Coursera與Google的新課程後記－ Google IT Support Professional Certificate

這星期剛完成了Coursera上的 「Google IT Support Professional Certificate」，由 6課組成的專業證書。 https://www.coursera.org/specializations/google-it-support

以前在Coursera都是用「Audit」旁聽的制度自學，自從Coursera的旁聽制度變得不能交功課甚至打開功課之後，就也沒有在這平台上課了（因為不實實在在地練習的話，只看影片是很難學得好的。）。 忘了當初是什麼文章的介紹而留意到了這個課程了，首先當然是留意到由 Google 準備的 IT 課程應該有質素保證吧。然後看到按月收費的模式，心想先慢慢地旁聽自學，之後才加入課程做功課，應該可以一個月付款期內完成功課吧，那樣就只是$49美元，OK啦。（之後如來實際上還有7天免費期，之後才開始收費。)於是開始了這個Coursera 上的 「Professional Certificate」。 今次也是除了坐定定在電腦看之外，更主要是靠平時交通時間的手機，和1.25 - 1.5倍速的功能，還有作為靠閱讀吸收的人，有時看講稿的文字比慢慢聽片快。最終大概是前前後後用了約一個月時間。而功課大約個多星期完成，剛剛過了免費期T_T，不過就當少少支持吧。

By the way，課程本身的介紹是這樣：

This six-course certificate, developed exclusively by Google, includes innovative curriculum designed to prepare you for an entry-level role in IT support. A job in IT can mean in-person or remote help desk work, either in a small business or at a global company, like Google. Whether you’ve been tinkering with IT or are completely new to the field, you’ve come to the right place.
....
If you dedicate 8-10 hours a week to the courses, you can complete the certificate in about eight months. You can also skip through any content that you might already know and speed ahead to the graded assessments.

第一課，可以是整個系列的入門。基本的內容包括二進制編碼、電腦的組成硬件、安裝作業系統、網絡是什麼回事、軟件的管理、和IT解難時技巧等。有些簡單的內容如電腦硬件的組成等，大概會一般有興趣的人都會知道，但本事就是講得比較跟得上新的發展。基本上每個星期的內容都會是後面課程的入門，或首要的知識。例如Week 1 的簡介內有關電腦的歷史發展、資訊的編碼等，配合 Networking 內介紹的硬件、術語，會是Course 2 － Networking的基礎，讓之後可以更深入該話題。

Course 1： Technical Support Fundamentals
Week 1 - Introduction to IT
Week 2 - Hardware
Week 3 - Operating System
Week 4 - Networking
Week 5 - Software
Week 6 - Troubleshooting


第二課，主要根據一個 5 層的網絡通訊模型。有點像Wikipedia中的7層OSI模型，只是 Application Layer 總括了OSI模型 中的 Session、Presentation、Application Layer。一次通訊如何通過這5個層級的連結去達成資料傳輸。DNS 服務和現在嘗試架站的知識有關，DCHP 的運作，以至現在家用市場才零星有起步發展的 NAT 的介紹。

Course 2： The Bits and Bytes of Computer Networking
Week 1 - Introduction to Networking
Week 2 - The Network Layer
Week 3 - The Transport and Application Layers
Week 4 - Networking Services
Week 5 - Connecting to the Internet
Week 6 - Troubleshooting and the Future of Networking

第三課，特點是開始引入 Windows 的 Powershell 和 Linux 的 Bash shell。Linux 方面當然預設了作為IT Support 是在Bash Shell使用Linux的。 而服務的用家多數是用Windows，Windows方面除了預設的介面工具外，也會提及如何用powershell去做到以下主題的管理。

Course 3：Operating Systems and You: Becoming a Power User
Week 1 - Navigating the System
Week 2 - Users and Permissions
Week 3 - Package and Software Management
Week 4 - Filesystems
Week 5 - Process Management
Week 6 - Operating Systems in Practice


第四課： 作為一個 System Admin會做的事，可以比較為平日在公司需要一般 IT Support 的事情。例如用到Remote Access；網絡相關的FTP、DNS、DHCP；原來平日所見的 AD Account是因為 Active Directory 這套 Windows 上管理使用者的目綠服務；有時會見到與LDAP相關的 DN(Distinguished Name)、CN(Common Name), OU(Organizational Unit ), DC(Domain Component)，不過多數時候我們用家根本不會留意吧。 IT 的Disaster Recovery Plan 如何和我們定期要合作做的測試有關。

Courser 4：System Administration and IT Infrastructure Services
Week 1 - What is System Administration?
Week 2 - Network and Infrastructure Services
Week 3 - Software and Platform Services
Week 4 - Directory Services
Week 5 - Data Recovery & Backups
Week 6 - Final Project


第五課： 特點是開始用到 Programming Language - Ruby。前半的課程都是從教授Ruby的使用，到模擬如何在事情發生後在 Log file 中找尋相關的日誌資料。後半包括 Git 的Version Control 和作為管理改變設定時用的工具。還有最後的Monitoring 包括出事前對系統的監察，到事後的Incident Reporting，對一個不是IT的營運部門，其實也會面對的課題。

Course 5：IT Automation: It’s not that scary!
Week 1 - Intro to Automation
Week 2 - System Programming
Week 3 - Regex and Text Processing
Week 4 - Version Control and Testing
Week 5 - Configuration and Automation at Scale
Week 6 - Monitoring
Week 7 - Cumulative Project


第六課： 比較高層次上討論安全問題，功課也是一些Design Specification / Requirement的文件。之前的 Network、Directory Service 也會帶到這一課。從開始時是攻擊手法的分類、和密碼學的簡單介紹。到後面實際相關的是 Authentication、Authorization、Accounting (驗證、授權、帳號管理)；從網絡安全的建構到無線傳輸的 WPA2、802.1X with EAP-TLS；設立保安和私隱政策。綜觀而言像風險部門需要留意的話題。

Course 6：IT Security: Defense against the digital dark arts
Week 1 - Understanding Security Threats
Week 2 - Pelcgbybtl (Cryptology)
Week 3 - AAA Security (Not Roadside Assistance)
Week 4 - Securing Your Networks
Week 5 - Defense in Depth
Week 6 - Creating a Company Culture for Security



雖然暫時對Ruby的興趣不大，但因課堂需求而接觸到，做完了就保留一個記錄吧。一份Ruby功課的修改版 apache_log_analyzer.rb，同樣可以用作Linux Web Server - Apache 的紀錄查找，對象是 /var/log/apache2/access.log

#!/usr/bin/ruby
#
# Apache2 log analyzer to count unique ips and number of queries
#
# This script is used to find the unique ips in an apache2 access.log
# and count the number of queries for each ip, the number of errors served
# and the number of queries to secret.html for each ip.
#
#   ApacheLogAnalyzer: Analyzer for a log file given the full or relative path
#
# Apache2 log analyzer
#
#  Build an instance of this class and pass a list of full or relative path(s)
#  to the analyze function to receive a list of unique IP addresses, the total
#  number of queries per IP, the number of queries to secret.html per IP, and
#  the total number of 404 errors served.
#
class ApacheLogAnalyzer
  def initialize
    @total_hits_by_ip = Hash.new(0)
    @total_hits_per_url = Hash.new(0)
    @secret_hits_by_ip = Hash.new(0)
    @error_count = 0
  end
  # Analyze a log file provided the full or relative path
  #
  # Args:
  # - file_name: string -- Full or relative path to a log file
  #
  def analyze(file_name)
    # Regex to match a single octet of an IPv4 address
    octet = /\d{,2}|1\d{2}|2[0-4]\d|25[0-5]/
    # Since an IPv4 address is made of four octets we will string them together
    # to match a full IPv4 address
    ip_regex = /^#{octet}\.#{octet}\.#{octet}\.#{octet}/
    # Regex to match an alphanumeric url ending with .html
    url_regex = /[a-zA-Z0-9]+.html/
    # Read in the file line by line using a loop
    # Match the various regex (IP Address, URL, Secret URL, and 404 Error)
    # and pass them to the count_hits function to be counted
    File.open(file_name).each do |line|
      ip = ip_regex.match(line)[0]
      url = url_regex.match(line)[0]
      secret = line.include?("secret")
      error = line.include?("404")
      count_hits(ip, url, secret, error)
    end
    print_hits
  end

  private
  # Count the total and secret queries for a given ip
  #
  # Args:
  # - ip: string -- IP address responsible for the logged entry
  # - url: string -- URL queried for the logged entry
  # - secret: bool -- Whether or not the url queried was secret.html
  # - error: bool -- Whether or not the log entry contained a 404 error
  #
  def count_hits(ip, url, secret, error)
    @total_hits_by_ip[ip] += 1
    @total_hits_per_url[url] += 1
    @secret_hits_by_ip[ip] += 1 if secret
    @error_count += 1 if error
  end
  # Print the number of queries for each ip to the secret url and in total
  #
  def print_hits
    print_string = 'IP: %s, Total Hits: %s, Secret Hits: %s'
    @total_hits_by_ip.sort.each do |ip, total_hits|
      secret_hits = @secret_hits_by_ip[ip]
      puts sprintf(print_string, ip, total_hits, secret_hits)
    end
    url_print_string = 'URL: %s, Number of Hits: %s'
    @total_hits_per_url.sort.each do |url, url_hits|
      puts sprintf(url_print_string, url, url_hits)
    end
    puts sprintf('Total Errors: %s', @error_count)
  end
end
def usage
  puts "No log files passed, please pass at least one log file.\n\n"
  puts "USAGE: #{$PROGRAM_NAME} file1 [file2 ...]\n\n"
  puts "Analyzes apache2 log files for unique IP addresses and unique URLs."
end
def main
  if ARGV.empty?
    usage
    exit(1)
  end
  ARGV.each do |file_name|
    log_analyzer = ApacheLogAnalyzer.new
    log_analyzer.analyze(file_name)
  end
end


if __FILE__ == $PROGRAM_NAME
  main
end