I would like to purchase the above router and use it as my primary router for an FWA connection. Does it support No-ip DDNS and OpenVPN?
No and sort of. But it may not be too bad. Any DDNS that has some reasonable API can be updated using script. I don’t use it myself, but I saw some scripts for no-ip before. There’s also build-in DDNS run by MikroTik. OpenVPN can be more problematic. MikroTik created their own implementation and unfortually didn’t yet manage to add all features, so success depends on what exactly you require. Both can be tested before you buy anything, just download CHR (RouterOS VM that you can run in VMware Player, VirtualBox, …). It’s free, limited only by speed (1 Mbit maximum).
Yes, as Sob indicated its easy to modify any DYDNS service to work on mikrotik.
Check out Para Z (subpara d.) - https://forum.mikrotik.com/viewtopic.php?t=182373
Just replace the provider info with yours, as required.
No, OPVN is really a hacky vpn that has never been fully developed by Mikrotik to this day, its a ddwrt linksys hack job that made its way mainstream.
It will kinda work but seems fairly complex to achieve.
However, much easier VPN setup and its faster too, is wireguard. Since wireguard clients are avail for linux, macOS, windows, android, one would have to be a masochist to use anything else if avoiding full l2tp IKEv2 IPSEC proper.
Don’t forget that sometimes you need to connect to someone else’s server. And regardless of how wonderful WG may be, it won’t help you if they have OpenVPN.
Concur, all the more reason to get your friends an MT router. 
Didn’t you get the free t-shirt to upsell ??
In any case I would go SSTP or even SSH or even port knocking before ovpn
If you can choose, it’s different. And OpenVPN is not bad, it’s just that what RouterOS has is missing features, so interoperability is limited. Otherwise it’s pretty nice, it can do L2 or L3, dynamic configuration, etc. SSTP is good when you want to avoid installing some third-party software on clients. But it can be also annoying, because it needs certificate, and certificates should be trusted. ROSv7 added client for Let’s Encrypt, so in theory you could use that, but as it is now, it could still use some work. OpenVPN needs certificates too, but you can easily use your own, there’s no need for trusted CA. SSH is quite different kind of tunneling.