MikroTik uses connection tracking to assign states to packets that pass through the router’s firewall. When a packet initiates a connection that is not previously tracked, it is marked as new.
Connection states:
new: First packet of a new connection
established: Part of an existing tracked connection
related: New connection related to an existing one (e.g., FTP data channel)
invalid: Unrecognized or malformed connection
unknown: Used in very specific or rare circumstances (not common in IP-based networks)
Therefore:
A.✘Incorrect – All packets entering the firewall are tracked
B.✔Correct – This is a new connection
C.✘Incorrect – "unknown" is not used for typical traffic
D.✘Incorrect – Not invalid unless malformed or contextless
E.✘Incorrect – This is not an existing connection
Extract from Official MTCNA Course Material – Firewall Connection States:
“A packet that begins a new connection is marked as ‘new’. Connection tracking then continues monitoring that session.”
Extract from René Meneses MTCNA Study Guide – Connection Tracking:
“New connections receive the 'new' state. Firewall rules often start by permitting or blocking 'new' and 'established' states.”
Extract from MikroTik Wiki – Firewall and Connection States:
“State=new is assigned when no existing connection entry matches the incoming packet.”
===========
