ISQA 8380
Explain Conway's Law.
"Any organization that designs a system (defined broadly) will produce a design whose structure is a copy of the organization's communication structure." Software architecture mirrors organizational structure
Be able to describe the differences between 3/4G networks such as Sprint and Verizon, 802.11b (WIFI) and Bluetooth networks and the best uses for each of these wireless standards.
3/4G Networks: Uses digital cellular networks, Available where digital cellular phones can operate, speeds from 2 to 100 megabits per second. Wifi - Local Area Wireless Standards 802.11b/g/n: Local area (up to a thousand feet from access points). Fast and getting faster - moving to 200 megabit per second and beyond, best for homes, schools, and retail. Blue Tooth: Replaces connecting devices to computers with cables. Replaces infrared ports. Synchronizes multiple devices. Speed is 1 megabit per second
What is a rule engine and why do companies use a business rule engine rather than developing the rules in Java or .NET as they might have in the past?
A process server and a business rule engine replace hard coded logic to orchestrate business processes. This enterprise service bus connects to services, message based middleware such as MQ series. ERPs come with standard built in workflow for standard processes and a rule engine that can be configured for automated decision making
Be able to explain service oriented architecture (SOA) systems and how they differ from other ways that stems are typically built for companies
A service-oriented architecture (SOA) is a style of software design where services are provided to the other components by application components, through a communication protocol over a network. The basic principles of service-oriented architecture are independent of vendors, products and technologies. A service is a discrete unit of functionality that can be accessed remotely and acted upon and updated independently, such as retrieving a credit card statement online. An enterprise service bus (ESB) is a software architecture model used for designing and implementing communication between mutually interacting software applications in a service-oriented architecture (SOA).
Explain each element of ACID abbreviation is it relates to transaction processing.
Atomicity. All or nothing. All steps that are part of a transaction are completed, or none are. Consistency. A transaction must transform the database from one valid state to another (or abort). Independence/Isolation. A transaction's behavior is not affected by other transaction running concurrently. (Partial results of transactions in progress are not visible to other transactions.) Durability. Once a transaction is committed, its results should survive, even if there is subsequent system failure.
What is BPMN and how is it used?
BPMN stands for Business Process Modeling Notation. It features three levels of modeling notation which include: Level 1 - descriptive modeling - business oriented, high level; Level 2 - analytical modeling - can describe activities flows precisely including exception paths; Level 3 - executable modeling - new in BPMN V2 and still under construction by major backers Oracle, IBM and SAP
What is the value of a rule engine within an integration broker like Microsoft's BizTalk?
BizTalk is a connectivity and integration solution that facilitates integration between disparate applications and solutions using more than 25 multi-platform adapters. In addition to this integration functionality, BizTalk provides messaging, business activity monitoring, and a rules engine BizTalk enables the application of a rule engine across disparate applications and solutions
What is BPEL (What does it stand for? How is it used in the development of SOA applications?
Business Process Execution Language, platform independent, XML-based. A language to specify the behavior of business processes between Web services and as Web services. Contains process flow constructs for conditional branching, parallel processes, nested sub-processes, process joins, etc
Explain what the characteristics of an application that would benefit from using a rule engine and those that would not benefit. Give three examples of applications that have made good use of a rule engine.
Business rules provide a natural means for line of business users to manage policies that determine how frequently occurring decisions can be automated. The automation of complex business decisions has many applications, such as determining insurance cost based on driving record. A business rules engine is a software system that executes one or more business rules in a run time production environment
Explain the value of caching objects in distributed applications
Cache has faster access time and smaller relative memory
Be able to explain these concepts of performance: capacity planning, workload principle, efficiency principle, sharing principle, ways to increase performance using database access tuning, tradeoff principle, parallelism principle, centering principle.
Capacity Planning: Capacity planning is the process of predicting when future load levels will saturate the system and of determining the most cost effective way of delaying system saturation as much as possible. Workload Principle: Minimize the total processing load Efficiency Principle: Make the best of what you have Sharing Principle: Share resources without creating bottlenecks Database Access Tuning: Exclusive locking inhibits sharing. Mass update programs should lock entire tables Trade-off Principle: Use one resource to reduce demand for another Parallelism Principle: Increase the number of things happening at the same time Centering Principle: Find the biggest bottleneck and eliminate it. Repeat.
Be able to draw an architecture model of a Service Oriented architecture and explain each layer in the architecture and how it communicates with each other
Composite applications > reusable business services > data repository
Explain what continuous delivery means and why it is valuable to a company. Explain how it is related to continuous integration.
Continuous Delivery is the ability to get changes of all types—including new features, configuration changes, bug fixes and experiments—into production, or into the hands of users, safely and quickly in a sustainable way. Our goal is to make deployments—whether of a large-scale distributed system, a complex production environment, an embedded system, or an app—predictable, routine affairs that can be performed on demand
Explain what continuous integration means in agile development projects and why it is valuable.
Continuous Integration (CI) is a development practice that requires developers to integrate code into a shared repository several times a day. Each check-in is then verified by an automated build, allowing teams to detect problems early. By integrating regularly, you can detect errors quickly, and locate them more easily.
Describe popular architectural models of disaster recovery
Disaster Recover for small to medium companies is likely to come from the cloud. High speed LAN's (Local Area Networks) and WAN's (Wide Area Networks). SAN (Storage Area Networks) A storage area network (SAN) is a dedicated network that provides access to consolidated, block level data storage for many different servers using different operation system. NAS (Network Attached Storage) are devices the can be appear as a virtual hard drive using file protocols on a network. Virtual Tape Systems are technology that has replaced tape backup systems with disk, data compression and data duplication Virtual Machines - is an emulation of a particular computer system. Desktop Virtualization - emulates a windows desktop environment on a server and it can be connected using a Windows, MAC or even tablet device. Popular version includes: Citrix and VMWare Traditional Disaster Recovery and Business Continuity Vendor hosting services include IBM and SunGard
Explain what disaster recovery and business continuity are and the difference in their scope
Disaster Recovery is the ability of an organization to recover it's IT and telecommunications facilities in the event of a disaster Business Continuity is a process of identifying potential threats to the business and creating plans to ensure the business can recovery from the threat. Part of the planning process is determining which processes are critical to the survival of the business in the short term
Be able to explain what drives organizations to move from traditional, monolithic application architecture to miniservice or microservice application architecture. Explain the technical and organizational changes required to successfully move to miniservice or microservice architecture.
Drivers: The need for speed and agility in key! (HUDL Example), Ability to rapidly and continuously innovate with improved products and services. Potentially hundreds of deployments a day. Need to be able to scale quickly. Need to reduce risk in deployments - MSA deployments are small and independent. Technology flexibility - loose coupling means development teams can use a variety of technologies to implement different facets of an application. Lean IT is a movement to speed the delivery of product and eliminate waste in the process. It means moving away from batch delivery to continuous flow. Agile was designed to continuously produce small release and is a perfect fit to enable continuous flow. DevOps is a culture and movement where building, testing, and releasing software can happen rapidly, frequently and more reliably DevOps is a Fundamental Change in Process and Culture: Collaboration between development and operations. Improving and automating handoffs between silos. Removing constraints and opening up bottlenecks. Improving the flow of code from ideation to Delivery. Creating feedback loops at every stage
Describe the role of Application Service Providers and Cloud vendors in your disaster recovery plans
Dual Data Centers - both owned by a company usually at least 30 miles or more apart. Production one site / Test and Development on second site ASP Hosting of Data Centers - Vendor hosts Production, Test and Development in one or more of their hosting sites. In the event of a disaster in one of their sites, they should be compelled to recover systems in a short time based on your contract. Single data center and disaster recovery partner. Production, Test, Development one site / disaster recovery provider like SunGard provides second site
Describe the meaning and examples of object characteristics: encapsulation, messaging, inheritance, polymorphism.
Encapsulation: Grouping the characteristics and behaviors together in one entity (a class or object) (e.g. a car) Messaging: The creation, storage, exchange, and management of text, images, voice, telex, fax , e-mail, paging, and Electronic Data Interchange ( EDI ) over a communications network Inheritance: New class absorbs the data and methods of the existing class Polymorphism: The ability of an object to take on many forms. The most common use of polymorphism in OOP occurs when a parent class reference is used to refer to a child class object
Be able to explain the difference between formal, informal, de facto and public specifications as IT standards.
Formal: de jure. Defined by formally recognized standards bodies Informal: Defined by informal standards groups, e.g. vendor consortia, trade associations, user groups De facto: widely used, but not defined by consensus process Public specifications: none of the above, but established by consensus
Explain the difference between load testing and functional testing. Explain how manual and load testing are done.
Functional Testing: Objective is Functionality Load Testing: Objective of Stability Manual Load Testing: All of you, click on the GO button again Automated Load Testing: Replaces testers with virtual users running on only a few machines and analyzes the results and repeats the tests with scripted actions
Describe the difference between traditional computing and cloud computing in terms of acquisition, business, access, and technical models.
Gartner defines cloud computing as "a style of computing where massively scalable (and elastic) IT-related capabilities are provided 'as a service' to external customers using Internet technologies." Paying for hard assets vs. paying for scalable, virtual assets
What are some of the features of HTML5 which make it attractive for mobile development? What are rich internet plugins and why are they be threatened by HTML5?
HTML5 - Hypertext Markup Language V5: Its capabilities are constantly improving, Cross-platform compatibility, Remote upgrades, It can be used develop hybrid apps with CSS and JavaScript for use across platforms. Rich internet plugin users generally need to install a software framework using the computer's operating system before launching the application, the main difference from HTML5
Be able to explain how workflow can be used in a Service Oriented Architecture system.
High-level programming languages such as BPEL and specifications such as WS-CDL and WS-Coordination extend the service concept by providing a method of defining and supporting orchestration of fine-grained services into more coarse-grained business services, which architects can in turn incorporate into workflows and business processes implemented in composite applications or portals
What is a HIP and it relates to cloud platforms? What is the value of a HIP?
Hybrid Integration Platform (HIP): Combination of on premise integration, iPaaS and iSaaS, Self-service provisioning/use Best when a combination of application, data and process integration is needed
What does a transaction processor do for large scale applications that might not be done by a database alone? Give an example of a transaction processor (either a mainframe or UNIX transaction processor).
In high transaction volume environments, transaction processing monitors provide both transaction management and process management. TP monitor hands off client request to an available process on server. Server process dynamically causes appropriate application function to execute process-per-client requirement is removed. Reservation systems are just one example of on-line transaction processing systems. The most significant TP monitor feature for client/server developers is its ability to multiplex and manage transactions to reduce the process load on the database server
Explain what DevOps means and how it is changing the delivery of IT projects. Why is a strong DevOps culture is required when moving to miniservice or microservice archecture
Is a culture , movement or practice that emphasizes the collaboration and communication of both software developers and other information technology (IT) professionals while automating the process of software delivery and infrastructure changes. It aims at establishing a culture and environment where building, testing, and releasing software can happen rapidly, frequently, and more reliably. DevOps is a fundamental change for speed and agility. Collaboration between development and operations. Improving and automating handoffs between silos. Removing constraints and opening up bottlenecks. Improving the flow of code from ideation to Delivery. Creating feedback loops at every stage
Explain what the MQTT protocol is and what what technology is frequently using this protocol.
MQTT stands for MQ Telemetry Transport. It is a publish/subscribe, extremely simple and lightweight messaging protocol, designed for constrained devices and low-bandwidth, high-latency or unreliable networks. These principles also turn out to make the protocol ideal of the emerging "machine-to-machine" (M2M) or "Internet of Things" world of connected devices, and for mobile applications where bandwidth and battery power are at a premium
Explain the advantages of a microservice and miniservice architecture and what drives a business to consider moving to a miniservice or microservice architecture.
MSA advantages included services around business capabilities, decentralized governance, decentralized data management, infrastructure automation, and design for failure Drivers include the need for speed and agility, technological flexibility, the need to scale quickly, the need to rapidly innovate and continuously improve
Explain the microservice and miniservice architectures and compare them to the traditional SOA architecture.
Macroservice = Application Miniservice = Domain Microservice = Feature Decreasing granularity. MSA values agility and scalability over web service reuse and many other traditional approaches to development. A microservice is a tightly scoped, strongly encapsulated, loosely coupled, independently deployable and independently scalable application component. Microservice Architecture (MSA) involves development of an application from a number of microservices and a coordinating application service. Unlike traditional, monolithic SOA, MSA does not typically use or value an ESB, the controlling application replaces it's function
Be able to exam the various approaches to mobile and the criteria to determine when to use the different approaches to Mobile App development including: RMA, MWA, Hybrid, Managed Container, etc.
Mobile development has evolved from native and web as the primary choices for mobile development to a broad range of choices based on the needs of the customers and suppliers of the application. Portable and Web Apps Dominate for Maximum Device Flexibility New Tools Will Make it Easier to Build Hybrid Apps for IT and Business Developers RMA: Resident Mobile Applications execute directly atop the mobile operating system MWA: Mobile Web Applications run in a browser. Typically consists of HTML, CSS and Javascript using responsive design. Hybrid Apps: Features developing web tools like jQuery mobile and then runs mobile app through a build process for Apple or Android store (e.g., Apache Cordova). The communication between web app and native app normally happens over JavaScript via custom built API's. Single source codebase written HTML 5, CSS 3, JavaScript. Mashing up browser and apps based applications on mobile devices (e.g., Google Maps embedded in SalesForce) Managed Container: Provides a runtime and management features for an application that you must use with deployment, encryption, and remote wipe capabilities. Managed Container (e.g., Konyone) saves time and resources with development, deployment, and management resources. Same Features, Single Codebase, All Channels Virtualization: The virtualization option is similar to the windows remote desktop application or Citrix for mobile devices. You are connecting to a desktop and running the applications in that location.
Explain the challenges of developing standards for the Internet of Things category - Connected Home Products.
New and emerging market. The big inhibitor to the growth of this technology is a lack of standards. New standards are being developed everyday for new technology such as the Internet of Things
What is the value of business process monitoring after a workflow has been put in place in a workflow driven application?
Orchestration Management. For every business, this reduces operational costs by decreasing waste and rework, increasing efficiency, and improving the cohesion within the company. Advantages include agility, visibility, and efficiency
Describe applications that would benefit from complex event processing and those that would have little or no benefit.
Pre-existing Business Challenges, UP train velocity
Given examples, be able to distinguish between Production Workflow, Transaction Workflow and mail enabled workflow.
Production Workflow: This workflow is usually chart based from one step to the next, always moving forward without ever going back. Transaction Workflow: Executed based on a sequential workflow with rules that dictate the progress of the workflow Mail-Enabled Workflow :Progresses from state to state. This type of workflow is a little more complicated and often returns to previous points in the workflow if necessary
Explain the differences between a public cloud, private cloud and hybrid cloud.
Public Cloud: A public cloud is one in which the services and infrastructure are provided off-site over the Internet. These clouds offer the greatest level of efficiency in shared resources; however, they are also more vulnerable than private clouds Private Cloud: A private cloud is one in which the services and infrastructure are maintained on a private network. These clouds offer the greatest level of security and control, but they require the company to still purchase and maintain all the software and infrastructure, which reduces the cost savings Hybrid Cloud: A hybrid cloud includes a variety of public and private options with multiple providers. By spreading things out over a hybrid cloud, you keep each aspect at your business in the most efficient environment possible. The downside is more to keep track of
Application integration in the mobile can be more complex but may be required by the business to compete. One of the decisions IT and the business needs to make do they develop a RMA (Resident Mobile Application), a Mobile Web Application (MWA) or a Managed Container application. Explain the key features and limitations of each application. Explain what would drive a company to build each of these types of applications.
RMA - Resident Mobile Applications execute directly atop the mobile operating system MWA- Mobile Web Applications run in a browser. Typically consists of HTML, CSS and Javascript using responsive design. Managed container provides a runtime and management features for an application. You must use the framework prescribed by the container developer. This features: Dynamic deployment, Data encryption, Remote wipe capabilities Key Questions: Native experience? Data use and residency? Application and data security? Network connectivity?
Describe how disaster recovery practices can be effectively tested.
Regular tests of BC and DR plans should be conducted at least annually and this is often required by regulators. Disaster recovery models can include multiple company owned data centers, ASP models and DR partner models
Explain data/object replication using a replication manager and data synchronizer.
Replication manager: Must understand where replicated copies are (directory function), Must understand which copies get which changes, Must know how frequently changes are sent Data Synchronizer: Responsible for applying changes to copy, Resolve conflicts, if changes can originate with copies, Bulk loads, vs. periodic updates
Explain what SAML is and how it helps manage the authentication of employees to both on premise and cloud based services.
SAML (Security Assertion Markup Language) allows a company to provide single sign on access to On Premise and Cloud resources to their customers and sales people by using a synchronized LDAP directory
Define simple event process and complex event processing.
Simple event processing involves taking action on traditional events such as customer purchases. Complex Event Processing is real time event processing of information from multiple sources in order to take instant action."
Be able to describe when to use simple event processing and when a complex event processing.
Simple: Bank application processing for a loan Complex: Automated financial trading
Explain the differences between SaaS, PaaS and IaaS and provide leading vendors that provide these services
Software as a service (SaaS) is software that is owned, delivered and managed remotely by one or more providers (SalesForce) Platform as a service (PaaS) is a category of cloud computing services that provides a platform allowing customers to develop, run, and manage web applications without the complexity of building and maintaining the infrastructure typically associated with developing and launching an app (Heroku) Infrastructure as a Service (IaaS) is a form of cloud computing that provides virtualized computing resources over the Internet. This includes compute and storage resources. (Amazon AWS)
As companies consider moving current monolithic systems to a miniservice or microservice architecture there appear to be three popular models: Split, Strangle and Extend. Be able to explain each of these models and why companies might select one model over another.
Split, Strangle, Extend Need to deal with increased latency Monoliths can be easier to refactor Many smaller services have fewer eyeballs to hunt for problems Miniservices and Microservices REQUIRE a company be really good at DevOps and Continuous Integration
Integration of a number of applications with a mobile application is different based on the architecture of the application. Explain how you would integrate backend systems with an RMA Resident Mobile Application) and how this would be different in a Mobile Web Application. Draw an example.
Start with business case and iterate to resolve dependencies Mobile development has evolved from native and web as the primary choices for mobile development to a broad range of choices based on the needs of the customers and suppliers of the application
Be able to explain the difference in standards maturity behind web services and REST and POX. What is the primary driver today for REST/POX standards? What is the driver today for Web Services Standards?
Started with MQ, with XML went to SOAP, then went to JSON and REST that is much lighter. Web applications use JavaScript which have JSON. XML is not light compared to JSON, so JSON is better in the mobile environment. MQTT and gRPC will become more popular in the future. Leading web scale companies realized that REST JSON was becoming a bottleneck, which lead to the creation of gRPC. HTTP/REST = Garden Hose, gRPC = Fire Hose
Be able to explain the value of application portfolio rationalization. Be able to explain the Gartner TIME model for Application Portfolio Rationalization
Systems Architecture: Today > Next Minute > Tomorrow Application rationalization is the radical reshuffling of an application portfolio as part of an application strategy, a plan that implements changes to applications to achieve a business outcome. Application rationalization often occurs after an IT organization accumulates an unmanaged collection of applications through shifting business strategies or mergers and acquisitions. The cleanup can include replacing, retiring, modernizing or consolidating applications. Tolerate - applications receive the minimum amount of maintenance and zero enhancements. They should run at the lowest possible cost, with close attention paid to changing patterns of usage. Invest - applications are the "gold standard." They deliver high business value and they run in a technical environment which is sustainable. These applications should be maintained with the highest standards of documentation and quality assurance, and nurtured for long-term value. Migrate - applications represent a risk to the business. They are necessary applications because the business value is high, but they cannot be used indefinitely because the technical integrity is low. There should be plans in place to move this work to a more appropriate platform. Eliminate - applications should be removed from the portfolio and work transferred elsewhere. "Elsewhere" in this context might mean transferring the work to another application that has similar functionality, or may be going to software as a service, or business process outsourcing.
What is the relationship between today's web application servers and a transaction processor?
TP monitor hands off client request to an available process on server. Transaction processors in distributed environments not only need to keep track of transactions, and be able to recover from them, but they also need to be able to communicate with other servers and TP monitors and keep track of all of those communications
What is the value of loose coupling between programs and services.
Technology flexibility - loose coupling means development teams can use a variety of technologies to implement different facets of an application
Explain throughput, saturation, thrashing as they relate to distributed systems performance.
Throughput is a measure of how many units of information a system can process in a given amount of time Saturation is the maximum amount of throughput a system can handle Thrashing is an activity that that makes little or no progress usually because memory or other resources are exhausted
Be able to explain the steps in a two phase transaction commit. Explain the meaning of rollback and how this is done in a database and in a transaction processor.
Two-Phase Commit: A protocol to ensure atomicity of distributed transactions. Responsible for removing all changes made by failing transaction from all nodes. All updates available to end-users at the same time. Transparent to users. This is very much like what happens during the countdown and liftoff of a spacecraft.
Explain the value of standards in the distributed computing environment.
Use of standards promotes interoperability, portability, and can reduce the complexity of an organization's infrastructure Standards can be powerful enablers of innovation and market growth
Explain what virtual machines are and how they have helped us build both private and public clouds.
Virtual Machines - is an emulation of a particular computer system. It can host popular operating systems such as Linux and Windows server operating systems. Virtualization limits costs by reducing the need for physical hardware systems Virtual machines more efficiently use hardware, which lowers the quantities of hardware and associated maintenance costs, and reduces power and cooling demand. They also ease management because virtual hardware does not fail
As large companies have embraced a microservice architecture they are beginning to adopt a new service protocol - gRPC. Explain what gRPC is, the value of gRPC and why are companies consider moving away from REST and JSON and to gRPC
gRPC is an open source remote procedure call (RPC) system initially developed at Google gRPC will become more popular in the future. Leading web scale companies realized that REST JSON was becoming a bottleneck, which lead to the creation of gRPC. HTTP/REST = Garden Hose, gRPC = Fire Hose gRPC is SOAP on steriods Very new, although is supported by Python and has formal and informal standards organizations
What is iSaaS and when should it be used?
iSaaS: Collections of configurable "cloudstreams" Well defined API's, Application and Data integration, Primarily cloud-cloud-mobile-things (e.g., IFTTT, Zapier) Best when ultra-short time to value is needed