MTCNA Exam Dumps - MikroTikCertified Network Associate Exam

Address Resolution Protocol (ARP) is used in IPv4 to resolve IP addresses into MAC addresses. However, in IPv6, ARP is completely replaced by the Neighbor Discovery Protocol (NDP), which is part of ICMPv6. Therefore, ARP is not used in IPv6 at all.

A. True → Incorrect. ARP is exclusive to IPv4.

B. False → Correct. IPv6 replaces ARP with ICMPv6-based mechanisms.

Extract from Official MTCNA Course Material – IPv6 Overview:

“IPv6 does not use ARP. Instead, it uses the Neighbor Discovery Protocol (NDP), which provides similar functionality using ICMPv6 messages.”

Extract from René Meneses MTCNA Study Guide – IPv6 Chapter:

“In IPv6, the legacy ARP protocol is replaced with Neighbor Solicitation and Advertisement messages as part of the Neighbor Discovery Protocol.”

Extract from MikroTik Wiki – IPv6 Concepts:

“ARP is not used in IPv6. Instead, Neighbor Discovery Protocol handles address resolution, router discovery, and prefix information.”

In MikroTik RouterOS (and in routing in general), the "distance" value determines the priority of a route. The route with the lowest distance will be preferred.

Here:

Route to 0.0.0.0/0 via 1.1.1.1 has distance = 10

Route to 0.0.0.0/0 via 2.2.2.2 has distance = 5 → lower, so preferred✅

Unless the lower-distance route is invalid or unreachable, it will always be selected.

MTCNA Course Manual – Static Routing:

“The lower the distance value, the higher the route’s priority. Routes are selected based on administrative distance first.”

René Meneses Study Guide – Route Distance:

“A route with distance 1 is preferred over a route with distance 2. It does not matter which was added first.”

Terry Combs Notes – Routing Behavior:

“RouterOS evaluates the distance (priority) before anything else. Smallest value wins.”

Answer: AQUESTION NO: 44 [Firewall]

What does the firewall action "Redirect" do? Select all true statements.

A. Redirects a packet to a specified port on the router

B. Redirects a packet to a specified IP

C. Redirects a packet to the router

D. Redirects a packet to a specified port on a host in the network

Answer: A, C

The redirect action in MikroTik’s NAT firewall rules is used to force traffic (usually from LAN clients) to a local service on the router — for example, redirecting all DNS queries to the router’s DNS server, or forcing web traffic to a proxy.

Details:

It changes the destination IP to the router's IP automatically (without needing to specify it)

It also allows port redirection (e.g., dst-port=80 → to 3128 for proxy)

Evaluation:

A.✅True — You can redirect to a specific port on the router

B.❌False — Redirect does not change destination IP to an arbitrary host; for that, use dst-nat

C.✅True — Redirect forces traffic to the router itself

D.❌False — dst-nat is used to forward packets to internal hosts, not redirect

MTCNA Course Manual – NAT Actions:

“Redirect action changes destination to the router itself. This is useful for forcing traffic through router services.”

René Meneses Guide – NAT Behavior:

“Redirect = router-local services like DNS or proxy. Use dst-nat for remote hosts.”

Terry Combs Notes – Firewall Actions:

“Use redirect when you want to intercept traffic and handle it locally on the router.”

Answer: A, CQUESTION NO: 45 [PPP / Tunnels]

Which port does PPTP use by default?

A. TCP 1721

B. UDP 1723

C. TCP 1723

D. UDP 1721

Answer: C

PPTP (Point-to-Point Tunneling Protocol) uses:

TCP port 1723 for control and session initiation

GRE (Generic Routing Encapsulation) protocol (protocol number 47) for tunneling

No UDP port is used by PPTP.

Evaluation:

A. TCP 1721 →❌Invalid port

B. UDP 1723 →❌Incorrect protocol (TCP is used, not UDP)

C.✅TCP 1723 → Correct

D.❌Invalid (wrong protocol and port)

MTCNA Tunneling Section – PPTP Overview:

“PPTP uses TCP port 1723 for control and GRE protocol for tunneling traffic.”

René Meneses MTCNA Guide – PPTP Characteristics:

“PPTP = TCP/1723 + GRE (not a port, but a protocol). Allow both on firewall.”

Terry Combs Notes – VPN Protocol Reference:

“PPTP: TCP 1723. GRE must be permitted for tunnel data.”

Answer: CQUESTION NO: 46 [Firewall]

Which firewall chain should you use to filter ICMP packets from the router itself?

A. input

B. postrouting

C. forward

D. output

Answer: D

MikroTik RouterOS uses firewall chains to process packets based on direction:

input: For packets destined to the router itself (from outside)

output: For packets originating from the router (e.g., router pings)

forward: For packets passing through the router between interfaces

postrouting: Used for NAT and marking, not filtering

Therefore:

To block/allow ICMP (ping) generated by the router (e.g., netwatch, DNS probes), use the output chain

To block incoming pings to the router, use input

To block pings between LAN and WAN, use forward

MTCNA Firewall Module – Chain Responsibilities:

“To control traffic originating from the router itself, use the output chain. For example, when the router itself sends ICMP requests.”

René Meneses Guide – Firewall Chains Explained:

“output is for locally generated traffic. input is for inbound traffic to the router.”

Terry Combs Notes – Chain Use Cases:

“Ping from router = output. Ping to router = input. Ping between networks = forward.”

Binary to Decimal:

10011101

= 1×2^7 + 0×2^6 + 0×2^5 + 1×2^4 + 1×2^3 + 1×2^2 + 0×2^1 + 1×2^0

= 128 + 0 + 0 + 16 + 8 + 4 + 0 + 1

= 157

Decimal to Hexadecimal:

157 ÷ 16 = 9 remainder 13 → 13 = D

So, 157 = 0x9D

MTCNA Course Material – Binary and Hex Conversion:

“Convert binary to decimal by summing powers of 2. Then convert decimal to hexadecimal by dividing by 16.”

René Meneses MTCNA Study Guide – Number Systems:

“For binary 10011101, the decimal is 157, and hex is 9D.”

Only Option B is correct: 157, 0x9D.

Final Answer: BQUESTION NO: 110 [RouterOS Introduction]

If you use either Telnet or FTP, which is the highest layer you are using to transmit data?

A. Application

B. Presentation

C. Session

D. Transport

Answer: A

Protocols like Telnet and FTP are considered Application Layer protocols in the OSI model. They operate at Layer 7, providing interfaces for user-level interaction and command control.

MTCNA Course Material – TCP/IP vs OSI Model:

“Telnet, FTP, HTTP are Application Layer protocols. They operate at the top of the OSI stack (Layer 7).”

René Meneses MTCNA Study Guide – Protocol Layers:

“Telnet and FTP reside at the Application Layer. They initiate data exchange between hosts.”

Presentation and Session layers are not separately used in the TCP/IP model and are merged into the Application Layer.

Transport (Layer 4) is used by these protocols (via TCP), but the protocol itself resides at the Application Layer.

Final Answer: AQUESTION NO: 111 [RouterOS Introduction – IP Addressing]

Which class of IP address provides a maximum of only 254 host addresses per network ID?

A. Class A

B. Class B

C. Class C

D. Class D

Answer: C

Class C networks are defined as IP addresses with the first octet in the range of 192 to 223. Their default subnet mask is 255.255.255.0 (/24), which provides:

2^8 = 256 total addresses

Minus 2 (1 for network address, 1 for broadcast)

→ 254 usable host addresses

MTCNA Course Material – IP Address Classes:

“Class C has a default mask of /24. This allows for 254 hosts per network.”

René Meneses MTCNA Study Guide – IP Classes:

“Class C = 192.0.0.0 to 223.255.255.255, 254 usable hosts per subnet.”

Other classes:

Class A: ~16 million hosts

Class B: ~65,000 hosts

Class D: used for multicast (not host assignment)

Final Answer: CQUESTION NO: 112 [RouterOS Introduction – Protocols]

Which of the following services use UDP?

DHCP

SMTP

SNMP

FTP

HTTP

TFTP

A. 1, 3 and 6

B. 2 and 4

C. 1, 2 and 4

D. All of the above

Answer: A

UDP is a connectionless protocol used by several lightweight or stateless network services. Among the listed services:

DHCP: Uses UDP (Ports 67 and 68)

SNMP: Uses UDP (Ports 161/162)

TFTP: Uses UDP (Port 69)

Other protocols:

SMTP: Uses TCP (Port 25)

FTP: Uses TCP (Ports 20 and 21)

HTTP: Uses TCP (Port 80)

MTCNA Course Material – Protocols and Ports:

“UDP is used for DHCP, SNMP, TFTP. TCP is used for SMTP, FTP, HTTP.”

René Meneses MTCNA Study Guide – Port Assignments:

“TCP: FTP, SMTP, HTTP. UDP: DHCP, SNMP, TFTP.”

Only 1, 3, and 6 use UDP.

The best way to transfer only the firewall filter rules is to use the export command for just that section:

Command:

/ip firewall filter export

This produces a readable script containing only the firewall filter rules. This method is safer than editing binary backups and more efficient than exporting the global configuration and deleting unrelated parts.

Evaluation:

A.✅Correct – clean and script-based approach

B.❌You cannot selectively back up just firewall rules using the backup function (it’s system-wide)

C.❌Editing a backup file is not recommended and often not possible (it’s binary)

D.❌Too cumbersome and error-prone

MTCNA Course Manual – Configuration Transfer:

“Use export to get script output of specific sections. Backups are for full system restore.”

René Meneses Guide – Migrating Configurations:

“Export is recommended for transferring specific configurations like firewall rules.”

Terry Combs Notes – Export vs Backup:

“Backups = full system. Use export for clean, readable configuration transfer.”

Answer: AQUESTION NO: 79 [DHCP]

How many DHCP servers can be configured per interface on RouterOS?

A. Five

B. One

C. Two

D. Unlimited

Answer: B

RouterOS allows only one DHCP server instance per interface. If you attempt to assign more than one DHCP server to the same interface, RouterOS will throw an error.

If you need to serve multiple subnets or ranges, this must be done on different interfaces or by configuring DHCP relay or advanced routing.

MTCNA DHCP Module – Server Configuration:

“One DHCP server per interface is allowed. Assigning multiple servers to a single interface is not supported.”

René Meneses Study Guide – DHCP Design:

“Plan carefully: one server per interface. Use DHCP relay if multiple scopes are needed.”

Terry Combs Notes – DHCP Server Behavior:

“Trying to configure two servers on the same port results in failure.”

PAT (Port Address Translation) is a subtype of NAT that maps multiple private IP addresses to a single public IP address using different port numbers. It is the most common form of NAT used in home and business networks to allow multiple internal hosts to access the internet using one public IP address.

MTCNA Course Material – NAT Concepts:

“PAT (also known as NAT overload) allows multiple devices to share a single public IP address. It uses different port numbers to distinguish sessions.”

Cisco IOS NAT Configuration Guide:

“PAT translates multiple local IP addresses to one public IP address by assigning different port numbers to each session.”

Other options:

A: Generic term — not specific enough

B: Static NAT maps one private IP to one public IP

C: Dynamic NAT maps private IPs to a pool of public IPs, not one-to-many

Final Answer: DQUESTION NO: 149 [IPv6 – Addressing Standards]

How long is an IPv6 address?

A. 32 bits

B. 128 bytes

C. 64 bits

D. 128 bits

Answer: D

IPv6 addresses are 128 bits in length, represented as eight groups of four hexadecimal digits separated by colons (e.g., 2001:0db8:85a3:0000:0000:8a2e:0370:7334). This allows for a vastly larger address space compared to IPv4 (32 bits).

MTCNA Course Material – IPv6 Basics:

“An IPv6 address is 128 bits long, providing 3.4×10^38 possible addresses. It is written in hexadecimal format.”

René Meneses MTCNA Study Guide – IPv6 Addressing:

“IPv6 = 128 bits, not bytes. Address includes a 64-bit network prefix and 64-bit interface identifier.”

Other options:

A: 32 bits is IPv4

B: 128 bytes = 1024 bits — incorrect

C: 64 bits = only half of an IPv6 address

Final Answer: DQUESTION NO: 150 [IP Addressing – Subnetting]

How many usable IP addresses are there in a 23-bit (255.255.254.0) subnet?

A. 512

B. 510

C. 508

D. 254

Answer: B

A /23 subnet provides 2^9 = 512 total addresses.

Subtract 2 (network address + broadcast address)

512 – 2 = 510 usable IP addresses

MTCNA Course Material – Subnet Calculations:

“For any subnet, usable hosts = 2^(32 – subnet mask bits) – 2.”

René Meneses MTCNA Study Guide – IP Subnetting:

“/23 provides 512 total addresses; usable = 510 after subtracting network and broadcast.”

Option Breakdown:

A: Total addresses (512)

B:✔Usable addresses (510)

C: Incorrect (508 is for /23 minus 4 — not relevant here)

D: 254 is usable for /24

The redirect action is only valid in the dstnat chain. It is used to redirect traffic to a service running on the router itself (e.g., redirecting HTTP to a local proxy server).

A.✘srcnat – Not compatible with redirect

B.✘forward – Redirect doesn’t apply in this chain

C.✔dstnat – This is the correct and only supported chain for action=redirect

Extract from Official MTCNA Course Material – NAT Actions:

“The redirect action is used within the dstnat chain to forward packets to the router’s local services.”

Extract from MikroTik Wiki – NAT Rule Actions:

“Redirect is used in dstnat chain and changes destination address to a local router IP and port.”

===========

A stub network is defined as a network segment that is accessible by only one path (single entry/exit point). It does not serve as a transit network for routing between other networks. Traffic entering or leaving the stub network must pass through a single interface.

MTCNA Course Material – Routing Concepts:

“A stub network is one that is connected to the rest of the network by a single router interface. It has only one entry and one exit point.”

René Meneses MTCNA Study Guide – Routing Terms:

“Stub networks do not forward packets for other networks. They are endpoints with one route in and out.”

Other options:

A/B: Describe transit networks, not stub

C: Misleading—stub has both entry and exit, but only through one path

D:✔Correct definition

Final Answer: DQUESTION NO: 130 [PPP – Protocol Functions]

What PPP protocol provides dynamic addressing, authentication, and multilink?

A. NCP

B. HDLC

C. LCP

D. X.25

Answer: C

LCP (Link Control Protocol) is responsible for establishing, configuring, and testing the data-link connection in PPP. It handles features such as:

Authentication (PAP/CHAP)

Link quality testing

Multilink (combining multiple connections)

Negotiating link options

MTCNA Course Material – PPP Configuration:

“LCP handles link configuration, authentication, multilink, and error detection. NCP handles network layer protocol configuration.”

René Meneses MTCNA Study Guide – PPP Stack:

“LCP is the control protocol used to manage and negotiate the PPP connection, including authentication and multilink.”

Other options:

A: NCP negotiates Layer 3 protocol settings (e.g., IP, IPX)

B: HDLC is a simpler Layer 2 protocol, no support for dynamic addressing or multilink

D: X.25 is a packet-switched WAN protocol, not part of PPP

Final Answer: CQUESTION NO: 131 [Switching – Spanning Tree Protocol (STP)]

In a network with dozens of switches, how many root bridges would you have?

A. 1

B. 2

C. 5

D. 12

Answer: A

Spanning Tree Protocol (STP) is used in Ethernet switching environments to prevent loops. In any STP domain, only one switch is elected as the root bridge. All other switches determine the shortest path to this root bridge and may block redundant paths.

MTCNA Course Material – STP Basics:

“STP ensures a loop-free topology by electing a single root bridge. All path calculations are made from the root bridge’s perspective.”

René Meneses MTCNA Study Guide – STP and Loop Prevention:

“Only one root bridge exists per STP domain. Switches use BPDU messages to elect it based on bridge ID priority.”

No matter how many switches exist (2, 10, or 50), only one root bridge is present at any time.

Final Answer: AQUESTION NO: 132 [IP Addressing – Classful Networking]

Which class of IP address has the most host addresses available by default?

A. A

B. B

C. C

D. A and B

Answer: A

Classful IP addressing reserves different address ranges and host counts:

Class A: 1.0.0.0 – 126.255.255.255 (/8) → 2^24 – 2 = 16,777,214 hosts

Class B: 128.0.0.0 – 191.255.255.255 (/16) → 2^16 – 2 = 65,534 hosts

Class C: 192.0.0.0 – 223.255.255.255 (/24) → 2^8 – 2 = 254 hosts

MTCNA Course Material – IP Address Classes:

“Class A has the largest number of hosts per network, over 16 million. Class B allows around 65,000, and Class C allows 254.”

René Meneses MTCNA Study Guide – Classful IP Summary:

“Class A provides the most host addresses by default due to its /8 subnet.”

Only Class A has the highest host count.

In MikroTik’s firewall, the correct chain depends on the traffic direction and whether the traffic is destined for or originating from the router itself.

To block access to MSN (or any other service being accessed by a user from the LAN to the Internet), you must filter transit traffic. This is done in the forward chain.

A. input → Used for traffic destined to the router (e.g., WinBox, SSH).

B.✘process → Invalid option (does not exist in RouterOS).

C.✔forward → Used for user traffic passing through the router (e.g., LAN client to MSN servers on the Internet).

D. output → Used for traffic originating from the router itself (e.g., ping from router to external IP).

Extract from Official MTCNA Course Material – Firewall Chains:

“Use the forward chain to filter traffic passing through the router (LAN to WAN). Blocking access to external services like Facebook or MSN belongs here.”

Extract from René Meneses MTCNA Study Guide – Firewall Chains:

“To block Internet services for users, configure rules in the forward chain. Input is only for traffic targeting the router.”

Extract from MikroTik Wiki – Firewall Overview:

“forward: filters all traffic going through the router. For user access restrictions, place rules here.”