
d. 10240

9. What is term for the hardware coded address found on an interface?
a. IP Address 
b. Interface Address
c. MAC Address
d. FQDN Address

10. Which of the following protocols / port s are used for SNMP. (Simple Network Managemnt Protocol)?
a. TCP 161
b. TCP 162
c. UDP 161
d. TCP 123
e. UDP 162
f. TCP 25

11. How many usable IP addresses are there in a 23-bit (255.255.254.0) subnet?
a. 510
b. 254
c. 508
d. 512

12. How many different priorities can be selected for queues in MikroTik RouterOS?
a. 8
b. 16
c. 0
d. 1

13. How many bits are in a subnet mask for an IPV4 network ?
a. 16
b. none
c. 8
d. 32

14. Choose all valid hosts address range for subnet 15.242.55.62/27
a. 15.242.55.31-15.242.55.62
b. 15.242.55.32-15.242.55.63
c. 15.242.55.33-15.242.55.62
d. 15.242.55.33-15.242.55.63

15. Which of the following actions are available for '/ip firewall mangle' (select all valid actions)
a. change MSS
b. mark connection
c. Accept
d. Jump
e. Drop
f. mark packet

16. You need to set up an E1(T1) connection with PPP configured. Which License level is needed?
a. Level 4
b. It cannot be done in RouterOS.
c. Level 5

17. Which of the following is NOT a valid MAC Address? [multiple answers]
a. 95:B5D:EE:78:8A
b. 13:16:86:53:89:43
c. 80:GF:AA:67:13:5D
d. 88:0C:00:99:5F:EF
e. EA:BA:AA:EE:FF:CB

18. When sending out an ARP request, an IP host is expecting what kind of address for an answer?
a. VLAN ID
b. IP address
c. MAC Address
d. 802.11g

19. Which option in configuration of a wireless card must be disabled to make router to permit only known clients listed in the access list to connect?
a. Default Forward
b. Enable Access List
c. Default Authenticate
d. Security Profile

20. What is the default protocol/port of (secure) winbox?
a. TCP/8080
b. TCP/22
c. UDP/5678
d. TCP/8291

21. a backup file from a MikroTik router is stored in plain text format
False
True

22. NStreme works only on 40mhz Channel width
False
True

23. What kind of users are listed in the Secrets window of the PPP menu?
a. L2TP users
b. PPPOE users
c. Hotspot users
d. PPTP users
e. Winbox users
f. Wireless users

24. /interface wireless access list is used for
a. Handles a list of Client's MAC Address to permit/deny connection to AP
b. Contains the security profiles settings
c. Shows a list of Client's MAC address that are already registered at AP
d. Authenticate Hotspot users

25. Check the allowed input formats for wireless scan-list. 
a. 5500,5700
b. 5500 5700
c. 5500/5700
d. 5500 - 5700
e. 5500-5700

 

 

 

1. A network ready device is directly connected to a MikroTik RouterBOARD 750 with a correct U.T.P. RJ45 functioning cable. The device is configured with an IPv4 address of 192.168.100.70 using a subnet mask of 255.255.255.252. What will be a valid IPv4 address for the RouterBOARD 750 for a successful connection to the device?
a. 192.168.100.70/255.255.255.252 
b. 192.168.100.69/255.255.255.252
c. 192.168.100.71/255.255.255.252
d. 192.168.100.68/255.255.255.252

 

2. In MikroTik RouterOS, Layer-3 communication between 2 hosts can be achieved by using an address subnet of:
a. /31 
b. /29
c. /32
d. /30

3. Which computers would be able to communicate directly (without any routers involved)
a. 192.168.17.15/29 and 192.168.17.20/28
b. 192.168.0.5/26 and 192.168.0.100 
c. 10.5.5.1/24 and 10.5.5.100/25 
d. 10.10.0.17/22 and 10.10.1.30/23

4. How many IP addresses can one find in the header of an IP packet?
a. 1
b. 3
c. 2
d. 4

5. The network address is
a. The first usable address of the subnet
b. The last address of the subnet 
c. The first address of the subnet

6. What is term for the hardware coded address found on an interface?
a. IP Address 
b. MAC Address
c. FQDN Address
d. Interface Address

7. How many usable IP addresses are there in a 23-bit (255.255.254.0) subnet?
a. 512
b. 510
c. 508
d. 254

8. Is ARP used in the IPv6 protocol ? 
False
True

 

9. Which of the following protocols / port s are used for SNMP. (Simple Network Management Protocol)
a. TCP 162 
b. UDP 162
c. UDP 161
d. TCP 25
e. TCP 123
f. TCP 161

10. If ARP=reply-only is configured on an interface, what will this interface do 
a. Accept all IP/MAC combinations listed in /ip arp as static entries
b. Accept all IP addresses listed in /ip arp as static entries
c. Add new MAC addresses in /ip arp list
d. Accept all MAC-addresses listed in /ip arp as static entries
e. Add new IP addresses in /ip arp list

11. Select which of the following are ‘Public IP addresses’:
a. 192.168.0.1 
b. 172.168.254.2
c. 172.28.73.21
d. 10.110.50.37 
e. 11.63.72.21

12. Which of the following IP addresses are publicly routable?
a. 127.34.155.3
b. 192.168.1.4
c. 172.16.13.23
d. 11.3.10.4

13. If ARP=reply-only is enabled on one router interface, router can add dynamic ARP entries for the particular interface.
False
True

14. The basic unit of a physical network (OSI Layer 1) is the:
a. Header
b. Byte 
c. Bit
d. Frame

15. Which ones of the following are valid IP addresses? 
a. 192.168.13.255 
b. 10.10.14.0
c. 192.168.256.1 
d. 1.27.14.254

16. How many usable IP addresses are there in a 20-bit subnet?
a. 2046
b. 2047 
c. 4094
d. 4096
e. 2048

17. Which of the following is NOT a valid MAC Address?
a. 13:16:86:53:89:43 
b. 80:GF:AA:67:13:5D
c. 88:0C:00:99:5F:EF
d. EA:BA:AA:EE:FF:CB
e. 95:B5:DD:EE:78:8A

 

18. MAC layer by OSI model is also known as
a. Layer 3
b. Layer 7
c. Layer 1 
d. Layer 2
e. Layer 6

19. Select valid MAC-address
a. G2:60:CF:21:99:H0 
b. 00:00:5E:80:EE:B0
c. AEC8:21F1:AA44:54FF:1111:DD
d. AE:0212:1201
e. 192.168.0.0/16

20. How many layers does Open Systems Interconnection model have? 
a. 7
b. 6
c. 5
d. 12
e. 9 

 

------------------------------------------------------------------------------------- SET - 2 -------------------------------------------------------------------------------------
 

 

1. Action=redirect is applied in
a. chain=srcnat
b. chain=dstnat
c. chain=forward

2. You have 802.11b/g wireless card. What frequencies are available to you?
a. 5800MHz
b. 2412MHz
c. 5210MHz
d. 2422MHz
e. 2327MHz

3. Mark all correct statements about /export (rsc file).
a. Exports logs from /log print
b. Exports full configuration of the router
c. Exports only part of the configuration (for example /ip firewall)
d. Exports scripts from /system script
e. Exports files could not edited

4. What wireless card can we use to achieve 100 Mbps actual wireless throughput?
a. 802.11 b/g
b. 802.11 a/b/g
c. 802.11 a
d. 802.11 a/n
e. 802.11 a/b/g/n

5. It is possible to add user-defined chains in ip firewall mangle
True
False

6. Choose all valid hosts address range for subnet 15.242.55.62/27
a. 15.242.55.31-15.242.55.62
b. 15.242.55.32-15.242.55.63
c. 15.242.55.33-15.242.55.62
d. 15.242.55.33-15.242.55.63

7. Action=redirect allows you to make
a. Transparent DNS Cache
b. Forward DNS to another device IP address
c. Enable Local Service
d. Transparent HTTP Proxy

8. Which is correct masquerade rule for 192.168.0.0/24 network on the router with outgoing interface=ether1?
a. /ip firewall nat add action=masquerade chain=srcnat
b. /ip firewall nat add action=masquerade chain=srcnat src-address=192.168.0.0/24
c. /ip firewall nat add action=masquerade out-interface=ether1 chain=dstnat
d. /ip firewall nat add action=masquerade chain=srcnat out-interface=ether1

9. What letters appear next to a route, which is automatically created by RouterOS when user adds a valid address to an active interface?
a. I
b. D
c. A
d. S
e. C

10. Mark all features that are compatible with Nstreme
a. WDS between a device in station-wds mode and a device in station-wds mode
b. Encryption
c. WDS between a device in ap-bridge mode with a device in station-wds mode
d. Bridging a device in station mode with a device in ap-bridge mode

11. Can you manually add drivers to RouterOS in case your PCI Ethernet card is not recognized, and it’s a driver issue?
a. Yes
b. No

12. For static routing functionality, additionally to the RouterOS system package, you will also need the following software package:
a. none
b. dhcp
c. routing
d. advanced-tools

13. Which are necessary sections in /queue simple to set bandwidth limitation?
a. target-address, max-limit
b. target-address, dst-address, max-limit
c. target-address, dst-address
d. max-limit

14. What protocol is used for Ping and Trace route?
a. DHCP
b. IP
c. TCP
d. ICMP - ping
e. UDP – trace route

15. From which of the following locations can you obtain Winbox?
a. Router’s webpage
b. Files menu in your router
c. Via the console cable
d. mikrotik.com

16. Two hosts, A and B, are connected to a broadcast LAN. Select all the answers showing pairs of IP address/mask which would allow IP connections to be established between the two hosts.
a. A: 10.1.2.66/25 and B: 10.1.2.109/26
b. A: 10.2.2.1/23 and B: 10.2.0.1/22
c. A: 10.1.2.192/24 and B: 10.1.2.129/26
d. A: 10.2.1.0/23 and B: 10.2.0.1/22

17. Why is it useful to set a Radio Name on the radio interface?
a. To identify a station in a list of connected clients
b. To identify a station in the Access List
c. To identify a station in Neighbor discovery

18. What kind of users are listed in the Secrets window of the PPP menu?
a. pptp users
b. l2tp users
c. winbox users
d. wireless users
e. pppoe users
f. hotspot users

19. Router A and B are both running as PPPoE servers on different broadcast domains of your network. Is it possible to set Router A to use “/ppp secret” accounts from Router B to authenticate PPPoE customers ?
Yes
No

20. MikroTik RouterOS DHCP client can receive following options
a. Byte limit
b. IP Gateway
c. Rate limit
d. Uptime limit
e. IP Address and Subnet

 

------------------------------------------------------------------------------------- SET - 3 -------------------------------------------------------------------------------------
 

 

1. If you need to make sure that one computer in your HotSpot network can access the Internet without HotSpot authentication, which menu allows you to do this?
a. Users
b. IP bindings
c. Walled-garden
d. Walled-garden IP

2. How many different priorities can be selected for queues in MikroTik RouterOS?
a. 8
b. 16
c. 0
d. 1

3. Which default route will be active? /ip route add disabled=no distance=10 dst-address=0.0.0.0/0 gateway=1.1.1.1 add disabled=no distance=5 dst-address=0.0.0.0/0 gateway=2.2.2.2
a. Route via gateway 1.1.1.1
b. Route via gateway 2.2.2.2

4. How long is level 1 (demo) license valid?
a. 24 hours
b. Infinite time
c. 1 month
d. 1 year

 

5. Is ARP used in the IPv6 protocol ?
True 
False

6. In MikroTik RouterOS, Layer-3 communication between 2 hosts can be achieved by using an address subnet of:
a. /30
b. /29
c. /32
d. /31

7. A PC with IP 192.168.1.2 can access internet, and static ARP has been set for that IP address on gateway. When the PC Ethernet card failed, the user change it with a new card and set the same IP for it. What else should be done? [multiple answers]

 

a. Old static ARP entry on gateway has to be updated for the new card
b. Nothing – it will work as before
c. MAC-address of the new card has to be changed to MAC address of old card
d. Another IP has to be added for Internet access

8. How many usable IP addresses are there in a 20-bit subnet?
a. 2047
b. 4096
c. 2048
d. 2046
e. 4094

9. What is the default TTL (time to live) on a router that an IP packet can experience before it will be discarded ?
a. 60
b. 30
c. 1
d. 64

10. The network address is
a. The first usable address of the subnet
b. The last address of the subnet
c. The first address of the subnet

11. Which ones of the following are valid IP addresses? [multiple answers] 

 

a. 192.168.13.255
b. 1.27.14.254
c. 10.10.14.0
d. 192.168.256.1

12. Which of the following is NOT a valid MAC Address?
a. 95:B5:DD:EE:78:8A
b. 13:16:86:53:89:43
c. 80:GF:AA:67:13:5D
d. 88:0C:00:99:5F:EF
e. EA:BA:AA:EE:FF:CB

13. If ARP=reply-only is configured on an interface, what will this interface do
a. Add new IP addresses in /ip arp list
b. Accept all IP/MAC combinations listed in /ip arp as static entries
c. Accept all MAC-addresses listed in /ip arp as static entries
d. Add new MAC addresses in /ip arp list
e. Accept all IP addresses listed in /ip arp as static entries

14. What is term for the hardware coded address found on an interface?
a. IP Address
b. Interface Address
c. MAC Address
d. FQDN Address

15. Which of the following IP addresses are publicly routable?
a. 127.34.155.3
b. 192.168.1.4
c. 172.16.13.23
d. 11.3.10.4

16. What protocol does ping use?
a. UDP
b. TCP
c. ARP
d. ICMP

17. MAC layer by OSI model is also known as
a. Layer 3
b. Layer 7
c. Layer 2
d. Layer 6
e. Layer 1

18. How many layers does Open Systems Interconnection model have?
a. 12
b. 6
c. 9
d. 5
e. 7

 

19. How many IP addresses can one find in the header of an IP packet?
a. 3
b. 4
c. 1
d. 2

20. The basic unit of a physical network (OSI Layer 1) is the:
a. Byte
b. Frame
c. Bit
d. Header

 

------------------------------------------------------------------------------------- SET - 4 -------------------------------------------------------------------------------------
 

 

1. You have a router with configuration
- Public IP :202.168.125.45/24
- Default gateway:202.168.125.1
- DNS server: 248.115.148.136, 248.115.148.137
- Local IP: 192.168.2.1/24
Mark the correct configuration on client PC to access to the Internet
a. IP:192.168.0.1/24 gateway:192.168.2.1
b. IP:192.168.2.253/24 gateway:202.168.0.1
c. IP:192.168.1.223/24 gateway:248.115.148.136
d. IP:192.168.2.115/24 gateway: 192.168.2.1
e. IP:192.168.2.2/24 gateway:202.168.125.45

2. On the advanced menu of the wireless setup there is a parameter called “Area”, it works directly with:
a. Connect List
b. Access List
c. None of these
d. Security Profile

3. What menus should be used to allow certain websites to be accessed from behind a hotspot interface, without client authentication
a. ip hotspot ip-binding
b. ip hotspot profile
c. ip hotspot walled-garden
d. ip hotspot walled-garden ip

4. You want to use PCQ and allow 256k maximum download and upload for each client. Choose correct argument values for the required queue.
a. kind=pcq pcq-limit=1256000 pcq-classifier=dst-address
b. kind=pcq pcq-limit=256000 pcq-classifier=dst-address
c. kind=pcq pcq-limit=5000000 pcq-classifier=src-address
d. kind=pcq pcq-limit=256000 pcq-classifier=src-address
e. kind=pcq pcq-limit=5000000 pcq-classifier=dst-address

5. Which of the following is true for connection tracking
a. Enabling connection tracking reduces CPU usage in RouterOS
b. Connection tracking must be enabled for firewall to be effective
c. Connection tracking must be enable for NAT’ed network
d. Disable connection tracking for mangle to work

6. Which of these are possible solutions to bridge two networks over a wireless link:
a. Both devices in AP mode and enable WDS mode
b. One device in AP mode, another one in station-pseudobridge-clone
c. One device in AP mode, another one in station-pseudobridge
d. One device in AP mode, another one in station

7. When backing up your router by using the ‘Export’ command, the following happens:
a. Winbox usernames and passwords are backed up
b. The Export file can be edited with a standard text editor after its creation
c. You are requested to give the export file a name

8. You need to reboot a RouterBoard after importing a previously exported rsc file to activate the new configuration.
True
False

9. It is impossible to disable user “admin” at the menu “/user”
True
False

10. If a packet comes to a router and starts a new, previously unseen connection, which connection state would be applied to it?
a. no connection state would be applied to such packet
b. new
c. unknown
d. invalid
e. established

11. We have two radio cards in a point-to-point link with settings:
Card Nr 1.: mode=ap-bridge ssid=”office”
frequency=2447 band=2.4ghz-b/g default-authentication=yes default-forwarding=yes security-profile=wpa
Card Nr 2.: mode=station ssid=”office”
frequency=2412 band=2.4ghz-b/g default-authentication=yes default-forwarding=yes security-profile=wpa2
Is Card Nr2. able to connect to Card Nr 1.?
a. Yes, if Nstreme is enabled or disabled on both
b. Yes, when security profile settings are compatible with each other and Nstreme is enabled or disabled on both
c. No, because of the different frequencies
d. No, because of the different security profiles

12. If you need to make sure that one computer in your HotSpot network can access the Internet without HotSpot authentication, which menu allows you to do this?
a. Walled-garden IP
b. Walled-garden
c. Users
d. IP bindings

13. Consider the following network diagram. In R1, you have the following configuration:
/ip route
add dst-address=192.168.1.0/24 gateway=192.168.99.2
/ip firewall nat
add chain=srcnat out-interface=Ether1 action=masquerade

On R2, if you wish to prevent all access to a server located at 192.168.1.10 from LAN1 devices, which of the following rules would be needed?
a. /ip firewall filter add chain=forward src-address=192.168.99.1 dst-address=192.168.1.10 action=drop
b. /ip firewall filter add chain=input src-address=192.168.99.1 dst-address=192.168.1.10 action=drop
c. /ip firewall nat add chain=dstnat src-address=192.168.99.1 dst-address=192.168.1.10 action=drop
d. /ip firewall filter add chain=forward src-address=192.168.0.0/24 dst-address=192.168.1.10 action=drop

14. What is the default protocol/port of (secure) winbox?
a. UDP/5678
b. TCP/8291
c. TCP/22
d. TCP/8080

15. Mark the queue types that are available in RouterOS
a. SFQ – Stochastic Fairness Queuing
b. DRR – Deficit Round Robin
c. FIFO – First In First Out (for Bytes or for Packets)
d. LIFO – Last In First Out
e. PCQ – Per Connection Queuing
f. RED – Random Early Detect (or Drop)

16. A network ready device is directly connected to a MikroTik RouterBOARD 750 with a correct U.T.P. RJ45 functioning cable. The device is configured with an IPv4 address of 192.168.100.70 using a subnet mask of 255.255.255.252. What will be a valid IPv4 address for the RouterBOARD 750 for a successful connection to the device?
a. 192.168.100.70/255.255.255.252
b. 192.168.100.69/255.255.255.252
c. 192.168.100.71/255.255.255.252
d. 192.168.100.68/255.255.255.252

17. How many usable IP addresses are there in a 23-bit (255.255.254.0) subnet?
a. 512
b. 510
c. 508
d. 254

18. Is ARP used in the IPv6 protocol ? 
True 
False

19. Which of the following protocols / port s are used for SNMP. (Simple Network Managemnt Protocol)
a. TCP 162
b. UDP 162
c. UDP 161
d. TCP 25
e. TCP 123
f. TCP 161

20. Select which of the following are ‘Public IP addresses’:
a. 192.168.0.1
b. 172.168.254.2
c. 172.28.73.21
d. 10.110.50.37
e. 11.63.72.21

21. If ARP=reply-only is enabled on one router interface, router can add dynamic ARP entries for the particular interface.
False
True

22. MAC layer by OSI model is also known as
a. Layer 3
b. Layer 7
c. Layer 1
d. Layer 2
e. Layer 6

23. Select valid MAC-address
a. G2:60:CF:21:99:H0
b. 00:00:5E:80:EE:B0
c. AEC8:21F1:AA44:54FF:1111:DDAE:0212:1201
d. 192.168.0.0/16

24. Which computers would be able to communicate directly (without any routers involved)
a. 192.168.17.15/29 and 192.168.17.20/28
b. 192.168.0.5/26 and 192.168.0.100
c. 10.5.5.1/24 and 10.5.5.100/25
d. 10.10.0.17/22 and 10.10.1.30/2

 

------------------------------------------------------------------------------------- SET - 5 -------------------------------------------------------------------------------------

 

 

1. What kind of users are listed in the Secrets window of the PPP menu?

 

a. hotspot users
b. wireless users
c. l2tp users
d. pptp users
e. pppoe users
f. winbox users

 

 

2. What configuration is added by /ip hotspot setup command? (select all that apply)
a. /ip service
b. /ip hotspot user
c. /ip hotspot walled-garden
d. /ip dhcp-server
e. /queue tree 

 

 

3. Using wireless connect-list it’s possible to prioritize connection to one Access Point over another Access Point by changing the order of the entries. 

 

a.False
b. True

 

 

4. If ARP=reply-only is configured on an interface, what will this interface do
a. Add new MAC addresses in /ip arp list
b. Accept all MAC-addresses listed in /ip arp as static entries
c. Add new IP addresses in /ip arp list
d. Accept all IP addresses listed in /ip arp as static entries
e. Accept all IP/MAC combinations listed in /ip arp as static entries

 

 

5. Router A and B are both running as PPPoE servers on different broadcast domains of your network. It is possible to set Router A to use "/ppp secret" accounts from Router B to authenticate PPPoE customers.
a. False
b. True

 

6. Can you manually add drivers to RouterOS in case your PCI Ethernet card is not recognized, and you suspect it is a driver issue?

 

a. Yes

 

b. No

 

7. What can be used as ’target-address’ in the simple queue?
a. client’s address
b. client’s MAC address
c. server’s address
d. address list name

 

8. Which is the default port of IP-Winbox?
a. TCP 8291
b. TCP 80
c. UDP 8291
d. TCP 8192

 

9. MikroTik RouterOS is sending logs to an external syslog server. Which protocol and port is used by RouterOS for sending logs (by default)?
a. UDP 514
b. UDP 21
c. UDP 113
d. TCP 110

 

10. Which route will be used to reach host 192.168.1.55? 

/ip route 
add disabled=no distance=1 dst-address=192.168.1.0/24 gateway=1.1.1.1 
add disabled=no distance=1 dst-address=192.168.1.0/25 gateway=2.2.2.2 
add disabled=no distance=1 dst-address=192.168.0.0/16 gateway=3.3.3.3
 

 

a. Route via gateway 1.1.1.1

 

b. Route via gateway 3.3.3.3 

 

c. Route via gateway 2.2.2.2

 

11. In which situations can Netinstall NOT be used to install a RouterBOARD?
a. The router does not have an operating system
b. The router is connected only to a wireless network
c. You do not know the password of the router
d. The router is connected only to a secondary Ethernet port

 

12. To use masquerade, you need to specify
a. action=accept, out-interface, chain=src-nat
b. action=masquerade, out-interface, chain=src-nat
c. action=masquerade, in-interface, chain=src-nat
d. action=masquerade, out-interface, chain=dst-nat

 

13. Please select valid scan-list values in interface wireless configuration:
a. 5560,5620-5700
b. 5640~5680
c. default,5560,5600,5660-5700
d. 5540,5560,5620+5700

 

14. When adding a static route, you must always ensure that you add both the gateway and the interface. 
False
True

 

15. You would like to allow multiple logins with one user name on a HotSpot server. How should this be configured?
a. Set "Shared Users" option at /ip hotspot user profile
b. It's not possible
c. Set "Shared Users" option at /ip hotspot 
d. Set "only-one=no' at /ip hotspot

 

16. In which order are the entries in Access List and Connect List processed?
a. In sequence order
b. In a random order
c. By Signal Strength Range
d. By interface name

 

17. What protocol does ping use?
a. TCP
b. ICMP
c. UDP
d. ARP

 

18. Is it possible for a client to get an IP address but no gateway after a successful DHCP request?
a. False
b. True

 

19. Firewall configuration is the following: 
1) /ip firewall filter add chain=input protocol=icmp action=jump jump-target=ICMP 
2) /ip firewall filter add chain=input protocol=icmp action=log log-prefix=ICMP-DENY 
3) /ip firewall filter add chain=input protocol=icmp action=drop 
4) /ip firewall filter add chain=ICMP protocol=icmp action=log log-prefix=JUMP-ICMP-DENY 
5) /ip firewall filter add chain=ICMP protocol=icmp action=drop 

Client sends "ping" to router. What will the router do?

a. Router will drop the packet at ICMP (jump) chain drop rule (5th rule)
b. Router will log it with prefix: ICMP-DENY
c. Router will drop the packet at the Input drop rule (3rd rule)
d. Router will log it with prefix: JUMP-ICMP-DENY 

20. /ip firewall nat 
add chain=dstnat in-interface=ether1 protocol=tcp dst-port=3389 action=dst-nat to-address=192.168.1.2 to-ports=81 

The command shown above:
a. Adds IP address 192.168.1.2 to the interface ether1
b. Forwards any TCP traffic incoming through ether1 port 3389 to the port 81 of the internal host 192.168.1.2
c. Forwards all TCP traffic from 192.168.1.2 to port 81 of the interface ether1
d. Forwards any TCP traffic incoming through ether1 port 81 to the port 3389 of the internal host 192.168.1.2

 

21. While troubleshooting a network from inside the network, you discover that you can ping the gateway reliably, but you cannot browse the Internet. Skype, however, works flawlessly. What is the most likely issue?
a. DNS is not available
b. The computer did not get an IP address
c. Network card and/or cable is not working
d. Masquerading rule is not applied

22. What is marked by connection-state=established matcher?
a. Packet begins a new TCP connection
b. Packet does not correspond to any known connection
c. Packet belongs to an existing connection,for example a reply packet or a packet which belongs to already replied connection
d. Packet is related to, but not part of an existing connection

 

23. For static routing functionality, additionally to the RouterOS system package, you will also need the following software package:

 

a. routing
b. none
c. dhcp
d. advanced-tools

 

24. You are planning a migration from a wireless link using 802.11a on 5GHz (with no nstreme) to one using Nv2 on 5GHz. When you change the AP from 802.11a to Nv2, you do not wish a client to disconnect for more than a few seconds during the upgrade. 

Assuming the client is capable of operating with Nv2 (correct hardware, correct encryption key and ROS version), which setting(s) for 'wireless-protocol' should be enabled on the client so that the client can auto-detect the protocol used by the AP and still make connection with 802.11a or Nv2 : (select all that apply)
a. Nv2
b. nv2-nstreme-802.11
c. any
d. unspecified

 

25. What does this simple queue do (check the image)?
a. Queue limits host 192.168.1.10 upload data rate to one megabit per second.
b. Queue guarantees download data rate of one megabit per second for host 192.168.1.10
c. Queue guarantees upload data rate of one megabit per second for host 192.168.1.10
d. Queue limits host 192.168.1.10 download data rate to one megabit per second.

 

------------------------------------------------------------------------------------- SET - 6 -------------------------------------------------------------------------------------

 

1. What can you do with Netinstall?
a. Reset password in RouterOS
b. Install Linux
c. Add configuration to RouterOS
d. Reinstall RouterOS

 

2. Consider the attached diagram: 
In order for Router 1 to see all of the networks the following commands could be used (choose all answers that could work)

 

a. /routing add dst-address=0.0.0.0/0 gateway=10.10.0.2
b. /ip route add dst-address=0.0.0.0/0 gateway=10.10.0.2
c. /ip route add dst-address=172.16.0.0/24 gateway=10.10.0.2, /ip route add dst-address=172.32.0.0/24 gateway=10.10.0.2
d. /ip route add dst-address=172.16.0.0/24 gateway=10.10.0.2, /ip route add dst-address=172.32.0.0/24 gateway=10.50.0.2

 

3. Configuring HotSpot is possible on MikroTikRouterOS only with a wireless interface.

 

Yes

 

No

 

 4. What menus should be used to allow certain websites to be accessed from behind a hotspot interface, without client authentication
a. ip hotspot ip-binding
b. ip hotspot profile
c. ip hotspot walled-garden ip
d. ip hotspot walled-garden

5. For static routing functionality, additionally to the RouterOS system package, you will also need the following software package:
a. none
b. routing
c. advanced-tools
d. dhcp

6. Netinstall can be used to
a. Install different software version (upgrade or downgrade)
b. Keep configuration, but reset a lost admin password
c. Reinstall software without losing licence
d. Install package for different hardware architecture

7. In which order are the entries in Access List and Connect List processed?
a. By interface name
b. In sequence order
c. By Signal Strength Range
d. In a random order

8. In Winbox, Hide Passwords unchecked shows passwords for the following
a. RouterOS user
b. Hotspot User
c. RADIUS shared secret
d. PPP secrets

9. Which options should be used when you want to prevent access from one specific address to your router web interface?
a. Firewall Filter Chain Forward
b. Firewall Filter Chain Input
c. Group settings for System users
d. WWW service from IP Services

10. Which of the following would prevent unknown clients from connecting to your AP? Choose the BEST answer.
a. Check the "Do not permit unknown client" box in the wireless configuration
b. Uncheck "Default Authenticate" in the wireless card configuration, and add each known client's MAC address to your access-list configuration ensuring that you enable "authenticate" in the entry
c. Add each known client's MAC address to your access-list configuration is the only step needed
d. Uncheck "Default Authenticate" in the wireless card configuration, and add each known client's MAC address to your connect-list configuration
e. Configure the radius server under "/radius"

11. Can you manually add drivers to RouterOS in case your PCI Ethernet card is not recognized, and you suspect it is a driver issue?
a. Yes
b. No

12. Mark the queue types that are available in RouterOS
a. SFQ – Stochastic Fairness Queuing
b. RED – Random Early Detect (or Drop) 
c. FIFO - First In First Out (for Bytes or for Packets)
d. DRR - Deficit Round Robin
e. LIFO - Last In First Out
f. PCQ – Per Connection Queuing

13. Check the allowed input formats for wireless scan-list.
a. 5500 5700
b. 5500-5700
c. 5500,5700
d. 5500 - 5700
e. 5500/5700

14. Choose all valid hosts address range for subnet 15.242.55.62/27
a. 15.242.55.31-15.242.55.62
b. 15.242.55.33-15.242.55.63
c. 15.242.55.33-15.242.55.62
d. 15.242.55.32-15.242.55.63

15. After putting this rule: /ipfirewall add chain=input action=drop, you will still be able to access the Router using the mac-address.
Yes

16. You need to reboot a RouterBoard after importing a previously exported rsc file to activate the new configuration.

 

True
False

 

 
17. What is necessary for PPPoE client configuration?
a. ip firewall nat masquerade rule
b. Interface (on which PPPoE client is going to work)
c. Static IP address on PPPoE client interface

18. In order to use dynamic keys in your security profile for an AP, you MUST set up the dhcp server to provide the dynamic keys.

19. You have a router with configuration 
- Public IP :202.168.125.45/24 
- Default gateway:202.168.125.1 
- DNS server: 248.115.148.136, 248.115.148.137 
- Local IP: 192.168.2.1/24 

Mark the correct configuration on client PC to access to the Internet
a. IP:192.168.0.1/24 gateway:192.168.2.1
b. IP:192.168.2.2/24 gateway:202.168.125.45
c. IP:192.168.1.223/24 gateway:248.115.148.136
d. IP:192.168.2.115/24 gateway: 192.168.2.1
e. IP:192.168.2.253/24 gateway:202.168.0.1

20. Router OS can set vlan-id value from - to :
a. 1-2049
b. 1-4096
c. 1-4095
d. 1-2048

21. Collisions are possible in full-duplex Ethernet networks

 

True
False

 

 
22. Where can you monitor (see addresses and ports) real-time connections which are processed by the router?
a. Queue Tree
b. Tool Torch
c. Firewall Counters
d. Firewall Connection Tracking

23. Action=redirect applies to
a. SRC-NAT rules
b. DST-NAT rules
c. Firewall Filter rules
d. Route rules

24. What does this simple queue do (check the image)?
a. Queue limits host 192.168.1.10 download data rate to one megabit per second.
b. Queue guarantees download data rate of one megabit per second for host 192.168.1.10
c. Queue guarantees upload data rate of one megabit per second for host 192.168.1.10
d. Queue limits host 192.168.1.10 upload data rate to one megabit per second.

25. Is it possible that the same IP address is included in multiple address lists and still be used by these multiple address lists?

 

a. Destination NAT rule is required to utilize transparent proxy facility
b. To deny access to a specific website, caching should be enabled
c. Controls domains or servers which are allowed to cache by Proxy
d. Can deny access to a specific domains or servers, but not specific web pages

 

------------------------------------------------------------------------------------- SET - 7 -------------------------------------------------------------------------------------

 

1. Choose correct statements for MikroTik proxy.
a. Destination NAT rule is required to utilize transparent proxy facility
b. To deny access to a specific website, caching should be enabled
c. Controls domains or servers which are allowed to cache by Proxy
d. Can deny access to a specific domains or servers, but not specific web pages

2. Collisions are possible in full-duplex Ethernet networks

 

True
False

 

 
3. Which of the following is NOT a valid MAC Address?
a. 13:16:86:53:89:43
b. 80:GF:AA:67:13:5D
c. 88:0C:00:99:5F:EF
d. EA:BA:AA:EE:FF:CB
e. 95:B5:DD:EE:78:8A

4. The default value of 'target-scope' for a static route is:
a. 30
b. 1
c. 10
d. 255

5. Which firewall chain would be used to block a client's MSN traffic on a router?
a. output
b. static
c. input
d. forward

6. Please select valid scan-list values in interface wireless configuration:
a. 5540,5560,5620+5700
b. 5560,5620-5700
c. 5640~5680
d. default,5560,5600,5660-5700

7. You want to limit bandwidth for your HotSpot users. HotSpot can create dynamic queues on user login to do the speed limitations.
a. Yes/ True 
b. No/ False 

8. For static routing functionality, additionally to the RouterOS system package, you will also need the following software package:
a. dhcp
b. none
c. advanced-tools
d. routing

9. You start a scan for wireless networks on you access point. What will happen ?
a. All connected clients will disconnect
b. You'll see all connected clients
c. You'll see available frequencies

10. What kind of users are listed in the "/user" menu?
a. pptp users
b. wireless users
c. hotspot users
d. router users

11. Which is correct masquerade rule for 192.168.0.0/24 network on the router with outgoing interface=ether1?
a. /ip firewall nat add action=masquerade chain=srcnat out-interface=ether1
b. /ip firewall nat add action=masquerade chain=srcnat src-address=192.168.0.0/24
c. /ip firewall nat add action=masquerade out-interface=ether1 chain=dstnat
d. /ip firewall nat add action=masquerade chain=srcnat

12. Which firewall chain should you use to filter ICMP packets from the router itself?
a. input
b. forward
c. postrouting
d. output

13. Which software version can be installed onto the following RouterBoard types?
a. routeros-mipsbe-x.xx.npk on a RB433
b. routeros-powerpc-x.xx.npk on a RB333
c. routeros-mipsle-x.xx.npk on RB133
d. routeros-x86-x.xx.npk on a RB1100
e. routeros-mipsbe-x.xx.npk on a RB133

14. The highest queue priority is
a. 16
b. 8
c. 256
d. 1

15. Firewall configuration is the following: 
1) /ip firewall filter add chain=input protocol=icmp action=jump jump-target=ICMP 
2) /ip firewall filter add chain=input protocol=icmp action=log log-prefix=ICMP-DENY 
3) /ip firewall filter add chain=input protocol=icmp action=drop 
4) /ip firewall filter add chain=ICMP protocol=icmp action=log log-prefix=JUMP-ICMP-DENY 
5) /ip firewall filter add chain=ICMP protocol=icmp action=drop 

Client sends "ping" to router. What will the router do?
a. Router will drop the packet at the Input drop rule (3rd rule)
b. Router will log it with prefix: JUMP-ICMP-DENY
c. Router will drop the packet at ICMP (jump) chain drop rule (5th rule)
d. Router will log it with prefix: ICMP-DENY

16. MikroTik proxy features are:
a. POP3 caching
b. DNS name filtering
c. SMTP caching
d. HTTP caching
e. FTP caching

17. What does this simple queue do (check the image)?
a. Queue limits host 192.168.1.10 download data rate to one megabit per second.
b. Queue limits host 192.168.1.10 upload data rate to one megabit per second.
c. Queue guarantees download data rate of one megabit per second for host 192.16SID="WAN1"mode="ap-bridge" and a VirtualAP with SSID="VAP1" on the router. Is it possibl8.1.10
d. Queue guarantees upload data rate of one megabit per second for host 192.168.1.10

18. You have a wireless interface with Se to use nstreme protocol?
a. Yes, but Nstreme will be used for all SSID assigned for that physical interface
b. Yes, but Nstreme can be used only for SSID=WLAN1.
c. No, Nstreme can not be used on wireless interface if a VirtualAP is on it.
d. Yes, but Nstreme can be used only for SSID=VAP1.

19. /store allows you to save to external disk
a. User-Manager data
b. dude data
c. web-proxy data
d. system configuration

20. /ip route configuration on router, 

/ip route add gateway=192.168.0.1 
/ip route add dst-address=192.168.1.0/24 gateway=192.168.0.2 
/ip route add dst-address=192.168.2.0/24 gateway=192.168.0.3 
/ip route add dst-address=192.168.3.0/26 gateway=192.168.0.4 

Router needs to send packets to 192.168.3.240. Which gateway will be used?

a. 192.168.0.2
b. 192.168.0.1
c. 192.168.0.3
d. 192.168.0.4

21. What is the meaning of letter "R" on an active session in the menu PPP Active Connections?
a. Running
b. Radius
c. Remote

22. A station can connect to AP if they both use different country regulation settings, but the frequency chosen is allowed in both countries


23. Hotspot ip-binding is used to allow access to remote host specifying the IP address of the remote host.


24. Router has Wireless and Ethernet client interfaces, all client interfaces are bridged. 

To create a DHCP service for all clients you must configure DHCP server on
a. every bridge port
b. only on bridge interface
c. Ethernet and wireless interfaces
d. DHCP service is not possible in this setup

25. EoiP is:
a. MikroTik proprietary tunnel protocol 
b. Layer-3 tunnel
c. Layer-2 tunnel, that can be bridged

 

------------------------------------------------------------------------------------- SET - 8 -------------------------------------------------------------------------------------

 

1. log messages are stored on disk by default


2. Router OS can set vlan-id value from - to :
a. 1-2048
b. 1-2049
c. 1-4096
d. 1-4095

3. Can you manually add drivers to RouterOS in case your PCI Ethernet card is not recognized, and you suspect it is a driver issue?
a. Yes
b. No

4. Which of the following is true for connection tracking
a. Enabling connection tracking reduces CPU usage in RouterOS
b. Disable connection tracking for mangle to work
c. Connection tracking must be enable for NAT'ed network
d. Connection tracking must be enabled for firewall to be effective

5. What letters appear next to a route, which is automatically created by RouterOS when user adds a valid address to an active interface?
a. I
b. S
c. C
d. D
e. A

6. Which is the default port of IP-Winbox?
a. TCP 8192
b. UDP 8291
c. TCP 8291
d. TCP 80

7. You want to use PCQ and allow 256k maximum download and upload for each client. Choose correct argument values for the required queue.
a. kind=pcqpcq-limit=5000000 pcq-classifier=dst-address
b. kind=pcqpcq-limit=256000 pcq-classifier=src-address
c. kind=pcqpcq-limit=256000 pcq-classifier=dst-address
d. kind=pcqpcq-limit=5000000 pcq-classifier=src-address
e. kind=pcqpcq-limit=1256000 pcq-classifier=dst-address

8. To limit wireless access for your HotSpot users
a. Create MAC Address restriction on PPP user login
b. Create IP Address restriction in the Wireless Access List
c. Create MAC Address restriction on HotSpot user login
d. Create MAC Address restriction in the Wireless Access List

9. For static routing functionality, additionally to the RouterOS system package, you will also need the following software package:
a. routing
b. advanced-tools
c. none
d. dhcp

10. To avoid looping on this network, you need to:
a. Enable RSTP on AP1 and AP3
b. Enable RSTP on AP1
c. Enable RSTP on AP1, AP2 and AP3

11. To make the masquerading of the network 192.168.0.0/24, configured on the interface Ether1, you should add rule
a. /ip firewall nat add chain=dstnat in-interface=ether1 src-address=192.168.0.0/24 action=masquerade
b. /ip firewall nat add chain=srcnatsrc-address=192.168.0.0/24 action=masquerade
c. /ip firewall nat add chain=dstnat out-interface=ether1 src-address=192.168.0.0/24 action=masquerade
d. /ip firewall nat add chain=srcnat out-interface=ether1 src-address=192.168.0.0/24 action=masquerade

12. On the advanced menu of the wireless setup there is a parameter called "Area", it works directly with:
a. None of these
b. Connect List
c. Access List
d. Security Profile

13. The basic unit of a physical network (OSI Layer 1) is the:
a. Header
b. Bit
c. Byte
d. Frame

14. It is impossible to disable user "admin" at the menu "/user"

 

True
False
 

 

15.HotSpot is required on the interfaces ether2, ether3, wlan1 (in ap-bridge mode). 
These interfaces are bridged in the bridge1 interface. 
Which interface should the HotSpot server be configured on?
a. On ether2 interface
b. On ether3 interface
c. On wlan1 interface
d. On bridge1 interface

16. The highest queue priority is
a. 256
b. 1
c. 16
d. 8

17. What is necessary for PPPoE client configuration?
a. Static IP address on PPPoE client interface
b. ip firewall nat masquerade rule
c. Interface (on which PPPoE client is going to work)

18. To be able to do NAT the connection tracking does not need to be enabled.
a. True 
b. False 

19. Check the allowed input formats for wireless scan-list.
a. 5500,5700
b. 5500-5700
c. 5500/5700
d. 5500 - 5700
e. 5500 5700

20. To connect your MikroTik router to a wireless access point, you have to:
a. Use the same Radio Name
b. Use the same SSID as on accesspoint
c. Use the same Band (5 GHz, 2.4 GHz, ...)

21. Which default route will be active? 
/ip route 
add disabled=no distance=10 dst-address=0.0.0.0/0 gateway=1.1.1.1 
add disabled=no distance=5 dst-address=0.0.0.0/0 gateway=2.2.2.2
a. Route via gateway 1.1.1.1
b. Route via gateway 2.2.2.2

22. An IP address pool can contain addresses from more than one subnet.
a. True 
b. False 

23. Is it possible to use the serial port of MikroTik to communicate with an external device connected by null-modem cable?
a. Yes, if port is not being used
b. Yes, when other is a MikroTik router.
c. Yes, it is always possible by /system serial-terminal command.

24. It is required to make a web server on a private LAN visible on the Public Internet. Only the web server port should be visible to the public. Which of the following configuration steps must be met. (select all that apply)

a. A route between the NAT Router and the webserver must exist
b. LAN address of the webserver should be routable on the internet
c. in ip firewall NAT there should be a dst-nat between the public ip of the router and the private ip of the webserver 
d. Connection Tracking must be enabled on NAT router
e. Public IP address of the webserver must be installed on the NAT Router

25. Collisions are possible in full-duplex Ethernet networks

 

True
False

 

------------------------------------------------------------------------------------- SET - 9 -------------------------------------------------------------------------------------

 

1. Is it possible to have PPTP Client and PPTP server on one MikroTik router at the same time?
a. Yes/ True 
b. No/ False 

2. For static routing functionality, additionally to the RouterOS system package, you will also need the following software package:
a. dhcp
b. none
c. advanced-tools
d. routing

3. What could be monitored by Torch?
a. Dst. Address
b. Dst. Port
c. None of the above is correct
d. Src. Address
e. Vlan ID
f. Protocol

4. The highest queue priority is
a. 16
b. 8
c. 1
d. 256

5. Wireless clients (mode=station) will work properly if bridged to ethernet


6. Which of the following Routes statuses are possible?
a. S = Static
b. C = Connected
c. D = Drop
d. A = Active

7. You have to connect to a RouterBOARD without any previous configuration. Select all possibilities to connect and do some basic configuration
a. Telnet
b. Attach monitor/keyboard
c. MAC-Winbox
d. Serial Connection

8. A network ready device is directly connected to a MikroTik RouterBOARD 750 with a correct U.T.P. RJ45 functioning cable. The device is configured with an IPv4 address of 192.168.100.70 using a subnet mask of 255.255.255.252. What will be a valid IPv4 address for the RouterBOARD 750 for a successful connection to the device? 
a. 192.168.100.70/255.255.255.252
b. 192.168.100.68/255.255.255.252
c. 192.168.100.69/255.255.255.252
d. 192.168.100.71/255.255.255.252

9. Netinstall can be used to
a. Install package for different hardware architecture
b. Reinstall software without losing licence
c. Keep configuration, but reset a lost admin password
d. Install different software version (upgrade or downgrade)

10. Consider the following network diagram. In R1, you have the following configuration: 
/ip route 
add dst-address=192.168.1.0/24 gateway=192.168.99.2 

/ip firewall nat 
add chain=srcnat out-interface=Ether1 action=masquerade 

On R2, if you wish to prevent all access to a server located at 192.168.1.10 from LAN1 devices, which of the following rules would be needed?
a. /ip firewall nat add chain=dstnat src-address=192.168.99.1 dst-address=192.168.1.10 action=drop
b. /ip firewall filter add chain=input src-address=192.168.99.1 dst-address=192.168.1.10 action=drop
c. /ip firewall filter add chain=forward src-address=192.168.0.0/24 dst-address=192.168.1.10 action=drop
d. /ip firewall filter add chain=forward src-address=192.168.99.1 dst-address=192.168.1.10 action=drop

11. /interface wireless access-list is used for
a. Contains the security profiles settings
b. Handles a list of Client's MAC Address to permit/deny connection to AP
c. Shows a list of Client's MAC Address that are already registered at AP
d. Authenticate Hotspot users

12. To make the masquerading of the network 192.168.0.0/24, configured on the interface Ether1, you should add rule
a. /ip firewall nat add chain=srcnat out-interface=ether1 src-address=192.168.0.0/24 action=masquerade
b. /ip firewall nat add chain=dstnat in-interface=ether1 src-address=192.168.0.0/24 action=masquerade
c. /ip firewall nat add chain=dstnat out-interface=ether1 src-address=192.168.0.0/24 action=masquerade
d. /ip firewall nat add chain=srcnat src-address=192.168.0.0/24 action=masquerade

13. RouterOS DHCP server is able to send any DHCP options (specified in RFCs) to DHCP clients
a. Yes
b. No

14. You would like to allow multiple logins with one user name on a HotSpot server. How should this be configured?
a. Set "only-one=no' at /ip hotspot
b. Set "Shared Users" option at /ip hotspot user profile
c. It's not possible
d. Set "Shared Users" option at /ip hotspot 

15. You are planning a migration from a wireless link using 802.11a on 5GHz (with no nstreme) to one using Nv2 on 5GHz. When you change the AP from 802.11a to Nv2, you do not wish a client to disconnect for more than a few seconds during the upgrade. 

Assuming the client is capable of operating with Nv2 (correct hardware, correct encryption key and ROS version), which setting(s) for 'wireless-protocol' should be enabled on the client so that the client can auto-detect the protocol used by the AP and still make connection with 802.11a or Nv2 : (select all that apply)
a. unspecified
b. any
c. Nv2
d. nv2-nstreme-802.11

16. Using wireless connect-list it’s possible to prioritize connection to one Access Point over another Access Point by changing the order of the entries.

 

a.False
b. True

 

17. The total-max-limit under Simple Queues will limit the combined upload and download of the target-address of your simple queue.

 

a. Yes
b. No

18. Two mangle rules defining different mangle marks for the same traffic type, will make it have both mangle marks.
a. Yes
b. No

19. Where are HotSpot authorized clients shown?
a. /ip hotspot host
b. /ip hotspot active
c. /ip hotspot
d. /ip hotspot user

20. A PC with IP 192.168.1.2 can access internet, and static ARP has been set for that IP address on gateway. When the PC Ethernet card failed, the user change it with a new card and set the same IP for it.

 

What else should be done? 
a. Old static ARP entry on gateway has to be updated for the new card
b. MAC-address of the new card has to be changed to MAC address of old card
c. Another IP has to be added for Internet access
d. Nothing - it will work as before

21. Is it possible for a client to get an IP address but no gateway after a successful DHCP request?

 

a. False
b. True

 

22. Which RouterOS packages should be installed on router for SSH server support?
a. advanced-tools
b. system
c. ssh
d. security

23. There is an HTTP server 10.0.0.1 in your private network. You have made a DST-NAT rule that sends all HTTP traffic received on your router's address 80.232.50.100 to this server. If you make a firewall rule on the router to disallow address 159.148.20.30 to communicate with the server, how would you identify this communication in this rule?
a. src-address=159.148.20.30 dst-address=80.232.50.100
b. src-address=159.148.20.30 dst-address=10.0.0.1
c. src-address=80.232.50.100 dst-address=10.0.0.1
d. src-address=80.232.50.100 dst-address=159.148.20.30

24. Router A and B are both running as PPPoE servers on different broadcast domains of your network. It is possible to set Router A to use "/ppp secret" accounts from Router B to authenticate PPPoE customers.a. False
b. True

 

25. Define a routing loop (choose the most precise description)
a. situation where the packet is routed through the same sequence of routers until the TTL expires
b. Situation where the packet does not reach it\'s destination
c. situation where the TTL of the packet expires
d. situation where the packet is routed through the same router twice

 

------------------------------------------------------------------------------------- SET - 10 -------------------------------------------------------------------------------------

 

1. You start a scan for wireless networks on you access point. What will happen ?
a. All connected clients will disconnect
b. You'll see all connected clients
c. You'll see available frequencies

2. Is action=masquerade allowed in chain=dstnat?
a. no
b. yes
c. yes, but it works only for incoming connections
d. yes, but only if dst-addr is specified

3. Which route will be used to reach host 192.168.1.55? 

/ip route 
add disabled=no distance=1 dst-address=192.168.1.0/24 gateway=1.1.1.1 
add disabled=no distance=1 dst-address=192.168.1.0/25 gateway=2.2.2.2 
add disabled=no distance=1 dst-address=192.168.0.0/16 gateway=3.3.3.3
a. Route via gateway 2.2.2.2
b. Route via gateway 1.1.1.1
c. Route via gateway 3.3.3.3

4. Can you manually add drivers to RouterOS in case your PCI Ethernet card is not recognized, and you suspect it is a driver issue?
a. No
b. Yes

5. What is necessary for PPPoE client configuration?
a. ip firewall nat masquerade rule
b. Static IP address on PPPoE client interface
c. Interface (on which PPPoE client is going to work)

6. Mark all correct answers 
a. Wireless access-list could allow and deny access to your AP
b. Default-Forwarding could be enabled for a specific clients by wireless access-list
c. /ip firewall filter allows to deny authentication to AP
d. The only way to prevent wireless clients connections - disable wireless interface

7. You want to limit bandwidth for your HotSpot users. HotSpot can create dynamic queues on user login to do the speed limitations.
a. Yes/ True 
b. No/ False 

8. A routing table has following entries: 

0 dst-address=10.0.0.0/24 gateway=10.1.5.126 
1 dst-address=10.1.5.0/24 gateway=10.1.1.1 
2 dst-address=10.1.0.0/24 gateway=25.1.1.1 
3 dst-address=10.1.5.0/25 gateway=10.1.1.2 

Which gateway will be used for a packet with destination address 10.1.5.126? 
a. 25.1.1.1
b. 10.1.1.1
c. 10.1.1.2
d. 10.1.5.126

9. Which is the default port of IP-Winbox?
a. TCP 8192
b. TCP 8291
c. TCP 80
d. UDP 8291

10. In case when router login password is lost, it is necessary to reinstall RouterOS or use hardware reset funcion.
a. Yes/ True 
b. No/ False 

11. On the advanced menu of the wireless setup there is a parameter called "Area", it works directly with:
a. Security Profile
b. Connect List
c. Access List
d. None of these

12. Is it possible that the same IP address is included in multiple address lists and still be used by these multiple address lists?

 

a. Destination NAT rule is required to utilize transparent proxy facility
b. To deny access to a specific website, caching should be enabled
c. Controls domains or servers which are allowed to cache by Proxy
d. Can deny access to a specific domains or servers, but not specific web pages

13. What protocol does ping use?
a. ICMP
b. ARP
c. TCP
d. UDP

14. Which firewall chain should you use to filter clients HTTP traffic going through the router?
a. prerouting
b. output
c. input
d. forward

15. Connection marks are stored in the connection tracking table.
a. Yes/ True 
b. No/ False 

16. MikroTik RouterOS commands can be run once a day by:
a. /system watchdog
b. /system scheduler
c. /system cron

17. What is term for the hardware coded address found on an interface?
a. FQDN Address
b. MAC Address
c. Interface Address
d. IP Address

18. For user in local ppp secrets/ppp profiles database, it is possible to
a. Allow/deny use of more than one login by this user
b. Allow only pppoe login
c. Allow login by pppoe and pptp, but deny login by l2tp
d. Deny services (like telnet) only for this user or for one group of users
e. Set max values for total transferred bytes (up- and download)

19. You have a DHCP server on your MikroTik router. The IP addresses 10.1.2.2-10.2.2.20 are distributed in the DHCP network. Additionally, 3 static IP address are defined for your servers: 10.1.2.31-10.1.2.33. After a while 20 more IP addresses need to be distributed in the network. Is it possible to distribute the extra IP address without adding another DHCP Server?


20. You wish to secure your RouterOS system. You do not want the RouterOS to be discoverable using MNDP or CDP locally. You also want to deny management via the MAC addresses on all interfaces. Select the correct actions to accomplish this. 
a. Remove/Disable all interfaces under mac-server telnet
b. Remove/Disable all discovery interfaces
c. Place a proper forward firewall rule to block mac discovery
d. Remove/Disable the Interfaces
e. Place a proper input firewall rule to block mac discovery
f. Remove/Disable all interfaces under mac-Server winbox
g. Add a Deny All input firewall rule

21. What does this simple queue do (check the image)?
a. Queue guarantees download data rate of one megabit per second for host 192.168.1.10
b. Queue guarantees upload data rate of one megabit per second for host 192.168.1.10
c. Queue limits host 192.168.1.10 download data rate to one megabit per second.
d. Queue limits host 192.168.1.10 upload data rate to one megabit per second.

22. For static routing functionality, additionally to the RouterOS system package, you will also need the following software package:
a. none
b. advanced-tools
c. routing
d. dhcp

23. You want to use PCQ and allow 256k maximum download and upload for each client. Choose correct argument values for the required queue.
a. kind=pcq pcq-limit=256000 pcq-classifier=src-address
b. kind=pcq pcq-limit=1256000 pcq-classifier=dst-address
c. kind=pcq pcq-limit=5000000 pcq-classifier=src-address
d. kind=pcq pcq-limit=5000000 pcq-classifier=dst-address
e. kind=pcq pcq-limit=256000 pcq-classifier=dst-address

24. To avoid looping on this network, you need to:
a. Enable RSTP on AP1, AP2 and AP3
b. Enable RSTP on AP1
c. Enable RSTP on AP1 and AP3

25. HotSpot server is installed on the router. All IP-phones are required to have access to outside networks without any HotSpot authentication. Select the configuration options you can use to achieve this setup.
a. /ip hotspot walled-garden ip
b. /ip hotspot service-ports
c. /ip hotspot ip-binding

 

------------------------------------------------------------------------------------- SET - 11 -------------------------------------------------------------------------------------

 

1. DHCP server is configured on a router’s ether1 interface. IP address 192.168.0.100/24 is assigned to the interface. Possible IP pools, that can be used by this DHCP server, are:
a. 192.168.0.1-192.168.0.255
b. 192.169.0.1-192.169.0.254
c. 192.168.0.1-192.168.0.14
d. 192.168.0.1-192.168.0.99,192.168.0.101-192.168.0.254
    
2. Collisions are possible in full-duplex Ethernet networksTrue
False  

3. What is possible with Netinstall?
a. MikroTikRouterOS reinstall
b. MikroTikRouterOS configuration reset
c. MikroTikRouterOS password reset with saving router's configuration
    
4. Action=redirect allows you to make
a. Transparent DNS Cache
b. Enable Local Service
c. Forward DNS to another device IP address
d. Transparent HTTP Proxy
    
5. Which software version can be installed onto the following RouterBoard types?
a. routeros-mipsle-x.xx.npk on RB133
b. routeros-x86-x.xx.npk on a RB1100
c. routeros-mipsbe-x.xx.npk on a RB433
d. routeros-powerpc-x.xx.npk on a RB333
e. routeros-mipsbe-x.xx.npk on a RB133
    
6. What does the firewall action "Redirect" do? Select all true statements.   
a. Redirects a packet to a specified IP
b. Redirects a packet to a specified port on a host in the network
c. Redirects a packet to a specified port on the router
d. Redirects a packet to the router
    
7. What does this simple queue do (check the image)? 
a. Queue limits host 192.168.1.10 download data rate to one megabit per second.
b. Queue guarantees download data rate of one megabit per second for host 192.168.1.10
c. Queue guarantees upload data rate of one megabit per second for host 192.168.1.10
d. Queue limits host 192.168.1.10 upload data rate to one megabit per second.
    
8. What wireless modes can be used in a WDS setup? 
a. bridge
b. nstreme-dual-slave
c. station-wds
d. ap-bridge
e. station
    
9. You want to use PCQ and allow 256k maximum download and upload for each client. Choose correct argument values for the required queue.
a. kind=pcqpcq-limit=256000 pcq-classifier=src-address
b. kind=pcqpcq-limit=1256000 pcq-classifier=dst-address
c. kind=pcqpcq-limit=5000000 pcq-classifier=dst-address
d. kind=pcqpcq-limit=256000 pcq-classifier=dst-address
e. kind=pcqpcq-limit=5000000 pcq-classifier=src-address
    
10. Firewall NAT rules process only the first packet of each connection.
    
    
11. Select all the RouterOS software packages required for configuring a wireless AP
a. wireless
b. advanced-tools
c. dhcp
d. routing
e. system
    
12. Router OS can set vlan-id value from - to :  
a. 1-2048
b. 1-4096
c. 1-2049
d. 1-4095
    
13. For static routing functionality, additionally to the RouterOS system package, you will also need the following software package:  
a. none
b. advanced-tools
c. dhcp
d. routing
    
14. Please select valid scan-list values in interface wireless configuration:
a. 5540,5560,5620+5700
b. 5640~5680
c. 5560,5620-5700
d. default,5560,5600,5660-5700
    
15. Can you manually add drivers to RouterOS in case your PCI Ethernet card is not recognized, and you suspect it is a driver issue?
a. Yes
b. No
    
16. What configuration is added by /ip hotspot setup command? (select all that apply)
a. /queue tree
b. /ip hotspot walled-garden
c. /ipdhcp-server
d. /ip hotspot user
e. /ip service
    
17. Mark all correct answers: destination NAT will take place... 
a. after ip firewall filter, chain forward
b. before ip firewall filter, chain forward
c. before routing decision
d. after routing decision
    
18. It is possible to access MikroTik Graphs on a different port than HTTP port 80.
a. Yes
b. No
 
19. HotSpot is required on the interfaces ether2, ether3, wlan1 (in ap-bridge mode).
These interfaces are bridged in the bridge1 interface.
Which interface should the HotSpot server be configured on?
a. On wlan1 interface
b. On ether3 interface
c. On bridge1 interface
d. On ether2 interface
    
20. Using wireless connect-list it’s possible to prioritize connection to one Access Point over another Access Point by changing the order of the entries.

 

a.False
b. True

 

     
21. MikroTik proxy features are:
a. HTTP caching
b. POP3 caching
c. SMTP caching
d. FTP caching
e. DNS name filtering
    
22. Which computers would be able to communicate directly (without any routers involved) 
a. 192.168.0.5/26 and 192.168.0.100
b. 192.168.17.15/29 and 192.168.17.20/28
c. 10.10.0.17/22 and 10.10.1.30/23
d. 10.5.5.1/24 and 10.5.5.100/25
    
23. Is it possible to have PPTP Client and PPTP server on one MikroTik router at the same time?
a. Yes/ True 
b. No/ False 
24. Which default route will be active?

/ip route
add disabled=no distance=10 dst-address=0.0.0.0/0 gateway=1.1.1.1
add disabled=no distance=5 dst-address=0.0.0.0/0 gateway=2.2.2.2   
a. Route via gateway 1.1.1.1
b. Route via gateway 2.2.2.2
    
25. You can not use OSPF and RIP routing protocols simultaneously on the RouterOS.

 

a. Yes/ True 
b. No/ False 
 

 

------------------------------------------------------------------------------------- SET - 12 -------------------------------------------------------------------------------------

 

1. How many usable IP addresses are there in a 23-bit (255.255.254.0) subnet?
a. 254
b. 512
c. 510
d. 508

2. A network ready device is directly connected to a MikroTik RouterBOARD 750 with a correct U.T.P. RJ45 functioning cable. The device is configured with an IPv4 address of 192.168.100.70 using a subnet mask of 255.255.255.252. What will be a valid IPv4 address for the RouterBOARD 750 for a successful connection to the device? 
a. 192.168.100.69/255.255.255.252
b. 192.168.100.71/255.255.255.252
c. 192.168.100.70/255.255.255.252
d. 192.168.100.68/255.255.255.252

3. Select valid subnet masks:
a. 192.0.0.0
b. 255.255.224.0
c. 255.255.192.255
d. 255.192.0.0

4. What protocol does ping use?
a. UDP
b. ICMP
c. ARP
d. TCP

5. Select valid MAC-address
a.192.168.0.0/16
b. 00:00:5E:80:EE:B0
d. AEC8:21F1:AA44:54FF:1111:DDAE:0212:1201
e. G2:60:CF:21:99:H0

6. Which computers would be able to communicate directly (without any routers involved)
a. 10.5.5.1/24 and 10.5.5.100/25
b. 192.168.0.5/26 and 192.168.0.100
c. 10.10.0.17/22 and 10.10.1.30/23
d. 192.168.17.15/29 and 192.168.17.20/28

7. How many IP addresses can one find in the header of an IP packet?
a. 4
b. 1
c. 2
d. 3

8. Which of the following protocols / port s are used for SNMP. (Simple Network Managemnt Protocol)
a. TCP 25
b. TCP 161
c. UDP 161
d. UDP 162
e. TCP 123
f. TCP 162

9. How many usable IP addresses are there in a 20-bit subnet?
a. 2046
b. 2047
d. 4094
e. 2048
f. 4096

10. A PC with IP 192.168.1.2 can access internet, and static ARP has been set for that IP address on gateway. When the PC Ethernet card failed, the user change it with a new card and set the same IP for it.

What else should be done? 
a. Nothing - it will work as before
b. MAC-address of the new card has to be changed to MAC address of old card
c. Old static ARP entry on gateway has to be updated for the new card
d. Another IP has to be added for Internet access

11. You have a router with configuration 
- Public IP :202.168.125.45/24 
- Default gateway:202.168.125.1 
- DNS server: 248.115.148.136, 248.115.148.137 
- Local IP: 192.168.2.1/24 

Mark the correct configuration on client PC to access to the Internet
a. IP:192.168.0.1/24 gateway:192.168.2.1
b. IP:192.168.2.115/24 gateway: 192.168.2.1
c. IP:192.168.2.2/24 gateway:202.168.125.45
d. IP:192.168.2.253/24 gateway:202.168.0.1
e. IP:192.168.1.223/24 gateway:248.115.148.136

12. Which ones of the following are valid IP addresses?
a. 192.168.13.255
b. 10.10.14.0
c. 1.27.14.254
d. 192.168.256.1

13. MAC layer by OSI model is also known as
a. Layer 7
b. Layer 2
c. Layer 3
d. Layer 6
e. Layer 1

14. Which of the following IP addresses are publicly routable?
a. 127.34.155.3
b. 11.3.10.4
c. 172.16.13.23
d. 192.168.1.4

15. The network address is
a. The first usable address of the subnet
b. The first address of the subnet
c. The last address of the subnet

16. Select which of the following are 'Public IP addresses':
a. 10.110.50.37
b. 11.63.72.21
c. 172.168.254.2
d. 172.28.73.21
e. 192.168.0.1

17. Is ARP used in the IPv6 protocol ? True 
False  

18. What is term for the hardware coded address found on an interface?
a. MAC Address
b. Interface Address
c. IP Address
d. FQDN Address

19. How many layers does Open Systems Interconnection model have?
a. 12
b. 7
c. 6
d. 9
e. 5

20. In MikroTik RouterOS, Layer-3 communication between 2 hosts can be achieved by using an address subnet of:
a. /30
b. /31
c. /29
e. /32

 

------------------------------------------------------------------------------------- SET - 13 -------------------------------------------------------------------------------------

 

1. Action=redirect is applied in

 

a. chain=srcnat

 

b. chain=dstnat

 

c. chain=forward

 

2. You have 802.11b/g wireless card. What frequencies are available to you?

 

a. 5800MHz

 

b. 2412MHz

 

c. 5210MHz

 

d. 2422MHz

 

e. 2327MHz

 

3. Mark all correct statements about /export (rsc file).

 

a. Exports logs from /log print

 

b. Exports full configuration of the router

 

c. Exports only part of the configuration (for example /ip firewall)

 

d. Exports scripts from /system script

 

e. Exports files could not edited

 

4. What wireless card can we use to achieve 100 Mbps actual wireless throughput?

 

a. 802.11 b/g

 

b. 802.11 a/b/g

 

c. 802.11 a

 

d. 802.11 a/n

 

e. 802.11 a/b/g/n

 

5. It is possible to add user-defined chains in ip firewall mangle

 

6. Choose all valid hosts address range for subnet 15.242.55.62/27

 

a. 15.242.55.31-15.242.55.62

 

b. 15.242.55.32-15.242.55.63

 

c. 15.242.55.33-15.242.55.62

 

d. 15.242.55.33-15.242.55.63

 

7. Action=redirect allows you to make

 

a. Transparent DNS Cache

 

b. Forward DNS to another device IP address

 

c. Enable Local Service

 

d. Transparent HTTP Proxy

 

8. Which is correct masquerade rule for 192.168.0.0/24 network on the router with outgoing interface=ether1?

 

a. /ip firewall nat add action=masquerade chain=srcnat

 

b. /ip firewall nat add action=masquerade chain=srcnat src-address=192.168.0.0/24

 

c. /ip firewall nat add action=masquerade out-interface=ether1 chain=dstnat

 

d. /ip firewall nat add action=masquerade chain=srcnat out-interface=ether1

 

9. What letters appear next to a route, which is automatically created by RouterOS when user adds a valid address to an active interface?

 

a. I

 

b. D

 

c. A

 

d. S

 

e. C

 

10. Mark all features that are compatible with Nstreme

 

a. WDS between a device in station-wds mode and a device in station-wds mode

 

b. Encryption

 

c. WDS between a device in ap-bridge mode with a device in station-wds mode

 

d. Bridging a device in station mode with a device in ap-bridge mode

 

11. Can you manually add drivers to RouterOS in case your PCI Ethernet card is not recognized, and it’s a driver issue?

 

a. Yes

 

b. No

 

12. For static routing functionality, additionally to the RouterOS system package, you will also need the following software package:

 

a. none

 

b. dhcp

 

c. routing

 

d. advanced-tools

 

13. Which are necessary sections in /queue simple to set bandwidth limitation?

 

a. target-address, max-limit

 

b. target-address, dst-address, max-limit

 

c. target-address, dst-address

 

d. max-limit

 

14. What protocol is used for Ping and Trace route?

 

a. DHCP

 

b. IP

 

c. TCP

 

d. ICMP

 

e. UDP

 

15. From which of the following locations can you obtain Winbox?

 

a. Router’s webpage

 

b. Files menu in your router

 

c. Via the console cable

 

d. mikrotik.com

 

16. Two hosts, A and B, are connected to a broadcast LAN. Select all the answers showing pairs of IP address/mask which would allow IP connections to be established between the two hosts.

 

a. A: 10.1.2.66/25 and B: 10.1.2.109/26

 

b. A: 10.2.2.1/23 and B: 10.2.0.1/22

 

c. A: 10.1.2.192/24 and B: 10.1.2.129/26

 

d. A: 10.2.1.0/23 and B: 10.2.0.1/22

 

17. Why is it useful to set a Radio Name on the radio interface?

 

a. To identify a station in a list of connected clients

 

b. To identify a station in the Access List

 

c. To identify a station in Neighbor discovery

 

18. What kind of users are listed in the Secrets window of the PPP menu?

 

a. pptp users

 

b. l2tp users

 

c. winbox users

 

d. wireless users

 

e. pppoe users

 

f. hotspot users

 

19. Router A and B are both running as PPPoE servers on different broadcast domains of your network. Is it possible to set Router A to use “/ppp secret” accounts from Router B to authenticate PPPoE customers ?

 

20. MikroTik RouterOS DHCP client can receive following options

 

a. Byte limit

 

b. IP Gateway

 

c. Rate limit

 

d. Uptime limit

 

e. IP Address and Subnet

 

21. The HotSpot feature can be used only on ethernet interfaces. You have to use a separate access point if you want to use this feature with wireless.

 

22. If you need to make sure that one computer in your HotSpot network can access the Internet without HotSpot authentication, which menu allows you to do this?

 

a. Users

 

b. IP bindings

 

c. Walled-garden

 

d. Walled-garden IP

 

23. How many different priorities can be selected for queues in MikroTik RouterOS?

 

a. 8

 

b. 16

 

c. 0

 

d. 1

 

24. Which default route will be active?

 

/ip route

 

add disabled=no distance=10 dst-address=0.0.0.0/0 gateway=1.1.1.1

 

add disabled=no distance=5 dst-address=0.0.0.0/0 gateway=2.2.2.2

 

a. Route via gateway 1.1.1.1

 

b. Route via gateway 2.2.2.2

 

25. How long is level 1 (demo) license valid?

 

a. 24 hours

 

b. Infinite time

 

c. 1 month

 

d. 1 year

 

------------------------------------------------------------------------------------- SET - 14 -------------------------------------------------------------------------------------

 

1. If you need to make sure that one computer in your HotSpot network can access the Internet without HotSpot authentication, which menu allows you to do this?

 

a. IP bindings

 

b. Walled-garden

 

c. Users

 

d. Walled-garden IP

 

2. Manakah fakta yang benar mengenai file backup?

 

a. Termasuk file yang tersimpan di /files

 

b. Bisa diedit

 

c. Termasuk username dan password dari /user

 

d. Mencakup seluruh konfigurasi router

 

3. NStreme works only on 40mhz channel width

 

true

 

false

 

4. To make all DNS requests coming from your network to resolve on your router (regardless of the clients’ configuration), which action would you specify for the DST-NAT rule?

 

a. masquerade

 

b. dst-nat

 

c. you can’t use DST-NAT to achieve this

 

d. redirect

 

5. Two hosts, A and B, are connected to a broadcast LAN. Select all the answers showing pairs of IP address/mask which would allow IP connections to be established between the two hosts.

 

a. A: 10.1.2.66/25 and B: 10.1.2.109/26

 

b. A: 10.1.2.192/24 and B: 10.1.2.129/26

 

c. A: 10.2.2.1/23 and B: 10.2.0.1/22

 

d. A: 10.2.1.0/23 and B: 10.2.0.1/22

 

6. The first two rules in the forward chain of the filter table are:

 

/ip firewall filter add chain=forward connection-state=established action=accept

 

/ip firewall filter add chain=forward connection-state=invalid action=drop

 

Connection-state=related packets are not filtered by the rules above.

 

true

 

false

 

7. /interface wireless access-list is used for

 

a. Shows a list of Client’s MAC Address that are already registered at AP

 

b. Authenticate Hotspot users

 

c. Handles a list of Client’s MAC Address to permit/deny connection to AP

 

d. Contains the security profiles settings

 

8. Possible actions of ip firewall filter are:

 

a. tarpit

 

b. tarp

 

c. bounce

 

d. add-to-address-list

 

e. log

 

f. accept

 

9. In case when router login password is lost, it is necessary to reinstall RouterOS or use hardware reset funcion.

 

a. Yes/ True

 

b. No/ False

 

10. Which software version can be installed onto the following RouterBoard types?

 

a. routeros-x86-x.xx.npk on a RB1100

 

b. routeros-mipsbe-x.xx.npk on a RB133

 

c. routeros-mipsle-x.xx.npk on RB133

 

d. routeros-powerpc-x.xx.npk on a RB333

 

e. routeros-mipsbe-x.xx.npk on a RB433

 

11. PPP Secrets are used for

 

a. L2TP clients

 

b. Router users

 

c. PPtP clients

 

d. IPSec clients

 

e. PPPoE clients

 

f. PPP clients

 

12. Choose all valid hosts address range for subnet 15.242.55.62/27

 

a. 15.242.55.32-15.242.55.63

 

b. 15.242.55.33-15.242.55.63

 

c. 15.242.55.33-15.242.55.62

 

d. 15.242.55.31-15.242.55.62

 

13. WPA 2 Pre-Shared Key (PSK) is enabled on AP, all your clients have to use the same PSK. Only Virtual AP could be used to allow clients to connect with a different PSK.

 

false

 

true

 

14. Router A and B are both running as PPPoE servers on different broadcast domains of your network. Is it possible to set Router A to use “/ppp secret” accounts from Router B to authenticate PPPoE customers ?

 

false

 

true

 

15. Which of the following actions are available for ‘/ip firewall mangle’ (select all valid actions)

 

a. change MSS

 

b. mark connection

 

c. accept

 

d. jump

 

e. drop

 

f. mark packet

 

16. OSFP area ID does not need to be unique within the AS.

 

true

 

false

 

17. What configuration is added by /ip hotspot setup command? (select all that apply)

 

a. /ip dhcp-server

 

b. /ip service

 

c. /queue tree

 

d. /ip hotspot user

 

e. /ip hotspot walled-garden

 

18. Mode wireless apakah yang bisa digunakan untuk mengkonfigurasikan WDS?

 

a. ap-bridge

 

b. nstreme-dual-slave

 

c. bridge

 

d. station-wds

 

e. station

 

19. Check all of the DHCP Server Options that are implemented for DHCP-Client and not Custom.

 

a. WINS Server

 

b. ntp server

 

c. DNS Server

 

d. subnet mask

 

e. tftp

 

f. gateway

 

20. Anda akan menyimpan website yang telah dikunjungi ke dalam sebuah log dari web proxy. Manakah konfigurasi yang benar ?

 

a. /system logging add topics=web-proxy,debug action=memory

 

b. /system logging add topics=web-proxy,!debug action=memory

 

c. /system logging add topics=web-proxy,!debug action=remote

 

d. /system logging add topics=web-proxy,!debug action=disk

 

21. You need to set up an E1(T1) connection with PPP configured.

 

Which License level is needed?

 

a. Level 4

 

b. It cannot be done in RouterOS

 

c. Level 5

 

22. You have a router with configuration

 

- Public IP :202.168.125.45/24

 

- Default gateway:202.168.125.1

 

- DNS server: 248.115.148.136, 248.115.148.137

 

- Local IP: 192.168.2.1/24

 

Mark the correct configuration on client PC to access to the Internet

 

a. IP:192.168.2.115/24 gateway: 192.168.2.1

 

b. IP:192.168.0.1/24 gateway:192.168.2.1

 

c. IP:192.168.2.2/24 gateway:202.168.125.45

 

d. IP:192.168.1.223/24 gateway:248.115.148.136

 

e. IP:192.168.2.253/24 gateway:202.168.0.1

 

23. Mark queue type that uses fairness principle between sub-queues, allows users to choose classifier for sub-queues, and apply a limit to each sub-queue

 

a. SFQ

 

b. RED

 

c. PCQ

 

d. BFIFO

 

24. How many different priorities can be selected for queues in MikroTik RouterOS?

 

a. 1

 

b. 8

 

b. 0

 

d. 16

 

25. An IP address pool can contain addresses from more than one subnet.

 

a. True

 

b. False

 

------------------------------------------------------------------------------------- SET - 15 -------------------------------------------------------------------------------------

 

1. Two hosts, A and B, are connected to a broadcast LAN. Select all the answers showing pairs of IP address/mask which would allow IP connections to be established between the two hosts.

 

a. A: 10.1.2.192/24 and B: 10.1.2.129/26

 

b. A: 10.1.2.66/25 and B: 10.1.2.109/26

 

c. A: 10.2.1.0/23 and B: 10.2.0.1/22

 

d. A: 10.2.2.1/23 and B: 10.2.0.1/22

 

2. Which features are removed when advanced-tools package is uninstalled?

 

a. neighbors

 

b. ip-scan

 

c. netwatch

 

d. LCD support

 

e. ping

 

f. bandwidth-test

 

3. Rate Flapping can be avoided by

 

a. Choose larger channels (40 MHz instead of 20 MHz)

 

b. Reduce supported rates

 

c. Change ap-bridge to bridge

 

d. Set basic rates to only one data rate like 24 Mbps

 

4. Mark possible connection states in the connection tracking table

 

a. Related

 

b. Invalid

 

c. Closed

 

d. Established

 

e. Syn

 

f. New

 

5. Can you manually add drivers to RouterOS in case your PCI Ethernet card is not recognized, and you suspect it is a driver issue?

 

a. Yes

 

b. No

 

6. You have a queue structure as follows:

 

queue “GP” max-limit=10M

 

- queue “M” parent=”GP” limit-at=4M max-limit=6M

 

- – queue “C1″ parent=”M” limit-at=1M max-limit=7M priority=4

 

- – queue “C2″ parent=”M” limit-at=1M max-limit=4M priority=1

 

- – queue “C3″ parent=”M” limit-at=3M max-limit=7M priority=8

 

- queue “F” parent=”GP” limit-at=5M max-limit=8M

 

- – queue “D1″ parent=”F” limit-at=3M max-limit=4M priority=5

 

- – queue “D2″ parent=”F” limit-at=2M max-limit=5M priority=2

 

If queues “C1″ and “D2″ will not require any traffic, how the total available traffic is going to be distributed in the worst case scenario?

 

a. queue “C2″ will get 3M, “C3″ 2M, “D1″ 4M

 

b. queue “C2″ will get 2M, “C3″ 5M, “D1″ 3M

 

c. queue “C2″ will get 4M, “C3″ 2M, “D1″ 4M

 

d. queue “C2″ will get 2M, “C3″ 3M, “D1″ 5M

 

e. queue “C2″ will get 3M, “C3″ 3M, “D1″ 4M

 

7. A MikroTik Router has the following configuration

 

/ip address

 

add address=1.1.1.2/30 interface=ether1

 

add address=2.2.2.2/30 interface=ether2

 

add address=192.168.10.1/24 interface=ether3

 

/ip firewall mangle

 

add action=mark-connection chain=prerouting

 

dst-port=80 new-connection-mark=web_c passthrough=yes protocol=tcp

 

add action=mark-routing chain=prerouting

 

connection-mark=web_c new-routing-mark=web passthrough=no

 

/ip firewall nat

 

add action=masquerade chain=srcnat

 

out-interface=ether3

 

/ip route

 

add gateway=1.1.1.1

 

add gateway=2.2.2.2 routing-mark=web

 

What can be said about the Web Access (port 80) by a customer connected at ether3 interface with IP 192.168.10.2/24, gateway 192.168.10.1 ?

 

a. The customer will access the Web using the gateway 2.2.2.2

 

b. The Customer is unable to access the Web.

 

c. The Customer will access the Web by ECMP, by using both gateways 1.1.1.1 and 2.2.2.2

 

d. The customer will access the Web using the gateway 1.1.1.1

 

8. For static routing functionality, additionally to the RouterOS system package, you will also need the following software package:

 

a. dhcp

 

b. advanced-tools

 

c. none

 

d. routing

 

9. Which options should be used when you want to prevent access from one specific address to your router web interface?

 

a. Group settings for System users

 

b. Firewall Filter Chain Input

 

c. Firewall Filter Chain Forward

 

d. WWW service from IP Services

 

10. Which MikroTik RouterOS version should you use for IEEE 802.11n standard support?

 

a. Versions 3.x

 

b. Versions 4.x

 

c. Versions 5.x

 

11. A station can connect to AP if they both use different country regulation settings, but the frequency chosen is allowed in both countries

 

12. How long is level 1 (demo) license valid?

 

a. 1 year

 

b. Infinite time

 

c. 24 hours

 

d. 1 month

 

13. Router A and B are both running as PPPoE servers on different broadcast domains of your network. Is it possible to set Router A to use “/ppp secret” accounts from Router B to authenticate PPPoE customers ?

 

True

 

False

 

14. You need to save visited web-pages to memory logs from web-proxy. Which is the correct configuration?

 

a. /system logging add topics=web-proxy,debug action=memory

 

b. /system logging add topics=web-proxy,!debug action=disk

 

c. /system logging add topics=web-proxy,!debug action=remote

 

d. /system logging add topics=web-proxy,!debug action=memory

 

15. By default info, error and warning messages are logged into memory of your RouterOS device. You can add logging of visited web-pages and other message topics

 

16. Netinstall can be used to

 

a. Keep configuration, but reset a lost admin password

 

b. Install different software version (upgrade or downgrade)

 

c. Reinstall software without losing licence

 

d. Install package for different hardware architecture

 

17. Which options are necessary to use the HotSpot Universal Client feature?

 

a. arp=enabled on the HotSpot interface

 

b. /ip dhcp-server configuration

 

c. address-pool configuration in /ip hotspot and /ip hotspot user profile

 

d. /ip firewall mangle rules

 

18. What is the correct action to be specified in the NAT rule to hide a private network when communicating to the outside world?

 

a. tarpit

 

b. masquerade

 

c. passthrough

 

d. allow

 

19. Mark all features that are compatible with Nstreme

 

a. WDS between a device in ap-bridge mode with a device in station-wds mode

 

b. Bridging a device in station mode with a device in ap-bridge mode

 

c. Encryption

 

d. WDS between a device in station-wds mode and a device in station-wds mode

 

20. PPP Secrets are used for

 

a. L2TP clients

 

b. IPSec clients

 

c. PPPoE clients

 

d. PPtP clients

 

e. Router users

 

f. PPP clients

 

21. What is term for the hardware coded address found on an interface?

 

a. MAC Address

 

b. Interface Address

 

c. FQDN Address

 

d. IP Address

 

22. Which default route will be active?

 

/ip route

 

add disabled=no distance=10 dst-address=0.0.0.0/0 gateway=1.1.1.1

 

add disabled=no distance=5 dst-address=0.0.0.0/0 gateway=2.2.2.2

 

a. Route via gateway 2.2.2.2

 

b. Route via gateway 1.1.1.1

 

23. You would like to allow multiple logins with one user name on a HotSpot server. How should this be configured?

 

a. Set “Shared Users” option at /ip hotspot user profile

 

b. Set “only-one=no’ at /ip hotspot

 

c. It’s not possible

 

d. Set “Shared Users” option at /ip hotspot

 

24. To assign specific traffic to the route – traffic must be identified by routing mark.Each packet can have only one routing mark.

 

true

 

false

 

25. What can be used as ’target-address’ in the simple queue?

 

a. client’s MAC address

 

b. address list name

 

c. client’s address

 

d. server’s address

 

------------------------------------------------------------------------------------- SET - 16 -------------------------------------------------------------------------------------

 

 

Networking Basics

1. How long is an IPv6 address?
a. 32 bits
b. 128 bytes
c. 64 bits
d. 128 bits

2. What flavor of Network Address Translation can be used to have one IP address allow many users to connect to the global Internet?
a. NAT 
b. Static
c. Dynamic 
d. PAT

3. What are the two main types of access control lists (ACLs)?
Standard
IEEE
Extended
Specialized 
 

 

a. 1 and 3 
b. 2 and 4
c. 3 and 4
c. 1 and 2

4. What command is used to create a backup configuration?
a. copy running backup
b. copy running-config startup-config 
c. config mem
d. wr mem

5. You have 10 users plugged into a hub running 10Mbps half-duplex. There is a server connected to the switch running 10Mbps half-duplex as well. How much bandwidth does each host have to the server?
a. 100 kbps
b. 1 Mbps
c. 2 Mbps
d. 10 Mbps
 

 

6. Which WLAN IEEE specification allows up to 54Mbps at 2.4GHz?
a. A
b. B
c. G 
d. N

7. Which of the following is the valid host range for the subnet on which the IP address 192.168.168.188 255.255.255.192 resides?
a. 192.168.168.129-190 
b. 192.168.168.129-191
c. 192.168.168.128-190 
d. 192.168.168.128-192

8. To back up an IOS, what command will you use?
a. backup IOS disk
b. copy ios tftp
c. copy tftp flash
d. copy flash tftp

9. What protocol does PPP use to identify the Network layer protocol?
a. NCP 
b. ISDN
c. HDLC 
d. LCP

10. Which of the following commands will allow you to set your Telnet password on a Cisco router?
a. line telnet 0 4
b. line aux 0 4
c. line vty 0 4 
d. line con 0

11. Which protocol does DHCP use at the Transport layer?
a. IP 
b. TCP
c. UDP 
d. ARP

12. Which command is used to determine if an IP access list is enabled on a particular interface?
a. show access-lists
b. show interface
c. show ip interface
d. show interface access-lists

13. Where is a hub specified in the OSI model?
a. Session layer
b. Physical layer
c. Data Link layer
d. Application layer

14. What does the passive command provide to dynamic routing protocols?
a. Stops an interface from sending or receiving periodic dynamic updates.
b. Stops an interface from sending periodic dynamic updates but not from receiving updates.
c. Stops the router from receiving any dynamic updates.
d. Stops the router from sending any dynamic updates.

15. Which protocol is used to send a destination network unknown message back to originating hosts?
a. TCP 
b. ARP
c. ICMP 
d. BootP

16. How often are BPDUs sent from a layer 2 device?
a. Never
b. Every 2 seconds
c. Every 10 minutes
d. Every 30 seconds

17. How many broadcast domains are created when you segment a network with a 12-port switch?
a. 1 
b. 2
c. 5 
d. 12

18. What does the command routerA(config)#line cons 0 allow you to perform next?
a. Set the Telnet password.
b. Shut down the router.
c. Set your console password.
d. Disable console connections.

19. Which router command allows you to view the entire contents of all access lists?
a. show all access-lists
b. show access-lists
c. show ip interface
d. show interface

20. Which class of IP address has the most host addresses available by default?
a. A
b. B
c. C
d. A and B

21. In a network with dozens of switches, how many root bridges would you have?
a. 1 
b. 2
c. 5 
d. 12

22. What PPP protocol provides dynamic addressing, authentication, and multilink?
a. NCP 
b. HDLC
c. LCP 
d. X.25

23. What is a stub network?
a. A network with more than one exit point.
b. A network with more than one exit and entry point.
c. A network with only one entry and no exit point.
d. A network that has only one entry and exit point.

24. If your router is facilitating a CSU/DSU, which of the following commands do you need to use to provide the router with a 64000bps serial link?
a. RouterA(config)#bandwidth 64
b. RouterA(config-if)#bandwidth 64000
c. RouterA(config-if)#clock rate 64
d. RouterA(config-if)#clock rate 64000

25. Which one of the following is true regarding VLANs?
a. Two VLANs are configured by default on all Cisco switches.
b. VLANs only work if you have a complete Cisco switched internetwork. No off-brand switches are allowed.
c. You should not have more than 10 switches in the same VTP domain.
d. VTP is used to send VLAN information to switches in a configured VTP domain.

26. What does a VLAN do?
a. Acts as the fastest port to all servers.
b. Provides multiple collision domains on one switch port.
c. Breaks up broadcast domains in a layer 2 switch internetwork.
d. Provides multiple broadcast domains within a single collision domain.

27. What is the main reason the OSI model was created?
a. To create a layered model larger than the DoD model.
b. So application developers can change only one layer's protocols at a time.
c. So different networks could communicate.
d. So Cisco could use the model.

28. How many collision domains are created when you segment a network with a 12-port switch?
a. 1 
b. 2
c. 5 
d. 12

29. What command will display the line, protocol, DLCI, and LMI information of an interface?
a. sh pvc
b. show interface
c. show frame-relay pvc
d. show run

30. Which protocol does Ping use?
a. TCP 
b. ARP
c. ICMP 
d. BootP

31. Which command is used to upgrade an IOS on a Cisco router?
a. copy tftp run
b. copy tftp start
c. config net
d. copy tftp flash

32. If you wanted to delete the configuration stored in NVRAM, what would you type?
a. erase startup
b. erase nvram
c. delete nvram
d. erase running

33. What protocols are used to configure trunking on a switch?
VLAN Trunking Protocol
VLAN
802.1Q
ISL 
 

 

a. 1 and 2
b. 3 and 4
c. 1 only
d. 2 only

TCP/IP

1. Which of the following services use TCP?
DHCP
SMTP
HTTP
TFTP
FTP

a. 1 and 2 
b. 2, 3 and 5
c. 1, 2 and 4
d. 1, 3 and 4

2. What layer in the TCP/IP stack is equivalent to the Transport layer of the OSI model?
a. Application
b. Host-to-Host 
c. Internet
d. Network Access

3. Which of the following describe the DHCP Discover message?
It uses FF:FF:FF:FF:FF:FF as a layer 2 broadcast.
It uses UDP as the Transport layer protocol.
It uses TCP as the Transport layer protocol.
It does not use a layer 2 destination address. 

a. 1 only 
b. 1 and 2
c. 3 and 4
d. 4 only

4. You want to implement a mechanism that automates the IP configuration, including IP address, subnet mask, default gateway, and DNS information. Which protocol will you use to accomplish this?
a. SMTP
b. SNMP 
c. DHCP
d. ARP

 

5. Which of the following is private IP address?
a. 12.0.0.1 
b. 168.172.19.39
c. 172.15.14.36 
d. 192.168.24.43

6. Which of the following allows a router to respond to an ARP request that is intended for a remote host?
a. Gateway DP
b. Reverse ARP (RARP) 
c. Proxy ARP
d. Inverse ARP (IARP)

 

7. The DoD model (also called the TCP/IP stack) has four layers. Which layer of the DoD model is equivalent to the Network layer of the OSI model?
a. Application
b. Host-to-Host
c. Internet
d. Network Access

8. Which of the following services use UDP?
DHCP
SMTP
SNMP
FTP
HTTP
TFTP 

a. 1, 3 and 6
b. 2 and 4
c. 1, 2 and 4
d. All of the above

9. Which class of IP address provides a maximum of only 254 host addresses per network ID?
a. Class A
b. Class B
b. Class C
d. Class D

10. If you use either Telnet or FTP, which is the highest layer you are using to transmit data?
a. Application
b. Presentation
c. Session
d. Transport

11. Which of the following is the decimal and hexadecimal equivalents of the binary number 10011101?
a. 155, 0x9B
b. 157, 0x9D
c. 159, 0x9F
d. 185, 0xB9

12. Which statements are true regarding ICMP packets?
They acknowledge receipt of a TCP segment.
They guarantee datagram delivery.
They can provide hosts with information about network problems.
They are encapsulated within IP datagrams. 

a. 1 only
b. 2 and 3
c. 3 and 4
.d 2, 3 and 4

13. Which of the following are layers in the TCP/IP model?
Application
Session
Transport
Internet
Data Link
Physical 

a. 1 and 2
b. 1, 3 and 4
c. 2, 3 and 5
d. 3, 4 and 5

14. Which layer 4 protocol is used for a Telnet connection?
a. IP
b. TCP
c. TCP/IP
d. UDP

15. Which statements are true regarding ICMP packets?
ICMP guarantees datagram delivery.
ICMP can provide hosts with information about network problems.
ICMP is encapsulated within IP datagrams.
ICMP is encapsulated within UDP datagrams. 

a. 1 only
b. 2 and 3
c. 1 and 4
b. All of the above

 

16. Which of the following are TCP/IP protocols used at the Application layer of the OSI model?

IP
TCP
Telnet
FTP
TFTP 

a. 1 and 3
b. 1, 3 and 5
c. 3, 4 and 5
d. All of the above

17. What protocol is used to find the hardware address of a local device?
a. RARP
b. ARP
c. IP
d. ICMP

18. Which of the following protocols uses both TCP and UDP?
a. FTP
b. SMTP
c. Telnet
d. DNS

19. What is the address range of a Class B network address in binary?
a. 01xxxxxx
b. 0xxxxxxx
c. 10xxxxxx
d. 110xxxxx