![MTCNA New Questions1 [PDF]](https://pdfs.asia/img/200x200/mtcna-new-questions1.jpg)
21 0 154 KB
1. Why is it useful to set a Radio Name on the radio interface? A. To identify a station in Neighbor discovery B. To identify a station in the Access List C. To identify a station in a list of connected clients 2. A RouterBOARD clock is configured in '/system clock'. The clock resets to default after each reboot. Select the best solution for the problem. A. Configure '/system ntp client' and set a valid and reachable NTP server address B. Open the router and ensure the CMOS battery is fine C. Write a script in '/system script' to set the clock D. Configure '/system ntp server' and set a valid and reachable NTP client address 3. Which port does PPTP use by default? A. UDP 1721 B. TCP 1723 C. UDP 1723 D. TCP 1721 4. Select how many different priority values are available for queues in MikroTik RouterOS: A. 1 B. 8 C. 16 D. 0 5. What is the meaning of the status letter "R" on a PPPoE client interface in RouterOS Interfaces menu?
A. Reconnecting B. Remote C. Running D. Radius 6. Action=redirect is applied in A. chain=forward B. chain=dstnat C. chain=srcnat 7. Which firewall chain should you use to filter ICMP packets from the router itself? A. output B. input C. postrouting D. forward 8. Where should you upload new MikroTik RouterOS version packages for upgrading router? A. FTP root directory or /files directory of the router B. System Backup menu C. System Package menu D. Any directory in /files 9. If ARP=reply-only is configured on an interface, this interface will
A. accept all IP addresses listed in '/ip arp' as static entries B. accept IP and MAC address combinations listed in '/ip arp' list C. add new IP addresses in '/ip arp' list D. accept all MAC-addresses listed in '/ip arp' as static entries E. add new MAC addresses in '/ip arp' list 10. To connect a MikroTik router to a wireless access point, you have to: A. Use the same radio name as on the access point B. Use the same band (5 GHz, 2.4 GHz, ...) as on the access point C. Use the same SSID as on the access point 11. What can be used as "Target" in the simple queue? A. Client IP address B. Client MAC address C. Server IP address D. Address list name 12. There are two routes in the routing table: 0 dst-addr=10.1.1.0/24 gateway=5.5.5.5 1 dst-addr=10.1.1.4/30 gateway=5.6.6.6 Which gateway will be used to get to the IP address 10.1.1.6? A. both - half of the traffic will be routed through one gateway, half through the other B. the required route is not in the routing table C. 5.5.5.5
D. 5.6.6.6 13. What action should be used to inform source that packets reached destination, but was not accepted ? A. action=tarpit B. action=accept C. action=reject D. action=drop 14. Which option in the configuration of a wireless card must be disabled to cause the router to permit ONLY known clients listed in the access list to connect?
A. Default Forward B. Default Authenticate C. Enable Access List D. Security Profile 15. The highest queue priority is A. 8 B. 16 C. 1 D. 256 16. In which order are the entries in Access List and Connect List processed? A. In a random order B. By interface name
C. In sequence order D. By Signal Strength Range 17. MikroTik RouterOS commands can be run once a day by: A. /system watchdog B. /system cron C. /system scheduler 18. For static routing functionality, additionally to the RouterOS 'system' package, you will also need the following software package: A. dhcp B. no extra package required C. routing D. advanced-tools 19. Netinstall can be used to A. Install package for different hardware architecture B. Install different software version (upgrade or downgrade) C. Keep configuration, but reset a lost admin password D. Reinstall software without losing licence 20. When viewing the routes in Winbox, some routes will show "DAC" in the first column. These flags mean:
A. Direct, Available, Connected B. Dynamic, Active, Connected
C. Dynamic, Available, Created D. Dynamic, Active, Console 21. Your Company has been assigned a 172.16.25.0/25 network from your ISP. What are the possible options to divide the network into subnets? A. one /23 and one /27 B. two times /24 C. four times /27 D. two times /26 22. In the Route List, the identification DAb for a route stands for A. dynamic - active - bgp B. direct - active - bgp C. dynamic - active - backup D. direct - acknowledge - backup 23. What is necessary for PPPoE client configuration? A. Interface (on which PPPoE client is going to work) B. Static IP address on PPPoE client interface C. ip firewall nat masquerade rule 24. Select the rule that is used to block SMTP protocol for clients connected to the LAN interface: A. /ip firewall filter add chain=forward dst-port=25 action=drop in-interface=LAN B. /ip firewall filter add chain=forward protocol=tcp dst-port=25 action=drop in-interface=LAN C. /ip firewall filter add chain=output protocol=tcp dst-port=25 action=drop in-interface=LAN
D. /ip firewall filter add chain=input protocol=tcp dst-port=25 action=drop in-interface=LAN 25. Destination NAT (chain dstnat, action dst-nat) can be used to: A. Change source port B. Direct users from the Internet to a server within your local network C. Change destination port D. Hide your local network from the Internet
1. What will happen if "Default forward" is disabled in wireless menu on a RouterOS AP? A. Clients will not be able to connect to the AP B. Clients will not be able to communicate with each other C. AP will not be able to communicate with the clients D. Only clients with matching access control list rule will be able to connect to the AP 2. What is the meaning of the status letter "R" on a PPPoE client interface in RouterOS Interfaces menu? A. Reconnecting B. Remote C. Running D. Radius 3. You have to connect to a RouterBOARD without any previous configuration. Select all possibilities to connect and do some basic configuration A. Serial Connection
B. Telnet C. Attach monitor/keyboard D. MAC-Winbox 4. Select statements that are true regarding the following command: /ip route add dst-address=172.16.4.0/24 gateway=192.168.4.2 A. The default administrative distance of 100 is used B. The command is used to configure the default route C. The command is used to establish a static route D. The subnet mask for the destination network is 255.255.255.0 5. What is the correct action for a NAT rule on a router that should intercept SMTP traffic and send it over to a specified mail server?
A. dst-nat B. tarpit C. passthrough D. redirect 6. The highest queue priority is A. 8 B. 256 C. 1 D. 16
7. What action should be used to inform source that packets reached destination, but was not accepted ? A. action=accept B. action=tarpit C. action=reject D. action=drop 8. A RouterBOARD clock is configured in '/system clock'. The clock resets to default after each reboot. Select the best solution for the problem.
A. Write a script in '/system script' to set the clock B. Configure '/system ntp server' and set a valid and reachable NTP client address C. Open the router and ensure the CMOS battery is fine D. Configure '/system ntp client' and set a valid and reachable NTP server address 9. Mark all packages required for PPPoE server on MikroTik RouterOS A. synchronous B. radius C. system D. ppp E. user-manager 10. Possible actions of ip firewall filter are: A. tarp
B. accept C. bounce D. log E. tarpit F. add-to-list 11. What does this simple queue do (check the image)?
A. Queue guarantees upload data rate of one megabit per second for host 192.168.1.10 B. Queue limits host 192.168.1.10 upload data rate to one megabit per second. C. Queue limits host 192.168.1.10 download data rate to one megabit per second. D. Queue guarantees download data rate of one megabit per second for host 192.168.1.10 12. Choose the correct PCQ argument values to allow 256kbps maximum download and upload for each client: A. kind=pcq pcq-rate=256000 pcq-classifier=dst-address B. kind=pcq pcq-rate=5000000 pcq-classifier=dst-address C. kind=pcq pcq-rate=256000 pcq-classifier=src-address D. kind=pcq pcq-rate=5000000 pcq-classifier=src-address E. kind=pcq pcq-rate=1256000 pcq-classifier=dst-address 13. Mark correct statement.
A. Backup files are not editable B. Export files are not editable C. Backup files are editable 14. A routing table has following entries: 0 dst-address=10.0.0.0/24 gateway=10.1.5.126 1 dst-address=10.1.5.0/24 gateway=10.1.1.1 2 dst-address=10.1.0.0/24 gateway=25.1.1.1 3 dst-address=10.1.5.0/25 gateway=10.1.1.2 Which gateway will be used for a packet with destination address 10.1.5.126?
A. 10.1.1.1 B. 10.1.5.126 C. 25.1.1.1 D. 10.1.1.2 15. PPP Secrets are used for A. PPTP clients B. PPPoE clients C. PPP clients D. IPsec clients E. L2TP clients
F. Router users 16. Which of the protocols below is used by Netinstall? A. bootp B. arp C. dhcp D. rarp 17. Which of the following would prevent unknown clients from connecting to your AP? Choose the BEST answer. A. Configure the radius server under '/radius' B. Uncheck 'Default Authenticate' in the wireless card configuration, and add each known client's MAC address to your access-list configuration ensuring that you enable 'authenticate' in the entry C. Add each known client's MAC address to your access-list configuration is the only step needed D. Check the 'Do not permit unknown client' box in the wireless configuration E. Uncheck 'Default Authenticate' in the wireless card configuration, and add each known client's MAC address to your connect-list configuration 18. The RouterOS graphing is used for A. real-time traffic and resource usage display B. bandwidth testing C. average traffic and resource usage display D. bandwidth limitation
19. Destination NAT (chain dstnat, action dst-nat) can be used to: A. Direct users from the Internet to a server within your local network B. Change destination port C. Hide your local network from the Internet D. Change source port 20. When using routing option 'check-gateway=ping' what is the ICMP echo request interval (in seconds)? A. 60s B. 10s C. 30s D. 20s 21. You can control bandwidth of a client connected to AP with the resource / interface wireless access-list ( assume the client uses MikroTik RouterOS).
true 22. What is possible with Netinstall? A. MikroTik RouterOS configuration reset B. MikroTik RouterOS password reset with saving router's configuration C. MikroTik RouterOS reinstall 23. Mark all the features that can be used for limiting client registrations to your access point: A. access-list
B. wpa C. WDS D. registration-table 24. By default info, error and warning messages are logged into memory of your RouterOS device. You can add logging of visited web-pages and other message topics
25. Which port does PPTP use by default? A. UDP 1723 B. TCP 1721 C. UDP 1721 D. TCP 1723
1. What does the firewall action "Redirect" do? Select all true statements. A. Redirects a packet to a specified port on a host in the network B. Redirects a packet to a specified port on the router C. Redirects a packet to the router D. Redirects a packet to a specified IP 2. What kind of users are listed in the "/user" menu? A. wireless users B. hotspot users C. router users
D. pptp users 3. It is required to make a web server residing on a private subnet in a LAN visible on the public Internet. Only the web server port should be visible to the public. Which of the following configuration steps must be met (select all that apply): A. The private IP address of the web server should be routable on the Internet B. The public IP address of the web server must be installed on the router C. In IP firewall NAT there should be a dst-nat rule between the public IP address of the router and the private IP of the web server D. A route between the router and the web server must exist E. Connection tracking must be enabled on the router 4. For static routing functionality, additionally to the RouterOS 'system' package, you will also need the following software package: A. no extra package required B. routing C. advanced-tools D. dhcp 5. Which configuration menu should you use to change router's Winbox default port? A. /system resource B. /ip service C. /ip firewall service-ports D. /ip firewall filter 6. Which port does PPTP use by default? A. UDP 1721
B. TCP 1723 C. TCP 1721 D. UDP 1723 7. What is the correct action for a NAT rule on a router that should intercept SMTP traffic and send it over to a specified mail server?
A. dst-nat B. passthrough C. tarpit D. redirect 8. In RouterOS queue configurations the word "total" usually represents A. download - upload B. download C. upload + download D. upload 9. Which of the following is used in standard 802.11 wireless networks? A. FDD B. CDMA C. CSMA/CA D. CSMA/CD 10. How many wireless clients can connect, when wireless card is configured to mode=bridge ?
A. 2007 B. 2 C. 100 D. 1 11. Which of the following Routes statuses are possible? A. S = Static B. C = Connected C. D = Drop D. A = Active 12. Select the rule that is used to block SMTP protocol for clients connected to the LAN interface: A. /ip firewall filter add chain=output protocol=tcp dst-port=25 action=drop in-interface=LAN B. /ip firewall filter add chain=forward dst-port=25 action=drop in-interface=LAN C. /ip firewall filter add chain=forward protocol=tcp dst-port=25 action=drop in-interface=LAN D. /ip firewall filter add chain=input protocol=tcp dst-port=25 action=drop in-interface=LAN 13. What is the meaning of the status letter "R" on a PPPoE client interface in RouterOS Interfaces menu? A. Remote B. Reconnecting C. Radius D. Running
14. In which order are the entries in Access List and Connect List processed? A. By Signal Strength Range B. In a random order C. By interface name D. In sequence order 15. How many usable IP addresses are there in a 23-bit (255.255.254.0) subnet? A. 510 B. 508 C. 254 D. 512 16. You have to connect to a RouterBOARD without any previous configuration. Select all possibilities to connect and do some basic configuration A. Serial Connection B. Telnet C. Attach monitor/keyboard D. MAC-Winbox 17. In the Route List, the identification DAb for a route stands for A. dynamic - active - backup B. dynamic - active - bgp C. direct - active - bgp D. direct - acknowledge - backup
18. If ARP=reply-only is configured on an interface, this interface will A. add new IP addresses in '/ip arp' list B. add new MAC addresses in '/ip arp' list C. accept all IP addresses listed in '/ip arp' as static entries D. accept all MAC-addresses listed in '/ip arp' as static entries E. accept IP and MAC address combinations listed in '/ip arp' list 19. Simple Queue number 0 defines 2M for upload and download for target IP 10.10.0.33. Simple Queue number 1 defines 4M for upload and download for target IP 10.10.0.33. The maximum bandwidth that the client 10.10.0.33 is be able to obtain is: A. 4M upload/download B. 2M upload/download C. 0M upload/download D. 6M upload/download 20. What can be used as "Target" in the simple queue? A. Client MAC address B. Address list name C. Client IP address D. Server IP address 21. What is necessary for PPPoE client configuration? A. Interface (on which PPPoE client is going to work) B. ip firewall nat masquerade rule
C. Static IP address on PPPoE client interface 22. Evaluate the following information: Access Point configuration: -- wlan1 is in 'AP-Bridge' mode -- Bridge1 has wlan1 and ether1 as ports CPE configuration: -- wlan1 is in 'Station-Bridge' mode -- Bridge1 has wlan1 and ether1 as ports Select protocols that will pass from ether1 on the CPE to ether1 on the Access Point. A. PPPoE B. IPv4 C. IPv6 D. USB E. Firewire F. ARP G. DHCP H. BGP 23. The 'check-gateway' option is enabled for one route. Select all statements that are true: A. Gateway is checked every 10 seconds and after 2 failures, the gateway is considered unreacheable B. Check gateway option can be configured for Ping, ARP and RARP (reverse ARP) C. Gateway is checked every 10 seconds and after a single failure, the gateway is considered unreacheable D. In case of failure of the gateway, routes pointing to that gateway will become inactive 24. Possible actions of ip firewall filter are:
A. tarp B. add-to-list C. accept D. bounce E. tarpit F. log 25. A client that has successfully connected to a wireless network is considered to be which of the following? Choose all that apply: A. Associated B. Unauthenticated C. Authenticated D. Unassociated
1. Which port does PPTP use by default? A. TCP 1723 B. TCP 1721 C. UDP 1721 D. UDP 1723 2. How long is level 1 (free) license valid? A. 24 hours B. 1 year
C. Infinite time D. 1 month 3. To apply bandwidth restrictions using Simple queue on traffic that travels from one bridge port to another bridge port within the same bridge interface, following must be done: A. Use mangle to mark the connections B. Configure an IP address on the bridge interface C. Enable 'Use IP Firewall' in bridge settings D. Associate the Simple queue to the bridge interface 4. MikroTik RouterOS commands can be run once a day by: A. /system watchdog B. /system scheduler C. /system cron 5. DHCP server is configured on a routers ether1 interface. IP address 192.168.0.100/24 is assigned to the interface. Correct IP pool configuration, that can be used by this DHCP server, is: A. 192.168.0.1-192.168.0.14 B. 192.168.0.1-192.168.0.255 C. 192.169.0.1-192.169.0.254 D. 192.168.0.1-192.168.0.99,192.168.0.101-192.168.0.254 6. Select statements that are true regarding the following command: /ip route add dst-address=172.16.4.0/24 gateway=192.168.4.2 A. The command is used to configure the default route
B. The subnet mask for the destination network is 255.255.255.0 C. The command is used to establish a static route D. The default administrative distance of 100 is used 7. For static routing functionality, additionally to the RouterOS 'system' package, you will also need the following software package: A. advanced-tools B. routing C. dhcp D. no extra package required 8. What kind of packet is marked by connection-state=established matcher? A. Packet begins a new TCP connection B. Packet does not correspond to any known connection C. Packet belongs to an existing connection, for example a reply packet or a packet which belongs to already replied connection D. Packet is related to, but not part of an existing connection 9. What is the minimal required wireless configuration needed to be set (after interface configuration is reset) to create an access point? A. DFS mode B. WDS C. scan-list
D. mode E. SSID F. band G. radio name H. frequency 10. What is the meaning of the status letter "R" on a PPPoE client interface in RouterOS Interfaces menu? A. Radius B. Reconnecting C. Remote D. Running 11. Assuming a functional wireless interface is present and working, is it possible to create a wireless access point with a RouterOS level 5 licence? A. No, only with level 6 licence B. No, only with level 4 licence C. Yes D. No, only with level 3 license 12. Which is the default port of IP-Winbox? A. UDP 8291 B. TCP 8192 C. TCP 8291
D. TCP 80 13. What is the correct action for a NAT rule on a router that should intercept SMTP traffic and send it over to a specified mail server?
A. tarpit B. redirect C. passthrough D. dst-nat 14. Consider the following network diagram. In R1, you have the following configuration: /ip route add dst-address=192.168.1.0/24 gateway=192.168.99.2 /ip firewall nat add chain=srcnat out-interface=Ether1 action=masquerade On R2, if you wish to prevent all access to a server located at 192.168.1.10 from LAN1 devices, which of the following rules would be needed?
A. /ip firewall filter add chain=forward srcaddress=192.168.0.0/24 dst-address=192.168.1.10 action=drop B. /ip firewall filter add chain=forward srcaddress=192.168.99.1 dst-address=192.168.1.10 action=drop C. /ip firewall filter add chain=input srcaddress=192.168.99.1 dst-address=192.168.1.10 action=drop D. /ip firewall nat add chain=dstnat srcaddress=192.168.99.1 dst-address=192.168.1.10 action=drop 15. Which route will be used to reach host 192.168.1.55? /ip route add disabled=no distance=1 dst-address=192.168.1.0/24 gateway=1.1.1.1 add disabled=no distance=1 dst-address=192.168.1.0/25 gateway=2.2.2.2
add disabled=no distance=1 dst-address=192.168.0.0/16 gateway=3.3.3.3 A. Route via gateway 2.2.2.2 B. Route via gateway 3.3.3.3 C. Route via gateway 1.1.1.1 16. Select minimal set of software packages in RouteOS required to configuring a wireless AP
A. wireless B. advanced-tools C. system D. dhcp E. routing 17. The RouterOS graphing is used for A. real-time traffic and resource usage display B. average traffic and resource usage display C. bandwidth limitation D. bandwidth testing 18. The 'connect-list' of wireless interfaces is used A. for specifying APs not to connect to B. for preventing communications between the clients C. for specifying APs to connect to
D. for configuring SSID on the interface 19. DHCP server can serve clients without using IP address pool yes 20. Which of the following Routes statuses are possible? A. S = Static B. D = Drop C. C = Connected D. A = Active 21. Where should you upload new MikroTik RouterOS version packages for upgrading router? A. System Backup menu B. FTP root directory or /files directory of the router C. Any directory in /files D. System Package menu 22. What will happen if "Default forward" is disabled in wireless menu on a RouterOS AP? A. Clients will not be able to communicate with each other B. AP will not be able to communicate with the clients C. Clients will not be able to connect to the AP D. Only clients with matching access control list rule will be able to connect to the AP 23. Possible actions of ip firewall filter are: A. tarp
B. accept C. bounce D. add-to-list E. tarpit F. log 24. What is necessary for PPPoE client configuration? A. ip firewall nat masquerade rule B. Static IP address on PPPoE client interface C. Interface (on which PPPoE client is going to work) 25. What does this simple queue do (check the image)? A. Queue limits host 192.168.1.10 upload data rate to one megabit per second. B. Queue guarantees upload data rate of one megabit per second for host 192.168.1.10 C. Queue limits host 192.168.1.10 download data rate to one megabit per second. D. Queue guarantees download data rate of one megabit per second for host 192.168.1.10
1. Possible actions of ip firewall filter are: A. accept B. tarpit
C. bounce D. log E. add-to-list F. tarp 2. You can control bandwidth of a client connected to AP with the resource / interface wireless access-list ( assume the client uses MikroTik RouterOS).
3. What does the firewall action "Redirect" do? Select all true statements. A. Redirects a packet to a specified IP B. Redirects a packet to a specified port on a host in the network C. Redirects a packet to a specified port on the router D. Redirects a packet to the router 4. Choose the correct PCQ argument values to allow 256kbps maximum download and upload for each client: A. kind=pcq pcq-rate=1256000 pcq-classifier=dst-address B. kind=pcq pcq-rate=5000000 pcq-classifier=dst-address C. kind=pcq pcq-rate=256000 pcq-classifier=src-address D. kind=pcq pcq-rate=256000 pcq-classifier=dst-address E. kind=pcq pcq-rate=5000000 pcq-classifier=src-address 5. When using routing option 'check-gateway=ping' what is the ICMP echo request interval (in seconds)? A. 60s
B. 20s C. 10s D. 30s 6. In the Route List, the identification DAb for a route stands for A. direct - acknowledge - backup B. dynamic - active - bgp C. dynamic - active - backup D. direct - active - bgp 7. A wireless interface 'wlan1' is added to a bridge interface 'br-lan'. To enable dhcp-server for wireless interface 'wlan1', on which interface should dhcp-server be configured?
A. On 'wlan1' B. On both 'br-lan' and 'wlan1' C. The dhcp-server cannot be enabled neither on 'wlan1', nor on 'br-lan' D. On 'br-lan' 8. What is necessary for PPPoE client configuration? A. ip firewall nat masquerade rule B. Interface (on which PPPoE client is going to work) C. Static IP address on PPPoE client interface 9. Mark all correct statements about command 'export file={name of the script file}' : A. Full configuration of the router (without RouterOS user
passwords) can be exported B. Export files can not be edited C. Only part of the configuration (for example /ip firewall) can be exported D. Log entries from /log print can be exported 10. Which route will be used to reach host 192.168.1.55? /ip route add disabled=no distance=1 dst-address=192.168.1.0/24 gateway=1.1.1.1 add disabled=no distance=1 dst-address=192.168.1.0/25 gateway=2.2.2.2 add disabled=no distance=1 dst-address=192.168.0.0/16 gateway=3.3.3.3 A. Route via gateway 1.1.1.1 B. Route via gateway 2.2.2.2 C. Route via gateway 3.3.3.3 11. Which of the following would prevent unknown clients from connecting to your AP? Choose the BEST answer. A. Uncheck 'Default Authenticate' in the wireless card configuration, and add each known client's MAC address to your connect-list configuration B. Configure the radius server under '/radius' C. Add each known client's MAC address to your access-list configuration is the only step needed D. Uncheck 'Default Authenticate' in the wireless card configuration, and add each known client's MAC address to your access-list configuration ensuring that you enable 'authenticate' in the entry E. Check the 'Do not permit unknown client' box in the wireless configuration
12. To block communications between wireless clients connected to the same access point interface, you should set A. 'default-forwarding=no' B. 'max-station-count=1' C. 'default-authentication=no' D. 'default-authentication=no' and 'default-forwarding=no' 13. Netinstall can be used to A. Install different software version (upgrade or downgrade) B. Install package for different hardware architecture C. Keep configuration, but reset a lost admin password D. Reinstall software without losing licence
