Block 3 Flashcards
Describe components of the UCS that runs UCSM software
UCSM is installed on the flex pods fabric interconnects which runs the UCSM software
Explain characteristics of the UCS manager administration area
Admin area. The admin area contains systemwide settings and troubleshooting. Components major notes include:
Faults, events and audit logs
User management
Key management
Communication manangement
Stats management
Time zone management
Capability catalog
License management
Device connector
Identify the type of port that handles data traffic between the UCS fabric interconnect, and the adapter cards on the blades
Server ports handle all data traffic between the UCS fabric interconnects, and the adapter cards on the blade servers
Explain the term media access control pool
A Mac pool is a collection of network identities. Mack pools are assigned to vNic templates.
Explain the term worldwide name, pool
A worldwide name pool is a collection of worldwide names used by fiber channel vHBA in a Cisco UCS instance
Describe universally, unique identifier pools
A UUID is a 128 bit number that uniquely identifies components worldwide typically manage within UCSM using a UUIID pool
Explain the term service profile
A service profile is a software definition of a server and it’s LAN and SAN network connectivity
Locate the UCS blade system event log
A blades, SEL resides on the blades CIMC in non-volatile memory
Explain the purpose of selecting the preserve identities option for the logical configuration and all configuration back ups
Always select a preserve identities feature when capturing the logical, system, and all configuration backups. This forces back up utility to preserve all data derived from pools. This is critical as without preserved identities the blades will not boot or reboot.
Identify the software used to manage net app storage systems
Also known as data ONTAP, this software is used to manage net App Store systems and provides the capability to read and write data over block or file access protocols
Explain the difference between a SAN and a NAS
NAS-provides file access to the storage system
SAN-provides block level access to the storage system via FC, FCOE, or Internet small computer system interface protocols
Describe an aggregate
An aggregate is a container for the disk manage by a node and is a collection of one or two plexus , depending on whether or not the system admin wants to take advantage of raid level mirroring
Describe a storage virtual machine
A storage virtual machine is a logical entity used to abstract physical resources
Explain the own command system manager interface
The own command system manager GUI is the primary method for managing the storage system, but the CLI also provides administrators command line options for administration
Describe the net app volume level encryption technology
The net app volume encryption feature provides software based volume encryption. NVE is a net app software based encryption technology for encrypting a volumes data at rest once encrypted and encryption key is accessible only to the storage system in order to ensure that the underlying data cannot be read, repurposed or stolen.
Identified the agent handler
Agent handlers (resides on the server) reduce the workload of the server by offloading event processing and McAfee agent connectivity duties. Agent handlers are most effective when located on the same network segment as the EPO database
Describe automatic response
Automatic responses are configured to notify administrators and perform task automation when an event occurs. Once configure, response rules are associated with a group that contains affected systems.
Describe the system tree
The system tree is a hierarchal structure that organizes the system in the network into groups and sub groups. The grouping of the systems allows policies to be applied to the groups instead of individual systems.
Identify an inactive agent
Periodically, each clients agent checks in with the EPO server periodically. By default, this happens every 60 minutes. In the event that an agent becomes unable to communicate with the EPO server for an extended period of time, the system cannot receive important policy and or virus definition changes.
Identify the role of the Acom relative to the army C2IS
The Acom maintains the necessary TBMCS interfaces, sets, appropriate software permissions, configures AOC servers and manages the connectivity supporting the Army C2IS to TBMCS interoperability
Identified the army C2IS system that passes air support request to TBMCS
Digital ASRs are submitted by army units via AFATDS
Identify the TBMCS system that the Army C2IS is dependent on for exchange of US Army airspace request and air control order air tasking order data
Army C2IS systems are dependent on TBMCS exchange server IRIS for SMTP male exchange of airspace request, and ACO/ATO data between TAIS and TBMCS for US Army airspace and Mission essential needs
Explain the purpose of ACAS
The purpose of ACAS is to enumerate platforms, software flaws, and improper system configurations
Describe ACAS operating system requirements
ACAS accreditation requires that the components run on 64 bit versions of red hat, enterprise Lennox seven or eight, or windows. Tenable.sc is installed on red hat only 64 bit and not windows.
Describe two types of ACAS scans
Two types of tenable scans are *discovery and *assessment.
Discovery scans are used to get an accurate picture of the assets on the network and assessment scans reveal the vulnerabilities associated with those assets
Associate differences between user roles
Administrator- this role manages tenable.C and is used to install and configure each organization
Security manager-this is the default account created when a new organization is created. It is used to launch scans, configure users, establish vulnerability policies, and configure other objects that belong to their organization. This account has complete access to all data collected by the organization.
No role- an account with no permissions
Custom role-created by enabling or disabling individual permissions
Explain when an ACAS assessment scan is configured
Scans may be configured to display results within an interactive dashboard. The type of scan performed in the type of data collected, determine the information displayed on the dashboard.
Identify the two primary documents used for back up and recovery in an AOC
There are two governing documents that address back up and recovery the TBMCS SAM SUM, and the AOC WS back up and recovery guide.
Describe the mission essential system list
Mission essential systems are documented on the MESL which also identifies the lead System admin for each system. The leads identify back up requirements and maintain back up and recovery locks for each system.
Describe the application use for Oracle backup and recovery
TBMCS database tools provide three utilities for performing oracle, database backups: off-line backups, export recovery, AODB export/import.
Explain the procedure for structure, query language principle database backups
Backing up the SQL involves the creation or scheduling of a maintenance task that backs up core services database schemas. The maintenance task verifies the integrity of each database, performs a full backup of each, then purges the SQL back up folder (Y:\SQLFullBackups) of Files older than one week
Describe a delivery group
A delivery group is used to administer which virtual desktops are available for users. A delivery group is a collection of machine selected from one or more machine catalogs. The delivery group specifies which users can use those machines, plus the applications and or desktops available to those users
Describe machine catalog
A group of computers or VMs managed as a single entity is called a machine catalog. The VMs in the machine catalog are identically configured.
Identify which server the Citrix receiver points to
The citrus receiver is configured to point to a storefront server, externally access start with a web browser that points to a net scaler, which intern connects to the storefront web interface
Describe the authentication points available in Xendesktop
Storefront and NetScaler
Identify which user group a Citrix delivery group is assigned to in an AOC
A Citrix delivery group is created and then assigned to the Citrix desktop user group
Describe the purpose of a Vdisk
Acts as a standardized read only image that is accessible to many users simultaneously via Citrix application server and Citrix provisioning server. This vdisk acts as a hard disk for target device i.e, a Citrix application server.
Describe the purpose of concurrent license
A concurrent license is not tied to a specific user, but instead is checked out to a specific computer or device that the person is using, and then is checked back in when the session disconnects
Identify the server that provides DHCP services for Citrix
The license server not only provide Citrix license, but also supports DHCP services, which is required for Citrix application servers to boot
Explain the preferred citrix connection for internal users
Internal users connect directly to storefront servers via Citrix receiver. This provides the best user experience in functionality.
Describe why configuration changes are only made on the primary NetScaler
Configuration changes are made on the primary NetScaler only because changes on the secondary NetScaler cannot be applied to the primary NetScaler.
Match the mode of a vdisk assigned to many application servers
A Vdisk set to standard image mode is a read only production level disk image standard image mode allows, mini application servers to boot from the vDisk simultaneously without corruption
Match the mode of a vDisk assigned to a single application server
vDisk set to private image mode are assigned to a single application server (app master ) not read only
Explain from where the Citrix license administration console is configured
With the latest lockdowns, console access is blocked from the actual server and will have to be configured from an admin client using a web browser with the following address: https://<2012_licnese_host>.{FQDN}:8082
Identify how frequently XDC 1/2 should be rebooted
Reboot Weekly
The servers control the farm. Reboot one at a time, but only if the other is functional.
