1. How Do You patch Linux on premises?
- Identify the patches that need to be applied to your Linux system and this can be achieved with the use of the release notes of Linux distribution.
- Then make use of the package manager of Linux distribution to download and install the patches. For some of the flavor, you can use the "apt-get" command for the download and install the patches.
- Once the installation is done, you then test the system to ensure that the patches was applied correctly and that the system can perform optimally.
- The last step will be to monitor the new patches so that the system can remain secure and up-to-date.
2. What Are Steps Taken To Manage Storage On Linux?
- STEP 1: This is when partitions are created on the storage device with tools such as "fdisk", "gdisk" or "parted".
- STEP 2: This is when format the partitions you have created with a file system. This is achieved by running command like "mkfs.ext4 /dev/sda1" where "/dev/sda1" is the partition to format.
- STEP 3: Here, the file system is mounted or attach the file system to a directory in your file system hierarchy using the "mount" command (e.g, mounting partition "/dev/sda1" to a directory such as "/mnt/data". RUN: "mount /dev/sda1 /mnt/data" to achieve this. Additionally, if you want to "Unmount the file system from its mount point, RUN: "umount /mnt/data".
- STEP 4: Tool such as "df" and "du" can be used to monitor disk usage as well as directories and files tat take so much of the disk space.
- STEP 5: This is the stage where the management of the storage devices is vital. Here, tools like "udev" to manage storage devices and this come handy to identify device names, paths, as well as the creation and removal of device links.
3. What Are Different Migration Strategies?:
- Lift and Shift: This strategy requires minimal modification changes to the application code. This is useful in the migration of legacy applications to the cloud.
- Rehosting: This strategy requires minor modifications to the application code and its useful when the operating system of the current environment is the same as the new infrastructure.
- Replatforming: Here, in order to take advantage of the new environment's capabilities, some modifications to the application code are made to improve on the application.
- Refactoring: This requires making significant changes to the application code such as redesigning the whole application architecture or bringing in different services such as API and other event driven solutions cloud offers.
- Rebuilding: This strategy involves rebuilding the application from scratch for the new environment, such as re-architecting and using a completely new programming framework.
- Retiring: This strategy involves retiring workload that is no longer in vogue or relevant to the organization.
4. Clearly Explain Difference Between SG and NACLs Rules?:
- One major difference in terms of rule is the creation of both inbound and outbound rules for NACLs for each traffic flow, as against the creation of only inbound rules for SGs.
- NACLs filter traffic and can control traffic to or from the subnet, while SGs control traffic to or from an instance.
- NACLS = ALLOW/DENY and SG = ALLOW Rules. For NACLs, this means that if a rule is set to "deny," the traffic will be blocked, and if no rule explicitly allows the traffic, it will be denied. For SG, if a rule is set to DENY, automatically both traffic whether inbound or outbound is set to be blocked.
5. What Are The Steps and Process With SSL AND TSL?.
- STEP 1: SSL/TLS handshake is initiated by sending a Client Hello message to the server.
- STEP 2: Then, the Server responds with Hello message.
- STEP 3: The client then verifies the server's SSL/TLS certificate for validity which was issued by a trusted certificate authority.
- STEP 4: Both the client and server agree on a shared encryption key (i.e. a key exchange algorithm, such as RSA).
- STEP 5: Once STEP 4 for encryption key is established, both the client and server can then use the key to encrypt and decrypt all transmitted data available during this session.
- STEP 6: Here, the encrypted data is transmitted between the client and server based on the applicable encryption algorithm they both earlier agreed on.
- STEP 7: Once the data transmission is complete, it can then be terminated. This can be initiated by either the client or server by sending a message called "close_notify"
- STEP 8: Finally, the SSL/TLS handshake is complete, and a secure connection has been established between the client and server, as well as terminated as the case may be.
These are potential interview questions asked. Happy Learning!!😊