Professional Documents
Culture Documents
2. The PPPoE server only works in one Ethernet broadcast domain that is connected to it. If there
is a router between the server and the end-user host, it will not be able to create a PPPoE Tunnel
to the PPPoE server.
A. Right
B. False
Answer: A
Discussion: PPPoE uses Layer 2 (MAC) as a means to connect, so between the PPPoE server
and the PPPoE Client must be able to know each other's MAC Address. If there is a Router
between Server & End-User so the MAC cannot be recognized, PPPoE cannot connect.
3. Which configuration menu should you use to change the default Winbox router port?
A. / system resource
B. / ip firewall filter
C. / ip service
D. / ip firewall service-ports
Answer: c
Discussion:
4. Total-Max-limit on Simple Queues will limit the combined upload and download
A. Right
B. False
Answer: A
Discussion: Yes, Total is a Combination of Upload and Download. Regarding the distribution
will be divided automatically. For example, a total of 10 Mb, then it could be Upload 3 Mb,
Download 7 Mb or Upload 6MB, Download 4 Mb
5. How many different priorities can be chosen for Queues on MikroTik RouterOS?
A. 1
B. 8
C. 0
D. 16
Answer: b
Discussion:
By default priority in Queue is already filled with the number 8. That is the lowest priority in the
queue (Queue). This means that there are Priority Options 1 - 8 in the Mikrotik Queue
7. On the Wireless path with mode = ap-bridge. According to tool constraints, what is the
maximum number of clients that can be connected to it?
A. 2012
B. 2048
C. 1024
D. 2007
Answer: d
Discussion: please look at the wireless Tab, look for the posts Max. Station Count as shown
below
8. The router's firewall rules are:
/ ip firewall filter add chain = forward action = jump jump-target = custom
/ ip firewall filter add chain = custom action = passthrough
/ ip firewall filter add chain = forward action = log
When traffic reaches the end of 'chain = custom'. What will happen next?
A. Traffic will continue in the chain = forward action = log
B. Traffic will be accepted in the chain = custom
C. Traffic will be dropped in the chain = custom
Answer: a
Discussion:
It can be seen from the picture above that the Bytes and Packets column has the same number,
meaning that the packet sent by passing to the 3 rule filter. so the last action performed by the
filter is to log.
9. To perform static routing functions, additional to the RouterOS 'system' package, you also
need the following software packages:
A. advanced-tools
B. no extra package required
C. dhcp
D. routing
Answer: b
Discussion: As per https://wiki.mikrotik.com/wiki/Manual:System/Packages Packages System
includes the most basic system needed for routing, including static routing.
10. What is the correct action for NAT rules on routers that must intercept SMTP traffic and send
it to a specific mail server?
A. Passthrough
B. tarpit
C. redirect
D. ff-nat
Answer: d
Discussion: To a particular Mail Server, meaning the mail server is outside the proxy itself, then
the action that can be used is dst-nat
11. Where should you upload the new MikroTik RouterOS package package to upgrade the
router?
A. Any directory in / files
B. FTP the root directory or / files directory of the router
C. System Backup menu
D. System Package menu
Answer: b
Discussion: Router OS Mikrotik Firmware must be placed / uploaded to the outermost folder or
commonly called the root folder so that it can be read by the proxy system and upgraded.
12. Can be more than one PPPoE server in one broadcast domain
a. correct
b. is wrong
Answer: a
Discussion:
As seen in the picture above, in one interface can have several PPPoE servers, later the
difference is the Profile.
13. What type of encryption can be used to make a connection with a simple access code without
using an 802.1X authentication server?
A. WPA EAP / WPA2 EAP
B. WPA PSK / WPA2 PSK
Answer: a
Discussion: Authentication Server can be implemented in PSK Mode, while encryption without
an authentication server is EAP.
17. How many DHCP servers can be configured per interface on RouterOS?
A. Two
B. One
C. Unlimited
D. Five
Answer: b
Discussion: DHCP server can only be made 1 per interfaces. If you try to create a dhcp server
again with an interface that you have used before, it will error / fail.
18. Network ready devices are connected directly to MikroTik RouterBOARD 750 with the
correct UTP. RJ45 functioning cable. The device is configured with the IPv4 address
192.168.100.70 by using the subnet mask 255.255.255.252. What will be a valid IPv4 address
for RouterBOARD 750 for a successful connection to the device?
a.192.168.100.70 / 255.255.255.252
b. 192.168.100.69/255.255.255.252
c. 192.168.100.71/255.255.255.252
d. 192.168.100.68/255.255.255.252
Answer: b
Discussion: calculation of subneting from 192.168.100.70/30 is
Net-ID 192.168.100.68
Range IP 192.168.100.69-192.168.100.70
Broadcast 192.168.100.71
20. Net Id is
a. The first address is used from the subnet
b. The last address of the subnet
c. The first address subnet
Answer: c
Discussion: Net Id is the first address in the subnet, and the net id cannot be used by the host.
21. What is the term for the address code on the hardware found on the interface?
a. IP address
b. MAC address
c. FQDN address
d. interface address
Answer: b
Explanation: Address Code here is meant is a unique code that is on each network interface, as
an introduction to tools in the network. The unique code will be different for each network
device.
22. How many IP addresses can be used in a 23-bit subnet (255.255.254.0)?
a. 512
b. 510
c. 508
d. 254
Answer: b
Explanation: In the calculation of Subneting / 23 or commonly written 255.255.254.0 has a total
of 512 IPs, but the first IP is a Net ID, while the last IP is Broadcast, so there are only 510 IPs
that CAN BE used.
24. If ARP = reply-only is configured on an interface, the interface will be carried out by the
interface.
a. Accept all IP / MAC combinations listed in / ip arp as static entries
b. Accept all IP addresses listed in / arp ip as static entries
c. Add a new MAC address on the arp / ip list
d. Accept all MAC addresses listed in / arp ip as static entries
e. Add a new IP address on the arp / ip list
Answer: a
Discussion: When ARP is set up with Reply-Only on an interface, the interface will only accept
connections from statically registered Mac & IP combinations.
25. If ARP = reply-only is activated on one router interface, the router can add dynamic ARP
entries for a particular interface.
a. False
b. Correct
Answer: b
Explanation: ARP = reply-only settings only apply to each interface that is set, so when only one
interface is set to reply-only, the other interfaces can still do dynamic ARP.
32. How many layers does the Open System Interconnection model have?
a. 7
b. 6
c. 5
d. 12
e. 9
Answer: 7
Explanation: In accordance with the references on https://en.wikipedia.org/wiki/OSI_model , the
Open System Interconnection or abbreviated OSI has 7 layers.
34. You have an 802.11b / g Wireless card. What frequency is available for you?
a. 5800MHz
b. 5210MHz
c. 2422MHz
d. 2327MHz
Answer: c
Explanation: 802.11b / g standard is a WiFi Standard for free Frequency at 2.4Ghz, which is
divided up to 14 Channels and each country has a different standard2. Some only use channel 1-
11, others use channel 1-14. For Indonesia itself using channels 1-13, or more precisely
2412Mhz - 2472Mhz (up 5Mhz not channel)
36. Which is the correct masquarade rule for network 192.168.0.0/24 on routers with out-
interface = ether1?
a. / ip firewall nat add action = masquarade chain = srcnat
b. / ip firewall nat add action = masquarade chain = srcnat src-address = 192.168.0.0 / 24
c. / ip firewall nat add action = masquerade out-interface = ether1 chain = dstnat
d. / ip firewall nat add action = masquarade chain = srcnat out-interface = ether1
Answer: d
Explanation: confused explain it ... but if you ever practice in the proxy directly, surely
understand ... basically the answer D ^^
37. Can you add drivers manually to RouterOS if your PCI Ethernet card is not recognized?
a. Yes
b. Not
Answer: b
Explanation: Not all PCI Ethernet on the market can run RouterOS Mikrotik. Therefore, if you
find a PCI Ethernet driver that cannot be read by RouterOS it is expected to report to the
Mikrotik to make the driver.
38. Which part needs to be / Simple Queues to set the bandwidth limit?
a. target-address, max-limit
b. target-address, dst-address, max-limit
c. target-address, etc-address
d. max-limit
Answer: a
Explanation: When setting Simple Queue, there are 2 things we must set at a minimum. i.e.
target address and max limit. while other settings such as bursh, limit at, time, parrent are not
required to be set.
39. What protocol is used for the Ping and Trace route?
a. DHCP
b. IP
c. TCP
d. ICMP
e. UDP
Answer: d
Explanation: Ping and Trace use the ICMP Protocol. Reference:
https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol
40. Why is it useful to set the Radio Name in the Radio Interface?
a. Identifies the station in the connected Client List
b. Identifies the station in the Access List
c. Identifies a station on the Neighbor List
Answer: c
Explanation: in a large network environment with many devices it is necessary to name the radio
so that it is easy to set up. so even though the SSID issued by the radio is the same name, we can
still distinguish through the Neighbor List Facility to see the Radio Name / Radio Name
41. Routers A and B both run as PPPoE servers on a broadcast domain that is different from your
network. Is it possible to set Router A to use the "/ ppp secret" account from Router B to
authenticate PPPoE customers?
a
b.No
Answer: b
Explanation: PPPoE Server Authentication must be in 1 Local network, because it must be
physically connected. must know each other's MAC Address from the PPPoE server and from
the Host
42. If you need to ensure that one computer on your HotSpot network can access the Internet
without HotSpot authentication, which menu allows you to do this?
a. User
b. IP Binding
c. Walled-garden
d. Walled-garden IP
Answer: b
Explanation: IP Binding is one of the facilities in a proxy hotspot to specialize a computer with a
certain MAC / IP to pass through the Hotspot login page. Can also to block, so can not enter the
hotspot page.
45. PCs with IP 192.168.1.2 can access the internet, and a static ARP has been set for the IP
address at the gateway. When the PC Ethernet card fails, the user changes it to a new card and
sets the same IP for it. What else to do?
a. Old static ARP entries at the gateway must be updated for the new MAC Adreess
b. Nothing - this will work as before
c. The MAC-address of the new card must be changed to the old card's MAC-address
d. Another IP must be added for Internet access
Answer: a
Explanation: Because the static ARP method is turned on, the Router will only handle
connections from a combination of IP and MAC that are already registered on the Router. So
when there is a change of Ethernet Card in the client, you must change the Mac Address in the
ARP table list owned by IP 192.168.1.2 with the Mac Address of the newly installed Ethernet
Card.
46. The default TTL (time to live) on the router that can be fed by an IP packet is:
a. 60
b. 30
c. 1
d. 64
Answer: d
Explanation: By default TTL uses an IP packet of 64, although in some cases there are device
manufacturers that use TTL 128 (usually used to flash firmware)
48. In the advanced menu of the wireless setup there is a parameter called "Area", it works
directly with:
a. Connect List
b. Access list
c. There isn't any
d. Safety Profile
Answer: c
Explanation: Still Not Knowing the reason, maybe someone can explain in the comments column
or can directly contact me through contact.
49. When backing up a router, you use the 'Export' command, the following happens:
a. Winbox user names and passwords are reserved
b. Export files can be edited with a standard text editor after creation
c. You are asked to name the export file
Answer: c
Explanation: When Performing the 'Export' command only, you will be asked to enter the name
of the Export file. For further information File Export is a copy of CLI-based commands for
configuring RouterOS. So that the Export File can be edited and can be entered into a Router
with a different type.
50. You need to reboot RouterBoard after importing the previously exported rsc file to activate
the new configuration.
a. Correct
b. False
Answer: wrong
Explanation: Unlike backup files or firmware upgrade files. The router does not need to restart to
run the rsc file. but must be called via the CLI with the Import command.
51. It is not possible to disable the "admin" user on the "/ user" menu
a. Correct
b. False
Answer: b
Explanation: admin user can be disabled or deleted as long as there are other users with full
groups (Full Access to all parts of routerOS)
52. We have two radio cards in a point-to-point relationship with the settings:
Card Number 1: mode = ap-bridge ssid = "office"
frequency = 2447 band = 2.4ghz-b / g default-authentication = yes default-forwarding = yes
security-profile = wpa
Card Number 2: mode = ssid station = "office"
frequency = 2412 band = 2.4ghz-b / g default-authentication = yes default-forwarding = yes
security-profile = wpa2
Is the Nr2 Card. able to connect to Card Nr 1.?
a. Yes, if Nstreme is activated or deactivated in both
b. Yes, if the security profile settings are compatible with each other and Nstreme is enabled or
disabled in both
c. No, because of different frequencies
d. No, because of different security profiles
Answer: c
Explanation: The relationship between wireless devices must be based on several things. But the
main thing is the selection of the same frequency.
59. MikroTik RouterOS sends logs to an external syslog server. Which protocols and ports does
RouterOS use to send logs (by default)?
a. UDP 514
b. UDP 215
c. UDP 213
d. TCP 510
Answer: a
Explanation: reference https://wiki.mikrotik.com/wiki/Manual:System/Log
62. Please select a valid scan-list value in the wireless interface configuration:
a. 5560,5620-5700
b. 5640 ~ 5680
c. default, 5560.5600,5660-5700
d. 5540,5560,5620 + 5700
Answer: a
Explanation: Scan List is a list of frequencies that will be scanned by wireless when wireless is
in station mode, the correct writing is by commas or -
63. When adding static routes, you must always ensure that you add gateways and interfaces.
A. False
b. Correct
Answer: a
Explanation: In adding a Static Route, only 2 need to be filled in, namely Etc. Address and
Gateway. Interfaces will be automatically searched by routes according to the gateway entered.
64. You want to allow multiple people to log in with one user on the HotSpot server. How should
this be configured?
a. Set the "Shared User" option in the User Profile / ip hotspot
b. It is impossible
c. Set the "Shared User" option in / ip hotspot
d. Set "only-one = no 'at / ip hotspot
Answer: a
Explanation: In order for 1 user to be used by several people, it needs to be set in the Shared
User, and the Shared User at the User Profile Hotspot.
65. In what order are entries in the access list and connect list processed?
a. In descending order
b. In random order
c. With a Signal Strength Range
d. With the name of the interface
Answer: a
Explanation: As a rule, all processes in RouterOS must be sequential and each has a rule on how
the order is arranged, as in routes, which are based on distance and subneting, while the access lit
and connect list are in sequence.
66. Could the client get an IP address but no gateway after a successful DHCP request?
a. False
b. Correct
Answer: a
Explanation: in a DHCP Server, besides sending an IP Address to the client, SURE will also
send a Gateway. While DNS might not be sent. Because in the settings the Gateway is required
to be filled.
67. The firewall configuration is as follows:
1) / ip firewall filter add chain = input protocol = icmp action = jump jump-target = ICMP
2) / ip firewall filter add chain = input protocol = icmp action = log log-prefix = ICMP-DENY
3) / ip firewall filter add chain = input protocol = icmp action = drop
4) / ip firewall filter add chain = ICMP protocol = icmp action = log log-prefix = JUMP-ICMP-
DENY
5) / ip firewall filter add chain = ICMP protocol = icmp action = drop
The client sends "pings" to the router. What will the router do?
a. The router will drop packets on the ICMP (jump) chain drop rule (rule 5)
b. The router will record it with the prefix: ICMP-DENY
c. The router will drop packets on the drop drop rule (rule 3)
d. The router will record it with the prefix: JUMP-ICMP-DENY
Answer: a
Explanation: In the Firewall configuration above we can know the order of rules as follows:
rule 1. when there are people who do PING through the icmp protocol, they will immediately
jump to the chain = ICMP (rule 4)
rule 4. after entering rule 4, the router will logging (JUMP-ICMP-DENY). after that the traffic
will continue to the next rule (rule 5)
rule 5. PING traffic will be dropped in accordance with the rule
69. When solving network problems from within the network, you find that you can ping the
gateway normally, but you cannot surf the Internet. What is the most likely problem?
a. DNS not available
b. The computer does not get an IP address
c. Network card and / or cable does not work
d. Masquarade Rules do not apply
Answer: a
Explanation: in addition to ensuring that the internet is connected to the Gateway, it must also be
connected to the DNS. Gateway for Checking Paths to the internet, while DNS functions to
change IP addresses to web addresses.
70. What is indicated by connection-state = established matcher?
a. The packet starts a new TCP connection
b. The package does not match the known connection
c. Packages belonging to an existing connection, for example a reply package or a package that
includes a connection that has been answered
d. The packet is related to, but is not part of an existing connection
Answer: c
Explanation: established is a reply data connection from the packet being connected. reference:
https://www.linuxtopia.org/Linux_Firewall_iptables/x1347.html
71. For static routing functionality, in addition to the RouterOS system package, you also need
the following software packages:
a. route
b. there is no
c. dhcp
d. advanced tool
Answer: b
Discussion: As per https://wiki.mikrotik.com/wiki/Manual:System/Packages Packages System
includes the most basic system needed for routing, including static routing.
72. Configuring HotSpot is possible on MikroTikRouterOS only with the Wireless interface.
a. yes
b. Not
Answer: b
Explanation: Hotspot configuration on the RouterOS Router can be done on several interfaces,
such as Ethernet, wireless, VLAN, Bridge.
73. Which choice should you use when you want to prevent access from one particular address to
your router's web interface?
a. add chain = forward in the Firewall Filter
b. add Chain in the Firewall Filter
c. Group settings for System users
d. WWW Service from / IP Service
Answer: d
Explanation: in order to prevent inward access through the proxy webfig facility, it is necessary
to turn off the www service feature located at / ip service
74. Which of the following prevents unknown clients from connecting to your AP?
a. Check the "Don't Accept Unknow Client" box in the Wireless configuration
b. Uncheck "Default Authenticate" on the Wireless card configuration, and add each known
client MAC address to your Access List configuration which ensures that you enable
"authentication" on the entry
c. Adding each known client MAC address to your Access List configuration is the only step
required
d. Uncheck "Default Authenticate" on the Wireless card configuration, and add each known
client MAC address to the configuration list of the Connect List
e. Configure radius server under "/ radius"
Answer: b
Explanation: turn off the default Authenticate feature in the wireless settings
75. Check the permitted input formats for the Wireless scan list.
a. 5500 5700
b. 5500-5700
c. 5500,5700
d. 5500 - 5700
e. 5500/5700
Answer: b
Explanation: Scan List is a list of frequencies that will be scanned by wireless when wireless is
in station mode, the correct writing is by commas or -
80. Where can you see real-time connections processed by the router?
a. Query Tree
b. Torch Tool
c. Firewall Counter
d. Connection Tracking Firewall
Answer: d
Explanation: Connection Traking is a proxy feature for capturing traffic that passes through the
router in realtime:
82. Could the same IP address be included in several address lists and still be used by some of
the address lists?
a. correct
b. is wrong
Answer: a
Explanation: The address list in a firewall is a table that contains the IP and its categories. and
you can enter the same IP into several categories, all of which are active according to the rules
that are applied in the filter rule, nat, or mangle.
85. You want to limit bandwidth for your HotSpot users. HotSpot can create a Dynamic Queue
for user logins to limit bandwidth.
a. Yes, right
b. Not wrong
Answer: b
Explanation: Bandwidth Limitation on Hotspots can be done in 2 places, namely in the Server
Profile as the Main / Overall Limitation. and in the User Profile to limit per User
86. You start a wireless scan on your Access Point. What will happen ?
a. All connected clients will disconnect
b. You will see all connected clients
c. You will see the available frequency
Answer: a
Explanation: when scanning wireless on wireless with AP-Bridge mode, all connected clients
will be disconnected. That is because during a wireless scan, the wireless mode will temporarily
(during the scan) change to station mode.
87. What types of users are listed on the "/ user" menu?
a. PPTP User
b. Wireless User
c. User Hotspot
d. User Router
Answer: d
Explanation: in the User menu there are only settings about the User Router
88. Which chain firewall should you use to filter ICMP packets from the router itself?
a. Input
b. Forward
c. Postrouting
d. The output
Answer: d
Explanation: a packet coming out of the router itself, meaning that the chain uses Output.
89. Which version of software can be installed to the following type of RouterBoard?
a. routeros-mipsbe-x.xx.npk on RB433
b. routeros-powerpc-x.xx.npk on RB333
c. routeros-mipsle-x.xx.npk on RB133
d. routeros-x86-x.xx.npk on RB1100
e. routeros-mipsbe-x.xx.npk on RB133
Answer: a and b
Explanation: Each Mikrotik Type has RouterOS respectively, for more details as a reference can
be seen at: https://mikrotik.com/download
91. You have a Wireless interface with Security to use the nstreme protocol?
a. Yes, but Nstreme will be used for all SSIDs assigned to that physical interface
b. Yes, but Nstreme can only be used for SSID = WLAN1.
c. No, Nstreme cannot be used on the Wireless interface if VirtualAP is in it.
d. Yes, but Nstreme can only be used for SSID = VAP1.
Answer: b
Explanation: both the nstreme and nV2 protocols can only be used / managed on WLAN1, while
the Vwlan / wlan2 cannot regulate both the nstreme and nV2 protocols.
93. What does the letter "R" in an active session in the PPP Active Connections menu mean?
a. Run
b. Radius
c. Random
d. Running
Answer: D
Explanation: in PPP, the meaning of Hurus R is Running
94. Routers have Wireless and Ethernet client interfaces, all client interfaces areridge. To create
DHCP services for all clients you must configure the DHCP server on:
a. every Port on the Bridge
b. only in Bridge Interface
c. Every Ethernet and Wireless interface
d. DHCP service is not possible in this setting
Answer: b
Explanation: when all interfaces are bridged, all main settings must be made on the bridge
interface. not in each of the interfaces anymore.
98. Mark all correct statements about / export file = {name of an rsc file}.
A. Exports files which can not edited
B. Exports full configuration of the router (without RouterOS user passwords)
C. Exports logs from /log print
D. Exports only part of the configuration (for example /ip firewall)
Answer: b,d
100. What firewall actions are "Redirect"? Select all correct statements.
A. Redirects a packet to a specified port on the router
B. Redirects a packet to a specified IP
C. Redirects a packet to the router
D. Redirects a packet to a specified port on a host in the network
Answer: a,c
101. On MikroTik RouterOS, Layer-3 communication between 2 hosts can be achieved using
subnet addresses from:
a. / 31
b. / 29
c. / 32
d. / 30
answer: b,c,d
103. Which of the following protocols / ports is used for SNMP? (Simple Network Management
Protocol)
a. TCP 162
b. UDP 162
c. UDP 161
d. TCP 25
e. TCP 123
f. TCP 161
answer: b,c
104. What letters appear next to the route, which is automatically generated by RouterOS when
the user adds a valid address to the active interface?
A. A
B. C
C. S
D. I
E. D
Answer: e,a,b
105. What wireless standards can we use to achieve 100 Mbps throughput ?
a. 802.11 b / g
b. 802.11 a / b / g
c. 802.11 a
d. 802.11 a / n
e. 802.11 a / b / g / n
f. 802.11 a / n / ac
answer: e,d,f
109. Two hosts, A and B, are connected to the broadcast LAN. Select all answers that indicate
pairs of IP addresses / masks that allow IP connections to be formed between the two hosts.
a. J: 10.1.2.66/25 day B: 10.1.2.109/26
b. A: 10.2.2.1/23 and B: 10.2.0.1/22
c. J: 10.1.2.192/24 day B: 10.1.2.129/26
d. J: 10.2.1.0/23 day B: 10.2.0.1/22
answer: a,d
110. What types of users are listed in the Secret PPP menu window?
a. pptp users
b. l2tp users
c. winbox users
d. wireless users
e. pppoe users
f. hotspot users
answer: a,b,e
111. Clients of the MikroTik RouterOS DHCP-server can receive the following options:
a. Batas Byte
b. IP Gateway
c. Tariff limit
d. Uptime Limit
e. IP and Subnet addresses
answer: b,e
112. You want to use PCQ and allow a maximum of 256k downloads and uploads for each
client. Select the correct argument value for the required queue.
at. jenis = pcq pcq-limit = 1256000 pcq-classifier = dst-address
b. jenis = pcq pcq-limit = 256000 pcq-classifier = dst-address
vs. jenis = pcq pcq-limit = 5000000 pcq-classifier = src-address
d. jenis = pcq pcq-limit = 256000 pcq-classifier = src-address
e. jenis = pcq pcq-limit = 5000000 pcq-classifier = dst-address
answer: b,d
114. Among the following statements are possible solutions for managing two network bridges
via a wireless link:
a. Both devices are in AP mode and activate WDS mode
b. One device in AP mode, another in station-pseudobridge-clone
c. One device in AP mode, another at the pseudobridge station
d. One device in AP mode, another at the station
answer: b,c
115. If a packet enters the router and starts a new connection that was not previously there, then
it is called:
a. no connection status will be applied to the package
b. new
c. invalid
d. establish
e. releated
answer: a
118. You are planning a migration from a wireless link using 802.11a at 5GHz (without nstrem)
to using Nv2 at 5GHz. If you change the AP from 802.11a to Nv2, you don't want the client to
release it for more than a few seconds during the upgrade.
Assuming the client is able to operate with Nv2 (the correct hardware, encryption key and the
correct version of ROS), the settings for 'wireless protocol' must be enabled on the client so that
the client can automatically detect the protocol used by the AP and continue to connect with
802.11a or Nv2: (select all that apply)
a. Nv2
b. Nv2-nstreme-802.11
c. anything
d. not specified
answer: b
121. In Winbox, hide password is not checked so it can show a password for the following
a. RouterOS User
b. User Hotspot
c. RADIUS User
d. PPP Secret
answer: b, c, d
123. MikroTik WebProxy is able to perform cache storage functions on internal and external
storage. What parameters are there on WebProxy to determine where cache storage is stored,
what parameters?
a. Cache path
b. Disk Cache
c. Cache on Storage
d. Cache On Disk1
answer: a
124. One of the network security can be done by the port knocking method, for example before
being able to access a server the user must first send a packet with a certain size, for example
1000 bytes. What parameters in the firewall can we use to detect the size of a packet?
a. Package Size
b. Counter Package
c. Conten Size
d. Counting Package
answer: a
125. If we use simple queues, what parameters determine the total amount of automatic
downloads and uploads
a. total max limit
b. Max total bandwidth
c. total max queue
d. total max rate
answer: a
126. One of the functions that exist in RouterOS is SMS, the RouterOS system can be instructed
to send an SMS to a certain number. What additional tools are needed so that this can be done?
a. GSM mode
b. SMS server
c. SMS gateway
answer: a
127. On Mikrotik wireless there is a tool that can detect the percentage of density usage around
the frequency?
a. freq. used
b. a scan
c. snooper
d. sniff
answer: a
128. There is a subnet with ip 10.10.10.167/26, what is the broadcast ip of that IP address?
a. 10.10.10.191
b. 10.10.10.164
c. 10.10.10.192
d. 10.10.10.165
e. 10.10.10.190
answer: a
130. What parameters impose limits on a Queues that can be reached if the perent above still has
residual bandwidth that can be used?
a. max limit
b. max bandwidth
c. max queue
d. max rate
answer: a
131. Among the flow packets containing input, output, and postrouting, which packet is the last
packet, if the data packet from outside the router goes to the router?
a. the input
b. the output
c. postrouting
answer: a
132. If you want to use pcq for per-protocol perimeter, for example web, email, ftp, etc. What
classifier should we use to identify upload traffic?
a. Src. Address
b. Etc. Address
c. Upload Target
d. Upstream Tager
answer: a
133. Before installing a wireless access point radio, it helps you scan the area, Name 2 wireless
tools that can be used to scan!
a. snooper
b. a scan
c. scanning
d. sniffing
answer: a and b
134. What tools can monitor the amount of traffic on an interface and will run a triger if there is
a change in traffic passing under certain tools?
a. monitor traffic
b. monitoring interface
c. traffic interface
d. torch
answer: a
135. on firewall actions, one of them is through. What is the function of passthrough?
a. traffic just passes through the router
b. traffic will be forwarded to the next rule
c. traffic will be blocked
d. traffic will be forwarded but recorded first.
Answer: b
136. When a packet is sent, then the process of adding packet header is known as?
a. encapsulation
b. decapsulation
c. compression
d. labeling
answer: a
137. Regarding the OSI layer, which layer is responsible for maintaining the host to host
connection and also the stability of the connection?
a. Transport Layer
b. Network Layer
c. Session Layer
d. Presentation Layer
Answer: a
138. HTTPS protocol usually uses TCP protocol and port 443. Mention the type of tunnel that is
supported by proxy which also uses the protocol and the port!
a. OVPN
b. PPTP
c. PPOE
d. L2TP
Answer: a
139. Mikrotik has a DHCP client feature that can get IP automatically from a DHCP server.
Mention 2 types of interfaces that can be used as DHCP clients in addition to Ethernet!
a. wireless
b. bridge
c. vlan
d. pppeo
answer: a, b, c
140. Regarding routing, the default route on the proxy can be monitored using the check gateway
feature. Mention 2 monitoring methods that are applied to the check gateway process?
a. Arp
b. Ping
c. Trace
d. Trace route
e. Answer: a, b
141. On a web proxy we can limit the total cache amount on our OS router. What parameters can
we use to do this?
a. Max cache size
b. Max cache object size
c. Max proxy disk
d. Max Storage Used
Answer: a
142. We can block certain data packages by using the firewall filter feature. What parameters can
we use to detect data packages both the source port and the destination port on a connection?
a. Protocol
b. Port
c. In Interfaces
d. Out Interfaces
e. Target Port
f. Protocol Target
Answer: a, b
143. We want to use multilevel HTB with simple queue so there are rules that function as parents
and there are several rules that function as children. what should we fill in the target parameter in
the parent rule
a. 0.0.0.0/0
b. Interface Parent
c. All Interfaces
Answer: a
144. There are various tools provided on the proxy for monitoring networks. What monitoring
tools are able to identify the protocol as well as the port in realtime?
a. Torch
b. Traffic Monitoring
c. Graph
d. Realtime Traffic
Answer: a
145. To secure wireless access points on a proxy we can activate the security profile and use
WPA 1 or WPA 2. Explain what happens if both WPA 1 and WPA 2 are activated as security!
a. The client cannot be connected because it cannot determine what Security mode is used
b. The client will automatically choose the strongest Security
c. Mikrotik will randomly choose the security method
d. Mikrotik will arrange the security of the strongest in accordance with security facilities on the
client
Answer: d
146. There are features on the proxy where the Ethernet interface that is in the routerboard can be
combined into 1 segment but it can also be transferred without the need to overload the CPU.
What features does this feature use?
a. Switch chip
b. Master-Slave
c. Hardware-Offload
d. Bridge
Answer: a
148. There is a router whose ETH 1 interface is connected to a client pc device which then ETH
2 is connected to an internet device to capture data downloaded from the client, the ETH 1
interface can be used as what parameter on the firewall filter
a. Out interface
b. in interface
c. in interfaces list
d. out interfaces list
answer: a
149. Simple Queue number 0 defines 2M for upload and download for target IP 10.10.0.33.
Simple Queue number 1 defines 4M for upload and download for target IP 10.10.0.33.
Client 10.10.0.33 is be able to obtain
A. 2M upload / download
B. 4M upload / download
C. 0M upload / download
D. 6M upload / download
Answer: a
Which queue will get more bandwidth than the limit-at in the worst case scenario?
Select one:
a.C3
b. C1
c. D1
d. C2
e. D2
Answer: D
Note: Please if there is an answer / explanation that is wrong, contact me so I can correct it
immediately. also include the wrong section and also send the link as a reference to the truth that
you convey