RH302: Red Hat Certification Lab Exam

RH302: RHCE Certification Lab Exam

About This Exam:

Red Hat Certified Engineer (RHCE) is a performance-based test that measures actual competency on live systems. Called the "crown jewel of Linux certifications," RHCE proves an individual's ability to configure networking services and security on servers running a Red Hat OS. RHCE was recently named the hottest certification in all of IT by CertCities.com. 

The certification exam consists of one part conducted in a single day session. The exam is performance-based, meaning that candidates must perform tasks on a live system, rather than answering questions about how one might perform those tasks. 

The RHCE Exam consist of one section lasting 3.5 hours. 

In order to pass the Red Hat Certified Engineer exam, candidates must meet all of the following requirements: 

70 percent or more on the RHCT-level skills.

70 percent or more on the RHCE-level skills.

These last two requirements enable RHCEs to demonstrate that they possess both RHCT-level and RHCE-level skills, as well as enabling a person who only has RHCT level skills to earn RHCT if they pass the required competencies. 

70-680: Windows 7 and Configuring

70-680: Windows 7 and Configuring

About This Exam:

Candidates for this exam operate in computing environments that use Microsoft Windows 7 as a desktop operating system in an enterprise environment. Candidates should have at least one year of experience in the IT field, as well as experience implementing and administering any Windows client operating system in a networked environment. 

Exam Objectives:

Outlined below are the prerequisites for 70-680: 

Installing, Upgrading, and Migrating to Windows 7 (14 percent)

• Perform a clean installation.
• Upgrade to Windows 7 from previous versions of Windows.
• Migrate user profiles.

Deploying Windows 7 (13 percent)

• Capture a system image.
• Prepare a system image for deployment.
• Deploy a system image.
• Configure a VHD.

70-412: Configuring Advanced Windows Server 2012 Services

70-412: Configuring Advanced Windows Server 2012 Services

About This Exam:

This exam is part three of a series of three exams that test the skills and knowledge necessary to administer a Windows Server 2012 infrastructure in an enterprise environment. Passing this exam validates a candidate’s ability to perform the advanced configuring tasks required to deploy, manage, and maintain a Windows Server 2012 infrastructure, such as fault tolerance, certificate services, and identity federation. Passing this exam along with the other two exams confirms that a candidate has the skills and knowledge necessary for implementing, managing, maintaining, and provisioning services and infrastructure in a Windows Server 2012 environment. 

Exam Objectives:

Outlined below are the skills being measured on the 70-412 exam: 

Configure and Manage High Availability (15-20%)

• Configure Network Load Balancing (NLB): Install NLB nodes; configure NLB prerequisites; configure affinity; configure port rules; configure cluster operation mode; upgrade an NLB cluster.
• Configure failover clustering: Configure Quorum; configure cluster networking; restore single node or cluster configuration; configure cluster storage; implement Cluster Aware Updating; upgrade a cluster.
• Manage failover clustering roles: Configure role-specific settings including continuously available shares; configure VM monitoring; configure failover and preference settings.
• Manage Virtual Machine (VM) movement: Perform Live Migration; perform quick migration; perform storage migration; import, export, and copy VMs; migrate from other platforms (P2V and V2V).

70-411: Administering Windows Server 2012

70-411: Administering Windows Server 2012

About This Exam:

This exam is part two of a series of three exams that test the skills and knowledge necessary to administer a Windows Server 2012 infrastructure in an enterprise environment. Passing this exam validates a candidate’s ability to administer the tasks required to maintain a Windows Server 2012 infrastructure, such as user and group management, network access, and data security. Passing this exam along with the other two exams confirms that a candidate has the skills and knowledge necessary for implementing, managing, maintaining, and provisioning services and infrastructure in a Windows Server 2012 environment. 

Exam Objectives:

Outlined below are the skills being measured on the 70-411 exam: 

Deploy, Manage, and Maintain Servers (15-20%)

• Deploy and manage server images: Install the Windows Deployment Services (WDS) role; configure and manage boot, install, and discover images; update images with patches, hotfixes, and drivers; install features for offline images
• Implement patch management: Install and configure the Windows Server Update Services (WSUS) role; configure group policies for updates; configure client-side targeting; configure WSUS synchronization; configure WSUS groups
• Monitor servers: Configure Data Collector Sets (DCS); configure alerts; monitor real-time performance; monitor virtual machines (VMs); monitor events; configure event subscriptions; configure network monitoring.

70-410: Windows Server 2012

70-410: Installing and Configuring Windows Server 2012 About This Exam: This exam is part one of a series of three exams that test the skills and knowledge necessary to implement a core Windows Server 2012 infrastructure in an existing enterprise environment. Passing this exam validates a candidate’s ability to implement and configure Windows Server 2012 core services, such as Active Directory and the networking services. Passing this exam along with the other two exams confirms that a candidate has the skills and knowledge necessary for implementing, managing, maintaining, and provisioning services and infrastructure in a Windows Server 2012 environment.

Exam Objectives:

Outlined below are the skills being measured on the 70-410 exam: 

Install and Configure Servers (15-20%)

• Install Servers: Plan for a server installation; plan for server roles; plan for a server upgrade; install Server Core; optimize resource utilization by using Features on Demand; migrate roles from previous versions of Windows Server
• Configure servers: Configure Server Core; delegate administration; add and remove features in offline images; deploy roles on remote servers; convert Server Core to/from full GUI; configure services; configure NIC teaming
• Configure local storage: Design storage spaces; configure basic and dynamic disks; configure MBR and GPT disks; manage volumes; create and mount virtual hard disks (VHDs); configure storage pools and disk pools.

What is Security?

Security:

Access Lists allow us to implement some level of security on the network by inspecting and filtering traffic as it enters or exits an interface. Each router can have many access lists of the same or different types. However, only one can be applied in each direction of an interface at a time (keep in mind that inbound and outbound traffic is determined from the router's perspective). The two major types of access lists that deserve special attention are the IP Access Lists and the IPX Access Lists. 

Standard IP access lists can be configured to permit or deny passage through a router based on the source host's IP address. Extended IP access list uses destination address, IP protocol and port number to extend the filtering capabilities. Access can be configured to be judged based on a specific destination address or range of addresses, on an IP protocol such as TCP or UDP, or on port information such as http, ftp, telnet or snmp. We use access list number to differentiate the type of access list. In standard IP access lists we have numbers from 1 through 99, and in extended IP access lists we have numbers from 100 through 199: 

1-99	Standard IP
100-199	Extended IP
200-299	Protocol type-code
300-399	DECnet
600-699	Appletalk
700-799	Standard 48-bit MAC Address
800-899	Standard IPX
900-999	Extended IPX
1000-1099	IPX SAP
1100-1199	Extended 48-bit MAC Address
1200-1299	IPX Summary Address

Lan Protocols

Lan Protocols:

The following sections will introduce the core LAN protocols that you will need to know for the exam.

TCP/IP:

Every IP address can be broken down into 2 parts, the Network ID(netid) and the Host ID(hostid). All hosts on the same network must have the same netid. Each of these hosts must have a hostid that is unique in relation to the netid. IP addresses are divided into 4 octets with each having a maximum value of 255. We view IP addresses in decimal notation such as 124.35.62.181, but it is actually utilized as binary data so one must be able to convert addresses back and forth. 

Virtual LANs

VLANs:

Virtual LANs

A VLAN is a logical grouping of devices or users. These devices or users can be grouped by function, department application and so on, regardless of their physical segment location. VLAN configuration is done at the switch via switching fabric. A VLAN can be used to reduce collisions by separating broadcast domains within the switch. In other words, VLANs create separate broadcast domains in a switched network. Frame tagging at layer 2 does this. Frame tagging is a gaining recognition as the standard for implementing VLANs, and is recognized by IEEE 802.1q. Frame tagging uniquely assigns a VLAN ID to each frame. This identifier is understood and examined by each switch prior to any broadcasts or transmissions to other switches, routers, and end-stations devices. When the frame exits the network backbone, the switch removes the identifier before the frame is transmitted to the target end station. This effectively creates an environment with fewer collisions. The key to this is that ports in a VLAN share broadcasts, while ports not in that VLAN cannot share the broadcasts. Thus users in the same physical location can be members of different VLANs. We can plug existing hubs into a switch port and assign them a VLAN of their own to segregates users on the hubs. Frame filtering examines particular information about each frame. A filtering table is developed for each switch; this provides a high level of administrative control because it can examine many attributes of each frame. Frame filtering is slowly being erased and replaced by the frame tagging method. 

Bridging/Switching

Bridging/Switching:

Bridge -

 A layer 2 device used to connect different networks types or networks of the same type. It maps the Ethernet addresses of the nodes residing on each segment and allows only the necessary traffic to pass through the bridge. Packet destined to the same segment is dropped. This "store-and-forward" mechanism inspects the whole Ethernet packet before making a decision. Unfortunately, it cannot filter out broadcast traffic. Also, it introduces a 20 to 30 percent latency when processing the frame. Only 2 networks can be linked with a bridge.

Switch -

 Switches are layer 2 devices that can link up four, six, eight or even more networks. Switches are the only devices that allow for microsegmentation. Cut-through switches run faster because when a packet comes in, it forwards it right after looking at the destination address only. A store-and-forward switch inspects the entire packet before forwarding. Most switches cannot stop broadcast traffic. Switches are considered dedicated data link device because they are close to a 100 % of the bandwidth. While bridging does most of its work by hardware, switches use fabric/software to handle most of its work. 

Store-and-forward - The entire frame is received before any forwarding takes place. The destination and/or the source addresses are read and filters are applied before the frame is forwarded. Latency occurs while the frame is being received; the latency is greater with larger frames because the entire frame takes longer to read. Error detection is high because of the time available to the switch to check for errors while waiting for the entire frame to be received. This method discards frames smaller than 64 bytes (runts) and frames larger than 1518 bytes (giants).

Network Devices

Network Devices:

In a typical LAN, there are various types of network devices available as outlined below.

• Hub
•  Repeat signals received on each port by broadcasting to all the other connected ports.
• Repeaters
•  Used to connect two or more Ethernet segments of any media type, and to provide signal amplification for a segment to be extended. In a network that uses repeater, all members are contending for transmission of data onto a single network. We like to call this single network a collision domain. Effectively, every user can only enjoy a percentage of the available bandwidth. Ethernet is subject to the "5-4-3" rule regarding repeater placement, meaning we can only have five segments connected using four repeaters with only three segments capable of accommodating hosts.
• Bridge
•  A layer 2 device used to connect different networks types or networks of the same type. It maps the Ethernet addresses of the nodes residing on each segment and allows only the necessary traffic to pass through the bridge. Packet destined to the same segment is dropped. This "store-and-forward" mechanism inspects the whole Ethernet packet before making a decision. Unfortunately, it cannot filter out broadcast traffic. Also, it introduces a 20 to 30 percent latency when processing the frame. Only 2 networks can be linked with a bridge.
• Switch
•  Can link up four, six, eight or even more networks. Cut-through switches run faster because when a packet comes in, it forwards it right after looking at the destination address only. A store-and-forward switch inspects the entire packet before forwarding. Most switches cannot stop broadcast traffic. Switches are layer 2 devices.
• Routers
•  Can filter out network traffic also. However, they filter based on the protocol addresses defined in OSI layer 3(the network layer), not based on the Ethernet packet addresses. Note that protocols must be routable in order to pass through the routers. A router can determine the most efficient path for a packet to take and send packets around failed segments.

LAN Design

LAN Design:

Ethernet

When we talk about a LAN, Ethernet is the most popular physical layer LAN technology today. Its standard is defined by the Institute for Electrical and Electronic Engineers as IEEE Standard 802.3, but was originally created by Digital Intel Xerox (DIX). According to IEEE, information for configuring an Ethernet as well as specifying how elements in an Ethernet network interact with one another is clearly defined in 802.3. 

For half-duplex Ethernet 10BaseT topologies, data transmissions occur in one direction at a time, leading to frequent collisions and data retransmission. In contrast, full-duplex devices use separate circuits for transmitting and receiving data and as a result, collisions are largely avoided. A collision is when two nodes are trying to send data at the same time. On an Ethernet network, the node will stop sending when it detects a collision, and will wait for a random amount of time before attempting to resend, known as a jam signal. Also, with full-duplex transmissions the available bandwidth is effectively doubled, as we are using both directions simultaneously. You MUST remember: to enjoy full-duplex transmission, we need a switch port, not a hub, and NICs that are capable of handling full duplex. Ethernet’s media access control method is called Carrier sense multiple access with collision dectection (CSMA/CD). Because of Ethernets collision habits it is also known as the “best effort delivery system.” Ethernet cannot carry data over 1518 bytes, anything over that is broken down into “travel size packets.” 

 

Routing Protocols

Routing Protocols

• Classful routing protocols: RIP v1, IGRP are examples of classful routing protocols. It is important to know that classful routing protocols do not exchange subnet information during routing information exchanges. The summarization is always done automatically at major network boundaries.
• Classless routing protocols: RIP v2, EIGRP, OSPF, BGP v4, and IS-IS are examples of classless routing protocols. In classless routing protocols, subnet information is exchanged during routing updates. This results in more efficient utilization of IP addresses. The summarization in classless networks is manually controlled.
• Maximum hop count supported by RIP is 15.
• Routed and Routing Protocols: Routing protocols job is to maintain routing tables and route packets appropriately. Examples of routing protocols are RIP, IGRP, EIGRP, OSPF. Routers can support multiple independent routing protocols and can update and maintain routing tables for each protocol independently.
• Routed protocols are used to transport user traffic from source node to destination node. Examples of routed protocols are IP, IPX, and AppleTalk.
• There are broadly three types of routing protocols: 
• Distance Vector (Number of hops) - Distance vector routing determines the direction (vector) and distance to any link in the internetwork. Typically, the smaller the metric, the better the path. EX: Examples of distance vector protocols are RIP and IGRP. Distance vector routing is useful for smaller networks. The limitation is that any route which is greater than 15 hops is considered unreachable. Distance vector protocols listen to second hand information to learn routing tables whereas, Link state protocols build routing tables from first hand information. Routers with distance vector protocols send its entire routing table to each of its adjacent neighbors.                                                                                    Link State Routing: Link State algorithms are also known as Shortest Path First (SPF) algorithms. SPF generates the exact topology of the entire network for route computation, by listening to the first hand information. Link State protocols take bandwidth into account using a cost metric. Link State protocols only send updates when a change occurs, which makes them more efficient for larger networks. Bandwidth and delay are the most widely used metrics when using Link-State protocols. EX: OSPF and NLSP.

OSI Model

OSI Model

The 7 layers of OSI model are:

1. The Application Layer:

 Application layer is responsible for identifying and establishing the availability of desired communication partner and verifying sufficient resources exist for communication. Some of the important application layer protocols are: WWW, SMTP, FTP, etc.

2. The Presentation Layer:

 This layer is responsible for presenting the data in standard formats. This layer is responsible for data compression, decompression, encryption, and decryption. Some Presentation Layer standards are: JPEG, MPEG, MIDI, PICT, Quick Time, TIFF.

3. The Session Layer:

 Session Layer is responsible for co-ordinating communication between systems/nodes. The following are some of the session layer protocols and interfaces: a) Network File System (NFS), SQL, RPC (Remote Procedure Call), X-Windows, ASP, DNA SCP.