1.

You want to transfer existing '/ip firewall filter' configuration from one router to a new
system. Choose the best possible way to do:
A. Export only '/ip firewall filter'
B. Create backup only of '/ip firewall filter' rules
C. Create backup, edit backup file and restore on
target router
D. Export global configuration and remove
everything apart from '/ip firewall filter'

Jawab :a
Penjelasan : karena untuk menambahkan nama fitur
tersebut untuk export yang lebh spesifik

ssss
2.
A. Five
B. One
C. Two
D. Unlimited

Jawab : b
Penjelasan ; setiap interface hanya mendappat jatah 1
untuk setiap interface
3. There are two routes in the routing table:
0 dst-addr=10.1.1.0/24 gateway=5.5.5.5
1 dst-addr=10.1.1.4/30 gateway=5.6.6.6

Which gateway will be used to get to the IP address 10.1.1.6?

A. both - half of the traffic will be routed through
one gateway, half through the other
B. 5.6.6.6
C. 5.5.5.5
D. the required route is not in the routing table

Jawab : b
Penjelasan : karena dia termasuk dalam range yang
sama dan juga paling spesifik
Jawaban yang A dan c tidak termasuk karena mereka
kurang spesifik,
4. A routing table has following entries:

1
0 dst-address=10.0.0.0/24 gateway=10.1.5.126

1 dst-address=10.1.5.0/24 gateway=10.1.1.1

2 dst-address=10.1.0.0/24 gateway=25.1.1.1

3 dst-address=10.1.5.0/25 gateway=10.1.1.2

Which gateway will be used for a packet with destination address 10.1.5.126?

A. 10.1.5.126
B. 10.1.1.1
C. 10.1.1.2
D. 25.1.1.1

Jawab : c
Penjelasan : karena dia termasuk dalam range yang
sama dan juga paling spesifik
Jawaban yang A,B dan D tidak termasuk karena mereka
kurang spesifik
5. Which port does PPTP use by default?
A. TCP 1721
B. UDP 1721
C. UDP 1723
D. TCP 1723

JAWAB :d
Penjelasan : karena port pptp berjalan pada tcp 1723
bukan udp
6. There are two wireless cards (wlan1 and wlan2) which are bridged together. On wlan1 card
there is a setting "Forwarding=no". Choose the correct answer(s):
A. Stations on wlan2 will be able to communicate
with stations on wlan2
B. Stations on wlan2 will be able to communicate
with stations on wlan1
C. Stations on wlan1 will be able to communicate
with stations on wlan1
D. To prevent communication between wlan1 and
wlan2 one cannot use Bridge Filters
E. Stations on wlan1 will be able to communicate
2
 with stations on wlan2
7. Consider a wireless access point with mode=ap-bridge. What is the maximum number of
concurrent clients that can connect to it?
A. 2007
B. 2012
C. 2048
D. 1024
8. Consider the following diagram. We want to communicate from a device on LAN1 to a
device on LAN2. Assuming that all necessary configurations are already included on R2,
which of the following configurations in R1 would enable this communication?
A. /ip route add dst-address=192.168.1.0/24 src-
address=192.168.0.0/24 gateway=192.168.99.2
B. /ip route add dst-address=0.0.0.0/0
gateway=Ether1
C. /ip route add dst-address=192.168.0.0/24
gateway=192.168.0.1
D. /ip route add dst-address=192.168.1.0/24
gateway=192.168.99.2
E. /ip route add dst-address=0.0.0.0/0
gateway=192.168.99.2

Jawab : B,D.E
Penjelasan: semuanya benar karena ,
B. bisa memakai interface,
D. konfigurasi static routing yang lengkap
E. bisa memakai efault route
9. PPP Secrets are used for
A. PPtP clients
B. L2TP clients
C. Router users
D. PPPoE clients
E. IPSec clients
F. PPP clients

Jawab : A,B,D
Penjelasan : ppp secret berfungsi untuk membuat user
an password untuk proses tunneling

3
10. For a Simple Queue to apply a bandwidth restrictions on a bridged interface, following
must be done:
A. Configure an IP address on the bridge interface
B. Use mangle to mark the connections
C. Associate the Simple Queue to the bridge
interface
D. Enable 'Use IP Firewall' in bridge settings

Jawab : c
Penjelasan : karena untuk menjalankan fungsi diatas
mesti dipasang dibridge tersebut

11. In RouterOS queue configurations the word "total" usually represents

A. download - upload
B. upload
C. upload + download
D. Download

Jawab : c
Penjelasan : karena total itu merupakan upload +
download
12. What does the firewall action "log" do?
A. It logs and blocks the packet
B. It blocks and logs the packet
C. It adds a prefix to the packet and passes it
through
D. It logs the packet

Jawab : D
Penjelasan : log itu fungsi mencatat, bukan memblok
ataupun mengijinkan data untuk leat
13. Which of the following is true for connection tracking
A. Connection tracking must be enabled for
NAT'ed network
B. Enabling connection tracking reduces CPU
usage in RouterOS
C. Disable connection tracking for mangle to work
D. Connection tracking must be enabled to be able
4
 to use all firewall features

14. How many different priorities can be selected for queues in MikroTik RouterOS?
A. 1
B. 16
C. 0
D. 8
Jawab : d
Penjelasan : priority terbesar yang dapat diberikan pada
client adlah 8 semakin kecil angkanya semaikn I
prioritaskan
15. Which of the following keystrokes enables safe mode in console:
A. Ctrl+x
B. Ctrl+c
C. Ctrl+d
D. Ctrl+s
Jawab : A
Penjelasan ;
16. Select minimal set of software packages in RouteOS required to configuring a wireless
AP

A. wireless
B. advanced-tools
C. dhcp
D. routing
E. System

Jawab : A dan E
Penjelasan : karena untuk sekedar menghubungkan ap-
stasion tidak dibutuhkan dhcp (untuk membagikan ip)
dan juga routing (karena bisa memakai satu network
yang sama)
17. For static routing functionality, additionally to the RouterOS 'system' package, you will
also need the following software package:
A. no extra package required
B. advanced-tools
C. dhcp
D. Routing
5
 Jawab : A
Penjelasan :jika hanya static routing tidak memerlukan
paket tambahan/extra package
18. What is possible with Netinstall?
A. MikroTik RouterOS reinstall
B. MikroTik RouterOS password reset with saving
router's configuration
C. MikroTik RouterOS configuration reset

Jawaban : semua benar

Penjelasan : netiinstall dapat melakukan ketiganya
19. Possible actions of ip firewall filter are:
A. bounce
B. log
C. accept
D. tarp
E. add-to-list
F. Tarpit

Jawab : B,C,D,F
Penjelasan :
20. What is the minimal possible wireless configuration to create an Access Point?
A. DFS mode
B. WDS
C. scan-list
D. radio name
E. mode
F. frequency
G. Band

H. Ssid

Jawab : g
Penjelasan : jika hanya sekedar terhubung kita hanya
mememrlukan band yang sama

21. What is the correct action for a NAT rule on a router that should intercept SMTP traffic
6
and send it over to a specified mail server?

A. redirect
B. passthrough
C. dst-nat
D. Tarpit

Jawab : c
Karena : paket ingin DIOPER ke mail server
22. PPPoE server only works within one Ethernet broadcast domain that it is connected to. If
there is a router between server and end-user host, it will not be able to create PPPoE tunnel
to that PPPoE server.
false

Penjelasan : karena PPPOE bisa berjalan meskipun beda

IP network

23. It is possible to create an encrypted PPPoE tunnel in RouterOS:

true

24. Where should you upload new MikroTik RouterOS version packages for upgrading
router?
A. FTP root directory or /files directory of the
router
B. System Package menu
C. Any directory in /files
D. System Backup menu

Jawab : c
Penjelasan : karena setiap upgrade akan diletakan I
directory file
25. During a scan, in order to see all the available wireless frequencies that are supported by
the card, the following option must be selected in the wireless card's "Frequency Mode":
A. regulatory domain
B. superchannel
C. manual txpower

Jawab A
Penjelasan : karena memberi limit terhadap channel
yang tersedia dan maximum transit sesuai dengan
Negara masing2
7
1. What can be used as ’target-address’ in the simple queue?
A. address list name
B. client’s MAC address
C. client’s address
D. server’s address
Jawab : c
Penjelasan : karena untuk simple queue menggunakan ip address si client
2. When using routing option 'check-gateway=ping' after how many timeouts is gateway
considered unreachable:
A. 1
B. 3
C. 2
D. 4

Jawab : c
Penjelasan :
3. The highest queue priority is
A. 1
B. 8
C. 256
D. 16

Jawab :b
Penjelasan : priority terbesar yang dapat diberikan pada client adlah 8 semakin kecil
angkanya semaikn I prioritaskan
4. The 'connect-list' of wireless interfaces is used
A. for specifying APs not to connect to
B. for preventing communications between the clients
C. for specifying APs to connect to
D. for configuring SSID on the interface

Jawab : a dan c
Penjelasan : fungsi dari access-list ialah membatasi mana saja yang bisa connect ke ap
tersebut

5. Which option in the configuration of a wireless

s card must be disabled to cause the router to permit ONLY known clients listed in the access
8
list to connect?

A. Default Forward
B. Default Authenticate
C. Security Profile
D. Enable Access List

Jawab : b
Penjelasan : karena dengan default authenticate semua bisa connect ke ap tersebut
6. DHCP server is configured on a router’s ether1 interface. IP address 192.168.0.100/24 is
assigned to the interface. Possible IP pools, that can be used by this DHCP server, are:

A. 192.168.0.1-192.168.0.255
B. 192.168.0.1-192.168.0.99,192.168.0.101-192.168.0.254
C. 192.168.0.1-192.168.0.14
D. 192.169.0.1-192.169.0.254

Jawab : b dan c
Penjelasan : karena untuk jawaban A dan B akan terjai overlap ip (ip gateway tidak dipisah)

7. There can be more than one PPPoE server in a single broadcast domain:
true

Jawab : true
Penjelasa: karena dalam satu broadcast domain bisa menjalankan lebih dari satu point to
point dalam satu network

8. There are two wireless cards (wlan1 and wlan2) which are bridged together. On wlan1 card
there is a setting "Forwarding=no". Choose the correct answer(s):
A. To prevent communication between wlan1 and wlan2 one cannot use Bridge Filters
B. Stations on wlan2 will be able to communicate with stations on wlan1
C. Stations on wlan1 will be able to communicate with stations on wlan2
D. Stations on wlan1 will be able to communicate with stations on wlan1
E. Stations on wlan2 will be able to communicate with stations on wlan2
9. When viewing the routes in Winbox, some routes will show "DAC" in the first column.
These flags mean:

9
 A. Dynamic, Active, Console
B. Dynamic, Available, Created
C. Dynamic, Active, Connected
D. Direct, Available, Connected
Penjelasan : bisa dilihat di bawah ini
Flags: X - disabled, A - active, D -dynamic,
C - connect, S -static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit

10. For static routing functionality, additionally to the RouterOS 'system' package, you will
also need the following software package:
A. no extra package required
B. routing
C. advanced-tools
D. dhcp

Jawaban : a
Penjelasan :jika hanya static routing tidak memerlukan paket tambahan/extra package
11. Which of the following Routes statuses are possible?
A. C = Connected
B. A = Active
C. S = Static
D. D = Drop

Jawab : abc
Penjelsan : d tidak termasuk karena dia termasuk action dari firewall bukan status dari table
routing
12. It is possible to create an encrypted PPPoE tunnel in RouterOS:
true

Jawab true
penjelasan: karena dalam satu broadcast domain bisa menjalankan lebih dari satu point to
point dalam satu network
13. Action=redirect allows you to make

A. Transparent HTTP Proxy

B. Enable Local Service
10
 C. Transparent DNS Cache
D. Forward DNS to another device IP address

Jawab : a dan c
Penjelasan : karena redirect yang terpasang di dm chain=dstnat ini berfungsi untuk
transparent http proxy dan juga transparent dns cache

14. What is possible with Netinstall?

A. MikroTik RouterOS password reset with saving router's configuration
B. MikroTik RouterOS configuration reset
C. MikroTik RouterOS reinstall

Jawaban : semua benar

Penjelasan : netiinstall dapat melakukan ketiganya
15. A client uses a RouterBOARD1000. The clock is configured in '/system clock'. The clock
resets to default after each reboot.
Select the best solution for the problem.

A. Write a script in '/system script' to set the clock

B. Configure '/system ntp client' and set a valid and reachable NTP server address.
C. Open the router and ensure the CMOS battery is fine.
D. Configure '/system ntp server' and set a valid and reachable NTP client address.

Jawab : b
Penjelasan : dengan memasang ntp client, maka ia akan mensingkronisasikan waktu sesuai
dengan yang ada di internet,
A, salah karna ketika reboot ia akan tetap kembali ke waktu sebelumnya
B salah karena dhcp server digunakan untuk memberikan waktu (dan bertindak sebagai
server) an ia tidak tersambung ke klien manapun
D. rb 1000 tidak memiliki battry cmos
16.
A. One
B. Unlimited
C. Five
D. Two

Jawaban : a
Penjelasan ; setiap interface hanya mendappat jatah 1 untuk setiap interface
17. A wireless interface 'wlan1' is added to a bridge interface 'br-lan'. To enable dhcp-server
11
for wireless interface 'wlan1', on which interface should dhcp-server be configured?

A. On both 'br-lan' and 'wlan1'

B. The dhcp-server cannot be enabled neither on 'wlan1', nor on 'br-lan'
C. On 'wlan1'
D. On 'br-lan'

Jawaban :D
Penjelasan tidak perlu lagi membuat ip address di wlan apabila sudah dimasukan kedalam
bridge
18. It is possible to have PPTP Client and PPTP server on one MikroTik router at the same
time.
true

Jawab : true
Penjelasa: karena d
19. Which firewall chain should be used for filters that protect your router interface?
A. post-routing
B. forward
C. pre-routing
D. input
20. What does the firewall action "Redirect" do? Select all true statements.
A. Redirects a packet to a specified port on a host in the network
B. Redirects a packet to a specified IP
C. Redirects a packet to a specified port on the router
D. Redirects a packet to the router
21. Which of the following would prevent unknown clients from connecting to your AP?
Choose the BEST answer.
A. Uncheck "Default Authenticate" in the wireless card configuration, and add each
known client's MAC address to your connect-list configuration
B. Configure the radius server under "/radius"
C. Add each known client's MAC address to your access-list configuration is the only
step needed
D. Uncheck "Default Authenticate" in the wireless card configuration, and add each
known client's MAC address to your access-list configuration ensuring that you enable
"authenticate" in the entry
E. Check the "Do not permit unknown client" box in the wireless configuration

12
Jawb
Penjelasan : karena dengan default authenticate semua bisa connect ke ap tersebut
22. Which port does PPTP use by default?
A. UDP 1723
B. UDP 1721
C. TCP 1723
D. TCP 1721

Jawab : c
Penjelasan : Port yang dipakai pptp ialah 1723secara default
23. Which are necessary sections in /queue simple to set bandwidth limitation?
A. target-address, max-limit
B. max-limit
C. target-address, dst-address
D. target-address, dst-address, max-limit

Jawab : a
Penjelasan : karena untuk simple queue hanya membutuhkan target dan juga max limit nya

24. It is required to make a web server on a private LAN visible on the Public Internet. Only
the web server port should be visible to the public. Which of the following configuration
steps must be met. (select all that apply)
A. A route between the NAT Router and the webserver must exist
B. in ip firewall NAT there should be a dst-nat between the public ip of the router and
the private ip of the webserver
C. LAN address of the webserver should be routable on the internet
D. Public IP address of the webserver must be installed on the NAT Router
E. Connection Tracking must be enabled on NAT router
25. What is the default protocol/port of (secure) winbox?
A. UDP/5678
B. TCP/22
C. TCP/8291
D. TCP/8080

Jawab : c
Penjelasan ; port default dari winbox aalah 8291

13
1. A client uses a RouterBOARD1000. The clock is configured in '/system clock'. The clock
resets to default after each reboot.
Select the best solution for the problem.

A. Write a script in '/system script' to set the clock

B. Configure '/system ntp server' and set a valid and reachable NTP client address.
C. Configure '/system ntp client' and set a valid and reachable NTP server address.
D. Open the router and ensure the CMOS battery is fine.

Jawab: C
Penjelasan : dengan memasang ntp client, maka ia akan mensingkronisasikan waktu sesuai
dengan yang ada di internet,
A, salah karna ketika reboot ia akan tetap kembali ke waktu sebelumnya
B salah karena dhcp server digunakan untuk memberikan waktu (dan bertindak sebagai
server) an ia tidak tersambung ke klien manapun
D. rb 1000 tidak memiliki battry cmos
2. Which of the protocols below is used by Netinstall?
A. arp
B. bootp
C. dhcp
D. rarp

Jawab : b
Penjelasan : protocol yang digunakan adalah bootp untuk menginstalasi gn netinstall
Jawaban a salah karena dungsi ARP adalah memetakan layer2 dan 3
Jawaban c salah karena dhcp berfungsi untuk membagikan ip
Jawaban d salah karena adlh kebalikan dari ARP
3. /ip route configuration on router,

/ip route add gateway=192.168.0.1

/ip route add dst-address=192.168.1.0/24 gateway=192.168.0.2
/ip route add dst-address=192.168.2.0/24 gateway=192.168.0.3
/ip route add dst-address=192.168.3.0/26 gateway=192.168.0.4 3.1-3.62

Router needs to send packets to 192.168.3.240. Which gateway will be used?

A. 192.168.0.2
B. 192.168.0.4
C. 192.168.0.1
D. 192.168.0.3

Jawab : c
Penjelasan : jawaban A dan B salah karena dst addressnya tidak sesuai dengan yang diminta
14
 Sedangkan yang D karena rangenya berbeda dengan 240
4. For a Simple Queue to apply a bandwidth restrictions on a bridged interface, following must
be done:

A. Configure an IP address on the bridge interface

B. Use mangle to mark the connections
C. Enable 'Use IP Firewall' in bridge settings
D. Associate the Simple Queue to the bridge interface

5. Mark all correct answers

A. Wireless access-list could allow and deny connect to your AP

B. The only way to prevent wireless clients connections - disable wireless interface
C. Default-Forwarding could be enabled for a specific clients by wireless access-list
D. /ip firewall filter allows to deny authentication to AP

Jawab : a saja
Penjelasan : wirelesss access-list dapat menentukan mana yang boleh terhubung ke ap,
caranya dengan mendisable default authentication
Selainnya salah karena tidak sesuai
6. NAT rule is going to catch SMTP traffic and send it to a specific mail server.
What is the correct action for a NAT rule?
A. passthrough
B. dst-nat
C. redirect
D. tarpit

Jawab : b
Penjelasan : karena untuk membelokan smtp traffic kesuatu network ialah tugas dst nat
Untuk mengkonfigurasikannya ikuti command dibawah ini

ip firewall nat add chain=dstnat protocol=tcp dst-port=25 action=dst-nat to-

addresses=10.0.0.1 to-ports=25

7. When viewing the routes in Winbox, some routes will show "DAC" in the first column.
These flags mean:

15
 A. Direct, Available, Connected
B. Dynamic, Active, Connected
C. Dynamic, Available, Created
D. Dynamic, Active, Console

Jawab : b
Penjelasan : bisa dilihat di bawah ini
Flags: X - disabled, A - active, D -dynamic,
C - connect, S -static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit

8. It is possible to create an encrypted PPPoE tunnel in RouterOS:

true

Penjelasan : karena semua protocol ppp bisa di enkripsi

9. Action=redirect is applied in
A. chain=srcnat
B. chain=forward
C. chain=dstnat

Jawab : c
Penjelasan: karena redirect membutuhkan destination bukan source atau pun forward
10. MikroTik RouterOS commands can be run once a day by:
A. /system watchdog
B. /system cron
C. /system scheduler

Jawab: c
Pejelasan : karena scheduler mengatur jadwal kapan fitur tersebut dijalankan
11. Router has wireless and ethernet client interfaces, all client interfaces are bridged. To create
a DHCP service for all clients, DHCP server must be configured on:
A. Ethernet and wireless interfaces
B. DHCP service is not possible in this setup
C. Every bridge port
D. Only on the bridge interface

Jawab: D
Penjelasan : karena interface wireless dan ethernetnya sudah di bridge sehingga harus
16
 dimasukan kedalam interface bridge
12. You want to use PCQ and allow 256k maximum download and upload for each client.
Choose correct argument values for the required queue.
A. kind=pcq pcq-rate=1256000 pcq-classifier=dst-address
B. kind=pcq pcq-rate=5000000 pcq-classifier=src-address
C. kind=pcq pcq-rate=256000 pcq-classifier=dst-address
D. kind=pcq pcq-rate=5000000 pcq-classifier=dst-address
E. kind=pcq pcq-rate=256000 pcq-classifier=src-address
Jawab : C dan E
Penjelasan :dalam PCQ untuk melimit Upload classifier yang diisi adalah Src-Address dan
untuk Download classfier yang diisi aalah dst-address
13. Which is a default baud-rate of currently manufactured RouterBOARDs?
A. 115200
B. 9600
C. 38400
D. 11520

Jawaban :a
Penjelasan : karena default yang dipasang ke netinstall adalah 11520
14. DHCP server is configured on a router’s ether1 interface. IP address 192.168.0.100/24 is
assigned to the interface. Possible IP pools, that can be used by this DHCP server, are:

A. 192.169.0.1-192.169.0.254
B. 192.168.0.1-192.168.0.255
C. 192.168.0.1-192.168.0.99,192.168.0.101-192.168.0.254
D. 192.168.0.1-192.168.0.14

Jawab : c an d
Penjelasan : karena untuk jawaban A dan B akan terjai overlap ip (ip gateway tidak dipisah)
15. There can be more than one PPPoE server in a single broadcast domain:
true

Jawab : true
Penjelasa: karena dalam satu broadcast domain bisa menjalankan lebih dari satu point to point
dalam satu network

16. Which wireless mode allows you to connect to any standard AP (not only MikroTik) and to
be able to bridge this wireless interface to an Ethernet?
17
 A. station
B. station-wds
C. Bridge pemancar
D. station-pseudobridge

Jawab : a
Penjelasan : karena untuk jawaban B dan D khusus mikrotik untuk melakukan wds
17. To block communications between wireless clients connected to the same access point
interface, you should set
A. 'default-forwarding=no'
B. 'max-station-count=1'
C. 'default-authentication=no'
D. 'default-authentication=no' and 'default-forwarding=no'

Jawab : a
Penjelasan : karena no default-forwarding akan men disable layer 2 dari client
18. PPPoE server only works within one Ethernet broadcast domain that it is connected to. If
there is a router between server and end-user host, it will not be able to create PPPoE tunnel to
that PPPoE server.
false

Jawaban : false
Penjelasan : karena PPPOE bisa berjalan meskipun beda IP network

19. Which default route will be active?

/ip route
add disabled=no distance=10 dst-address=0.0.0.0/0 gateway=1.1.1.1
add disabled=no distance=5 dst-address=0.0.0.0/0 gateway=2.2.2.2
A. Route via gateway 2.2.2.2
B. Route via gateway 1.1.1.1

Jawab : a
Penjelasan :semakin kecil distance nya semakin di prioritaskan
20. Which are necessary sections in /queue simple to set bandwidth limitation?
A. max-limit
B. target-address, max-limit
C. target-address, dst-address
D. target-address, dst-address, max-limit
18
 Jawab : b
Penjelasan : karena untuk simple queue hanya membutuhkan target dan juga max limit nya

21. Which option in the configuration of a wireless card must be disabled to cause the router to
permit ONLY known clients listed in the access list to connect?

A. Enable Access List

B. Security Profile
C. Default Authenticate
D. Default Forward

Jawab : c
Penjelasan : karena dengan default authenticate semua bisa onnect ke ap tersebut
22. For static routing functionality, additionally to the RouterOS 'system' package, you will also
need the following software package:
A. advanced-tools
B. routing
C. dhcp
D. no extra package required

Jawab : d
Penjelasan :jika hanya static routing tidak memerlukan paket tambahan/extra package
23. Which firewall chain should you use to filter clients HTTP traffic going through the router?
A. prerouting
B. forward
C. output
D. input

Jawab :b
Penjelasan : kata kuncinya adalah “through” atau melewati sehingga yang dibutuhkan untuk
“melewati” ialah chain=forward
24. What is necessary for PPPoE client configuration?
A. ip firewall nat masquerade rule
B. Interface (on which PPPoE client is going to work)
C. Static IP address on PPPoE client interface

Jawaban : b
Penjelasan : karena yang dibutuhkan untuk pppoe client interface akan dipakai
19
25. Action=redirect can be used in NAT chain src-nat
A. true
B. false
Jawab b
Penjelasan: karena redirect membutuhkan destination bukan source atau pun forward

1. Is action=masquerade allowed in chain=dstnat?

A. yes, but only if dst-addr is specified
B. yes
C. yes, but it works only for incoming connections
D. no
Jawaban : D
Penjelasan : karena masquerade dipasang pada srcnat

2. What is the default protocol/port of (secure) winbox?

A. UDP/5678
B. TCP/22
C. TCP/8291
D. TCP/8080
Jawaban : c
Penjelasan : karena port default dari winbox adalah tcp 8291

3. Which is the default port of IP-Winbox?

A. UDP 8291
B. TCP 80
C. TCP 8291
D. TCP 8192

Jawab : c
Penjelasan : karena port default dari winbox adalah tcp 8291
20
4. During a scan, in order to see all the available wireless frequencies that are supported by
the card, the following option must be selected in the wireless card's "Frequency Mode":
A. manual txpower
B. superchannel
C. regulatory domain

Jawab : c
Penjelasan : karena memberi limit terhadap channel yang tersedia dan maximum transit
sesuai dengan Negara masing2

5. Which are necessary sections in /queue simple to set bandwidth limitation?

A. target-address, dst-address
B. target-address, max-limit
C. target-address, dst-address, max-limit
D. max-limit

Jawab :b
Penjelasan : karena untuk simple queue hanya membutuhkan target dan juga max limit nya

6. RouterOS log messages are stored on disk by default

False
Penjelasan : karena log message nya disimpan di memory bukan di disk

7. In order to use dynamic keys in your wireless security profile for an AP, you MUST set up
the dhcp server to provide the dynamic keys.
False

Penjelasan karena dhcp tidak mengirimkan dynamic key

8. When viewing the routes in Winbox, some routes will show "DAC" in the first column.
These flags mean:
A. Dynamic, Active, Connected
B. Dynamic, Active, Console
C. Dynamic, Available, Created
D. Direct, Available, Connected
Jawab :a
Penjelasan : bisa dilihat di bawah ini
Flags: X - disabled, A - active, D -dynamic,
C - connect, S -static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit

9. Which wireless mode allows you to connect to any standard AP (not only MikroTik) and
to be able to bridge this wireless interface to an Ethernet?
A. station-pseudobridge
B. station
21
C. station-wds
D. bridge

Jawab : b
Penjelasan : karena untuk jawaban B dan D khusus mikrotik untuk melakukan wds

10. For static routing functionality, additionally to the RouterOS 'system' package, you will
also need the following software package:
A. no extra package required
B. advanced-tools
C. dhcp
D. routing
Jawab A
Penjelasan : Penjelasan :jika hanya static routing tidak memerlukan paket tambahan/extra
package
11. In RouterOS queue configurations the word "total" usually represents
A. download
B. upload + download
C. upload
D. download – upload

Jawab b
Penjelasan : karena total itu merupakan upload + download

12. PPPoE server only works within one Ethernet broadcast domain that it is connected to. If
there is a router between server and end-user host, it will not be able to create PPPoE tunnel
to that PPPoE server.

False
Penjelasan : Penjelasan : karena PPPOE bisa berjalan meskipun beda IP network

13. PPP Secrets are used for

A. PPtP clients
B. IPSec clients
C. PPP clients
D. Router users
E. L2TP clients
F. PPPoE clients

Jawab : A,E,F
Penjelasan : ppp secret berfungsi untuk membuat user an password untuk proses tunneling

14. When using routing option 'check-gateway=ping' after how many timeouts is gateway
considered unreachable:
22
A. 4
B. 3
C. 1
D. 2

15. Consider the following diagram. We want to communicate from a device on LAN1 to a
device on LAN2. Assuming that all necessary configurations are already included on R2,
which of the following configurations in R1 would enable this communication?
A. /ip route add dst-address=192.168.1.0/24 src-address=192.168.0.0/24
gateway=192.168.99.2
B. /ip route add dst-address=0.0.0.0/0 gateway=192.168.99.2
C. /ip route add dst-address=192.168.0.0/24 gateway=192.168.0.1
D. /ip route add dst-address=0.0.0.0/0 gateway=Ether1
E. /ip route add dst-address=192.168.1.0/24 gateway=192.168.99.2

Jawab :
Penjelasan: semuanya benar karena ,
D. bisa memakai interface,
E. konfigurasi static routing yang lengkap
B. bisa memakai Default route

16. What is possible with Netinstall?

A. MikroTik RouterOS reinstall
B. MikroTik RouterOS password reset with saving router's configuration
C. MikroTik RouterOS configuration reset

Jawaban : semua benar

Penjelasan : netiinstall dapat melakukan ketiganya

17. If you wish to block user access to MSN messenger, which chain should the firewall rule
be placed in?
A. input
B. process
C. forward
D. output

Jawaban : C
Penjelasan : karena chain yang digunakan untuk data / paket dari luar router menuju luar
lainnya menggunakan Chain=Forward

18. If ARP=reply-only is configured on an interface, this interface will

A. accept all MAC-addresses listed in '/ip arp' as static entries
B. accept IP and MAC address combinations listed in '/ip arp' list
C. add new MAC addresses in '/ip arp' list
D. add new IP addresses in '/ip arp' list
E. accept all IP addresses listed in '/ip arp' as static entries
23
Jawaban : A
Penjelasan : ARP=reply-only hanya membalas bagi yang IP dan MAC Addressnya sudah
tercantum

19. In WinBox when clicking the 'Backup' button in the Files window, the following happens
(select all that apply):
A. Backup file is created. Name contains the router identity, the date and time of its creation
B. Backup file is saved to the computer desktop
C. Backup file will contain usernames and passwords of the router
D. Optionally backup name and password can be specified

Jawaban : A
Penjelasan : Backup File berguna untuk membackup seluruh Konfigurasi termasuk Router
Ientity, tanggal dan waktu

20. What is marked by connection-state=established matcher?

A. Packet begins a new TCP connection new
B. Packet does not correspond to any known connection invalid
C. Packet belongs to an existing connection,for example a reply packet or a packet which
belongs to already replied connection established
D. Packet is related to, but not part of an existing connection invalid
Jawaban c
Penjelasan : karena estabilished merupakan hasil dari koneksi yang pernah ada
Sedangkan

21. /ip firewall nat

add chain=dstnat in-interface=ether1 protocol=tcp dst-port=3389 action=dst-nat to-
address=192.168.1.2 to-ports=81

The command shown above:

A. Forwards any TCP traffic incoming through ether1 port 81 to the port 3389 of the internal
host 192.168.1.2
B. Adds IP address 192.168.1.2 to the interface ether1
C. Forwards any TCP traffic incoming through ether1 port 3389 to the port 81 of the internal
host 192.168.1.2jjj
D. Forwards all TCP traffic from 192.168.1.2 to port 81 of the interface ether1

Jawaban : C
Penjelasan : firewall nat akan membelokan traffic ari ether satu engan dst-port 3389 ke port
81.Jawaban A salah karena port yang dibelokkan salah, Jawaban A menjelaskan bahwa port
81 akan dibelokkan ke port 3389.

22. What is necessary for PPPoE client configuration?

A. Interface (on which PPPoE client is going to work)
B. ip firewall nat masquerade rule
24
C. Static IP address on PPPoE client interface

Jawaban : a
Penjelasan : karena yang dibutuhkan untuk pppoe client interface akan dipakai

23. Mark all the features that can be used for limiting client registrations to your access point:
A. access-list
B. wpa
C. WDS
D. registration-table

Jawaban : A
Penjelasan : untuk melimit client yang connect kita bisa menggunakan Access-List.

24. You want to use PCQ and allow 256k maximum download and upload for each client.
Choose correct argument values for the required queue.
A. kind=pcq pcq-rate=256000 pcq-classifier=dst-address
B. kind=pcq pcq-rate=1256000 pcq-classifier=dst-address
C. kind=pcq pcq-rate=5000000 pcq-classifier=src-address
D. kind=pcq pcq-rate=256000 pcq-classifier=src-address
E. kind=pcq pcq-rate=5000000 pcq-classifier=dst-address

Jawab : A dan D
Penjelasan :dalam PCQ untuk melimit Upload classifier yang diisi adalah Src-Address dan
untuk Download classfier yang diisi aalah dst-address

25. There can be more than one PPPoE server in a single broadcast domain:
True

Jawab : true
Penjelasa: karena dalam satu broadcast domain bisa menjalankan lebih dari satu point to
point dalam satu network

1. You want to transfer existing '/ip firewall filter' configuration from one router to a new
system. Choose the best possible way to do:
A. Export only '/ip firewall filter'
B. Create backup only of '/ip firewall filter' rules
C. Create backup, edit backup file and restore on
target router
D. Export global configuration and remove
everything apart from '/ip firewall filter'

Jawab :a
Penjelasan : karena untuk menambahkan nama fitur
tersebut untuk export yang lebh spesifik
25
2.
A. Five
B. One
C. Two
D. Unlimited

Jawab : b
Penjelasan ; setiap interface hanya mendappat jatah 1
untuk setiap interface
3. There are two routes in the routing table:
0 dst-addr=10.1.1.0/24 gateway=5.5.5.5
1 dst-addr=10.1.1.4/30 gateway=5.6.6.6

Which gateway will be used to get to the IP address 10.1.1.6?

A. both - half of the traffic will be routed through
one gateway, half through the other
B. 5.6.6.6
C. 5.5.5.5
D. the required route is not in the routing table

Jawab : b
Penjelasan : karena dia termasuk dalam range yang
sama dan juga paling spesifik
Jawaban yang A dan c tidak termasuk karena mereka
kurang spesifik,
4. A routing table has following entries:

0 dst-address=10.0.0.0/24 gateway=10.1.5.126

1 dst-address=10.1.5.0/24 gateway=10.1.1.1

2 dst-address=10.1.0.0/24 gateway=25.1.1.1

3 dst-address=10.1.5.0/25 gateway=10.1.1.2

Which gateway will be used for a packet with destination address 10.1.5.126?

A. 10.1.5.126
B. 10.1.1.1
C. 10.1.1.2
26
 D. 25.1.1.1

Jawab : c
Penjelasan : karena dia termasuk dalam range yang
sama dan juga paling spesifik
Jawaban yang A,B dan D tidak termasuk karena mereka
kurang spesifik
5. Which port does PPTP use by default?
A. TCP 1721
B. UDP 1721
C. UDP 1723
D. TCP 1723

JAWAB :d
Penjelasan : karena port pptp berjalan pada tcp 1723
bukan udp
6. There are two wireless cards (wlan1 and wlan2) which are bridged together. On wlan1 card
there is a setting "Forward
ing=no". Choose the correct answer(s):
A. Stations on wlan2 will be able to communicate
with stations on wlan2
B. Stations on wlan2 will be able to communicate
with stations on wlan1
C. Stations on wlan1 will be able to communicate
with stations on wlan1
D. To prevent communication between wlan1 and
wlan2 one cannot use Bridge Filters
E. Stations on wlan1 will be able to communicate
with stations on wlan2
7. Consider a wireless access point with mode=ap-bridge. What is the maximum number of
concurrent clients that can connect to it?
A. 2007
B. 2012
C. 2048
D. 1024
8. Consider the following diagram. We want to communicate from a device on LAN1 to a
device on LAN2. Assuming that all necessary configurations are already included on R2,
which of the following configurations in R1 would enable this communication?

27
 A. /ip route add dst-address=192.168.1.0/24 src-
address=192.168.0.0/24 gateway=192.168.99.2
B. /ip route add dst-address=0.0.0.0/0
gateway=Ether1
C. /ip route add dst-address=192.168.0.0/24
gateway=192.168.0.1
D. /ip route add dst-address=192.168.1.0/24
gateway=192.168.99.2
E. /ip route add dst-address=0.0.0.0/0
gateway=192.168.99.2

Jawab : B,D.E
Penjelasan: semuanya benar karena ,
B. bisa memakai interface,
D. konfigurasi static routing yang lengkap
E. bisa memakai efault route
9. PPP Secrets are used for
A. PPtP clients
B. L2TP clients
C. Router users
D. PPPoE clients
E. IPSec clients
F. PPP clients

Jawab : A,B,D
Penjelasan : ppp secret berfungsi untuk membuat user
an password untuk proses tunneling

10. For a Simple Queue to apply a bandwidth restrictions on a bridged interface, following
must be done:
A. Configure an IP address on the bridge interface
B. Use mangle to mark the connections
C. Associate the Simple Queue to the bridge
interface
D. Enable 'Use IP Firewall' in bridge settings

Jawab : c
Penjelasan : karena untuk menjalankan fungsi diatas
mesti dipasang dibridge tersebut

28
11. In RouterOS queue configurations the word "total" usually represents
A. download - upload
B. upload
C. upload + download
D. Download

Jawab : c
Penjelasan : karena total itu merupakan upload +
download
12. What does the firewall action "log" do?
A. It logs and blocks the packet
B. It blocks and logs the packet
C. It adds a prefix to the packet and passes it
through
D. It logs the packet

Jawab : D
Penjelasan : log itu fungsi mencatat, bukan memblok
ataupun mengijinkan data untuk leat
13. Which of the following is true for connection tracking
A. Connection tracking must be enabled for
NAT'ed network
B. Enabling connection tracking reduces CPU
usage in RouterOS
C. Disable connection tracking for mangle to work
D. Connection tracking must be enabled to be able
to use all firewall features

14. How many different priorities can be selected for queues in MikroTik RouterOS?
A. 1
B. 16
C. 0
D. 8
Jawab : d
Penjelasan : priority terbesar yang dapat diberikan pada
client adlah 8 semakin kecil angkanya semaikn I

29
 prioritaskan
15. Which of the following keystrokes enables safe mode in console:
A. Ctrl+x
B. Ctrl+c
C. Ctrl+d
D. Ctrl+s
Jawab : A
Penjelasan ;
16. Select minimal set of software packages in RouteOS required to configuring a wireless
AP

A. wireless
B. advanced-tools
C. dhcp
D. routing
E. System

Jawab : A dan E
Penjelasan : karena untuk sekedar menghubungkan ap-
stasion tidak dibutuhkan dhcp (untuk membagikan ip)
dan juga routing (karena bisa memakai satu network
yang sama)
17. For static routing functionality, additionally to the RouterOS 'system' package, you will
also need the following software package:
A. no extra package required
B. advanced-tools
C. dhcp
D. Routing

Jawab : A
Penjelasan :jika hanya static routing tidak memerlukan
paket tambahan/extra package
18. What is possible with Netinstall?
A. MikroTik RouterOS reinstall
B. MikroTik RouterOS password reset with saving
router's configuration
C. MikroTik RouterOS configuration reset

30
 Jawaban : semua benar
Penjelasan : netiinstall dapat melakukan ketiganya
19. Possible actions of ip firewall filter are:
A. bounce
B. log
C. accept
D. tarp
E. add-to-list
F. Tarpit

Jawab : B,C,D,F
Penjelasan :

20. What is the minimal possible wireless configuration to create an Access Point?
A. DFS mode
B. WDS
C. scan-list
D. radio name
E. mode
F. frequency
G. Band

H. Ssid

Jawab : g
Penjelasan : jika hanya sekedar terhubung kita hanya
mememrlukan band yang sama

21. What is the correct action for a NAT rule on a router that should intercept SMTP traffic
and send it over to a specified mail server?

A. redirect
B. passthrough
C. dst-nat
D. Tarpit

Jawab : c
Karena : paket ingin DIOPER ke mail server

31
22. PPPoE server only works within one Ethernet broadcast domain that it is connected to. If
there is a router between server and end-user host, it will not be able to create PPPoE tunnel
to that PPPoE server.
false

Penjelasan : karena PPPOE bisa berjalan meskipun beda

IP network

23. It is possible to create an encrypted PPPoE tunnel in RouterOS:

true

24. Where should you upload new MikroTik RouterOS version packages for upgrading
router?
A. FTP root directory or /files directory of the
router
B. System Package menu
C. Any directory in /files/coba
D. System Backup menu

Jawab : c
Penjelasan : karena setiap upgrade akan diletakan I
directory file
25. During a scan, in order to see all the available wireless frequencies that are supported by
the card, the following option must be selected in the wireless card's "Frequency Mode":
A. regulatory domain
B. superchannel
C. manual txpower

Jawab A
Penjelasan : karena memberi limit terhadap channel
yang tersedia dan maximum transit sesuai dengan
Negara masing2

1. What can be used as ’target-address’ in the simple queue?

A. address list name
B. client’s MAC address
C. client’s address
D. server’s address
Jawab : c
Penjelasan : karena untuk simple queue menggunakan ip address si client

32
2. When using routing option 'check-gateway=ping' after how many timeouts is gateway
considered unreachable:
A. 1
B. 3
C. 2
D. 4

Jawab : c
Penjelasan :
3. The highest queue priority is
A. 1
B. 8
C. 256
D. 16

Jawab :b
Penjelasan : priority terbesar yang dapat diberikan pada client adlah 8 semakin kecil
angkanya semaikn I prioritaskan
4. The 'connect-list' of wireless interfaces is used
A. for specifying APs not to connect to
B. for preventing communications between the clients
C. for specifying APs to connect to
D. for configuring SSID on the interface

Jawab : a dan c
Penjelasan : fungsi dari access-list ialah membatasi mana saja yang bisa connect ke ap
tersebut

5. Which option in the configuration of a wireless

s card must be disabled to cause the router to permit ONLY known clients listed in the access
list to connect?

A. Default Forward
B. Default Authenticate
C. Security Profile
D. Enable Access List

Jawab : b
Penjelasan : karena dengan default authenticate semua bisa connect ke ap tersebut
33
6. DHCP server is configured on a router’s ether1 interface. IP address 192.168.0.100/24 is
assigned to the interface. Possible IP pools, that can be used by this DHCP server, are:

A. 192.168.0.1-192.168.0.255
B. 192.168.0.1-192.168.0.99,192.168.0.101-192.168.0.254
C. 192.168.0.1-192.168.0.14
D. 192.169.0.1-192.169.0.254

Jawab : b dan c
Penjelasan : karena untuk jawaban A dan B akan terjai overlap ip (ip gateway tidak dipisah)

7. There can be more than one PPPoE server in a single broadcast domain:
true

Jawab : true
Penjelasa: karena dalam satu broadcast domain bisa menjalankan lebih dari satu point to
point dalam satu network

8. There are two wireless cards (wlan1 and wlan2) which are bridged together. On wlan1 card
there is a setting "Forwarding=no". Choose the correct answer(s):
A. To prevent communication between wlan1 and wlan2 one cannot use Bridge Filters
B. Stations on wlan2 will be able to communicate with stations on wlan1
C. Stations on wlan1 will be able to communicate with stations on wlan2
D. Stations on wlan1 will be able to communicate with stations on wlan1
E. Stations on wlan2 will be able to communicate with stations on wlan2
9. When viewing the routes in Winbox, some routes will show "DAC" in the first column.
These flags mean:

A. Dynamic, Active, Console

B. Dynamic, Available, Created
C. Dynamic, Active, Connected
D. Direct, Available, Connected
Penjelasan : bisa dilihat di bawah ini
Flags: X - disabled, A - active, D -dynamic,
C - connect, S -static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit

34
10. For static routing functionality, additionally to the RouterOS 'system' package, you will
also need the following software package:
A. no extra package required
B. routing
C. advanced-tools
D. dhcp

Jawaban : a
Penjelasan :jika hanya static routing tidak memerlukan paket tambahan/extra package
11. Which of the following Routes statuses are possible?
A. C = Connected
B. A = Active
C. S = Static
D. D = Drop

Jawab : abc
Penjelsan : d tidak termasuk karena dia termasuk action dari firewall bukan status dari table
routing
12. It is possible to create an encrypted PPPoE tunnel in RouterOS:
true

Jawab true
penjelasan: karena dalam satu broadcast domain bisa menjalankan lebih dari satu point to
point dalam satu network
13. Action=redirect allows you to make

A. Transparent HTTP Proxy

B. Enable Local Service
C. Transparent DNS Cache
D. Forward DNS to another device IP address

Jawab : a dan c
Penjelasan : karena redirect yang terpasang di dm chain=dstnat ini berfungsi untuk
transparent http proxy dan juga transparent dns cache

14. What is possible with Netinstall?

A. MikroTik RouterOS password reset with saving router's configuration
35
 B. MikroTik RouterOS configuration reset
C. MikroTik RouterOS reinstall

Jawaban : semua benar

Penjelasan : netiinstall dapat melakukan ketiganya
15. A client uses a RouterBOARD1000. The clock is configured in '/system clock'. The clock
resets to default after each reboot.
Select the best solution for the problem.

A. Write a script in '/system script' to set the clock

B. Configure '/system ntp client' and set a valid and reachable NTP server address.
C. Open the router and ensure the CMOS battery is fine.
D. Configure '/system ntp server' and set a valid and reachable NTP client address.

Jawab : b
Penjelasan : dengan memasang ntp client, maka ia akan mensingkronisasikan waktu sesuai
dengan yang ada di internet,
A, salah karna ketika reboot ia akan tetap kembali ke waktu sebelumnya
B salah karena dhcp server digunakan untuk memberikan waktu (dan bertindak sebagai
server) an ia tidak tersambung ke klien manapun
D. rb 1000 tidak memiliki battry cmos
16.
A. One
B. Unlimited
C. Five
D. Two

Jawaban : a
Penjelasan ; setiap interface hanya mendappat jatah 1 untuk setiap interface
17. A wireless interface 'wlan1' is added to a bridge interface 'br-lan'. To enable dhcp-server
for wireless interface 'wlan1', on which interface should dhcp-server be configured?

A. On both 'br-lan' and 'wlan1'

B. The dhcp-server cannot be enabled neither on 'wlan1', nor on 'br-lan'
C. On 'wlan1'
D. On 'br-lan'

Jawaban :D
Penjelasan tidak perlu lagi membuat ip address di wlan apabila sudah dimasukan kedalam
bridge
36
18. It is possible to have PPTP Client and PPTP server on one MikroTik router at the same
time.
true

Jawab : true
Penjelasa: karena d
19. Which firewall chain should be used for filters that protect your router interface?
A. post-routing
B. forward
C. pre-routing
D. input
20. What does the firewall action "Redirect" do? Select all true statements.
A. Redirects a packet to a specified port on a host in the network
B. Redirects a packet to a specified IP
C. Redirects a packet to a specified port on the router
D. Redirects a packet to the router
21. Which of the following would prevent unknown clients from connecting to your AP?
Choose the BEST answer.
A. Uncheck "Default Authenticate" in the wireless card configuration, and add each
known client's MAC address to your connect-list configuration
B. Configure the radius server under "/radius"
C. Add each known client's MAC address to your access-list configuration is the only
step needed
D. Uncheck "Default Authenticate" in the wireless card configuration, and add each
known client's MAC address to your access-list configuration ensuring that you enable
"authenticate" in the entry
E. Check the "Do not permit unknown client" box in the wireless configuration

Jawb
Penjelasan : karena dengan default authenticate semua bisa connect ke ap tersebut
22. Which port does PPTP use by default?
A. UDP 1723
B. UDP 1721
C. TCP 1723
D. TCP 1721

Jawab : c

37
Penjelasan : Port yang dipakai pptp ialah 1723secara default
23. Which are necessary sections in /queue simple to set bandwidth limitation?
A. target-address, max-limit
B. max-limit
C. target-address, dst-address
D. target-address, dst-address, max-limit

Jawab : a
Penjelasan : karena untuk simple queue hanya membutuhkan target dan juga max limit nya

24. It is required to make a web server on a private LAN visible on the Public Internet. Only
the web server port should be visible to the public. Which of the following configuration
steps must be met. (select all that apply)
A. A route between the NAT Router and the webserver must exist
B. in ip firewall NAT there should be a dst-nat between the public ip of the router and
the private ip of the webserver
C. LAN address of the webserver should be routable on the internet
D. Public IP address of the webserver must be installed on the NAT Router
E. Connection Tracking must be enabled on NAT router
25. What is the default protocol/port of (secure) winbox?
A. UDP/5678
B. TCP/22
C. TCP/8291
D. TCP/8080

Jawab : c
Penjelasan ; port default dari winbox aalah 8291

1. A client uses a RouterBOARD1000. The clock is configured in '/system clock'. The clock
resets to default after each reboot.
Select the best solution for the problem.

A. Write a script in '/system script' to set the clock

B. Configure '/system ntp server' and set a valid and reachable NTP client address.
C. Configure '/system ntp client' and set a valid and reachable NTP server address.
D. Open the router and ensure the CMOS battery is fine.

38
 Jawab: C
Penjelasan : dengan memasang ntp client, maka ia akan mensingkronisasikan waktu sesuai
dengan yang ada di internet,
A, salah karna ketika reboot ia akan tetap kembali ke waktu sebelumnya
B salah karena dhcp server digunakan untuk memberikan waktu (dan bertindak sebagai
server) an ia tidak tersambung ke klien manapun
D. rb 1000 tidak memiliki battry cmos
2. Which of the protocols below is used by Netinstall?
A. arp
B. bootp
C. dhcp
D. rarp

Jawab : b
Penjelasan : protocol yang digunakan adalah bootp untuk menginstalasi gn netinstall
Jawaban a salah karena dungsi ARP adalah memetakan layer2 dan 3
Jawaban c salah karena dhcp berfungsi untuk membagikan ip
Jawaban d salah karena adlh kebalikan dari ARP
3. /ip route configuration on router,

/ip route add gateway=192.168.0.1

/ip route add dst-address=192.168.1.0/24 gateway=192.168.0.2
/ip route add dst-address=192.168.2.0/24 gateway=192.168.0.3
/ip route add dst-address=192.168.3.0/26 gateway=192.168.0.4

Router needs to send packets to 192.168.3.240. Which gateway will be used?

A. 192.168.0.2
B. 192.168.0.4
C. 192.168.0.1
D. 192.168.0.3

Jawab : c
Penjelasan : jawaban A dan B salah karena dst addressnya tidak sesuai dengan yang diminta
Sedangkan yang D karena rangenya berbeda dengan 240
4. For a Simple Queue to apply a bandwidth restrictions on a bridged interface, following must
be done:

A. Configure an IP address on the bridge interface

B. Use mangle to mark the connections
C. Enable 'Use IP Firewall' in bridge settings
D. Associate the Simple Queue to the bridge interface
39
5. Mark all correct answers

A. Wireless access-list could allow and deny connect to your AP

B. The only way to prevent wireless clients connections - disable wireless interface
C. Default-Forwarding could be enabled for a specific clients by wireless access-list
D. /ip firewall filter allows to deny authentication to AP

Jawab : a saja
Penjelasan : wirelesss access-list dapat menentukan mana yang boleh terhubung ke ap,
caranya dengan mendisable default authentication
Selainnya salah karena tidak sesuai
6. NAT rule is going to catch SMTP traffic and send it to a specific mail server.
What is the correct action for a NAT rule?
A. passthrough
B. dst-nat
C. redirect
D. tarpit

Jawab : b
Penjelasan : karena untuk membelokan smtp traffic kesuatu network ialah tugas dst nat
Untuk mengkonfigurasikannya ikuti command dibawah ini

ip firewall nat add chain=dstnat protocol=tcp dst-port=25 action=dst-nat to-

addresses=10.0.0.1 to-ports=25

7. When viewing the routes in Winbox, some routes will show "DAC" in the first column.
These flags mean:

A. Direct, Available, Connected

B. Dynamic, Active, Connected
C. Dynamic, Available, Created
D. Dynamic, Active, Console

Jawab : b
Penjelasan : bisa dilihat di bawah ini
Flags: X - disabled, A - active, D -dynamic,
C - connect, S -static, r - rip, b - bgp, o - ospf, m - mme,
40
 B - blackhole, U - unreachable, P - prohibit

8. It is possible to create an encrypted PPPoE tunnel in RouterOS:

true

Penjelasan : karena semua protocol ppp bisa di enkripsi

9. Action=redirect is applied in
A. chain=srcnat
B. chain=forward
C. chain=dstnat

Jawab : c
Penjelasan: karena redirect membutuhkan destination bukan source atau pun forward
10. MikroTik RouterOS commands can be run once a day by:
A. /system watchdog
B. /system cron
C. /system scheduler

Jawab: c
Pejelasan : karena scheduler mengatur jadwal kapan fitur tersebut dijalankan
11. Router has wireless and ethernet client interfaces, all client interfaces are bridged. To create
a DHCP service for all clients, DHCP server must be configured on:
A. Ethernet and wireless interfaces
B. DHCP service is not possible in this setup
C. Every bridge port
D. Only on the bridge interface

Jawab: D
Penjelasan : karena interface wireless dan ethernetnya sudah di bridge sehingga harus
dimasukan kedalam interface bridge
12. You want to use PCQ and allow 256k maximum download and upload for each client.
Choose correct argument values for the required queue.
A. kind=pcq pcq-rate=1256000 pcq-classifier=dst-address
B. kind=pcq pcq-rate=5000000 pcq-classifier=src-address
C. kind=pcq pcq-rate=256000 pcq-classifier=dst-address
D. kind=pcq pcq-rate=5000000 pcq-classifier=dst-address
E. kind=pcq pcq-rate=256000 pcq-classifier=src-address
Jawab : C dan E
41
 Penjelasan :dalam PCQ untuk melimit Upload classifier yang diisi adalah Src-Address dan
untuk Download classfier yang diisi aalah dst-address
13. Which is a default baud-rate of currently manufactured RouterBOARDs?
A. 115200
B. 9600
C. 38400
D. 11520

Jawaban :a
Penjelasan : karena default yang dipasang ke netinstall adalah 11520
14. DHCP server is configured on a router’s ether1 interface. IP address 192.168.0.100/24 is
assigned to the interface. Possible IP pools, that can be used by this DHCP server, are:

A. 192.169.0.1-192.169.0.254
B. 192.168.0.1-192.168.0.255
C. 192.168.0.1-192.168.0.99,192.168.0.101-192.168.0.254
D. 192.168.0.1-192.168.0.14

Jawab : c an d
Penjelasan : karena untuk jawaban A dan B akan terjai overlap ip (ip gateway tidak dipisah)
15. There can be more than one PPPoE server in a single broadcast domain:
true

Jawab : true
Penjelasa: karena dalam satu broadcast domain bisa menjalankan lebih dari satu point to point
dalam satu network

16. Which wireless mode allows you to connect to any standard AP (not only MikroTik) and to
be able to bridge this wireless interface to an Ethernet?
A. station
B. station-wds
C. bridge
D. station-pseudobridge

Jawab : a
Penjelasan : karena untuk jawaban B dan D khusus mikrotik untuk melakukan wds
17. To block communications between wireless clients connected to the same access point
interface, you should set

42
 A. 'default-forwarding=no'
B. 'max-station-count=1'
C. 'default-authentication=no'
D. 'default-authentication=no' and 'default-forwarding=no'

Jawab : a
Penjelasan : karena no default-forwarding akan men disable layer 2 dari client
18. PPPoE server only works within one Ethernet broadcast domain that it is connected to. If
there is a router between server and end-user host, it will not be able to create PPPoE tunnel to
that PPPoE server.
false

Jawaban : false
Penjelasan : karena PPPOE bisa berjalan meskipun beda IP network

19. Which default route will be active?

/ip route
add disabled=no distance=10 dst-address=0.0.0.0/0 gateway=1.1.1.1
add disabled=no distance=5 dst-address=0.0.0.0/0 gateway=2.2.2.2
A. Route via gateway 2.2.2.2
B. Route via gateway 1.1.1.1

Jawab : a
Penjelasan :semakin kecil distance nya semakin di prioritaskan
20. Which are necessary sections in /queue simple to set bandwidth limitation?
A. max-limit
B. target-address, max-limit
C. target-address, dst-address
D. target-address, dst-address, max-limit

Jawab : b
Penjelasan : karena untuk simple queue hanya membutuhkan target dan juga max limit nya

21. Which option in the configuration of a wireless card must be disabled to cause the router to
permit ONLY known clients listed in the access list to connect?

A. Enable Access List

B. Security Profile
C. Default Authenticate
43
 D. Default Forward

Jawab : c
Penjelasan : karena dengan default authenticate semua bisa onnect ke ap tersebut
22. For static routing functionality, additionally to the RouterOS 'system' package, you will also
need the following software package:
A. advanced-tools
B. routing
C. dhcp
D. no extra package required

Jawab : d
Penjelasan :jika hanya static routing tidak memerlukan paket tambahan/extra package
23. Which firewall chain should you use to filter clients HTTP traffic going through the router?
A. prerouting
B. forward
C. output
D. input

Jawab :b
Penjelasan : kata kuncinya adalah “through” atau melewati sehingga yang dibutuhkan untuk
“melewati” ialah chain=forward
24. What is necessary for PPPoE client configuration?
A. ip firewall nat masquerade rule
B. Interface (on which PPPoE client is going to work)
C. Static IP address on PPPoE client interface

Jawaban : b
Penjelasan : karena yang dibutuhkan untuk pppoe client interface akan dipakai

25. Action=redirect can be used in NAT chain src-nat

A. true

44
 B. false
Jawab b
Penjelasan: karena redirect membutuhkan destination bukan source atau pun forward

1. Is action=masquerade allowed in chain=dstnat?

A. yes, but only if dst-addr is specified
B. yes
C. yes, but it works only for incoming connections
D. no
Jawaban : D
Penjelasan : karena masquerade dipasang pada srcnat

2. What is the default protocol/port of (secure) winbox?

A. UDP/5678
B. TCP/22
C. TCP/8291
D. TCP/8080
Jawaban : c
Penjelasan : karena port default dari winbox adalah tcp 8291

3. Which is the default port of IP-Winbox?

A. UDP 8291
B. TCP 80
C. TCP 8291
D. TCP 8192

Jawab : c
Penjelasan : karena port default dari winbox adalah tcp 8291

4. During a scan, in order to see all the available wireless frequencies that are supported by
the card, the following option must be selected in the wireless card's "Frequency Mode":
A. manual txpower
B. superchannel
C. regulatory domain

Jawab : c
Penjelasan : karena memberi limit terhadap channel yang tersedia dan maximum transit
sesuai dengan Negara masing2
45
5. Which are necessary sections in /queue simple to set bandwidth limitation?
A. target-address, dst-address
B. target-address, max-limit
C. target-address, dst-address, max-limit
D. max-limit

Jawab :b
Penjelasan : karena untuk simple queue hanya membutuhkan target dan juga max limit nya

6. RouterOS log messages are stored on disk by default

False
Penjelasan : karena log message nya disimpan di memory bukan di disk

7. In order to use dynamic keys in your wireless security profile for an AP, you MUST set up
the dhcp server to provide the dynamic keys.
False

Penjelasan karena dhcp tidak mengirimkan dynamic key

8. When viewing the routes in Winbox, some routes will show "DAC" in the first column.
These flags mean:
A. Dynamic, Active, Connected
B. Dynamic, Active, Console
C. Dynamic, Available, Created
D. Direct, Available, Connected
Jawab :a
Penjelasan : bisa dilihat di bawah ini
Flags: X - disabled, A - active, D -dynamic,
C - connect, S -static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit

9. Which wireless mode allows you to connect to any standard AP (not only MikroTik) and
to be able to bridge this wireless interface to an Ethernet?
A. station-pseudobridge
B. station
C. station-wds
D. bridge

Jawab : b
Penjelasan : karena untuk jawaban B dan D khusus mikrotik untuk melakukan wds

10. For static routing functionality, additionally to the RouterOS 'system' package, you will
also need the following software package:
A. no extra package required
B. advanced-tools
46
C. dhcp
D. routing
Jawab A
Penjelasan : Penjelasan :jika hanya static routing tidak memerlukan paket tambahan/extra
package
11. In RouterOS queue configurations the word "total" usually represents
A. download
B. upload + download
C. upload
D. download – upload

Jawab b
Penjelasan : karena total itu merupakan upload + download

12. PPPoE server only works within one Ethernet broadcast domain that it is connected to. If
there is a router between server and end-user host, it will not be able to create PPPoE tunnel
to that PPPoE server.

False
Penjelasan : Penjelasan : karena PPPOE bisa berjalan meskipun beda IP network

13. PPP Secrets are used for

A. PPtP clients
B. IPSec clients
C. PPP clients
D. Router users
E. L2TP clients
F. PPPoE clients

Jawab : A,E,F
Penjelasan : ppp secret berfungsi untuk membuat user an password untuk proses tunneling

14. When using routing option 'check-gateway=ping' after how many timeouts is gateway
considered unreachable:
A. 4
B. 3
C. 1
D. 2

15. Consider the following diagram. We want to communicate from a device on LAN1 to a
device on LAN2. Assuming that all necessary configurations are already included on R2,
which of the following configurations in R1 would enable this communication?
A. /ip route add dst-address=192.168.1.0/24 src-address=192.168.0.0/24
gateway=192.168.99.2
47
B. /ip route add dst-address=0.0.0.0/0 gateway=192.168.99.2
C. /ip route add dst-address=192.168.0.0/24 gateway=192.168.0.1
D. /ip route add dst-address=0.0.0.0/0 gateway=Ether1
E. /ip route add dst-address=192.168.1.0/24 gateway=192.168.99.2

Jawab :
Penjelasan: semuanya benar karena ,
D. bisa memakai interface,
E. konfigurasi static routing yang lengkap
B. bisa memakai Default route

16. What is possible with Netinstall?

A. MikroTik RouterOS reinstall
B. MikroTik RouterOS password reset with saving router's configuration
C. MikroTik RouterOS configuration reset

Jawaban : semua benar

Penjelasan : netiinstall dapat melakukan ketiganya

17. If you wish to block user access to MSN messenger, which chain should the firewall rule
be placed in?
A. input
B. process
C. forward
D. output

Jawaban : C
Penjelasan : karena chain yang digunakan untuk data / paket dari luar router menuju luar
lainnya menggunakan Chain=Forward

18. If ARP=reply-only is configured on an interface, this interface will

A. accept all MAC-addresses listed in '/ip arp' as static entries
B. accept IP and MAC address combinations listed in '/ip arp' list
C. add new MAC addresses in '/ip arp' list
D. add new IP addresses in '/ip arp' list
E. accept all IP addresses listed in '/ip arp' as static entries

Jawaban : A
Penjelasan : ARP=reply-only hanya membalas bagi yang IP dan MAC Addressnya sudah
tercantum

19. In WinBox when clicking the 'Backup' button in the Files window, the following happens
(select all that apply):
A. Backup file is created. Name contains the router identity, the date and time of its creation
B. Backup file is saved to the computer desktop
C. Backup file will contain usernames and passwords of the router
48
D. Optionally backup name and password can be specified

Jawaban : A
Penjelasan : Backup File berguna untuk membackup seluruh Konfigurasi termasuk Router
Ientity, tanggal dan waktu

20. What is marked by connection-state=established matcher?

A. Packet begins a new TCP connection
B. Packet does not correspond to any known connection
C. Packet belongs to an existing connection,for example a reply packet or a packet which
belongs to already replied connection
D. Packet is related to, but not part of an existing connection
Jawaban c
Penjelasan : karena estabilished merupakan hasil dari koneksi yang pernah ada
Sedangkan

21. /ip firewall nat

add chain=dstnat in-interface=ether1 protocol=tcp dst-port=3389 action=dst-nat to-
address=192.168.1.2 to-ports=81

The command shown above:

A. Forwards any TCP traffic incoming through ether1 port 81 to the port 3389 of the internal
host 192.168.1.2
B. Adds IP address 192.168.1.2 to the interface ether1
C. Forwards any TCP traffic incoming through ether1 port 3389 to the port 81 of the internal
host 192.168.1.2
D. Forwards all TCP traffic from 192.168.1.2 to port 81 of the interface ether1

Jawaban : C
Penjelasan : firewall nat akan membelokan traffic ari ether satu engan dst-port 3389 ke port
81.Jawaban A salah karena port yang dibelokkan salah, Jawaban A menjelaskan bahwa port
81 akan dibelokkan ke port 3389.

22. What is necessary for PPPoE client configuration?

A. Interface (on which PPPoE client is going to work)
B. ip firewall nat masquerade rule
C. Static IP address on PPPoE client interface

Jawaban : a
Penjelasan : karena yang dibutuhkan untuk pppoe client interface akan dipakai

23. Mark all the features that can be used for limiting client registrations to your access point:
A. access-list
B. wpa
C. WDS
D. registration-table
49
Jawaban : A
Penjelasan : untuk melimit client yang connect kita bisa menggunakan Access-List.

24. You want to use PCQ and allow 256k maximum download and upload for each client.
Choose correct argument values for the required queue.
A. kind=pcq pcq-rate=256000 pcq-classifier=dst-address
B. kind=pcq pcq-rate=1256000 pcq-classifier=dst-address
C. kind=pcq pcq-rate=5000000 pcq-classifier=src-address
D. kind=pcq pcq-rate=256000 pcq-classifier=src-address
E. kind=pcq pcq-rate=5000000 pcq-classifier=dst-address

Jawab : A dan D
Penjelasan :dalam PCQ untuk melimit Upload classifier yang diisi adalah Src-Address dan
untuk Download classfier yang diisi aalah dst-address

25. There can be more than one PPPoE server in a single broadcast domain:
True

Jawab : true
Penjelasa: karena dalam satu broadcast domain bisa menjalankan lebih dari satu point to
point dalam satu network

1. You want to transfer existing '/ip firewall filter' configuration from one router to a new
system. Choose the best possible way to do:
A. Export only '/ip firewall filter'
B. Create backup only of '/ip firewall filter' rules
C. Create backup, edit backup file and restore on
target router
D. Export global configuration and remove
everything apart from '/ip firewall filter'

Jawab :a
Penjelasan : karena untuk menambahkan nama fitur
tersebut untuk export yang lebh spesifik

2.
A. Five
B. One
C. Two
D. Unlimited

Jawab : b
50
 Penjelasan ; setiap interface hanya mendappat jatah 1
untuk setiap interface
3. There are two routes in the routing table:
0 dst-addr=10.1.1.0/24 gateway=5.5.5.5
1 dst-addr=10.1.1.4/30 gateway=5.6.6.6

Which gateway will be used to get to the IP address 10.1.1.6?

A. both - half of the traffic will be routed through
one gateway, half through the other
B. 5.6.6.6
C. 5.5.5.5
D. the required route is not in the routing table

Jawab : b
Penjelasan : karena dia termasuk dalam range yang
sama dan juga paling spesifik
Jawaban yang A dan c tidak termasuk karena mereka
kurang spesifik,
4. A routing table has following entries:

0 dst-address=10.0.0.0/24 gateway=10.1.5.126

1 dst-address=10.1.5.0/24 gateway=10.1.1.1

2 dst-address=10.1.0.0/24 gateway=25.1.1.1

3 dst-address=10.1.5.0/25 gateway=10.1.1.2

Which gateway will be used for a packet with destination address 10.1.5.126?

A. 10.1.5.126
B. 10.1.1.1
C. 10.1.1.2
D. 25.1.1.1

Jawab : c
Penjelasan : karena dia termasuk dalam range yang
sama dan juga paling spesifik
Jawaban yang A,B dan D tidak termasuk karena mereka
kurang spesifik
5. Which port does PPTP use by default?

51
 A. TCP 1721
B. UDP 1721
C. UDP 1723
D. TCP 1723

JAWAB :d
Penjelasan : karena port pptp berjalan pada tcp 1723
bukan udp
6. There are two wireless cards (wlan1 and wlan2) which are bridged together. On wlan1 card
there is a setting "Forwarding=no". Choose the correct answer(s):
A. Stations on wlan2 will be able to communicate
with stations on wlan2
B. Stations on wlan2 will be able to communicate
with stations on wlan1
C. Stations on wlan1 will be able to communicate
with stations on wlan1
D. To prevent communication between wlan1 and
wlan2 one cannot use Bridge Filters
E. Stations on wlan1 will be able to communicate
with stations on wlan2
7. Consider a wireless access point with mode=ap-bridge. What is the maximum number of
concurrent clients that can connect to it?
A. 2007
B. 2012
C. 2048
D. 1024
8. Consider the following diagram. We want to communicate from a device on LAN1 to a
device on LAN2. Assuming that all necessary configurations are already included on R2,
which of the following configurations in R1 would enable this communication?
A. /ip route add dst-address=192.168.1.0/24 src-
address=192.168.0.0/24 gateway=192.168.99.2
B. /ip route add dst-address=0.0.0.0/0
gateway=Ether1
C. /ip route add dst-address=192.168.0.0/24
gateway=192.168.0.1
D. /ip route add dst-address=192.168.1.0/24
gateway=192.168.99.2
E. /ip route add dst-address=0.0.0.0/0
52
 gateway=192.168.99.2

Jawab : B,D.E
Penjelasan: semuanya benar karena ,
B. bisa memakai interface,
D. konfigurasi static routing yang lengkap
E. bisa memakai efault route
9. PPP Secrets are used for
A. PPtP clients
B. L2TP clients
C. Router users
D. PPPoE clients
E. IPSec clients
F. PPP clients

Jawab : A,B,D
Penjelasan : ppp secret berfungsi untuk membuat user
an password untuk proses tunneling

10. For a Simple Queue to apply a bandwidth restrictions on a bridged interface, following
must be done:
A. Configure an IP address on the bridge interface
B. Use mangle to mark the connections
C. Associate the Simple Queue to the bridge
interface
D. Enable 'Use IP Firewall' in bridge settings

Jawab : c
Penjelasan : karena untuk menjalankan fungsi diatas
mesti dipasang dibridge tersebut

11. In RouterOS queue configurations the word "total" usually represents

A. download - upload
B. upload
C. upload + download
D. Download

Jawab : c
53
 Penjelasan : karena total itu merupakan upload +
download
12. What does the firewall action "log" do?
A. It logs and blocks the packet
B. It blocks and logs the packet
C. It adds a prefix to the packet and passes it
through
D. It logs the packet

Jawab : D
Penjelasan : log itu fungsi mencatat, bukan memblok
ataupun mengijinkan data untuk leat
13. Which of the following is true for connection tracking
A. Connection tracking must be enabled for
NAT'ed network
B. Enabling connection tracking reduces CPU
usage in RouterOS
C. Disable connection tracking for mangle to work
D. Connection tracking must be enabled to be able
to use all firewall features

14. How many different priorities can be selected for queues in MikroTik RouterOS?
A. 1
B. 16
C. 0
D. 8
Jawab : d
Penjelasan : priority terbesar yang dapat diberikan pada
client adlah 8 semakin kecil angkanya semaikn I
prioritaskan
15. Which of the following keystrokes enables safe mode in console:
A. Ctrl+x
B. Ctrl+c
C. Ctrl+d
D. Ctrl+s
Jawab : A
Penjelasan ;
16. Select minimal set of software packages in RouteOS required to configuring a wireless
54
AP

A. wireless
B. advanced-tools
C. dhcp
D. routing
E. System

Jawab : A dan E
Penjelasan : karena untuk sekedar menghubungkan ap-
stasion tidak dibutuhkan dhcp (untuk membagikan ip)
dan juga routing (karena bisa memakai satu network
yang sama)
17. For static routing functionality, additionally to the RouterOS 'system' package, you will
also need the following software package:
A. no extra package required
B. advanced-tools
C. dhcp
D. Routing

Jawab : A
Penjelasan :jika hanya static routing tidak memerlukan
paket tambahan/extra package
18. What is possible with Netinstall?
A. MikroTik RouterOS reinstall
B. MikroTik RouterOS password reset with saving
router's configuration
C. MikroTik RouterOS configuration reset

Jawaban : semua benar

Penjelasan : netiinstall dapat melakukan ketiganya
19. Possible actions of ip firewall filter are:
A. bounce
B. log
C. accept
D. tarp
E. add-to-list
F. Tarpit
55
 Jawab : B,C,D,F
Penjelasan :
20. What is the minimal possible wireless configuration to create an Access Point?
A. DFS mode
B. WDS
C. scan-list
D. radio name
E. mode
F. frequency
G. Band

H. Ssid

Jawab : g
Penjelasan : jika hanya sekedar terhubung kita hanya
mememrlukan band yang sama

21. What is the correct action for a NAT rule on a router that should intercept SMTP traffic
and send it over to a specified mail server?

A. redirect
B. passthrough
C. dst-nat
D. Tarpit

Jawab : c
Karena : paket ingin DIOPER ke mail server
22. PPPoE server only works within one Ethernet broadcast domain that it is connected to. If
there is a router between server and end-user host, it will not be able to create PPPoE tunnel
to that PPPoE server.
false

Penjelasan : karena PPPOE bisa berjalan meskipun beda

IP network

23. It is possible to create an encrypted PPPoE tunnel in RouterOS:

true

24. Where should you upload new MikroTik RouterOS version packages for upgrading
56
router?
A. FTP root directory or /files directory of the
router
B. System Package menu
C. Any directory in /files
D. System Backup menu

Jawab : c
Penjelasan : karena setiap upgrade akan diletakan I
directory file
25. During a scan, in order to see all the available wireless frequencies that are supported by
the card, the following option must be selected in the wireless card's "Frequency Mode":
A. regulatory domain
B. superchannel
C. manual txpower

Jawab A
Penjelasan : karena memberi limit terhadap channel
yang tersedia dan maximum transit sesuai dengan
Negara masing2

1. What can be used as ’target-address’ in the simple queue?

A. address list name
B. client’s MAC address
C. client’s address
D. server’s address
Jawab : c
Penjelasan : karena untuk simple queue menggunakan ip address si client
2. When using routing option 'check-gateway=ping' after how many timeouts is gateway
considered unreachable:
A. 1
B. 3
C. 2
D. 4

Jawab : c
Penjelasan :
3. The highest queue priority is

57
 A. 1
B. 8
C. 256
D. 16

Jawab :b
Penjelasan : priority terbesar yang dapat diberikan pada client adlah 8 semakin kecil
angkanya semaikn I prioritaskan
4. The 'connect-list' of wireless interfaces is used
A. for specifying APs not to connect to
B. for preventing communications between the clients
C. for specifying APs to connect to
D. for configuring SSID on the interface

Jawab : a dan c
Penjelasan : fungsi dari access-list ialah membatasi mana saja yang bisa connect ke ap
tersebut

5. Which option in the configuration of a wireless

s card must be disabled to cause the router to permit ONLY known clients listed in the access
list to connect?

A. Default Forward
B. Default Authenticate
C. Security Profile
D. Enable Access List

Jawab : b
Penjelasan : karena dengan default authenticate semua bisa connect ke ap tersebut
6. DHCP server is configured on a router’s ether1 interface. IP address 192.168.0.100/24 is
assigned to the interface. Possible IP pools, that can be used by this DHCP server, are:

A. 192.168.0.1-192.168.0.255
B. 192.168.0.1-192.168.0.99,192.168.0.101-192.168.0.254
C. 192.168.0.1-192.168.0.14
D. 192.169.0.1-192.169.0.254

Jawab : b dan c
58
Penjelasan : karena untuk jawaban A dan B akan terjai overlap ip (ip gateway tidak dipisah)

7. There can be more than one PPPoE server in a single broadcast domain:
true

Jawab : true
Penjelasa: karena dalam satu broadcast domain bisa menjalankan lebih dari satu point to
point dalam satu network

8. There are two wireless cards (wlan1 and wlan2) which are bridged together. On wlan1 card
there is a setting "Forwarding=no". Choose the correct answer(s):
A. To prevent communication between wlan1 and wlan2 one cannot use Bridge Filters
B. Stations on wlan2 will be able to communicate with stations on wlan1
C. Stations on wlan1 will be able to communicate with stations on wlan2
D. Stations on wlan1 will be able to communicate with stations on wlan1
E. Stations on wlan2 will be able to communicate with stations on wlan2
9. When viewing the routes in Winbox, some routes will show "DAC" in the first column.
These flags mean:

A. Dynamic, Active, Console

B. Dynamic, Available, Created
C. Dynamic, Active, Connected
D. Direct, Available, Connected
Penjelasan : bisa dilihat di bawah ini
Flags: X - disabled, A - active, D -dynamic,
C - connect, S -static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit

10. For static routing functionality, additionally to the RouterOS 'system' package, you will
also need the following software package:
A. no extra package required
B. routing
C. advanced-tools
D. dhcp

Jawaban : a
Penjelasan :jika hanya static routing tidak memerlukan paket tambahan/extra package

59
11. Which of the following Routes statuses are possible?
A. C = Connected
B. A = Active
C. S = Static
D. D = Drop

Jawab : abc
Penjelsan : d tidak termasuk karena dia termasuk action dari firewall bukan status dari table
routing
12. It is possible to create an encrypted PPPoE tunnel in RouterOS:
true

Jawab true
penjelasan: karena dalam satu broadcast domain bisa menjalankan lebih dari satu point to
point dalam satu network
13. Action=redirect allows you to make

A. Transparent HTTP Proxy

B. Enable Local Service
C. Transparent DNS Cache
D. Forward DNS to another device IP address

Jawab : a dan c
Penjelasan : karena redirect yang terpasang di dm chain=dstnat ini berfungsi untuk
transparent http proxy dan juga transparent dns cache

14. What is possible with Netinstall?

A. MikroTik RouterOS password reset with saving router's configuration
B. MikroTik RouterOS configuration reset
C. MikroTik RouterOS reinstall

Jawaban : semua benar

Penjelasan : netiinstall dapat melakukan ketiganya
15. A client uses a RouterBOARD1000. The clock is configured in '/system clock'. The clock
resets to default after each reboot.
Select the best solution for the problem.

A. Write a script in '/system script' to set the clock

60
 B. Configure '/system ntp client' and set a valid and reachable NTP server address.
C. Open the router and ensure the CMOS battery is fine.
D. Configure '/system ntp server' and set a valid and reachable NTP client address.

Jawab : b
Penjelasan : dengan memasang ntp client, maka ia akan mensingkronisasikan waktu sesuai
dengan yang ada di internet,
A, salah karna ketika reboot ia akan tetap kembali ke waktu sebelumnya
B salah karena dhcp server digunakan untuk memberikan waktu (dan bertindak sebagai
server) an ia tidak tersambung ke klien manapun
D. rb 1000 tidak memiliki battry cmos
16.
A. One
B. Unlimited
C. Five
D. Two

Jawaban : a
Penjelasan ; setiap interface hanya mendappat jatah 1 untuk setiap interface
17. A wireless interface 'wlan1' is added to a bridge interface 'br-lan'. To enable dhcp-server
for wireless interface 'wlan1', on which interface should dhcp-server be configured?

A. On both 'br-lan' and 'wlan1'

B. The dhcp-server cannot be enabled neither on 'wlan1', nor on 'br-lan'
C. On 'wlan1'
D. On 'br-lan'

Jawaban :D
Penjelasan tidak perlu lagi membuat ip address di wlan apabila sudah dimasukan kedalam
bridge
18. It is possible to have PPTP Client and PPTP server on one MikroTik router at the same
time.
true

Jawab : true
Penjelasa: karena d
19. Which firewall chain should be used for filters that protect your router interface?
A. post-routing
B. forward

61
 C. pre-routing
D. input
20. What does the firewall action "Redirect" do? Select all true statements.
A. Redirects a packet to a specified port on a host in the network
B. Redirects a packet to a specified IP
C. Redirects a packet to a specified port on the router
D. Redirects a packet to the router
21. Which of the following would prevent unknown clients from connecting to your AP?
Choose the BEST answer.
A. Uncheck "Default Authenticate" in the wireless card configuration, and add each
known client's MAC address to your connect-list configuration
B. Configure the radius server under "/radius"
C. Add each known client's MAC address to your access-list configuration is the only
step needed
D. Uncheck "Default Authenticate" in the wireless card configuration, and add each
known client's MAC address to your access-list configuration ensuring that you enable
"authenticate" in the entry
E. Check the "Do not permit unknown client" box in the wireless configuration

Jawb
Penjelasan : karena dengan default authenticate semua bisa connect ke ap tersebut
22. Which port does PPTP use by default?
A. UDP 1723
B. UDP 1721
C. TCP 1723
D. TCP 1721

Jawab : c
Penjelasan : Port yang dipakai pptp ialah 1723secara default
23. Which are necessary sections in /queue simple to set bandwidth limitation?
A. target-address, max-limit
B. max-limit
C. target-address, dst-address
D. target-address, dst-address, max-limit

Jawab : a
Penjelasan : karena untuk simple queue hanya membutuhkan target dan juga max limit nya
62
24. It is required to make a web server on a private LAN visible on the Public Internet. Only
the web server port should be visible to the public. Which of the following configuration
steps must be met. (select all that apply)
A. A route between the NAT Router and the webserver must exist
B. in ip firewall NAT there should be a dst-nat between the public ip of the router and
the private ip of the webserver
C. LAN address of the webserver should be routable on the internet
D. Public IP address of the webserver must be installed on the NAT Router
E. Connection Tracking must be enabled on NAT router
25. What is the default protocol/port of (secure) winbox?
A. UDP/5678
B. TCP/22
C. TCP/8291
D. TCP/8080

Jawab : c
Penjelasan ; port default dari winbox aalah 8291

1. A client uses a RouterBOARD1000. The clock is configured in '/system clock'. The clock
resets to default after each reboot.
Select the best solution for the problem.

A. Write a script in '/system script' to set the clock

B. Configure '/system ntp server' and set a valid and reachable NTP client address.
C. Configure '/system ntp client' and set a valid and reachable NTP server address.
D. Open the router and ensure the CMOS battery is fine.

Jawab: C
Penjelasan : dengan memasang ntp client, maka ia akan mensingkronisasikan waktu sesuai
dengan yang ada di internet,
A, salah karna ketika reboot ia akan tetap kembali ke waktu sebelumnya
B salah karena dhcp server digunakan untuk memberikan waktu (dan bertindak sebagai
server) an ia tidak tersambung ke klien manapun
D. rb 1000 tidak memiliki battry cmos
2. Which of the protocols below is used by Netinstall?
A. arp
B. bootp

63
 C. dhcp
D. rarp

Jawab : b
Penjelasan : protocol yang digunakan adalah bootp untuk menginstalasi gn netinstall
Jawaban a salah karena dungsi ARP adalah memetakan layer2 dan 3
Jawaban c salah karena dhcp berfungsi untuk membagikan ip
Jawaban d salah karena adlh kebalikan dari ARP
3. /ip route configuration on router,

/ip route add gateway=192.168.0.1

/ip route add dst-address=192.168.1.0/24 gateway=192.168.0.2
/ip route add dst-address=192.168.2.0/24 gateway=192.168.0.3
/ip route add dst-address=192.168.3.0/26 gateway=192.168.0.4

Router needs to send packets to 192.168.3.240. Which gateway will be used?

A. 192.168.0.2
B. 192.168.0.4
C. 192.168.0.1
D. 192.168.0.3

Jawab : c
Penjelasan : jawaban A dan B salah karena dst addressnya tidak sesuai dengan yang diminta
Sedangkan yang D karena rangenya berbeda dengan 240
4. For a Simple Queue to apply a bandwidth restrictions on a bridged interface, following must
be done:

A. Configure an IP address on the bridge interface

B. Use mangle to mark the connections
C. Enable 'Use IP Firewall' in bridge settings
D. Associate the Simple Queue to the bridge interface

5. Mark all correct answers

A. Wireless access-list could allow and deny connect to your AP

B. The only way to prevent wireless clients connections - disable wireless interface
C. Default-Forwarding could be enabled for a specific clients by wireless access-list
D. /ip firewall filter allows to deny authentication to AP

Jawab : a saja
64
 Penjelasan : wirelesss access-list dapat menentukan mana yang boleh terhubung ke ap,
caranya dengan mendisable default authentication
Selainnya salah karena tidak sesuai
6. NAT rule is going to catch SMTP traffic and send it to a specific mail server.
What is the correct action for a NAT rule?
A. passthrough
B. dst-nat
C. redirect
D. tarpit

Jawab : b
Penjelasan : karena untuk membelokan smtp traffic kesuatu network ialah tugas dst nat
Untuk mengkonfigurasikannya ikuti command dibawah ini

ip firewall nat add chain=dstnat protocol=tcp dst-port=25 action=dst-nat to-

addresses=10.0.0.1 to-ports=25

7. When viewing the routes in Winbox, some routes will show "DAC" in the first column.
These flags mean:

A. Direct, Available, Connected

B. Dynamic, Active, Connected
C. Dynamic, Available, Created
D. Dynamic, Active, Console

Jawab : b
Penjelasan : bisa dilihat di bawah ini
Flags: X - disabled, A - active, D -dynamic,
C - connect, S -static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit

8. It is possible to create an encrypted PPPoE tunnel in RouterOS:

true

Penjelasan : karena semua protocol ppp bisa di enkripsi

9. Action=redirect is applied in
A. chain=srcnat

65
 B. chain=forward
C. chain=dstnat

Jawab : c
Penjelasan: karena redirect membutuhkan destination bukan source atau pun forward
10. MikroTik RouterOS commands can be run once a day by:
A. /system watchdog
B. /system cron
C. /system scheduler

Jawab: c
Pejelasan : karena scheduler mengatur jadwal kapan fitur tersebut dijalankan
11. Router has wireless and ethernet client interfaces, all client interfaces are bridged. To create
a DHCP service for all clients, DHCP server must be configured on:
A. Ethernet and wireless interfaces
B. DHCP service is not possible in this setup
C. Every bridge port
D. Only on the bridge interface

Jawab: D
Penjelasan : karena interface wireless dan ethernetnya sudah di bridge sehingga harus
dimasukan kedalam interface bridge
12. You want to use PCQ and allow 256k maximum download and upload for each client.
Choose correct argument values for the required queue.
A. kind=pcq pcq-rate=1256000 pcq-classifier=dst-address
B. kind=pcq pcq-rate=5000000 pcq-classifier=src-address
C. kind=pcq pcq-rate=256000 pcq-classifier=dst-address
D. kind=pcq pcq-rate=5000000 pcq-classifier=dst-address
E. kind=pcq pcq-rate=256000 pcq-classifier=src-address
Jawab : C dan E
Penjelasan :dalam PCQ untuk melimit Upload classifier yang diisi adalah Src-Address dan
untuk Download classfier yang diisi aalah dst-address
13. Which is a default baud-rate of currently manufactured RouterBOARDs?
A. 115200
B. 9600
C. 38400
D. 11520

66
 Jawaban :a
Penjelasan : karena default yang dipasang ke netinstall adalah 11520
14. DHCP server is configured on a router’s ether1 interface. IP address 192.168.0.100/24 is
assigned to the interface. Possible IP pools, that can be used by this DHCP server, are:

A. 192.169.0.1-192.169.0.254
B. 192.168.0.1-192.168.0.255
C. 192.168.0.1-192.168.0.99,192.168.0.101-192.168.0.254
D. 192.168.0.1-192.168.0.14

Jawab : c an d
Penjelasan : karena untuk jawaban A dan B akan terjai overlap ip (ip gateway tidak dipisah)
15. There can be more than one PPPoE server in a single broadcast domain:
true

Jawab : true
Penjelasa: karena dalam satu broadcast domain bisa menjalankan lebih dari satu point to point
dalam satu network

16. Which wireless mode allows you to connect to any standard AP (not only MikroTik) and to
be able to bridge this wireless interface to an Ethernet?
A. station
B. station-wds
C. bridge
D. station-pseudobridge

Jawab : a
Penjelasan : karena untuk jawaban B dan D khusus mikrotik untuk melakukan wds
17. To block communications between wireless clients connected to the same access point
interface, you should set
A. 'default-forwarding=no'
B. 'max-station-count=1'
C. 'default-authentication=no'
D. 'default-authentication=no' and 'default-forwarding=no'

Jawab : a
Penjelasan : karena no default-forwarding akan men disable layer 2 dari client
18. PPPoE server only works within one Ethernet broadcast domain that it is connected to. If
67
there is a router between server and end-user host, it will not be able to create PPPoE tunnel to
that PPPoE server.
false

Jawaban : false
Penjelasan : karena PPPOE bisa berjalan meskipun beda IP network

19. Which default route will be active?

/ip route
add disabled=no distance=10 dst-address=0.0.0.0/0 gateway=1.1.1.1
add disabled=no distance=5 dst-address=0.0.0.0/0 gateway=2.2.2.2
A. Route via gateway 2.2.2.2
B. Route via gateway 1.1.1.1

Jawab : a
Penjelasan :semakin kecil distance nya semakin di prioritaskan
20. Which are necessary sections in /queue simple to set bandwidth limitation?
A. max-limit
B. target-address, max-limit
C. target-address, dst-address
D. target-address, dst-address, max-limit

Jawab : b
Penjelasan : karena untuk simple queue hanya membutuhkan target dan juga max limit nya

21. Which option in the configuration of a wireless card must be disabled to cause the router to
permit ONLY known clients listed in the access list to connect?

A. Enable Access List

B. Security Profile
C. Default Authenticate
D. Default Forward

Jawab : c
Penjelasan : karena dengan default authenticate semua bisa onnect ke ap tersebut
22. For static routing functionality, additionally to the RouterOS 'system' package, you will also
need the following software package:
A. advanced-tools
B. routing
68
 C. dhcp
D. no extra package required

Jawab : d
Penjelasan :jika hanya static routing tidak memerlukan paket tambahan/extra package
23. Which firewall chain should you use to filter clients HTTP traffic going through the router?
A. prerouting
B. forward
C. output
D. input

Jawab :b
Penjelasan : kata kuncinya adalah “through” atau melewati sehingga yang dibutuhkan untuk
“melewati” ialah chain=forward
24. What is necessary for PPPoE client configuration?
A. ip firewall nat masquerade rule
B. Interface (on which PPPoE client is going to work)
C. Static IP address on PPPoE client interface

Jawaban : b
Penjelasan : karena yang dibutuhkan untuk pppoe client interface akan dipakai

25. Action=redirect can be used in NAT chain src-nat

A. true
B. false
Jawab b
Penjelasan: karena redirect membutuhkan destination bukan source atau pun forward

69
1. Is action=masquerade allowed in chain=dstnat?
A. yes, but only if dst-addr is specified
B. yes
C. yes, but it works only for incoming connections
D. no
Jawaban : D
Penjelasan : karena masquerade dipasang pada srcnat

2. What is the default protocol/port of (secure) winbox?

A. UDP/5678
B. TCP/22
C. TCP/8291
D. TCP/8080
Jawaban : c
Penjelasan : karena port default dari winbox adalah tcp 8291

3. Which is the default port of IP-Winbox?

A. UDP 8291
B. TCP 80
C. TCP 8291
D. TCP 8192

Jawab : c
Penjelasan : karena port default dari winbox adalah tcp 8291

4. During a scan, in order to see all the available wireless frequencies that are supported by
the card, the following option must be selected in the wireless card's "Frequency Mode":
A. manual txpower
B. superchannel
C. regulatory domain

Jawab : c
Penjelasan : karena memberi limit terhadap channel yang tersedia dan maximum transit
sesuai dengan Negara masing2

5. Which are necessary sections in /queue simple to set bandwidth limitation?

A. target-address, dst-address
B. target-address, max-limit
C. target-address, dst-address, max-limit
D. max-limit

Jawab :b
Penjelasan : karena untuk simple queue hanya membutuhkan target dan juga max limit nya

6. RouterOS log messages are stored on disk by default

70
False
Penjelasan : karena log message nya disimpan di memory bukan di disk

7. In order to use dynamic keys in your wireless security profile for an AP, you MUST set up
the dhcp server to provide the dynamic keys.
False

Penjelasan karena dhcp tidak mengirimkan dynamic key

8. When viewing the routes in Winbox, some routes will show "DAC" in the first column.
These flags mean:
A. Dynamic, Active, Connected
B. Dynamic, Active, Console
C. Dynamic, Available, Created
D. Direct, Available, Connected
Jawab :a
Penjelasan : bisa dilihat di bawah ini
Flags: X - disabled, A - active, D -dynamic,
C - connect, S -static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit

9. Which wireless mode allows you to connect to any standard AP (not only MikroTik) and
to be able to bridge this wireless interface to an Ethernet?
A. station-pseudobridge
B. station
C. station-wds
D. bridge

Jawab : b
Penjelasan : karena untuk jawaban B dan D khusus mikrotik untuk melakukan wds

10. For static routing functionality, additionally to the RouterOS 'system' package, you will
also need the following software package:
A. no extra package required
B. advanced-tools
C. dhcp
D. routing
Jawab A
Penjelasan : Penjelasan :jika hanya static routing tidak memerlukan paket tambahan/extra
package
11. In RouterOS queue configurations the word "total" usually represents
A. download
B. upload + download
C. upload
D. download – upload

71
Jawab b
Penjelasan : karena total itu merupakan upload + download

12. PPPoE server only works within one Ethernet broadcast domain that it is connected to. If
there is a router between server and end-user host, it will not be able to create PPPoE tunnel
to that PPPoE server.

False
Penjelasan : Penjelasan : karena PPPOE bisa berjalan meskipun beda IP network

13. PPP Secrets are used for

A. PPtP clients
B. IPSec clients
C. PPP clients
D. Router users
E. L2TP clients
F. PPPoE clients

Jawab : A,E,F
Penjelasan : ppp secret berfungsi untuk membuat user an password untuk proses tunneling

14. When using routing option 'check-gateway=ping' after how many timeouts is gateway
considered unreachable:
A. 4
B. 3
C. 1
D. 2

15. Consider the following diagram. We want to communicate from a device on LAN1 to a
device on LAN2. Assuming that all necessary configurations are already included on R2,
which of the following configurations in R1 would enable this communication?
A. /ip route add dst-address=192.168.1.0/24 src-address=192.168.0.0/24
gateway=192.168.99.2
B. /ip route add dst-address=0.0.0.0/0 gateway=192.168.99.2
C. /ip route add dst-address=192.168.0.0/24 gateway=192.168.0.1
D. /ip route add dst-address=0.0.0.0/0 gateway=Ether1
E. /ip route add dst-address=192.168.1.0/24 gateway=192.168.99.2

Jawab :
Penjelasan: semuanya benar karena ,
D. bisa memakai interface,
E. konfigurasi static routing yang lengkap
B. bisa memakai Default route

72
16. What is possible with Netinstall?
A. MikroTik RouterOS reinstall
B. MikroTik RouterOS password reset with saving router's configuration
C. MikroTik RouterOS configuration reset

Jawaban : semua benar

Penjelasan : netiinstall dapat melakukan ketiganya

17. If you wish to block user access to MSN messenger, which chain should the firewall rule
be placed in?
A. input
B. process
C. forward
D. output

Jawaban : C
Penjelasan : karena chain yang digunakan untuk data / paket dari luar router menuju luar
lainnya menggunakan Chain=Forward

18. If ARP=reply-only is configured on an interface, this interface will

A. accept all MAC-addresses listed in '/ip arp' as static entries
B. accept IP and MAC address combinations listed in '/ip arp' list
C. add new MAC addresses in '/ip arp' list
D. add new IP addresses in '/ip arp' list
E. accept all IP addresses listed in '/ip arp' as static entries

Jawaban : A
Penjelasan : ARP=reply-only hanya membalas bagi yang IP dan MAC Addressnya sudah
tercantum

19. In WinBox when clicking the 'Backup' button in the Files window, the following happens
(select all that apply):
A. Backup file is created. Name contains the router identity, the date and time of its creation
B. Backup file is saved to the computer desktop
C. Backup file will contain usernames and passwords of the router
D. Optionally backup name and password can be specified

Jawaban : A
Penjelasan : Backup File berguna untuk membackup seluruh Konfigurasi termasuk Router
Ientity, tanggal dan waktu

20. What is marked by connection-state=established matcher?

A. Packet begins a new TCP connection
B. Packet does not correspond to any known connection
C. Packet belongs to an existing connection,for example a reply packet or a packet which
belongs to already replied connection
73
D. Packet is related to, but not part of an existing connection
Jawaban c
Penjelasan : karena estabilished merupakan hasil dari koneksi yang pernah ada
Sedangkan

21. /ip firewall nat

add chain=dstnat in-interface=ether1 protocol=tcp dst-port=3389 action=dst-nat to-
address=192.168.1.2 to-ports=81

The command shown above:

A. Forwards any TCP traffic incoming through ether1 port 81 to the port 3389 of the internal
host 192.168.1.2
B. Adds IP address 192.168.1.2 to the interface ether1
C. Forwards any TCP traffic incoming through ether1 port 3389 to the port 81 of the internal
host 192.168.1.2
D. Forwards all TCP traffic from 192.168.1.2 to port 81 of the interface ether1

Jawaban : C
Penjelasan : firewall nat akan membelokan traffic ari ether satu engan dst-port 3389 ke port
81.Jawaban A salah karena port yang dibelokkan salah, Jawaban A menjelaskan bahwa port
81 akan dibelokkan ke port 3389.

22. What is necessary for PPPoE client configuration?

A. Interface (on which PPPoE client is going to work)
B. ip firewall nat masquerade rule
C. Static IP address on PPPoE client interface

Jawaban : a
Penjelasan : karena yang dibutuhkan untuk pppoe client interface akan dipakai

23. Mark all the features that can be used for limiting client registrations to your access point:
A. access-list
B. wpa
C. WDS
D. registration-table

Jawaban : A
Penjelasan : untuk melimit client yang connect kita bisa menggunakan Access-List.

24. You want to use PCQ and allow 256k maximum download and upload for each client.
Choose correct argument values for the required queue.
A. kind=pcq pcq-rate=256000 pcq-classifier=dst-address
B. kind=pcq pcq-rate=1256000 pcq-classifier=dst-address
C. kind=pcq pcq-rate=5000000 pcq-classifier=src-address
D. kind=pcq pcq-rate=256000 pcq-classifier=src-address
E. kind=pcq pcq-rate=5000000 pcq-classifier=dst-address
74
Jawab : A dan D
Penjelasan :dalam PCQ untuk melimit Upload classifier yang diisi adalah Src-Address dan
untuk Download classfier yang diisi aalah dst-address

25. There can be more than one PPPoE server in a single broadcast domain:
True

Jawab : true
Penjelasa: karena dalam satu broadcast domain bisa menjalankan lebih dari satu point to
point dalam satu network

75