diff --git a/401/401-class08.md b/401/401-class08.md index aec86ba..a7cc6c2 100644 --- a/401/401-class08.md +++ b/401/401-class08.md @@ -3,6 +3,50 @@ ## Notes ## Readings +[5 steps to RBAC](https://www.csoonline.com/article/3060780/security/5-steps-to-simple-role-based-access-control.html) + +1. What is Role Based Access Control (RBAC) and why do we care? + + > Role Based Access Control (RBAC) is a method of managing access to a system based on the roles of individual users within an organization. We care because it simplifies managing permissions, increases security, and ensures only authorized users can access specific resources. + +2. Describe a Role/Permission hierarchy that you might implement using RBAC. + + > In a company, there could be roles like 'Employee', 'Manager', and 'Admin'. 'Employee' might have read access to project data, 'Manager' could have read/write access to project data and read access to financial data, 'Admin' has full access to all data. + +3. What approach might you take to implement RBAC? + + > Implementing RBAC typically involves defining roles based on job functions, assigning permissions to those roles, then assigning individuals to those roles. For example, in a software, roles can be created and permissions set programmatically. + +[wiki - RBAC](https://en.wikipedia.org/wiki/Role-based_access_control) + +4. If Authentication is "you are who you say you are," what is Authorization? + + > Authorization is "you are allowed to do what you are trying to do." It's the process of verifying if the authenticated user has the right permissions to perform the requested action. + +5. Name three primary rules defined for RBAC. + + > Three primary rules for RBAC are: Role Assignment (a subject can exercise permission only if the subject has selected or been assigned a role), Role Authorization (A subject's active role must be authorized for the subject), and Permission Authorization (A subject can exercise a permission only if the permission is authorized for the subject's active role). + +6. Describe RBAC to a non-technical friend. + + > RBAC is like a club's VIP list. The bouncer (system) lets you in (authentication) because you're on the list (a user in the system). Once inside, your wristband color (role) determines what areas you can access (authorization). + +## Videos + +[RBAC tutorial](https://www.youtube.com/watch?v=C4NP8Eon3cA) + +7. What Are access rights Associated with? The User? or The Role? Explain. + + > Access rights are associated with the Role, not the User. This means that instead of directly giving permissions to each user, we assign them to a role, and then that role is assigned to the user. This way, if multiple users have the same job, they can just be assigned the appropriate role. + +8. Access Rights, or Authorization, is activated after a user successfully does what? + + > Access Rights or Authorization is activated after a user successfully authenticates. This means once the system verifies the user's identity, it then checks what actions they are authorized to perform based on their role. + +9. Explain how RBAC might benefit a business. + + > RBAC can benefit a business by simplifying permission management and enhancing security. For instance, it can prevent unauthorized access to sensitive data and allow administrators to quickly update user permissions by simply changing their role, rather than updating individual user settings. + ## Things I want to learn more about diff --git a/401/401-class11.md b/401/401-class11.md index 3ed29cd..dbf4541 100644 --- a/401/401-class11.md +++ b/401/401-class11.md @@ -3,7 +3,19 @@ ## Notes ## Readings +[Event Driven Programming](https://www.digitalocean.com/community/tutorials/nodejs-event-driven-programming) +1. What native Node.js module allows us to get started with Event Driven Programming? + + > The 'events' module in Node.js allows us to get started with Event Driven Programming. + +2. What is the value of Object Oriented Programming used in tandem with Event Driven Programming? + + > Combining Object Oriented Programming with Event Driven Programming allows for a more structured and manageable codebase. It helps encapsulate related data and behaviors into objects, while events can trigger methods within these objects. + +3. Consider your knowledge of Event Driven Programming in the Web Browser, now explain to a non-technical friend how Event Driven Programming might be useful on the backend using Node.js. + + > Event Driven Programming in Node.js is like a restaurant taking orders. Instead of making one customer wait while the kitchen cooks their order (synchronous), the restaurant takes orders from multiple customers (asynchronous) and notifies each one when their order is ready (events), making the process more efficient. ## Things I want to learn more about ### References diff --git a/401/401-class12.md b/401/401-class12.md index 5ad322c..524c861 100644 --- a/401/401-class12.md +++ b/401/401-class12.md @@ -3,6 +3,61 @@ ## Notes ## Readings +[Web Sockets](https://en.wikipedia.org/wiki/WebSocket) + +1. What is a Web Socket? + + > A Web Socket is a communication protocol that provides full-duplex communication channels over a single TCP connection. It allows real-time data exchange between a server and a client. + +2. Describe the Web Socket request/response handshake and what happens once the connection is established. + + > The Web Socket handshake begins with a standard HTTP request from the client to the server. If the server supports Web Sockets, it returns an HTTP 101 Switching Protocols response. Once the connection is established, data can be sent back and forth between client and server in real time. + +3. Web Sockets provide a standardized way for the server to send content to a client without first receiving a ________ from that client. + + > request + +[Socket.io Tutorial](https://www.tutorialspoint.com/socket.io/) + +1. What does the event handler `io.on()` do? + + > The `io.on()` event handler listens for specific events emitted by the server or client in Socket.io. When the specified event occurs, it executes a callback function. + +2. Describe some possible proof of life or proof that the code works as expected + + > You can use console.logs or test events to verify the code works. For example, you can have the server emit a message when a new connection is established and check the console for the message. + +3. What does socket.emit() do? + + > The `socket.emit()` function sends a message to the server or client associated with the socket. For example, `socket.emit('message', 'Hello World');` would send the message "Hello World" to the server or client. + +[Socket.io vs Web Sockets](https://www.educba.com/websocket-vs-socket-io/) + +1. What is the difference between WebSocket and Socket.IO? (think Git and GitHub, or OAuth and Auth0). + + > WebSockets is a communication protocol, whereas Socket.IO is a library that uses WebSockets under the hood but also provides additional features like broadcasting and namespaces. + +2. When would you use Socket.IO? + + > You would use Socket.IO when you need real-time functionality in your application, like chat apps, real-time analytics, or multiplayer games, and you want to take advantage of its additional features like automatic reconnection and event broadcasting. + +3. When would you use WebSockets? + + > You would use WebSockets when you need a simple, real-time, two-way communication between the client and server in your web application and you don't require the additional features provided by Socket.IO. + +## Videos + +[OSI Model Explained](https://www.youtube.com/watch?v=vv4y_uOneC0) + +1. What are a couple of key takeaways from this video? + + > The OSI Model is a conceptual framework used to understand how different network protocols interact and work together to provide network services. The model is divided into seven layers, each representing a specific network function. + +[TCP Handshakes Explained](https://www.youtube.com/watch?v=xMtP5ZB3wSk) + +1. Translate the gist of this video to a non-technical friend + + > The video explains the process of how computers establish a connection to exchange data. It compares it to a phone call, where you dial a number (SYN), the other party picks up (SYN-ACK), and then you start talking (ACK). ## Things I want to learn more about diff --git a/401/401-class13.md b/401/401-class13.md index c85a54c..6935846 100644 --- a/401/401-class13.md +++ b/401/401-class13.md @@ -4,6 +4,48 @@ ## Readings +[Socket.io Chat Example](https://socket.io/get-started/chat/) + +1. Explain to a non-technical recruiter what the Chat Example (above) does. + + > The Chat Example provides a simple real-time chat platform. Users can type messages into a text box that are immediately seen by all other users in the chat, making communication instantaneous. + +2. What proof of life are we getting on the backend from the above app? + + > The backend of the app sends and receives messages in real time. When a message is sent, the backend processes it and broadcasts it to all connected users, proving that it's actively running and handling data. + +3. Socket.IO gives us the i0.emit() method to send an event to everyone. What flag would you use if you want to send a message to everyone except for a certain emitting socket? + + > You would use the `socket.broadcast.emit()` method. This sends a message to everyone except for the socket that initiates the event. + +[Rooms](https://socket.io/docs/v4/rooms) + +1. What is a room and how might a room be useful? + + > A room in Socket.IO is a way to segregate users into separate groups or channels. This is useful for creating chat rooms or game lobbies where only certain users should receive specific messages. + +2. How do you join a room? + + > You can join a room using the `socket.join()` function, passing in the name of the room as an argument, like `socket.join('roomName')`. + +3. How do you leave a room? + + > You can leave a room using the `socket.leave()` function, passing in the name of the room as an argument, like `socket.leave('roomName')`. + +[Namespaces](https://socket.io/docs/v4/namespaces/) + +1. What is a Namespace and what does it allow you to do? + + > A Namespace is a way to divide your socket.io app into smaller sub-apps or modules. It allows you to isolate socket communication to a particular feature or section of your app. + +2. Each namespace potentially has its own what? (hint: 3 things) + + > Each namespace can have its own set of rooms, events, and middleware. + +3. Discuss a possible use case for separate namespaces. + + > Separate namespaces can be useful in large apps where different features need their own communication channel. For example, a social media app might use one namespace for chat, another for notifications, and a third for live events, each with their own rooms and events. + ## Things I want to learn more about ### References diff --git a/401/401-class15.md b/401/401-class15.md index 6f5f089..edc746c 100644 --- a/401/401-class15.md +++ b/401/401-class15.md @@ -3,6 +3,47 @@ ## Notes ## Readings +[AWS EC2](https://aws.amazon.com/ec2/) + +1. What is an EC2 Instance? + + > An EC2 Instance is a virtual server in Amazon's Elastic Compute Cloud (EC2) for running applications on the Amazon Web Services (AWS) infrastructure. + +2. Name 2 use cases for EC2. + + > EC2 can be used for hosting web-servers, backend servers for online gaming, and data processing tasks such as batch processing. + +3. Provide 1 reason to use ECS instead of a service such as Heroku, Digital Ocean, or Render.com. + + > One reason to use EC2 is its scalability. It allows you to increase or decrease resources according to your needs, which is not always possible with other services like Heroku or Digital Ocean. + +[EC2 For Humans](https://www.youtube.com/watch?v=lZMkgOMYYIg) + +1. Where can we find EC2 on the AWS Console? + + > EC2 can be found in the AWS Management Console under the "Services" dropdown menu. + +2. Explain the general difference between T2 Micro and XL. + + > T2 Micro is a small instance type suitable for low to moderate workloads, while XL instances are larger, offering more compute power and memory, suitable for large scale applications or databases. + +3. Explain a "Compute Cycle" to a non-technical friend. + + > A "Compute Cycle" is like a worker's shift. It's the time during which the CPU (the brain of the computer) is actively doing something like processing data or running a program. + +[Elastic Beanstalk](https://www.youtube.com/watch?v=SrwxAScdyT0) + +1. What is Elastic Beanstalk? + + > Elastic Beanstalk is an AWS service that simplifies the deployment and scaling of web applications and services developed in Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker. + +2. Describe the relationship between EC2 and Elastic Beanstalk. + + > Elastic Beanstalk uses EC2 instances to run the applications that you upload to the service. It takes care of the deployment details, capacity provisioning, load balancing, and auto-scaling. + +3. Name some benefits of using Elastic Beanstalk. + + > Benefits of using Elastic Beanstalk include easy application deployment, automatic scaling, and it handles all the infrastructure so you can focus on writing your application. ## Things I want to learn more about diff --git a/401/401-class16.md b/401/401-class16.md new file mode 100644 index 0000000..6f5f089 --- /dev/null +++ b/401/401-class16.md @@ -0,0 +1,10 @@ +# Class 401.15 + +## Notes + +## Readings + +## Things I want to learn more about + +### References +- Google Bard and ChatGPT diff --git a/401/401-class17.md b/401/401-class17.md new file mode 100644 index 0000000..6f5f089 --- /dev/null +++ b/401/401-class17.md @@ -0,0 +1,10 @@ +# Class 401.15 + +## Notes + +## Readings + +## Things I want to learn more about + +### References +- Google Bard and ChatGPT diff --git a/401/401-class18.md b/401/401-class18.md new file mode 100644 index 0000000..6f5f089 --- /dev/null +++ b/401/401-class18.md @@ -0,0 +1,10 @@ +# Class 401.15 + +## Notes + +## Readings + +## Things I want to learn more about + +### References +- Google Bard and ChatGPT diff --git a/401/401-class19.md b/401/401-class19.md new file mode 100644 index 0000000..6f5f089 --- /dev/null +++ b/401/401-class19.md @@ -0,0 +1,10 @@ +# Class 401.15 + +## Notes + +## Readings + +## Things I want to learn more about + +### References +- Google Bard and ChatGPT diff --git a/401/401-class20.md b/401/401-class20.md new file mode 100644 index 0000000..6f5f089 --- /dev/null +++ b/401/401-class20.md @@ -0,0 +1,10 @@ +# Class 401.15 + +## Notes + +## Readings + +## Things I want to learn more about + +### References +- Google Bard and ChatGPT diff --git a/401/401-class21.md b/401/401-class21.md new file mode 100644 index 0000000..6f5f089 --- /dev/null +++ b/401/401-class21.md @@ -0,0 +1,10 @@ +# Class 401.15 + +## Notes + +## Readings + +## Things I want to learn more about + +### References +- Google Bard and ChatGPT diff --git a/401/401-class22.md b/401/401-class22.md new file mode 100644 index 0000000..6f5f089 --- /dev/null +++ b/401/401-class22.md @@ -0,0 +1,10 @@ +# Class 401.15 + +## Notes + +## Readings + +## Things I want to learn more about + +### References +- Google Bard and ChatGPT diff --git a/401/401-class23.md b/401/401-class23.md new file mode 100644 index 0000000..6f5f089 --- /dev/null +++ b/401/401-class23.md @@ -0,0 +1,10 @@ +# Class 401.15 + +## Notes + +## Readings + +## Things I want to learn more about + +### References +- Google Bard and ChatGPT diff --git a/401/401-class24.md b/401/401-class24.md new file mode 100644 index 0000000..6f5f089 --- /dev/null +++ b/401/401-class24.md @@ -0,0 +1,10 @@ +# Class 401.15 + +## Notes + +## Readings + +## Things I want to learn more about + +### References +- Google Bard and ChatGPT diff --git a/401/401-class25.md b/401/401-class25.md new file mode 100644 index 0000000..6f5f089 --- /dev/null +++ b/401/401-class25.md @@ -0,0 +1,10 @@ +# Class 401.15 + +## Notes + +## Readings + +## Things I want to learn more about + +### References +- Google Bard and ChatGPT