MIKROTIK
Where can you monitor (see addresses and ports) real-time connections which are processed by the router? A. Firewall Connection Tracking B. Firewall Counters C. Tool Torch D. Queue Tree
A. Firewall Connection Tracking C. Tool Torch
Can you manually add drivers to RouterOS in case your PCI Ethernet card is not recognized, and you suspect it is a driver issue? A. Yes B. No
B. No
Which of the following protocols / port s are used for SNMP. (Simple Network Managemnt Protocol) A. TCP 25 B. TCP 161 C. UDP 162 D. TCP 162 E. TCP 123 F. UDP 161
C. UDP 162 F. UDP 161
Which features are removed when advanced-tools package is uninstalled? A. neighbors B. LCD support C. ip-scan D. ping E. netwatch F. bandwidth-test
C. ip-scan D. ping E. netwatch
What kind of users are listed in the Secrets window of the PPP menu? A. Hot-Spot users B. wireless users C. l2tp users D. pptp users E. pppoe users F. winbox users
C. l2tp users D. pptp users E. pppoe users
In RouterOS queue configurations the word "total" usually represents A. download - upload B. upload C. upload + download D. Download
C. upload + download
Consider the following diagram. We want to communicate from a device on LAN1 to a device on LAN2. Assuming that all necessary configurations are already included on R2, which of the following configurations in R1 would enable this communication? A. /ip route add dst-address=192.168.1.0/24 src-address=192.168.0.0/24 gateway=192.168.99.2 B. /ip route add dst-address=0.0.0.0/0 gateway=Ether1 C. /ip route add dst-address=192.168.0.0/24 gateway=192.168.0.1 D. /ip route add dst-address=192.168.1.0/24 gateway=192.168.99.2 E. /ip route add dst-address=0.0.0.0/0 gateway=192.168.99.2
D. /ip route add dst-address=192.168.1.0/24 gateway=192.168.99.2
Simple Queue number 0 defines 2M for upload and download for target IP 10.10.0.33. Simple Queue number 1 defines 4M for upload and download for target IP 10.10.0.33. Client 10.10.0.33 is be able to obtain A. 6M upload/download B. 0M upload/download C. 4M upload/download D. 2M upload/download
D. 2M upload/download
There are two routes in the routing table: 0 dst-addr=10.1.1.0/24 gateway=5.5.5.5 1 dst-addr=10.1.1.4/30 gateway=5.6.6.6 Which gateway will be used to get to the IP address 10.1.1.6? A. both - half of the traffic will be routed through one gateway, half through the other B. 5.5.5.5 C. the required route is not in the routing table D. 5.6.6.6
D. 5.6.6.6
What does the firewall action "log" do? A. It logs and blocks the packet B. It blocks and logs the packet C. It adds a prefix to the packet and passes it through D. It logs the packet
D. It logs the packet
What is term for the hardware coded address found on an interface? A. FQDN Address B. IP Address C. Interface Address D. MAC Address
D. MAC Address
Which of the following are valid IP addresses? A. 10.10.14.0 B. 192.168.256.1 C. 192.168.13.255 D. 1.27.14.254
A. 10.10.14.0 C. 192.168.13.255 D. 1.27.14.254
Choose all valid hosts address range for subnet 15.242.55.62/27 A. 15.242.55.33 15.242.55.62 B. 15.242.55.32 15.242.55.63 C. 15.242.55.31 15.242.55.62 D. 15.242.55.33 15.242.55.63
A. 15.242.55.33 15.242.55.62
How many different priorities can be selected for queues in MikroTik RouterOS? A. 16 B. 1 C. 8 D. 0
A. 16
Question: 3 Select which of the following are 'Public IP addresses': A. 172.168.254.2 B. 172.28.73.21 C. 11.63.72.21 D. 10.110.50.37 E. 192.168.0.1
A. 172.168.254.2 C. 11.63.72.21
A network ready device is directly connected to a MikroTik RouterBOARD 750 with a correct U.T.P. RJ45 functioning cable. The device is configured with an IPv4 address of 192.168.100.70 using a subnet mask of 255.255.255.252. What will be a valid IPv4 address for the RouterBOARD 750 for a successful connection to the device? A. 192.168.100.69/255.255.255.252 B. 192.168.100.70/255.255.255.252 C. 192.168.100.71/255.255.255.252 D. 192.168.100.68/255.255.255.252
A. 192.168.100.69/255.255.255.252
Which of the following is the valid host range for the subnet on which the IP address 192.168.168.188 255.255.255.192 resides? A. 192.168.168.129-190 B. 192.168.168.129-191 C. 192.168.168.128-190 D. 192.168.168.128-192
A. 192.168.168.129-190
Consider a wireless access point with mode=ap-bridge. What is the maximum number of concurrent clients that can connect to it? A. 2007 B. 2012 C. 2048 D. 1024
A. 2007
Please select valid scan-list values in interface wireless configuration: A. 5560,5620-5700 B. 5640~5680 C. default,5560,5600,5660-5700 D. 5540,5560,5620+5700
A. 5560,5620-5700 C. default,5560,5600,5660-5700
Which of the following is NOT a valid MAC Address? A. 80:GF:AA:67:13:5D B. 95:B5:DD:EE:78:8A C. 88:0C:00:99:5F:EF D. EA:BA:AA:EE:FF:CB E. 13:16:86:53:89:43
A. 80:GF:AA:67:13:5D - G neexistuje v mac
Which of the following Routes statuses are possible? A. A = Active B. C = Connected C. S = Static D. D = Drop
A. A = Active B. C = Connected C. S = Static
Which of the following is used in standard 802.11 wireless networks? A. CSMA/CA B. CDMA C. FDD D. CSMA/CD
A. CSMA/CA
Destination NAT (chain dstnat, action dst-nat) can be used to: A. Change destination port B. Direct users from the Internet to a server within your local network C. Change source port D. Hide your local network from the Internet
A. Change destination port
Which of the following keystrokes enables safe mode in console: A. Ctrl+x B. Ctrl+c C. Ctrl+d D. Ctrl+s
A. Ctrl+x
You want to transfer existing '/ip firewall filter' configuration from one router to a new system. Choose the best possible way to do: A. Export only '/ip firewall filter' B. Create backup only of '/ip firewall filter' rules C. Create backup, edit backup file and restore on target router D. Export global configuration and remove everything apart from '/ip firewall filter'
A. Export only '/ip firewall filter'
When adding a static route, you must always ensure that you add both the gateway and the interface. A. False B. True
A. False
MAC layer by OSI model is also known as A. Layer 2 B. Layer 1 C. Layer 6 D. Layer 7 E. Layer 3
A. Layer 2
What is possible with Netinstall? A. MikroTik RouterOS reinstall B. MikroTik RouterOS password reset with saving router's configuration C. MikroTik RouterOS configuration reset
A. MikroTik RouterOS reinstall B. MikroTik RouterOS password reset with saving router's configuration C. MikroTik RouterOS configuration reset
What is marked by connection-state=established matcher? A. Packet belongs to an existing connection,for example a reply packet or a packet which belongs to already replied connection B. Packet is related to, but not part of an existing connection C. Packet does not correspond to any known connection D. Packet begins a new TCP connection
A. Packet belongs to an existing connection,for example a reply packet or a packet which belongs to already replied connection
Which default route will be active? /ip route add disabled=no distance=10 dst-address=0.0.0.0/0 gateway=1.1.1.1 add disabled=no distance=5 dst-address=0.0.0.0/0 gateway=2.2.2.2 A. Route via gateway 2.2.2.2 B. Route via gateway 1.1.1.1
A. Route via gateway 2.2.2.2
You would like to allow multiple logins with one user name on a Hot-Spot server. How should this be configured? A. Set "Shared Users" option at /ip Hot-Spot user profile B. It's not possible C. Set "Shared Users" option at /ip Hot-Spot D. Set "only-one=no' at /ip Hot-Spot
A. Set "Shared Users" option at /ip Hot-Spot user profile
There can be more than one PPPoE server in a single broadcast domain: A. True B. False
A. True
MikroTik RouterOS is sending logs to an external syslog server. Which protocol and port is used by RouterOS for sending logs (by default)? A. UDP 514 B. UDP 21 C. UDP 113 D. TCP 110
A. UDP 514
Select minimal set of software packages in RouteOS required to configuring a wireless AP A. Wireless B. advanced-tools C. dhcp D. routing E. System
A. Wireless E. System
Which firewall chain should you use to filter ICMP packets from the router itself? A. input B. postrouting C. forward D. output
A. input
What kind of users are listed in the "/user" menu? A. router users B. wireless users C. Hot-Spot users D. pptp users
A. router users
How many wireless clients can connect, when wireless card is configured to mode=bridge? A. 1 B. 100 C. 2007 D. 2
A. 1
How many DHCP servers can be configured per interface on RouterOS? A. Five B. One C. Two D. Unlimited
B. One
When using routing option 'check-gateway=ping' after how many timeouts is gateway considered unreachable: A. 4 B. 1 C. 2 D. 3
C. 2
What protocol does ping use? A. TCP B. ARP C. UDP D. ICMP
D. ICMP
There are two wireless cards (wlan1 and wlan2) which are bridged together. On wlan1 card there is a setting "Forwarding=no". Choose the correct answer(s): A. Stations on wlan2 will be able to communicate with stations on wlan2 B. Stations on wlan2 will be able to communicate with stations on wlan1 C. Stations on wlan1 will be able to communicate with stations on wlan1 D. To prevent communication between wlan1 and wlan2 one cannot use Bridge Filters E. Stations on wlan1 will be able to communicate with stations on wlan2
D. To prevent communication between wlan1 and wlan2 one cannot use Bridge Filters
What can be used as 'target-address' in the simple queue? A. client's MAC address B. server's address C. address list name D. client's address
D. client's address
In the Route List, the identification DAb for a route stands for A. direct - active - bgp B. direct - acknowledge - backup C. dynamic - active - backup D. dynamic - active - bgp
D. dynamic - active - bgp
What is the correct action for a NAT rule on a router that should intercept SMTP traffic and send it over to a specified mail server? A. tarpit B. dst-nat C. passthrough D. redirect
D. redirect
Your Company has been assigned a 172.16.25.0/25 network from your ISP. What are the possible options to divide the network into subnets? A. one /23 and one /27 B. four times /27 C. two times /24 D. two times /26
D. two times /26
The highest queue priority is A. 1 B. 256 C. 16 D. 8
A. 1
It is possible to create an encrypted PPPoE tunnel in RouterOS: A. true B. false
A. true
Select valid subnet masks: A. 255.192.0.0 B. 255.255.192.255 C. 192.0.0.0 D. 255.255.224.0
A. 255.192.0.0 C. 192.0.0.0 D. 255.255.224.0
PPP Secrets are used for A. PPPoE clients B. L2TP clients C. IPSec clients D. PPP clients E. PPtP clients F. Router users
A. PPPoE clients B. L2TP clients D. PPP clients E. PPtP clients
A DHCP server is configured on a LAN interface which is a port on a bridge. The DHCP server does not start. What could be the reason(s)? A. The DHCP server can not run on an interface which is also a bridge port B. There might not be an IP address assigned to the LAN Interface C. The IP address pool could be incorrectly defined D. There may be multiple IP addresses set on the LAN interface
A. The DHCP server can not run on an interface which is also a bridge port
The network address is A. The first address of the subnet B. The first usable address of the subnet C. The last address of the subnet
A. The first address of the subnet
If ARP=reply-only is configured on an interface, tcarmehis interface will A. accept all IP addresses listed in '/ip arp' as static entries B. add new MAC addresses in '/ip arp' list C. accept IP and MAC address combinations listed in '/ip arp' list D. accept all MAC-addresses listed in '/ip arp' as static entries E. add new IP addresses in '/ip arp' list
A. accept all IP addresses listed in '/ip arp' as static entries
You want to use PCQ and allow 256k maximum download and upload for each client. Choose correct argument values for the required queue. A. kind=pcq pcq-rate=256000 pcq-classifier=src-address B. kind=pcq pcq-rate=1256000 pcq-classifier=dst-address C. kind=pcq pcq-rate=256000 pcq-classifier=dst-address D. kind=pcq pcq-rate=5000000 pcq-classifier=src-address E. kind=pcq pcq-rate=5000000 pcq-classifier=dst-address
A. kind=pcq pcq-rate=256000 pcq-classifier=src-address C. kind=pcq pcq-rate=256000 pcq-classifier=dst-address
What is the correct action to be specified in the NAT rule to hide a private network when communicating to the outside world? A. masquerade B. allow C. passthrough D. tarpit
A. masquerade
For static routing functionality, additionally to the RouterOS 'system' package, you will also need the following software package: A. no extra package required B. advanced-tools C. routing D. dhcp
A. no extra package required
During a scan, in order to see all the available wireless frequencies that are supported by the card, the following option must be selected in the wireless card's "Frequency Mode": A. superchannel B. regulatory domain C. manual txpower
A. superchannel
Using wireless connect-list it's possible to prioritize connection to one Access Point over another Access Point by changing the order of the entries. A.False B. True
A.False
It is possible to create an encrypted PPPoE tunnel in RouterOS: A. True B. False
A.True
In MikroTik RouterOS, Layer3 communication between 2 hosts can be achieved by using an address subnet of: A. /31 B. /29 C. /32 D. /30
B. /29 C. /32 D. /30
What configuration is added by /ip Hot-Spot setup command? (select all that apply) A. /ip service B. /ip Hot-Spot user C. /ip Hot-Spot walled-garden D. /ip dhcp-server E. /queue tree
B. /ip Hot-Spot user D. /ip dhcp-server
Select valid MACaddress A. G2:60:CF:21:99:H0 B. 00:00:5E:80:EE:B0 C. AEC8:21F1:AA44:54FF:1111:DDAE:0212:1201 D. 192.168.0.0/16
B. 00:00:5E:80:EE:B0
Which computers would be able to communicate directly (without any routers involved): A. 192.168.17.15/29 and 192.168.17.20/28 B. 10.5.5.1/24 and 10.5.5.100/25 C. 10.10.0.17/22 and 10.10.1.30/23 D. 192.168.0.5/26 and 192.168.0.100
B. 10.5.5.1/24 and 10.5.5.100/25 C. 10.10.0.17/22 and 10.10.1.30/23
Which is a default baud-rate of currently manufactured RouterBOARDs? A. 9600 B. 115200 C. 38400 D. 11520
B. 115200
How many IP addresses can one find in the header of an IP packet? A. 4 B. 2 C. 3 D. 1
B. 2
How long is level 1 (free) license valid? A. 1 month B. 24 hours C. 1 year D. Infinite time
B. 24 hours
How many usable IP addresses are there in a 20bit subnet? A. 4096 B. 4094 C. 2046 D. 2048 E. 2047
B. 4094
The basic unit of a physical network (OSI Layer 1) is the: A. Frame B. Bit C. Byte D. Header
B. Bit
In which order are the entries in Access List and Connect List processed? A. By Signal Strength Range B. By interface name C. In sequence order D. In a random order
B. By interface name
When viewing the routes in Winbox, some routes will show "DAC" in the first column. These flags mean: A. Dynamic, Active, Console B. Dynamic, Active, Connected C. Direct, Available, Connected D. Dynamic, Available, Created
B. Dynamic, Active, Connected
When viewing the routes in Winbox, some routes will show "DAC" in the first column. These flags mean: A. Dynamic, Available, Created B. Dynamic, Active, Connected C. Direct, Available, Connected D. Dynamic, Active, Console
B. Dynamic, Active, Connected
Which of the following is true for connection tracking A. Connection tracking must be enabled for NAT'ed network B. Enabling connection tracking reduces CPU usage in RouterOS C. Disable connection tracking for mangle to work D. Connection tracking must be enabled to be able to use all firewall features
B. Enabling connection tracking reduces CPU usage in RouterOS D. Connection tracking must be enabled to be able to use all firewall features
You want to transfer existing '/ip firewall filter' configuration from one router to a new system. Choose the best possible way to do: A. Export global configuration and remove everything apart from '/ip firewall filter' B. Export only '/ip firewall filter' C. Create backup, edit backup file and restore on target router D. Create backup only of '/ip firewall filter' rules
B. Export only '/ip firewall filter'
One host on an internal network is accessing an external web page through a MikroTik router that is doing source NAT. Select correct statement about the packets that flow from that web page to the host ? A. Packets go through the input chain B. Packets go through the forward chain C. Packets go through the output chain D. Packets go through the input chain before the routing decision and after that through output chain
B. Packets go through the forward chain
What does the firewall action "Redirect" do? Select all true statements. A. Redirects a packet to a specified port on the router B. Redirects a packet to a specified IP C. Redirects a packet to the router D. Redirects a packet to a specified port on a host in the network
B. Redirects a packet to a specified IP D. Redirects a packet to a specified port on a host in the network
/interface wireless access-list is used for A. Handles a list of Client's MAC Address to permit/deny connection to AP B. Shows a list of Client's MAC Address that are already registered at AP C. Contains the security profiles settings D. Authenticate Hot-Spot users
B. Shows a list of Client's MAC Address that are already registered at AP
In which situations can Netinstall NOT be used to install a RouterBOARD? A. The router does not have an operating system B. The router is connected only to a wireless network C. You do not know the password of the router D. The router is connected only to a secondary Ethernet port
B. The router is connected only to a wireless network D. The router is connected only to a secondary Ethernet port
For a Simple Queue to apply a bandwidth restrictions on a bridged interface, following must be done: A. Configure an IP address on the bridge interface B. Use mangle to mark the connections C. Associate the Simple Queue to the bridge interface D. Enable 'Use IP Firewall' in bridge settings
B. Use mangle to mark the connections
Is it possible to limit how many clients are able to connect to an access point? A. No it's not possible at all B. Yes, but only with access-lists C. Yes
B. Yes, but only with access-lists
To use masquerade, you need to specify A. action=accept, out-interface, chain=src-nat B. action=masquerade, out-interface, chain=src-nat C. action=masquerade, in-interface, chain=src-nat D. action=masquerade, out-interface, chain=dst-nat
B. action=masquerade, out-interface, chain=src-nat
Collisions are possible in fullduplex Ethernet networks A. true B. false
B. false
In order to use dynamic keys in your wireless security profile for an AP, you MUST set up the dhcp server to provide the dynamic keys. A. true B. false
B. false
Router A and B are both running as PPPoE servers on different broadcast domains of your network. It is possible to set Router A to use "/ppp secret" accounts from Router B to authenticate PPPoE customers. A. true B. false
B. false
You have a DHCP server on your MikroTik router. The IP addresses 10.1.2.2-10.2.2.20 are distributed in the DHCP network. Additionally, 3 static IP address are defined for your servers: 10.1.2.31- 10.1.2.33. After a while 20 more IP addresses need to be distributed in the network. It is possible to distribute the extra IP address without adding another DHCP Server: A. True B. False
B. false
Which firewall chain would be used to block a client's MSN traffic on a router? A. static B. forward C. output D. input
B. forward
It is required to make a web server on a private LAN visible on the Public Internet. Only the web server port should be visible to the public. Which of the following configuration steps must be met. (select all that apply) A. Public IP address of the webserver must be installed on the NAT Router B. in ip firewall NAT there should be a dst-nat between the public ip of the router and the private ip of the webserver C. Connection Tracking must be enabled on NAT router D. A route between the NAT Router and the webserver must exist E. LAN address of the webserver should be routable on the internet
B. in ip firewall NAT there should be a dst-nat between the public ip of the router and the private ip of the webserver D. A route between the NAT Router and the webserver must exist
Which firewall chain you should use to filter SSH access to the router itself? A. output B. input C. prerouting D. forward
B. input
Consider the following network diagram. In R1, you have the following configuration: /ip route add dst-address=192.168.1.0/24 gateway=192.168.99.2 /ip firewall nat add chain=srcnat out-interface=Ether1 action=masquerade On R2, if you wish to prevent all access to a server located at 192.168.1.10 from LAN1 devices, which of the following rules would be needed? A. /ip firewall filter add chain=forward srcaddress=192.168.99.1 dst-address=192.168.1.10 action=drop B. /ip firewall filter add chain=forward srcaddress=192.168.0.0/24 dst-address=192.168.1.10 action=drop C. /ip firewall filter add chain=input srcaddress=192.168.99.1 dst-address=192.168.1.10 action=drop D. /ip firewall nat add chain=dstnat srcaddress=192.168.99.1 dst-address=192.168.1.10 action=drop
C. /ip firewall filter add chain=input srcaddress=192.168.99.1 dst-address=192.168.1.10 action=drop
MikroTik RouterOS commands can be run once a day by: A. /system watchdog B. /system cron C. /system scheduler
C. /system scheduler
A routing table has following entries: 0 dst-address=10.0.0.0/24 gateway=10.1.5.126 1 dst-address=10.1.5.0/24 gateway=10.1.1.1 2 dst-address=10.1.0.0/24 gateway=25.1.1.1 3 dst-address=10.1.5.0/25 gateway=10.1.1.2 Which gateway will be used for a packet with destination address 10.1.5.126? A. 10.1.1.1 B. 10.1.5.126 C. 10.1.1.2 D. 25.1.1.1
C. 10.1.1.2
DHCP server is configured on a router's ether1 interface. IP address 192.168.0.100/24 is assigned to the interface. Possible IP pools, that can be used by this DHCP server, are: A. 192.168.0.1-192.168.0.255 B. 192.169.0.1-192.169.0.254 C. 192.168.0.1-192.168.0.99 , 192.168.0.101-192.168.0.254 D. 192.168.0.1-192.168.0.14
C. 192.168.0.1-192.168.0.99 , 192.168.0.101-192.168.0.254
Which option in the configuration of a wireless card must be disabled to cause the router to permit ONLY known clients listed in the access list to connect? A. Security Profile B. Default Forward C. Enable Access List D. Default Authenticate
C. Enable Access List
You have a router with configuration - Public IP :202.168.125.45/24 - Default gateway:202.168.125.1 - DNS server: 248.115.148.136, 248.115.148.137 - Local IP: 192.168.2.1/24 Mark the correct configuration on client PC to access to the Internet A. IP:192.168.0.1/24 gateway:192.168.2.1 B. IP:192.168.2.253/24 gateway:202.168.0.1 C. IP:192.168.2.115/24 gateway: 192.168.2.1 D. IP:192.168.2.2/24 gateway:202.168.125.45 E. IP:192.168.1.223/24 gateway:248.115.148.136
C. IP:192.168.2.115/24 gateway: 192.168.2.1
What does this simple queue do (check the image)? A. Queue guarantees upload data rate of one megabit per second for host 192.168.1.10 B. Queue limits host 192.168.1.10 download data rate to one megabit per second. C. Queue limits host 192.168.1.10 upload data rate to one megabit per second. D. Queue guarantees download data rate of one megabit per second for host 192.168.1.10
C. Queue limits host 192.168.1.10 upload data rate to one megabit per second.
Which port does PPTP use by default? A. TCP 1721 B. UDP 1723 C. TCP 1723 D. UDP 1721
C. TCP 1723
Which is the default port of IP-Winbox? A. UDP 8291 B. TCP 80 C. TCP 8291 D. TCP 8192
C. TCP 8291
In which situations Netinstall can not be used to install RouterOS on a RouterBOARD? A. The router is connected only to a secondary Ethernet port B. The router does not have an operating system C. The router is connected only to a wireless network D. The password of the router is not known
C. The router is connected only to a wireless network
Why is it useful to set a Radio Name on the radio interface? A. To identify a station in the Access List B. To identify a station in Neighbor discovery C. To identify a station in a list of connected clients
C. To identify a station in a list of connected clients
Why is it useful to set a Radio Name on the radio interface? A. To identify a station in a list of connected clients B. To identify a station in Neighbor discovery C. To identify a station in the Access List:
C. To identify a station in the Access List:
How many layers does Open Systems Interconnection model have? A. 6 B. 9 C. 5 D. 7 E. 12
D. 7
In which order are the entries in Access List and Connect List processed? A. By Signal Strength Range B. In sequence order C. In a random order D. By interface name
D. By interface name