DevNet Professional 350-901 DEVCOR Exam Guide
Developing Applications using Cisco Core Platforms and APIs v1.1 (350-901)
1.0 Software Development and Design (20%)
In the domain of Software Development and Design, the focus is on creating applications that are robust, scalable, and maintainable. This area emphasizes the architectural considerations needed when designing distributed applications, distinguishing between front-end, back-end, and the importance of load balancing for efficient resource use and improved application responsiveness. Scalability and modularity are critical in this domain, requiring developers to create designs that not only meet current demands but also accommodate future growth seamlessly. High availability and resiliency are also paramount, especially in environments that span on-premises, hybrid, and cloud setups, ensuring systems remain operational even under adverse conditions. Additionally, the design considerations extend to latency and rate limiting, which are crucial for maintaining a good user experience and system stability under load. Developers are also taught to ensure that applications are easy to maintain and observe, with clear logging and monitoring mechanisms that aid in quick diagnosis and resolution of issues. Advanced version control with Git is another key component, enhancing team collaboration and code management.
Describe distributed applications related to the concepts of front-end, back-end, and load balancing: Explores the architecture of distributed applications, highlighting how the separation of concerns between the user-facing front-end and the data-processing back-end enhances application scalability and performance. Load balancing is discussed as a critical component for distributing client requests efficiently across multiple servers.
Evaluate an application design considering scalability and modularity: Involves analyzing how well an application’s design supports scaling operations and whether its components are modular, allowing for independent updating, scaling, or reuse without affecting other parts of the system.
Evaluate an application design considering high-availability and resiliency: Focuses on the design aspects that ensure an application remains operational even in the event of component failures, including considerations for deploying in on-premises, hybrid, and cloud environments.
Evaluate an application design considering latency and rate limiting: Discusses strategies to minimize delays in processing and responding to user interactions, and how to implement rate limiting to manage the load on the application effectively.
Evaluate an application design and implementation considering maintainability: Considers how the applicationβs design affects the ease with which it can be updated, optimized, and debugged.
Evaluate an application design and implementation considering observability: Covers the inclusion of features in the application design that allow for monitoring and tracking its state and health, which is crucial for ongoing maintenance and troubleshooting.
Diagnose problems with an application given logs related to an event: Involves interpreting log files to pinpoint issues within an application, which is a fundamental skill for identifying and resolving operational problems post-deployment.
Evaluate choice of database types with respect to application requirements: Discusses the selection of an appropriate database system (relational, document, graph, columnar, time series) based on specific application needs and data handling requirements.
Explain architectural patterns: Covers different software architecture styles such as monolithic, service-oriented, microservices, and event-driven, each offering distinct advantages and challenges in application development.
Utilize advanced version control operations with Git: Details more complex Git operations that are essential for managing code changes within a team environment, including merging branches, resolving conflicts, and using commands like
git reset
,git checkout
, andgit revert
.Explain the concepts of release packaging and dependency management: Discusses how applications are prepared for release and how dependencies are managed across different environments to ensure consistency and reliability in deployments.
Construct a sequence diagram that includes API calls: Involves creating visual representations of how operations within an application are structured and how different components interact via API calls, which is critical for understanding and documenting application workflows.
2.0 Using APIs (20%)
Using APIs effectively is central to modern software development, especially in networked environments where integration and interoperability are key. This domain covers robust error handling techniques for REST APIs, crucial for building resilient applications that can gracefully handle issues like timeouts and rate limits. Developers learn to implement control flows that manage unrecoverable errors effectively, preserving application stability and providing clear feedback to users. Optimization of API usage through techniques like HTTP cache controls helps in reducing bandwidth usage and improving the response times of applications. Practical skills such as constructing applications that can handle pagination in REST APIs are also covered, enabling developers to work efficiently with large datasets. Moreover, understanding the OAuth2 authorization framework, especially the three-legged code grant flow, is critical for securing API access in applications that need to act on behalf of users.
Implement robust REST API error handling for time outs and rate limits: Teaches how to make applications more reliable and user-friendly by properly managing common issues that arise when interacting with external APIs, such as handling timeouts and respecting rate limits.
Implement control flow of consumer code for unrecoverable REST API errors: Focuses on developing strategies within application code to gracefully handle errors that cannot be immediately resolved, ensuring the application remains stable and provides useful feedback to the user.
Identify ways to optimize API usage through HTTP cache controls: Discusses methods for reducing the load on APIs and improving application performance by effectively using HTTP caching mechanisms.
Construct an application that consumes a REST API that supports pagination: Involves building an application capable of interacting with APIs that paginate their data, which is important for handling large datasets efficiently.
Describe the steps in the OAuth2 three-legged authorization code grant flow: Outlines the process involved in securing API access using the OAuth2 framework, particularly the method that involves three parties (the user, the application, and the service) to grant access.
3.0 Cisco Platforms (20%)
The Cisco Platforms domain is tailored to leveraging Cisco-specific APIs and tools. Developers learn to interact with various Cisco platforms like Webex, Firepower, Meraki, Intersight, and UCS through their respective APIs to automate tasks and enhance functionality. For instance, using the Webex API for creating chat operations (chatops) integrates real-time communications into workflows, enhancing collaboration. Similarly, API interactions with Cisco Meraki or Firepower can manage network settings or security configurations directly from custom applications. This domain also covers the use of the Cisco DNA Center APIs for network management tasks, such as retrieving wireless network health data, showcasing how Ciscoβs ecosystem can be programmatically controlled to suit specific business needs.
Construct API requests to implement chatops with Webex API: Covers the practical application of Ciscoβs Webex API to integrate real-time communication capabilities into operations workflows, a practice known as chatops.
Construct API requests to create and delete objects using Firepower device management (FDM): Involves using the API for Ciscoβs Firepower management to programmatically manage security policies and objects, enhancing the flexibility and speed of security management.
Construct API requests using the Meraki platform: Teaches how to interact with the Meraki Dashboard APIs to perform tasks like enabling SSIDs and retrieving location data, which are part of managing a network infrastructure.
Construct API calls to retrieve data from Intersight: Focuses on using Ciscoβs Intersight API to pull data from cloud-based infrastructure management services, which aids in remote management and automation.
Construct a Python script using the UCS APIs to provision a new UCS server given a template: Demonstrates how to automate the setup of Ciscoβs Unified Computing System (UCS) servers using Python, reducing the time and potential for error in server provisioning.
Construct a Python script using the Cisco DNA center APIs to retrieve and display wireless health information: Details scripting interactions with Cisco DNA Center to monitor and report on the health of a wireless network, which is crucial for maintaining network performance and troubleshooting issues.
Describe the capabilities of AppDynamics when instrumenting an application: Discusses how Ciscoβs AppDynamics can be used to monitor, analyze, and optimize complex application environments in real-time, providing insights into performance and user experiences.
Describe steps to build a custom dashboard to present data collected from Cisco APIs: Involves creating a user interface that can display data gathered from various Cisco APIs, allowing for better visualization and easier management of the information.
4.0 Application Deployment and Security (20%)
Application Deployment and Security focuses on the methodologies and technologies involved in deploying applications securely and efficiently. This includes diagnosing and resolving CI/CD pipeline failures, a crucial skill for maintaining continuous integration and delivery processes. The integration of applications into containerized environments using Docker and Kubernetes demonstrates the practical application of modern deployment techniques. Security is also a major focus, with discussions on continuous testing, static code analysis, and the application of security principles like the “12-factor app” method. Moreover, developers learn about implementing security measures against common vulnerabilities identified by OWASP and managing SSL/TLS configurations to secure application data during transit.
Diagnose a CI/CD pipeline failure: Teaches how to identify and resolve issues in continuous integration and continuous deployment processes, such as incompatible component versions or failed tests, which are critical for maintaining a smooth and efficient deployment pipeline.
Integrate an application into a prebuilt CD environment leveraging Docker and Kubernetes: Focuses on the practical skills needed to deploy applications within modern containerized environments, using tools like Docker for containerization and Kubernetes for orchestration.
Describe the benefits of continuous testing and static code analysis in a CI pipeline: Highlights the importance of integrating testing and code quality checks into the CI pipeline to catch issues early, improving the quality and security of the software.
Utilize Docker to containerize an application: Discusses the process of packaging an application with all of its dependencies into a Docker container, which simplifies deployment and ensures consistency across environments.
Describe the tenets of the “12-factor app”: Explains a methodology for building software-as-a-service apps that are scalable and maintainable in the modern era, emphasizing practices like codebase, dependencies, configuration, backing services, build, release, run, and more.
Describe an effective logging strategy for an application: Outlines best practices for application logging, helping to ensure that logs are comprehensive, useful, and secure.
Explain data privacy concerns related to storage and transmission of data: Covers the critical aspects of protecting sensitive data both at rest and in transit, addressing legal and regulatory compliance issues.
Identify the secret storage approach relevant to a given scenario: Discusses methods for securely storing sensitive information like passwords and API keys, using technologies that prevent unauthorized access.
Configure application specific SSL certificates: Involves setting up SSL/TLS certificates for applications to ensure secure data transmission over the internet.
Implement mitigation strategies for OWASP threats: Details approaches to defend against common web application vulnerabilities identified by the Open Web Application Security Project, such as cross-site scripting (XSS), cross-site request forgery (CSRF), and SQL injection.
Describe how end-to-end encryption principles apply to APIs: Explains the importance of using encryption to secure data from the point it leaves the originating system to when it arrives at the destination, particularly in API communications.
5.0 Infrastructure and Automation (20%)
Finally, the Infrastructure and Automation domain encapsulates the use of automation tools and protocols to manage network and system infrastructure efficiently. This includes the utilization of model-driven telemetry for real-time data monitoring and analysis, which is becoming increasingly important in large-scale networks. Developers also gain proficiency in using RESTCONF for network configuration tasks, and tools like Ansible and Terraform for automating infrastructure provisioning and management. The ability to host applications directly on Cisco devices, such as Catalyst 9000 switches or Cisco IOx-enabled devices, is also explored, highlighting the versatility and integration capabilities of Ciscoβs hardware with software solutions.
Explain considerations of model-driven telemetry: Discusses how to implement telemetry in a way that allows for efficient data consumption and storage, providing timely insights into network operations without overwhelming the storage solutions.
Utilize RESTCONF to configure a network device: Teaches the practical application of RESTCONF, a protocol used for configuring network devices, focusing on tasks like setting up interfaces, static routes, and VLANs.
Construct a workflow to configure network parameters: Demonstrates how to use automation tools like Ansible and Terraform to create repeatable and reliable processes for configuring network devices and services.
Identify a configuration management solution to achieve technical and business requirements: Discusses selecting a configuration management tool that aligns with both technical needs and business goals, ensuring efficient and compliant operations.
Describe how to host an application on a network device: Covers the capabilities of network devices like Ciscoβs Catalyst 9000 and Cisco IOx-enabled devices to host applications directly, allowing for edge computing solutions and reduced latency.
Responses