Mtcna Pre-test Stimata
-
Action = Redirect is applied in
-
Chain=srcnat
-
Chain=dstnat
-
Chain=foward
-
The MTCNA Pre-Test STIMATA assesses knowledge in network routing, specifically for MikroTik RouterOS. It covers topics such as DNS redirection, subnetting, wireless frequencies, and masquerade rules, crucial for network administrators and IT professionals.
Quiz Preview
- 2.
Choose all valid hosts address range for subnet 15.242.55.62/27
-
15.242.55.31-15.242.55.62
-
15.242.55.32-15.242.55.63
-
15.242.55.33-15.242.55.62
-
15.242.55.33-15.242.55.63
Correct Answer
A. 15.242.55.33-15.242.55.62Explanation
The given subnet is 15.242.55.62/27, which means it has a subnet mask of 27 bits. This leaves 5 bits for the host portion of the IP address. The valid host address range for this subnet would be from the network address + 1 to the broadcast address - 1.
The network address is 15.242.55.32 and the broadcast address is 15.242.55.63. Therefore, the valid host address range is 15.242.55.33 to 15.242.55.62.Rate this question:
-
- 3.
You have 802.11b/g wireless card. What frequencies are available to you?
-
5800MHz
-
2412MHz
-
5210MHz
-
2422MHz
-
2327MHz
Correct Answer(s)
A. 2412MHz
A. 2422MHzExplanation
The correct answer is 2412MHz and 2422MHz. These frequencies are available to a device with a 802.11b/g wireless card. 802.11b/g wireless cards operate in the 2.4GHz frequency range, which includes the frequencies 2412MHz and 2422MHz.Rate this question:
-
- 4.
Action=redirect allows you to make ?
-
Transparent DNS Cache
-
Foward DNS to another device IP address
-
Enable local service
-
Transparent HTTP Proxy
Correct Answer(s)
A. Transparent DNS Cache
A. Transparent HTTP ProxyExplanation
The action=redirect allows you to create a transparent DNS cache and a transparent HTTP proxy. A transparent DNS cache stores DNS information, such as domain names and IP addresses, to improve the efficiency of DNS resolution. It can help reduce network latency and improve overall network performance. A transparent HTTP proxy intercepts and forwards HTTP requests and responses between clients and servers, allowing for caching, filtering, and monitoring of web traffic. Both of these features can be enabled using the action=redirect command.Rate this question:
-
- 5.
Which is correct masquerade rule for 192.168.0.0/24 network on the router with outgoing interface=ether1
-
/ip firewall nat add action=masquerade chain=srcnat
-
/ip firewall nat add action=masquerade chain=srcnat src-address=192.168.0.0/24
-
/ip firewall nat add action=masquerade out-interface=ether1 chain=dstnat
-
/ip firewall nat add action=masquerade chain=srcnat out-interface=ether1
Correct Answer
A. /ip firewall nat add action=masquerade chain=srcnat out-interface=ether1Explanation
This command configures the router to mask the source IP address of packets leaving through ether1, which is necessary for outbound traffic from the 192.168.0.0/24 network. Using chain=srcnat ensures the rule applies to packets going out, and specifying out-interface=ether1 directs it to the correct interface.Rate this question:
-
- 6.
What Letter appear next to route, which is automatically created by ROS (RouterOS) when user adds a valid address to an active interface?
-
I
-
D
-
A
-
S
-
C
Correct Answer(s)
A. D
A. A
A. CExplanation
DAC adalah Direct - Active - ConnectedRate this question:
-
- 7.
Can you manually add drivers to RouterOS in case your PCI Ethernet card is not recognized, and it's a driver issue ?
-
Yes
-
No
Correct Answer
A. NoExplanation
Mikrotik menyediakan sebuah file supout.rif agar pengguna yang mempunyai keluhan pada driver komputernya dapat mengirimkannya pada tim mikrotik di latvia. Tujuannya untuk menambah update agar driver tersupport di versi OS yang akan datangRate this question:
-
- 8.
For static routing functionality, additionally to the RouterOS system package, you will also need the following software package :
-
Routing
-
Dhcp
-
None
-
Advance-tools
Correct Answer
A. NoneExplanation
Secara default mikrotik telah ter-install packages system yang sudah tercakup static routingRate this question:
-
- 9.
Which are necessary section in /queue simple to set bandwith limitation ?
-
Target-address, max-limit, dst-address
-
Max-limit
-
Target-address, dst-address
-
Target-address, max limit
Correct Answer
A. Target-address, max limitExplanation
In order to set bandwidth limitation in the "/queue simple" section, the necessary sections are "target-address" and "max limit". The "target-address" section is used to specify the IP address or address range to which the bandwidth limitation will be applied. The "max limit" section is used to set the maximum allowed bandwidth for the specified target address.Rate this question:
-
- 10.
What protocol is used for Ping and Trace Route?
-
DHCP
-
IP
-
ICMP
-
TCP
-
UDP
Correct Answer
A. ICMPExplanation
ICMP (Internet Control Message Protocol) is the correct answer for the question. ICMP is a network protocol that is used for diagnostic and error reporting purposes. It is specifically designed for sending error messages and operational information about network conditions. Ping and Trace Route are two commonly used network troubleshooting tools, and both rely on ICMP to function. Ping uses ICMP Echo Request and Echo Reply messages to test the reachability of a host, while Trace Route uses ICMP Time Exceeded messages to determine the path taken by packets to reach a destination.Rate this question:
-
- 11.
From which of the following locations can you obtain Winbox?
-
Router webpage
-
Files menu in your router
-
Via the console cable
-
Mikrotik.com
Correct Answer(s)
A. Router webpage
A. Mikrotik.comExplanation
You can obtain Winbox from the router webpage or mikrotik.com. Winbox is a Windows-based utility that allows you to connect to and manage MikroTik routers. The router webpage is a common location to access and download Winbox, as it is typically provided by the router manufacturer. Alternatively, you can also obtain Winbox from the official MikroTik website, mikrotik.com, where they provide downloads for their software tools.Rate this question:
-
- 12.
Two Host, A and B, are connected to broadcast LAN. Select all the answer showing pairs of IP address/mask which would allow IP connections to be established between the two hosts
-
A: 10.1.2.66/25 and B:10.1.2.109/26
-
A: 10.2.2.1/23 and B: 10.2.0.1/22
-
A: 10.1.2.192/24 and B: 10.1.2.129/26
-
A: 10.2.1.0/23 and B: 10.2.0.1/22
Correct Answer
A. A: 10.1.2.192/24 and B: 10.1.2.129/26Explanation
In order for IP connections to be established between two hosts, their IP addresses must be in the same network. The IP address and subnet mask determine the network range.
In the given answer, Host A has an IP address of 10.1.2.192 with a subnet mask of /24, which means the network range is from 10.1.2.0 to 10.1.2.255.
Host B has an IP address of 10.1.2.129 with a subnet mask of /26, which means the network range is from 10.1.2.128 to 10.1.2.191.
Since both hosts have IP addresses within the same network range (10.1.2.0 to 10.1.2.255), IP connections can be established between them.Rate this question:
-
- 13.
Why is it useful to set a Radio Name on the radio interfaces?
-
To identify a station in a list of connected clients
-
To identify a station in the Access List
-
To identify a station in Neighbor discovery
Correct Answer
A. To identify a station in Neighbor discoveryExplanation
Setting a Radio Name on the radio interfaces is useful in order to identify a station during the process of Neighbor discovery. Neighbor discovery is a protocol used in networking to identify and establish connections with neighboring devices. By setting a Radio Name, the station can be easily recognized and differentiated from other devices during the neighbor discovery process. This helps in efficient communication and management of the network.Rate this question:
-
- 14.
What kind of users are listed in the Secrets window of the PPP menu?
-
PPTP users
-
Winbox users
-
L2TP users
-
Wireless users
-
PPPOE users
-
Hotspot users
Correct Answer(s)
A. PPTP users
A. L2TP users
A. PPPOE usersExplanation
The Secrets window in the PPP menu lists PPTP users, L2TP users, and PPPOE users. This means that the Secrets window displays the information and settings for users who are using PPTP, L2TP, and PPPOE protocols to connect to the network. It does not list Winbox users, wireless users, or hotspot users, as these are different types of connections that are managed separately.Rate this question:
-
- 15.
Router A and B are both running as PPPoE servers on different broadcast domains of your network. Is it possible to set Router A to use "/ppp secret" accounts from Router B to authenticate PPPoE customers?
-
Yes
-
No
Correct Answer
A. NoExplanation
No, it is not possible to set Router A to use "/ppp secret" accounts from Router B to authenticate PPPoE customers. Each router running as a PPPoE server has its own set of "/ppp secret" accounts, which are used for authentication purposes. Router A cannot access the accounts from Router B, as they are in different broadcast domains. Each router must have its own separate set of accounts for authentication.Rate this question:
-
- 16.
Mikrotik RouterOS DHCP client can receive following options
-
Byte limit
-
IP Gateway
-
Rate Limit
-
Uptime Limit
-
IP Address and Subnet
Correct Answer(s)
A. IP Gateway
A. IP Address and SubnetExplanation
The Mikrotik RouterOS DHCP client can receive the IP Gateway and IP Address and Subnet options. These options are essential for the DHCP client to function properly. The IP Gateway option provides the gateway address that the client should use to access the internet or other networks. The IP Address and Subnet option provides the client with its own IP address and the subnet mask to determine the network range it belongs to. These options are crucial for establishing network connectivity and ensuring proper routing within the network.Rate this question:
-
- 17.
The hotspot feature can be used only on ethernet interfaces. You have to use a separate access point if you want to use this feature with wireless
-
Yes
-
No
Correct Answer
A. NoExplanation
The explanation for the given correct answer is that the hotspot feature is not limited to only ethernet interfaces, but it can also be used with wireless interfaces. Therefore, the statement provided in the question is incorrect.Rate this question:
-
- 18.
If you need to make sure that one computer in your Hotspot network can access the internet without Hotspot authentication, which menu allows you to do this?
-
Users
-
IP bindings
-
Walled-garden
-
Walled-garden IP
Correct Answer
A. IP bindingsExplanation
The correct answer is IP bindings. In a Hotspot network, IP bindings allow you to specify certain IP addresses or ranges that are exempt from Hotspot authentication. By adding the IP address of the computer that needs to access the internet without authentication to the IP bindings list, you can ensure that it can bypass the authentication process and connect directly to the internet.Rate this question:
-
- 19.
How many different priorities can be selected for queues in Mikrotik RouterOS?
-
8
-
16
-
0
-
1
Correct Answer
A. 8Explanation
There are 8 different priorities that can be selected for queues in Mikrotik RouterOS.Rate this question:
-
- 20.
Which default route will be active?/ip routeadd disabled=no distance=10 dst-address=0.0.0.0/0 gateway=1.1.1.1add disabled=no distance=5 dst-address=0.0.0.0/0 gateway=2.2.2.2
-
Route via gateway 1.1.1.1
-
Route via gateway 2.2.2.2
Correct Answer
A. Route via gateway 2.2.2.2Explanation
The correct answer is "Route via gateway 2.2.2.2" because the second route has a lower distance value (5) compared to the first route (10). In routing, the distance metric determines the preference of a route, with lower values being more preferred. Therefore, the route with a distance of 5 will be active as the default route.Rate this question:
-
- 21.
How long is level 1 (demo) license valid?
-
24 hours
-
Infinite time
-
1 month
-
1 year
Correct Answer
A. 1 monthExplanation
A Level 1 (demo) license typically serves as a trial version for users to test software before purchasing a full license. This type of license is often valid for 1 month, providing ample time to evaluate the software's features and performance. This duration balances convenience with the need for eventual purchase decisions.Rate this question:
-
- 22.
Manakah fakta yang benar mengenai file backup?
-
Termasuk file yang tersimpan di /files
-
Bisa diedit
-
Termasuk username dan password dari /user
-
Mencakup seluruh konfigurasi router
Correct Answer(s)
A. Termasuk file yang tersimpan di /files
A. Mencakup seluruh konfigurasi routerExplanation
The correct answer is "Termasuk file yang tersimpan di /files" and "Mencakup seluruh konfigurasi router". This means that backup files include those stored in the /files directory and they also contain the entire configuration of the router. This suggests that backup files not only include user files but also important system files and settings related to the router.Rate this question:
-
- 23.
NStreme works only on 40mhz Channel width
-
True
-
False
Correct Answer
A. FalseExplanation
NStreme does not work only on 40MHz channel width. NStreme is a proprietary wireless protocol developed by MikroTik that is designed to improve wireless performance and efficiency. It can be used with various channel widths, including 20MHz, 40MHz, and even 80MHz in some cases. Therefore, the statement that NStreme works only on 40MHz channel width is incorrect.Rate this question:
-
- 24.
To make all DNS request coming from your network to resolve on your router (regardless of clients configuration), which action would you specify for the DST-NAT rule?
-
Masquerade
-
Dst-nat
-
You can't use DST-NAT to achieve this
-
Redirect
Correct Answer
A. RedirectExplanation
The correct answer is "redirect." By specifying the "redirect" action for the DST-NAT rule, all DNS requests originating from the network will be redirected to the router, regardless of the clients' configuration. This allows the router to handle the DNS resolution for the network. The "masquerade" action is used for source NAT, not for redirecting DNS requests. The statement "you can't use DST-NAT to achieve this" is incorrect, as redirecting DNS requests is indeed possible using the DST-NAT rule.Rate this question:
-
- 25.
The first two rules in the forward chain of the filter table are :/ip firewall filter add chain=forward connection-state=established action=accept/ip firewall filter add chain=forward connection-state=invalid action=dropconnection-state=related packets are not filtered by the rules above
-
True
-
False
Correct Answer
A. TrueExplanation
The first two rules in the forward chain of the filter table are specifically designed to handle established and invalid connection states. The "connection-state=established" rule allows any established connections to pass through, while the "connection-state=invalid" rule drops any packets with invalid connection states. Since the "connection-state=related" packets are not explicitly mentioned in these rules, they are not filtered and can pass through. Therefore, the statement that "connection-state=related packets are not filtered by the rules above" is true.Rate this question:
-
- 26.
/interface wireless access list is used for
-
Shows a list of Client's MAC address that are already registered at AP
-
Authenticate Hotspot users
-
Handles a list of Client's MAC Address to permit/deny connection to AP
-
Contains the security profiles settings
Correct Answer
A. Shows a list of Client's MAC address that are already registered at APExplanation
The /interface wireless access list is used to show a list of Client's MAC addresses that are already registered at the AP. It does not handle authentication or security profiles settings, but rather provides a way to view the MAC addresses of clients that are allowed to connect to the AP.Rate this question:
-
- 27.
In case when router login password is lostm it is necessary to reinstall RouterOS or use hardware reset function.
-
True
-
False
Correct Answer
A. TrueExplanation
If the router login password is lost, reinstalling RouterOS or using the hardware reset function is necessary. This means that if the password is forgotten or cannot be recovered, the only way to regain access to the router is to either reinstall the operating system or perform a hardware reset. This is because the password is essential for logging into the router's administrative interface, and without it, alternative methods must be used to regain control of the device. Therefore, the statement is true.Rate this question:
-
- 28.
Possible actions of ip firewall filter are:
-
Tarpit
-
Tarp
-
Bounce
-
Add-to-address-list
-
Log
-
Accept
Correct Answer(s)
A. Tarpit
A. Add-to-address-list
A. Log
A. AcceptExplanation
The possible actions of the IP firewall filter include tarpit, add-to-address-list, log, and accept.
A tarpit action is used to slow down the connection of an attacker, making it difficult for them to continue their malicious activities.
The add-to-address-list action allows the firewall to add the source IP address of a packet to a specified address list, which can be used for further filtering or blocking.
The log action logs information about the packet, such as source and destination IP addresses, protocol, and port numbers.
The accept action allows the packet to pass through the firewall without any further processing.Rate this question:
-
- 29.
Which software version can be installed onto the following RouterBoard types?
-
Routeros-x86-x.xx.npk on a RB1100
-
Routeros-mipsbe-x.xx.npk on a RB133
-
Routeros-mipsle-x.xx.npk on a RB133
-
Routeros-powerpc-x.xx.npk on a RB333
-
Routeros-mipsbe-x.xx.npk on a RB433
Correct Answer(s)
A. Routeros-mipsle-x.xx.npk on a RB133
A. Routeros-mipsbe-x.xx.npk on a RB433Explanation
The software version "routeros-mipsle-x.xx.npk" can be installed on a RB133 router, while the software version "routeros-mipsbe-x.xx.npk" can be installed on a RB433 router.Rate this question:
-
- 30.
PPP Secrets are used for
-
L2TP clients
-
Router users
-
PPTP clients
-
PPP clients
-
IPSec clients
-
PPPoE clients
Correct Answer(s)
A. L2TP clients
A. PPTP clients
A. PPP clients
A. PPPoE clientsExplanation
PPP Secrets are used for authentication and authorization purposes in PPP (Point-to-Point Protocol) connections. L2TP (Layer 2 Tunneling Protocol), PPTP (Point-to-Point Tunneling Protocol), PPP (Point-to-Point Protocol), and PPPoE (Point-to-Point Protocol over Ethernet) are all different protocols that utilize PPP for establishing and managing connections. Therefore, PPP Secrets are used to authenticate and authorize clients using these protocols. Router users and IPSec clients are not mentioned in the options, so they are not relevant to this question.Rate this question:
-
- 31.
WPA 2 Pre Shared key (PSK) is enabled on AP, all your clients have to use the same PSK. Only Virtual AP could be used to allow clients to connect with a different PSK.
-
True
-
False
Correct Answer
A. FalseExplanation
This statement is false because WPA2-PSK allows each client to have its own unique pre-shared key. The pre-shared key is entered manually on each client device, allowing them to authenticate and connect to the access point. Virtual APs are not necessary for clients to have different pre-shared keys.Rate this question:
-
- 32.
Which of the following actions are available for '/ip firewall mangle' (select all valid actions)
-
Change MSS
-
Mark connection
-
Accept
-
Jump
-
Drop
-
Mark packet
Correct Answer(s)
A. Change MSS
A. Mark connection
A. Accept
A. Jump
A. Mark packetExplanation
The '/ip firewall mangle' command in MikroTik RouterOS provides various actions to manipulate packets. The available actions in this case are: Change MSS, mark connection, accept, jump, and mark packet. These actions allow the user to modify the Maximum Segment Size (MSS), mark connections, accept packets, jump to another rule, and mark individual packets for further processing. The 'drop' action, which was not mentioned in the answer, is not available for '/ip firewall mangle'.Rate this question:
-
- 33.
You need to set up an E1(T1) connection with PPP configured. Which License Level is needed?
-
Level 4
-
It cannot be done in RouterOS
-
Level 5
Correct Answer
A. It cannot be done in RouterOS -
- 34.
You have a router with configuration-Public IP : 202.168.125.45/24-Default Gateway : 202.1687.125.1-DNS Server : 248.115.148.136, 248.115.148.137-Local IP : 192.168.2.1/24Mark the connection configuration on client PC to access to the internet
-
IP:192.168.2.115/24 gateway:192.168.2.1
-
IP:192.168.0.1/24 gateway:192.168.2.1
-
IP:192.168.1.223/24 gateway:248.115.148.136
-
IP:192.168.2.253/24 gateway:202.168.0.1
Correct Answer
A. IP:192.168.2.115/24 gateway:192.168.2.1Explanation
The correct answer is IP:192.168.2.115/24 gateway:192.168.2.1. This is the correct configuration because the client PC is on the same subnet as the router's local IP address. The IP address 192.168.2.1 is the default gateway for the client PC to access the internet.Rate this question:
-
- 35.
An IP address pool can contain address from more than one subnet
-
True
-
False
Correct Answer
A. TrueExplanation
An IP address pool can contain addresses from more than one subnet because a subnet is a range of IP addresses that are part of a larger network. By having multiple subnets within an IP address pool, different groups of devices can be assigned IP addresses from different subnets, allowing for better organization and management of network resources. This also enables more efficient allocation of IP addresses, as the pool can be expanded or adjusted to accommodate the needs of different subnets within the network.Rate this question:
-
- 36.
Which features are removed when advanced-tools packages is uninstalled?
-
Neighbors
-
Ip-scan
-
Netwatch
-
LCD support
-
Ping
-
Bandwith-test
Correct Answer(s)
A. Neighbors
A. Netwatch
A. PingExplanation
When the advanced-tools package is uninstalled, the features that are removed are neighbors, netwatch, and ping.Rate this question:
-
- 37.
Rate Flapping can be avoided by
-
Choose larger channels (40 Mhz instead of 20 Mhz)
-
Reduce supported rates
-
Change ap-bridge to bridge
-
Set basic rates to only one data rate like 24 Mbps
Correct Answer
A. Reduce supported ratesExplanation
Reducing supported rates can help avoid rate flapping. Rate flapping occurs when a wireless device continuously switches between different data rates, causing instability and poor performance. By reducing the number of supported rates, the device will have fewer options to switch between, leading to a more stable connection. This can be achieved by configuring the device to only support a specific data rate, such as 24 Mbps, instead of allowing multiple rates.Rate this question:
-
- 38.
Mark possible connection states in the connection tracking table
-
Related
-
Invalid
-
Closed
-
Established
-
Syn
-
New
Correct Answer(s)
A. Related
A. Invalid
A. Established
A. NewExplanation
The correct answer includes the possible connection states that can be marked in the connection tracking table. The "Related" state indicates that the connection is related to an existing connection. The "Invalid" state signifies that the connection is invalid or has been terminated. The "Established" state indicates that the connection has been successfully established. The "New" state signifies a new connection that has been initiated. Therefore, the correct answer includes all these possible connection states.Rate this question:
-
- 39.
Impossible to delete admin user on user table mikrotik
-
True
-
False
Correct Answer
A. FalseExplanation
The given statement is "Impossible to delete admin user on user table mikrotik." The correct answer is False. This means that it is possible to delete the admin user on the user table of MikroTik. The statement implies that it is not possible to delete the admin user, but the correct answer contradicts this by stating that it is indeed possible.Rate this question:
-
- 40.
Which options should be used when you want to prevent access from one spesific address to your router web interface?
-
Group setting for System users
-
Firewall Filter Chain Input
-
Firewall Filter Chain Forward
-
WWW service from IP Services
Correct Answer
A. Firewall Filter Chain InputExplanation
The correct answer is "Firewall Filter Chain Input." This option should be used when you want to prevent access from one specific address to your router web interface. The Firewall Filter Chain Input is a set of rules that are applied to incoming traffic, allowing you to control and filter the packets that are allowed to enter your router. By configuring the Firewall Filter Chain Input, you can block access from a specific IP address to your router's web interface, ensuring that only authorized users can access it.Rate this question:
-
- 41.
Which is a default baud-rate of currently manufactured RouterBOARDs?
-
115200
-
8291
-
11520
-
3128
Correct Answer
A. 115200Explanation
The default baud-rate of currently manufactured RouterBOARDs is 115200.Rate this question:
-
- 42.
Which queue-type is suitable for congested environment but not good on UDP?
-
PCQ
-
BFIFO
-
PFIFO
-
RED
-
SCQ
Correct Answer
A. REDExplanation
RED (Random Early Detection) is a queue-type that is suitable for a congested environment because it helps to prevent congestion by dropping packets before the queue becomes completely full. However, it is not good on UDP (User Datagram Protocol) because UDP does not have built-in congestion control mechanisms, and RED relies on TCP's congestion control mechanisms to work effectively. Therefore, RED may drop UDP packets unnecessarily, leading to potential performance issues for UDP-based applications.Rate this question:
-
Quiz Review Timeline (Updated): Sep 1, 2024 +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
-
Current Version
-
Sep 01, 2024Quiz Edited by
ProProfs Editorial Team -
Nov 12, 2018Quiz Created by
Masfirman
Back to top