Latihan Exam MTCNA - 2

Poin total
38/100
Soal - soal ini berdasarkan dari soal MTCNA.
Soal bisa dikerjakan lebih dari 1x (tidak ada batasan jumlah tanggapan)
Soal - soal ini dimaksudkan untuk latihan dan untuk dipelajari.
Jawaban dari soal-soal ini belum tentu semuanya benar, apabila ada jawaban yang keliru, mohon
diberitahu pada kolom komentar di Classroom.
Selamat mengerjakan, semoga lulus ujian, dan semoga tetap istiqomah semangat belajarnya :)

Alamat email *
mtcna@gmail.com

1. Simple Queue number 0 defines 2M for upload and download for target IP 10.10.0.33. Simple
Queue number 1 defines 4M for upload and download for target IP 10.10.0.33. The maximum
bandwidth that the client 10.10.0.33 is be able to obtain is:
2/2
A. 0M upload/download
B. 4M upload/download
C. 6M upload/download
D. 2M upload/download

2. The 'check-gateway' option is enabled for one route. Select all statements that are true:
0/2
A. In case of failure of the gateway, routes pointing to that gateway will become inactive
B. Gateway is checked every 10 seconds and after 2 failures, the gateway is considered
unreacheable
C. Gateway is checked every 10 seconds and after a single failure, the gateway is considered
unreacheable
D. Check gateway option can be configured for Ping, ARP and RARP (reverse ARP)

Jawaban yang benar

A. In case of failure of the gateway, routes pointing to that gateway will become inactive
B. Gateway is checked every 10 seconds and after 2 failures, the gateway is considered
unreacheable

3. If ARP=reply-only is configured on an interface, tcarmehis interface will

0/2
A. accept all IP addresses listed in '/ip arp' as static entries
B. add new MAC addresses in '/ip arp' list
C. accept IP and MAC address combinations listed in '/ip arp' list
D. accept all MAC-addresses listed in '/ip arp' as static entries
E. add new IP addresses in '/ip arp' list

Jawaban yang benar

A. accept all IP addresses listed in '/ip arp' as static entries

4. What does the firewall action "Redirect" do? Select all true statements.
0/2
A. Redirects a packet to a specified IP
B. Redirects a packet to a specified port on a host in the network
C. Redirects a packet to the router
D. Redirects a packet to a specified port on the router

Jawaban yang benar

B. Redirects a packet to a specified port on a host in the network
D. Redirects a packet to a specified port on the router

5. Which of the following is true for connection tracking

0/2
A. Connection tracking must be enabled for NAT'ed network
B. Enabling connection tracking reduces CPU usage in RouterOS
C. Disable connection tracking for mangle to work
D. Connection tracking must be enabled to be able to use all firewall features

Jawaban yang benar

B. Enabling connection tracking reduces CPU usage in RouterOS
D. Connection tracking must be enabled to be able to use all firewall features

6. Your Company has been assigned a 172.16.25.0/25 network from your ISP. What are the possible
options to divide the network into subnets?
2/2
A. one /23 and one /27
B. four times /27
C. two times /24
D. two times /26

7. Which port does PPTP use by default?

2/2
A. TCP 1721
B. TCP 1723
C. UDP 1723
D. UDP 1721

8. Which of the following keystrokes enables safe mode in console:

0/2
A. Ctrl+x
B. Ctrl+c
C. Ctrl+d
D. Ctrl+s

Jawaban yang benar

A. Ctrl+x

9. It is required to make a web server residing on a private subnet in a LAN visible on the public
Internet. Only the web server port should be visible to the public. Which of the following configuration
steps must be met (select all that apply):
2/2
A. A route between the NAT Router and the web server must exist
B. LAN address of the web server should be routable on the Internet
C. Connection tracking must be enabled on the NAT router
D. In IP firewall NAT there should be a dst-nat between the public IP address of the router and the
private IP of the web server
E. Public IP address of the web server must be installed on the NAT Router

10. What is necessary for PPPoE client configuration?

0/2
A. Static IP address on PPPoE client interface
B. ip firewall nat masquerade rule
C. Interface (on which PPPoE client is going to work)
Jawaban yang benar
C. Interface (on which PPPoE client is going to work)

11. Which configuration menu should you use to change router's Winbox default port?
2/2
A. /ip firewall service-ports
B. /system resource
C. /ip firewall filter
D. /ip service

12. Simple Queue number 0 defines 2M for upload and download for target IP 10.10.0.33. Simple
Queue number 1 defines 4M for upload and download for target IP 10.10.0.33. Client 10.10.0.33 is be
able to obtain
2/2
A. 6M upload/download
B. 0M upload/download
C. 4M upload/download
D. 2M upload/download

13. When viewing the routes in Winbox, some routes will show "DAC" in the first column. These flags
mean:
2/2
A. Dynamic, Available, Created
B. Direct, Available, Connected
C. Dynamic, Active, Connected
D. Dynamic, Active, Console

14. Consider a wireless access point with mode=ap-bridge. What is the maximum number of
concurrent clients that can connect to it?
2/2
A. 2007

B. 2012
C. 2048
D. 1024

15. Where should you upload new MikroTik RouterOS version packages for upgrading router?
0/2
A. System Backup menu
B. Any directory in /files
C. FTP root directory or /files directory of the router
D. System Package menu

Jawaban yang benar

B. Any directory in /files

16.RouterOS log messages are stored on disk by default

0/2
1. True
2. False
Jawaban yang benar
False
17. Consider the following network diagram. In R1, you have the following configuration: /ip route add
dst-address=192.168.1.0/24 gateway=192.168.99.2 ||| /ip firewall nat add chain=srcnat out-
interface=Ether1 action=masquerade ||| On R2, if you wish to prevent all access to a server located
at 192.168.1.10 from LAN1 devices, which of the following rules would be needed?
0/2
Gambar Tanpa Teks
A. /ip firewall filter add chain=input src-address=192.168.99.1 dst-address=192.168.1.10 action=drop
B. /ip firewall nat add chain=dstnat src-address=192.168.99.1 dst-address=192.168.1.10 action=drop

C. /ip firewall filter add chain=forward src-address=192.168.99.1 dst-address=192.168.1.10

action=drop
D. /ip firewall filter add chain=forward src-address=192.168.0.0/24 dst-address=192.168.1.10
action=drop
Jawaban yang benar
D. /ip firewall filter add chain=forward src-address=192.168.0.0/24 dst-address=192.168.1.10
action=drop

18. Which is the default port of IP-Winbox?

2/2
A. UDP 8291
B. TCP 80
C. TCP 8291
D. TCP 8192

19. What kind of packet is marked by connection-state=established matcher?

2/2
A. Packet is related to, but not part of an existing connection
B. Packet belongs to an existing connection, for example a reply packet or a packet which belongs to
already replied connection
C. Packet does not correspond to any known connection
D. Packet begins a new TCP connection

20. There can be more than one PPPoE server in a single broadcast domain:
0/2
1. True
2. False

Jawaban yang benar

False

21. Why is it useful to set a Radio Name on the radio interface?

0/2
A. To identify a station in a list of connected clients
B. To identify a station in Neighbor discovery
C. To identify a station in the Access List:

Jawaban yang benar

B. To identify a station in Neighbor discovery

22. It is possible to create an encrypted PPPoE tunnel in RouterOS:

0/2
True
False

Jawaban yang benar

True

23. Consider the following diagram. We want to communicate from a device on LAN1 to a device on
LAN2. Assuming that all necessary configurations are already included on R2, which of the following
configurations in R1 would enable this communication?
0/2
Gambar Tanpa Teks
A. /ip route add dst-address=192.168.1.0/24 src-address=192.168.0.0/24 gateway=192.168.99.2
B. /ip route add dst-address=0.0.0.0/0 gateway=Ether1
C. /ip route add dst-address=192.168.0.0/24 gateway=192.168.0.1
D. /ip route add dst-address=192.168.1.0/24 gateway=192.168.99.2
E. /ip route add dst-address=0.0.0.0/0 gateway=192.168.99.2

Jawaban yang benar

D. /ip route add dst-address=192.168.1.0/24 gateway=192.168.99.2

24. What kind of users are listed in the "/user" menu?

0/2
A. router users
B. wireless users
C. hotspot users
D. pptp users

Jawaban yang benar

A. router users

25. You have a DHCP server on your MikroTik router. The IP addresses 10.1.2.2-10.2.2.20 are
distributed in the DHCP network. Additionally, 3 static IP address are defined for your servers:
10.1.2.31-10.1.2.33. After a while 20 more IP addresses need to be distributed in the network. It is
possible to distribute the extra IP address without adding another DHCP Server:
0/2
1. True

2. False
Jawaban yang benar
False

26. A routing table has following entries: 0 dst-address=10.0.0.0/24 gateway=10.1.5.126 1 dst-

address=10.1.5.0/24 gateway=10.1.1.1 2 dst-address=10.1.0.0/24 gateway=25.1.1.1 3 dst-
address=10.1.5.0/25 gateway=10.1.1.2 Which gateway will be used for a packet with destination
address 10.1.5.126?
0/2
A. 10.1.1.1
B. 10.1.5.126
C. 10.1.1.2
D. 25.1.1.1

Jawaban yang benar

C. 10.1.1.2

27. For static routing functionality, additionally to the RouterOS 'system' package, you will also need
the following software package:
2/2
A. no extra package required

B. advanced-tools
C. dhcp
D. routing

28. By default info, error and warning messages are logged into memory of your RouterOS device.
You can add logging of visited web-pages and other message topics
2/2
1. True
2. False

29. Which option in the configuration of a wireless card must be disabled to cause the router to permit
ONLY known clients listed in the access list to connect?
0/2
A. Security Profile
B. Default Forward
C. Enable Access List
D. Default Authenticate

Jawaban yang benar

C. Enable Access List

30. In the Route List, the identification DAb for a route stands for
2/2
A. dynamic - active - bgp
B. dynamic - active - backup
C. direct - acknowledge - backup
D. direct - active - bgp

31. Which of the following is used in standard 802.11 wireless networks?

0/2
A. CSMA/CA
B. CDMA
C. FDD
D. CSMA/CD

Jawaban yang benar

A. CSMA/CA

32. Which type of encryption could be used to establish a connection with a simple passkey without
using a 802.1X authentication server?
2/2
A. WPA EAP/WPA2 EAP
B. WPA PSK/WPA2 PSK

33. What can be used as "Target" in the simple queue?

2/2
A. Client IP address

B. Client MAC address

C. Address list name
D. Server IP address

34. Select minimal set of software packages in RouteOS required to configuring a wireless AP
0/2
A. advanced-tools
B. routing
C. system
D. dhcp
E. wireless

35. Jawaban yang benar

C. system
E. wireless

36. Router has wireless and ethernet client interfaces, all client interfaces are bridged. To create a
DHCP service for all clients, DHCP server must be configured on:
2/2
A. Ethernet and wireless interfaces
B. DHCP service is not possible in this setup
C. Only on the bridge interface

D. Every bridge port

37. Which of the following would prevent unknown clients from connecting to your AP? Choose the
BEST answer.
0/2
A. Uncheck 'Default Authenticate' in the wireless card configuration, and add each known client's
MAC address to your access-list configuration ensuring that you enable 'authenticate' in the entry
B. Uncheck 'Default Authenticate' in the wireless card configuration, and add each known client's
MAC address to your connect-list configuration
C. Configure the radius server under '/radius'
D. Add each known client's MAC address to your access-list configuration is the only step needed
E. Check the 'Do not permit unknown client' box in the wireless configuration

Jawaban yang benar

A. Uncheck 'Default Authenticate' in the wireless card configuration, and add each known client's
MAC address to your access-list configuration ensuring that you enable 'authenticate' in the entry

38. When viewing the routes in Winbox, some routes will show "DAC" in the first column. These flags
mean:
2/2
A. Dynamic, Available, Created
B. Dynamic, Active, Connected
C. Direct, Available, Connected
D. Dynamic, Active, Console

39. To apply bandwidth restrictions using Simple queue on traffic that travels from one bridge port to
another bridge port within the same bridge interface, following must be done:
0/2
A. Enable 'Use IP Firewall' in bridge settings
B. Use mangle to mark the connections
C. Configure an IP address on the bridge interface
D. Associate the Simple queue to the bridge interface

Jawaban yang benar

C. Configure an IP address on the bridge interface

40. Consider the following network diagram. In R1, you have the following configuration: /ip route add
dst-address=192.168.1.0/24 gateway=192.168.99.2 /ip firewall nat add chain=srcnat out-
interface=Ether1 action=masquerade On R2, if you wish to prevent all access to a server located at
192.168.1.10 from LAN1 devices, which of the following rules would be needed?
0/2
Gambar Tanpa Teks
A. /ip firewall filter add chain=forward src-address=192.168.99.1 dst-address=192.168.1.10
action=drop

B. /ip firewall filter add chain=forward src-address=192.168.0.0/24 dst-address=192.168.1.10

action=drop
C. /ip firewall filter add chain=input src-address=192.168.99.1 dst-address=192.168.1.10 action=drop
D. /ip firewall nat add chain=dstnat src-address=192.168.99.1 dst-address=192.168.1.10 action=drop
Jawaban yang benar
C. /ip firewall filter add chain=input src-address=192.168.99.1 dst-address=192.168.1.10 action=drop

41. What does the firewall action "log" do?

0/2
A. It logs and blocks the packet

B. It blocks and logs the packet

C. It adds a prefix to the packet and passes it through
D. It logs the packet

Jawaban yang benar

D. It logs the packet

42. Destination NAT (chain dstnat, action dst-nat) can be used to:
0/2
A. Change destination port
B. Direct users from the Internet to a server within your local network
C. Change source port
D. Hide your local network from the Internet

Jawaban yang benar

A. Change destination port

53. In RouterOS queue configurations the word "total" usually represents

2/2
A. download - upload
B. upload
C. upload + download

D. Download

44.In which order are the entries in Access List and Connect List processed?
0/2
A. By Signal Strength Range
B. In sequence order

C. In a random order
D. By interface name
Jawaban yang benar
D. By interface name

45. What is the meaning of the status letter "R" on a PPPoE client interface in RouterOS Interfaces
menu?
0/2
A. Running
B. Remote
C. Radius
D. Reconnecting
Jawaban yang benar
A. Running

46. Which is a default baud-rate of currently manufactured RouterBOARDs?

0/2
A. 9600
B. 115200
C. 38400
D. 11520

Jawaban yang benar

B. 115200

47. You can control bandwidth of a client connected to AP with the resource / interface wireless
access-list ( assume the client uses MikroTik RouterOS).
2/2
True
False

48. How long is level 1 (free) license valid?

0/2
A. Infinite time
B. 24 hours
C. 1 year
D. 1 month

Jawaban yang benar

B. 24 hours

49. When using routing option 'check-gateway=ping' after how many timeouts is gateway considered
unreachable:
0/2
A. 4
B. 1
C. 2
D. 3
Jawaban yang benar
C. 2

50. PPPoE server only works within one Ethernet broadcast domain that it is connected to. If there is
a router between server and end-user host, it will not be able to create PPPoE tunnel to that PPPoE
server.
0/2
1. True
2. False

Jawaban yang benar

False

51. Which firewall chain should you use to filter ICMP packets from the router itself?
0/2
A. input
B. postrouting
C. forward
D. output
Jawaban yang benar
A. input

keywods : latihan mtcna, soal mtcna, mikrotik, mikrotik academy