Certification: Cisco Certified CyberOps Associate
Duration: 120 minutes (95 - 105 questions)
Available languages: English
Exam overview This exam tests your knowledge and skills related to:
Security concepts
Security monitoring
Host-based analysis
Network intrusion analysis
Security policies and procedures
Exam Description The Understanding Cisco Cybersecurity Operations Fundamentals (200-201
CBROPS) exam is a 120-minute assessment that is associated with the Cisco
Certified CyberOps Associate certification. The CBROPS exam tests a candidate’s
knowledge and skills related to security concepts, security monitoring,
host-based analysis, network intrusion analysis, and security policies and
procedures. The course, Understanding Cisco Cybersecurity Operations
Fundamentals, helps candidates to prepare for this exam.
The following topics are general guidelines for the content likely to be
included on the exam. However, other related topics may also appear on any
specific delivery of the exam. To better reflect the contents of the exam and
for clarity purposes, the guidelines below may change at any time without
notice.
1.1 Describe the CIA triad
1.2 Compare security deployments
1.2.a Network, endpoint, and application security systems
1.2.b Agentless and agent-based protections
1.2.c Legacy antivirus and antimalware
1.2.d SIEM, SOAR, and log management
1.3 Describe security terms
1.3.a Threat intelligence (TI)
1.3.b Threat hunting
1.3.c Malware analysis
1.3.d Threat actor
1.3.e Run book automation (RBA)
1.3.f Reverse engineering
1.3.g Sliding window anomaly detection
1.3.h Principle of least privilege
1.3.i Zero trust
1.3.j Threat intelligence platform (TIP)
1.5 Describe the principles of the defense-in-depth strategy
1.6 Compare access control models
1.6.a Discretionary access control
1.6.b Mandatory access control
1.6.c Nondiscretionary access control
1.6.d Authentication, authorization, accounting
1.6.e Rule-based access control
1.6.f Time-based access control
1.6.g Role-based access control
4.9 Interpret common artifact elements from an event to identify an alert
4.9.a IP address (source / destination)
4.9.b Client and server port identity
4.9.c Process (file or registry)
4.9.d System (API calls)
4.9.e Hashes
4.9.f URI / URL
5.10 Classify intrusion events into categories as defined by security models,
such as Cyber Kill Chain Model and Diamond Model of Intrusion
5.11 Describe the relationship of SOC metrics to scope analysis (time to detect,
time to contain, time to respond, time to control)
QUESTION 1
Which type of algorithm encrypts data bit by bit?
A. block
B. asymmetric
C. stream
D. symmetric
Correct Answer: C
QUESTION 2 Which of the following is deployed on an endpoint as an agent or standalone
application?
A. NIPS
B. NGFW
C. HIDS
D. NIDS
Correct Answer: C
QUESTION 3 Which of the following represents an exploitable, unpatched, and unmitigated
weakness in software?
A. vulnerability
B. exploit
C. threat
D. breach
Correct Answer: A
QUESTION 4 Which of the following describes a TCP injection attack?
A. Many TCP SYN packets are captures with the same sequence number, source, and
destination IP address, but different payloads.
B. there is an abnormally high volume of scanning from numerous sources
C. many TCP SYN packets are captured with the same sequence number, but
different source and destination IP addresses and different payloads
D. an attacker performs actions slower than normal
Correct Answer: A
QUESTION 5 How are attributes of ownership and control of an object managed in Linux?
Audience Profile Candidates for this exam should have subject matter expertise implementing,
managing, and monitoring an organization’s Microsoft Azure environment.
Responsibilities for an Azure Administrator include implementing, managing, and
monitoring identity, governance, storage, compute, and virtual networks in a
cloud environment, plus provision, size, monitor, and adjust resources, when
needed.
An Azure Administrator often serves as part of a larger team dedicated to
implementing your organization's cloud infrastructure.
A candidate for this exam should have at least six months of hands-on experience
administering Azure, along with a strong understanding of core Azure services,
Azure workloads, security, and governance. In addition, this role should have
experience using PowerShell, Azure CLI, Azure portal, and Azure Resource Manager
templates.
Skills Measured NOTE: The bullets that appear below each of the skills measured are intended
to illustrate how we are assessing that skill. This list is not definitive or
exhaustive.
NOTE: In most cases, exams do NOT cover preview features, and some features will
only be added to an exam when they are GA (General Availability).
Manage Azure identities and governance (15-20%) Manage Azure AD objects
. create users and groups
. manage user and group properties
. manage device settings
. perform bulk user updates
. manage guest accounts
. configure Azure AD Join
. configure self-service password reset
. NOT: Azure AD Connect; PIM
Manage role-based access control (RBAC)
. create a custom role
. provide access to Azure resources by assigning roles
o subscriptions
o resource groups
o resources (VM, disk, etc.)
. interpret access assignments
. manage multiple directories
. NOT: Traffic Manager and FrontDoor and PrivateLink
Monitor and troubleshoot virtual networking
. monitor on-premises connectivity
. use Network Performance Monitor
. use Network Watcher
. troubleshoot external networking
. troubleshoot virtual network connectivity
Integrate an on-premises network with an Azure virtual network
. create and configure Azure VPN Gateway
. create and configure VPNs
. configure ExpressRoute
. configure Azure Virtual WAN
Monitor and back up Azure resources (10-15%)
Monitor resources by using Azure Monitor
. configure and interpret metrics
o analyze metrics across subscriptions
. configure Log Analytics
o implement a Log Analytics workspace
o configure diagnostic settings
. query and analyze logs
o create a query
o save a query to the dashboard
o interpret graphs
. set up alerts and actions
o create and test alerts
o create action groups
o view alerts in Azure Monitor
o analyze alerts across subscriptions
. configure Application Insights
. NOT: Network monitoring
Implement backup and recovery
. configure and review backup reports
. perform backup and restore operations by using Azure Backup Service
. create a Recovery Services Vault
o use soft delete to recover Azure VMs
. create and configure backup policy
. perform site-to-site recovery by using Azure Site Recovery
. NOT: SQL or HANA
AZ-103/104 Comparison
Microsoft Azure Administrator
Current Skills Measured as of January 15, 2020
Updated Skills Measured List (ignore the numbering below)
Audience Profile
Candidates for this exam are Azure Administrators who manage cloud services that
span storage, security, networking, and compute cloud capabilities. Candidates
have a deep understanding of each service across the full IT lifecycle, and take
requests for infrastructure services, applications, and environments. They make
recommendations on services to use for optimal performance and scale, as well as
provision, size, monitor, and adjust resources as appropriate.
Candidates for this exam should have proficiency in using PowerShell, the
Command Line Interface, Azure Portal, ARM templates, operating systems,
virtualization, cloud infrastructure, storage structures, and networking.
Audience Profile
The Azure Administrator implements, manages, and monitors identity, governance,
storage, computevirtual machines, and virtual networks in a cloud environment.
This role focuses primarily on enabling Infrastructure as a Service (IaaS). The
Azure Administrator will provision, size, monitor, and adjust resources as
appropriate.
Candidates should have a minimum of six months of hands-on experience
administering Azure. Candidates should have a strong understanding of core Azure
services, Azure workloads, security, and governance. Candidates for this exam
should have experience in using PowerShell, the Command Line Interface, Azure
Portal, and ARM templates.
1. Manage Azure subscriptions and resources (15-20%)
1.1 Manage Azure subscriptions
Assign administrator permissions; configure cost center quotas and tagging;
configure policies at Azure subscription level
1.2 Analyze resource utilization and consumption
6. Manage Azure Identities and Governance (15-20%)
6.1 Manage Azure AD objects
. create users and groups
. manage user and group properties
. manage device settings
. perform bulk user updates
. manage guest accounts
. configure Azure AD Join
. configure self-service password reset
Configure diagnostic settings on resources; create baseline for resources;
create and test alerts; analyze alerts across subscription; analyze metrics
across subscription; create action groups and action rules; monitor for unused
resources; monitor spend; report on spend; utilize log queries in Azure Monitor;
view alerts in Azure Monitor
1.3 Manage resource groups
Use Azure policies for resource groups; configure resource locks; configure
resource policies; implement and set tagging on resource groups; move resources
across resource groups; remove resource groups
1.4 Managed role based access control (RBAC)
May include but is not limited to: Create a custom role, configure access to
Azure resources by assigning roles, configure management access to Azure,
troubleshoot RBAC, implement RBAC policies, assign RBAC Roles
. NOT: Azure AD Connect; PIM
6.2 Manage role-based access control (RBAC)
. create a custom role
. provide access to Azure resources by assigning roles
o subscriptions
o resource groups
o resources (VM, disk, etc.)
. interpret access assignments
. manage multiple directories
6.3 Manage subscriptions and governance
. configure Azure policies
. configure resource locks
. apply tags
. create and manage resource groups
o move resources
o remove RGs
. manage subscriptions
. configure Cost Management
. configure management groups
2. Implement and manage storage (15-20%)
2.1 Create and configure storage accounts
Configure network access to the storage account; create and configure storage
account; generate shared access signature; install and use Azure Storage
Explorer; manage access keys; monitor activity log by using Monitor Logs;
implement Azure storage replication; Implement Azure AD Authentication, manage
blob storage lifecycle management
7. Implement and Manage Storage (10-15%)
7.1 Manage storage accounts
. configure network access to storage accounts
. create and configure storage accounts
. generate shared access signature
. manage access keys
. implement Azure storage replication
. configure Azure AD Authentication for a storage account
7.2 Manage data in Azure Storage
2.2 Import and export data to Azure
Create export from Azure job; create import into Azure job; configure and use
Azure blob storage; configure Azure content delivery network (CDN) endpoints
2.3 Configure Azure files
Create Azure file share; create Azure File Sync service; create Azure sync
group; troubleshoot Azure File Sync
2.4 Implement Azure backup
Configure and review backup reports; perform backup operation; create Recovery
Services Vault; create and configure backup policy; perform a restore operation
. export from Azure job
. import into Azure job
. install and use Azure Storage Explorer
. copy data by using AZCopy
7.3 Configure Azure files and Azure blob storage
. create an Azure file share
. create and configure Azure File Sync service
. configure Azure blob storage
. configure storage tiers for Azure blobs
3. Deploy and manage virtual machines (VMs) (15-20%)
3.1 Create and configure a VM for Windows and Linux
Configure high availability; configure monitoring, networking, storage, and
virtual machine size; deploy and configure scale sets
3.2 Automate deployment of VMs
Modify Azure Resource Manager (ARM) template; configure location of new VMs;
configure VHD template; deploy from template; save a deployment as an ARM
template; deploy Windows and Linux VMs
3.3 Manage Azure VM
Add data discs; add network interfaces; automate configuration management by
using PowerShell Desired State Configuration (DSC) and VM Agent by using custom
script extensions; manage
8. Deploy and Manage Azure Compute Resources (25-30%)
8.1 Configure VMs for high availability and scalability
. configure high availability
. deploy and configure scale sets
8.2 Automate deployment and configuration of VMs
. modify Azure Resource Manager (ARM) template
. configure VHD template
. deploy from template
. save a deployment as an ARM template
. automate configuration management by using custom script extensions
8.3 Create and configure VMs
. configure Azure Disk Encryption
. move VMs from one resource group to another
VM sizes; move VMs from one resource group to another; redeploy VMs
3.4 Manage VM backups
Configure VM backup; define backup policies; implement backup policies; perform
VM restore; soft delete for Azure VMs; Azure Site Recovery
. manage VM sizes
. add data discs
. configure networking
. redeploy VMs
8.4 Create and configure containers
. create and configure Azure Kubernetes Service (AKS)
. create and configure Azure Container Instances (ACI)
. NOT: selecting an container solution architecture or product; container
registry settings
8.5 Create and configure Web Apps
. create and configure App Service
. create and configure App Service Plans
. NOT: Azure Functions; Logic Apps; Event Grid
4. Configure and manage virtual networks (30-35%)
4.1 Create connectivity between virtual networks
Create and configure VNET peering; create and configure VNET to VNET
connections; verify virtual network connectivity; create virtual network gateway
4.2 Implement and manage virtual networking
Configure private and public IP addresses, network routes, network interface,
subnets, and virtual network
4.3 Configure name resolution
Configure Azure DNS; configure custom DNS settings; configure private and public
9. Configure and Manage Virtual Networking (30-35%)
9.1 Implement and manage virtual networking
. create and configure VNET peering
. configure private and public IP addresses, network routes, network interface,
subnets, and virtual network
9.2 Configure name resolution
. configure Azure DNS
. configure custom DNS settings
. configure a private or public DNS zone
9.3 Secure access to virtual networks
. create security rules
. associate an NSG to a subnet or
DNS zones
4.4 Create and configure a Network Security Group (NSG)
Create security rules; associate NSG to a subnet or network interface; identify
required ports; evaluate effective security rules
4.5 Implement Azure load balancer
May include but is not limited to: Configure internal load balancer, configure
load balancing rules, configure public load balancer, troubleshoot load
balancing
4.6 Monitor and troubleshoot virtual networking
May include but is not limited to: Monitor on-premises connectivity, use Network
resource monitoring, use Network Watcher, troubleshoot external networking,
troubleshoot virtual network connectivity
4.7 Integrate on premises network with Azure virtual network
May include but is not limited to: Create and configure Azure VPN Gateway,
create and configure site to site VPN, configure Express Route, verify on
premises connectivity, troubleshoot on premises connectivity with Azure
network interface
. NOT: Traffic Manager and FrontDoor and PrivateLink
9.5 Monitor and troubleshoot virtual networking
. monitor on-premises connectivity
. use Network resource monitoring
. use Network Watcher
. troubleshoot external networking
. troubleshoot virtual network connectivity
9.6 Integrate an on-premises network with an Azure virtual network
. create and configure Azure VPN Gateway
. create and configure VPNs
. configure ExpressRoute
. configure Azure Virtual WAN
5. Manage identities (15-20%)
5.1 Manage Azure Active Directory (AD)
Add custom domains; Azure AD Join; configure self-service password reset;
[NO EQUIVALENT --- SEE NEW FG 5 BELOW]
manage multiple directories
5.2 Manage Azure AD objects (users, groups, and devices)
Create users and groups; manage user and group properties; manage device
settings; perform bulk user updates; manage guest accounts
5.3 Implement and manage hybrid identities
Install Azure AD Connect, including password hash and pass-through
synchronization; use Azure AD Connect to configure federation with on-premises
Active Directory Domain Services (AD DS); manage Azure AD Connect; manage
password sync and password writeback
5.4 Implement multi-factor authentication (MFA)
May include but is not limited to: Configure user accounts for MFA, enable MFA
by using bulk update, configure fraud alerts, configure bypass options,
configure Trusted IPs, configure verification methods
10. Monitor and back up Azure resources (10-15%)
10.1 Monitor resources by using Azure Monitor
. configure and interpret metrics
o analyze metrics across subscriptions
. configure Log Analytics
o implement a Log Analytics workspace
o configure diagnostic settings
. query and analyze logs
o create a query
o save a query to the dashboard
o interpret graphs
. set up alerts and actions
o create and test alerts
o create action groups
o view alerts in Azure Monitor
o analyze alerts across subscriptions
. configure Application Insights
. NOT: Network monitoring
10.2 Implement backup and recovery
. configure and review backup reports
. perform backup and restore operations by using Azure Backup Service
. create a Recovery Services Vault
o use soft delete to recover Azure VMs
. create and configure backup policy
. perform site-to-site recovery by using Azure Site Recovery
. NOT: SQL or HANA
QUESTION 1 You have an Azure subscription that contains an Azure Active Directory
(Azure AD) tenant named
contoso.com and an Azure Kubernetes Service (AKS) cluster named AKS1.
An administrator reports that she is unable to grant access to AKS1 to the users
in contoso.com.
You need to ensure that access to AKS1 can be granted to the contoso.com users.
What should you do first?
A. From contoso.com, modify the Organization relationships settings.
B. From contoso.com, create an OAuth 2.0 authorization endpoint.
C. Recreate AKS1.
D. From AKS1, create a namespace.
Correct Answer: B
QUESTION 2 You have a Microsoft 365 tenant and an Azure Active Directory (Azure AD)
tenant named contoso.com.
You plan to grant three users named User1, User2, and User3 access to a
temporary Microsoft SharePoint
document library named Library1.
You need to create groups for the users. The solution must ensure that the
groups are deleted automatically after 180 days.
Which two groups should you create? Each correct answer presents a complete
solution.
NOTE: Each correct selection is worth one point.
A. an Office 365 group that uses the Assigned membership type
B. a Security group that uses the Assigned membership type
C. an Office 365 group that uses the Dynamic User membership type
D. a Security group that uses the Dynamic User membership type
E. a Security group that uses the Dynamic Device membership type
Correct Answer: AC
QUESTION 3 You recently created a new Azure subscription that contains a user named
Admin1.
Admin1 attempts to deploy an Azure Marketplace resource by using an Azure
Resource Manager template.
Admin1 deploys the template by using Azure PowerShell and receives the following
error message: “User
failed validation to purchase resources. Error message: “Legal terms have not
been accepted for this item on
this subscription. To accept legal terms, please go to the Azure portal (http://go.microsoft.com/fwlink/?
LinkId=534873) and configure programmatic deployment for the Marketplace item or
create it there for the first time.”
You need to ensure that Admin1 can deploy the Marketplace resource successfully.
What should you do?
A. From Azure PowerShell, run the Set-AzApiManagementSubscription cmdlet
B. From the Azure portal, register the Microsoft.Marketplace resource provider
C. From Azure PowerShell, run the Set-AzMarketplaceTerms cmdlet
D. From the Azure portal, assign the Billing administrator role to Admin1
Correct Answer: C
QUESTION 4 You have an Azure Active Directory (Azure AD) tenant that contains 5,000
user accounts.
You create a new user account named AdminUser1.
You need to assign the User administrator administrative role to AdminUser1.
What should you do from the user account properties?
A. From the Licenses blade, assign a new license
B. From the Directory role blade, modify the directory role
C. From the Groups blade, invite the user account to a new group
Correct Answer: B
QUESTION 5 You have an Azure Active Directory (Azure AD) tenant named
contoso.onmicrosoft.com that contains 100 user accounts.
You purchase 10 Azure AD Premium P2 licenses for the tenant.
You need to ensure that 10 users can use all the Azure AD Premium features.
What should you do?
A. From the Licenses blade of Azure AD, assign a license
B. From the Groups blade of each user, invite the users to a group
C. From the Azure AD domain, add an enterprise application
D. From the Directory role blade of each user, modify the directory role
Welcome to the F5 Networks 101 - Application Delivery Fundamentals compiled
Study Guide. The purpose of this guide is to help you prepare for the F5 101 -
Application Delivery Fundamentals exam. The contents of this document are based
on the 101 - Application Delivery Fundamentals Blueprint Guide.
This study guide provides students with some of the basic foundational knowledge
required to pass the exam.
This study guide is a collection of information and therefore not a completely
original work. The majority of the information is compiled from sources that are
located on the Internet. All of the information locations are
referenced at the top of each topic instead of in an Appendix of this document.
This was done to help the reader access the referenced information easier
without having to search through a formal appendix. This
guide also references a book that should be basic reading for some of the topics
on this exam.
The F5 Certified team provides an official 101 - Application Delivery
Fundamentals Study Guide to all candidates. The F5 Certified Study Guide is a
list of reading material that will help any student build a broad
base of general knowledge that can assist in not only their exam success but
also in becoming a well-rounded systems engineer. The Resource Guide will be
available to the candidate through the certification.f5.com
website once they are qualified for the Application Delivery Fundamentals exam.
There are not any pre-requisite to this exam. This guide was prepared by an F5 employee but is not an official F5 document
and is not supported by F5 Networks.
Section 1 - OSI 5 Objective - 1.01 Explain, compare, and contrast the OSI layers
Objective - 1.02 Explain Protocols and Technologies Specific to the Data Link
Layer
Objective - 1.03 Explain protocols and apply technologies specific to the
network layer
Objective - 1.04 Explain the features and functionality of protocols and
technologies specific to the transport layer
Objective - 1.05 Explain the features and functionality of protocols and
technologies specific to the application layer
Section 2 - F5 Solutions and Technology Objective - 2.01 Articulate the role of F5 products
Objective - 2.02 Explain the purpose, use, and advantages of iRules
Objective - 2.03 Explain the purpose, use, and advantages of iApps
Objective - 2.04 Explain the purpose of and use cases for full proxy and packet
forwarding/packet based architectures
Objective - 2.05 Explain the advantages and configurations of high availability
(HA)
Section 3 – Load Balancing Essentials Objective - 3.01 Discuss the purpose of, use cases for, and key
considerations related to load balancing
Objective - 3.02 Differentiate between a client and server
Section 4 – Security Objective - 4.01 Compare and contrast positive and negative security models
Objective - 4.02 Explain the purpose of cryptographic services
Objective - 4.03 Describe the purpose and advantages of authentication
Objective - 4.04 Describe the purpose, advantages, and use cases of IPsec and
SSL VPN
Section 5 – Application Delivery Platforms Objective - 5.01 Describe the purpose, advantages, use cases, and challenges
associated with hardware based application delivery platforms and virtual
machines
Objective - 5.02 Describe the purpose of the various types of advanced
acceleration techniques
QUESTION: 1 To make complex access policies easier to manage, an administrator can
create a _______ containing several policy actions, and then add instances of it
within the policy? (Fill in)
A. Visual Policy Editor
B. Policy Editor
C. Visual Editor
D. Policy creator
Answer: A
QUESTION: 2 To make complex access policies easier to manage, an administrator can
create a policy containing several policy actions, and then add instances of it
within the policy using the ________. (Fill in)
A. Deployment Wizard
B. Setup Wizard
C. Policy Wizard
D. Visual Wizard
Answer: A
QUESTION: 3 The Policy Builder benefits include:
A. Doesn't require in depth web application knowledge
B. Only requires limited ASM knowledge
C. All of the above
D. Very low administrative impact
Answer: C
QUESTION: 4 APM administrators can configure access policies granting users which two
types of access?
A. CIFS access
B. Client/server access
C. Web application access
D. Proxy access
E. RDC access
Answer: D
QUESTION: 5 Which of the following is a benefit of using iRules?
A. They provide a secure connection between a client and LTM
B. They enable granular control of traffic
C. They can be used as templates for creating new applications
D. They can use Active Directory to authenticate and authorize users
E. They provide an automated way to create LTM objects
Answer: B
QUESTION: 6 APM provides access control lists at which two OSI layers? (Choose two.)
A. Layer 5
B. Layer 4
C. Layer 7
D. Layer 6
E. Layer 2
Answer: B,C
QUESTION: 7 TMOS is an F5 software module that runs on the BIG-IP platform.
Number of questions: 60
Number of questions to pass: 44
Time allowed: 90 mins
Status: Live
An IBM Certified Developer – IBM Cognos Analytics Developer V11.1.x is
responsible for building advanced reports and dashboards and connecting to data
and modeling meta data sources. This individual has project related experience
authoring and troubleshooting complex and intermediate level reports and
dashboards and is capable of participating in project implementations as an
effective team member.
This exam consists of 5 sections described below. For more detail, please see
the study guide on the Exam Preparation tab.
Section 1: Dashboards 22% Explain design considerations for small form factors (mobile devices)
Describe how to create simple Dashboards
Describe how to create complex interactive Dashboards
Describe how to modify Dashboards
Demonstrate how to control Dashboard data
Section 2: Reports 32% Describe the various data container types
Describe how to apply filters
Describe how to use prompts
Describe using conditions to control formatting layout and rendering
Describe using calculations and macros
Demonstrate presenting data graphically
Explain designing for multiple outputs
Describe using reusable objects
Explain various interactivity usages
Demonstrate understanding of relational vs dimensional reporting styles
Demonstrate understanding the use of multiple queries in a report
Demonstrate understanding the use of multiple Data sources in a report
Describe forms of report distribution and collaboration
Section 3: Data 21% Explain connecting to the Data source
Describe the various types of Physical Data sources and their usage
Describe the various types of metadata sources and their usage
Describe using data shaping (end user data preparation)
Section: 4 Other Features 10% Describe where the offering uses AI
Describe ways to augment with AI
Describe how to create a story for the presentation of information
Describe where Exploration is used to enhance analytics
Section 5: Troubleshooting and Performance 15% Describe utilities that are available in the product for troubleshooting
Describe approach(s) methods to perform root cause analysis/diagnose issues
Exam Number 300-460 CLDINF
Associated Certifications CCNP Cloud
Duration 90 Minutes (55 - 65 questions)
Available Languages English
Exam Description
The 300-460 (CLDINF) Implementing and Troubleshooting the Cisco Cloud
Infrastructure is a 90-minute, 55-65 question assessment that is associated with
the CCNP Cloud Certification. This exam tests a candidate's knowledge and
ability to: setup Cloud infrastructure including physical and virtual Data
Centers; implement Storage infrastructure and connectivity; implement Network
infrastructure and connectivity; implement Compute; troubleshoot Cloud workflows
or applications; and identify infrastructure operational domains. Candidates can
prepare for this assessment by taking the Implementing and Troubleshooting the
Cisco Cloud Infrastructure (CLDINF v1.0) course.
The following topics are general guidelines for the content likely to be
included on the exam. However, other related topics may also appear on any
specific delivery of the exam. In order to better reflect the contents of the
exam and for clarity purposes, the guidelines below may change at any time
without notice.
1.0 Knowledge of Cloud Infrastructure 16%
1.1 Demonstrate practical experience of both physical and virtual Data Centers
1.1.a Validate physical connection to LAN, SAN
1.1.b Management connection
1.1.c Server ports to chassis
1.1.d Virtual fiber channel
1.1.e Domain Virtual Machine Manager (VMM)
1.1.f Configuring UCS service profiles, vNICs & templates
1.2 Setup hypervisor
2.0 Storage 21%
2.1 Implement storage infrastructure
2.1.a Block Storage
2.1.a.1 Zoning
2.1.a.2 Describe initiator and target relationship
2.1.a.3 Boot targets
2.1.a.4 Setup LUN/Volume on storage controller
2.1.b File Storage
2.1.b.1 Mount point vs. shares
2.2 Implement storage connectivity
2.2.a Configure vHBA
2.2.b Configure WWPN pool
2.2.c Configure WWN Pool
2.2.d Configure iSCSI pool
2.2.e Configure VSAN group
2.2.f Configure boot order/ boot policy
2.2.g Configure local storage / disk policy (RAID)
2.2.h Describe protected config
The profession -- and everything it involves -- has changed dramatically, but
has been (and still is) a fun ride.
Looking back after spending more than 30 years as a Unix systems administrator,
I have to say that's it's been quite a ride.
It certainly wasn't 30+ years of doing the same thing. Instead, the technology
and the job have gone through incredible changes along the way. There were
dramatic improvements in the hardware that I managed and always plenty of new
tools to learn and use.
Over the years, I went from reveling in how much work I could get done on the
command line to grappling with some big issues -- troubleshooting some very
complicated problems and figuring out how to best protect my employers'
information assets. Along the way, I worked with some amazing individuals, got
laid off (once), and learned a lot about what works and doesn't work both from a
technical and a career perspective.
Here are my reflections on the changes I've seen and those still to come.
How the technology has changed
In the earliest part of my career, I actually used keypunch machines -- first,
when processing payrolls for client companies while working for a large New York
City bank (and putting myself through college) and second, when taking my first
programming class. At the bank, I built punch card "programs" to make it easier
for the keypunch operators to jump to the next field for the data they were
entering. At the college, the class was an introductory programming class based
on Fortran. Yes, Fortran. The following semester, the keypunch machines were no
more and big clunky terminals took their place.
Keypunch operators In college I had learned languages like Fortran, LISP, ALGOL, and Pascal.
And, in one class, I built a simple operating system on a PDP system using
assembly language. I remember "reading" the lights on the front of the system
and how exciting it was when the attached printer spit out a sheet of paper as
instructed. I've used many other languages since -- like C and some Java, but
I've mostly worked in scripting languages like sh, csh, bash, ksh, Python, and
Perl. One of the most surprising things is how many languages have been
introduced since I started in the field. The number of languages available seems
to have increased maybe 20-30 times. This list from 2013 is probably no longer
up-to-date: 256 Programming Languages
I remember in the early '80s having to know the topology of hard drives in order
to add them to my systems. Today, the systems are able to identify peripherals
with very little work on my part. The number of cylinders, heads, and sectors
... I had to describe the disk in these units for the system I was working on to
be able to use the drive.
ALSO ON NETWORK WORLD: 8 ways to jumpstart your career
From the early '90s, I still have somewhere a 300 MB (yes, that's megabytes)
disk that's roughly the size of a shoe box and sometimes stare at my USB
("thumb") drives, knowing that some hold as much as a terabyte. What an
incredible comparison! If this trend continues, we'll soon find that dropping a
storage device on the floor will mean we're no longer going to be able to find
it.
I also remember backing up my servers using a reel-to-reel tape drive. The tapes
were huge and they didn't hold all that much data. Some of my file systems
required 3-4 of them. Today, we use robotic tape drives and tools that automate
the backups and keep track of what files went to what tapes so that you can
restore files from various backup tapes with ease. And some of the backup
technology today uses clever "deduplication" technology to reduce the size of
data dumps by avoiding storing duplicate data, often reducing the size of
backups to a small fraction of their original size.
robotic tape library Of course, almost nothing has changed the field in which I've spent the last
30+ years as much as the Internet and the web have. When I worked for the
federal courts, the district courts were connecting to systems in Washington, DC
using a service called "Tymnet" which used packet switching technology. My
project would not only put "minicomputers" (systems about the size of a college
dorm refrigerator) into the courthouses, but make it so that all activity no
longer had to push bits to Washington DC and back.
The growth of the Internet made connecting to arbitrary systems around the globe
not only possible but common. And the introduction of the web (nee the "world
wide web") meant that I could find answers to many of my technical questions
without even having to pull a book off the shelf. Today I often find myself
wondering how I ever found answers to my technical questions before Google and
similar web searching tools made their appearance.
How the jobs have changed In general, the networks we manage are larger and more diverse. We won't see
the AppleTalk network segments that I remember from the '80s doing their own
thing, but the systems we run on our desktops and support in our data centers
can be surprisingly diverse. More of the work we do is centrally managed through
network services like NFS, NIS, DNS, etc.
Virtualization has become a major factor in our data centers. Many of our
servers are now just segments of resources on larger servers, able to be shrunk
and grown as needed to meet our demands, and easily migrated to alternate data
centers as needed. On top of that, what now seems the ultimate virtualization --
moving systems and even complete data centers into the cloud -- dramatically
changes what we as sysadmins are able to control and what we are responsible
for.
Most of us rely on fairly versatile ticketing systems to keep track of all the
problems that we are addressing and tasks waiting to be completed. We might be
"just" doing systems administration, but that role has moved heavily into
managing security, controlling access to a wide range of resources, analyzing
network traffic, scrutinizing log files, and fixing the chinks on our cyber
armor.
Security
In the early part of my career (maybe the first ten years or so), security was
fairly lax. Maybe we forced our users to change their passwords every year. I
remember once writing a program to pseudorandomly generate passwords by clumping
two short words together, but it was nothing like what I do today. Security in
those days was not a hot item and most of the people that I worked with were far
more cavalier than I. When one of our speakers at a Sun User Group conference
that I helped organize in the 1990s suggested that we all think like attackers,
the thought seemed quite revolutionary.
This aspect of being a sysadmin has undergone more change than likely any other.
Today, you're irresponsible if you're not behaving in a manner that might have
seemed paranoid 20 years ago. The tools we use and the measures we go to in
order to secure our systems are orders of magnitude beyond anything we would
have considered back then. Passwords are longer and the systems we manage allow
us to configure complexity measures. The suggested password length has gone from
7-8 characters to 12-14 and the expiration times have gone from once a year to
once every three or four months for most of us.
In addition, the tools that we use have become dramatically more sophisticated.
To some extent, we do become the attackers, using vulnerability testers like
Nessus and Nexpose that discover the holes in our systems (hopefully before our
attackers do) and sometimes even exploit them. We're also on the lookout with
intrusion detection systems watching for signs of malicious activity and data
loss prevention tools trying to keep our organizational "jewels" from leaking
out the back door. And following a briefing with Palo Alto just yesterday, I
don't imagine that I'll ever think of firewalls in the same old way again.
They're moving from the perimeter of our organizations into the middle of
everything we do. They're smarter, faster, and they're focused on what's
happening, not just on what doors (i.e., ports) the traffic is moving through.
How our communities have changed In 1980, the Apple II computer that sat on a desk in the corner of my dining
room had my neighbors thinking that I was a complete freak. To hear them talk,
you'd think I had a centrifuge on my kitchen counter. And it was not because the
computer was in the dining room or because it was an Apple. It was a computer
and why I would have one sitting in my house had them looking at me really
funny. Yet it wasn't that many years before anyone without a home computer was
considered weird. And these days, we're all pretty much using wireless networks
and probably everyone in the household has their own computer. Big change --
even without mentioning all the other electronics that are practically mandated
by our modern life styles.
Career choices
The downside: Compared to many IT jobs, there's not much climbing up the
corporate ladder for sysadmins. As a systems administrator, you'll seldom be in
the spotlight. You can easily still be a "bottom rung" (nobody reporting to you)
worker after 30 years in the field. It's also hard sometimes to get a sense of
value. You generally get noticed least when everything is running smoothly.
Unless you resolve Big Problems, most of the people you support won't think
about you very often. Maybe not even on Sysadmin Day.
Systems administrators are rarely customer-facing unless you count as customers
the staff that use the systems that you keep humming along. And, even then, the
big changes that you make are likely done after hours when everyone else is off
duty and having a relaxing weekend or enjoying happy hour at the local pub. Do
your job really well and no one will remember you're there.
The upside: The work is seldom boring and there's always something new to learn
-- something breaking, some new coming through the door. Even after 30+ years,
the work is anything but monotonous. And the job pays reasonably well. There's
also a lot of variability in what you do and what you specialize in. You might
automate all of your tasks or manage a huge data center, but there will always
be something that challenges you and problems that need your attention.
Some of the significant trade-offs involve the kind of organization you work
for. I worked in one company with only three employees and two independent
contractors and other organizations with staffs of tens of thousands. The
benefit of the smaller staff positions was getting to touch nearly everything
and being involved in almost every aspect of the work. The big ones offered more
chance of moving around and changing my organizational role fairly dramatically.
How much variability there is in your work depends on many factors, but I
generally prefer having enough flexibility that I'm always doing something that
I do easily and well and something else that is new and exciting. The mix keeps
me feeling that I'm earning my keep and equipping myself for future challenges
and opportunities.
The best jobs
For me, the best jobs that I've had involved my feeling that what I did was
important. My stint working in the federal government was one of those because I
knew that the analysts that I was supporting were helping to ensure that good
decisions were being made on the national level. It was rewarding just to be a
part of that.
At another (Johns Hopkins University), I managed the systems and the network for
one department (Physics and Astronomy). The big plus was that I worked with some
of the most brilliant people I'd ever have hoped to know -- some trying to map
the cosmos and other peering into the nature of the tiniest subatomic particles
-- and the students who helped out from time to time were generally amazingly
competent grad students. Plus the campus was lovely, the commute reasonable, and
the benefits (like being able to take free classes) pretty cool.
I also enjoyed being something of a jack of all computer trades at Web
Publishing (part of IDG) where I managed the network, the systems, the servers,
the backups, the web site, and eventually acquired a very capable assistant who
made the job even that much more enjoyable. And we were on the forefront of
online-only publications like SunWorld and JavaWorld that provided excellent
information and advice to the growing communities that used this technology.
And last, but not least, working for a couple E*Trade subsidiaries in a similar
"support everything" sysadmin role. Bright creative people are almost always
wonderful to work with. We worked off the Embarcadero in San Francisco and
managed to have some fun together even when we were working. And, hey, taking
the ferry to work was the best commute imaginable!
Some of the positions that I've held over the years involved having the best
possible coworkers -- people who were as committed as I was, who both learned
from me and taught me more than I can ever thank them for. Others involved the
kind of office politics that make it hard to remember that we're supposed to be
working for the same goal -- to help our organizations be successful -- not
fighting for a position under the lime light.
you're in a good place. Money isn't everything. Even living on a sailboat in the San Francisco Bay
(which I did for several years) would be Heaven for some and Hell for others.
Take the time to really nail down what matters to you. Is it visibility?
Recognition? A sense of accomplishment? A big salary? Flexible hours? A voice in
how things are done? A stake (and a say) in the outcome of your projects?
Whatever you do, don't stop learning. Computer skills get old fast and that
isn't going to change any time soon. Spend some time every day learning
something new and get your hands on some tools that might lead to the next phase
in your career. Check job postings from time to time even if you have no plans
to change jobs -- just to keep aware of what skills are in high demand.
And put on your seatbelt. You probably can't begin to imagine how the field is
going to look in another 30 years!
Windows 8: Does its 1-month report card read pass or fail?
The operating system is just a hair over one month old, so now is the perfect
time to take stock of the software's public reception.
My, how time flies when you're swiping through live tiles. Microsoft's new-look
Windows 8 launched exactly one month and one day ago, bringing the modern UI and
mobile-style apps to the desktop masses on October 26th. So how has the system
actually fared during its honeymoon period? Read on for the full synopsis of
Windows 8 wins and losses.
Can you navigate Windows 8?
It can't be all bad. Or can it?
Stephen Sinofsky: the gorilla no longer in the room
Many eyebrows were raised on November 12A when Microsoft announced that Stephen
Sinofskythe president of the Windows division, a driving force behind Windows 8,
and a long-time leader at Microsoftwas leaving his post, effective immediately.
The odd timing and abrupt announcement led to a rash of speculation. Was
Sinofsky fired or did he quit? Was it planned? Are Windows 8 sales that bad?
Neither Microsoft nor Sinofsky will talk about their divorce, but many analysts
believe Sinofsky's penchant for secretiveness and territorial mindset alienated
external and internal partners alike, which proved troublesome in the new,
cross-departmental world of Windows 8. It's hard to believe Microsoft would dump
Sinofsky over two weeks of (possibly) poor OS sales. Regardless of the reason
behind the split, Sinofsky's exitA was badly timed and led to a fresh wave of
media focus on the negative aspects of Windows 8.
"I think it was unwise to fire the head of the unit during the launch cycle and
during the critical 4th quarter," says Rob Enderle, the president and principal
analyst of the Enderle Group. "It was a dangerous distraction."
Sinofsky's departure may have been a dangerous distraction, but headlines alone
don't make or break an operating system. Indeed, sales figures define the bottom
line, and Sinofksy has never been a household name. Nonetheless, the
unceremonious exit of the Windows boss adds up to a net fail for Microsoft in
the executive comings-and-goings department.
Windows Store: growing, but still unimpressive
As the Windows Store goes, so goes Windows 8. The fancy-schmancy modern UI and
its glittering live tiles are all powered by new-style Windows 8 apps, and the
only way to get these apps is through the Windows Store itself. Our pre-launch
examination of Microsoft's digital wares revealed a worrisome dearth of apps,
along with a serious paucity of blockbuster apps, to boot.
One month in, the Windows Store is looking a bit better. Wes Miller, an
independent Microsoft analyst at Directions on Microsoft and the curator of the
WinAppUpdate website, recently announced that the Windows Store finally cracked
the 20,000 app barrier, with new apps showing up at a clip of roughly 500 per
day, post-launch. Only around 13,000 of these titles are available in the United
States, however, and Microsoft still has a long way to go before it nears the
700,000-plus app selection of the entrenched Android and Apple markets. Still,
the Windows Store is growing nicely.
The quality level of those apps is still a concern, however. The last post on
Miller's website is titled, "Windows Store: I'm holding out for a hero app," in
which he bemoans the lack of exclusive Windows 8 apps and says flat-out, "There
arent a ton of stellar apps. It's an observation that mirrors our own. Most of
the available apps are ho-hum web wrappers, uninspired utilities or lackluster
games.
