Soal MTCTCE

1. You have 10Mbps download link available to be used by your clients on the
LAN. You want to use PCQ and allow 512k maximum download for each client.
The correct argument values for the required queue type are:

A. kind=pcq pcq-limit=10000000 pcq-classifier=src-address

B. kind=pcq pcq-rate=512000 pcq-classifier=src-address
C. kind=pcq pcq-limit=10000000 pcq-classifier=dst-address
D. kind=pcq pcq-rate=512000 pcq-classifier=dst-address

2. How is the DHCP server able to track lease association with a particular client?
The identification can be achieved:

A. Based on "system identity" option

B. Based on hostname option
C. Based on caller-id option (dhcp-client-identifier from RFC2132)
D. Based on MAC address, if caller-id option is not specified.

3. The cache hit DSCP (TOS) number under the Web Proxy Settings is used

A. To identify data coming from the cached data to the client

B. To Identify data the proxy system has stored and returned to clients
C. To identify data received by the web proxy from the internet
D. To Identify data coming from the internet to the web proxy clients

4. You need to redirect a browser page from a search of "xxx" in google to

another website such as www.mikrotik.com

Choose correct proxy access rule.

A. /ip proxy access add dst-host=*xxx* action=deny redirect-

to=www.mikrotik.com
B. /ip proxy access add dst-host=*.google.* path=*xxx* action=deny redirect-
to=www.mikrotik.com
C. /ip proxy access add path=*xxx* action=allow redirect-to=www.mikrotik.com
D. /ip proxy access add dst-host=*xxx* action=allow redirect-
to=www.mikrotik.com

5. Address-list timeout could be used for

A. Deleting an address list entry from address-list after time runs out
B. Deleting an address list entry after a specified time
C. Can only be used with the target "add-dst-to-address-list" of ip firewall

6. You want to offer a static route to your DHCP clients (besides the default-
route). What is the best way to do that?

A. Set DHCP options 121

B. Set DHCP options 3
C. Set a static IP into /ip route and it will automatically be sent to clients
D. There is no way to send a static-route to DHCP clients

7. To mangle all traffic going to the router itself on chain=prerouting, we can use
parameter:

A. dst-address-type=local
B. dst-address-type=unicast
C. dst-address=127.0.0.1
D. dst-address=localhost

8. MikroTik proxy features are:

A. FTP caching
B. HTTP caching
C. SMTP caching
D. DNS name filtering
E. POP3 caching

9. You have a queue structure:

queue "MK" max-limit=23M

-queue "A" parent="MK" limit-at=10M max-limit=18M

--queue "AA" parent="A" limit-at=3M max-limit=5M priority=1
--queue "AB" parent="A" limit-at=1M max-limit=2M priority=2
--queue "AC" parent="A" limit-at=4M max-limit=8M priority=4
-queue "B" parent="MK" limit-at=10M max-limit=18M
--queue "BA" parent="B" limit-at=1M max-limit=10M priority=1
--queue "BB" parent="B" limit-at=2M max-limit=3M priority=3

Select the correct answer for the worst case scenario when all queues are trying
to get all available traffic.

A. queue "AA" will get 3M, "AB" 2M, "AC" 4M, "BA" 10M, "BB" 2M
B. queue "AA" will get 5M, "AB" 2M, "AC" 8M, "BA" 10M, "BB" 2M
C. queue "AA" will get 5M, "AB" 2M, "AC" 8M, "BA" 10M, "BB" 3M
D. queue "AA" will get 3M, "AB" 1M, "AC" 8M, "BA" 1M, "BB" 3M
E. queue "AA" will get 5M, "AB" 2M, "AC" 4M, "BA" 10M, "BB" 2M

10. Is it possible to use the serial port of MikroTik to communicate with an

external device connected by null-modem cable?
A. Yes, when other is a MikroTik router.
B. Yes, if port is not being used
C. Yes, it is always possible by /system serial-terminal command.

11. You want to use PCQ and allow 256k maximum download and upload for each
client. Choose correct argument values for the required queue.

A. kind=pcq pcq-limit=5000000 pcq-classifier=dst-address

B. kind=pcq pcq-limit=256000 pcq-classifier=dst-address
C. kind=pcq pcq-limit=256000 pcq-classifier=src-address
D. kind=pcq pcq-limit=5000000 pcq-classifier=src-address
E. kind=pcq pcq-limit=1256000 pcq-classifier=dst-address

12. An IP packet has matched all the conditions of a firewall rule and the action
reject and the option icmp-network-unreachable was initiated for that packet.
What will happen with the packet content ?

A. The packet will be discarded regardless of its content

B. The whole packet will be forwarded back to the sender regardless of its
contents
C. The packet header will receive a flag of \\\"icmp-network-unreacheble\\\"
D. The packet will be rejected only if the destination network is unreachable

13. If we have the following queue structure:

queue "A" max-limit=8M
- queue "B" parent="A" limit-at=2M max-limit=5M priority=1
- queue "C" parent="A" limit-at=3M max-limit=6M
- - queue "C1" parent="C" limit-at=1M max-limit=2M priority=2
- - queue "C2" parent="C" limit-at=2M max-limit=4M priority=3

If all queues are utilizing the maximum. what will be the traffic distribution ?

A. B-5M, C1-1M, C2- 2M

B. B-5M, C1-2M, C2- 1M
C. B-2M, C1-2M, C2- 4M
D. B-4M, C1-2M, C2- 2M
E. B-4M, C1-2M, C2- 4M

14. What is the correct action for a NAT rule on a router that should intercept
SMTP traffic and send it over to a specified mail server?

A. dst-nat
B. tarpit
C. passthrough
D. redirect
15. A firewall rule is used to redirect all incoming DNS requests. What is the
source IP address generated in the response by the router?

A. Source IP address of the response is broadcast to indicate the response was

generated by proxy
B. Source IP address of the response is IP address of router's out interface
C. Source IP address of the response is the highest active loopback bridge
interface of the router
D. Source IP address of the response is the same as destination IP address of the
original request

16. If we change TTL to 2 in mangle chain prerouting

A. packet will be forwarded to the next 2 L3 devices

B. packet will not be forwarded
C. packet will be forwarded only to next L3 device
D. packet will always reach its destination

17. What is the recommended sequence for traffic marking by mangle for QoS?

A. Add only mark-connection

B. Add action=passtrough
C. Add mark-connection then mark-packet
D. Add only mark-packet

18. after putting this rule: /ip firewall add chain=input action=drop, you will still
be able to access the Router using the mac-address.

19. Mangle Routing (routing-mark) is possible, by using chains:

A. prerouting and forward

B. input and output
C. prerouting and output
D. forward and postrouting
E. forward and output

20. Which of these techniques equalizes the flow between connections when the
link is completely full:

A. SFQ
B. PCQ
C. FIFO
D. PFIFO
E. RED
21. You have a queue structure:

queue "GP" max-limit=10M

- queue "M" parent="GP" limit-at=4M max-limit=6M
- - queue "C1" parent="M" limit-at=1M max-limit=7M priority=4
- - queue "C2" parent="M" limit-at=1M max-limit=4M priority=1
- - queue "C3" parent="M" limit-at=2M max-limit=7M priority=8
- queue "F" parent="GP" limit-at=5M max-limit=8M
- - queue "D1" parent="F" limit-at=3M max-limit=4M priority=5
- - queue "D2" parent="F" limit-at=2M max-limit=5M priority=2

Which queue will get more than limit-at in worst case scenario?

A. D2
B. C3
C. C2
D. C1
E. D1

22. Choose correct statements for MikroTik proxy.

A. Destination NAT rule is required to utilize transparent proxy facility

B. To deny access to a specific website, caching should be enabled
C. Controls domains or servers which are allowed to cache by Proxy
D. Can deny access to a specific domains or servers, but not specific web pages

23. You have a queue structure:

queue "GP" max-limit=10M
- queue "M" parent="GP" limit-at=4M max-limit=6M
- - queue "C1" parent="M" limit-at=1M max-limit=7M priority=4
- - queue "C2" parent="M" limit-at=1M max-limit=4M priority=1
- - queue "C3" parent="M" limit-at=3M max-limit=7M priority=8
- queue "F" parent="GP" limit-at=5M max-limit=8M
- - queue "D1" parent="F" limit-at=3M max-limit=4M priority=5
- - queue "D2" parent="F" limit-at=2M max-limit=5M priority=2

If queues "C2" and "C3" are not requiring any traffic, how is all the
available bandwidth going to be distributed in worst case scenario when all other
queues are trying to get all available traffic?

A. queue "C1" will get 5M, "D2" 2M, "D1" 3M

B. queue "C1" will get 2M, "D2" 5M, "D1" 3M
C. queue "C1" will get 4M, "D2" 7M, "D1" 4M
D. queue "C1" will get 4M, "D2" 3M, "D1" 3M
E. queue "C1" will get 3M, "D2" 3M, "D1" 5M
24. You are using Port Scan Detection feature in MikroTik Firewall. What ports are
considered as Low Ports?

A. 20-1024
B. 1-80
C. 1-1000
D. 1024-10000
E. 1-1024

25. If router receives packet with TTL=1 then:

A. packet will be forwarded only to next L3 device

B. packet will always reach its destination
C. packet will not be forwarded