cts4743 final

Which of the following statements are true about networking concepts?

- A layer 3 firewall is basically a router with special software to drops packets based on definitions provided - With a VLAN, a broadcast domain (subnet) can span multiple Ethernet switches - Low number ports are typically reserved for "well-known" server applications

Which of the following is true about application development & infrastructure teams/approaches as it relates to troubleshooting?

- An infrastructure focused approach to troubleshooting would include checking system capacity early in the process - A disadvantage to an infrastructure focused approach is that you may end up chasing issues not related to the problem at hand - Even if a problem appears to be application related, infrastructure personnel should remain engaged - Both application and infrastructure focused approaches are appropriate and can be followed concurrently

The following are the answers provided to the above: Ask the ITSM practitioner if any relevant changes were performed recently - no relevant changes found in last two days Ask the ITSM practitioner (with access to the Helpdesk) & business user representative if any other applications are experiencing performance problems - No other applications experiencing issues Ask the business user representative if they can provide the IP address of a user with the problem - The IP address 10.4.53.5 is provided Ask the business user representative which application screens/functions appear to be working and which are not - It appears that any screens that perform updates are not responding or timing out, while read-only screens seem to be responding Ask the Web Hosting engineer to see if any of the members in the load balancer pool for this application are down - No pool members are down Ask the Server engineer if any

- Ask the Database administrator to see if there are any conditions preventing write activity to the database - Ask the Database administrator to check the diskspace on the server where the transaction log resides - Ask the ITSM practitioner if there have been any similar issues in the past

Scenario #2 - Calls come in that one of our external partners are failing to get responses back from one of the "CCAPP" web services. Select the three most appropriate initial questions to ask/actions to take.

- Ask the ITSM practitioner if any relevant changes were performed recently - Ask the business user representative to confirm that the application screens/functions are working for internal users as expected - Ask the ITSM practitioner & business user representative if any other applications or external partners are experiencing problems

For the rest of this quiz, use the following application architecture description as the basis to answer the below questions: Overview - The application is called "CCAPP". It has a web-based front-end interface and exposes several services for other applications to utilize. Web Infrastructure - All the application components are written in .NET and deployed on 2 app pools on 3 IIS servers named WIIS1.acme.com (with IP 10.20.10.101), WIIS2.acme.com (with IP 10.20.10.102), & WIIS3.acme.com (with IP 10.20.10.103) - they each listen on port 80. One app pool is for the web-based user interface and utilizes the "/ccapp" virtual directory, while the other app pool is for the web services and uses the "/ccapp-apis" virtual directory The IIS servers are part of two pools (one for each virtual directory) front-ended by a load balancer. The load balancer exposes two VIPs (ccapp.acme.com with IP 204.153.78.20 f

- Ask the ITSM practitioner if any relevant changes were performed recently - Ask the business user representative which application screens/functions appear to be working and which are not - Ask the ITSM practitioner & business user representative if any other applications are experiencing performance problems

Scenario #2 - Calls come in that one of our external partners are failing to get responses back from one of the "CCAPP" web services. The following are the answers provided to the above: Ask the ITSM practitioner if any relevant changes were performed recently - no relevant changes found in last two days Ask the ITSM practitioner (with access to the Helpdesk) & business user representative if any other applications or external partners are experiencing problems - No other applications or external partners experiencing issues Ask the business user representative to confirm that the application screens/functions are working for internal users as expected - Internal users are working as expected Ask the business user representative to acquire the IP address of the external partner experiencing the problem - The IP address of the external partner is 153.23.24.11 Ask the Web Hosting engineer to see if any

- Ask the Web Hosting engineer to look in the logs for access attempts from the external partner's IP address (153.23.24.11) in the X-Forwarded-For HTTP Header to see what HTTP response codes are being sent back to them - Ask the Network engineer to perform a packet capture on the external firewall to capture any packets to and from 153.23.24.11 - Ask the ITSM practitioner if there have been any similar issues in the past

Which of the following are true about CPU, I/O, RAM and Network constraints?

- CPU constraints can be addressed by tuning the application, increasing CPU power or spreading the workload - When a system is RAM constrained, the swapping rate and kernel time on the operating system would be high - Network performance issues are more likely to be rooted outside of the host experiencing the delays

Which of the following statements are true about programming & database concepts?

- Detailed applications log files are an example of instrumentation - Some of the primary services offered by database servers include security, access optimization, replication and durability - Relational databases offer durability by committed all changes to a log prior to updating the database

Which of the following statements are NOT considered IT Troubleshooting goals?

- Explaining how your code works - Improving your technical experience - Instrumenting your code

Which of the following statements are true?

- Hypervisors contain a "Hardware Abstraction Layer" while containers do not - On both Windows & Linux, some utilities require administrative privileges - Having baseline metrics for comparison when performance is acceptable is a great way to determine if you have a problem - ITIM (IT Infrastructure Monitoring) tools allow you to review the statistics of many servers through one interface and provide historical trend reporting

Which of the following statements are NOT considered IT Troubleshooting principles?

- If possible, make multiple changes at a time to get user working quickly - Backout all changes that were recently implemented - Recycle systems immediately to resolve the situation - Avoid engaging users and application development teams unless absolutely necessary

Which of the following are dimensions of problems/constraints that should NOT be considered when trying to isolate a problem?

- Interesting vs. Dull - Difficult vs. Simple - High profile vs. Unimportant

Which of the following is true about application architecture patterns?

- Latency & "Cold starts" are common problems with some of cloud native services, especially if lightly used - With a Microservices application architecture, it is often simpler to focus on the tiers & layers of similarly deployed services, while also documenting the relationship between the services - Database server proximity is typically important for client-server applications as well as the application server of web-based applications - Application layering influences, but does not dictate, application tiering

Which of the following is true about hosting platforms?

- Poorly executing database queries can be solved by updating statistics and/or adding an appropriate index - Most often, application servers also include at least a thin HTTP (web) server - Since HTML, JavaScript and CSS can execute on the browser, your code could be impacted by a different browser or even version of a browser - All requests to a web or application server are typically logged and can include the IP of the client, the HTTP request method, the HTTP response code, URI, etc.

Which of the following disciplines are NOT typically considered "IT Infrastructure Support"?

- Project Management - Application Development - Information Security - data analytics

Which of the following statements are true about application architecture techniques?

- There are two common methods of employing "session stickiness" on a load balancer (session cookie-based or client IP-based) - There could be multiple consumers and/or producers for any given message queue - Due its unattended nature, job scheduling requires thoughtful error checking and notification - Content Delivery Networks have evolved into full reverse proxies that automatically pull updates, support dynamic content retrieval from backend servers, and can even include security features like DDoS prevention and WAF functionality

Which of the following statements are considered IT Troubleshooting steps?

- Verify that a problem actually exists - Devise the best approach to address the problem - Isolate the cause of the problem - Ensure a clear understanding of the problem and its history

Which of the following statements are true about Operating System concepts?

- Windows & Linux both work with hierarchical filesystems - The "Process" is the primary logical unit of an operating system - Hardware decoupling & automatic failover are two of the primary advantages of virtualization

Which concepts are considered a core feature/expectation of cloud computing?

-Metered -Elastically scalable -Provider managed hardware & physical environment -Software defined - self service

Which of the following are emerging industry trends do NOT affect most Enterprise IT organizations today?

-self driving cars, 5g cellular standard, foldable mobile devices, quantum computing

You use the ping command with my.fiu.edu. Assuming no domain search list, place the steps that occur to find the IP address to use.

1) OS looks in local hosts file for "my.fiu.edu"; If found then use IP address(es) 2) OS looks in local DNS cache for "my.fiu.edu"; If found and TTL has not expired, uses IP address(es) 3) OS makes request to local DNS server(s) for "my.fiu.edu" 4)if "my.fiu.edu" is not found or expired in local DNS server, then it looks for "fiu.edu" authoritative server in its cache. 5) If "fiu.edu" authoritative servers are not in cache, then local DNS server makes request to ".edu" root domain servers for IP address(es) of "fiu.edu" authoritative DNS server(s) 6)Once known, local DNS Server makes request to "fiu.edu" authoritative server(s) for "my.fiu.edu"

Provide at least two distinctly different plausible causes and how to test for them (include tools to utilize or procedures to follow and what you would be looking for). - 10 points (5 extra credit points for each additional plausible root cause after the first three)

1. Load Balancer issues: i would perform health checks on the load balancer for reported issues by reviewing logs, checking for unusual spikes in traffic or latency issues. 2. Network issues: i can use ping to check latency between servers and database or wireshark to analyze network traffic to check for packet loss or patterns. 3. Database issues: sql server management studio can be used to check database queries for the ccapp interface. Resource usage can be minitored on the sql server as well. Performance monitor is another tool useful for checking the cpu,memory,disk etc.

Match the HTTP response code number to its category: Informational: The request was received, continuing process

1xx

Match the HTTP response code number to its category: Successful: The request was successfully received, understood, and accepted

2xx

Match the HTTP response code number to its category: Redirection: Further action needs to be taken in order to complete the request

3xx

Match the HTTP response code number to its category: Client Error: The request contains bad syntax or cannot be fulfilled

4xx

Match the HTTP response code number to its category: Server Error: The server failed to fulfill an apparently valid request

5xx

CPU utilization %

CPU

Match the key statistic to the type to constraint it should be used to identify (there will be multiple matches): Processor queue length divided by number of processors

CPU

A 2-layer and often 2-tier application architecture pattern that typically utilizes a complex front-end application communicating with a shared back-end database

Client-Server

Match the potential problem to the type of platform it relates to: Sessions being blocked by other sessions due to acidic transactional lock

Database server

AWS' cloud computing offering

EC2

Refers to a cloud computing deployement model where services are offered by both third-party vendors and corporate/enterprise IT

Hybrid cloud

I/O Queue Length CPU I/O Wait %

I/O

ARP

IP to MaC address matching for local network communications

Compare and contrast Incident and Problem Management. The more detail & examples provided, the more points you earn.

Incident management deals with incidents currently affecting business operations while problem management occurs after the fact of dealing with the root cause of the incidents in order to avoid a recurrence. The primary goal of project management is to prevent and eliminate incidents and reduce the impact of unpreventable accidents, while incident managements main goal is to resume service operations as quickly as possible.

A cloud service offering whereby virtual computing (VMs) are provided

LaaS

Paging swap rate

Memory

Asynchronous communication between two processes with guaranteed delivery

Message queing

Network bandwidth used

Network

A cloud service offering whereby a specific type of technology function (e.g. database, application server) is provided

PaaS

I/O Queue Length by disk

Resource monitor

A style of software design whereby you break-up the business logic portion of your application into smaller independent portions that communicate with each other

SOA and microservices

A cloud service offering whereby a fully functional application is provided to the customer with only application configuration options/customizations are available

SaaS

A fairly new and popular subset of the Cloud Native application architecture pattern

Serverless/FaaS

Compare and contrast the various storage access methods and types of storage. The more detail provided, the more points.

Storage access methods include the block mode access and file mode access. With block mode, the operating system will read and write blocks from the storage device while with file mode, the OS reads from the entire file from the permanent storage location. File mode is more efficient for applications like word where an entire file needs to be processed as opposed to block mode which is useful for database servers that only need a portion of the database files to read and write. There is also many types of storage hardware, such as mechanical spinning disks which are cheaper than an SSD and is primarily used for storing a large amount of data that is not frequently accessed. An SSD is the most primarily used within Enterprise IT for highly used storage and offer better performance. The most rarely used is called Tape, which was used for backups, however now it is preferred to backup data to another mechanical storage at another location for offline backups.

Hard Faults/PF Delta

Task Manager, Resource Monitor

Match the key statistic to the tool on Windows which would be most appropriate to help you measure it (there will be multiple matches): Per process CPU utilization

Task Manager, resource monitor

DHCP:

UDP based protocol that provides IP addresses to hosts (typically PCs, Phones, IoT devices)

DNS:

UDP based protocol used to turn names into IP addresses

Given the fact that slow performance seems to be rooted in a particular server (you can choose whether it's Windows or Linux), describe four distinctly different actions you would take to identify the type of constraint occurring - include tools used and metrics analyzed. The more detail & examples provided, the more points you earn. (5 extra credit points for each additional action after the first five)

Using linux, i would first determine if CPU and RAM is constrained by using the top command to find the top processes and usage information on the overall system and check the load average to determine the wait queue and uptime. If i need more info, i will use vmstat to see the swapping rate and to check the blocked processes to determine if the cpu is constrained, to determine if the RAM is constrained i could check the swap section to see if the values are a hundred or more. To determine if the IO is constrained, i will use iostat -xt to determine which mount point is I/O constrained by focusing on the avgqu-sz metric to check how much I/O constraint each disk has, await for the average wait time in the disk queue, and %util to check if the percentage is consistently at 100% which would indicate a problem.If their is a disk space issue, df command can display the disk space with -k added to find the amount in kilobytes.

Instrumentation

ability to monitor / measure the level of applications performance , to diagnose errors, and to write trace information

Concurrent requests exceeded the amount allowed causing rejections and/or delays

both

Errors in logs indicate that a product patch is needed

both(database/web application)

Focus is on addressing three key elements of integration (type of access, type of connectivity and method of authentication)

business to business

Match the application architecture pattern with a key element unique to it. Only utilize PaaS services without needing to rely on accessing any underling operating system

cloud native

NAT

converts a private IP to a public IP and vice versa

Low Buffer cache-hit ratio causing most data to be retrieved from disk

database server

Poorly executing queries taking up a large amount of CPU and/or I/O

database server

Transaction log getting full disallowing any further writes to the database

database server

Disk space used

df

View application & system logs

event viewer

Match cloud term to definition: A relatively new paradigm which focuses on offloading or moving processing and storage to endpoint devices consuming cloud services

fog computing

Uses DNS redirection to point the user to the VIP that should be accessed

global load balancer

Per process network bandwidth used

iftop

I/O Queue Length by disk

iostat

Match the key statistic to the tool on Linux which would be most appropriate to help you measure it (there will be multiple matches): Per process disk I/O used

iotop

Can start programs based on date/time, creation of a file, completion of a task, etc.

job scheduling

Event-based execution on programs without user interaction

job scheduling

Match the OSI layer(s) to the type of communication: Device to Device

layer 2

Match the OSI layer(s) to the type of communication: Host to Host

layer 3

Process to process

layer 4

application to application

layer 5-7

Match the application architecture technique to its description: Front-ending multiple servers/processes that perform the same function, but only sending traffic to the healthy ones

load balancer

Session stickiness

local load baalncer

Can perform health-checking to determine which server to send work to

local load balancer

Number of CPUs

lscpu

Which processes are listening on which ports

netstat

Can be used to restrict the network level access of guests

network segmentation

Browser incompatibility causing application to "look funny"

none

CPU uptime

none

Disk space allocated

none

Acts as a "man-in-the-middle" by transparently relaying communications between two processes

proxying

Refers to a cloud computing deployment model where services are offered by a third-party vendor independently of corporate/enterprise IT

public cloud

View/Edit Registry entries

regedit

Per process network bandwidth used

resource monitor

Which processes are listening on which ports

resource monitor,netstat

Framework

software providing generic functionality to ease burden of common programming tasks

SAN

storage infrastructure consisting of a dedicated network(typically fiber channel) and storage devices

Number & type of physical CPUs

system information

CPU uptime

task manager

Legacy character-based applications that can be deployed on 2, 3 or n-tier architectures

terminal emulation

Load average

top

Per process CPU utilization

top

Allowing direct network layer communication between devices that otherwise could not communicate

tunneling

Can allow private IP addresses to communicate over the Internet

tunneling

Paging swap rate

vmstat

3-layers and 3-tiers in its basic form, but can get complex; Solves some of the issues with the client-server architecture

web based

Match the functionality to the application architecture technique (Answers can be used multiple times): Used to block users from accessing restricted web sites

web proxy

Lack of code instrumentation causing difficulty isolating where the problem resides

web/application server

Long waits on remote resource calls causing 5xx response codes

web/application server