Soal Mtcna Pandu

1.
You want to transfer existing '/ip firewall filter' configuration from one router to a new
system. Choose the best possible way to do:
A. Export only '/ip firewall filter'
B. Create backup only of '/ip firewall filter' rules
C. Create backup, edit backup file and restore on target
router
D. Export global configuration and remove everything
apart from '/ip firewall filter'
Jawab :a
Penjelasan : karena untuk menambahkan nama fitur
tersebut untuk export yang lebh spesifik
ssss
2.
A. Five
B. One
C. Two
D. Unlimited
Jawab : b
Penjelasan ; setiap interface hanya mendappat jatah 1
untuk setiap interface
3. There are two routes in the routing table:

0 dst-addr=10.1.1.0/24 gateway=5.5.5.5
1 dst-addr=10.1.1.4/30 gateway=5.6.6.6
Which gateway will be used to get to the IP address 10.1.1.6?

A. both - half of the traffic will be routed through one
gateway, half through the other
B. 5.6.6.6
C. 5.5.5.5
D. the required route is not in the routing table
Jawab : b
Penjelasan : karena dia termasuk dalam range yang
sama dan juga paling spesifik
Jawaban yang A dan c tidak termasuk karena mereka
kurang spesifik,
4. A routing table has following entries:
0 dst-address=10.0.0.0/24 gateway=10.1.5.126
Which gateway will be used for a packet with destination address 10.1.5.126?
A. 10.1.5.126
B. 10.1.1.1
C. 10.1.1.2
D. 25.1.1.1
Jawab : c
Jawaban yang A,B dan D tidak termasuk karena
mereka kurang spesifik
5. Which port does PPTP use by default?

A. TCP 1721
B. UDP 1721
C. UDP 1723
D. TCP 1723
JAWAB :d
Penjelasan : karena port pptp berjalan pada tcp 1723
bukan udp
6. There are two wireless cards (wlan1 and wlan2) which are bridged together. On wlan1
card there is a setting "Forwarding=no". Choose the correct answer(s):
A. Stations on wlan2 will be able to communicate with
stations on wlan2
B. Stations on wlan2 will be able to communicate with
stations on wlan1
C. Stations on wlan1 will be able to communicate with
stations on wlan1
D. To prevent communication between wlan1 and
wlan2 one cannot use Bridge Filters
E. Stations on wlan1 will be able to communicate with
stations on wlan2
7. Consider a wireless access point with mode=ap-bridge. What is the maximum number of
concurrent clients that can connect to it?
A. 2007
B. 2012
C. 2048
D. 1024
8. Consider the following diagram. We want to communicate from a device on LAN1 to a
device on LAN2. Assuming that all necessary configurations are already included on R2,
which of the following configurations in R1 would enable this communication?
A. /ip route add dst-address=192.168.1.0/24 src-
address=192.168.0.0/24 gateway=192.168.99.2
B. /ip route add dst-address=0.0.0.0/0 gateway=Ether1
C. /ip route add dst-address=192.168.0.0/24
gateway=192.168.0.1
D. /ip route add dst-address=192.168.1.0/24
gateway=192.168.99.2
E. /ip route add dst-address=0.0.0.0/0
gateway=192.168.99.2
Jawab : B,D.E
Penjelasan: semuanya benar karena ,
B. bisa memakai interface,
D. konfigurasi static routing yang lengkap
E. bisa memakai efault route
9. PPP Secrets are used for

A. PPtP clients
B. L2TP clients
C. Router users
D. PPPoE clients
E. IPSec clients
F. PPP clients
Jawab : A,B,D
Penjelasan : ppp secret berfungsi untuk membuat user
an password untuk proses tunneling
10. For a Simple Queue to apply a bandwidth restrictions on a bridged interface, following

must be done:
A. Configure an IP address on the bridge interface
B. Use mangle to mark the connections
C. Associate the Simple Queue to the bridge interface
D. Enable 'Use IP Firewall' in bridge settings
Jawab : c
Penjelasan : karena untuk menjalankan fungsi diatas
mesti dipasang dibridge tersebut
11. In RouterOS queue configurations the word "total" usually represents

A. download - upload
B. upload
C. upload + download
D. Download
Jawab : c
Penjelasan : karena total itu merupakan upload +
download
12. What does the firewall action "log" do?

A. It logs and blocks the packet
B. It blocks and logs the packet
C. It adds a prefix to the packet and passes it through
D. It logs the packet
Jawab : D
Penjelasan : log itu fungsi mencatat, bukan memblok
ataupun mengijinkan data untuk leat
13. Which of the following is true for connection tracking

A. Connection tracking must be enabled for NAT'ed
network
B. Enabling connection tracking reduces CPU usage in
RouterOS
C. Disable connection tracking for mangle to work
D. Connection tracking must be enabled to be able to
use all firewall features
14. How many different priorities can be selected for queues in MikroTik RouterOS?
A. 1
B. 16
C. 0
D. 88
Jawab : d
Penjelasan : priority terbesar yang dapat diberikan pada
client adlah 8 semakin kecil angkanya semaikn I
prioritaskan
15. Which of the following keystrokes enables safe mode in console:

A. Ctrl+x
B. Ctrl+c
C. Ctrl+d
D. Ctrl+s
Jawab : A
Penjelasan ;
16. Select minimal set of software packages in RouteOS required to configuring a wireless

AP
A. wireless
B. advanced-tools
C. dhcp
D. routing
E. System
Jawab : A dan E
Penjelasan : karena untuk sekedar menghubungkan ap-
stasion tidak dibutuhkan dhcp (untuk membagikan ip)
dan juga routing (karena bisa memakai satu network
yang sama)
17. For static routing functionality, additionally to the RouterOS 'system' package, you will
also need the following software package:
A. no extra package required
B. advanced-tools
C. dhcp
D. Routing
Jawab : A
Penjelasan :jika hanya static routing tidak memerlukan
paket tambahan/extra package
18. What is possible with Netinstall?

A. MikroTik RouterOS reinstall
B. MikroTik RouterOS password reset with saving
router's configuration
C. MikroTik RouterOS configuration reset
Jawaban : semua benar

Penjelasan : netiinstall dapat melakukan ketiganya
19. Possible actions of ip firewall filter are:

A. bounce
B. log
C. accept
D. tarp
E. add-to-list
F. Tarpit
Jawab : B,C,D,F
Penjelasan :
20. What is the minimal possible wireless configuration to create an Access Point?

A. DFS mode
B. WDS
C. scan-list
D. radio name
E. mode
F. frequency
G. Band
H. Ssid
Jawab : g
Penjelasan : jika hanya sekedar terhubung kita hanya
mememrlukan band yang sama
21. What is the correct action for a NAT rule on a router that should intercept SMTP traffic
and send it over to a specified mail server?
A. redirect
B. passthrough
C. dst-nat
D. Tarpit
Jawab : c
Karena : paket ingin DIOPER ke mail server
22. PPPoE server only works within one Ethernet broadcast domain that it is connected to. If
there is a router between server and end-user host, it will not be able to create PPPoE tunnel
to that PPPoE server.
false
Penjelasan : karena PPPOE bisa berjalan meskipun

beda IP network
23. It is possible to create an encrypted PPPoE tunnel in RouterOS:

true
24. Where should you upload new MikroTik RouterOS version packages for upgrading
router?
A. FTP root directory or /files directory of the router
B. System Package menu
C. Any directory in /files
D. System Backup menu
Jawab : c
Penjelasan : karena setiap upgrade akan diletakan I
directory file
25. During a scan, in order to see all the available wireless frequencies that are supported by
the card, the following option must be selected in the wireless card's "Frequency Mode":
A. regulatory domain
B. superchannel
C. manual txpower
Jawab A
Penjelasan : karena memberi limit terhadap channel
yang tersedia dan maximum transit sesuai dengan
Negara masing2
1. What can be used as ’target-address’ in the simple queue?

A. address list name
B. client’s MAC address
C. client’s address
D. server’s address
Jawab : c
Penjelasan : karena untuk simple queue menggunakan ip address si client
2. When using routing option 'check-gateway=ping' after how many timeouts is gateway
considered unreachable:
A. 1
B. 3
C. 2
D. 4
Jawab : c
Penjelasan :
3. The highest queue priority is

A. 1
B. 8
C. 256
D. 16
Jawab :b
Penjelasan : priority terbesar yang dapat diberikan pada client adlah 8 semakin kecil
angkanya semaikn I prioritaskan
4. The 'connect-list' of wireless interfaces is used

A. for specifying APs not to connect to
B. for preventing communications between the clients
C. for specifying APs to connect to
D. for configuring SSID on the interface
Jawab : a dan c
Penjelasan : fungsi dari access-list ialah membatasi mana saja yang bisa connect ke ap
tersebut
5. Which option in the configuration of a wireless

s card must be disabled to cause the router to permit ONLY known clients listed in the
access list to connect?
A. Default Forward
B. Default Authenticate
C. Security Profile
D. Enable Access List
Jawab : b
Penjelasan : karena dengan default authenticate semua bisa connect ke ap tersebut
6. DHCP server is configured on a router’s ether1 interface. IP address 192.168.0.100/24 is

assigned to the interface. Possible IP pools, that can be used by this DHCP server, are:
A. 192.168.0.1-192.168.0.255
B. 192.168.0.1-192.168.0.99,192.168.0.101-192.168.0.254
C. 192.168.0.1-192.168.0.14
D. 192.169.0.1-192.169.0.254
Jawab : b dan c
Penjelasan : karena untuk jawaban A dan D akan terjai overlap ip (ip gateway tidak
dipisah)
7. There can be more than one PPPoE server in a single broadcast domain:
true
Jawab : true
Penjelasa: karena dalam satu broadcast domain bisa menjalankan lebih dari satu point to
point dalam satu network
A. To prevent communication between wlan1 and wlan2 one cannot use Bridge Filters
B. Stations on wlan2 will be able to communicate with stations on wlan1
C. Stations on wlan1 will be able to communicate with stations on wlan2
D. Stations on wlan1 will be able to communicate with stations on wlan1
E. Stations on wlan2 will be able to communicate with stations on wlan2
9. When viewing the routes in Winbox, some routes will show "DAC" in the first column.
These flags mean:
A. Dynamic, Active, Console

B. Dynamic, Available, Created
C. Dynamic, Active, Connected
D. Direct, Available, Connected
Penjelasan : bisa dilihat di bawah ini
Flags: X - disabled, A - active, D -dynamic,
C - connect, S -static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
B. routing
C. advanced-tools
D. dhcp
Jawaban : a
Penjelasan :jika hanya static routing tidak memerlukan paket tambahan/extra package
11. Which of the following Routes statuses are possible?

A. C = Connected
B. A = Active
C. S = Static
D. D = Drop
Jawab : abc
Penjelsan : d tidak termasuk karena dia termasuk action dari firewall bukan status dari table
routing

true
Jawab true
penjelasan: karena dalam satu broadcast domain bisa menjalankan lebih dari satu point to
13. Action=redirect allows you to make
A. Transparent HTTP Proxy

B. Enable Local Service
C. Transparent DNS Cache
D. Forward DNS to another device IP address
Jawab : a dan c
Penjelasan : karena redirect yang terpasang di dm chain=dstnat ini berfungsi untuk
transparent http proxy dan juga transparent dns cache

A. MikroTik RouterOS password reset with saving router's configuration
B. MikroTik RouterOS configuration reset
C. MikroTik RouterOS reinstall

15. A client uses a RouterBOARD1000. The clock is configured in '/system clock'. The
clock resets to default after each reboot.
Select the best solution for the problem.
A. Write a script in '/system script' to set the clock

B. Configure '/system ntp client' and set a valid and reachable NTP server address.
C. Open the router and ensure the CMOS battery is fine.
D. Configure '/system ntp server' and set a valid and reachable NTP client address.
Jawab : b
Penjelasan : dengan memasang ntp client, maka ia akan mensingkronisasikan waktu
sesuai dengan yang ada di internet,
A, salah karna ketika reboot ia akan tetap kembali ke waktu sebelumnya
B salah karena dhcp server digunakan untuk memberikan waktu (dan bertindak sebagai
server) an ia tidak tersambung ke klien manapun
D. rb 1000 tidak memiliki battry cmos
16.
A. One
B. Unlimited
C. Five
D. Two
Jawaban : a
Penjelasan ; setiap interface hanya mendappat jatah 1 untuk setiap interface
17. A wireless interface 'wlan1' is added to a bridge interface 'br-lan'. To enable dhcp-server
for wireless interface 'wlan1', on which interface should dhcp-server be configured?
A. On both 'br-lan' and 'wlan1'

B. The dhcp-server cannot be enabled neither on 'wlan1', nor on 'br-lan'
C. On 'wlan1'
D. On 'br-lan'
Jawaban :D
Penjelasan tidak perlu lagi membuat ip address di wlan apabila sudah dimasukan kedalam
bridge
18. It is possible to have PPTP Client and PPTP server on one MikroTik router at the same
time.
true
Jawab : true
Penjelasa: karena d
19. Which firewall chain should be used for filters that protect your router interface?
A. post-routing
B. forward
C. pre-routing
D. input
20. What does the firewall action "Redirect" do? Select all true statements.
A. Redirects a packet to a specified port on a host in the network
B. Redirects a packet to a specified IP
C. Redirects a packet to a specified port on the router
D. Redirects a packet to the router
21. Which of the following would prevent unknown clients from connecting to your AP?
Choose the BEST answer.
A. Uncheck "Default Authenticate" in the wireless card configuration, and add each known
client's MAC address to your connect-list configuration
B. Configure the radius server under "/radius"
C. Add each known client's MAC address to your access-list configuration is the only step
needed
D. Uncheck "Default Authenticate" in the wireless card configuration, and add each known
client's MAC address to your access-list configuration ensuring that you enable
"authenticate" in the entry
E. Check the "Do not permit unknown client" box in the wireless configuration
Jawb

A. UDP 1723
B. UDP 1721
C. TCP 1723
D. TCP 1721
Jawab : c
Penjelasan : Port yang dipakai pptp ialah 1723secara default
23. Which are necessary sections in /queue simple to set bandwidth limitation?
A. target-address, max-limit
B. max-limit
C. target-address, dst-address
D. target-address, dst-address, max-limit
Jawab : a
Penjelasan : karena untuk simple queue hanya membutuhkan target dan juga max limit nya
24. It is required to make a web server on a private LAN visible on the Public Internet. Only
the web server port should be visible to the public. Which of the following configuration
steps must be met. (select all that apply)
A. A route between the NAT Router and the webserver must exist
B. in ip firewall NAT there should be a dst-nat between the public ip of the router and the
private ip of the webserver
C. LAN address of the webserver should be routable on the internet
D. Public IP address of the webserver must be installed on the NAT Router
E. Connection Tracking must be enabled on NAT router
25. What is the default protocol/port of (secure) winbox?

A. UDP/5678
B. TCP/22
C. TCP/8291
D. TCP/8080
Jawab : c
Penjelasan ; port default dari winbox aalah 8291
1. A client uses a RouterBOARD1000. The clock is configured in '/system clock'. The clock
resets to default after each reboot.

B. Configure '/system ntp server' and set a valid and reachable NTP client address.
C. Configure '/system ntp client' and set a valid and reachable NTP server address.
D. Open the router and ensure the CMOS battery is fine.
Jawab: C
Penjelasan : dengan memasang ntp client, maka ia akan mensingkronisasikan waktu sesuai
dengan yang ada di internet,
2. Which of the protocols below is used by Netinstall?
A. arp
B. bootp
C. dhcp
D. rarp
Jawab : b
Penjelasan : protocol yang digunakan adalah bootp untuk menginstalasi gn netinstall
Jawaban a salah karena dungsi ARP adalah memetakan layer2 dan 3
Jawaban c salah karena dhcp berfungsi untuk membagikan ip
Jawaban d salah karena adlh kebalikan dari ARP
3. /ip route configuration on router,
/ip route add gateway=192.168.0.1

/ip route add dst-address=192.168.1.0/24 gateway=192.168.0.2
Router needs to send packets to 192.168.3.240. Which gateway will be used?

A. 192.168.0.2
B. 192.168.0.4
C. 192.168.0.1
D. 192.168.0.3
Jawab : c
Penjelasan : jawaban A dan B salah karena dst addressnya tidak sesuai dengan yang diminta
Sedangkan yang D karena rangenya berbeda dengan 240
4. For a Simple Queue to apply a bandwidth restrictions on a bridged interface, following must
be done:

C. Enable 'Use IP Firewall' in bridge settings
D. Associate the Simple Queue to the bridge interface
5. Mark all correct answers
A. Wireless access-list could allow and deny connect to your AP

B. The only way to prevent wireless clients connections - disable wireless interface
C. Default-Forwarding could be enabled for a specific clients by wireless access-list
D. /ip firewall filter allows to deny authentication to AP
Jawab : a saja
Penjelasan : wirelesss access-list dapat menentukan mana yang boleh terhubung ke ap,
caranya dengan mendisable default authentication
Selainnya salah karena tidak sesuai
6. NAT rule is going to catch SMTP traffic and send it to a specific mail server.
What is the correct action for a NAT rule?
A. passthrough
B. dst-nat
C. redirect
D. tarpit
Jawab : b
Penjelasan : karena untuk membelokan smtp traffic kesuatu network ialah tugas dst nat
Untuk mengkonfigurasikannya ikuti command dibawah ini
ip firewall nat add chain=dstnat protocol=tcp dst-port=25 action=dst-nat to-

addresses=10.0.0.1 to-ports=25
7. When viewing the routes in Winbox, some routes will show "DAC" in the first column. These
flags mean:
A. Direct, Available, Connected

B. Dynamic, Active, Connected
C. Dynamic, Available, Created
D. Dynamic, Active, Console
Jawab : b

true
Penjelasan : karena semua protocol ppp bisa di enkripsi
9. Action=redirect is applied in
A. chain=srcnat
B. chain=forward
C. chain=dstnat
Jawab : c
Penjelasan: karena redirect membutuhkan destination bukan source atau pun forward
10. MikroTik RouterOS commands can be run once a day by:
A. /system watchdog
B. /system cron
C. /system scheduler
Jawab: c
Pejelasan : karena scheduler mengatur jadwal kapan fitur tersebut dijalankan
11. Router has wireless and ethernet client interfaces, all client interfaces are bridged. To create
a DHCP service for all clients, DHCP server must be configured on:
A. Ethernet and wireless interfaces
B. DHCP service is not possible in this setup
C. Every bridge port
D. Only on the bridge interface
Jawab: D
Penjelasan : karena interface wireless dan ethernetnya sudah di bridge sehingga harus
dimasukan kedalam interface bridge
12. You want to use PCQ and allow 256k maximum download and upload for each client.
Choose correct argument values for the required queue.
A. kind=pcq pcq-rate=1256000 pcq-classifier=dst-address
B. kind=pcq pcq-rate=5000000 pcq-classifier=src-address
C. kind=pcq pcq-rate=256000 pcq-classifier=dst-address
D. kind=pcq pcq-rate=5000000 pcq-classifier=dst-address
E. kind=pcq pcq-rate=256000 pcq-classifier=src-address
Jawab : C dan E
Penjelasan :dalam PCQ untuk melimit Upload classifier yang diisi adalah Src-Address dan
untuk Download classfier yang diisi aalah dst-address
13. Which is a default baud-rate of currently manufactured RouterBOARDs?

A. 115200
B. 9600
C. 38400
D. 11520
Jawaban :a
Penjelasan : karena default yang dipasang ke netinstall adalah 11520

A. 192.169.0.1-192.169.0.254
B. 192.168.0.1-192.168.0.255
C. 192.168.0.1-192.168.0.99,192.168.0.101-192.168.0.254
D. 192.168.0.1-192.168.0.14
Jawab : c an d
Penjelasan : karena untuk jawaban A dan B akan terjai overlap ip (ip gateway tidak dipisah)
true
Jawab : true
Penjelasa: karena dalam satu broadcast domain bisa menjalankan lebih dari satu point to point
dalam satu network
16. Which wireless mode allows you to connect to any standard AP (not only MikroTik) and to
be able to bridge this wireless interface to an Ethernet?
A. station
B. station-wds
C. bridge
D. station-pseudobridge
Jawab : a
Penjelasan : karena untuk jawaban B dan D khusus mikrotik untuk melakukan wds
17. To block communications between wireless clients connected to the same access point
interface, you should set
A. 'default-forwarding=no'
B. 'max-station-count=1'
C. 'default-authentication=no'
D. 'default-authentication=no' and 'default-forwarding=no'
Jawab : a
Penjelasan : karena no default-forwarding akan men disable layer 2 dari client
there is a router between server and end-user host, it will not be able to create PPPoE tunnel to
that PPPoE server.
false
Jawaban : false
Penjelasan : karena PPPOE bisa berjalan meskipun beda IP network
19. Which default route will be active?
/ip route
add disabled=no distance=10 dst-address=0.0.0.0/0 gateway=1.1.1.1
A. Route via gateway 2.2.2.2
B. Route via gateway 1.1.1.1
Jawab : a
Penjelasan :semakin kecil distance nya semakin di prioritaskan

A. max-limit
B. target-address, max-limit
Jawab : b
21. Which option in the configuration of a wireless card must be disabled to cause the router to
permit ONLY known clients listed in the access list to connect?
A. Enable Access List

B. Security Profile
C. Default Authenticate
D. Default Forward
Jawab : c
Penjelasan : karena dengan default authenticate semua bisa onnect ke ap tersebut
22. For static routing functionality, additionally to the RouterOS 'system' package, you will also
need the following software package:
A. advanced-tools
B. routing
C. dhcp
D. no extra package required
Jawab : d
23. Which firewall chain should you use to filter clients HTTP traffic going through the router?
A. prerouting
B. forward
C. output
D. input
Jawab :b
Penjelasan : kata kuncinya adalah “through” atau melewati sehingga yang dibutuhkan untuk
“melewati” ialah chain=forward
24. What is necessary for PPPoE client configuration?

A. ip firewall nat masquerade rule
B. Interface (on which PPPoE client is going to work)
C. Static IP address on PPPoE client interface
Jawaban : b
Penjelasan : karena yang dibutuhkan untuk pppoe client interface akan dipakai
25. Action=redirect can be used in NAT chain src-nat

A. true
B. false
Jawab b
1. Is action=masquerade allowed in chain=dstnat?

A. yes, but only if dst-addr is specified
B. yes
C. yes, but it works only for incoming connections
D. no
Jawaban : D
Penjelasan : karena masquerade dipasang pada srcnat

A. UDP/5678
B. TCP/22
C. TCP/8291
D. TCP/8080
Jawaban : c
Penjelasan : karena port default dari winbox adalah tcp 8291
3. Which is the default port of IP-Winbox?

A. UDP 8291
B. TCP 80
C. TCP 8291
D. TCP 8192
Jawab : c
A. manual txpower
B. superchannel
C. regulatory domain
Jawab : c
Penjelasan : karena memberi limit terhadap channel yang tersedia dan maximum transit
sesuai dengan Negara masing2

A. target-address, dst-address
C. target-address, dst-address, max-limit
D. max-limit
Jawab :b
6. RouterOS log messages are stored on disk by default

False
Penjelasan : karena log message nya disimpan di memory bukan di disk
7. In order to use dynamic keys in your wireless security profile for an AP, you MUST set up
the dhcp server to provide the dynamic keys.
False
Penjelasan karena dhcp tidak mengirimkan dynamic key
These flags mean:
A. Dynamic, Active, Connected
B. Dynamic, Active, Console
Jawab :a
9. Which wireless mode allows you to connect to any standard AP (not only MikroTik) and
to be able to bridge this wireless interface to an Ethernet?
A. station-pseudobridge
B. station
C. station-wds
D. bridge
Jawab : b
B. advanced-tools
C. dhcp
D. routing
Jawab A
Penjelasan : Penjelasan :jika hanya static routing tidak memerlukan paket tambahan/extra
package
A. download
B. upload + download
C. upload
D. download – upload
Jawab b
Penjelasan : karena total itu merupakan upload + download
False
Penjelasan : Penjelasan : karena PPPOE bisa berjalan meskipun beda IP network

A. PPtP clients
B. IPSec clients
C. PPP clients
D. Router users
E. L2TP clients
F. PPPoE clients
Jawab : A,E,F
Penjelasan : ppp secret berfungsi untuk membuat user an password untuk proses tunneling
A. 4
B. 3
C. 1
D. 2
A. /ip route add dst-address=192.168.1.0/24 src-address=192.168.0.0/24
gateway=192.168.99.2
B. /ip route add dst-address=0.0.0.0/0 gateway=192.168.99.2
C. /ip route add dst-address=192.168.0.0/24 gateway=192.168.0.1
D. /ip route add dst-address=0.0.0.0/0 gateway=Ether1
E. /ip route add dst-address=192.168.1.0/24 gateway=192.168.99.2
Jawab :
D. bisa memakai interface,
E. konfigurasi static routing yang lengkap
B. bisa memakai Default route

B. MikroTik RouterOS password reset with saving router's configuration

17. If you wish to block user access to MSN messenger, which chain should the firewall rule
be placed in?
A. input
B. process
C. forward
D. output
Jawaban : C
Penjelasan : karena chain yang digunakan untuk data / paket dari luar router menuju luar
lainnya menggunakan Chain=Forward
18. If ARP=reply-only is configured on an interface, this interface will

A. accept all MAC-addresses listed in '/ip arp' as static entries
B. accept IP and MAC address combinations listed in '/ip arp' list
C. add new MAC addresses in '/ip arp' list
D. add new IP addresses in '/ip arp' list
E. accept all IP addresses listed in '/ip arp' as static entries
Jawaban : A
Penjelasan : ARP=reply-only hanya membalas bagi yang IP dan MAC Addressnya sudah
tercantum
19. In WinBox when clicking the 'Backup' button in the Files window, the following happens
(select all that apply):
A. Backup file is created. Name contains the router identity, the date and time of its creation
B. Backup file is saved to the computer desktop
C. Backup file will contain usernames and passwords of the router
D. Optionally backup name and password can be specified
Jawaban : A
Penjelasan : Backup File berguna untuk membackup seluruh Konfigurasi termasuk Router
Ientity, tanggal dan waktu
20. What is marked by connection-state=established matcher?

A. Packet begins a new TCP connection
B. Packet does not correspond to any known connection
C. Packet belongs to an existing connection,for example a reply packet or a packet which
belongs to already replied connection
D. Packet is related to, but not part of an existing connection
Jawaban c
Penjelasan : karena estabilished merupakan hasil dari koneksi yang pernah ada
Sedangkan
21. /ip firewall nat

add chain=dstnat in-interface=ether1 protocol=tcp dst-port=3389 action=dst-nat to-
address=192.168.1.2 to-ports=81
The command shown above:

A. Forwards any TCP traffic incoming through ether1 port 81 to the port 3389 of the internal
host 192.168.1.2
B. Adds IP address 192.168.1.2 to the interface ether1
C. Forwards any TCP traffic incoming through ether1 port 3389 to the port 81 of the internal
host 192.168.1.2
D. Forwards all TCP traffic from 192.168.1.2 to port 81 of the interface ether1
Jawaban : C
Penjelasan : firewall nat akan membelokan traffic ari ether satu engan dst-port 3389 ke port
81.Jawaban A salah karena port yang dibelokkan salah, Jawaban A menjelaskan bahwa port
81 akan dibelokkan ke port 3389.

A. Interface (on which PPPoE client is going to work)
B. ip firewall nat masquerade rule
Jawaban : a
23. Mark all the features that can be used for limiting client registrations to your access point:
A. access-list
B. wpa
C. WDS
D. registration-table
Jawaban : A
Penjelasan : untuk melimit client yang connect kita bisa menggunakan Access-List.
B. kind=pcq pcq-rate=1256000 pcq-classifier=dst-address
C. kind=pcq pcq-rate=5000000 pcq-classifier=src-address
D. kind=pcq pcq-rate=256000 pcq-classifier=src-address
E. kind=pcq pcq-rate=5000000 pcq-classifier=dst-address
Jawab : A dan D
True
Jawab : true
1. You want to transfer existing '/ip firewall filter' configuration from one router to a new
router
Jawab :a
2.
A. Five
B. One
C. Two
D. Unlimited
Jawab : b

0 dst-addr=10.1.1.0/24 gateway=5.5.5.5
1 dst-addr=10.1.1.4/30 gateway=5.6.6.6

B. 5.6.6.6
C. 5.5.5.5
Jawab : b
kurang spesifik,
A. 10.1.5.126
B. 10.1.1.1
C. 10.1.1.2
D. 25.1.1.1
Jawab : c

A. TCP 1721
B. UDP 1721
C. UDP 1723
D. TCP 1723
JAWAB :d
bukan udp
stations on wlan2
stations on wlan1
stations on wlan1
stations on wlan2
A. 2007
B. 2012
C. 2048
D. 1024

address=192.168.0.0/24 gateway=192.168.99.2
gateway=192.168.0.1
gateway=192.168.99.2
gateway=192.168.99.2
Jawab : B,D.E

A. PPtP clients
B. L2TP clients
C. Router users
D. PPPoE clients
E. IPSec clients
F. PPP clients
Jawab : A,B,D

must be done:
Jawab : c

B. upload
D. Download
Jawab : c
download

Jawab : D

network
RouterOS
A. 1
B. 16
C. 0
D. 8
Jawab : d
prioritaskan

A. Ctrl+x
B. Ctrl+c
C. Ctrl+d
D. Ctrl+s
Jawab : A
Penjelasan ;

AP
A. wireless
B. advanced-tools
C. dhcp
D. routing
E. System
Jawab : A dan E
yang sama)
B. advanced-tools
C. dhcp
D. Routing
Jawab : A



A. bounce
B. log
C. accept
D. tarp
E. add-to-list
F. Tarpit
Jawab : B,C,D,F
Penjelasan :

A. DFS mode
B. WDS
C. scan-list
D. radio name
E. mode
F. frequency
G. Band
H. Ssid
Jawab : g
A. redirect
B. passthrough
C. dst-nat
D. Tarpit
Jawab : c
false

beda IP network

true
router?
Jawab : c
directory file
B. superchannel
C. manual txpower
Jawab A
Negara masing2
Jawab : c
A. 1
B. 3
C. 2
D. 4
Jawab : c
Penjelasan :

A. 1
B. 8
C. 256
D. 16
Jawab :b

Jawab : a dan c
tersebut

A. Default Forward
C. Security Profile
Jawab : b

A. 192.168.0.1-192.168.0.255
B. 192.168.0.1-192.168.0.99,192.168.0.101-192.168.0.254
C. 192.168.0.1-192.168.0.14
D. 192.169.0.1-192.169.0.254
Jawab : b dan c
Penjelasan : karena untuk jawaban A dan B akan terjai overlap ip (ip gateway tidak
dipisah)
true
Jawab : true
These flags mean:

B. routing
C. advanced-tools
D. dhcp
Jawaban : a

A. C = Connected
B. A = Active
C. S = Static
D. D = Drop
Jawab : abc
routing

true
Jawab true

Jawab : a dan c


Jawab : b
16.
A. One
B. Unlimited
C. Five
D. Two
Jawaban : a

C. On 'wlan1'
D. On 'br-lan'
Jawaban :D
bridge
time.
true
Jawab : true
Penjelasa: karena d
A. post-routing
B. forward
C. pre-routing
D. input
needed
Jawb

A. UDP 1723
B. UDP 1721
C. TCP 1723
D. TCP 1721
Jawab : c

B. max-limit
Jawab : a

A. UDP/5678
B. TCP/22
C. TCP/8291
D. TCP/8080
Jawab : c

Jawab: C

A. arp
B. bootp
C. dhcp
D. rarp
Jawab : b


A. 192.168.0.2
B. 192.168.0.4
C. 192.168.0.1
D. 192.168.0.3
Jawab : c
be done:


Jawab : a saja
A. passthrough
B. dst-nat
C. redirect
D. tarpit
Jawab : b

flags mean:

Jawab : b

true
A. chain=srcnat
B. chain=forward
C. chain=dstnat
Jawab : c

A. /system watchdog
B. /system cron
Jawab: c
Jawab: D
Jawab : C dan E

A. 115200
B. 9600
C. 38400
D. 11520
Jawaban :a

A. 192.169.0.1-192.169.0.254
B. 192.168.0.1-192.168.0.255
C. 192.168.0.1-192.168.0.99,192.168.0.101-192.168.0.254
D. 192.168.0.1-192.168.0.14
Jawab : c an d
true
Jawab : true
dalam satu network
A. station
B. station-wds
C. bridge
Jawab : a
Jawab : a
that PPPoE server.
false
Jawaban : false
/ip route
Jawab : a

A. max-limit
Jawab : b

B. Security Profile
D. Default Forward
Jawab : c
A. advanced-tools
B. routing
C. dhcp
Jawab : d
A. prerouting
B. forward
C. output
D. input
Jawab :b

Jawaban : b
A. true
B. false
Jawab b

B. yes
D. no
Jawaban : D

A. UDP/5678
B. TCP/22
C. TCP/8291
D. TCP/8080
Jawaban : c

A. UDP 8291
B. TCP 80
C. TCP 8291
D. TCP 8192
Jawab : c
A. manual txpower
B. superchannel
Jawab : c

D. max-limit
Jawab :b

False
False
These flags mean:
Jawab :a
B. station
C. station-wds
D. bridge
Jawab : b
B. advanced-tools
C. dhcp
D. routing
Jawab A
package
A. download
C. upload
Jawab b
False

A. PPtP clients
B. IPSec clients
C. PPP clients
D. Router users
E. L2TP clients
F. PPPoE clients
Jawab : A,E,F
A. 4
B. 3
C. 1
D. 2
gateway=192.168.99.2
Jawab :


be placed in?
A. input
B. process
C. forward
D. output
Jawaban : C

Jawaban : A
tercantum
Jawaban : A

Jawaban c
Sedangkan


host 192.168.1.2
host 192.168.1.2
Jawaban : C

Jawaban : a
A. access-list
B. wpa
C. WDS
Jawaban : A
Jawab : A dan D
True
Jawab : true
1. You want to transfer existing '/ip firewall filter' configuration from one router to a new
router
Jawab :a
2.
A. Five
B. One
C. Two
D. Unlimited
Jawab : b

0 dst-addr=10.1.1.0/24 gateway=5.5.5.5
1 dst-addr=10.1.1.4/30 gateway=5.6.6.6

B. 5.6.6.6
C. 5.5.5.5
Jawab : b
kurang spesifik,
A. 10.1.5.126
B. 10.1.1.1
C. 10.1.1.2
D. 25.1.1.1
Jawab : c

A. TCP 1721
B. UDP 1721
C. UDP 1723
D. TCP 1723
JAWAB :d
bukan udp
stations on wlan2
stations on wlan1
stations on wlan1
stations on wlan2
A. 2007
B. 2012
C. 2048
D. 1024

address=192.168.0.0/24 gateway=192.168.99.2
gateway=192.168.0.1
gateway=192.168.99.2
gateway=192.168.99.2
Jawab : B,D.E
A. PPtP clients
B. L2TP clients
C. Router users
D. PPPoE clients
E. IPSec clients
F. PPP clients
Jawab : A,B,D

must be done:
Jawab : c

B. upload
D. Download
Jawab : c
download

Jawab : D

network
RouterOS
A. 1
B. 16
C. 0
D. 8
Jawab : d
prioritaskan

A. Ctrl+x
B. Ctrl+c
C. Ctrl+d
D. Ctrl+s
Jawab : A
Penjelasan ;

AP
A. wireless
B. advanced-tools
C. dhcp
D. routing
E. System
Jawab : A dan E
yang sama)
B. advanced-tools
C. dhcp
D. Routing
Jawab : A



A. bounce
B. log
C. accept
D. tarp
E. add-to-list
F. Tarpit
Jawab : B,C,D,F
Penjelasan :

A. DFS mode
B. WDS
C. scan-list
D. radio name
E. mode
F. frequency
G. Band
H. Ssid
Jawab : g
A. redirect
B. passthrough
C. dst-nat
D. Tarpit
Jawab : c
false

beda IP network

true
router?
Jawab : c
directory file
B. superchannel
C. manual txpower
Jawab A
Negara masing2

Jawab : c
A. 1
B. 3
C. 2
D. 4
Jawab : c
Penjelasan :

A. 1
B. 8
C. 256
D. 16
Jawab :b

Jawab : a dan c
tersebut

A. Default Forward
C. Security Profile
Jawab : b

A. 192.168.0.1-192.168.0.255
B. 192.168.0.1-192.168.0.99,192.168.0.101-192.168.0.254
C. 192.168.0.1-192.168.0.14
D. 192.169.0.1-192.169.0.254
Jawab : b dan c
Penjelasan : karena untuk jawaban A dan B akan terjai overlap ip (ip gateway tidak
dipisah)
true
Jawab : true
These flags mean:

B. routing
C. advanced-tools
D. dhcp
Jawaban : a

A. C = Connected
B. A = Active
C. S = Static
D. D = Drop
Jawab : abc
routing

true
Jawab true

Jawab : a dan c


Jawab : b
16.
A. One
B. Unlimited
C. Five
D. Two
Jawaban : a

C. On 'wlan1'
D. On 'br-lan'
Jawaban :D
bridge
time.
true
Jawab : true
Penjelasa: karena d
A. post-routing
B. forward
C. pre-routing
D. input
needed
Jawb

A. UDP 1723
B. UDP 1721
C. TCP 1723
D. TCP 1721
Jawab : c

B. max-limit
Jawab : a

A. UDP/5678
B. TCP/22
C. TCP/8291
D. TCP/8080
Jawab : c

Jawab: C

A. arp
B. bootp
C. dhcp
D. rarp
Jawab : b

A. 192.168.0.2
B. 192.168.0.4
C. 192.168.0.1
D. 192.168.0.3
Jawab : c
be done:


Jawab : a saja
A. passthrough
B. dst-nat
C. redirect
D. tarpit
Jawab : b

flags mean:

Jawab : b

true
A. chain=srcnat
B. chain=forward
C. chain=dstnat
Jawab : c

A. /system watchdog
B. /system cron
Jawab: c
Jawab: D
Jawab : C dan E

A. 115200
B. 9600
C. 38400
D. 11520
Jawaban :a

A. 192.169.0.1-192.169.0.254
B. 192.168.0.1-192.168.0.255
C. 192.168.0.1-192.168.0.99,192.168.0.101-192.168.0.254
D. 192.168.0.1-192.168.0.14
Jawab : c an d
true
Jawab : true
dalam satu network
A. station
B. station-wds
C. bridge
Jawab : a
Jawab : a
that PPPoE server.
false
Jawaban : false
/ip route
Jawab : a

A. max-limit
Jawab : b

B. Security Profile
D. Default Forward
Jawab : c
A. advanced-tools
B. routing
C. dhcp
Jawab : d
A. prerouting
B. forward
C. output
D. input
Jawab :b

Jawaban : b

A. true
B. false
Jawab b

B. yes
D. no
Jawaban : D

A. UDP/5678
B. TCP/22
C. TCP/8291
D. TCP/8080
Jawaban : c

A. UDP 8291
B. TCP 80
C. TCP 8291
D. TCP 8192
Jawab : c
A. manual txpower
B. superchannel
Jawab : c

D. max-limit
Jawab :b

False
False
These flags mean:
Jawab :a
B. station
C. station-wds
D. bridge
Jawab : b
B. advanced-tools
C. dhcp
D. routing
Jawab A
package
A. download
C. upload
Jawab b
False

A. PPtP clients
B. IPSec clients
C. PPP clients
D. Router users
E. L2TP clients
F. PPPoE clients
Jawab : A,E,F
A. 4
B. 3
C. 1
D. 2
gateway=192.168.99.2
Jawab :


be placed in?
A. input
B. process
C. forward
D. output
Jawaban : C

Jawaban : A
tercantum
Jawaban : A

Jawaban c
Sedangkan


host 192.168.1.2
host 192.168.1.2
Jawaban : C

Jawaban : a
A. access-list
B. wpa
C. WDS
Jawaban : A
Jawab : A dan D
True
Jawab : true

Soal Mtcna Pandu

Uploaded by

Copyright:

Available Formats

Soal Mtcna Pandu

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Soal Mtcna Pandu

Uploaded by

Copyright:

Available Formats

1.

3. There are two routes in the routing table:

Which gateway will be used to get to the IP address 10.1.1.6?

4. A routing table has following entries:

5. Which port does PPTP use by default?

9. PPP Secrets are used for

10. For a Simple Queue to apply a bandwidth restrictions on a bridged interface, following

11. In RouterOS queue configurations the word "total" usually represents

12. What does the firewall action "log" do?

13. Which of the following is true for connection tracking

15. Which of the following keystrokes enables safe mode in console:

16. Select minimal set of software packages in RouteOS required to configuring a wireless

18. What is possible with Netinstall?

Jawaban : semua benar

19. Possible actions of ip firewall filter are:

20. What is the minimal possible wireless configuration to create an Access Point?

Penjelasan : karena PPPOE bisa berjalan meskipun

23. It is possible to create an encrypted PPPoE tunnel in RouterOS:

1. What can be used as ’target-address’ in the simple queue?

3. The highest queue priority is

4. The 'connect-list' of wireless interfaces is used

5. Which option in the configuration of a wireless

6. DHCP server is configured on a router’s ether1 interface. IP address 192.168.0.100/24 is

A. Dynamic, Active, Console

11. Which of the following Routes statuses are possible?

12. It is possible to create an encrypted PPPoE tunnel in RouterOS:

13. Action=redirect allows you to make

A. Transparent HTTP Proxy

14. What is possible with Netinstall?

Jawaban : semua benar

A. Write a script in '/system script' to set the clock

A. On both 'br-lan' and 'wlan1'

22. Which port does PPTP use by default?

25. What is the default protocol/port of (secure) winbox?

A. Write a script in '/system script' to set the clock

3. /ip route configuration on router,

/ip route add gateway=192.168.0.1

Router needs to send packets to 192.168.3.240. Which gateway will be used?

A. Configure an IP address on the bridge interface

5. Mark all correct answers

A. Wireless access-list could allow and deny connect to your AP

ip firewall nat add chain=dstnat protocol=tcp dst-port=25 action=dst-nat to-

A. Direct, Available, Connected

8. It is possible to create an encrypted PPPoE tunnel in RouterOS:

Penjelasan : karena semua protocol ppp bisa di enkripsi

13. Which is a default baud-rate of currently manufactured RouterBOARDs?

14. DHCP server is configured on a router’s ether1 interface. IP address 192.168.0.100/24 is

19. Which default route will be active?

20. Which are necessary sections in /queue simple to set bandwidth limitation?

A. Enable Access List

24. What is necessary for PPPoE client configuration?

25. Action=redirect can be used in NAT chain src-nat

1. Is action=masquerade allowed in chain=dstnat?

2. What is the default protocol/port of (secure) winbox?

3. Which is the default port of IP-Winbox?

5. Which are necessary sections in /queue simple to set bandwidth limitation?

6. RouterOS log messages are stored on disk by default

Penjelasan karena dhcp tidak mengirimkan dynamic key

13. PPP Secrets are used for