ujian mtcna 12 juni 2011 (mikrotik.co.id) (mikrotik.co.id) 1. If you need to make sure that one computer in your HotSpot network can access the Internet without HotSpot authentication, which menu allows you to do this !. I" #indin$s #indin$s %. &alled'$arden &alled'$arden . sers *. &alled'$arden I" 2. +anakah fakta yan$ #enar men$enai file #ackup !. ermasuk ermasuk file yan$ tersimpan tersimpan di -files %. %isa diedit . ermasuk ermasuk username dan password dari -user *. +encakup seluruh konfi$urasi router . /Streme works only on 0mh channel width yes no
. o make all */S re3uests comin$ from your n etwork to resol4e on your router (re$ardless of the clients5 confi$uration), which action would you specify for the *S'/! *S'/! rule !. mas3uerade %. dst'nat . you can5t use *S'/! to achie4e this *. redirect 6. wo wo hosts, ! and %, are connected to a #roadcast 7!/. Select all the answers showin$ pairs of I" address-mask which would allow I" connections to #e esta#lished #etween the two hosts.
!. !8 !8 10.1.2.99-26 and %8 10.1.2.10:-29 10.1.2.10:-29 %. !8 10.1.2.1:2-2 and %8 10.1.2.12:-29 . !8 10.2.2.1-2 and %8 10.2.0.1-22 *. !8 10.2.1.0-2 and %8 10.2.0.1-22 9. he first two rules in the forward chain of the filter ta#le a re8 -ip -ip firewall firewall filter add chain;forward connection'state;esta#l connection'state;esta#lished ished action;accept action;accept -ip -ip firewall firewall filter add chain;forward connection'state;in4al connection'state;in4alid id action;drop action;drop onnection'state;related onnection'state;related packets are not filtered #y the rules a#o4e.
<. -interface wireless access'list is used for !. Shows a list of lient5s lient5s +! !ddress that are already re$istered re$istered at !" !" %. !uthenticate Hotspot users . Handles a list of lient5s +! !ddress !ddress to permit-deny connection to !" *. ontains the security profiles settin$s =. "ossi#le actions of ip firewall filter are8
!. tarpit %. tarp . #ounce *. add'to'address'list >. lo$ ?. accept :. In case when router lo$in password is lost, it is necessary to reinstall @outerAS or use hardware reset funcion. true false
10. &hich software 4ersion can #e installed onto the followin$ @outer%oard types !. routeros'B=9'B.BB.npk on a @%1100 %. routeros'mips#e'B.BB.npk on a @%1 . routeros'mipsle'B.BB.npk on @%1 *. routeros'powerpc'B.BB.npk on a @% >. routeros'mips#e'B.BB.npk on a @% 11. """ Secrets are used for !. 72" clients %. @outer users . ""t" clients *. I"Sec clients >. """o> clients ?. """ clients 12. hoose all 4alid hosts address ran$e for su#net 16.22.66.92-2< !. 16.22.66.2'16.22.66.9 %. 16.22.66.'16.22.66.9 . 16.22.66.'16.22.66.92 *. 16.22.66.1'16.22.66.92 1. &"! 2 "re'Shared Cey ("SC) is ena#led on !", all your clients ha4e to use the same "SC. Anly Dirtual !" could #e used to allow clients to connect with a different "SC. true false
1. @outer ! and % are #oth runnin$ as """o> ser4ers on different #roadcast domains of your network. Is it possi#le to set @outer ! to use E-ppp secretE accounts from @outer % to authenticate """o> customers false true
16. &hich of the followin$ actions are a4aila#le for 5-ip firewall man$le5 (select all 4alid actions)
!. chan$e +SS %. mark connection . accept *. jump >. drop ?. mark packet 19. AS?" area I* does not need to #e uni3ue within the !S. true false
1<. &hat confi$uration is added # y -ip hotspot setup command (select a ll that apply) !. -ip dhcp'ser4er %. -ip ser4ice . -3ueue tree *. -ip hotspot user >. -ip hotspot walled'$arden 1=. +ode wireless apakah yan$ #isa di$unakan untuk men$konfi$urasikan &*S !. ap'#rid$e %. nstreme'dual'sla4e . #rid$e *. station'wds >. station 1:. heck all of the *H" Ser4er Aptions that are implemented for *H"'lient and not ustom. !. &I/S Ser4er %. ntp ser4er . */S Ser4er *. su#net mask >. tftp ?. $ateway 20. !nda akan menyimpan we#site yan$ telah dikunjun$i ke dalam se#uah lo$ dari we# proBy. +anakah konfi$urasi yan$ #enar !. -system lo$$in$ add topics;we#'proBy,de#u$ action;memory %. -system lo$$in$ add topics;we#'proBy,Fde#u$ action;memory . -system lo$$in$ add topics;we#'proBy,Fde#u$ action;remote *. -system lo$$in$ add topics;we#'proBy,Fde#u$ action;disk 21. Gou need to set up an >1(1) connection with """ confi$ured. &hich 7icense le4el is needed !. 7e4el %. It cannot #e done in @outerAS . 7e4el 6 22. Gou ha4e a router with confi$uration ' "u#lic I" 8202.19=.126.6-2 ' *efault $ateway8202.19=.126.1
' */S ser4er8 2=.116.1=.19, 2=.116.1=.1< ' 7ocal I"8 1:2.19=.2.1-2 +ark the correct confi$uration on client " to access to the Internet !. I"81:2.19=.2.116-2 $ateway8 1:2.19=.2.1 %. I"81:2.19=.0.1-2 $ateway81:2.19=.2.1 . I"81:2.19=.2.2-2 $ateway8202.19=.126.6 *. I"81:2.19=.1.22-2 $ateway82=.116.1=.19 >. I"81:2.19=.2.26-2 $ateway8202.19=.0.1 2. +ark 3ueue type that uses fairness principle #etween su#'3ueues, allows users to choose classifier for su#'3ueues, and apply a limit to each su#'3ueue !. S? %. @>* . " *. %?I?A 2. How many different priorities can #e selected for 3ueues in +ikroik @outerAS !. 1 %. = . 0 *. 19 26. !n I" address pool can contain addresses from more than one su#net. true false 1. !ction;redirect is applied in !. chain;srcnat %. chain;dstnat . chain;forward 2. Gou ha4e =02.11#-$ wireless card. & hat fre3uencies are a4aila#le to you !. 6=00+H %. 212+H . 6210+H *. 222+H >. 22<+H . +ark all correct statements a#out -eBport (rsc file). !. >Bports lo$s from -lo$ print %. >Bports full confi$uration of the router . >Bports only part of the confi$uration (for eBample -ip firewall) *. >Bports scripts from -system script >. >Bports files could not edited . &hat wireless card can we use to achie4e 100 +#ps actual wireless throu$hput !. =02.11 #-$
%. =02.11 a-#-$ . =02.11 a *. =02.11 a-n >. =02.11 a-#-$-n 6. It is possi#le to add user'defined chains in ip firewall man$le
9. hoose all 4alid hosts address ran$e for su#net 16.22.66.92-2< !. 16.22.66.1'16.22.66.92 %. 16.22.66.2'16.22.66.9 . 16.22.66.'16.22.66.92 *. 16.22.66.'16.22.66.9 <. !ction;redirect allows you to make
!. ransparent */S ache %. ?orward */S to another de4ice I" address . >na#le 7ocal Ser4ice *. ransparent H" "roBy =. &hich is correct mas3uerade rule for 1:2.19=.0.0-2 network on the router with out$oin$ interface;ether1 !. -ip firewall nat add action;mas3uerade chain;srcnat %. -ip firewall nat add action;mas3uerade chain;srcnat src'address;1:2.19=.0.0-2 . -ip firewall nat add action;mas3uerade out'interface;ether1 chain;dstnat *. -ip firewall nat add action;mas3uerade chain;srcnat out'interface;ether1 1. !ction;redirect is applied in !. chain;srcnat %. chain;dstnat . chain;forward 2. Gou ha4e =02.11#-$ wireless card. & hat fre3uencies are a4aila#le to you !. 6=00+H %. 212+H . 6210+H *. 222+H >. 22<+H . +ark all correct statements a#out -eBport (rsc file). !. >Bports lo$s from -lo$ print %. >Bports full confi$uration of the router . >Bports only part of the confi$uration (for eBample -ip firewall) *. >Bports scripts from -system script >. >Bports files could not edited . &hat wireless card can we use to achie4e 100 +#ps actual wireless throu$hput !. =02.11 #-$
%. =02.11 a-#-$ . =02.11 a *. =02.11 a-n >. =02.11 a-#-$-n 6. It is possi#le to add user'defined chains in ip firewall man$le
9. hoose all 4alid hosts address ran$e for su#net 16.22.66.92-2< !. 16.22.66.1'16.22.66.92 %. 16.22.66.2'16.22.66.9 . 16.22.66.'16.22.66.92 *. 16.22.66.'16.22.66.9 <. !ction;redirect allows you to make
!. ransparent */S ache %. ?orward */S to another de4ice I" address . >na#le 7ocal Ser4ice *. ransparent H" "roBy =. &hich is correct mas3uerade rule for 1:2.19=.0.0-2 network on the router with out$oin$ interface;ether1 !. -ip firewall nat add action;mas3uerade chain;srcnat %. -ip firewall nat add action;mas3uerade chain;srcnat src'address;1:2.19=.0.0-2 . -ip firewall nat add action;mas3uerade out'interface;ether1 chain;dstnat *. -ip firewall nat add action;mas3uerade chain;srcnat out'interface;ether1 :. &hat letters appear neBt to a route, which is automatically created #y @outerAS when user adds a 4alid address to an acti4e interface !. I %. * . ! *. S >. 10. +ark all features that are compati#le with /streme !. &*S #etween a de4ice in station'wds mode and a de4ice in station'wds mode %. >ncryption . &*S #etween a de4ice in ap'#rid$e mode with a de4ice in station'wds mode *. %rid$in$ a de4ice in station mode with a de4ice in ap'#rid$e mode 11. an you manually add dri4ers to @outerAS in case your "I >thernet card is not reco$nied, and it5s a dri4er issue !. Ges %. /o 12. ?or static routin$ functionality, additionally to the @outerAS system packa$e, you will also need the followin$ software packa$e8
!. none %. dhcp . routin$ *. ad4anced'tools 1. &hich are necessary sections in -3ueue simple to set #andwidth limitation !. tar$et'address, maB'limit %. tar$et'address, dst'address, maB'limit . tar$et'address, dst'address *. maB'limit 1. &hat protocol is used for "in$ and race route !. *H" %. I" . " *. I+" >. *" 16. ?rom which of the followin$ locations can you o#tain &in#oB !. @outer5s we#pa$e %. ?iles menu in your router . Dia the console ca#le *. mikrotik.com 19. wo hosts, ! and %, are connected to a #roadcast 7!/. Select all the answers showin$ pairs of I" address-mask which would allow I" connections to #e esta#lished #etween the two hosts.
!. !8 10.1.2.99-26 and %8 10.1.2.10:-29 %. !8 10.2.2.1-2 and %8 10.2.0.1-22 . !8 10.1.2.1:2-2 and %8 10.1.2.12:-29 *. !8 10.2.1.0-2 and %8 10.2.0.1-22 1<. &hy is it useful to set a @adio /ame on the radio interface !. o identify a station in a list of connected clients %. o identify a station in the !ccess 7ist . o identify a station in /ei$h#or disco4ery 1=. &hat kind of users are listed in the Secrets window of the """ menu !. pptp users %. l2tp users . win#oB users *. wireless users >. pppoe users ?. hotspot users 1:. @outer ! and % are #oth runnin$ as """o> ser4ers on different #roadcast domains of your network. Is it possi#le to set @outer ! to use E-ppp secretE accounts from @outer % to authenticate """o> customers
20. +ikroik @outerAS *H" client can recei4e followin$ options !. %yte limit %. I" ateway . @ate limit *. ptime limit >. I" !ddress and Su#net 21. he HotSpot feature can #e used only on ethernet interfaces. Gou ha4e to use a separate access point if you want to use this feature with wireless.
22. If you need to make sure that one computer in your HotSpot network can access the Internet without HotSpot authentication, which menu allows you to do this !. sers %. I" #indin$s . &alled'$arden *. &alled'$arden I" 2. How many different priorities can #e selected for 3ueues in +ikroik @outerAS !. = %. 19 . 0 *. 1 2. &hich default route will #e a cti4e -ip route add disa#led;no distance;10 dst'address;0.0.0.0-0 $ateway;1.1.1.1 add disa#led;no distance;6 dst'address;0.0.0.0-0 $ateway;2.2.2.2 !. @oute 4ia $ateway 1.1.1.1 %. @oute 4ia $ateway 2.2.2.2 26. How lon$ is le4el 1 (demo) license 4alid !. 2 hours %. Infinite time . 1 month *. 1 year rade < out of a maBimum of 10 (<0J) uestion 1 +arks8 1 ?itur dan I untuk routeros yan$ terinstall pada " dan pada router#oard #er#eda. !nswer8 rue Incorrect ?alse orrect orrect +arks for this su#mission8 1-1. uestion 2 +arks8 1 *i antara rule static'route di #awah ini, manakah yan$ #isa di$unakan untuk menam#ahkan default route pada routerAS hoose at least one answer.
a. -ip route add $ateway;1.1.1.1 orrect #. -ip route add dst'address;0.0.0.0-0 $ateway;1.1.1.1 orrect c. -ip route add dst'address;1:2.19=.0.0-2 $ateway;1.1.1.1 Incorrect d. -ip route add dst'address;0.0.0.0 $ateway;1.1.1.1 Incorrect e. -ip route add src'address;1:2.19=.0.0-2 $ateway;1.1.1.1 Incorrect Incorrect +arks for this su#mission8 0-1. uestion +arks8 1 Cita dapat melakukan akses untuk melakukan konfi$urasi routeros mikrotik men$$unakan 8 hoose at least one answer. a. we#'#ase orrect #. mac'telnet orrect c. telnet orrect d. serial console orrect e. ssh orrect f. rd party application 4ia !"I orrect $. win#oB orrect h. mac'win#oB orrect "artially correct +arks for this su#mission8 0.6-1. uestion +arks8 1 +anakah di antara fun$si @outerAS di #awah ini yan$ #isa di$unakan untuk melakukan #lok akses tertentu hoose at least one answer. a. firewall filter orrect #. proBy access'list orrect c. firewall man$le Incorrect d. firewall address'list Incorrect "artially correct +arks for this su#mission8 0.6-1. uestion 6 +arks8 1 ?itur manakah yan$ terdapat pada routeros yan$ #isa mempercepat akses client hoose one answer. a. hotspot Incorrect #. dhcp'ser4er Incorrect c. AS"? Incorrect d. connection'trackin$ Incorrect e. we#'proBy orrect orrect +arks for this su#mission8 1-1. uestion 9 +arks8 1 Huruf apakah yan$ akan muncul se#a$ai status pada routin$ ta#le, jika kita menam#ahkan se#uah ip address pada interface yan$ 4alid hoose at least one answer. a. orrect #. ! orrect c. * orrect d. A Incorrect e. % Incorrect "artially correct +arks for this su#mission8 0.-1. uestion <
+arks8 1 Cita #isa memaksa semua traffic http dari user melalui we#'proBy yan$ terpasan$ di router. ntuk itu, kita perlu mem#elokkan traffic den$an parameter 8 hoose one answer. a. protocol;http src'port;=0 Incorrect #. protocol;http dst'port;=0 Incorrect c. protocol;tcp Incorrect d. protocol;tcp dst'port;=0 orrect e. protocol;tcp src'port;=0 Incorrect orrect +arks for this su#mission8 1-1. uestion = +arks8 1 "aket routerAS manakah yan$ harus ada pada router +ikrotik hoose at least one answer. a. system.npk orrect #. ad4anced'tools.npk Incorrect c. wireless.npk Incorrect d. routin$.npk Incorrect "artially correct +arks for this su#mission8 0.9<-1. uestion : +arks8 1 +anakah di antara perintah 7I #erikut ini yan$ #isa di$unakan untuk menam#ahkan ip address #aru pada se#uah interface hoose at least one answer. a. -ip add add add;1:2.19=.0.1-2 int;ether1 orrect #. -ip address add address;1:2.19=.0.1-2 interface;ether1 orrect c. -ip address add 1:2.19=.0.1-2 interface;ether1 Incorrect d. -ip add add;1:2.19=.0.1-2 int;ether1 Incorrect orrect +arks for this su#mission8 1-1. uestion 10 +arks8 1 ntuk melakukan netinstall, minimal kita mem#utuhkan ka#el 8 hoose at least one answer. a. ka#el serial *%:-@S22 orrect #. Ca#el D! Incorrect c. Ce#el S% Incorrect d. Ca#el " orrect orrect +arks for this su#mission8 1-1.