cts4743 final
Which of the following statements are true about networking concepts?
- A layer 3 firewall is basically a router with special software to drops packets based on definitions provided - With a VLAN, a broadcast domain (subnet) can span multiple Ethernet switches - Low number ports are typically reserved for "well-known" server applications
Which of the following is true about application development & infrastructure teams/approaches as it relates to troubleshooting?
- An infrastructure focused approach to troubleshooting would include checking system capacity early in the process - A disadvantage to an infrastructure focused approach is that you may end up chasing issues not related to the problem at hand - Even if a problem appears to be application related, infrastructure personnel should remain engaged - Both application and infrastructure focused approaches are appropriate and can be followed concurrently
The following are the answers provided to the above: Ask the ITSM practitioner if any relevant changes were performed recently - no relevant changes found in last two days Ask the ITSM practitioner (with access to the Helpdesk) & business user representative if any other applications are experiencing performance problems - No other applications experiencing issues Ask the business user representative if they can provide the IP address of a user with the problem - The IP address 10.4.53.5 is provided Ask the business user representative which application screens/functions appear to be working and which are not - It appears that any screens that perform updates are not responding or timing out, while read-only screens seem to be responding Ask the Web Hosting engineer to see if any of the members in the load balancer pool for this application are down - No pool members are down Ask the Server engineer if any
- Ask the Database administrator to see if there are any conditions preventing write activity to the database - Ask the Database administrator to check the diskspace on the server where the transaction log resides - Ask the ITSM practitioner if there have been any similar issues in the past
Scenario #2 - Calls come in that one of our external partners are failing to get responses back from one of the "CCAPP" web services. Select the three most appropriate initial questions to ask/actions to take.
- Ask the ITSM practitioner if any relevant changes were performed recently - Ask the business user representative to confirm that the application screens/functions are working for internal users as expected - Ask the ITSM practitioner & business user representative if any other applications or external partners are experiencing problems
For the rest of this quiz, use the following application architecture description as the basis to answer the below questions: Overview - The application is called "CCAPP". It has a web-based front-end interface and exposes several services for other applications to utilize. Web Infrastructure - All the application components are written in .NET and deployed on 2 app pools on 3 IIS servers named WIIS1.acme.com (with IP 10.20.10.101), WIIS2.acme.com (with IP 10.20.10.102), & WIIS3.acme.com (with IP 10.20.10.103) - they each listen on port 80. One app pool is for the web-based user interface and utilizes the "/ccapp" virtual directory, while the other app pool is for the web services and uses the "/ccapp-apis" virtual directory The IIS servers are part of two pools (one for each virtual directory) front-ended by a load balancer. The load balancer exposes two VIPs (ccapp.acme.com with IP 204.153.78.20 f
- Ask the ITSM practitioner if any relevant changes were performed recently - Ask the business user representative which application screens/functions appear to be working and which are not - Ask the ITSM practitioner & business user representative if any other applications are experiencing performance problems
Scenario #2 - Calls come in that one of our external partners are failing to get responses back from one of the "CCAPP" web services. The following are the answers provided to the above: Ask the ITSM practitioner if any relevant changes were performed recently - no relevant changes found in last two days Ask the ITSM practitioner (with access to the Helpdesk) & business user representative if any other applications or external partners are experiencing problems - No other applications or external partners experiencing issues Ask the business user representative to confirm that the application screens/functions are working for internal users as expected - Internal users are working as expected Ask the business user representative to acquire the IP address of the external partner experiencing the problem - The IP address of the external partner is 153.23.24.11 Ask the Web Hosting engineer to see if any
- Ask the Web Hosting engineer to look in the logs for access attempts from the external partner's IP address (153.23.24.11) in the X-Forwarded-For HTTP Header to see what HTTP response codes are being sent back to them - Ask the Network engineer to perform a packet capture on the external firewall to capture any packets to and from 153.23.24.11 - Ask the ITSM practitioner if there have been any similar issues in the past
Which of the following are true about CPU, I/O, RAM and Network constraints?
- CPU constraints can be addressed by tuning the application, increasing CPU power or spreading the workload - When a system is RAM constrained, the swapping rate and kernel time on the operating system would be high - Network performance issues are more likely to be rooted outside of the host experiencing the delays
Which of the following statements are true about programming & database concepts?
- Detailed applications log files are an example of instrumentation - Some of the primary services offered by database servers include security, access optimization, replication and durability - Relational databases offer durability by committed all changes to a log prior to updating the database
Which of the following statements are NOT considered IT Troubleshooting goals?
- Explaining how your code works - Improving your technical experience - Instrumenting your code
Which of the following statements are true?
- Hypervisors contain a "Hardware Abstraction Layer" while containers do not - On both Windows & Linux, some utilities require administrative privileges - Having baseline metrics for comparison when performance is acceptable is a great way to determine if you have a problem - ITIM (IT Infrastructure Monitoring) tools allow you to review the statistics of many servers through one interface and provide historical trend reporting
Which of the following statements are NOT considered IT Troubleshooting principles?
- If possible, make multiple changes at a time to get user working quickly - Backout all changes that were recently implemented - Recycle systems immediately to resolve the situation - Avoid engaging users and application development teams unless absolutely necessary
Which of the following are dimensions of problems/constraints that should NOT be considered when trying to isolate a problem?
- Interesting vs. Dull - Difficult vs. Simple - High profile vs. Unimportant
Which of the following is true about application architecture patterns?
- Latency & "Cold starts" are common problems with some of cloud native services, especially if lightly used - With a Microservices application architecture, it is often simpler to focus on the tiers & layers of similarly deployed services, while also documenting the relationship between the services - Database server proximity is typically important for client-server applications as well as the application server of web-based applications - Application layering influences, but does not dictate, application tiering
Which of the following is true about hosting platforms?
- Poorly executing database queries can be solved by updating statistics and/or adding an appropriate index - Most often, application servers also include at least a thin HTTP (web) server - Since HTML, JavaScript and CSS can execute on the browser, your code could be impacted by a different browser or even version of a browser - All requests to a web or application server are typically logged and can include the IP of the client, the HTTP request method, the HTTP response code, URI, etc.
Which of the following disciplines are NOT typically considered "IT Infrastructure Support"?
- Project Management - Application Development - Information Security - data analytics
Which of the following statements are true about application architecture techniques?
- There are two common methods of employing "session stickiness" on a load balancer (session cookie-based or client IP-based) - There could be multiple consumers and/or producers for any given message queue - Due its unattended nature, job scheduling requires thoughtful error checking and notification - Content Delivery Networks have evolved into full reverse proxies that automatically pull updates, support dynamic content retrieval from backend servers, and can even include security features like DDoS prevention and WAF functionality
Which of the following statements are considered IT Troubleshooting steps?
- Verify that a problem actually exists - Devise the best approach to address the problem - Isolate the cause of the problem - Ensure a clear understanding of the problem and its history
Which of the following statements are true about Operating System concepts?
- Windows & Linux both work with hierarchical filesystems - The "Process" is the primary logical unit of an operating system - Hardware decoupling & automatic failover are two of the primary advantages of virtualization
Which concepts are considered a core feature/expectation of cloud computing?
-Metered -Elastically scalable -Provider managed hardware & physical environment -Software defined - self service
Which of the following are emerging industry trends do NOT affect most Enterprise IT organizations today?
-self driving cars, 5g cellular standard, foldable mobile devices, quantum computing
You use the ping command with my.fiu.edu. Assuming no domain search list, place the steps that occur to find the IP address to use.
1) OS looks in local hosts file for "my.fiu.edu"; If found then use IP address(es) 2) OS looks in local DNS cache for "my.fiu.edu"; If found and TTL has not expired, uses IP address(es) 3) OS makes request to local DNS server(s) for "my.fiu.edu" 4)if "my.fiu.edu" is not found or expired in local DNS server, then it looks for "fiu.edu" authoritative server in its cache. 5) If "fiu.edu" authoritative servers are not in cache, then local DNS server makes request to ".edu" root domain servers for IP address(es) of "fiu.edu" authoritative DNS server(s) 6)Once known, local DNS Server makes request to "fiu.edu" authoritative server(s) for "my.fiu.edu"
Provide at least two distinctly different plausible causes and how to test for them (include tools to utilize or procedures to follow and what you would be looking for). - 10 points (5 extra credit points for each additional plausible root cause after the first three)
1. Load Balancer issues: i would perform health checks on the load balancer for reported issues by reviewing logs, checking for unusual spikes in traffic or latency issues. 2. Network issues: i can use ping to check latency between servers and database or wireshark to analyze network traffic to check for packet loss or patterns. 3. Database issues: sql server management studio can be used to check database queries for the ccapp interface. Resource usage can be minitored on the sql server as well. Performance monitor is another tool useful for checking the cpu,memory,disk etc.
Match the HTTP response code number to its category: Informational: The request was received, continuing process
1xx
Match the HTTP response code number to its category: Successful: The request was successfully received, understood, and accepted
2xx
Match the HTTP response code number to its category: Redirection: Further action needs to be taken in order to complete the request
3xx
Match the HTTP response code number to its category: Client Error: The request contains bad syntax or cannot be fulfilled
4xx
Match the HTTP response code number to its category: Server Error: The server failed to fulfill an apparently valid request
5xx
CPU utilization %
CPU
Match the key statistic to the type to constraint it should be used to identify (there will be multiple matches): Processor queue length divided by number of processors
CPU
A 2-layer and often 2-tier application architecture pattern that typically utilizes a complex front-end application communicating with a shared back-end database
Client-Server
Match the potential problem to the type of platform it relates to: Sessions being blocked by other sessions due to acidic transactional lock
Database server
AWS' cloud computing offering
EC2
Refers to a cloud computing deployement model where services are offered by both third-party vendors and corporate/enterprise IT
Hybrid cloud
I/O Queue Length CPU I/O Wait %
I/O
ARP
IP to MaC address matching for local network communications
Compare and contrast Incident and Problem Management. The more detail & examples provided, the more points you earn.
Incident management deals with incidents currently affecting business operations while problem management occurs after the fact of dealing with the root cause of the incidents in order to avoid a recurrence. The primary goal of project management is to prevent and eliminate incidents and reduce the impact of unpreventable accidents, while incident managements main goal is to resume service operations as quickly as possible.
A cloud service offering whereby virtual computing (VMs) are provided
LaaS
Paging swap rate
Memory
Asynchronous communication between two processes with guaranteed delivery
Message queing
Network bandwidth used
Network
A cloud service offering whereby a specific type of technology function (e.g. database, application server) is provided
PaaS
I/O Queue Length by disk
Resource monitor
A style of software design whereby you break-up the business logic portion of your application into smaller independent portions that communicate with each other
SOA and microservices
A cloud service offering whereby a fully functional application is provided to the customer with only application configuration options/customizations are available
SaaS
A fairly new and popular subset of the Cloud Native application architecture pattern
Serverless/FaaS
Compare and contrast the various storage access methods and types of storage. The more detail provided, the more points.
Storage access methods include the block mode access and file mode access. With block mode, the operating system will read and write blocks from the storage device while with file mode, the OS reads from the entire file from the permanent storage location. File mode is more efficient for applications like word where an entire file needs to be processed as opposed to block mode which is useful for database servers that only need a portion of the database files to read and write. There is also many types of storage hardware, such as mechanical spinning disks which are cheaper than an SSD and is primarily used for storing a large amount of data that is not frequently accessed. An SSD is the most primarily used within Enterprise IT for highly used storage and offer better performance. The most rarely used is called Tape, which was used for backups, however now it is preferred to backup data to another mechanical storage at another location for offline backups.
Hard Faults/PF Delta
Task Manager, Resource Monitor
Match the key statistic to the tool on Windows which would be most appropriate to help you measure it (there will be multiple matches): Per process CPU utilization
Task Manager, resource monitor
DHCP:
UDP based protocol that provides IP addresses to hosts (typically PCs, Phones, IoT devices)
DNS:
UDP based protocol used to turn names into IP addresses
Given the fact that slow performance seems to be rooted in a particular server (you can choose whether it's Windows or Linux), describe four distinctly different actions you would take to identify the type of constraint occurring - include tools used and metrics analyzed. The more detail & examples provided, the more points you earn. (5 extra credit points for each additional action after the first five)
Using linux, i would first determine if CPU and RAM is constrained by using the top command to find the top processes and usage information on the overall system and check the load average to determine the wait queue and uptime. If i need more info, i will use vmstat to see the swapping rate and to check the blocked processes to determine if the cpu is constrained, to determine if the RAM is constrained i could check the swap section to see if the values are a hundred or more. To determine if the IO is constrained, i will use iostat -xt to determine which mount point is I/O constrained by focusing on the avgqu-sz metric to check how much I/O constraint each disk has, await for the average wait time in the disk queue, and %util to check if the percentage is consistently at 100% which would indicate a problem.If their is a disk space issue, df command can display the disk space with -k added to find the amount in kilobytes.
Instrumentation
ability to monitor / measure the level of applications performance , to diagnose errors, and to write trace information
Concurrent requests exceeded the amount allowed causing rejections and/or delays
both
Errors in logs indicate that a product patch is needed
both(database/web application)
Focus is on addressing three key elements of integration (type of access, type of connectivity and method of authentication)
business to business
Match the application architecture pattern with a key element unique to it. Only utilize PaaS services without needing to rely on accessing any underling operating system
cloud native
NAT
converts a private IP to a public IP and vice versa
Low Buffer cache-hit ratio causing most data to be retrieved from disk
database server
Poorly executing queries taking up a large amount of CPU and/or I/O
database server
Transaction log getting full disallowing any further writes to the database
database server
Disk space used
df
View application & system logs
event viewer
Match cloud term to definition: A relatively new paradigm which focuses on offloading or moving processing and storage to endpoint devices consuming cloud services
fog computing
Uses DNS redirection to point the user to the VIP that should be accessed
global load balancer
Per process network bandwidth used
iftop
I/O Queue Length by disk
iostat
Match the key statistic to the tool on Linux which would be most appropriate to help you measure it (there will be multiple matches): Per process disk I/O used
iotop
Can start programs based on date/time, creation of a file, completion of a task, etc.
job scheduling
Event-based execution on programs without user interaction
job scheduling
Match the OSI layer(s) to the type of communication: Device to Device
layer 2
Match the OSI layer(s) to the type of communication: Host to Host
layer 3
Process to process
layer 4
application to application
layer 5-7
Match the application architecture technique to its description: Front-ending multiple servers/processes that perform the same function, but only sending traffic to the healthy ones
load balancer
Session stickiness
local load baalncer
Can perform health-checking to determine which server to send work to
local load balancer
Number of CPUs
lscpu
Which processes are listening on which ports
netstat
Can be used to restrict the network level access of guests
network segmentation
Browser incompatibility causing application to "look funny"
none
CPU uptime
none
Disk space allocated
none
Acts as a "man-in-the-middle" by transparently relaying communications between two processes
proxying
Refers to a cloud computing deployment model where services are offered by a third-party vendor independently of corporate/enterprise IT
public cloud
View/Edit Registry entries
regedit
Per process network bandwidth used
resource monitor
Which processes are listening on which ports
resource monitor,netstat
Framework
software providing generic functionality to ease burden of common programming tasks
SAN
storage infrastructure consisting of a dedicated network(typically fiber channel) and storage devices
Number & type of physical CPUs
system information
CPU uptime
task manager
Legacy character-based applications that can be deployed on 2, 3 or n-tier architectures
terminal emulation
Load average
top
Per process CPU utilization
top
Allowing direct network layer communication between devices that otherwise could not communicate
tunneling
Can allow private IP addresses to communicate over the Internet
tunneling
Paging swap rate
vmstat
3-layers and 3-tiers in its basic form, but can get complex; Solves some of the issues with the client-server architecture
web based
Match the functionality to the application architecture technique (Answers can be used multiple times): Used to block users from accessing restricted web sites
web proxy
Lack of code instrumentation causing difficulty isolating where the problem resides
web/application server
Long waits on remote resource calls causing 5xx response codes
web/application server