Infrastructure Domain Flashcards
I: WINDOWS COMMANDS
tasklist taskkill chckdsk ipconfig netstat ping tracert nslookup diskpart fsutil procexplorer
I: LINUX COMMANDS
grep chmod passwd whoami shutdown ls cd mv mkdir rmdir cat /proc/mounts or mounts -l ps -aux df or du top or ps
I: LINUX TROUBLESHOOTING
lsof – list open files pidstat – tasked managed by kernel top – system info ps – process status tcpdump – capture network packets iostat – input-output stats ldd – list dynamic dependencies nestat – network stats free – avail memory sar – system activity report
I: LINUX KERNAL
The Linux® kernel is the main component of a Linux operating system (OS) and is the core interface between a computer’s hardware and its processes. It communicates between the 2, managing resources as efficiently as possible.
I: LINUX BOOT PROCESS
Boot loader finds the kernel image on the disk and loads it into memory, to start the system.
The kernel initializes the devices and their drivers.
The kernel mounts the basis filesystem.
The kernel starts a program referred to as init
init sets the remainder of the system processes in motion.
init starts a method permitting you to log in
I: WINDOWS SLOWNESS
Try the Performance troubleshooter. Delete programs you never use. Limit how many programs run at startup. Clean up your hard disk. Run fewer programs at the same time. Turn off visual effects. Restart regularly. Change the size of virtual memory. Paging/Swapping Power Settings Resource Monitor Process Explorer, WinDirStat, Sysinternals Suite, Malwarebytes,
I: WEBSITE ACCESS TROUBLESHOOTING
Ping
Tracert
Try a different web browser or the same browser in private browsing mode
Check if security software on your device blocks access to the site
Open the Developer Tools of your browser, usually with F12, and switch to the network tab
Reload the site in question and check if you get errors there
I: WEBSITE SLOW TROUBLESHOOTING
You’re Not Using a Content Delivery Network (CDN)
There’s Excessive Overhead in Your Database
Caching Issues Are Preventing Optimized Page Loading
Large Media Files Are Increasing Loading Times
Poorly Written Scripts Are Conflicting with Other Site Elements,
Your Site’s Code Is Too Bulky
Missing Files Are Causing Errors
Plugins Are Weighing Your Site Down
I: EXTREME TRAFFIC
reduce server load by moving image and video to a CDN solution
adding more read replicas
introducing queue to process the asynchronous message
Introduce a more robust caching engine you can use caching
redis to reduce write requests
Scale your server if there are still issues
I: MONITORING TOOLS
Tools – AWS CloudWatch, SolarWinds, Nagios, OpsRamp, Kesaya, etc.
Host-Based cpu memory disk space processes
Applications error/success rates service failures and restarts performance and latency of responses resource usage
Network connectivity error rates and packet loss latency bandwidth utilization
I: SWAPPING
A process can be swapped temporarily out of memory to a backing store and then again brought back into the memory to complete its execution. Swapping is done so that other processes get memory for their execution.
I: LAMP
Linux: The operating system (OS) makes up our first layer
Apache: The second layer consists of web server software, typically Apache Web Server
MySQL: Our third layer is where databases live
PHP: The scripting layer consists of PHP and/or other similar web programming languages
I: 3-TIER WEB APP
Presentation tier is deployed to a computing device through a web browser or a web-based application
Application tier the application tier (logic tier) is written in a programming language such as Java and contains the business logic that supports the application’s core functions.
Data tier the data tier consists of a database and a program for managing read and write access to a database.
I: FAULT TOLERANCE
is a form of full hardware redundancy.
Two (or more) systems operate in tandem, mirroring identical applications and executing instructions in lock step with one another.
I: BASTION
Bastion Host treated with special security considerations and connects to a secure zone, but it sits outside of your network security zone. The bastion host is intended to provide access to a private network from external networks such as the public internet.
I: CLUSTER COMPUTING
Cluster computing is the process of sharing the computation tasks among multiple computers and those computers or machines form the cluster.
I: PUPPET
Puppet – is a Configuration Management tool that is used for deploying, configuring and managing servers.
I: CHEF
is an automation tool that provides a way to define infrastructure as code.
I: GPU
GPUs – is a processor that is specially designed to handle intensive graphics rendering tasks, are most commonly used to drive high-quality gaming experiences, producing life-like digital graphics.
I: SECURE ACCESS
Secure remote access is not a single technology, but rather a collection of technologies that together provide the security that organizations need when users are working from home or other remote locations. They include:
Endpoint Security Virtual Private Network (VPN) Zero Trust Network Access (ZTNA) Network access control (NAC) Single sign-on (SSO)
I: SERVER HARDENING
Server hardening best practices
All servers should be established in a secure datacenter
Harden servers before connecting them to the internet or external networks
Avoid installing unnecessary software on a server
Compartmentalize servers with security in mind
Use the principle of least privilege when setting up superuser and administrative roles
I: PAGING
occurs when some part of process is transferred to disk
I: DISASTER RECOVERY
Disaster Recovery (DR) refers to the set of policies and procedures in place to ensure the continuity and recovery of mission critical systems in the event of a disruptive event such as a power outage, flood, or cyberattack
I: JUMP SERVER
is sometimes called a “pivot server” for this reason: once you are logged in, you can “pivot” to the other servers. It is usually security hardened and treated as the single entryway to a server group from within your security zone, or inside the overall network.
I: OS HARDENING
Use a patch management tool to apply OS updates and patches automatically
Remove unnecessary drivers, software, and services
Encrypt local storage
Limit registry and other systems permissions
Log appropriate activity, errors, and warnings
