MTCNA
masquerade hotspot network
chain=srcnat action=masquerade src-address=10.5.50.0/24
[admin@MikroTik] /ip firewall nat>
Report Card
Total Questions Attempted: 0
Correct Answers: 0
Wrong Answers: 0
--
What does the passive command provide to dynamic routing protocols?
A. Stops an interface from sending or receiving periodic dynamic updates.
B. Stops the router from sending any dynamic updates.
C. Stops an interface from sending periodic dynamic updates but not from receiving updates.
D. Stops the router from receiving any dynamic updates.
Alasan:
The passive command, short for passive-interface, stops regular updates from being sent out an interface. However, the interface can still receive updates.
What configuration is added by /ip Hot-Spot setup command? (select all that apply)
A. /ip Hot-Spot user
B. /ip dhcp-server
C. /queue tree
D. /ip service
E. /ip Hot-Spot walled-garden
Alasan
[admin@MikroTik] /ip hotspot> print
Flags: X - disabled, I - invalid, S - HTTPS
# NAME INTERFACE ADDRESS-POOL PROFILE IDLE-TIMEOUT
0 hotspot1 ether3 hs-pool-3 hsprof1 5m
[admin@MikroTik] /ip hotspot>
[admin@MikroTik] /ip pool> print
# NAME RANGES
0 hs-pool-3 10.5.50.2-10.5.50.254
[admin@MikroTik] /ip pool> /ip dhcp-server
[admin@MikroTik] /ip dhcp-server> print
Flags: X - disabled, I - invalid
# NAME INTERFACE RELAY ADDRESS-POOL LEASE-TIME ADD-ARP
0 dhcp1 ether3 hs-pool-3 1h
[admin@MikroTik] /ip dhcp-server> /ip firewall nat
[admin@MikroTik] /ip firewall nat> print
Flags: X - disabled, I - invalid, D - dynamic
0 X ;;; place hotspot rules here
chain=unused-hs-chain action=passthrough
1 ;;; masquerade hotspot network
chain=srcnat action=masquerade src-address=10.5.50.0/24
[admin@MikroTik] /ip firewall nat>
/ip hotspot user
/ip hotspot profile
/ip hotspot ip-binding
Which are necessary sections in /queue simple to set bandwidth limitation?
A. target-address, dst-address, max-limit
B. target-address, max-limit
C. max-limit
D. target-address, dst-address
Alasan:
Firewall NAT rules process only the first packet of each connection.
A. False
B. True
Alasan:
not only
Which protocol does Ping use?
A. TCP
B. BootP
C. ICMP
D. ARP
Alasan
ICMP is probably most well known as the message protocol used for the ping command. A ping command sends an ICMP echo request to the target host.
What protocol is used for Ping and Trace route?
A. UDP - trace route
B. IP
C. ICMP - ping
D. TCP
E. DHCP
Alasan:
UDP traceroute is similar to ICMP traceroute in the fact that it plays with the TTL field in the IP header. In a UDP traceroute, the client transmits a simple UDP packet to an invalid destination port value.
The basic unit of a physical network (OSI Layer 1) is the:
A. Byte
B. Bit
C. Frame
D. Header
Alasan
What kind of users are listed in the Secrets window of the PPP menu?
A. winbox users
B. pppoe users
C. wireless users
D. l2tp users
E. pptp users
F. Hot-Spot users
Alasannya
ada PPP, PPTP, L2TP, PPP0E,
What menus should be used to allow certain websites to be accessed from behind a Hot-Spot interface, without client authentication
A. ip Hot-Spot walled-garden
B. ip Hot-Spot profile
C. ip Hot-Spot ip-binding
D. ip Hot-Spot walled-garden ip
Alasan:
HTTP walled-garden menu permits authentication bypass settings for HTTP and HTTPs resources.
IP > Hotspot > Walled Garden
What is necessary for PPPoE client configuration?
A. ip firewall nat masquerade rule
B. Static IP address on PPPoE client interface
C. Interface (on which PPPoE client is going to work)
Alasan
How long is level 1 (demo) license valid?
A. 24 Hour
B. 1 month
C. Infinite time
D. 1 year
Yang dimaksudkan lama valid digunakannya bukan lama penggunaan
Which of the following are layers in the TCP/IP model?
Application
Session
Transport
Internet
Data Link
Physical
A. 1, 3 and 4
B. 3, 4 and 5
C. 2, 3 and 5
D. 1 and 2
alasan
Which of the following keystrokes enables safe mode in console:
A. Ctrl+x
B. Ctrl+s
C. Ctrl+d
D. Ctrl+c
alasan
Control-C
keyboard interrupt.
Control-D
log out (if input line is empty)
Control-K
clear from cursor to the end of line
Control-X
toggle safe mode
Control-V
toggle hotlock mode mode
What is a stub network?
A. A network that has only one entry and exit point.
B. A network with only one entry and no exit point.
C. A network with more than one exit point.
D. A network with more than one exit and entry point.
Collisions are possible in fullduplex Ethernet networks
A. true
B. false
What is the correct action for a NAT rule on a router that should intercept SMTP traffic and send it over to a specified mail server?
A. passthrough
B. tarpit
C. dst-nat
d. redirect
Alasan
intercept itu artinya mencegat/ memblok.
To a particular Mail Server, meaning the mail server is outside the proxy itself, then the action that can be used is dst-nat
Untuk Mail Server tertentu, artinya mail server berada di luar proxy itu sendiri, maka action yang bisa digunakan adalah dst-nat
What is the correct action to be specified in the NAT rule to hide a private network when communicating to the outside world?
A. tarpit
B. passthrough
C. allow
D. masquerade
Alasan
NAT Action (6 specific action NAT)
dst-nat and redirect
src-nat and masquarade
netmap
same
Action “masquerade” changes packet’s source address router’s address and specified port
This action can take place only in chain srcnat
Typical application: hide specific LAN resources behind one dynamic public IP address
How many layers does Open Systems Interconnection model have?
A. 5
B. 7
C. 6
D. 9
E. 12
MAC layer by OSI model is also known as
A. Layer 1
B. Layer 2
C. Layer 7
D. Layer 6
E. Layer 3
Alasan:
There are two routes in the routing table:
0 dst-addr=10.1.1.0/24 gateway=5.5.5.5
1 dst-addr=10.1.1.4/30 gateway=5.6.6.6
Which gateway will be used to get to the IP address 10.1.1.6?
A. the required route is not in the routing table
B. both - half of the traffic will be routed through one gateway, half through the other
C. 5.5.5.5
D. 5.6.6.6
What are the two main types of access control lists (ACLs)?
1.Standard
2.IEEE
3.Extended
4.Specialized
A. 1 and 3
B. 1 and 2
C. 3 and 4
D. 2 and 4
alasan:
For user in local PPP Secrets/PPP Profiles database, it is possible to
A. Deny services (like telnet) only for this user or for one group of users
B. Allow login by PPPoE and PPTP, but deny login by L2TP
C. Allow/deny use of more than one login by this user
D. Set max values for transferred data (Rx/Tx)
E. Allow only PPPoE login
Which is the default port of IP-Winbox?
A. TCP 8291
B. TCP 80
C. UDP 8291
D. TCP 8192
On the Wireless path with mode = ap-bridge. According to tool constraints, what is the maximum number of clients that can be connected to it?
A. 2012
B. 2048
C. 1024
D. 2007
The router's firewall rules are:
/ ip firewall filter add chain = forward action = jump jump-target = custom
/ ip firewall filter add chain = custom action = passthrough
/ ip firewall filter add chain = forward action = log
When traffic reaches the end of 'chain = custom'. What will happen next?
A. Traffic will continue in the chain = forward action = log
B. Traffic will be accepted in the chain = custom
C. Traffic will be dropped in the chain = custom
alasan:
jawabannya A, end chain
Where should you upload the new MikroTik RouterOS package package to upgrade the router?
A. Any directory in / files
B. FTP the root directory or / files directory of the router
C. System Backup menu
D. System Package menu
alasan: b
Discussion: Router OS Mikrotik Firmware must be placed / uploaded to the outermost folder or commonly called the root folder so that it can be read by the proxy system and upgraded.
