Académique Documents
Professionnel Documents
Culture Documents
3. A MikoTik PPPoE Server can be used only within a broadcast domain, that is, users can
not run PPPoE protocol with a server if there is a router between the customer and that
PPPoE server.
TRUE/FALSE
4. What is the minimal possible wireless configuration to create an Access Point? (ONE)
A. ssid
B. DFS mode
C. radio name
D. scan-list
E. band
F. WDS
G. frequency
H. mode
7. You want to use PCQ and allow 256k maximum download and upload for each client.
Choose correct argument values for the required queue. (MULTI)
A. kind=pcq pcq-limit=256000 pcq-classifier=dst-address
B. kind=pcq pcq-limit=1256000 pcq-classifier=dst-address
C. kind=pcq pcq-limit=5000000 pcq-classifier=dst-address
D. kind=pcq pcq-limit=256000 pcq-classifier=src-address
E. kind=pcq pcq-limit=5000000 pcq-classifier=src-address
10. If a packet comes to a router and starts a new, previously unseen connection, which
connection state would be applied to it? (ONE)
A. established
B. unknown
C. new
D. invalid
E. no connection state would be applied to such packet
11. How many usable IP addresses are there in a 20-bit subnet? (ONE)
A. 2047
B. 4094
C. 2048
D. 2046
E. 4096
12. Hotspot ip-binding is used to allow access to Internet web servers specifing the IP
address of the web server instead of the URL.
TRUE/FALSE
14. When viewing the routes in Winbox, some routes will show "DAC" in the first column.
These flags mean: (MULTI)
A. Dynamic,Available,Created
B. Dynamic,Active,Console
C. Direct,Available,Connected
D. Dynamic,Active,Connected
17. You wish to secure your RouterOS system. You do not want the RouterOS to be
discoverable using MNDP or CDP locally. You also want to deny management via the MAC
addresses on all interfaces. Select the correct actions to accomplish this. (MULTI)
A. Remove/Disable the Interfaces
B. Add a Deny All input firewall rule
C. Place a proper input firewall rule to block mac discovery
D. Place a proper forward firewall rule to block mac discovery
E. Remove/Disable all discovery interfaces
F. Remove/Disable all interfaces under mac-server telnet
G. Remove/Disable all interfaces under mac-Server winbox
18. You need to redirect a browser page from a search of "xxx" in google to another website such
as www.mikrotik.com
19. Is it possible to have PPTP Client and PPTP server on one MikroTik router at the same time?
TRUE/FALSE
20. In which situations can Netinstall NOT be used to install a RouterBOARD? (MULTI)
A. The router does not have an operating system
B. The router is connected only to a secondary Ethernet port
C. You do not know the password of the router
21. Check the allowed input formats for wireless scan-list. (MULTI)
A. 5500 5700
B. 5500 - 5700
C. 5500/5700
D. 5500,5700
E. 5500-5700
23. In case when router login password is lost, it is necessary to reinstall RouterOS or use
hardware reset funcion.
TRUE/FALSE
24. You would like to allow multiple logins with one user name on a HotSpot server. How
should this be configured? (MULTI)
A. Set "Shared Users" option at /ip hotspot
B. It's not possible
C. Set "only-one=no' at /ip hotspot
D. Set "Shared Users" option at /ip hotspot user profile
26. Which rule is used to block SMTP protocol from Lan interface for clients? (ONE)
A. /ip firewall filter add chain=forward protocol=tcpdst-port=25 action=drop in-interface=Lan
B. /ip firewall filter add chain=input protocol=tcpdst-port=25 action=drop in-interface=Lan
C. /ip firewall filter add chain=forward dst-port=25 action=drop in-interface=Lan
D. /ip firewall filter add chain=output protocol=tcpdst-port=25 action=drop in-interface=Lan
B. 16
C. 8
D. 256
28. A client uses a RouterBOARD1000.The clock is configured in '/system clock'. The clock resets
to default after each reboot.
Select the best solution for the problem. (MULTI)
A. Configure '/system ntp server' and set a valid and reachable NTP client address.
B. Configure '/system ntp client' and set a valid and reachable NTP server address.
C. Write a script in '/system script' to set the clock
D. Open the router and ensure the CMOS battery is fine
29. When backing up your router by using the 'Export' command, the following happens:
(MULTI)
A. You are requested to give the export file a name
B. Winbox usernames and passwords are backed up
C. The Export file can be edited with a standard text editor after its creation
31. Define a routing loop (choose the most precise description) (ONE)
A. situation where the TTL of the packet expires
B. situation where the packet is routed through the same router twice
C. Situation where the packet does not reach it\'s destination
D. situation where the packet is routed through the same sequence of routers until the TTL expires
33. The basic unit of a physical network (OSI Layer 1) is the: (ONE)
A. Byte
B. Header
C. Bit
D. Frame
34. Which of the following would prevent unknown clients from connecting to your AP?
Choose the BEST answer. (ONE)
A. Uncheck "Default Authenticate" in the wireless card configuration, and add each known client's MAC
address to your access-list configuration ensuring that you enable "authenticate" in the entry
B. Add each known client's MAC address to your access-list configuration is the only step needed
C. Configure the radius server under "/radius"
D. Check the "Do not permit unknown client" box in the wireless configuration
E. Uncheck "Default Authenticate" in the wireless card configuration, and add each known client's MAC
address to your connect-list configuration
35. You want to share the same user and password for different computers. Which menu is
used for configuration? (MULTI)
A. /ip hotspot walled-garden
B. /ip hotspot user profile
C. /ip hotspot profile
D. /ip hotspot ip-binding
36. You can not use OSPF and RIP routing protocols simultaneously on the RouterOS.
TRUE/FALSE
37. When adding a user to your local ppp secrets/ppp profiles database, it is possible to
(MULTI)
A. Allow/deny use of more than one login by this user
B. Set max values for total transferred bytes (up- and download)
C. Allow login by pppoe and pptp, but deny login by l2tp
D. Deny services (like telnet) only for this user or for one group of users
E. Allow only pppoe login
38. What is true about Bandwidth Test Tool? (select all that apply) (MULTI)
A. Only work on MikroTik Router OS
B. Can be downloaded on default router webpage
C. Tests throughput between two MikroTik devices
D. Can be used to monitor throughput to a remote device
39. Using wireless connect-list it’s possible to prioritize connection to one Access Point over
another Access Point by changing the order of the entries.
TRUE/FALSE
41. Mark all packages required for PPPoE server on MikroTikRouterOS (MULTI)
A. synchronous
B. radius
C. user-manager
D. ppp
E. system
43. It is required to make a web server on a private LAN visible on the Public Internet. Only
the web server port should be visible to the public. Which of the following configuration
steps must be met. (select all that apply) (MULTI)
A. A route between the NAT Router and the webserver must exist
B. Connection Tracking must be enabled on NAT router
C. LAN address of the webserver should be routable on the internet
D. in ip firewall NAT there should be a dst-nat between the public ip of the router and the private ip of the
webserver
E. Public IP address of the webserver must be installed on the NAT Router
44. A backup file from a MikroTik router is stored in plain text format
TRUE/FALSE
45. What configuration is added by /ip hotspot setup command? (select all that apply)
(MULTI)
A. /queue tree
B. /ip hotspot walled-garden
C. /ip hotspot user
D. /ip service
E. /ipdhcp-server
47. What action should be used to inform source that packets reached destination, but was
not accepted ? (ONE)
A. action=accept
B. action=drop
C. action=tarpit
D. action=reject
48. In which order are the entries in Access List and Connect List processed? (ONE)
A. By Signal Strength Range
B. In sequence order
C. In a random order
D. By interface name
49. You want to skip HotSpot (authorization, accounting, etc.) for a specific host. What
should you use? (ONE)
A. /ip hotspot walled-garden ip
B. /ip hotspot walled-garden
C. /ip address
D. /ip hotspot ip-binding
50. Two mangle rules defining different mangle marks for the same traffic type, will make it
have both mangle marks.
TRUE/FALSE
51. Which firewall chain should you use to filter ICMP packets from the router itself? (ONE)
A. input
B. forward
C. output
D. postrouting
52. When adding a static route, you must always ensure that you add both the gateway and
the interface.
TRUE/FALSE
53. What does this simple queue do (check the image)? (ONE)
A. Queue limits host 192.168.1.10 download data rate to one megabit per second.
B. Queue guarantees download data rate of one megabit per second for host 192.168.1.10
C. Queue guarantees upload data rate of one megabit per second for host 192.168.1.10
D. Queue limits host 192.168.1.10 upload data rate to one megabit per second.
54. Router A and B are both running as PPPoE servers on different broadcast domains of
your network. Is it possible to set Router A to use "/ppp secret" accounts from Router B to
authenticate PPPoE customers ?
TRUE/FALSE
55. Is it possible for a client to get an IP address but no gateway after a successful DHCP
request?
TRUE/FALSE
56. A network ready device is directly connected to a MikroTik RouterBOARD 750 with a
correct U.T.P. RJ45 functioning cable. The device is configured with an IPv4 address of
192.168.100.70 using a subnet mask of 255.255.255.252. What will be a valid IPv4 address
for the RouterBOARD 750 for a successful connection to the device? (MULTI)
A. 192.168.100.68/255.255.255.252
B. 192.168.100.69/255.255.255.252
C. 192.168.100.71/255.255.255.252
D. 192.168.100.70/255.255.255.252
57. The gateway router is configured with a transparent proxy with the following parameters:
When the user is opening www.mt.lv, what is shown in the browser? (ONE)
A. www.mt.lv
B. forum.mikrotik.com
C. www.mikrotik.com
58. Simple Queue number 0 defines 2M for upload and download for target IP 10.10.0.33.
Simple Queue number 1 defines 4M for upload and download for target IP 10.10.0.33. Client
10.10.0.33 is be able to obtain (MULTI)
A. 4M upload/download
B. 6M upload/download
C. 0M upload/download
D. 2M upload/download
60. Where should you upload new MikroTik RouterOS version packages for upgrading
router? (ONE)
A. Any directory in /files
B. System Backup menu
C. FTP root directory or files directory of the router
D. System package menu
61. When sending out an ARP request, an IP host is expecting what kind of address for an
answer? (MULTI)
A. VLAN ID
B. MAC Address
C. IP address
D. 802.11g
62. Is it possible to create a custom firewall chain and use it in both input and forward
chains at the same time?
TRUE/FALSE
63. The following image shows a RouterOS Wireless Access List configuration.
Wireless interface "Default Authenticate" is unchecked. What will happen with clients
connecting to this AP? (ONE)
A. No client is able to connect to the Wireless Access Point.
B. 00:0C:42:61:6C:90 client will connect to wlan1
C. 00:0C:42:31:38:A2 will connect to wlan1 when the signal strength is greater than -60
D. Client with mac-address 00:0C:42:31:38:A2 will connect to wlan1
64. HotSpot is required on the interfaces ether2, ether3, wlan1 (in ap-bridge mode).
These interfaces are bridged in the bridge1 interface.
Which interface should the HotSpot server be configured on? (ONE)
A. On wlan1 interface
B. On bridge1 interface
C. On ether3 interface
D. On ether2 interface
67. What kind of users are listed in the Secrets window of the PPP menu? (MULTI)
A. pptp users
B. winbox users
C. wireless users
D. l2tp users
E. pppoe users
F. hotspot users
68. For static routing functionality, additionally to the RouterOS system package, you will
also need the following software package: (ONE)
A. routing
B. dhcp
C. none
D. advanced-tools
71. MikroTik RouterOS is sending logs to an external syslog server. Which protocol and port is
used by RouterOS for sending logs (by default)?
A. UDP 514
B. UDP 21
C. TCP 110
D. UDP 113
72. When "Cache On Disk" is not checked under the web proxy settings, where does the data get
stored?
A. RAM (Memory)
B. System Disk
C. USB Disk
D. It does not get stored
74. RouterOS DHCP server is able to send any DHCP options (specified in RFCs) to DHCP
clients
TRUE/FALSE
78. What letters appear next to a route, which is automatically created by RouterOS when user
adds a valid address to an active interface?
A. I
B. S
C. D
D. A
E. C
79. There is an HTTP server 10.0.0.1 in your private network. You have made a DST-NAT rule
that sends all HTTP traffic received on your router's address 80.232.50.100 to this server. If you
make a firewall rule on the router to disallow address 159.148.20.30 to communicate with the
server, how would you identify this communication in this rule?
A. src-address=80.232.50.100 dst-address=10.0.0.1
B. src-address=159.148.20.30 dst-address=80.232.50.100
C. src-address=159.148.20.30 dst-address=10.0.0.1
D. src-address=80.232.50.100 dst-address=159.148.20.30
80. Choose all valid hosts address range for subnet 15.242.55.62/27
A. 15.242.55.32-15.242.55.63
B. 15.242.55.33-15.242.55.63
C. 15.242.55.31-15.242.55.62
D. 15.242.55.33-15.242.55.62
82. Is it possible to limit how many clients are able to connect to an access point?
A. Yes
B. No it's not possible at all
C. Yes, but only with access-lists
83. Can you manually add drivers to RouterOS in case your PCI Ethernet card is not recognized,
and you suspect it is a driver issue?
YES/NO
84. A station can connect to AP if they both use different country regulation settings, but the
frequency chosen is allowed in both countries
TRUE/FALSE
85. You want to create an access point for several laptop (non-RouterOS) clients. Select all
options you can set on the MikroTik wireless interface:
A. mode=ap-bridge
B. Nstreme to optimize link
C. mode=bridge
D. Security profile for WPA encryption
86. It it possible to use the MikroTik Nstreme protocol with Windows wireless clients, if they
install a special driver that can be downloaded from the MikroTik webpage?
TRUE/FALSE
87. Making use of a narrower channel width such as 10MHz or 5MHz will increase your wireless
link speed.
TRUE/FALSE
88. It is necessary to configure a local DNS server to be able to give out a DNS setting to clients
via DHCP server.
TRUE/FALSE
90. You can control bandwidth of a client connected to AP with the resource / interface wireless
access-list ( assume the client uses MikroTik RouterOS).
TRUE/FALSE
91. Is it possible that the same IP address is included in multiple address lists and still be used by
these multiple address lists?
TRUE/FALSE
95. Choose the best option to offer hotspot access to a known wireless client without HotSpot
authentication
A. /ip hotspot ip-binding
B. /ip firewall mangle
C. place Client registered MAC address in access list
D. /ip hotspot walled garden
96. Configuring HotSpot is possible on MikroTik RouterOS only with a wireless interface.
TRUE/FALSE
99. Which gateway will be used for a packet with destination address 10.1.5.126?
A. 25.1.1.1
B. 10.1.1.1
C. 10.1.5.126
D. 10.1.1.2
101. You have 802.11b/g wireless card. What frequencies are available to you?
A. 5800MHz
B. 2412MHz
C. 5210MHz
D. 2422MHz
E. 2327MHz
103. What wireless card can we use to achieve 100 Mbps actual wireless throughput?
A. 802.11 b/g
B. 802.11 a/b/g
C. 802.11 a
D. 802.11 a/n
E. 802.11 a/b/g/n
106. Which is correct masquerade rule for 192.168.0.0/24 network on the router with outgoing
interface=ether1?
A. /ip firewall nat add action=masquerade chain=srcnat
B. /ip firewall nat add action=masquerade chain=srcnat src-address=192.168.0.0/24
C. /ip firewall nat add action=masquerade out-interface=ether1 chain=dstnat
D. /ip firewall nat add action=masquerade chain=srcnat out-interface=ether1
108. Which are necessary sections in /queue simple to set bandwidth limitation?
A. target-address, max-limit
B. target-address, dst-address, max-limit
C. target-address, dst-address
D. max-limit
110. From which of the following locations can you obtain Winbox?
A. Router’s webpage
B. Files menu in your router
C. Via the console cable
D. mikrotik.com
111. Two hosts, A and B, are connected to a broadcast LAN. Select all the answers showing pairs
of IP address/mask which would allow IP connections to be established between the two hosts.
A. A: 10.1.2.66/25 and B: 10.1.2.109/26
B. A: 10.2.2.1/23 and B: 10.2.0.1/22
C. A: 10.1.2.192/24 and B: 10.1.2.129/26
D. A: 10.2.1.0/23 and B: 10.2.0.1/22
114. The HotSpot feature can be used only on ethernet interfaces. You have to use a separate
access point if you want to use this feature with wireless.
TRUE/FALSE
115. If you need to make sure that one computer in your HotSpot network can access the Internet
without HotSpot authentication, which menu allows you to do this?
A. Users
B. IP bindings
C. Walled-garden
D. Walled-garden IP
116. How many different priorities can be selected for queues in MikroTik RouterOS?
A. 8
B. 16
C. 0
D. 1
120. To make all DNS requests coming from your network to resolve on your router (regardless of
the clients’ configuration), which action would you specify for the DST-NAT rule?
A. masquerade
B. dst-nat
C. you can’t use DST-NAT to achieve this
D. redirect
121. Which software version can be installed onto the following RouterBoard types?
A. routeros-x86-x.xx.npk on a RB1100
B. routeros-mipsbe-x.xx.npk on a RB133
C. routeros-mipsle-x.xx.npk on RB133
D. routeros-powerpc-x.xx.npk on a RB333
E. routeros-mipsbe-x.xx.npk on a RB433
123. WPA 2 Pre-Shared Key (PSK) is enabled on AP, all your clients have to use the same
PSK. Only Virtual AP could be used to allow clients to connect with a different PSK.
TRUE/FALSE
124. Which of the following actions are available for ‘/ip firewall mangle’ (select all valid actions)
A. change MSS
B. mark connection
C. accept
D. jump
E. drop
F. mark packet
125. OSFP area ID does not need to be unique within the AS.
TRUE/FALSE
166. Mode wireless apakah yang bisa digunakan untuk mengkonfigurasikan WDS?
A. ap-bridge
B. nstreme-dual-slave
C. bridge
D. station-wds
E. station
126. Check all of the DHCP Server Options that are implemented for DHCP-Client and not Custom.
A. WINS Server
B. ntp server
C. DNS Server
D. subnet mask
E. tftp
F. gateway
127. Anda akan menyimpan website yang telah dikunjungi ke dalam sebuah log dari web proxy.
Manakah konfigurasi yang benar ?
A. /system logging add topics=web-proxy,debug action=memory
B. /system logging add topics=web-proxy,!debug action=memory
C. /system logging add topics=web-proxy,!debug action=remote
D. /system logging add topics=web-proxy,!debug action=disk
129. Mark queue type that uses fairness principle between sub-queues, allows users to choose
classifier for sub-queues, and apply a limit to each sub-queue
A. SFQ
B. RED
C. PCQ
D. BFIFO
130. An IP address pool can contain addresses from more than one subnet.
TRUE/FALSE
If queues “C1″ and “D2″ will not require any traffic, how the total available traffic is going to be
distributed in the worst case scenario?
A. queue “C2″ will get 3M, “C3″ 2M, “D1″ 4M
B. queue “C2″ will get 2M, “C3″ 5M, “D1″ 3M
C. queue “C2″ will get 4M, “C3″ 2M, “D1″ 4M
D. queue “C2″ will get 2M, “C3″ 3M, “D1″ 5M
E. queue “C2″ will get 3M, “C3″ 3M, “D1″ 4M
/ip route
add gateway=1.1.1.1
add gateway=2.2.2.2 routing-mark=web
What can be said about the Web Access (port 80) by a customer connected at ether3 interface
with IP 192.168.10.2/24, gateway 192.168.10.1 ?
A. The customer will access the Web using the gateway 2.2.2.2
B. The Customer is unable to access the Web.
C. The Customer will access the Web by ECMP, by using both gateways 1.1.1.1 and 2.2.2.2
D. The customer will access the Web using the gateway 1.1.1.1
136. Which options should be used when you want to prevent access from one specific address to
your router web interface?
A. Group settings for System users
B. Firewall Filter Chain Input
C. Firewall Filter Chain Forward
D. WWW service from IP Services
137. You need to save visited web-pages to memory logs from web-proxy. Which is the correct
configuration?
A. /system logging add topics=web-proxy,debug action=memory
B. /system logging add topics=web-proxy,!debug action=disk
C. /system logging add topics=web-proxy,!debug action=remote
D. /system logging add topics=web-proxy,!debug action=memory
138. By default info, error and warning messages are logged into memory of your RouterOS
device. You can add logging of visited web-pages and other message topics
TRUE/FALSE
139. Which options are necessary to use the HotSpot Universal Client feature?
A. arp=enabled on the HotSpot interface
B. /ip dhcp-server configuration
C. address-pool configuration in /ip hotspot and /ip hotspot user profile
D. /ip firewall mangle rules
140. What is the correct action to be specified in the NAT rule to hide a private network when
communicating to the outside world?
A. tarpit
B. masquerade
C. passthrough
D. allow
141. What is term for the hardware coded address found on an interface?
A. MAC Address
B. Interface Address
C. FQDN Address
D. IP Address
142. To assign specific traffic to the route – traffic must be identified by routing mark.Each packet
can have only one routing mark.
TRUE/FALSE
143. In Ip Firewall NAT, you can Classify Traffic in SRC Nat Chain based on " in-interface".
TRUE/FALSE
144. Which option in the configuration of a wireless card must be disabled to cause the router to
permit ONLY known clients listed in the access list to connect?
A. Default Forward
B. Enable Access List
C. Default Authenticate
D. Security Profile
146. How many DHCP servers could you run on one interface?
A. 255
B. 1024
C. 4
D. 1
147. What is the default protocol/port of (secure) winbox?
A. TCP/8080
B. TCP/22
C. UDP/5678
D. TCP/8291
148. Router has Wireless and Ethernet client interfaces, all client interfaces are bridged.
To create a DHCP service for all clients you must configure DHCP server on
A. only on bridge interface
B. every bridge port
C. DHCP service is not possible in this setup
D. Ethernet and wireless interfaces
150. Which wireless mode allows you to connect to any standard AP (not only MikroTik) and to be
able to bridge this wireless interface to an Ethernet?
A. station
B. bridge
C. station-pseudobridge
D. station-wds
151. How many layers does Open Systems Interconnection model have?
A. 9
B. 6
C. 5
D. 7
E. 12
152. Which configuration menu should you use to change router's Winbox default port?
A. /ip service
B. /ip firewall service-ports
C. /ip firewall filter
D. /system resource
154. On the advanced menu of the wireless setup there is a parameter called “Area”, it works
directly with:
A. Connect List
B. Access List
C. None of these
D. Security Profile
155. What menus should be used to allow certain websites to be accessed from behind a hotspot
interface, without client authentication
A. ip hotspot ip-binding
B. ip hotspot profile
C. ip hotspot walled-garden
D. ip hotspot walled-garden ip
157. Which of these are possible solutions to bridge two networks over a wireless link:
A. Both devices in AP mode and enable WDS mode
B. One device in AP mode, another one in station-pseudobridge-clone
C. One device in AP mode, another one in station-pseudobridge
D. One device in AP mode, another one in station
158. You have a 802.11b/g wireless card. Which frequencies can be set?
A. 5210MHz
B. 2327MHz
C. 2422MHz
D. 2412MHz
E. 5800MHz
160. You need to reboot a RouterBoard after importing a previously exported rsc file to activate
the new configuration.
TRUE/FALSE
163. Consider the following network diagram. In R1, you have the following configuration:
/ip route
add dst-address=192.168.1.0/24 gateway=192.168.99.2
165. What is the maximum number of ARP entries on a Mikrotik RouterOS device ?
A. Unlimited
B. 2048
C. 8192
D. 10240
166. Mark all correct answers: destination NAT will take place (MULTI)
A. before ip firewall filter, chain forward
B. after routing decision
C. before routing decision
D. after ip firewall filter, chain forward
169. How many wireless clients can connect, when wireless card is configured to mode=bridge
? (ONE)
A. 2
B. 1
C. 2007
D. 100
170. Which software version can be installed on to the following RouterBoard types ? (MULTI)
A. Routeros-mipsbe-x.xx.npk on a RB433
B. Routeros-x86-x.xx.npk on a RB1100
C. Routeros-mipsle-x.xx.npk on RB133
D. Routeros-powerpc-x.xx.npk on a RB333
E. Routeros-mipsbe-x.xx.npk on a RB133
171. Which firewall chain you should use filter SSH access to the router itself ? (ONE)
A. Output
B. Input
C. Prerouting
D. Forward
173. You have a wireless interface with SSID=”WAN1” mode=”ap-bridge” and a VirtualAP with
SSID=”WAP1” on the router. Is it possible to use nstreme protocol ? (ONE)
A. Yes, but Nstreme can be used only for SSID=VAP1
B. Yes, but Nstreme can be used only for SSID=WLAN1
C. No, Nstreme can not be used on wireless interface if a VirtualAP is on it
D. Yes, but Nstreme will be used for all SSID assigned for that physical interface
175. HotSpot server is installed on the router. All IP-phones are required to have access to outside
networks without any HotSpot authentication. Select the configuration options you can use to
achieve this setup (MULTI)
A. /ip hotspot walled-garden ip
B. /ip hotspot ip-binding
C. /ip hotspot service-ports
177. You have to connect to a RouterBoard without any previous configuration. Select all
possibilities to connect and do some basic configuration (MULTI)
A. Telnet
B. Attach Monitor/Keyboard
C. Mac-Winbox
D. Serial Connection
178. You have a DHCP server on your MikroTik router. The IP addres 10.1.2.2 – 10.2.2.20 are
distributed in the DHCP network. Additionally, 3 static IP address are defined for your servers :
10.1.2.31 – 10.1.2.33. After a while 20 more IP addresses need to be distributed in the network. Is it
possible to distribute the extra IP address without adding another DHCP server ?
(TRUE/FALSE)
180. In RouterOS queue configuration the word “total” usually reports (ONE)
A. Upload
B. Download
C. Download – Upload
D. Upload + Download
181. Firewall NAT rules process only the first packet of each connection
(TRUE/FALSE)
When traffic reaches the end of the ‘chain=custom’. What will happen next?
A. Traffic will be logged in chain=forward
B. Traffic will be dropped in chain=custom
C. Traffic will be accepted in chain=custom
185. To block access to web proxies running on TCP port 8080, you have to create a firewall rule
and specify: (ONE)
A. “chain”,”action”,”port”
B. “chain”,”action”,”protocol”,”port”
C. “chain”,”action”,”protocol”,”limit”
D. “chain”,”action”,”protocol”
186. Which of the following is true for mangle facility in RouterOS? (MULTI)
A. Mark packet can be used by other router facilities like routing and bandwidth management
B. The mangle mark can be transmitted across the network, and used by other routers
C. Mangle facility can be used to modify some fields in the IP header and TTL fields
D. Mangle facility is used to mark IP Packets with special marks for future processing
187. You are about to configure DNS Chache and make a static DNS rule, Your router should
resolve any domain name. Which are the minimum settings you will need? (MULTI)
A. Add a new static DNS entry
B. Enable “Allow Remote Requests”
C. Configure Primary DNS server
D. Set cache size to 4096
E. Configure both Primary and Secondary DNS servers
188. The total-max-limit under Simple Queues will limit the combined upload and download of the
target-address of your simple queue.
(TRUE/FALSE)
189. How many usable IP address are there in a 23-bit (255.255.254.0) subnet? (ONE)
A. 256
B. 508
C. 512
D. 510
190. What is the meaning of letter “R” on an active session in the menu PPP active Connections?
(ONE)
A. Running
B. Radius
C. Remote
192. To use your RouterOS System as a DNS cache for a local network, you have to: (MULTI)
A. Allow forwarding of DNS traffic
B. Enable “Allow Remote Requests” at DNS settings
C. Enable DHCP package
D. Configure DNS-servers at RouterOS DNS settings
195. It is necessary to have a Level 4 RouterOS License to create a wireless link between two
RouterOS devices.
(TRUE/FALSE)
196. When clicking the ‘Backup’ button in the Files widow, the following happens (select all that
apply): (MULTI)
A. You are requested to give the backup file a name
B. Backup file is saved to the computer desktop
C. Backup file is creted with the data and time of its creation
D. Backup file will contain Winbox usernames and passwords
197. Connection tracking can be turned off on your masquerading internet gateway to improve
network performance.
(TRUE/FALSE)
199. Which firewall chain would be used to block a client’s MSN traffic on a router? (ONE)
A. forward
B. input
C. output
D. static
200. DST-NAT can process traffic sent from and through the router.
(TRUE/FALSE)
201. A MikroTik PPPoE Server can be used only within a broadcast domain, that is, user can not
run PPPoE protocol with a server if there is a router between the customer and that PPPoE server.
(TRUE/FALSE)
202. In order to use dynamic keys in your security profile for an AP, you MUST set up the dhcp
server to provide the dynamic keys.
(TRUE/FALSE)
203. When creating Nstreme Dual links in the Wireless Interface menu you must set at least the
following parameters: (MULTI)
A. SSID
B. Enable Nstreme
C. Band
D. Frequency
E. None of the above
204. Which facility should be used, to ensure that clients with radio signal strength poorer than -
90dBm can’t connect to interface wlan 1 on a MikroTik AP? Choose one answer
A. /interface wireless registration-table remove numbers=-9
B. /interface wireless set wlan1 basic-rates-a/g
C. /interface wireless access-list
D. /interface wireless security-profiles add static-transmit-key
205. Which computers would be able to commucate directly (without any involved) (MULTI)
A. 10.5.5.1/24 and 10.5.5.100/25
B. 192.168.0.5/26 and 192.168.0.100
C. 192.168.1715/29 and 192.168.17.20/28
D. 10.10.0.17/22 and 10.10.1.30/23
Router needs to send packets to 192.168.3.240. Which gateway will be used? (ONE)
A. 192.168.0.3
B. 192.168.0.2
C. 192.168.0.4
D. 192.168.0.1
207. What is the minimum configuration a network administrator needs to do on a MikroTik router
to enable OSPF? (ONE)
A. Add an interface to OSPF interface configuration
B. Add a network to OSPF network configuration
C. Both interface and network must be added to OSPF configuration
D. Nothing; OSPF instance can run with no configuration
208. Destination NAT (chain dstnat, action dst-nat) can be used to: (MULTI)
A. Change source port
B. Change destionation port
C. Hide your local network from the Internet
D. Direct user from the Internet to a server within your local network
209. MikroTik RouterOS commands can be run once a day by: (ONE)
A. /system cron
B. /system scheduler
C. /system watchdog
210. You want to limit bandwith for your HotSpot users. HotSpot can create dynamic queues on
user login to do the speed limitation.
(TRUE/FALSE)
212. What is the correct action for a NAT rule on a router that should intercept SMTP traffic and
send it over to a specified mail server? (ONE)
A. redirect
B. tarpit
C. dst-nat
D. passthrough
213. If ARP=reply-only is enabled on one router interface, router can add dynamic ARP entries for
the particular interface.
(TRUE/FALSE)
216. Mark all features that can be used to assign bandwidth limitation for a group users? (MULTI)
A. AP-limit in Acess Points
B. Address-list
C. Queue Tree
D. Mangle
E. NAT
217. In a wireless network it is decided to comply with 802.11a protocol standard. To enable turbo
mode, which is the correct configuration? (ONE)
A. 12th channel, 40mhz wide
B. 5th channel, 5mhz wide
C. 6th channel, 40mhz wide
D. 5th channel, 10mhz wide
218. Mark all the configurations where RouterOS is utilizing the DNS client feature (MULTI)
A. Layer-7 packet filter configuration
B. Hotspot configuration
C. Web-proxy configuration
D. PPP configuration
219. Connection state in MikroTik RouterOS is the same thing as TCP state elsewhere?
(TRUE/FALSE)
220. Select all the RouterOS software packages required for configuring a wireless AP (MULTI)
A. advance-tools
B. dhcp
C. system
D. routing
E. wireless
221. A PC with IP 192.168.1.2 can access internet, and static ARP has been set for that IP address
on gateway. When the PC Ethernet card failed, the user change it with a new card and set the
same IP for it.
What else should be done? (MULTI)
A. Nothing-it will work as before
B. Another IP has to be added for internet access
C. Old static ARP entry on gateway has to be udated for the new card
D. MAC-address of the new card has to be changed to MAC address of old card
222. You need to allow HTTP access to www.mikrotik.com for all HotSpot users without
authorization. What should you use? (ONE)
A. /ip hotspot walled-garden ip
B. /ip hotspot ip-binding
C. /ip hotspot user
D. /ip hotspot walled-garden
223. While troubleshooting a network from inside the network, you discover that you can ping the
gateway reliably, but you cannot browse the Internet. Skype, however, works flawlessly. What is
the most likely issue?
A. The computer did not get an IP address
B. DNS is not available
C. Masquerading rule is not applied
D. Network card and/or cable is not working
224. Which RouterOS packages should be installed on router for SSH server support?
A. advanced-tools
B. system
C. ssh
D. security
227. You want to transfer existing '/ip firewall filter' configuration from one router to a new system.
Choose the best possible way to do:
A. Create backup, edit backup file and restore on target router
B. Export global configuration and remove everything apart from '/ip firewall filter'
C. Export only '/ip firewall filter'
D. Create backup only of '/ip firewall filter' rules