------------------------------

DAY 1
------------------------------

1. Which is the default port of IP-Winbox?

A. UDP 8291
B. TCP 80
C. TCP 8291 !
D. TCP 8192

2. How long is level 1 (free) license valid?

A. 1 month
B. 24 hours
C. 1 year
D. Infinite time !

3. For static routing functionality, additionally to the RouterOS 'system' package,

you will also need the following software package:
A. no extra package required !
B. advanced-tools
C. routing
D. dhcp

4.Select minimal set of software packages in RouteOS required to configuring a

wireless AP(multiple choice)

A.advanced-tools
B.routing
C.system !
D.dhcp
E.wireless !

5. Which features are removed when advanced-tools package is uninstalled?(multiple

choice)

A. neighbors
B. LCD support
C. ip-scan !
D. ping
E. netwatch !
F. bandwidth-test

6. In which situations Netinstall can not be used to install RouterOS on a

RouterBOARD?

A. The router does not have an operating system!

B. The password of the router is not known!
C. The router is connected only to a wireless network
D. The router is connected only to a secondary port

7. What kind of users are listed in the "/user" menu?

A. router users !
B. wireless users
C. hotspot users
D. pptp users
8. Which is a default baud-rate of currently manufactured RouterBOARDs?

A. 9600
B. 115200 !
C. 38400
D. 11520

9. Which of the protocols below is used by Netinstall?

A. arp
B. bootp !
C. dhcp
D. rarp

10. You want to transfer existing '/ip firewall filter' configuration from one
router to a new system. Choose the best possible way to do:

A. Export global configuration and remove everything apart from '/ip firewall
filter'
B. Export only '/ip firewall filter' !
C. Create backup, edit backup file and restore on target router
D. Create backup only of '/ip firewall filter' rules

11. Mark all correct statements about /export (rsc file)? (multiple choice)
a. Exports logs from /log print
b. Exports full configuration of the router
c. Exports only part of the configuration (for example /ip firewall) !
d. Exports scripts from /system !
e. Exports files could not edited

------------------------------
DAY 2
------------------------------

12.Possible actions of ip firewall filter are: (multiple choice)

A.bounce
B.log !
C.accept !
D.tarp
E.add-to-list
F.Tarpit !

13. Destination NAT (chain dstnat, action dst-nat) can be used to: (multiple
choice)

A. Change destination port !

B. Direct users from the Internet to a server within your local network !
C. Change source port
D. Hide your local network from the Internet

14. Action=redirect allows you to make (multiple choice)

A. Transparent DNS Cache !

B. Forward DNS to another device IP address
C. Enable Local Service
D. Transparent HTTP Proxy !

15. What is the correct action to be specified in the NAT rule to hide a private
network when communicating to the outside world?

A. masquerade !
B. allow
C. passthrough
D. tarpit

16. What is the correct action for a NAT rule on a router that should intercept
SMTP traffic and send it over to a specified mail server?

A. tarpit
B. dst-nat !
C. passthrough
D. redirect

17. What does the firewall action "Redirect" do? Select all true statements.
(multiple choice)

A. Redirects a packet to a specified port on the router !

B. Redirects a packet to a specified IP ?
C. Redirects a packet to the router !
D. Redirects a packet to a specified port on a host in the network ?

18. It is required to make a web server on a private LAN visible on the Public
Internet. Only the web server port should be visible to the public. Which of the
following configuration steps must be met. (select all that apply) (multiple
choice)

A. Public IP address of the webserver must be installed on the NAT Router

B. A route between the NAT Router and the webserver must exist !
C. Connection Tracking must be enabled on NAT router !
D. in ip firewall NAT there should be a dst-nat between the public ip of the router
and the private ip of the webserver !
E. LAN address of the webserver should be routable on the internet

19. What is marked by connection-state=established matcher?

A. Packet belongs to an existing connection,for example a reply packet or a packet

which belongs to already replied connection !
B. Packet is related to, but not part of an existing connection
C. Packet does not correspond to any known connection
D. Packet begins a new TCP connection

20. During a scan, in order to see all the available wireless frequencies that are
supported by the card, the following option must be selected in the wireless card's
"Frequency Mode":

A. superchannel !
B. regulatory domain
C. manual txpower

21. Is it possible to limit how many clients are able to connect to an access
point?
A. No it's not possible at all
B. Yes, but only with access-lists
C. Yes !
22. In which order are the entries in Access List and Connect List processed?

A. By Signal Strength Range

B. In sequence order !
C. In a random order
D. By interface name

23. /interface wireless access-list is used for

A. Handles a list of Client's MAC Address to permit/deny connection to AP !

B. Shows a list of Client's MAC Address that are already registered at AP
C. Contains the security profiles settings
D. Authenticate Hotspot users

24. What is the minimal possible wireless configuration to create an Access Point?

A. DFS mode
B. WDS
C. scan-list
D. radio name
E. mode !
F. frequency!
G. band!
H. ssid!

24. Which option in the configuration of a wireless card must be disabled to cause
the router to permit ONLY known clients listed in the access list to connect?

A. Security Profile
B. Default Forward
C. Enable Access List
D. Default Authenticate !

25. To block communications between wireless clients connected to the same access
point interface, you should set

A. 'default-forwarding=no' !
B. 'max-station-count=1'
C. 'default-authentication=no'
D. 'default-authentication=no' and 'default-forwarding=no'

26. How many wireless clients can connect, when wireless card is configured to
mode=bridge ?
A. 1 !
B. 100
C. 2007
D. 2

------------------------------
DAY 3
------------------------------

27. When viewing the routes in Winbox, some routes will show "DAC" in the first
column. These flags mean:

A. Dynamic, Active, Console

B. Dynamic, Active, Connected !
C. Direct, Available, Connected
D. Dynamic, Available, Created

28. Which of the following Routes statuses are possible?

A. A = Active !
B. C = Connected
C. S = Static !
D. D = Drop

29. In the Route List, the identification DAb for a route stands for
A. direct - active - bgp
B. direct - acknowledge - backup
C. dynamic - active - backup
D. dynamic - active - bgp !

30. A routing table has following entries:

0 dst-address=10.0.0.0/24 gateway=10.1.5.126
1 dst-address=10.1.5.0/24 gateway=10.1.1.1 distance 1
2 dst-address=10.1.0.0/24 gateway=25.1.1.1
3 dst-address=10.1.5.0/25 gateway=10.1.1.2 distance 2
4 dst-address=0.0.0.0/0 gateway=1.1.1.1

Which gateway will be used for a packet with destination address 10.1.5.126?

A. 10.1.1.1
B. 10.1.5.126
C. 10.1.1.2 !
D. 25.1.1.1

31. When using routing option 'check-gateway=ping' after how many timeouts is
gateway considered unreachable:

A. 4
B. 1
C. 2 !
D. 3

32.When using routing option 'check-gateway=ping' what is the ICMP echo request
interval (in seconds)?

A. 30s
B. 20s
C. 10s !
D. 60s

33.The 'check-gateway' option is enabled for one route. Select all statements that
are true:

A.In case of failure of the gateway, routes pointing to that gateway will become
inactive !
B.Gateway is checked every 10 seconds and after 2 failures, the gateway is
considered unreacheable !
C.Gateway is checked every 10 seconds and after a single failure, the gateway is
considered unreacheable
D.Check gateway option can be configured for Ping, ARP and RARP (reverse ARP)

34. Simple Queue number 0 defines 2M for upload and download for target IP
10.10.0.33.
Simple Queue number 1 defines 4M for upload and download for target IP
10.10.0.33.
Client 10.10.0.33 is be able to obtain

A. 6M upload/download
B. 0M upload/download
C. 4M upload/download
D. 2M upload/download !

35. The highest queue priority is

A. 1 !
B. 256
C. 16
D. 8

36. How many different priorities can be selected for queues in MikroTik RouterOS?
A. 16
B. 1
C. 8 !
D. 0

37. PPP Secrets are used for

A. PPPoE clients !
B. L2TP clients !
C. IPSec clients
D. PPP clients
E. PPtP clients !
F. Router users

38. Which port does PPTP use by default?

A. TCP 1721
B. TCP 1723 !
C. UDP 1723
D. UDP 1721

39. What can be used as ’target-address’ in the simple queue?

A. client’s MAC address

B. server’s address !
C. address list name
D. client’s address !

40. In RouterOS queue configurations the word "total" usually represents

A. download - upload
B. upload
C. upload + download !
D. Download

41. You want to use PCQ and allow 256k maximum download and upload for each client.
Choose correct argument values for the required queue.

A. kind=pcq pcq-rate=256000 pcq-classifier=src-address !

B. kind=pcq pcq-rate=1256000 pcq-classifier=dst-address
C. kind=pcq pcq-rate=256000 pcq-classifier=dst-address !
D. kind=pcq pcq-rate=5000000 pcq-classifier=src-address
E. kind=pcq pcq-rate=5000000 pcq-classifier=dst-address

17. A DHCP server is configured on a LAN interface which is a port on a bridge. The
DHCP server does not start. What could be the reason(s)?

A. The DHCP server can not run on an interface which is also a bridge port !
B. There might not be an IP address assigned to the LAN Interface
C. The IP address pool could be incorrectly defined
D. There may be multiple IP addresses set on the LAN interface

13. Mark all the features that can be used for limiting client registrations to
your access point:
A. registration-table
B. connect-list
C. access-list !
D. wpa

1. Select statements that are true regarding the following command:

/ip route add dst-address=172.16.4.0/24 gateway=192.168.4.2

A. The default administrative distance of 100 is used

B. The subnet mask for the destination network is 255.255.255.0 !

C. The command is used to configure the default route

D. The command is used to establish a static route !

5. A RouterBOARD clock is configured In '/system clock'. The clock resets to

default after each reboot.
Select the best solution for the problem.

A. Open the router and ensure the CMOS battery is fine

B. Configure '/system ntp server‘ and set a valid and reachable NTP dient address

C. Write a script in '/systom script' to sot tho clock

D. Configure '/system ntp client' and sot a valid and reachable NTP server
address !

8. To set up masquerading of the network 192.168.0.0/24, configured on the

interface ether1, you should add rule

A. /ip firewall nat add chain=dstnat out-interface=ether1 src-

address=192.168.0.0/24
action=masquerade
B. /ip firewall nat add chain=dstnat in-interface=ether1 srcoaddress=192.168.0.0/24
action=masquorado
C. /ip firewall nat add chain=srcnat src-address=192.168.1.0/24 action=masquerade
D. /ip firewall nat add chain=srcnat src—address=192.168.0.0/24
action=masquerade !

16. Which type of encryption could be used to establish a connection with a simple
passkey without using a 802.1X authentication server?
A. WPA PSK/WPA2 PSK !
B. WPA EAP/WPA2 EAP

what action should be used to inform source that packets reached destinantion ,
buat was note accepted ?
a. action=drop
b. action=accept
c. action=tarpit
d. action=reject !

if packet comes to a router and starts a new previosly unseen connection, which
connection state would be applied to it ?
a. unknown
b. invalid
c. new !
d. established
e. no connection state would be applied to such packet

you can control bandwidth of a client connected to ap with the resouce /interface
wireless access-list (asume the client uses mikrotik router os )
a. true
b. false !

MikroTik RouterOS commands can be run once a day by:

a. /system scheduler !
b. /system cron
c. /system watchdog

if arp=reply-only is configured on an interface, this interface will

a. accept ip and mac address combination listed in '/ip arp' list !
b. accept all ip addresses listed in '/ip arp' as static entries
c. add new mac addresses in '/ip arp' lis
d. accept all mac-addreses listed in '/ip arp' as static entries
e. add new ip addresesses in '/ip arp' list

What is necessary for PPPoE client configuration?

A. ip firewall nat masquerade rule

B. Interface (on which PPPoE client is going to work) !
C. Static IP address on PPPoE client interface
d. wireless interface configured as an access point

/iproute configuration on router,

/ip route add gateaway=192.168.0.1
/ip router add dst-address=192.168.1.0/24 gateaway=192.168.0.2
/ip router add dst-address=192.168.2.0/24 gateaway=192.168.0.3
/ip router add dst-address=192.168.3.0/26 gateaway=192.168.0.4

router needs to send packets to 192.168.3.240 which gateaway will be used

a. 192.168.0.4
b. 192.168.0.2
c. 192.168.0.3
d. 192.168.0.1 !