Difference between revisions of "BSc: System And Network Administration"
R.sirgalina (talk | contribs) |
|||
Line 171: | Line 171: | ||
====What forms of evaluation were used to test students’ performance in this section?==== |
====What forms of evaluation were used to test students’ performance in this section?==== |
||
+ | {| |
||
+ | ! |
||
+ | !align="center"| '''Yes/No''' |
||
+ | |- |
||
+ | | Development of individual parts of software product code |
||
+ | |align="center"| 1 |
||
+ | |- |
||
+ | | Homework and group projects |
||
+ | |align="center"| 1 |
||
+ | |- |
||
+ | | Midterm evaluation |
||
+ | |align="center"| 0 |
||
+ | |- |
||
+ | | Testing (written or computer based) |
||
+ | |align="center"| 0 |
||
+ | |- |
||
+ | | Reports |
||
+ | |align="center"| 0 |
||
+ | |- |
||
+ | | Essays |
||
+ | |align="center"| 0 |
||
+ | |- |
||
+ | | Oral polls |
||
+ | |align="center"| 0 |
||
+ | |- |
||
+ | | Discussions |
||
+ | |align="center"| 1 |
||
+ | |} |
||
Low-load weekly lab assignments (reports of two-three pages including command line outputs or screenshots) |
Low-load weekly lab assignments (reports of two-three pages including command line outputs or screenshots) |
||
Revision as of 11:42, 28 February 2022
System and Network Administration
- Course name: System and Network Administration
- Course number: ?
Course characteristics
Key concepts of the class
- Unix & system tuning
- Free and Open Source licensing
- Firmware & boot loaders
- Disks & partitioning
- Daemons’ setup and operation
- Text processing tools & Regular Expressions
- Backup & Monitoring
- Network fundamentals
- Link aggregation
- DNS fundamentals
- Network discovery & sniffing
- Introduction to spoofing and man in the middle
- Cryptography from a practical perspective
- High Availability clusters
- Load-balancing clusters
- File-systems & shared-disk file-systems
- Storage clusters & distributed block devices
- Virtualization clusters
- Automated provisioning & configuration automation
What is the purpose of this course?
This course covers the system and network administration for GNU/Linux and BSD operating systems. The students with the minor of security and blockchain must be able to operate GNU/Linux as their main server-oriented system and perform different tasks such as setting up and operating various tools and daemons. This is a very essential course for the security expert which will give the students hands-on experience of system deployment, firmware, booting, partitions, volume management, system and network optimization. At the end of this course, the students will be equipped with the tools and skills that they can use in industrial production environments. This course is practice-oriented similarly to a certification training. After completion, the students could be entitled as (junior) system and network analysts.
Course Objectives Based on Bloom’s Taxonomy
- What should a student remember at the end of the course?
By the end of the course, the students should be able to recognize and define
- Free and Open-Source Software paradigms
- Principles of the Unix culture
- Linux bonding modes and link aggregation
- CA vs intermediate vs leaf SSL certificates
- High Availability cluster architecture
- Load-balancing cluster architecture
- Virtualization architecture
- Distributed storage architecture
- Convergence and hyper-convergence
- What should a student be able to understand at the end of the course?
By the end of the course, the students should be able to describe and explain (with examples)
- In-depth operational knowledge of GNU/Linux and system daemons
- How GIT differs from CVS
- How rather critical IT infrastructures are handled
- Difference between caching DNS forwarder and an authoritative DNS service
- Requirements and use-cases for High Availability
- Requirements and use-cases for load-balancing
- Requirements and use-cases for virtualization
- Requirements and use-cases for distributed storage
- Challenges & constraints with convergence and hyper-convergence
- Requirements to automate the deployments of several servers at once
- What should a student be able to apply at the end of the course?
- System & daemons troubleshooting - read the logs
- Install a GNU/Linux system and configure it for it to be used a server
- Fix the boot-loader or recover the root account
- Use Version Control Systems
- Build software daemons from source
- Build the Linux kernel from source
- Design the architecture of IT infrastructures
- Deploy and maintain IT infrastructures
- Network troubleshooting - check for open ports
- Setting up network link aggregations
- Securing SSL web browser sessions
- SSL cipher suites tuning
- Bootstrap guest machines from the host
- Deal with RAW and QCOW2 sparse files
- Evaluate the need for network disks (block devices)
- Evaluate the need for network file-systems versus shared-disk file-systems
Course evaluation
Proposed points | ||
---|---|---|
Labs/seminar classes | 20 | 70 |
Interim performance assessment | 30 | 10 |
Exams | 50 | 20 |
If necessary, please indicate freely your course’s features in terms of students’ performance assessment: The laboratory assessments are particularly taken care of, and the tasks do correspond with the teachings from the lectures. SNA laboratory assignments are plethoric hence there are multiple tasks to choose from every week, depending on students’ skills and preferences.
Grades range
Grade | Default range | Proposed range |
---|---|---|
A. Excellent | 90-100 | 90-100 |
B. Good | 75-89 | 80-89 |
C. Satisfactory | 60-74 | 70-79 |
D. Poor | 0-59 | 0-69 |
If necessary, please indicate freely your course’s grading features: The laboratory assignments are mandatory with a required minimum result of 6/10 - including re-takes and late submissions - to complete the course. As a consequence, the grades are generally pretty high and therefore the grading ranges are scaled up.
Resources and reference material
- Joshua Davies, Implementing SSL / TLS Using Cryptography and PKI, Wiley Publishing, 2011
- Eric Raymond, The Cathedral & the Bazaar, O’Reilly Media, 2008
- Æleen Frisch, Essential System Administration, Third Edition, O’Reilly & Associates, 2002
- Evi Nemeth, Garth Snyder, Scott Seebass, and Trent R. Hein, UNIX System Administration Handbook, Third Edition, Prentice Hall, 2000
- Mark Sobell, A Practical Guide to the Unix System, Third Edition, Addison-Wesley, 1994
- GNU Manuals Online https://www.gnu.org/manual/manual.html
- The Linux Kernel documentation https://www.kernel.org/doc/Documentation/
- The Revised Slackware Book Project https://www.slackbook.org/
Course Sections
Section 1
Section title
Infrastructure fundamentals
Topics covered in this section
- What is a server
- Unix basics
- Unix tips & tricks
- System preparation
- FOSS licensing paradigms
- Unix culture & traditions
- Daemons’ setup and operation
- Software & kernel building
- Firwmare & boot loaders
- Disks & partitioning
- Text processing tools & Regular Expressions
- Shell scripting
- XML/CSS
- Backup & Monitoring
- Groupware, helpdesk & bug tracking
What forms of evaluation were used to test students’ performance in this section?
Yes/No | |
---|---|
Development of individual parts of software product code | 1 |
Homework and group projects | 1 |
Midterm evaluation | 0 |
Testing (written or computer based) | 0 |
Reports | 0 |
Essays | 0 |
Oral polls | 0 |
Discussions | 1 |
Low-load weekly lab assignments (reports of two-three pages including command line outputs or screenshots)
Typical questions for ongoing performance evaluation within this section
- What is the difference between MIT, BSD and GPL licenses?
- How do those licensing models differ in terms of ethical and rhetorical goals?
- What characterizes the Unix system in terms of usability?
Typical questions for seminar classes (labs) within this section
- How to troubleshoot system and daemons?
- Install a GNU/Linux system and configure it for it to be used a server
- Fix the boot-loader or recover the root account
- Use Version Control Systems
- Build software daemons from source
- Build the Linux kernel from source
- Design the architecture of IT infrastructures
- Deploy and operate IT infrastructures e.g. a helpdesk and bug tracking engine
Test questions for final assessment in this section
- How to disable recent hardware mitigations in the Linux kernel?
- How to disable IPv6 at boot time?
- How GIT repositories does differ from CVS repositories in terms of architecture?
- What are the requirements to get a robust and spam-unfriendly Mail eXchange up and running?
Section 2
Section title
Network & Security
Topics covered in this section
- Network fundamentals & IPv6 intro
- Link aggregation
- NOC use-cases & DDoS mitigations
- DNS fundamentals
- SMTP fundamentals
- Network discovery & sniffing
- Spoofing intro
- Man in the middle intro
- Stripping SSL
- Stripping STARTTLS
- PKI intro & Let’s encrypt
- SSL interception
- SSL pinning & certificate transparency
- Asymmetric ciphers from a practical perspective
- Key negotiation algorithms from a practical perspective
- Symmetric ciphers from a practical perspective
- Mode of operation & padding
What forms of evaluation were used to test students’ performance in this section?
Low-load weekly lab assignments (reports of two-three pages including command line outputs or screenshots)
Typical questions for ongoing performance evaluation within this section
- Choose a Linux bonding mode and explain its pros/cons, then setup link aggregation with it
- Create a self-signed certificate, set it up against e.g. an HTTP service and use it from your browser
- Create a CA and sign a few certificates, see how your browser behaves compared to a self-signed certificate
Typical questions for seminar classes (labs) within this section
- How to troubleshoot network issues?
- How to setup network link aggregations?
- What are the requirements for an authoritative DNS service to be up and running?
- How to verify SSL certificates and sessions?
- How to tune SSL cipher suites for a service?
Test questions for final assessment in this section
- What is the difference between caching DNS forwarder and an authoritative DNS service?
Section 3
Section title
Storage & clusters
Topics covered in this section
- High Availability clusters
- Load-balancing clusters
- File-systems & shared-disk file-systems
- Storage clusters & distributed block devices
- Virtualization clusters
- Automated provisioning & configuration automation
What forms of evaluation were used to test students’ performance in this section?
Low-load weekly lab assignments (reports of two-three pages including command line outputs or screenshots)
Typical questions for ongoing performance evaluation within this section
- How is a High Availability cluster architecture designed?
- How is a Load-balancing cluster architecture designed?
- How is a Virtualization architecture designed?
- How is a Distributed storage architecture designed?
- How are Convergence and hyper-convergence designed?
Typical questions for seminar classes (labs) within this section
- How to bootstrap guest machines from the host?
- How to deal with RAW and QCOW2 sparse files?
- How does network disks (block devices) compare to virtual disks as sparse files?
- How does network file-systems compare with shared-disk file-systems?
Test questions for final assessment in this section
- What are the architectural requirements and use-cases for High Availability?
- What are the architectural requirements and use-cases for load-balancing?
- What are the architectural requirements and use-cases for virtualization?
- What are the architectural requirements and use-cases for distributed storage?
- What are the challenges & constraints when attempting to define a convergent or even a hyper-convergent virtualization infrastructure setup?
- What are the requirements to automate the deployments of several servers at once?