Scribd Logo
Upload

Welcome to Scribd!

  • Mtcna 1 2018

    Uploaded by

    R Baroto Priswanto
    12 views11 pages
    The document contains questions and answers related to MikroTik RouterOS. Some key points: - Netinstall cannot be used if the router is connected only to a wireless or secondary Ethernet port, or if the router's password is unknown. - Connection tracking on the NAT router must be enabled and dst-nat configured to make a private web server visible to the public internet through port forwarding. - RouterOS commands can be run daily using the /system scheduler command. - The /interface wireless access-list handles a list of client MAC addresses to permit or deny connection to the access point.

    Original Description:

    Original Title

    MTCNA 1 2018

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document contains questions and answers related to MikroTik RouterOS. Some key points: - Netinstall cannot be used if the router is connected only to a wireless or secondary Ethernet port, or if the router's password is unknown. - Connection tracking on the NAT router must be enabled and dst-nat configured to make a private web server visible to the public internet through port forwarding. - RouterOS commands can be run daily using the /system scheduler command. - The /interface wireless access-list handles a list of client MAC addresses to permit or deny connection to the access point.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    12 views11 pages

    Mtcna 1 2018

    Uploaded by

    R Baroto Priswanto
    The document contains questions and answers related to MikroTik RouterOS. Some key points: - Netinstall cannot be used if the router is connected only to a wireless or secondary Ethernet port, or if the router's password is unknown. - Connection tracking on the NAT router must be enabled and dst-nat configured to make a private web server visible to the public internet through port forwarding. - RouterOS commands can be run daily using the /system scheduler command. - The /interface wireless access-list handles a list of client MAC addresses to permit or deny connection to the access point.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 11

    MTCNA 1

    In which situations Netinstall can not be used to install RouterOS


    on a RouterBOARD?
    2 points
    A. The router does not have an operating system
    B. The password of the router is not known
    C. The router is connected only to a wireless network
    D. The router is connected only to a secondary Ethernet port
    The highest queue priority is
    2 points
    A. 1
    B. 256
    C. 16
    D. 8
    It is possible to create an encrypted PPPoE tunnel in RouterOS:
    True
    2 points
    Choose
    It is required to make a web server on a private LAN visible on the
    Public Internet. Only the web server port should be visible to the
    public. Which of the following configuration steps must be met.
    (select all that apply)
    2 points
    A. Public IP address of the webserver must be installed on the NAT Router
    B. A route between the NAT Router and the webserver must exist
    C. Connection Tracking must be enabled on NAT router
    D. in ip firewall NAT there should be a dst-nat between the public ip of the
    router and the private ip of the webserver
    E. LAN address of the webserver should be routable on the internet
    MikroTik RouterOS commands can be run once a day by:
    2 points
    A. /system watchdog
    B. /system cron
    C. /system scheduler
    What is marked by connection-state=established matcher?
    2 points
    A. Packet belongs to an existing connection,for example a reply packet or a
    packet which belongs to already replied connection
    B. Packet is related to, but not part of an existing connection
    C. Packet does not correspond to any known connection
    D. Packet begins a new TCP connection
    How long is level 1 (free) license valid?
    2 points
    A. 1 month
    B. 24 hours
    C. 1 year
    D. Infinite time
    In which situations Netinstall can not be used to install RouterOS
    on a RouterBOARD?
    2 points
    A. The router is connected only to a secondary Ethernet port
    B. The router does not have an operating system
    C. The router is connected only to a wireless network
    D. The password of the router is not known
    Which port does PPTP use by default?
    2 points
    A. TCP 1721
    B. UDP 1723
    C. TCP 1723
    D. UDP 1721
    There are two routes in the routing table: 0 dst-
    addr=10.1.1.0/24 gateway=5.5.5.5 1 dst-
    addr=10.1.1.4/30gateway=5.6.6.6 Which gateway will be used to
    get to the IP address 10.1.1.6?
    2 points
    A. both - half of the traffic will be routed through one gateway, half through the
    other
    B. 5.5.5.5
    C. the required route is not in the routing table
    D. 5.6.6.6
    There can be more than one PPPoE server in a single broadcast
    domain:
    True
    2 points
    Choose
    Is it possible to limit how many clients are able to connect to an
    access point?
    2 points
    A. No it's not possible at all
    B. Yes, but only with access-lists
    C. Yes
    For static routing functionality, additionally to the RouterOS
    'system' package, you will also need the following software
    package:
    2 points
    A. no extra package required
    B. advanced-tools
    C. routing
    D. dhcp
    Which firewall chain would be used to block a client's MSN traffic
    on a router?
    2 points
    A. static
    B. forward
    C. output
    D. input
    You want to transfer existing '/ip firewall filter' configuration from
    one router to a new system. Choose the best possible way to do:
    2 points
    A. Export global configuration and remove everything apart from '/ip firewall
    filter'
    B. Create backup only of '/ip firewall filter' rules
    C. Create backup, edit backup file and restore on target router
    D. Export only '/ip firewall filter'
    What is the correct action to be specified in the NAT rule to hide a
    private network when communicating to the outside world?
    2 points
    A. masquerade
    B. allow
    C. passthrough
    D. tarpit
    You want to use PCQ and allow 256k maximum download and
    upload for each client. Choose correct argument values for the
    required queue.
    2 points
    A. kind=pcq pcq-rate=5000000 pcq-classifier=dst-address
    B. kind=pcq pcq-rate=1256000 pcq-classifier=dst-address
    C. kind=pcq pcq-rate=256000 pcq-classifier=src-address
    D. kind=pcq pcq-rate=5000000 pcq-classifier=src-address
    E. kind=pcq pcq-rate=256000 pcq-classifier=dst-address
    Which port does PPTP use by default?
    2 points
    A. TCP 1721
    B. UDP 1721
    C. UDP 1723
    D. TCP 1723
    For static routing functionality, additionally to the RouterOS
    'system' package, you will also need the following software
    package:
    2 points
    A. no extra package required
    B. advanced-tools
    C. dhcp
    D. routing
    Which features are removed when advanced-tools package is
    uninstalled?
    2 points
    A. neighbors
    B. LCD support
    C. ip-scan
    D. ping
    E. netwatch
    F. bandwidth-test
    Where can you monitor (see addresses and ports) real-time
    connections which are processed by the router?
    2 points
    A. Firewall Connection Tracking
    B. Firewall Counters
    C. Tool Torch
    D. Queue Tree
    PPP Secrets are used for
    2 points
    A. PPP clients
    B. L2TP clients
    C. IPSec clients
    D. PPtP clients
    E. PPPoE clients
    F. Router users
    How many wireless clients can connect, when wireless card is
    configured to mode=bridge ?
    2 points
    A. 1
    B. 100
    C. 2007
    D. 2
    Router A and B are both running as PPPoE servers on different
    broadcast domains of your network. It is possible to set Router A
    to use "/ppp secret" accounts from Router B to authenticate
    PPPoE customers.
    2 points
    Choose
    What can be used as ’target-address’ in the simple queue?
    2 points
    A. client’s MAC address
    B. server’s address
    C. address list name
    D. client’s address
    DHCP server is configured on a router’s ether1 interface. IP
    address 192.168.0.100/24 is assigned to the interface. Possible
    IP pools, that can be used by this DHCP server, are:
    2 points
    A. 192.168.0.1-192.168.0.255
    B. 192.169.0.1-192.169.0.254
    C. 192.168.0.1-192.168.0.99 , 192.168.0.101-192.168.0.254
    D. 192.168.0.1-192.168.0.14
    What is the correct action for a NAT rule on a router that should
    intercept SMTP traffic and send it over to a specified mail server?
    2 points
    A. tarpit
    B. dst-nat
    C. passthrough
    D. redirect
    What does this simple queue do (check the image)?
    2 points

    A. Queue guarantees upload data rate of one megabit per second for host
    192.168.1.10
    B. Queue limits host 192.168.1.10 download data rate to one megabit per
    second.
    C. Queue limits host 192.168.1.10 upload data rate to one megabit per
    second.
    D. Queue guarantees download data rate of one megabit per second for host
    192.168.1.10
    When viewing the routes in Winbox, some routes will show "DAC"
    in the first column. These flags mean:
    2 points
    A. Dynamic, Active, Console
    B. Dynamic, Active, Connected
    C. Direct, Available, Connected
    D. Dynamic, Available, Created
    What does the firewall action "Redirect" do? Select all true
    statements
    2 points
    A. Redirects a packet to a specified port on the router
    B. Redirects a packet to a specified IP
    C. Redirects a packet to the router
    D. Redirects a packet to a specified port on a host in the network
    Why is it useful to set a Radio Name on the radio interface?
    2 points
    A. To identify a station in the Access List
    B. To identify a station in Neighbor discovery
    C. To identify a station in a list of connected clients
    How many different priorities can be selected for queues in
    MikroTik RouterOS?
    2 points
    A. 16
    B. 1
    C. 8
    D. 0
    Which is the default port of IP-Winbox?
    2 points
    A. TCP 8192
    B. TCP 80
    C. TCP 8291
    D. UDP 8291
    Which of the following is used in standard 802.11 wireless
    networks?
    2 points
    A. FDD
    B. CDMA
    C. CSMA/CA
    D. CSMA/CD
    In order to use dynamic keys in your wireless security profile for
    an AP, you MUST set up the dhcp server to provide the dynamic
    keys.
    False
    2 points
    Choose
    It is possible to have PPTP Client and PPTP server on one
    MikroTik router at the same time.
    True
    2 points
    Choose
    When using routing option 'check-gateway=ping' what is the
    ICMP echo request interval (in seconds)?
    2 points
    A. 30s
    B. 20s
    C. 10s
    D. 60s
    Which of the following Routes statuses are possible?
    2 points
    A. A = Active
    B. C = Connected
    C. S = Static When viewing the routes in Winbox, some routes will show "DAC" in the first column.
    These flags mean
    D. D = Drop
    During a scan, in order to see all the available wireless
    frequencies that are supported by the card, the following option
    must be selected in the wireless card's "Frequency Mode":
    2 points
    A. superchannel
    B. regulatory domain
    C. manual txpower
    One host on an internal network is accessing an external web
    page through a MikroTik router that is doing source NAT. Select
    correct statement about the packets that flow from that web page
    to the host ?
    2 points
    A. Packets go through the input chain
    B. Packets go through the forward chain
    C. Packets go through the output chain
    D. Packets go through the input chain before the routing decision and after
    that through output chain
    In the Route List, the identification DAb for a route stands for
    2 points
    A. direct - active - bgp
    B. direct - acknowledge - backup
    C. dynamic - active - backup
    D. dynamic - active - bgp
    You have a DHCP server on your MikroTik router. The IP
    addresses 10.1.2.2-10.2.2.20 are distributed in the DHCP
    network. Additionally, 3 static IP address are defined for your
    servers: 10.1.2.31-10.1.2.33. After a while 20 more IP addresses
    need to be distributed in the network. It is possible to distribute
    the extra IP address without adding another DHCP Server:
    False
    2 points
    Choose
    Which default route will be active? /ip route add disabled=no
    distance=10 dst-address=0.0.0.0/0gateway=1.1.1.1 add
    disabled=no distance=5 dst-address=0.0.0.0/0 gateway=2.2.2.2
    2 points
    A. Route via gateway 2.2.2.2
    B. Route via gateway 1.1.1.1
    You want to transfer existing '/ip firewall filter' configuration from
    one router to a new system. Choose the best possible way to do:
    2 points
    A. Export global configuration and remove everything apart from '/ip firewall
    filter'
    B. Export only '/ip firewall filter'
    C. Create backup, edit backup file and restore on target router
    D. Create backup only of '/ip firewall filter' rules
    /interface wireless access-list is used for ?
    2 points
    A. Handles a list of Client's MAC Address to permit/deny connection to AP
    B. Shows a list of Client's MAC Address that are already registered at AP
    C. Contains the security profiles settings
    D. Authenticate Hotspot users
    You want to use PCQ and allow 256k maximum download and
    upload for each client. Choose correct argument values for the
    required queue.
    2 points
    A. kind=pcq pcq-rate=256000 pcq-classifier=src-address
    B. kind=pcq pcq-rate=1256000 pcq-classifier=dst-address
    C. kind=pcq pcq-rate=256000 pcq-classifier=dst-address
    D. kind=pcq pcq-rate=5000000 pcq-classifier=src-address
    E. kind=pcq pcq-rate=5000000 pcq-classifier=dst-address
    A DHCP server is configured on a LAN interface which is a port
    on a bridge. The DHCP server does not start. What could be the
    reason(s)?
    2 points
    A. The DHCP server can not run on an interface which is also a bridge port
    B. There might not be an IP address assigned to the LAN Interface
    C. The IP address pool could be incorrectly defined
    D. There may be multiple IP addresses set on the LAN interface
    PPP Secrets are used for
    2 points
    A. PPPoE clients
    B. L2TP clients
    C. IPSec clients
    D. PPP clients
    E. PPtP clients
    F. Router users
    Which firewall chain you should use to filter SSH access to the
    router itself?
    2 points
    A. output
    B. input
    C. prerouting
    D. forward
    In which order are the entries in Access List and Connect List
    processed?
    2 points
    A. By Signal Strength Range
    B. By interface name
    C. In sequence order
    D. In a random order

    You might also like