I recently took the AZ-900: Microsoft Azure Fundamentals exam bringing me my third fundamental cloud certification after CompTIA Cloud+ and AWS Cloud Practitioner. Not a bragging moment; I mean, they’re entry-level exams after all.
I am, however, advocating for one certification over the rest. Not to completely derail us, but the AWS Cloud Practitioner is by far the way to go out of the three exams. The complimentary exam resources and their content are superior to the other two. Does this make me an AWS fanboy? Unsure. But the content was logically laid out, the speakers and visual aids were excellent, and I learned a lot. I haven’t taken the GCP test yet, so that could change things for me, but as of today, I’d recommend your first cloud certification be the AWS Cloud Practitioner. I digress; let us move back to our topic.
The AZ-900 exam is the entry-level exam for Azure, Microsoft Cloud Computing service, with no prerequisite.
You will need to understand Azure-specific services from Data Bases like Cosmos DB, Analytics like Azure Synapse, Networking, and Storage. You can find a complete list of skills you will be measured against here.
Through the course material you will learn and rehears Azure services reasonably quickly. If you have the fundamental cloud concepts down Azure Specific services, become table-stakes.
If you aren’t familiar with Azure services or cloud fundamentals, rest assured that you can learn these topics in the free course they provide. The content alone is enough to pass the exam. However, I found it difficult to follow and found myself lacking the motivation to complete the course. It took me about ten hours to finish the content with diligent note-taking. I did like that there were hands-on labs or sandboxes as they refer to it throughout, but it requires a phone number and a credit card for identification purposes.
There’s a little XP tracker in the top right-hand corner of the course you earn experience points (XP) after completing a section or a sandbox lab. I found myself wanting to drive up XP like a video game. It was a stimulating reinforcement measure for sure.
Pearson VUE provides the test for USD99 but what’s pretty cool and little known is that you could get a discount on the exam or even have it completely free depending on your situation. Even if you don’t get the test entirely free for a limited time, Microsoft offers job seekers impacted by COVID-19 and students for USD15. You can look for the exam discounts under your certification dashboard. Choose the MCP Home tab and after signing in, navigate to your profile. You will see ‘Exam Discount’ on the left. Be sure to check!
There were a lot of announcements at Cisco Live 2021 this year! Attached you will find information that is creating a lot of conversation. Please let me know if you want to dive deeper into these announcements. The one-pager is free for you to download and share.
The AWS Certified Cloud Practioner Exam (CLF-C01) is an entry-level exam, 65 questions of multiple-choice, multiple response questions. The test is intended for individuals who have basic knowledge of the AWS platform and the available services, conceptual AWS cloud architectural principles, security, common use cases, and compliance.
The exam includes four domains; Cloud Concepts, Security and Compliance, Technology, and Billing and Pricing. Each section of the domain has a specific weighting, so some sections have more questions than others.
|Domain||% of Examination|
|Domain 1: Cloud Concepts||26%|
|Domain 2: Security and Compliance||25%|
|Domain 3: Technology||33%|
|Domain 4: Billing and Pricing||16%|
I recently sat and passed the AWS Cloud Practioner Exam and wanted to provide an overview of the exam, share with you my study resources and the outlook on the certification.
What to expect
The exam’s primary focus will be on identifying the AWS core services like EC2, connection methods like AWS Direct Connect, EBS, S3 and S3 classes, CloudWatch, Trusted Advisor. The previous isn’t a comprehensive list but indeed services you should know. You will be tested on your understanding and identifying AWS-specific services. It would be best to understand how they work at a high level rather than understanding how to configure or deploy the services. Although, this would be an added value if you did.
You will want to know the advantages of cloud computing the way AWS defines it. AWS defines six advantages of cloud computing:
- Trade upfront expenses for variable expenses
- Stop spending money to run and maintain data centers
- Stop guessing capacity
- Benefit from massive economies of scale
- Increase speed and agility
- Go global in minutes
Lastly, I recommend understanding the shared responsibility model.
The shared responsibility model divides into customer responsibilities (commonly referred to as “security in the cloud”) and AWS responsibilities (commonly referred to as “security of the cloud”).
You can think of this model as being similar to the division of responsibilities between a homeowner and a homebuilder. The builder (AWS) is responsible for constructing your house and ensuring that it is solidly built. As the homeowner (the customer), it is your responsibility to secure everything in the house by ensuring that the doors are closed and locked.
To help you prepare for AWS exams, AWS has a training and certification section. Fortunately, the training for the AWS practitioner exam is free, and it’s fantastic. The AWS Cloud Practitioner Essentials course is roughly six hours if you read and watch the videos without taking notes. It would be best if you had an Amazon.com account as it is required to access the material. With note-taking, it took me about 20 hours to complete the course.
The video content is incredible. It offers a video transcript so that you don’t have to constantly rewind the video as you take your notes because of something you’ve missed.
Although you can pass the exam with this resource alone, I recommend David Tucker’s course, “Understanding AWS Core Services” on Pluralsight. I like this course because it solidifies your understanding of the services exposed during the AWS Cloud Practitioner Essentials training. It also has a section for you to try practice questions to gauge your readiness. I would do this after completing the AWS training material.
Outlook on CLF-C01
Today’s applications use cloud resources to provide the best in bread user experience, data quality, and high-availability. For the same benefits that the applications leverage the cloud, so do organizations and enterprises. It’s essential for us as engineers to design well-architected networks both on-prem and in the cloud. The skills obtained from working through the AWS Cloud Practioner Exam won’t make you a cloud architect alone. However, it will enable you to be comfortable speaking on cloud-specific technologies, why they exist, and some of the benefits over traditional on-premise technology.
AWS Cloud practitioner provides a tremendous foundational approach to cloud and AWS-specific services and products. It is a test that I recommend to any engineer.
Certification:. (2005). Retrieved March 31, 2021, from https://aws.amazon.com/certification/certified-cloud-practitioner/
Aws training and certification. (n.d.). Retrieved March 31, 2021, from https://www.aws.training/Details/eLearning?id=60697
Tucker, D. (2021, February 04). Understanding AWS core services. Retrieved March 31, 2021, from https://www.pluralsight.com/courses/understanding-aws-core-services
- Cisco Wireless 3504 Controller -> Catalyst Wireless 9800-L / 9800-CL Series Controllers / Embedded Wireless Controller on Access Points (EWC on AP)
- Cisco Wireless 5520 Controller -> Catalyst Wireless 9800-40 / 9800-CL Series Controllers
- Cisco Wireless 8540 Controller -> Catalyst Wireless 9800-80 / 9800-CL Series Controllers
- Cisco Wireless Virtual Controller -> Catalyst Wireless 9800-CL Series Controllers
- Cisco ASA5506 with ASA software -> Firepower 1000
- Cisco ASA5512-X & ASA 5515-X -> 5512-X with Firepower & 5515-X with Firepower
- Cisco ASA5508 & ASA5516 -> Firepower 1000
- Cisco ASA5525, ASA5545 & ASA5555 -> Firepower 2100
- Cisco ASA5585-X Adaptive Security Appliance -> Firepower 4100
- Cisco ASA5585-X with FirePOWER Services Modules -> Firepower 4100
- Cisco Catalyst 2960X/XR (Exclude PSQ fanless) -> Catalyst 9200L
- Cisco Catalyst 2960L/P -> Catalyst 1000
- Cisco Catalyst 3650 (Exclude 3650 Mini) -> Catalyst 9300L
- Cisco 4500E – SUP9E -> Catalyst 9400
Does anyone else feel like they need a Ph.D. in Cisco licensing?! Good news is that there are some changes coming to help make our lives easier.
Most of you are likely familiar with Smart Licensing. However, you can go here if you need more information. During Cisco’s transition to subscription-based licenses, Smart Licensing (SL) was introduced. Cisco believed Smart Licensing would streamline the way customers activate and manage Cisco licenses across the organization. Transitioning from the traditional PAK based licensing method to SL wasn’t the only goal for Cisco. Amongst others, it served as a way to combat the grey market gear. The thought was that upon purchasing a product from Cisco, a Smart Account would be associated with the order, which in return would entitle the organization to their licenses, products, and services.
A Smart Account is hierarchical and serves as the top-level domain for the organization. You can further organize your Smart Account into sub-accounts, known as “Virtual Accounts.” It is very much structured, like a domain. A “DEFAULT” Virtual Account serves as your catch-all bucket and is persistent and can’t change.
After Cisco launched the new licensing model, they found that the customers purchasing processes became complicated, increased their operational overhead, and challenged their security practices. Therefore, Cisco took this feedback and decided they needed to evolve SL to be less detrimental.
You can find the current list of Smart License enabled products here.
Introducing Smart Licensing Using Policy
Starting with IOS-XE 17.3.2/17.4.1 all products running these versions of the software will only support Smart Licensing Using Policy. These currently include.
- Cisco Catalyst 9000 series switches.
- The routing platforms such as the ASR1K, ISR1K, ISR4K.
- The Next Generation virtual routers starting with Polaris IOS-XE release 17.4.1
- Cisco Catalyst 9800 Series Wireless Controllers and APs.
- Internet of Things (IoT) Next Generation platforms such as Industrial Router IR 1101, Industrial Ethernet IE
- 3200/3300/3400 and any Next Gen IoT products will also adopt Smart Licensing Using Policy.
- Collaboration products; CUBE, SRST, and CME with their November release.
With Smart Licensing Using Policy you can expect:
- The product will not boot in evaluation-mode (see screen shots below)
- per product software registration is not required
- And on-going communication every 30 days with Cisco isn’t needed.
Registering a device before use and on-going communication is going away. However, reporting to Cisco may still be a pain point. The good news? Reporting is only required if there is a change in software level for Perpetual or Subscription. Changing software levels doesn’t happen too frequently, so it may not be too big of an issue.
For example, if you purchase a Catalyst 9120 access point with DNA Essentials from the factory and 30 days later, you realize you need EasyQoS. You’d have to change to DNA Advantage, which means you now need to report this change to Cisco.
This change would need to be reported within 90 days to Cisco.
What happens if you don’t? Most of the products will turn into a nag box, sending out syslog/alarm notifications. However, you should review the enforcement rules specific to the particular device to avoid potential interruptions.
You can find the enforcement rules per product here.
You can report to Cisco in a couple of different ways.
1. New reporting utility called Cisco Smart Licensing Utility (CSLU): which is a small Windows application that can be configured to send the data to Cisco in with a push or pull operation.
2. Cisco DNA Center controller with Cisco Smart Licensing Utility (CSLU): Cisco DNA Center has connectivity to Cisco Smart Software Manager (CSSM). Periodically, exchange information with Cisco to keep in sync with CSSM.
3. Offline: where the data is taken off the device onto a storage and then uploaded into CSSM.
In the end, not having to register a product before makes sense but reporting may be still be cumbersome. I’m thinking theres a way you could script this with Python.
Here’s a screen shot of pre IOS-XE 17.3.2 and post IOS-XE 17.3.2.
Smart Software Licensing Overview. (2020, November 26). Retrieved from https://www.cisco.com/c/en/us/products/software/smart-accounts/software-licensing.html
Cisco DNA Software Subscription Matrix for Wireless. (2020, November 17). Retrieved from https://www.cisco.com/c/m/en_us/products/software/dna-subscription-wireless/en-sw-sub-matrix-wireless.html?oid=porew018984
(n.d.). Retrieved from https://www.cisco.com/c/dam/en/us/products/collateral/software/smart-accounts/smart-licensing-feature-roadmap-by-pf-external-v20201102.xlsx
(n.d.). Retrieved from https://software.cisco.com/download/home/286285506/type/286327971/release/1.0.0-2