Devnet Associate
What are three common CI/CD tools
ANSIBLE Vagrant Docker
What are two primary functions of ISE?
Access Control Guest Access Management
What attributes are supported by the NETCONF <edit-config> operation?
Add Merge Remove
What is the difference between the Docker command "ADD" and "COPY"?
Add unpacks a tar archive Copy doesn't unpack archive
What is AMP?
Advanced Malware Platform
What does Finesse use?
An Agent/supervisor on the desktop REST and Javascript (browser based)
What are the attributes of DEVops?
Automated provisioning Continuous Implementation (cont improvement?) Incremental testing
What is a hypervisor
"Abstraction layer" that gives you ability to create a virtual machine
What is the python module to install to interpret YAML?
"import yaml"
What do "+++", "@@", "-" and '---' mark in a diff output?
+++ the new file @@ line numbers - deleted lines --- original file
What are three concepts in LEAN?
Eliminate waste Just in time Continuous improvement
What are the API's for Firewall?
FMC API (Firepower Management Center - Control level) FTD API - (firepower Thread Defense) config on the device
T/F API Keys will expire
False - according to one test you took, they have no expiration time
T/F - Hypervisor can only run on bare metal.
False - can also run on host OS
True/False - Puppet is agentless
False, Puppet has an agent
What is the management platform for Firepower?
Firepower Management Center (FMC)
How many elements in the "GET" rest call (including request and response)?
Five request method request header response code response header response payload
What are shortcomings of waterfall SDLC?
Fixed scope no value until end difficult to achieve high quality
What are 5 core principles in devops
Focus on automation failure is normal Availability is described in terms of what the business can tolerate Devops must deliver value, but perfection isn't possible Svc Lvl Objectives and svc lvl indicators are benchmarks
A packet arrives on a VLAN 10 on a port, but the destination MAC is unknown. What does the switch do?
Forward to all ports with the original VLAN (this was a trick question)
Capabilities of Ansible
Free Provisioning tool config management and deployment uses JSON Modules are "programs"
What are the API Verbs?
GET POST PUT DELETE HEAD FETCH
RESTCONF Actions
GET POST PUT PATCH DELETE
What are the three actions in gNMI?
Get Set Subscribe
HTTP Methods for API
Get, Head, Post (new data), put (update), patch (partial store, add), Delete
Tools of IAC
Github Gitlab Chef puppet Ansible Cisco NSO Terraform IDE's
How do you authenticate on Meraki system?
Go to dashboard, settings and enable API access then get a token key and deliver through API
Bare Metal Advantages
Good performance optimized for workload secure reliable
What authentication does RESTCONF HTTP use?
HTTP uses Basic Auth.
What is transport for gRPC/gNMI?
HTTP/2
What is the transport 'protocol' for RESTCONF?
HTTPS
What is cloud bursting?
It allows for public cloud resources to be utilized when private cloud workload has reached capacity.
What is Fog Computing?
It is a type of computing where services are hosted where they are used, such as at the network edge or with end devices. Fog computing is a paradigm that extends cloud computing and services to the edge of the network.
What purpose does vSmart serve in SD-WAN?
It is responsible for distributing the routing policies
What purpose does vManage serve in SD-WAN?
It is used to communicate when attaching or detaching device templates via REST calls
What purpose does vBond serve in SD-WAN?
It serves the orchestrator to onboard other components
principles of DevOps
Iterative Incremental (small rapid cycles) Continuous Automated Self Service Collaborative Holistic - 1 process not two
What is data format for gRPC/gNMI
JSON
What are the data formats supported by the xAPI?
JSON XML
What is the cisco SD WAN authentication cookie called?
JSessionID
Tools for CI/CD
Jenkins - Open Source automation server Gitlab
What is Threat Grid
Malware mitigation program - try to mitigate prior to getting to AMP
Bill ran an API call and got an extended response. He would like to apply 3 parameters: paging, sorting, and order. What is the correct sequence of these three parameters?
Order doesn't matter!
Is Chef a push or pull function-based tool?
Pull
Is Puppet a push or pull tool?
Puppet is a pull tool
Which of the following use 'push' methods and which use 'pull' methods? Puppet, Chef, Ansible, NSO (network service orchestrator) and Terraform
Puppet/chef - pull Ansible, NSO, Terraform - Push
What is the difference between POST and PUT action verbs?
Put is idempotent - it will result in same result - Put implices "PLACE" or "REPLACE" (overwrite) POST - Modify and update a resource - not idempotent
pyATS - what is it?
Python ATS - framework for creating automated tests and validation Used in Network simulation
What does UDS (user Data services) use for it's API?
REST
What API is available for ISE?
REST API
Which Ansible structure define reusable idempotent activities and their configs to be used in playbooks?
ROLES
NETCONF Operations
RPC (rpc, rpc-reply, rpc-error)
Which NSO feature or component allows implementing a service that requires sequential staged deployment?
Reactive Fastmap
Value of Model Driven Programmability
Refers to Data Models Focuses on what the content is Model Describes data
API Key
Requested, then supplied in header
What does "| xmlin" do when added to an NX OS command line?
Returns the xml form of the command.
In SD wan access solutions, what devices are used to build the underlay network?
Routers, Switches and AP Wireless controllers
What is the role of the agent in SDN tool like Puppet or Chef?
Runs on client and translates config commands to local device specific instructions
Ansible 'transport' method
SSH
NETCONF transport
SSH
What "transport" is used for NETCONF?
SSH
What transport does WebEx Teams use?
SSH Telnet HTTP
What are the benefits of full stack automation?
Self-service (infra on demad) Elasticity (scale up/down) Observability Automated problem mitigation
What does "docker ps -a" do?
Shows all running and exited docker instances
What does 'git branch' do?
Shows what branch you're on
what does git status do?
Shows where you are, commit status, file statuses
What is Umbrella?
Similar to DNS - provides a whitelist and blacklist to block domains, IP addresses, Files.
What is a hypervisor
Software that runs on host machine and manages virtual machines
Container advantages
Spin up/boot quickly Contains all application dependencies Can run on any OS where the container can run
What are some advantages of push model for collecting data in model-driven telemetry?
Standard-based YANG models Data Is Continuously sent Near real-time access to ops data
Advantages of IAC
Store code for safe keeping Evolve as your needs grow collaborate on code together version your code (and therefore network) create repeatable actions
What is the NETCONF operational "stack"?
TCP is Transport on top of that are RPC Messages On top of that are operations (<get>, <get-config>, etc)
What are 5 components of pyATS
Test Bed (actual Cisco devices) Test Cases (actual steps) Test Scripts Job File (collection of scripts) Easypy - test execution
What is a 'grouping' in YANG?
This defines a reusable collection of nodes
What is the Eastbound API in DNAC?
This is events and notifications
What is the north-bound API in DNAC?
This is the "Intent API"
What is the westbound API in DNAC?
This is the integration API
What Authentication does the ACI REST use?
Token authentication
Where does the token go for ACI Fabric REST requests?
Token goes in headers as a cookie
Which Cisco Collaboration API would be used to change speed dials on a user's headphone?
User Data Services (focused on a single or specific user's config)
Basic Auth
Username pwd encoded in BASE64
For NETCONF give: Transport, Port #, encoding format, 3 data store types.
Uses SSH Port 830 XML + YANG 3 data stores are Running, candidate, and startup
Name two characteristics of a container image
Uses a Union File System Is read-only by default
what does 'git add .' do?
adds all files in current directory to repository
Ansible commands
ansible-doc 'modulename' - see info and examples on how to use module ansible-playbook boo.yml -- run a playbook
In the NX-API sandbox what does it do when you choose "cli" vs "cli_ascii" in your output?
cli - structured date returned cli_ascii - raw ascii text response
Is puppet declarative or procedural?
declarative
What is the general SD-WAN URL format for an API Request?
device-addr:port/dataservice/{{template}}/{{feature}}
what command would you use to read from a file in YAML format - and convert to python dict format?
dictObject = yaml.load(fileObj, loader=yaml.fullLoader)
"Load" reads from a file and "loads()" reads from a string - what command / function writes?
dump() and dumps()
what purpose does vEdge service in SD-WAN?
it is the edge device manager
YANG Node types
leaf leaf-list container list
What is the linux command to control CPU and memory allocation?
libcgroups
what command is used to enable RESTCONF in IOS-XE devices
restconf
You have created a 'session' with acitoolkit (which included the url, login, password) for the api call. How do you execute it?
result = acitoolkit.action(session)
What is the first XML tag sent as 'first node" in a response to the NETCONF request message?
rpc-reply
What are three states of NETCONF Data Stores
running, candidate, startup
What is the base URI to list devices in SD-WAN?
sandbox.sdwan-cisco.com:443/ dataservice/device ?deviceid=a.b.c.d
What is the acitoolkit library function to create a link with the ACI Fabric (APIC)
session = acitoolkit.session (URL, Login, Pwd)
What does git log do?
show all changes to repository
what does git checkout <name> do?
switch to a branch of <name>
What is Vagrant?
tool to script the build and boot a VM
List three characteristics of XML format
tree structure parent - child relationships Has tags
T/F - JSON is built on key-value pairs
true
T/F Api keys create a unique key
true
You received a response from a "response = requests.post()" python command. What method on the "response" object can you use to get the response formatted into json?
use "jsonText = response.json()"
Yang Data Types
Binary bits bool decimal 64 Empty Enumeration int 8/ 16/... Uint 8/16/... String User defined
You requested a git merge and a code review occurs. What happens now?
Code sent to reviewers Reviewers provide comments Author addresses comments New code is reviewed again Final code is merged when ready
What method is used to create a webhook, and where is authentication placed?
Create w/ Post Authenticate with Post command/body
Custom Token
Created by Token Generator - you authenticate to generator Also called SSO
DevOps CALMS - What does this mean?
Culture Automation Lean Metrics Sharing
LEAN Principles
Cust Waste All work contributes to requirement
What are 5 API Types for Meraki?
Dashboard Scanning (location, user info) mV Sense API External Captive Portal
What are the four components of SD-WAN "layers"
Data plane control plane management plane (central config and monitoring) Orchestration plane - "vBOND"
What approach to IAC defines the steps necessary to reach the the end state of a job that changes configuration?
Declarative
What type (procedural, declarative) of tool is Ansible?
Declarative
Principles of IAC
Define, manage, interact with phys and vir resources by using machine readable code and scripts Develop / save code and run it instead of CLI
LIst three benefits of CI/CD
Deployment of code to production increase code coverage (by tests) prevent shipment of broken code
What is procedural automation
Describes how to get to end state - like the instructions in a recipe
What is the unique identifier of every object in the UCS object model?
Distinguished Name (DN)
Where can an API key be sent?
As cookie, URL Header
What format are playbooks written in?
.yml (yaml) Ansible has the idea of a task -> play -> playbook
RESTCONF URL Format
//address/root/data/<YANG_MODULE:>container/leaf [?options]
What is the URL for the open API documenting web interface for the Cisco SD WAN REST API?
/apidocs
What can a webex teams bot participate in?
1-1 conversations group spaces (no actions, can't read everything)
CI/CD steps (or process)?
1. A commit automates a build action 2. If no errors on build, run automated tests 3. if no errors on tests, enable human testing 4. if no human errors, deploy to staging area No Errors? Manually deploy to production.
What are the three private IP address spaces?
10.x.x.x/8 172.16.x.x.x/12 192.168.x.x/16
Meraki rate limiting
5/second (429 returned)
RESTCONF RFC
8040
NETCONF Port
830
Netconf Port
830
What is the NETCONF port?
830
What is format for ACI API URL?
<device_addr>/api/<queryType>/ <identifier>.<format> [params]
What is Cisco Code Exchange?
A dev resource where you can get existing code to jumpstart your development
What is a mock object?
A fake object used in testing to remove side effects of real objects. This is part of unit testing
What is pyATS
A foundation layer test framework. Designed to provide end-to-end test environment for developers to write test cases
What is a hypervisor?
A supervisor of many OS's it provides infrastructure virtualization and supervises guest OS execution.
What are two declarative tools for automation?
Ansible Puppet
You want to add a device to your network and use pyATS to test its inclusion. what file would need to be updated first to include this device?
Answer: Test Bed File (not job or test cases)
What are the layers in the UCM XML stack?
Application AXL ( the API - Administrative XML) SOAP (protocol) XML (the encoding) HTTP(s) - transport
RESTCONF Auth Model
Basic Auth (check this)
REST Authentication
Basic, API Key (string, header, cookie), Custom Token
What are three SD-WAN configuration management methods?
CLI-Mode (box by box) CLI Templates (config with vars) Feature/device templates
Meraki API's
Captive Portal (control of Content), Scanning API (location) MV Sense Camera (machine learning at edge) Dashboard API (supports action badges)
What is a name of a procedural automation tool
Chef or Puppet
What is ISE?
Identity Services Engine
What are some AMP features?
In memory - exploit protection and system process protection On Disk - AMP Cloud, malicious activity protection, TETRA, Custom detections Post infection - Cognitive threat analytics, device flow correlation cloud IOC's endpoint IOC's
CI/CD is ?
Infrastructure automation Stages: build - test - deploy Pipeline can be triggered manually or automatically
What are advantages of Bare Metal Servers?
Inter-app communication is fast Offers the best performance Conflicts are rare NOTE: It is not optimal for HW usage Migration is not easy
What is Container
Isolated environment for multiple apps to run on the same server
What is Finesse?
Management agent that is on a supervisor's desktop to manage a call center experience
What is the southbound API in DNAC
Multivendor Support
What are 4 components of Cisco NSO?
NSO: Network Services Orchestrator Service Manager Device Manager Mapping Logic Config Dbase
Controller level vs Device Level mgmt
Network controller allows abstraction and central admin. Allows scale Device level provides more granular access to features
What is firepower?
Next Generation firewall
What protocol is used to propagate routing information in the overlay network on a Cisco SD-WAN Fabric?
Overlay Management Protocol (OMP)
What are steps in the devops loop?
Plan Code Build test release deploy operate monitor -- then repeat --
What are 6 stages of SDLC?
Plan define design build test deploy
What is missing in this python statement? "response = requests.????(url, data, headers)
This missing a "POST"
What is declarative automation
This refers to stating (declaring) the objective - what is your goal?
For RESTCONF give transport, port#, encoding format
Transport is HTTP(s) Port 80/443 XML or JSON, formatted in YANG
T/F API Keys are used to confirm identity of use or app.
True
T/F YAML format pays attention to whitespace
True
T/F - Chef is procedural
True - chef describes how to get to the end goal
T/F - Test Driven Dev forces you to think of the interface first?
True - you have to consider the interface in order to write the test functions
For which UCS Platform is the UCS Python SDK Built?
UCS Manager
What are the four parts of the HTTP packet?
URL, Method, Headers, Body
What is the overall manager of collaboration solutions
Unified Communications Manager
What is Acyclic dependancy?
When procedure A calls b(), and procedure b also calls A()
Compare VM to Container
Where VM's abstract an OS, containers abstract an application environment.
First thing in Test Driven Dev?
Write Test first
Data format using tags
XML
NETCONF Encoded content type
XML
NETCONF data format
XML
What Data format is used with NETCONF?
XML
YANG Data Format
XML
Yang format type
XML
RESTCONF data encoding
XML JSON
What data formats work for RESTCONF?
XML JSON
What module is used for parsing XML documents?
XML.etree.ElementTree
In CUCM (unified comms) AXL is a ________ based interface?
XML/Rest
What language Ansible Playbook written in?
YAML
Ansible Notation
YAML notation
NETCONF Underlying data model
YANG
RESTCONF Underlying data model
YANG
What is the python development kit for YANG?
YDK-py
Is Ansible a push or pull tool?
You PUSH (no agent on device)
What is api url format to post webex webhook?
api.ciscospark.com/v1/webhooks
Private cloud Advantages
flexible secure scalable
What library do you import in python for ACI Fabric API's?
from acitoolkit import acitoolkit also possibly: from credentials import *
What command is used to create a new branch (git)?
git branch -b <branchname> (git branch\n shows current branch)
What git command moves to a new branch?
git checkout branchname 'git checkout -b branchname' will create a new branch and then move
What git command makes a local copy of a remote repo?
git clone <remoteRepoURL>
What git command gets latest files from remote and updates your local repo?
git pull
What is the git command to move your work to the remote repository?
git push remoteName remoteBranch
Benefits of Code review process
higher quality software more cohesive team deliver on time find defects find inefficient code
What is Meraki API URL format?
https://api.meraki.com/api/v0 /organizations/{{orgId}}/networks
ACI URL for API
https://apicHostAddress/api/{MO |class}/{dn | classname}.{xml | json} [options]
Where is the Meraki API key generated?
in the dashboard API access section
What is the term to refer to Ansible's input files where variables are stored?
inventory
What is Ansible inventory file?
inventory of systems you will run modules against Contains list of hosts in groupings (so different types can be in the same file)
Command to enable RESTCONF on NXS OS
ip http secure-server enable with 'restconf' in config mode
What special characters can be used to apply filters on an extended API call response?
question mark ampersand
EDGE Advantages
lower latency, offloading, network efficiency, lower transport costs
What are the pip library you install for Meraki?
meraki use "pip install meraki"
How do you create a tenant in python with the acitoolkit?
newTenent = acitoolkit.tenant( name) // name is a string
Public cloud deployment advantages
no cap expense no maintenance scalability reliability
Name as many tenants of Agile approach as possible (there are 12)
o Cust. Sat provided through regular customer interaction o Requirements changes are welcome o Frequent delivery of working software o Close daily interaction between stakeholders o Projects build around motivated people, who are trustworthy o Face to face is best o Working software is the best measure of progress o Continuous attention on excellence and good design o Simplicity is essential o Best stuff comes from self-organizing teams o Teams regularly reflect on self improvement
What is Bare Metal
physical server dedicated to a single tenant
What python module is used to convert xml to a dictionary object?
pip install xmltodict in python file: import xmltodict
You have received a token for your REST API. How do you provide it?
populate the "X-Auth-token" request header
What are the cycle steps in test-driven development?
write test test fails write code test passes refactor
What is DNAC API format for retrieving a token?
{{dnac}}:{{port}}/api/system/v1/auth/token
What is DNAC API format for retrieving a list of devices?
{{dnac}}:{{port}}/api/v1/network-device/1/14 the "1/14" part is unclear to me if that's specifying routers, or something else.