Page 1 of 8

1. RouterOS log messages are stored on disk by default

 True
 False (correct)

2. What does the firewall action "Redirect" do? Select all true statements.

 Redirects a packet to a specified port on the router

 Redirects a packet to a specified IP (correct)
 Redirects a packet to the routerwrong
 Redirects a packet to a specified port on a host in the network (correct)

3. What does the command routerA(config)#line cons 0 allow you to perform next?

 Set the Telnet password.

 Shut down the router.
 Set your console password. (correct)
 Disable console connections.wrong

4. You would like to allow multiple logins with one user name on a Hot-Spot server.

How should this be configured?

 Set "Shared Users" option at /ip Hot-Spot user profile (correct)

 It's not possible
 Set "Shared Users" option at /ip Hot-Spot
 Set "only-one=no' at /ip Hot-Spot

5. How long is level 1 (demo) license valid?

 24 hours (correct)
 Infinite time
 1 monthwrong
 1 year

6. Which statements are true regarding ICMP packets?

ICMP guarantees datagram delivery.

ICMP can provide hosts with information about network problems.

ICMP is encapsulated within IP datagrams.

ICMP is encapsulated within UDP datagrams.

 1 only
 2 and 3 (correct)
 1 and 4
  All of the above

7. When backing up your router by using the ‘Export’ command, the following happens:

 Winbox usernames and passwords are backed up

 The Export file can be edited with a standard text editor after its creation
((correct))
 You are requested to give the export file a name (correct)

8. What wireless card can we use to achieve 100 Mbps actual wireless throughput?

 802.11 b/g (correct)

 802.11 a/b/g
 802.11 a
 802.11 a/n
 802.11 a/b/g/n

9. Which computers would be able to communicate directly (without any routers

involved):

 192.168.17.15/29 and 192.168.17.20/28

 10.5.5.1/24 and 10.5.5.100/25 (correct)
 10.10.0.17/22 and 10.10.1.30/23 (correct)
 192.168.0.5/26 and 192.168.0.100 wrong

10. If a packet comes to a router and starts a new, previously unseen connection, which
connection state would be applied to it?

 no connection state would be applied to such packet

 new (correct)
 unknown
 invalid
 established

11. Action=redirect applies to

 Firewall Filter rules

 DST-NAT rules (correct)
 Route rules
 SRC-NAT rules

12. How many usable IP addresses are there in a 23-bit (255.255.254.0) subnet?

 512
 510 (correct)
 508
 254

13. When sending out an ARP request, an IP host is expecting what kind of address for
an answer?
  VLAN ID
 IP address
 MAC Address (correct)
 802.11gwrong

14. What is marked by connection-state=established matcher?

 Packet belongs to an existing connection, for example a reply packet or a packet

which belongs to already replied connection (correct)
 Packet is related to, but not part of an existing connection
 Packet does not correspond to any known connection
 Packet begins a new TCP connection

15. What kind of users are listed in the "/user" menu?

 router users (correct)

 wireless users
 Hot-Spot users
 pptp users

16. In which order are the entries in Access List and Connect List processed?

 By Signal Strength Range

 By interface name (correct)
 In sequence order
 In a random order

17. What is the minimal possible wireless configuration to create an Access Point?

 radio name
 scan-list
 frequency
 band
 ssidwrong
 DFS mode
 WDS
 Mode (correct)

18. Which of the following is the decimal and hexadecimal equivalents of the binary
number 10011101?

 155, 0x9B
 157, 0x9D (correct)
 159, 0x9F
 185, 0xB9

19. Which of the following protocols / port s are used for SNMP. (Simple Network
Managemnt Protocol)

 TCP 25
  TCP 161
 UDP 162 (correct)
 TCP 162
 TCP 123
 UDP 161 (correct)

20. It is required to make a web server on a private LAN visible on the Public Internet.
Only the web server port should be visible to the public.

Which of the following configuration steps must be met? (select all that apply)

 Public IP address of the webserver must be installed on the NAT Routerwrong

 in ip firewall NAT there should be a dst-nat between the public ip of the router
and the private ip of the webserver (correct)
 Connection Tracking must be enabled on NAT router
 A route between the NAT Router and the webserver must exist (correct)
 LAN address of the webserver should be routable on the internet

21. What is the default protocol/port of (secure) winbox?

 UDP/5678
 TCP/22
 TCP/8291 (correct)
 TCP/8080

22. On the advanced menu of the wireless setup there is a parameter called “Area”, it
works directly with:

 Connect List (correct)

 Access List
 None of these
 Security Profile

23. Where can you monitor (see addresses and ports) real-time connections which are

processed by the router?

 Firewall Connection Tracking (correct)

 Firewall Counters
 Tool Torch (correct)
 Queue Tree

24. How many different priorities can be selected for queues in MikroTik RouterOS?

 16 (correct)
 1
 8
 0

25. MAC layer by OSI model is also known as

  Layer 2 (correct)
 Layer 1
 Layer 6
 Layer 7
 Layer 3

26. What protocol does PPP use to identify the Network layer protocol?

 NCP (correct)
 ISDN
 HDLC
 LCP

27. Router A and B are both running as PPPoE servers on different broadcast domains
of your network. It is possible to set Router A to use "/ppp secret" accounts from Router
B to authenticate PPPoE customers.

 true
 false (correct)

28. You have a router with configuration

- Public IP :202.168.125.45/24

- Default gateway:202.168.125.1

- DNS server: 248.115.148.136, 248.115.148.137

- Local IP: 192.168.2.1/24

Mark the (correct) configuration on client PC to access to the Internet

 IP:192.168.0.1/24 gateway:192.168.2.1
 IP:192.168.2.253/24 gateway:202.168.0.1
 IP:192.168.2.115/24 gateway: 192.168.2.1 (correct)
 IP:192.168.2.2/24 gateway:202.168.125.45
 IP:192.168.1.223/24 gateway:248.115.148.136

29. Domain name system (DNS) requests can use protocol/port:

 UDP (correct)
 TCP port 53 (correct)

30. Action=redirect allows you to make

 Transparent DNS Cache (correct)

 Forward DNS to another device IP address
 Enable Local Service
 Transparent HTTP Proxy (correct)
31. What does the passive command provide to dynamic routing protocols?

 Stops an interface from sending or receiving periodic dynamic updates.

 Stops an interface from sending periodic dynamic updates but not from
receiving updates. (correct)
 Stops the router from receiving any dynamic updates.
 Stops the router from sending any dynamic updates.

32. Is it possible to limit how many clients are able to connect to an access point?

 No it's not possible at all

 Yes, but only with access-lists (correct)
 Yes

33. It is possible to create an encrypted PPPoE tunnel in RouterOS:

 True (correct)
 false

34. For user in local PPP Secrets/PPP Profiles database, it is possible to

 Allow/deny use of more than one login by this user (correct)

 Allow login by PPPoE and PPTP, but deny login by L2TP
 Set max values for transferred data (Rx/Tx) (correct)
 Allow only PPPoE login (correct)
 Deny services (like telnet) only for this user or for one group of users

35. Which of the following is the valid host range for the subnet on which the IP
address 192.168.168.188 255.255.255.192 resides?

 192.168.168.129-190 (correct)
 192.168.168.129-191
 192.168.168.128-190
 192.168.168.128-192

36. Firewall NAT rules process only the first packet of each connection.

 True
 False (correct)

37. Which of these are possible solutions to bridge two networks over a wireless link:

 Both devices in AP mode and enable WDS mode (correct)

 One device in AP mode, another one in station-pseudobridge-clone
 One device in AP mode, another one in station-pseudobridge
 One device in AP mode, another one in station

38. To back up an IOS, what command will you use?

 backup IOS disk

  copy ios tftp
 copy tftp flash
 copy flash tftp (correct)

39. Which of the following are layers in the TCP/IP model?

Application

Session

Transport

Internet

Data Link

Physical

 1 and 2
 1, 3 and 4 (correct)
 2, 3 and 5
 3, 4 and 5

40. Which is a default baud-rate of currently manufactured RouterBOARDs?

 9600
 115200 (correct)
 38400
 11520

41. What is term for the hardware coded address found on an interface?

 FQDN Address
 IP Address
 Interface Address
 MAC Address (correct)

42. Which class of IP address has the most host addresses available by default?

 A (correct)
 B
 C
 A and B

43. What kind of users are listed in the Secrets window of the PPP menu?

 Hot-Spot users
 wireless users
 l2tp users (correct)
 pptp users (correct)
  pppoe users (correct)
 winbox users

44. What command is used to create a backup configuration?

 copy running backup

 copy running-config startup-config (correct)
 config mem
 wr mem

45. Which of the following services use UDP?

DHCP

SMTP

SNMP

FTP

HTTP

TFTP

 1, 3 and 6 (correct)
 2 and 4
 1, 2 and 4
 All of the above

46. Evaluate the following information:

Access Point configuration:

-- wlan1 is in 'AP-Bridge' mode

-- Bridge1 has wlan1 and ether1 as ports CPE configuration:

-- wlan1 is in 'Station-Bridge' mode

-- Bridge1 has wlan1 and ether1 as ports

Select protocols that will pass from ether1 on the CPE to ether1 on the Access Point.

 IPv4 (correct)
 ARP (correct)
 USB
 BGP
 Firewire
 IPv6 (correct)
 DHCP (correct)
  PPPoE (correct)

47. Which firewall chain should you use to filter clients HTTP traffic going through the
router?

 prerouting
 forward (correct)
 output
 input

48. Which one of the following is true regarding VLANs?

 Two VLANs are configured by default on all Cisco switches.

 VLANs only work if you have a complete Cisco switched internetwork. No off-
brand switches are allowed.
 You should not have more than 10 switches in the same VTP domain.
 VTP is used to send VLAN information to switches in a configured VTP
domain. (correct)

49. Collisions are possible in fullduplex Ethernet networks

 true
 false (correct)

50. You have a DHCP server on your MikroTik router. The IP addresses 10.1.2.2-
10.2.2.20 are distributed in the DHCP network. Additionally, 3 static IP address are
defined for your servers: 10.1.2.31-10.1.2.33.

After a while 20 more IP addresses need to be distributed in the network. It is possible

to distribute the extra IP address without adding another DHCP Server:

 True
 False (correct)

51. What does this simple queue do (check the image)?

  Queue guarantees upload data rate of one megabit per second for host
192.168.1.10
 Queue limits host 192.168.1.10 download data rate to one megabit per second.
 Queue limits host 192.168.1.10 upload data rate to one megabit per second.
(correct)
 Queue guarantees download data rate of one megabit per second for host
192.168.1.10

52. If you use either Telnet or FTP, which is the highest layer you are using to transmit
data?

 Application (correct)
 Presentation
 Session
 Transport

53. Which class of IP address provides a maximum of only 254 host addresses per
network ID?

 Class A
 Class B
 Class C (correct)
 Class D

54. There are two wireless cards (wlan1 and wlan2) which are bridged together. On
wlan1 card there is a setting "Forwarding=no". Choose the (correct) answer(s):

 Stations on wlan2 will be able to communicate with stations on wlan2

 Stations on wlan2 will be able to communicate with stations on wlan1
 Stations on wlan1 will be able to communicate with stations on wlan1
 To prevent communication between wlan1 and wlan2 one cannot use Bridge
Filters (correct)
  Stations on wlan1 will be able to communicate with stations on wlan2

55. PPP Secrets are used for

 PPPoE clientes (correct)

 L2TP clientes (correct)
 IPSec clients
 PPP clients
 PPtP clientes (correct)
 Router users

56. What is possible with Netinstall?

 MikroTik RouterOS reinstall (correct)

 MikroTik RouterOS password reset with saving router's configuration (correct)
 MikroTik RouterOS configuration reset (correct)

57. Which features are removed when advanced-tools package is uninstalled?

 neighbors
 LCD support
 ip-scan (correct)
 ping (correct)
 netwatch (correct)
 bandwidth-test

58. In which order are the entries in Access List and Connect List processed?

 By Signal Strength Range

 In sequence order
 In a random order
 By interface name (correct)

59. Please select valid scan-list values in interface wireless configuration:

 5560,5620-5700 (correct)
 5640~5680
 default,5560,5600,5660-5700 (correct)
 5540,5560,5620+5700

60. It is possible to create a configuration where VLAN and PPTP interfaces are bridged
together.

 TRUE
 FALSE (correct)

61. Which protocol does DHCP use at the Transport layer?

 IP
 TCP
  UDP (correct)
 ARP

62. How many collision domains are created when you segment a network with a 12-
port switch?

 1
 2
 5
 12 (correct)

63. Which of the following is used in standard 802.11 wireless networks?

 CSMA/CA (correct)
 CDMA
 FDD
 CSMA/CD

64. Which type of encryption could be used to establish a connection with a simple
passkey without using a 802.1X authentication server?

 WPA PSK/WPA2 PSK

 WPA EAP/WPA2 EAP (correct)

65. Which is the default port of IP-Winbox?

 UDP 8291
 TCP 80
 TCP 8291 (correct)
 TCP 8192

66. Select minimal set of software packages in RouteOS required to configuring a

wireless AP

 Wireless (correct)
 advanced-tools
 dhcp
 routing
 System (correct)

67. Which command is used to determine if an IP access list is enabled on a particular

interface?

 show access-lists
 show interface (correct)
 show ip interface
 show interface access-lists

68. Which WLAN IEEE specification allows up to 54Mbps at 2.4GHz?

  A
 B
 G (correct)
 N

69. When adding a static route, you must always ensure that you add both the gateway
and the interface.

 False (correct)
 True

70. Which layer 4 protocol is used for a Telnet connection?

 IP
 TCP (correct)
 TCP/IP
 UDP

71. A client that has successfully connected to a wireless network is considered to be

which of the following? Choose all that apply:

 Authenticated correct
 Associated
 Unauthenticated
 Unassociated

72. A network ready device is directly connected to a MikroTik Router BOARD 750
with a correct U.T.P. RJ45 functioning cable. The device is configured with an IPv4
address of 192.168.100.70 using a subnet mask of 255.255.255.252.

What will be a valid IPv4 address for the Router BOARD 750 for a successful
connection to the device?

 192.168.100.69/255.255.255.252 correct
 192.168.100.70/255.255.255.252
 192.168.100.71/255.255.255.252
 192.168.100.68/255.255.255.252

73. You need to reboot a RouterBoard after importing a previously exported rsc file to
activate the new configuration.

 True
 False correct

74. Where is a hub specified in the OSI model?

 Session layer
 Physical layer correct
 Data Link layer
 Application layer
75. Which port does PPTP use by default?

 TCP 1721
 UDP 1723
 TCP 1723 correct
 UDP 1721

76. MikroTik RouterOS commands can be run once a day by:

 /system watchdog
 /system cron
 /system scheduler correct

77. Action=redirect is applied in

 chain=srcnat
 chain=forward
 chain=dstnat correct

78. Which of the following is NOT a valid MAC Address?

 80:GF:AA:67:13:5D correct
 95:B5:DD:EE:78:8A
 88:0C:00:99:5F:EF
 EA:BA:AA:EE:FF:CB
 13:16:86:53:89:43

79. In which situations can Netinstall NOT be used to install a RouterBOARD?

 The router does not have an operating system

 The router is connected only to a wireless network correct
 You do not know the password of the router
 The router is connected only to a secondary Ethernet port correct

80. What PPP protocol provides dynamic addressing, authentication, and multilink?

 NCP
 HDLC
 LCP correct
 25