Difference between revisions of "BSc: System And Network Administration"
R.sirgalina (talk | contribs) |
R.sirgalina (talk | contribs) |
||
Line 147: | Line 147: | ||
=== Section 1 === |
=== Section 1 === |
||
− | + | ====Section title==== |
|
Infrastructure fundamentals |
Infrastructure fundamentals |
||
− | + | ====Topics covered in this section==== |
|
* What is a server |
* What is a server |
||
Line 169: | Line 169: | ||
* Groupware, helpdesk & bug tracking |
* Groupware, helpdesk & bug tracking |
||
− | + | ====What forms of evaluation were used to test students’ performance in this section?==== |
|
Low-load weekly lab assignments (reports of two-three pages including command line outputs or screenshots) |
Low-load weekly lab assignments (reports of two-three pages including command line outputs or screenshots) |
||
− | + | ====Typical questions for ongoing performance evaluation within this section==== |
|
* What is the difference between MIT, BSD and GPL licenses? |
* What is the difference between MIT, BSD and GPL licenses? |
||
Line 179: | Line 179: | ||
* What characterizes the Unix system in terms of usability? |
* What characterizes the Unix system in terms of usability? |
||
− | + | ====Typical questions for seminar classes (labs) within this section==== |
|
* How to troubleshoot system and daemons? |
* How to troubleshoot system and daemons? |
||
Line 190: | Line 190: | ||
* Deploy and operate IT infrastructures e.g. a helpdesk and bug tracking engine |
* Deploy and operate IT infrastructures e.g. a helpdesk and bug tracking engine |
||
− | + | ====Test questions for final assessment in this section==== |
|
* How to disable recent hardware mitigations in the Linux kernel? |
* How to disable recent hardware mitigations in the Linux kernel? |
||
Line 199: | Line 199: | ||
=== Section 2 === |
=== Section 2 === |
||
− | + | ====Section title==== |
|
Network & Security |
Network & Security |
||
− | + | ====Topics covered in this section==== |
|
* Network fundamentals & IPv6 intro |
* Network fundamentals & IPv6 intro |
||
Line 223: | Line 223: | ||
* Mode of operation & padding |
* Mode of operation & padding |
||
− | + | ====What forms of evaluation were used to test students’ performance in this section?==== |
|
Low-load weekly lab assignments (reports of two-three pages including command line outputs or screenshots) |
Low-load weekly lab assignments (reports of two-three pages including command line outputs or screenshots) |
||
− | + | ====Typical questions for ongoing performance evaluation within this section==== |
|
* Choose a Linux bonding mode and explain its pros/cons, then setup link aggregation with it |
* Choose a Linux bonding mode and explain its pros/cons, then setup link aggregation with it |
||
Line 233: | Line 233: | ||
* Create a CA and sign a few certificates, see how your browser behaves compared to a self-signed certificate |
* Create a CA and sign a few certificates, see how your browser behaves compared to a self-signed certificate |
||
− | + | ====Typical questions for seminar classes (labs) within this section==== |
|
* How to troubleshoot network issues? |
* How to troubleshoot network issues? |
||
Line 241: | Line 241: | ||
* How to tune SSL cipher suites for a service? |
* How to tune SSL cipher suites for a service? |
||
− | + | ====Test questions for final assessment in this section==== |
|
* What is the difference between caching DNS forwarder and an authoritative DNS service? |
* What is the difference between caching DNS forwarder and an authoritative DNS service? |
||
Line 247: | Line 247: | ||
=== Section 3 === |
=== Section 3 === |
||
− | + | ====Section title==== |
|
Storage & clusters |
Storage & clusters |
||
− | + | ====Topics covered in this section==== |
|
* High Availability clusters |
* High Availability clusters |
||
Line 260: | Line 260: | ||
* Automated provisioning & configuration automation |
* Automated provisioning & configuration automation |
||
− | + | ====What forms of evaluation were used to test students’ performance in this section?==== |
|
Low-load weekly lab assignments (reports of two-three pages including command line outputs or screenshots) |
Low-load weekly lab assignments (reports of two-three pages including command line outputs or screenshots) |
||
− | + | ====Typical questions for ongoing performance evaluation within this section==== |
|
* How is a High Availability cluster architecture designed? |
* How is a High Availability cluster architecture designed? |
||
Line 272: | Line 272: | ||
* How are Convergence and hyper-convergence designed? |
* How are Convergence and hyper-convergence designed? |
||
− | + | ====Typical questions for seminar classes (labs) within this section==== |
|
* How to bootstrap guest machines from the host? |
* How to bootstrap guest machines from the host? |
||
Line 279: | Line 279: | ||
* How does network file-systems compare with shared-disk file-systems? |
* How does network file-systems compare with shared-disk file-systems? |
||
− | + | ====Test questions for final assessment in this section==== |
|
* What are the architectural requirements and use-cases for High Availability? |
* What are the architectural requirements and use-cases for High Availability? |
Revision as of 16:53, 9 February 2022
System and Network Administration
- Course name: System and Network Administration
- Course number: ?
Course characteristics
Key concepts of the class
- Unix & system tuning
- Free and Open Source licensing
- Firmware & boot loaders
- Disks & partitioning
- Daemons’ setup and operation
- Text processing tools & Regular Expressions
- Backup & Monitoring
- Network fundamentals
- Link aggregation
- DNS fundamentals
- Network discovery & sniffing
- Introduction to spoofing and man in the middle
- Cryptography from a practical perspective
- High Availability clusters
- Load-balancing clusters
- File-systems & shared-disk file-systems
- Storage clusters & distributed block devices
- Virtualization clusters
- Automated provisioning & configuration automation
What is the purpose of this course?
This course covers the system and network administration for GNU/Linux and BSD operating systems. The students with the minor of security and blockchain must be able to operate GNU/Linux as their main server-oriented system and perform different tasks such as setting up and operating various tools and daemons. This is a very essential course for the security expert which will give the students hands-on experience of system deployment, firmware, booting, partitions, volume management, system and network optimization. At the end of this course, the students will be equipped with the tools and skills that they can use in industrial production environments. This course is practice-oriented similarly to a certification training. After completion, the students could be entitled as (junior) system and network analysts.
Course Objectives Based on Bloom’s Taxonomy
- What should a student remember at the end of the course?
By the end of the course, the students should be able to recognize and define
- Free and Open-Source Software paradigms
- Principles of the Unix culture
- Linux bonding modes and link aggregation
- CA vs intermediate vs leaf SSL certificates
- High Availability cluster architecture
- Load-balancing cluster architecture
- Virtualization architecture
- Distributed storage architecture
- Convergence and hyper-convergence
- What should a student be able to understand at the end of the course?
By the end of the course, the students should be able to describe and explain (with examples)
- In-depth operational knowledge of GNU/Linux and system daemons
- How GIT differs from CVS
- How rather critical IT infrastructures are handled
- Difference between caching DNS forwarder and an authoritative DNS service
- Requirements and use-cases for High Availability
- Requirements and use-cases for load-balancing
- Requirements and use-cases for virtualization
- Requirements and use-cases for distributed storage
- Challenges & constraints with convergence and hyper-convergence
- Requirements to automate the deployments of several servers at once
- What should a student be able to apply at the end of the course?
- System & daemons troubleshooting - read the logs
- Install a GNU/Linux system and configure it for it to be used a server
- Fix the boot-loader or recover the root account
- Use Version Control Systems
- Build software daemons from source
- Build the Linux kernel from source
- Design the architecture of IT infrastructures
- Deploy and maintain IT infrastructures
- Network troubleshooting - check for open ports
- Setting up network link aggregations
- Securing SSL web browser sessions
- SSL cipher suites tuning
- Bootstrap guest machines from the host
- Deal with RAW and QCOW2 sparse files
- Evaluate the need for network disks (block devices)
- Evaluate the need for network file-systems versus shared-disk file-systems
Course evaluation
Proposed points | ||
---|---|---|
Labs/seminar classes | 20 | 70 |
Interim performance assessment | 30 | 10 |
Exams | 50 | 20 |
If necessary, please indicate freely your course’s features in terms of students’ performance assessment: The laboratory assessments are particularly taken care of, and the tasks do correspond with the teachings from the lectures. SNA laboratory assignments are plethoric hence there are multiple tasks to choose from every week, depending on students’ skills and preferences.
Grades range
Grade | Default range | Proposed range |
---|---|---|
A. Excellent | 90-100 | 90-100 |
B. Good | 75-89 | 80-89 |
C. Satisfactory | 60-74 | 70-79 |
D. Poor | 0-59 | 0-69 |
If necessary, please indicate freely your course’s grading features: The laboratory assignments are mandatory with a required minimum result of 6/10 - including re-takes and late submissions - to complete the course. As a consequence, the grades are generally pretty high and therefore the grading ranges are scaled up.
Resources and reference material
- Joshua Davies, Implementing SSL / TLS Using Cryptography and PKI, Wiley Publishing, 2011
- Eric Raymond, The Cathedral & the Bazaar, O’Reilly Media, 2008
- Æleen Frisch, Essential System Administration, Third Edition, O’Reilly & Associates, 2002
- Evi Nemeth, Garth Snyder, Scott Seebass, and Trent R. Hein, UNIX System Administration Handbook, Third Edition, Prentice Hall, 2000
- Mark Sobell, A Practical Guide to the Unix System, Third Edition, Addison-Wesley, 1994
- GNU Manuals Online https://www.gnu.org/manual/manual.html
- The Linux Kernel documentation https://www.kernel.org/doc/Documentation/
- The Revised Slackware Book Project https://www.slackbook.org/
Course Sections
Section 1
Section title
Infrastructure fundamentals
Topics covered in this section
- What is a server
- Unix basics
- Unix tips & tricks
- System preparation
- FOSS licensing paradigms
- Unix culture & traditions
- Daemons’ setup and operation
- Software & kernel building
- Firwmare & boot loaders
- Disks & partitioning
- Text processing tools & Regular Expressions
- Shell scripting
- XML/CSS
- Backup & Monitoring
- Groupware, helpdesk & bug tracking
What forms of evaluation were used to test students’ performance in this section?
Low-load weekly lab assignments (reports of two-three pages including command line outputs or screenshots)
Typical questions for ongoing performance evaluation within this section
- What is the difference between MIT, BSD and GPL licenses?
- How do those licensing models differ in terms of ethical and rhetorical goals?
- What characterizes the Unix system in terms of usability?
Typical questions for seminar classes (labs) within this section
- How to troubleshoot system and daemons?
- Install a GNU/Linux system and configure it for it to be used a server
- Fix the boot-loader or recover the root account
- Use Version Control Systems
- Build software daemons from source
- Build the Linux kernel from source
- Design the architecture of IT infrastructures
- Deploy and operate IT infrastructures e.g. a helpdesk and bug tracking engine
Test questions for final assessment in this section
- How to disable recent hardware mitigations in the Linux kernel?
- How to disable IPv6 at boot time?
- How GIT repositories does differ from CVS repositories in terms of architecture?
- What are the requirements to get a robust and spam-unfriendly Mail eXchange up and running?
Section 2
Section title
Network & Security
Topics covered in this section
- Network fundamentals & IPv6 intro
- Link aggregation
- NOC use-cases & DDoS mitigations
- DNS fundamentals
- SMTP fundamentals
- Network discovery & sniffing
- Spoofing intro
- Man in the middle intro
- Stripping SSL
- Stripping STARTTLS
- PKI intro & Let’s encrypt
- SSL interception
- SSL pinning & certificate transparency
- Asymmetric ciphers from a practical perspective
- Key negotiation algorithms from a practical perspective
- Symmetric ciphers from a practical perspective
- Mode of operation & padding
What forms of evaluation were used to test students’ performance in this section?
Low-load weekly lab assignments (reports of two-three pages including command line outputs or screenshots)
Typical questions for ongoing performance evaluation within this section
- Choose a Linux bonding mode and explain its pros/cons, then setup link aggregation with it
- Create a self-signed certificate, set it up against e.g. an HTTP service and use it from your browser
- Create a CA and sign a few certificates, see how your browser behaves compared to a self-signed certificate
Typical questions for seminar classes (labs) within this section
- How to troubleshoot network issues?
- How to setup network link aggregations?
- What are the requirements for an authoritative DNS service to be up and running?
- How to verify SSL certificates and sessions?
- How to tune SSL cipher suites for a service?
Test questions for final assessment in this section
- What is the difference between caching DNS forwarder and an authoritative DNS service?
Section 3
Section title
Storage & clusters
Topics covered in this section
- High Availability clusters
- Load-balancing clusters
- File-systems & shared-disk file-systems
- Storage clusters & distributed block devices
- Virtualization clusters
- Automated provisioning & configuration automation
What forms of evaluation were used to test students’ performance in this section?
Low-load weekly lab assignments (reports of two-three pages including command line outputs or screenshots)
Typical questions for ongoing performance evaluation within this section
- How is a High Availability cluster architecture designed?
- How is a Load-balancing cluster architecture designed?
- How is a Virtualization architecture designed?
- How is a Distributed storage architecture designed?
- How are Convergence and hyper-convergence designed?
Typical questions for seminar classes (labs) within this section
- How to bootstrap guest machines from the host?
- How to deal with RAW and QCOW2 sparse files?
- How does network disks (block devices) compare to virtual disks as sparse files?
- How does network file-systems compare with shared-disk file-systems?
Test questions for final assessment in this section
- What are the architectural requirements and use-cases for High Availability?
- What are the architectural requirements and use-cases for load-balancing?
- What are the architectural requirements and use-cases for virtualization?
- What are the architectural requirements and use-cases for distributed storage?
- What are the challenges & constraints when attempting to define a convergent or even a hyper-convergent virtualization infrastructure setup?
- What are the requirements to automate the deployments of several servers at once?