Exam: Management
- Describe NGINX as a web server
- Describe NGINX as a reverse proxy
- Describe NGINX as a load balancer
- Describe NGINX as a caching solution
- Describe NGINX as an API gateway
- Identify the default NGINX core config file
- Identify the included directories/files
- Describe the order of how the included files will be ‘merged’ into the running configuration
- Describe directive inheritance and overriding properties
- Identify user context (i.e. using the configuration file)
- Describe how and when to give read/write/execute access
- Describe how to run NGINX as a specific user type
- Describe the relationship between NGINX processes and users
- Describe how and why NGINX uses shared memory zones
- Describe why directives use a shared memory zone
Exam: Configuration - Knowledge
- Define the load-balancing pools/systems
- Explain the different load-balancing algorithms
- Describe the process used to remove a server from the pool
- Describe what happens when a pool server goes down
- Explain what is unique to NGINX as a load balancer
- Describe how to configure security
- Modify or tune a memory zone configuration
- Describe how to configure NGINX as a mirroring server
- Describe how to configure NGINX as a Layer 4 load balancer
- Describe how to configure NGINX as an API Gateway
- Define a minimum retention policy
- Describe how to configure path regex routing
- Describe the why and how of caching in NGINX
- Define the cache in the http context
- Enable the cache
- Specify the content that should be cached
- Describe different types of caching
- Explain what is unique to NGINX as a cache server
- Demonstrate how to securely serve content (HTTP/HTTPS)
- Describe the difference between serving static content and dynamic content (regex and variables)
- Describe how
server and location directives work
- Explain what is unique to NGINX as a web server
- Explain how traffic routing is handled in NGINX as a reverse proxy
- Explain what is unique to NGINX as a reverse proxy
- Configure encryption
- Demonstrate how to manipulate headers
- Describe the difference between
proxy_set_header and add_header
- Modify or tune a memory zone configuration
- Describe how to configure NGINX as a socket-reserve proxy
- Describe how open-source NGINX handles health checks in different situations
Exam: Configuration - Demonstrate
- Describe the difference between rate limiting and bandwidth throttling
- Demonstrate how to limit the number of connections to the NGINX server and its upstreams
- Demonstrate how to set a bandwidth limit
- Understand how to enable and optimize keep-alives for the NGINX server and its upstreams
- Demonstrate how to restrict access to NGINX based on IP address
- Demonstrate how to restrict access to NGINX based on HTTP method
- Demonstrate how to authenticate (auth_basic / auth_request)
- Demonstrate how to restrict URIs
- Demonstrate how to customize the format of log files
- Demonstrate how to customize the location of log files
- Demonstrate how to set log levels (severity)
- Describe the difference between an error log and an access log
- Define the difference between a server certificate and a client certificate
- Describe the components necessary to use an SSL certificate
- Describe how to protect the SSL certificate and key
- Compare the advantages of TLS termination, end-to-end encryption, and TLS passthrough
- Demonstrate how to enable TLS encryption
- Enable/disable ciphers and TLS version
- Describe how to force all traffic to redirect to HTTPS
Exam: Troubleshooting
- Describe how to send signals to the NGINX process
- Describe the difference between a reload and a stop/start
- Describe how to test a new configuration before applying it
- Interpret logs
- Identify startup failures
- Describe how to deal with HTTP error codes
- Describe how to troubleshoot various responses
- Describe how to troubleshoot use cases with multiple virtual hosts, multiple ports, and default servers
- Describe how to troubleshoot location precedence and
add_header inheritance
- Describe how to troubleshoot client and server connections
- Describe basic SELinux use cases
- Identify TLS connection errors
- Describe how to troubleshoot invalid certificates