So Christmas has come and gone and a whole new set of toys to play with!!

So I picked up my first Raspberry Pi 4 to start learning with, nothing like getting your hands on something to really learn it.

Raspberry Pi 4 Setup

To start learning and not just have another piece of equipment lying around I also picked up the Freenove ULtimate Starter Kit.  57 projects that have step by step directions using either Python or C/C++ to manipulate the hardware that it comes with.

Freenove Ultimate Starter Kit for Raspberry Pi 4 B 3 B+ 400, 434-Page Detailed Tutorials, Python C Java Code, 223 Items, 57 Projects, Solderless Breadboard

I figure this will help me understand both Linux as well as Python that I learned in the summer of 2019.

In addition to the Hardware/Projects that I picked up, I also picked up the “RHCSA Red Hat Enterprise Linux 8 – Training and Exam Preparation Guide” by Asghar Ghori

The real challenge will be to find time to learn Linux as I just accepted a new position with Palo Alto Networks and will also be working toward my PCNSE which I have been told that I should attempt to have within the first year.

First project down… only 56 to go with whatever projects that I come up with along the way.

As I continue to work toward improving myself the next foundation item that I will be focusing on is the Red Hat RHCSA Certification EX200. 

Reviewing the certification details off of the official site, I knew this would not be enough so combining the official site skills list, along with the outline with the Linkedin Learning course Cert Prep: Red Hat Certified System Administrator (EX200) course. My Red Hat Certified System Administrator study guide will follow the outline below. 

My research and study documentation going to be used are:

Available devices that I will be using for hosting OS:

  • Oracle VM Virtualbox – On Microsoft Surface Book 2
  • HP Laptop running Kali Linux
  • HP Workstation running Ubuntu 20.04
  • Raspberry PI 4 – Nothing loaded on it at this time.

I am targeting the End of April/Beginning of May to take the exam.

RHCSA – Red Hat Certified System Administrator study guide

  • Understand and use essential tools
    • handling files
      • Create
      • Edit
      • Archive and compress files
    • directories
    • command-line environments
      • Redirection
      • File Management
    • documentation
    • Schedule recurring tasks
  • Create simple shell scripts
    • BASH
    • Python
    • Lua
    • Tcl
    • Ruby
    • Grep and regular expressions
  • Operate running systems, including
    • booting into different run levels
    • identifying/Manage processes
    • starting and stopping virtual machines
    • controlling services
    • Interrupt the boot process to gain access
    • Read log files and journals
  • Configure
    • local storage
      • partitions
        • Create
        • Delete
    • Logical volumes management
    • Networking
    • Bootup/modify the bootloader
  • Create and configure
    • file systems and file system attributes, such as
      • permissions
      • encryption
      • access control lists
      • network file systems
        • Mount and unmount
      • Securely transfer files
      • Create and configure
        • Format
        • Mount
        • Unmount
      • Manage SUID, SGID, and sticky bits
  • Deploy, configure, and maintain systems
    • software installation
    • updates
    • core services/kernel packages
    • Linux system Virtual guests
      • Access virtual machine’s console
      • Start/stop virtual machines
  • Manage users and groups
    • Create
    • Delete
    • Modify
    • Password/password aging
    • Use Authentication Systems
  • Manage
    • Security
      • Firewall
      • Key-based authentication for SSH
    • SELinux configuration
      • Modes
      • Security Context
        • Restore Default
      • Modify Booleans
      • Diagnose policy violations
  • Perform basic container management

 

LET THE FUN Begin!!!

It has been a long while since my last post but the information below are items that I learned, study and used in labs before my test.

I took my test on December 1st and it was more challenging than I thought it would be, but at the end of the test I can say that I passed and after a short break of hanging with the family and a few video games with son, I am doing a re-cap and starting my next learning adventure which is Redhat RHCSA.

There was a good period of time where I was not posting but I for sure was studying.  I used the following three items to finish up before the big day.

With the items above and past knowledge I was able to pass my test but there are two things that I would add to this if I was prepping for this again.

  • Review the Cisco Blue Print in more detail (there was a question about password managers which is listed on the Blue Print in 5.4)
  • Use a physical study for CCNA book.
    • The videos were great but I do feel like there were cover all the topics and even more than what was needed but there were some questions that had me thinking more than I thought I should need to and another source that focused on the test opposed to teaching would have been great after the Udemy and Keith Barker info.

So final opinion: The CCNA should not be taken lightly, especially if you have not been working on Cisco devices before or in my case in a few years.  The Boson test was great but don’t expect to see any word for word question or even closely worded questions.

Here is what it all led to my official piece of paper that says I actually know what I am talking about to back up my experience:

https://www.youracclaim.com/badges/aa3a51e0-6ecb-4a87-ab3b-b25920fd943f

CCNA Studying

I do feel that I am getting very close to taking the test but $300 is nothing to throw around so here are few things that I have been learning that I either missed or the study course did not cover in a way the test questions needed additional studying.

  • APIs used with for communications from Controller up (North-bound) to applications or down (south-bound) to network infrastructure.
    • North-bound APIs – Used to talk from the controller to Applications
      • REST – Representational State Transfer
      • OSGi – Jove Open Service Gateway initiative
    • South-bound APIs
      • OnePK
      • OpenFlow
      • OpFlex
      • NETCONF
  • LLDP (Link Layer Detection Protocol
    • Advertise every 30 Second (Default)
      • Configurable to 5-65534 Seconds
      • (config)#lldp timer [time]
    • Default – 120 Second hold time
      • Configurable to 0-65535
      • (config)#lldp holdtime [time]
  • CDP (Cisco Discovery Protocol)
    • Advertises every 60 seconds (Default)
  • auto-cost reference-bandwidth
    • Default cost=reference bandwidth(default 100)/interface bandwidth
  • MAC Addresses used by FHRP (First Hop Redundancy Protocol)
    • VRRP (Virtual Router Redundancy Protocol) – Not a FHRP protocol
      • 0000.5E00.XXYY
    • GLBP (Gateway Load Balancing Protocol)
      • 0007.b400.XXYY
    • HSRP (Hot Standby Router Protocol)
      • Version 1
        • IPv4 
          • Group Address – 224.0.0.2
          • UDP Port: 1985 
          • Virtual MAC: 0000:0c07:acXX
            • The last two hexadecimal characters indicate the group.
      • Version 2
        • IPv4
          • Group address – 224.0.0.102
          • UDP Port: 1985
          • Virtual MAC: 0000:0c9f:fXXX
        • IPv6
          • Group address: ff02::66
          • UDP Port: 2029
          • Virtual MAC: 0005:73a0:0XXX
  • Ethernet frame
    • 7-byte preamble field
    • 1-byte start-of-frame (SOF) field
    • 6-byte destination address field
    • 6-byte source address field
    • 2-byte type field
    • data field in the range from 46 through 1500 bytes
    • 4-byte Frame Check Sequence (FCS) field
  • IPv6 Address to remember
    • Unicast
      • Link-local Address
        • 1111|1110|1000|0000
        • fe80::/64
        • Link-local has been replaced by ULA (Unique Local Address) FC00::/7
          • 1111|1100|0000|0000
      • Global
        • 2001::/16
        • 0010|0000|0000|0001
      • Site-Local
        • FC00::/7-FDFF
        • 1111|1100|0000|0000
      • Loop back
        • ::1/128
    • Multicast address
      • ffxx::/8
      • 1111|1111
      • Routing Protocols – Not routable addresses
        • FF02::5 – OSPF Routers
        • FF02::6 – OSPF DR
        • FF02::9 – RIP Routers
        • FF02::A – EIGRP Routers
    • IPv4 compatible
      • 0:0:0:0:0:0::/96
      • The last 32 bits are replaced with the IPv4 address
  • Hex to binary
    • 0000 – 0
    • 0001 – 1
    • 0010 – 2
    • 0011 – 3
    • 0100 – 4
    • 0101 – 5
    • 0110 – 6
    • 0111 – 7
    • 1000 – 8
    • 1001 – 9
    • 1010 – a
    • 1011 – b
    • 1100 – c
    • 1101 – d
    • 1110 – e
    • 1111 – f
  • Route Determination
    • EIGRP
      • Sum of the segment Delays
      • The lowest segment Bandwidth
    • RIP
      • Hop Count
    • OSRP
      • Reference Bandwidth/Interface Bandwidth
  • ASBR (Autonomus System Boundary Router)
    • A router is considered an ASBR when it issues the command of default-inforamtion originate or redistribute network
  • Leaf – Spine
    • Node – Switch to provide north/south communications for the end devices
    • Spine – Provide East/West communications between leaf switches and north/south communications out of the network
  • EPG – Endpoint Groups
    • Used to map application to the network
    • Act as a container for application components and tiers that can be used to apply forwarding and poikcy logic
    • Allw for the separation of network policy, seucirty and forwarding from addressing
  • APIC – Application Policy Infrastructure Contoller
    • Object-oriented model based on Promise Theory
      • Promise theroy is based on declarative scalable control of intelligent objects
      • Relies on the underlying object to handle configuration state changes initiated by the control system
      • Objects responsible for passing exceptions or faults back to the control system
    • Object modded focused on the deployment of applications.
  • Management Softwares
    • Chef
      • Communicates over HTTPS on Port 443
      • Runs on Linux, UNIX and Windows
      • clietn/server architecture
      • Config written cookbooks written in Ruby DSL, stored on Chef server
      • Chef clients pull cookbook form server
      • Standalone clients run cookbooks from a local directory or from a tar.gz archive on the internet.
    • Puppet
      • Accepts inbound request from agent
      • HTTPS on TCP port 8140
      • Consider the most widely used
      • Runs on Linux, Unix, Windows
      • Client/server architecture
      • Written in Ruby Domain Specfic Language (DSL or Ruby-like Puppet language knwn as Puppen DSL
    • Salt
      • Communications on Ports 4505 and 4506
      • Client/Server
        • Salt Master
        • Salt Minion
      • Use ZeroMQ to communicated
      • Can use Salt SSH without a client but is slower.
      • Written in YAML, Python or Python Domain Specific Language (PyDSL)
    • Ansible
      • Uses SSH over port 22
      • Runs on Linux/Unix and Windows
      • No Agents
      • YAML written in playbooks
  • RED (Random Early Detection) vs WRED (Weighted random early detection)
    • RED
      • Drops packets randomly
      • High priority packets and low priority packets drop at the same rate.
    • WRED
      • Uses a predefined threshold to decide what packet to drop
      • Drops low priority packets when the minimum threshold for the designated service level is exceeded.
      • Low priority packets are dropped first
  • Cisco Alert logging levels anagram
    • Every Awesome Cisco Engineer will need ‘ice cream’ daily
      • 0 – Emergency
      • 1 – Alert
      • 2 – Critical
      • 3 – Error
      • 4 – Warning
      • 5 – Notification
      • 6 – Informational
      • 7 – Debugging