Ahead DevOps Foundation STUDENT BINDER V3.0 PDF

DevOps
Foundation
Program
V3.0 © Copyright DevOps Institute / Ahead Technology Inc. All rights reserved unless otherwise stated.
V3.0 © Copyright DevOps Institute / Ahead Technology Inc. All rights reserved unless otherwise stated. 2
DEVOPS FOUNDATION PROGRAM
TABLE OF CONTENTS
Section-1
DevOps Foundation Exam Requirements and Detailed Course Outline ______________ 9
Section-2
DevOps Foundation Presentation ________________________________ 17
Introductions _________________________________________________________ 17
DevOps Foundation Course Goals ________________________________________ 18
About Bloom’s Taxonomy _______________________________________________ 18
About The DevOps Institute______________________________________________ 19
DevOps Foundation Course Content, Agenda and Logistics_____________________ 19
Module 1: Exploring DevOps ___________________________________________ 20
Defining DevOps __________________________________________________ 21
The DevOps Collective Body of Knowledge _______________________________ 21
A Short History of DevOps ____________________________________________ 22
What is DevOps? ___________________________________________________ 23
What DevOps is NOT ________________________________________________ 24
Why DevOps is Important Now ________________________________________ 24
What Makes DevOps So Unique? ______________________________________ 25
DevOps Applies Systems Thinking Across the Entire IT Spectrum _____________ 25
IT is a System of Systems ____________________________________________ 26
DISCUSSION – DevOps Myths Versus Realities _________________________ 26
DevOps Goals _____________________________________________________ 27
DevOps Values ____________________________________________________ 27
Automation is an Essential Element _____________________________________ 28
DevOps Stakeholders _______________________________________________ 28
Why DevOps Matters? ______________________________________________ 29
Our Cadence is Off _________________________________________________ 30
DevOps Improves IT’s Cadence and Velocity _____________________________ 30
DevOps Improves Throughput AND Stability ______________________________ 31
CASE STORY: ING Bank_____________________________________________ 31
DevOps Adoption ___________________________________________________ 32
The Business Perspective ___________________________________________ 33
Why the Business is Driving DevOps ____________________________________ 33
The Business Value of DevOps ________________________________________ 34
Start with the “Why” - The Golden Circle _________________________________ 34
TABLE OF CONTENTS
EXERCISE – Your Organizational Why_________________________________ 35
The IT Perspective _________________________________________________ 36
Why IT is Driving DevOps ____________________________________________ 37
The IT Challenge ___________________________________________________ 37
The Wall of Confusion _______________________________________________ 38
IT’s Silo Culture ____________________________________________________ 39
Top 5 Predictors of IT Performance _____________________________________ 39
Module 1: Quiz ____________________________________________________ 40
Module 2: Core DevOps Principles ______________________________________ 41
The Three Ways ___________________________________________________ 42
Gene Kim Defining The Three Ways of The Phoenix Project__________________ 43
The First Way: Flow _________________________________________________ 43
Theory of Constraints ________________________________________________ 44
Common Constraints ________________________________________________ 44
DISCUSSION – Overcoming Constraints _______________________________ 45
The Second Way: Feedback __________________________________________ 45
Examples of Feedback Loops _________________________________________ 46
The Third Way: Continual Experimentation and Learning ____________________ 46
Chaos Engineering __________________________________________________ 47
CASE STORY: Ticketmaster __________________________________________ 47
Encourage a Learning Culture _________________________________________ 48
EXERCISE – Brining The Three Ways to Life ___________________________ 48
Module 2: Quiz ____________________________________________________ 49
Module 3: Key DevOps Practices ________________________________________ 50
CASE STORY: Capital One ___________________________________________ 51
Continuous Testing, Integration, Delivery and Deployment _______________ 51
Continuous Testing _________________________________________________ 52
Continuous Integration _______________________________________________ 52
Continuous Delivery _________________________________________________ 53
EXERCISE – Rate Your CI / CD Capability ______________________________ 53
Continuous Delivery and Continuous Deployment __________________________ 54
Continuous Delivery Can Lead to Higher IT and Business Performance _________ 55
Site Reliability Engineering____________________________________________ 55
Resilience Engineering_______________________________________________ 56
DevSecOps _______________________________________________________ 56
ChatOps __________________________________________________________ 57
TABLE OF CONTENTS
Kanban ___________________________________________________________ 57
DISCUSSION – Why Too Much WIP is Bad _____________________________ 58
Module 3: Quiz ____________________________________________________ 58
Module 4: Business and Technology Frameworks _________________________ 60

DevOps Cannot Stand Alone __________________________________________ 61
Agile ____________________________________________________________ 61
The Agile Manifesto _________________________________________________ 62
Scrum ____________________________________________________________ 62
Scrum in a Nutshell _________________________________________________ 63
Scaled Agile Framework® (SAFe ™) ____________________________________ 63
SAFe for Lean Enterprises ____________________________________________ 64
Increasing Agility ___________________________________________________ 65
IT Service Management _____________________________________________ 65
IT Infrastructure Library® (ITIL®) _______________________________________ 67
ITSM Process Models Support DevOps and Continuous Delivery ______________ 67
DISCUSSION – Agility in IT Operations ________________________________ 68
Agile Service Management ___________________________________________ 68
Lean _____________________________________________________________ 69
Lean Perspectives __________________________________________________ 69
Sources of Waste = DOWNTIME _______________________________________ 70
EXERCISE – Identifying and Eradicating Waste _________________________ 70
CASE STORY: Alaska Air ____________________________________________ 71
Value Stream Mapping _______________________________________________ 72
Sample Value Stream Maps___________________________________________ 72
Improvement Kata __________________________________________________ 73
Safety Culture _____________________________________________________ 73
Learning Organizations ______________________________________________ 74
Continuous Funding _________________________________________________ 74
Module 4: Quiz ____________________________________________________ 75
Module 5: Culture, Behaviors and Operating Models________________________ 76
Practices Alone are not Enough ________________________________________ 77
What is Organizational Culture?________________________________________ 78
DevOps Helps to Overcome Cultural Debt ________________________________ 79
Characteristics of a DevOps Culture ____________________________________ 79
Shifting Thoughts and Behaviors _______________________________________ 80
TABLE OF CONTENTS
High Trust vs. Low Trust _____________________________________________ 80
Culture and the Flow of Information _____________________________________ 81
EXERCISE – Rating and Improving the Westrum Model __________________ 82
Culture Change is Never Easy _________________________________________ 83
People Adapt to Change at Different Paces _______________________________ 83
DISCUSSION – Placing on the Change Curve ___________________________ 84
The Stages of Change Acceptance _____________________________________ 84
Communication is Critical _____________________________________________ 85
Encourage Collaborative Relationships __________________________________ 85
Expect Some Conflict: Thomas-Kilmann Conflict Modes _____________________ 86
Avoid Change Fatigue _______________________________________________ 86
Empower New Behaviors _____________________________________________ 87
CASE STORY: Target _______________________________________________ 87
Module 5: Quiz ____________________________________________________ 88
Module 6: Automation and Architecting DevOps Toolchains _________________ 89
Periodic Table of DevOps Tool ________________________________________ 91
Correlations Between Automation and High Performance ____________________ 91
Automation Benefits _________________________________________________ 92
Important Terms ____________________________________________________ 93
Cloud, Containers and Microservices ____________________________________ 93
AI and Machine Learning _____________________________________________ 94
DevOps Automation Practices _________________________________________ 94
Communication and Collaboration Can Be Automated Too ___________________ 95
First Steps to Improving DevOps Automation _____________________________ 95
CASE STORY: Fannie Mae ___________________________________________ 96
DevOps Toolchains ________________________________________________ 96
DISCUSSION – Applying the DevOps Handbook’s Definition ______________ 97
The Deployment Pipeline _____________________________________________ 98
DevOps Toolchains _________________________________________________ 98
Sample DevOps Toolchain (US Government - GSA) ________________________ 99
Elements in a DevOps Toolchain _______________________________________ 99
EXERCISE – Architect Your DevOps Toolchain _________________________ 100
Build Your DevOps Toolchain Gradually _________________________________ 100
Multiple Business Applications Require Multiple Toolchains __________________ 101
Module 6: Quiz ____________________________________________________ 101
TABLE OF CONTENTS
Module 7: Measurement, Metrics and Reporting ___________________________ 103
The Importance of Measurement _______________________________________ 104
Measuring Success _________________________________________________ 105
DISCUSSION – Metrics Used Today ___________________________________ 106
Change Lead / Cycle Time ____________________________________________ 106
Guidelines to Measure IT Performance __________________________________ 107
CASE STORY: Societe Generale ______________________________________ 107
Gartner DevOps Metrics Pyramid ______________________________________ 108
EXERCISE – The Most Meaningful Metrics _____________________________ 108
Module 7: Quiz _____________________________________________________ 109
Module 8: Sharing, Shadowing and Evolving ______________________________ 110
DevOps Encourages a Sharing Culture __________________________________ 111
Internal DevOps Days _______________________________________________ 112
DISCUSSION – What’s Your DevOps Open Space Topic? _________________ 113
DevOps in the Enterprise ___________________________________________ 113
CASE STORY: Disney _______________________________________________ 114
Roles ____________________________________________________________ 114
Addressing the DevOps Skills Gap _____________________________________ 115
Skills and Characteristics of a DevOps Professional ________________________ 115
DevOps Roles _____________________________________________________ 116
What is a DevOps Engineer? __________________________________________ 116
DevOps Leadership ________________________________________________ 117
Transformational Leadership __________________________________________ 117
Leading a Digital Transformation: According to Jason Cox (Disney) ____________ 118
Organizational Considerations _______________________________________ 118
DevOps Organizational Structures ______________________________________ 119
DevOps Teams ____________________________________________________ 119
Getting Starting ___________________________________________________ 120
Start Where You Are ________________________________________________ 121
Learn by Doing _____________________________________________________ 122
Consolidate Gains and Produce More Change ____________________________ 122
Anchor the Results __________________________________________________ 123
Challenges, Risks and Critical Success Factors _________________________ 123
Critical Success Factors ______________________________________________ 124
Challenges and Risks________________________________________________ 124
Your biggest challenge for the expansion of DevOps? ______________________ 125
TABLE OF CONTENTS
EXERCISE – Your DevOps Experiment (Personal and Action Plan) _________ 125
Module 8: Quiz ____________________________________________________ 126
Summary ____________________________________________________________ 127
DOI Learning Tracks and Community ______________________________________ 128
To Complement your DevOps / IT Best Practice Initiative _______________________ 129
ITSM Training and Services _____________________________________________ 129
In The End, Don’t Forget ________________________________________________ 130
Section-3
Sample Exam ___________________________________________________________ 131
Section-4
Additional Documents
Value Add Resources and Source Materials _______________________________ 145
DevOps Glossary of Terms _____________________________________________ 161
Reference Cards _____________________________________________________ 179
Exam Registration Procedure ___________________________________________ 183
Section – 1
Examination Requirements
and Course Outline
DevOps Foundation
Examination Requirements
DevOps Foundation Certificate
DevOps Foundation is a freestanding certification from the DevOps Institute. The

purpose of this course and its associated exam is to impart, test and validate
knowledge of DevOps basic vocabulary, principles and practices. The vocabulary
terms, concepts and practices are documented in the course learner manual. DevOps
Foundation is intended to provide individuals an understanding of basic DevOps
concepts and how DevOps may be used to improve communication, collaboration and integration
between software developers and IT operations professionals.
Eligibility for Examination

To be eligible for the exam leading to certification candidates must fill the following requirements:
• Complete at least 16 contact hours (instruction and labs) as part of a formal, approved training
course delivered by an approved Registered Education Partner of the DevOps Institute.
• It is recommended that students complete at a minimum 6 hours of personal study by reviewing the
vocabulary list and pertinent areas of the course learner manual and by completing the sample
exam
Examination Administration
The DevOps Foundation examination is accredited, managed and administered under the strict
protocols and standards of the DevOps Institute’s strategic examination partner Peoplecert
Level of Difficulty
The DevOps Foundation certification uses the Bloom Taxonomy of Educational Objectives in the
construction of both the content and the examination.
• The DevOps Foundation exam contains Bloom 1 questions that test learners’ knowledge of
DevOps concepts and vocabulary terms (see list below)
• The exam also contains Bloom 2 questions that test learner’s comprehension of these concepts
in context
Format of the Examination

Candidates must achieve a passing score to gain the DevOps Foundation Certificate.
Exam Type 40 multiple choice questions
Duration 60 minutes for candidates in their respective language

75 minutes if English is not a candidate’s native tongue
Prerequisites DevOps Foundation course from a DevOps Institute Registered Education Partner
(REP)
Supervised Yes
Open Book No
Passing Score 65%
Delivery Online or invigilated in person
Badge DevOps Foundation Certified
Exam Topic Areas and Question Weighting
The DevOps Foundation exam requires knowledge of the topic areas described below.
Module Description Max Questions
DOFD – 1 Exploring DevOps Purpose, objectives and business value 5

of DevOps
DOFD – 2 Core DevOps Principles The Three Ways 4
DOFD – 3 Key DevOps Practices Emerging DevOps Practices such as 7

continuous delivery and continuous
integration
DOFD – 4 Business & Technology The relationship between relevant 7
Frameworks frameworks and standards and DevOps
DOFD – 5 DevOps Values - Culture, Characteristics of a DevOps culture and 6
Behaviors & Operating Models of culture change
DOFD – 6 DevOps Values - Automation The Deployment Pipeline, DevOps 5
& Architecting DevOps Toolchains toolchains and other automation
considerations
DOFD – 7 DevOps Values – Common DevOps practices and related 2
Measurement, Metrics & Reporting processes
DOFD – 8 DevOps Values: Sharing, Responsibilities of key roles and 4
Shadowing and Reporting considerations relative to
organizational structure. Getting
started - adoption challenges, risks,
critical success factors and key
performance measures
Concept and Terminology List
After studying this course, the candidate is expected to understand the following DevOps concepts and
vocabulary at a Blooms Level 1 and 2.
● Agile Manifesto ● Improvement kata

● Agile service management ● IT service management
● Agile software development ● Kanban
● Application Programming Interface (API) ● Lean production
● CALMS ● Lean thinking
● Change failure rate ● Lean tools
● Change fatigue ● Lean types of Waste (DOWNTIME)
● Change lead time ● Microservices
● ChatOps ● Open source
● Code commit ● Organizational culture
● Collaboration and communication ● Organizational considerations
● Collective Body of Knowledge (Cbok) ● Outcome economy
● Configuration management tools ● Pace-Layered Application Strategy
● Conflict management ● Process Model
● Constraint ● Rugged DevOps
● Containers ● Scaled Agile Framework (SAFe)
● Continuous integration ● Scrum
● Continuous delivery ● Scrum roles, artifacts and events
● Continuous deployment ● Sharing opportunities
● Cultural debt ● Service
● Cycle time ● Shift left
● Deployment pipeline ● Simian Army/Chaos Monkey
● Deployment frequency ● Test driven development
● DevSecOps ● Testing (unit, acceptance, integration)
● DevOps ● The Three Ways
● DevOps metrics ● Theory of Constraints
● DevOps stakeholders ● DevOps toolchain
● DevOps teams ● Value stream mapping
● DevOps roles ● Variable speed IT
● Flow ● Velocity
● Golden Circle ● Waste
● High-performing organizations ● Waterfall
● Impediment
● Immersion
Section – 2
Instructor
Presentation
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
Section – 3
Sample Exam
DevOps Foundation V3.10
Sample Examination
1. A small group of individuals recently returned from a conference where they learned
about DevOps. They cannot agree on how to get started. Where should an IT organization
start when adopting DevOps practices?
A. Understand why the organization exists

B. Pick the right applications to pilot
C. Develop a long-term strategy
D. Identify tools and training needed
2. What is the Three Ways?
A. Methodology for identifying and removing constraints

B. The key principles of DevOps
C. Disciplined, data-driven approach for reducing waste
D. A methodology for performing continuous improvement
3. Which statement about Kanban is CORRECT?
A. Pushes work through a process

B. Requires a workflow management tool
C. Pulls work through a process
D. Enables more work in progress
4. What is the Agile Manifesto?
A. Values and principles to guide an iterative and people-centric approach to software

development
B. Methodology that focuses on making sure software is always in a releasable state
throughout its lifecycle
C. Declaration of the benefits and intentions of DevOps
D. Intentions and motives of being an agile enterprise
5. An organization is trying to overcome the challenges of their legacy silo culture where
teams have been organized by subject matter expertise. What is this organization suffering
from?
A. Cultural debt
B. Change fatigue
C. Organizational change
D. Low trust
6. Which statement BEST describes change fatigue?
A. Aggressive resistance
B. Apathy
C. Finger pointing
D. Exhaustion
7. Due to a tightly-coupled architecture, an organization is unable to increase the frequency

of releases for a key service. When releases do occur, they are extremely painful and the
organization’s competitive advantage is eroding as a result. Which software development
approach could be used to improve this situation?
A. Test-driven development
B. Containers
C. Microservices
D. Chaos Monkey
8. An organization has just completed the deployment of a pilot release using DevOps
practices and a preliminary deployment pipeline. Which metric would provide the most
information to help them continually improve?
A. Mean Time to Repair (MTTR)

B. Change lead and cycle times
C. Knowledge sharing
D. All of the above
9. Which statement about DevOps teams is MOST accurate?
A. They are responsible for establishing DevOps practices across the enterprise
B. They are accountable for the development of the deployment pipeline
C. They should be a fixed team that works together on long term projects
D. They should have shared accountabilities
10. An organization recently held an internal DevOps Days. During one of the openspace
sessions, it was suggested that there be more opportunities for dev, ops, security and other
IT areas to interact and share. What sort of opportunities should the organization consider?
A. Hackathons
B. Simulations
C. Immersion opportunities
D. All of the above
11. Which of the following roles are DevOps stakeholders?
A. QA testers
B. Support professionals
C. Suppliers
D. All of the above
12. Which is NOT a goal of DevOps?
A. Improved productivity
B. Fewer but higher-quality software releases
C. Lower risk software deployments
D. Improved quality of code
13. An organization is implementing a disruptive application similar to the Simian Army.

Which of the Three Ways are they introducing?
A. The First Way

B. The Second Way
C. The Third Way
D. The Phoenix Project
14. An organization is looking to improve real-time collaboration between teams. Which

DevOps practice should they be considering?
A. Kanban
B. ChatOps
C. Escalation
D. Alerts
15. Which is a characteristic of a DevOps culture?
A. Effective one-way communication from the top down

B. Recognizing the best and brightest for their successes
C. Shared vision, goals and incentives
D. All of the above
16. Which BEST describes a deployment pipeline?
A. Automation version of the ITSM change management process

B. Automated process for managing software changes from check-in to release
C. Collection of tools that enable continuous integration
D. Sequence of value-adding activities required to design, build and deliver a product
17. At a recent conference, a CIO was told that her organization should invest heavily in
machine learning. Back at the office, she asked one of her senior leadership team to pull
together an investment case. What is unlikely to be a direct benefit they are likely to receive
from using artificial intelligence and should not be included in the investment case?
A. Predicting future scenarios

B. Finding new trends and correlations
C. Augmenting human contribution and boosting productivity
D. Building a blame free culture
18. Which statement about the Improvement Kata is CORRECT?
A. It focuses on short term goal

B. It is a 7-step process
C. It considers the organization’s long-term vision or direction
D. It should be performed as time allows
19. In the context of agile software development, which of the following is NOT a
responsibility of IT Operations?
A. Managing the product backlog

B. Defining non-functional requirements
C. Identifying security requirements
D. Provisioning the infrastructure
20. Which of the following is a characteristic of a high trust organizational culture?
A. Good information flow

B. Cross-functional collaboration
C. Learning from failures and new ideas
D. All of the above
21. Why is organizational culture a critical success factor for DevOps?
A. It represents the values and behaviors that contribute to the unique social and psychological
environment of an organization
B. It represents a command and control approach to the delivery of services
C. It represents the way that an organization is structured and organized
D. It reflects the strategic direction of the business’ leadership
22. What is a primary benefit of DevOps toolchains?
A. To automate steps in the deployment pipeline

B. To trace features’ journeys from inception to live
C. To ensure that the architectural design supports interoperability and consistency
D. All of the above
23. Which of the following DevOps roles is NOT YET well defined?
A. Systems engineer
B. Continuous delivery automation architect
C. DevOps engineer
D. Experience assurance
24. An organization is implementing DevOps. The developers concerned that their ITSM
processes are too complex, slow and will not support DevOps principles and practices.
Which IT framework will help the organization instill agile thinking into existing ITSM
processes?
A. ITIL
B. Agile
C. Agile service management
D. Lean
25. Which lean tool depicts the flow of information, materials and work across functional
silos with an emphasis on quantifying and eliminating waste?
A. Improvement Kata
B. Continuous Delivery
C. Kanban
D. Value stream mapping
26. The business ‘why’ of the Golden Circle represents an organization’s
A. Purpose, cause and belief

B. Products and services
C. Competitive advantage
D. Profitability
27. What determines which DevOps principles and practices will BEST benefit an
organization?
A. Business strategies and goals

B. The commitment of early adopters
C. The availability of advanced tools
D. IT's capabilities and resources
28. The Theory of Constraints supports which of the Three Ways?
A. The First Way

B. The Second Way
C. The Third Way
D. All of the above
29. Which of the following is required for Continuous Integration?
A. Automated unit, integration and acceptance testing

B. Automated release management
C. Continuous delivery pipeline
D. Deployment pipeline
30. Which DevOps practice relies on a deployment pipeline that enables push-button
deployments on demand?
A. Continuous testing
B. Continuous integration
C. DevSecOps
D. Continuous delivery
31. Which of the following ITSM processes are most critical to DevOps?
A. Change, Release and Service Asset and Configuration Management

B. Incident, Problem and Event Management
C. Demand, Capacity and Information Security Management
D. All of the above
32. An organization has identified they have a culture of blame and fear, where incidents are
not valued and failure is not embraced as a learning opportunity. There are many single
points of failure and employees suffer daily as a result of the fragility of the systems,
enduring painful war-rooms during frequent outages. What should this organization look to
in order to improve the situation?
A. Safety Culture
B. Agile software development
C. Building a DevOps toolchain
D. Site Reliability Engineering
33. When trying to effect major change, who should be engaged in planning activities and
serve as change agents?
A. Early adopters
B. Naysayers
C. Management
D. People who need proof
34. What of the following is NOT a typical element in a DevOps toolchain?
A. Monitoring tools
B. Test automation
C. Version control
D. Service desk incident management systems
35. Which of the following is a critical success factor for DevOps?
A. Establishing a tool chain

B. Hiring DevOps Engineers
C. Management commitment to culture change
D. Automating everything
36. Which of the following is not a goal of DevOps leadership?
A. Help to improve self-diagnosis

B. Control and evaluate workers using metrics
C. Instil self-improvement
D. Translate local discoveries to global improvements
37. Which of the Three Ways encourages peer review of production changes?
A. The First Way

B. The Second Way
C. The Third Way
D. All of the above
38. What does the concept of “shift left” represent?
A. Building quality into the software development process via early and continuous testing
B. Passing release packages to IT Operations following completion of a batch of development
C. Performing random tests on code that is committed to a continuous integration server
D. Doing more testing in production after deployment
39. An organization is struggling with the additional time it takes for security reviews after
an Agile team completes a Sprint. The delay is impacting their ability to release. They want
to include more security testing as part of their “shift left” testing approach. Which DevOps
practice would they need?
A. ChatOps
B. Continuous Testing
C. DevSecOps
D. Vulnerability alerts
40. An organization is preparing to automatically deploy every release that passes

automated unit, integration, user acceptance and non-functional tests. Which DevOps
practice are they applying?
A. Continuous delivery
B. Continuous testing
C. Continuous deployment
D. Continuous integration
Section – 4
Additional
Documents
Value Add
Resources
and Source
Materials
DevOps Foundation
Value Add Resources and Source Materials
This document provides links to articles and videos related to the DevOps Foundation course from the DevOps
Institute. This information is provided to enhance your understanding of DevOps Foundation-related concepts
and terms and is not examinable. Of course, there is a wealth of other videos, blogs and case studies on the
web. We welcome suggestions for additions.
Videos Featured in the Course
Module Featured Title & Description Link

1: Exploring DevOps ‘A Short History of DevOps’ with https://youtu.be/o7-IuYS0iSE
Damon Edwards (11:47)
1: Exploring DevOps Abbreviated version of Simon Sinek’s https://youtu.be/IPYeCltXpxw

Ted Talk ‘Start with Why - How Great
Leaders Inspire Action’ (5:00)
2: Core DevOps Practices ‘Gene Kim Defines The Three Ways of https://youtu.be/nUOXDEvplRc
The Phoenix Project’ (3:31)
3: Key DevOps Principles ‘GitHub Professional Guide: https://youtu.be/xSv_m3KhUO8

Continuous Integration & Continuous
Delivery’ (6:00)
4: Business & Technology Frameworks ‘Spotify Engineering Culture Part 1’ https://youtu.be/4GK1NDTWbkY

with Henrik Kniberg (13:12)
5: DevOps Values: Culture, Behaviors ‘Spotify Engineering Culture Part 2’ https://youtu.be/rzoyryY2STQ

& Operating Models with Henrik Kniberg (13:27)
6: DevOps Values: Automation & ‘The DevOps Toolchain’ with John https://youtu.be/bwE8aFPAzj8
Architecting DevOps Toolchains Okoro (7:43)
7: DevOps Values: Measurement, ‘4 DevOps Metrics to Improve Delivery https://youtu.be/RwvgEz_4lYI

Metrics & Reporting Performance’ with Dennis Ehle (6:05)
8: DevOps Values: Sharing, Shadowing ‘DevOps: A Culture of Sharing’ with https://youtu.be/8aJHtjp--3U

& Evolving Gareth Rushgrove (2:19)
DevOps Reports
Report Name Writers/Publishers Link

2018 DevSecOps Community Survey Sonatype https://www.sonatype.com/2018surv
ey
2018 Global Developer Report Gitlab https://about.gitlab.com/developer-

survey/2018/
State of DevOps Report InterOp http://reg.interop.com/stateofdevops
State of the Cloud Report RightScale https://www.rightscale.com/lp/state-

of-the-cloud
The State of DevOps Report Dr. Nicole Forsgren, Gene Kim & Jez https://puppet.com/resources/white-
Humble in collaboration with Puppet paper
Labs
The Value Unleashed by DevOps Boston Consulting Group https://www.bcg.com/en-

us/agile/devops/benefits.aspx
DevOps Articles
Article Title & Author Relevant Module Link

‘2018: The Year of Enterprise DevOps’ 1: Exploring DevOps https://go.forrester.com/blogs/2018-the-
by Forrester year-of-enterprise-devops/
‘5 Things DevOps is Not’ from 1: Exploring DevOps https://devops.com/what-devops-is-not/

devops.com
‘6 DevOps Recruiting Tips: How to 8: Sharing, Shadowing & https://techbeacon.com/6-devops-recruiting-

Land the Right People’ on TechBeacon Evolving tips-how-land-right-people
‘7 DevOps Roles You Need to Succeed’ 5: DevOps Values: Culture, https://techbeacon.com/7-devops-roles-you-

on TechBeacon Behaviors & Operating Models need-succeed
‘7 Keys to Finding Phenomenal 8: Sharing, Shadowing & https://techbeacon.com/7-keys-finding-

DevOps Talent’ on TechBeacon Evolving phenomenal-devops-talent?es_p=1623370
‘10 Ways Machine Learning Can 6: Automation & Architecting https://techbeacon.com/10-ways-machine-

Optimize DevOps’ on TechBeacon Toolchains learning-can-optimize-devops
‘A different drumbeat: using Kanban 3: Key DevOps Principles https://www.infoworld.com/article/3266588/
for devops to smooth out your scrum devops/a-different-drumbeat-using-kanban-
cycles’ by Nate Berent-Spillson for-devops-to-smooth-out-your-scrum-
cycles.html
‘A Four Quadrant Look at the DevOps 6: Automation & Architecting https://puppet.com/blog/a-four-quadrant-

Toolchain’ by Scott Johnston Toolchains look-at-devops-toolchain
‘A Personal Reinterpretation of The 2: Core DevOps Practices http://itrevolution.com/a-personal-

Three Ways’ by Tim Hunter reinterpretation-of-the-three-ways/
‘A Typology of Organizational Cultures’ 5: DevOps Values: Culture, http://www.ncbi.nlm.nih.gov/pmc/articles/P

by Ron Westrum Behaviors & Operating Models MC1765804/pdf/v013p0ii22.pdf
Apply the Strangler Application 6: Automation & Architecting https://www.ibm.com/developerworks/cloud

Pattern to Microservices Applications - Toolchains /library/cl-strangler-application-pattern-
IBM microservices-apps-trs/index.html
‘Best Practices for Using Value Stream 4: Business & Technology http://www.industryweek.com/continuous-
Mapping as a Continuous Frameworks improvement/best-practices-using-value-
Improvement Tool’ by R. Keith Mobley stream-mapping-continuous-improvement-
tool?page=2
Blue-green Deployments, A/B Testing, 3: Key DevOps Principles http://blog.christianposta.com/deploy/blue-

and Canary Releases by Christian green-deployments-a-b-testing-and-canary-
Posta releases/
‘Building a Healthy DevOps Culture’ by 5: DevOps Values: Culture, https://www.wired.com/insights/2013/06/bui

Michael Butt Behaviors & Operating Models lding-a-healthy-devops-culture/
‘Building a Learning Organization’ on 4: Business & Technology https://hbr.org/1993/07/building-a-learning-

HBR Frameworks organization
‘ChatOps: Communicating at the 6: Automation & Architecting http://devops.com/features/chatops-

Speed of DevOps’ by George Hulme Toolchains communicating-speed-devops/
‘Codifing DevOps Practices’ by Patrick 3: Key DevOps Principles http://www.jedi.be/blog/2012/05/12/codifyin

DeBois g-devops-area-practices
‘Communities of Practice: The Missing 5: DevOps Values: Culture, https://www.infoq.com/articles/communities

Piece of Your Agile Organisation’ by Behaviors & Operating Models -of-practice-agile-organisation
Emily Webber
‘Continuous Delivery’ by Martin 3: Key DevOps Principles http://martinfowler.com/bliki/ContinuousDeli

Fowler very.html
‘Continuous Delivery: Anatomy of the 3: Key DevOps Principles http://www.informit.com/articles/article.aspx
Deployment Pipeline’ by Jez Humble & ?p=1621865&seqNum=8
Dave Farley
‘Continuous Everything in 3: Key DevOps Principles https://notafactoryanymore.com/2014/08/19

DevOps…What is the difference /continuous-everything-in-devops-what-is-
between CI, CD, CD… ?’ by Micro the-difference-between-ci-cdcd/
Hering
‘Continuous Integration’ on 3: Key DevOps Principles https://www.thoughtworks.com/continuous-

ThoughtWorks integration
‘Cultural Debt Can Be the Primary 5: DevOps Values: Culture, https://techdebtpolicy.com/cultural-debt/

Driver of Technical Debt’ by Rick Behaviors & Operating Models
Brenner
‘Culture Isn’t a Swear Word’ by 5: DevOps Values: Culture, https://devops.com/culture-isnt-swear-word/

Jonathan Fletcher Behaviors & Operating Models
‘Creating a Higher Trust Organization’ 5: DevOps Values: Culture, https://www.huffingtonpost.com/john-

by John Mackey Behaviors & Operating Models mackey/creating-the-high-trust-
o_b_497589.html?guccounter=1
‘Data-Driven DevOps: Use Metrics to 7: Measurement, Metrics & https://www.gartner.com/doc/3760663/data

Guide Your Journey’ Gartner Reporting driven-devops-use-metrics-guide
‘DevOps and IT Support: 4 Principles 1: Exploring DevOps http://devops.com/2015/12/09/devops-and-

to Keep Your Team Ahead of the it-support-4-principles-to-keep-your-team-
Curve’ on devops.com ahead-of-the-curve/
‘DevOps and Kanban - Match Made in 3: Key DevOps Principles https://www.upguard.com/blog/devops-

Heaven’ by UpGuard kanban-match-heaven
‘DevOps, Cloud and the Lean “Wheel 4: Business & Technology https://seroter.wordpress.com/2014/04/07/d
of Waste”’ by Richard Seroter Frameworks evops-cloud-and-the-lean-wheel-of-waste/
‘DevOps Culture’ by John Willis 5: DevOps Values: Culture, http://itrevolution.com/devops-culture-part-

Behaviors & Operating Models 1/
‘DevOps Demystified’ by Ben 7: Measurement, Metrics & http://cuddletech.com/slides/DevOps-

Rockwood Reporting Demystified.pdf
‘DevOps Requires New job Skills and 8: Sharing, Shadowing & https://www.upguard.com/blog/devops-new-
Roles’ by Upguard Evolving job-skills-roles-titles
‘DevOps: To Measure Value, Then To 7: Measurement, Metrics & https://www.linkedin.com/pulse/devops-

Measure Speed’ by Stephen Williams Reporting measure-value-speed-stephen-williams/
‘Doing ChatOps in Microsoft Teams’ by 3: Key DevOps Principles https://www.infoq.com/news/2018/02/chato

Helen Beal ps-microsoft-teams
‘First Impressions at Etsy’ by Jason 3: Key DevOps Principles https://www.jasonshen.com/2015/first-

Shen (including reference to the 3- impressions-at-etsy/
armed sweater)
‘From Containers to Microservices: 6: Automation & Architecting https://techbeacon.com/containers-
Modernizing Legacy Applications’ on Toolchains microservices-how-modernize-legacy-
TechBeacon applications
‘From Darwin to DevOps: John Willis 4: Business & Technology https://www.infoq.com/news/2018/05/Beyon

and Gene Kim Talk about Life after The Frameworks d-The-Phoenix-Project
Phoenix Project’ by Helen Beal
‘How to Find Your Continuous Delivery 1: Exploring DevOps http://devops.com/features/find-continuous-

Rhythm’ from devops.com delivery-rhythm/
‘How to Implement a Solid DevOps 8: Sharing, Shadowing & http://searchitoperations.techtarget.com/feat

Team Structure’ by Alex Barrett Evolving ure/How-to-implement-a-solid-DevOps-team-
structure
‘How to Reduce Employee Resistance 5: DevOps Values: Culture, https://www.thebalancecareers.com/how-to-

to Change’ by Susan. M. Heathfield Behaviors & Operating Models reduce-employee-resistance-to-change-
1918992
‘Introducing DevOps Where ITIL Rules’ 4: Business & Technology http://www.scriptrock.com/blog/introducing-

by Alan Sharp-Paul Frameworks devops-itil-rules-enterprise-2
‘Is Yours a Learning Organization?’ on 4: Business & Technology https://hbr.org/2008/03/is-yours-a-learning-

HBR Frameworks organization
‘Jesse Robbins Discusses DevOps and 6: Automation & Architecting http://www.thoughtworks.com/insights/blog/

Cloud Computing’ on Thoughtworks’ Toolchains jesse-robbins-discusses-devops-and-cloud-
blog computing
‘Just What is a DevOps Engineer?’ on 8: Sharing, Shadowing & https://dzone.com/articles/just-what-devops-

devops.com Evolving engineer
‘Inside Atlassian: how IT & SRE use 3: Key DevOps Principles https://www.atlassian.com/blog/it-service-
ChatOps to run incident management’ management/inside-atlassian-sre-use-
by Sean Regan chatops-run-incident-management
‘Let’s Fund Teams Not Projects’ from 4: Business & Technology https://defradigital.blog.gov.uk/2017/09/19/l
the DEFRA Digital blog, .gov.uk Frameworks ets-fund-teams-not-projects/
‘Machine Learning: AI Driving DevOps 6: Automation & Architecting https://devops.com/machine-learning-ai-

Evolution’ by Tony Bradley Toolchains driving-devops-evolution/
‘Metrics for DevOps Initiatives’ from IT 7: Measurement, Metrics & http://devopsenterprise.io/media/DOES_foru

Revolution Reporting m_metrics_102015.pdf
‘Misconceptions About Kanban’ by 3: Key DevOps Principles https://www.extremeuncertainty.com/miscon

Leon Tranter ceptions-about-kanban/
‘Quantifying DevOps Capability: It’s 1: Exploring DevOps https://blog.rackspace.com/quantifying-

Important To Keep CALMS’ by devops-capability-its-important-to-keep-calms
Rackspace
‘Resilience Engineering’ by Erik 3: Key DevOps Principles http://erikhollnagel.com/ideas/resilience-

Hollnagel engineering.html
‘T-Shaped Developers are the New 8: Sharing, Shadowing & http://www.theregister.co.uk/2015/11/02/t_s
Normal’ by David Walker Evolving haped_developers_are_the_new_normal/
‘The 7 Skills Ops Pros Need to Succeed 8: Sharing, Shadowing & https://devops.com/devops-7-skills-ops-pros-
in DevOps’ by George Hulme Evolving need-succeed/
‘The Andon Cord’ by John Willis on IT 4: Business & Technology https://itrevolution.com/kata/

Revolution Frameworks
‘The Biggest Myth in Building Learning 2: Core DevOps Practices http://learningrebels.com/2014/09/12/the-

Culture’ by Shannon Tipton biggest-myth-in-building-a-learning-culture/
‘The Convergence of DevOps’ by John 4: Business & Technology http://itrevolution.com/the-convergence-of-

Willis on IT Revolution Frameworks devops/
‘The DevOps Movement Fits Perfectly 4: Business & Technology https://www.thinktanks.co.za/the-devops-

with ITSM’ by Gene Kim Frameworks movement-fits-perfectly-with-itsm/
‘The Importance of a Learning Culture’ 2: Core DevOps Practices http://www.skillpath.com/whitepapers/pdf/le

by Skillpath arningculture.pdf
The Scrum GuideTM 4: Business & Technology http://www.scrumguides.org/scrum-

Frameworks guide.html
“The Industry Just Can’t Decide About 8: Sharing, Shadowing & https://www.infoq.com/news/2017/10/devop
DevOps Teams” by Helen Beal Evolving s-teams-good-or-bad
‘The Mission of a DevOps Team’ by 8: Sharing, Shadowing & http://caseywest.com/the-mission-of-a-

Casey West Evolving devops-team/
‘Theory of Constraints’ by Lean 2: Core DevOps Practices http://www.leanproduction.com/theory-of-

Production constraints.html
‘There’s No Such Thing as a DevOps 8: Sharing, Shadowing & https://continuousdelivery.com/2012/10/ther

Team’ by Jez Humble Evolving es-no-such-thing-as-a-devops-team/
‘Top 25 Lean Tools’ on Lean 4: Business & Technology http://www.leanproduction.com/top-25-lean-

Production Frameworks tools.html
‘Toyota Kata: Habits for Continuous 4: Business & Technology http://www.methodsandtools.com/archive/to

Improvement’ by Håkan Forss Frameworks yotakata.php
‘Tracking Every Release’ Code as Craft 7: Measurement, Metrics & https://codeascraft.com/2010/12/08/track-

(Etsy) Reporting every-release/
‘Transforming the Annual Budgeting 4: Business & Technology https://devops.com/transforming-the-annual-

Process for DevOps’ by Mustafa Frameworks budgeting-process-for-devops/
Kapadia
Understanding DevOps – Part 4: 3: Key DevOps Principles https://sdarchitect.wordpress.com/2012/10/3

Continuous Testing and Continuous 0/understanding-devops-part-4-continuous-
Monitoring testing-and-continuous-monitoring/
Understanding the Kubler-Ross 5: DevOps Values: Culture, http://www.cleverism.com/understanding-
Change Curve - Cleverism Behaviors & Operating Models kubler-ross-change-curve/
‘Use DevOps to Turn IT Into a Strategic 1: Exploring DevOps http://dev2ops.org/2012/09/use-devops-to-

Weapon’ by Damon Edwards turn-it-into-a-strategic-weapon
‘What DevOps Means to Me’ by John 1: Exploring DevOps https://blog.chef.io/2010/07/16/what-

Willis devops-means-to-me/
‘What is Site Reliability Engineering?’ 3: Key DevOps Principles https://landing.google.com/sre/interview/ben

an interview with Niall Murphy and -treynor.html
Ben Treynor at Google
‘What Happens to Test in a DevOps 3: Key DevOps Principles http://devops.com/2016/06/13/happens-test-

World’ on devops.com devops-world/
‘What’s Lost With a DevOps Team’ by 8: Sharing, Shadowing & http://www.michaelnygard.com/blog/2016/0

Michael Nygard Evolving 1/whats-lost-with-a-devops-team/
‘What’s the Best Team Structure for 8: Sharing, Shadowing & https://puppet.com/blog/what%E2%80%99s-
DevOps Success?’ by Alanna Brown Evolving best-team-structure-for-devops-success
‘What’s the Difference Between AI, 6: Automation & Architecting https://blogs.nvidia.com/blog/2016/07/29/w

Machine Learning and Deep Toolchains hats-difference-artificial-intelligence-machine-
Learning?’ by Michael Copeland learning-deep-learning-ai/
‘Why DevOps Engineer is the Number 8: Sharing, Shadowing & https://www.cloudcomputing-

One Hardest Tech Job to Fill by Evolving news.net/news/2016/jun/16/devops-
Logicworks engineer-hardest-job-to-fill/
‘Why Everyone Needs DevOps Now’ 2: Core DevOps Practices http://www.slideshare.net/realgenekim/why-

by Gene Kim everyone-needs-devops-now
WebSites
Title Link
Agile Manifesto http://www.agilemanifesto.org/
Beyond Budgeting https://bbrt.org/
DevOps Institute https://devopsinstitute.com/
DevOps Topologies (Matthew Skelton & Manuel Pais) https://web.devopstopologies.com/
DevOps.com https://devops.com/
DevOpsDays https://www.devopsdays.org/
DevSecOps Reference Architectures (Sonatype) https://www.sonatype.com/devsecops-reference-architectures
Hubot by Github https://hubot.github.com/
IT Revolution https://itrevolution.com/
Periodic Table of DevOps Tools (XebiaLabs) https://xebialabs.com/periodic-table-of-devops-tools/
Principles of Chaos Engineering https://principlesofchaos.org
Rugged Software https://www.ruggedsoftware.org/
SAFe https://www.scaledagileframework.com
Scrum.org https://www.scrum.org/
Theory of Constraints Institute https://www.tocinstitute.org/
DevOps & Engineering Blogs
Blog Link
AirBNB Engineering & Data Science https://medium.com/airbnb-engineering
Backstage Blog (SoundCloud) https://developers.soundcloud.com/blog/
BlackRock Blog http://rockthecode.io/
code.flickr.com http://code.flickr.net/
DEFRA Digital https://defradigital.blog.gov.uk/
Deliveroo Engineering Team https://deliveroo.engineering/
Dropbox Tech Blog https://blogs.dropbox.com/tech/
eBay Tech Blog https://www.ebayinc.com/stories/blogs/tech/
Etsy - Code as Craft https://codeascraft.com/
Eventbrite Engineering https://www.eventbrite.com/engineering/
Facebook Engineering https://www.facebook.com/Engineering
Github Engineering https://githubengineering.com/
Google Developers https://developers.googleblog.com/
Heroku Engineering https://blog.heroku.com/engineering
HubSpot Engineering https://product.hubspot.com/blog/topic/engineering
Instagram Engineering http://instagram-engineering.tumblr.com/
Kickstarter Engineering https://kickstarter.engineering/
LinkedIn Engineering https://engineering.linkedin.com/blog
Monzo Technology https://monzo.com/blog/technology/
Moonpig Engineering https://engineering.moonpig.com/
Netflix TechBlog https://medium.com/netflix-techblog
PayPal Engineering https://www.paypal-engineering.com/
Pinterest Engineering https://medium.com/@Pinterest_Engineering
Revolut Engineering https://blog.revolut.com/tag/engineering/
Salesforce Engineering https://engineering.salesforce.com/
Slack Engineering https://slack.engineering/
Target Tech http://target.github.io/devops/the-dojo
Ticketmaster Technology https://tech.ticketmaster.com/category/devops/
Trainline Engineering https://engineering.thetrainline.com/
Uber Engineering https://eng.uber.com/
Vimeo Engineering https://medium.com/vimeo-engineering-blog
Zapier Engineering https://zapier.com/engineering/
GitHub Resources
Item Link
CapitalOne DevOps Dashboard https://github.com/capitalone/Hygieia
Chaos Monkey https://github.com/Netflix/SimianArmy/wiki/Chaos-Monkey
DevOps Against Humanity https://github.com/bridgetkromhout/devops-against-humanity
DevOps Tools Collection https://github.com/collections/devops-tools
Additional Videos of Interest
Title Link
‘Continuous Delivery’ with Jez Humble (46:59) https://youtu.be/skLJuksCRTw
‘Continuous Delivery is a Team Sport’ with Jez Humble, Gene https://youtu.be/9XmvFvdTObY

Kim and Gary Gruver hosted by ElectricCloud (5:33)
‘Get Loose! Microservices & Loosely Coupled Architectures’ https://youtu.be/I9BymWx8G1E

with Jez Humble and Anders Walgreen hosted by devops.com
‘Intro to Scrum in Under 10 Minutes’ by Axosoft https://youtu.be/XU0llRltyFM
‘Learn How Value Stream Mapping Applies to Any Industry or https://youtu.be/gg5u9kn0Bzo

Process’’ by Gemba Academy
Sidney Dekker, Richard Cook and Stephen Spear at DOES 2017 https://youtu.be/CFMJ3V4VakA
‘The Real DevOps of Silicon Valley’ from AppDynamics (4:49) https://youtu.be/2PjVuTzA2lk
DevOps Books
Title Author Link

Accelerate: The Science of Lean Nicole Forsgren PHD, Jez Humble & https://itrevolution.com/book/acceler
Software and DevOps: Building and Gene Kim ate/
Scaling High Performing Technology
Organizations
Beyond The Phoenix Project Gene Kim and Jez Humble https://itrevolution.com/book/beyond
-phoenix-project/
Continuous Delivery Jez Humble and Dave Farley https://www.amazon.com/Continuous

-Delivery-Deployment-Automation-
Addison-Wesley/dp/0321601912
DevOps for the Modern Enterprise Mirco Hering https://itrevolution.com/book/devops

_modern_enterprise/
Just Culture Sidney Dekker http://sidneydekker.com/just-culture/
Leading Change John P Kotter https://www.amazon.com/Leading-

Change-New-Preface-Author-
ebook/dp/B00A07FPEO
Lean IT Steven C Bell and Michael A Orzen https://www.amazon.com/Lean-

Enabling-Sustaining-Your-
Transformation/dp/1439817561
Site Reliability Engineering Niall Richard Murphy, Betsy Beyer and https://www.amazon.com/Site-
Chris Jones Reliability-Engineering-Production-
Systems/dp/149192912X
The Art of Business Value Mark Schwartz https://itrevolution.com/book/the-

art-of-business-value/
The DevOps Handbook Gene Kim, Jez Humble, Patrick Debois https://itrevolution.com/book/the-
& John Willis devops-handbook/
The Phoenix Project Kevin Behr, George Spafford and Gene https://itrevolution.com/book/the-
Kim phoenix-project/
The Field Guide to Understanding Sidney Dekker https://www.routledge.com/The-

Human Error Field-Guide-to-Understanding-Human-
Error-3rd-
Edition/Dekker/p/book/97814724390
55
Case Stories Featured in the Course
Company Module Link

Alaska Air 4: Business & ● https://blog.chef.io/2017/03/20/delivering-the-continuous-
Technology enterprise-with-agile-lean-and-devops-aldo-practices/
Frameworks ● https://www.youtube.com/watch?v=mGJkhuRlvTo
● https://www.slideshare.net/chef-software/alaska-airlines-devops-
journey
● https://www.ca.com/us/collateral/case-studies/alaska-airlines-
enables-air-travel-innovation-via-apis.html
● https://azure.microsoft.com/en-us/resources/videos/alaska-
airlines-visual-studio-team-services-xamarin/
● https://hostingjournalist.com/video/alaska-airlines-makes-
shopping-easier-with-faster-flow-of-new-e-commerce-features/
● https://medium.com/@weekstweets/modern-infrastructure-
automation-a4afe661cad9
● https://www.solutionsiq.com/resource/agile-amped-podcast/mob-
programming-at-alaska-airlines-with-agile-amped-at-aatc2016/
Australia Post (in 4: Business & ● https://auspostenterprise.com.au/insights/digitising-

notes on SAFe Technology services/australia-posts-agile-approach-digital-transformation
slide) Frameworks
Capital One 3: Key DevOps ● https://goatcan.do/2016/06/16/the-goat-farm-episode-13-

Principles measuring-success-at-capital-one/
● https://dzone.com/articles/capital-one-a-devops-powerhouse
● https://www.youtube.com/watch?v=Re8UvbMU2tw
● http://www.capitalone.io/blog/hygieia-making-sense-out-of-your-
devops-tools/
Disney 8: Sharing, Shadowing ● https://thenewstack.io/magic-behind-disney-devops-experience/
& Evolving ● https://puppet.com/blog/disney-s-devops-journey-a-devops-
enterprise-summit-reprise
● https://www.theserverside.com/blog/Coffee-Talk-Java-News-
Stories-and-Opinions/How-Disney-organized-for-a-DevOps-
transition
● https://www.computerworlduk.com/devops/systems-strategy-
chief-jason-cox-details-disneys-devops-journey-3642785/
● https://www.infoq.com/news/2017/06/does17-keynotes-day-one
Fannie-Mae 6: Automation & ● http://searchitoperations.techtarget.com/feature/Fannie-Mae-

Architecting DevOps securitization-app-leads-DevOps-implementation
Toolchains ● https://dzone.com/articles/applying-devops-to-deliver-quality-at-
speed
ING Bank 1: Exploring DevOps ● http://www.theregister.co.uk/2016/07/01/ing_mainframe_strategy

/?mt=1467618827333
● https://www.finextra.com/newsarticle/29125/ing-bangs-the-drum-
for-devops
● http://www.slideshare.net/CAinc/continuous-delivery-the-ing-
story-improving-time-to-market-with-devops-and-continuous-
delivery
● https://www.youtube.com/watch?v=9jqY_bvI5vk
Societe Generale 7: Measurement, ● https://blog.xebialabs.com/2016/11/15/reap-rewards-devops-one-

Metrics & Reporting banks-story/
Target 5: Culture, Behaviors ● https://www.youtube.com/watch?v=7s-

& Operating Models VbB1fG5o&feature=youtu.be
Ticketmaster 2: Core DevOps ● http://www.computerweekly.com/news/450416287/How-to-apply-

Practices DevOps-practices-to-legacy-IT
DevOps Glossary
of Terms
DEVOPS
GLOSSARY OF TERMS
This glossary is provided for reference only as it contains key

terms that may or may not be examinable.
DevOps Glossary of Terms
Term Definition
Two-Factor Authentication, also known as 2FA or TFA or Two-Step Authentication is when a
2-Factor or 2-Step user provides two authentication factors; usually firstly a password and then a second layer
Authentication of verification such as a code texted to their device, a shared secret, a physical token or
biometrics.
A structured problem-solving approach that uses a lean tool called the A3 Problem-Solving
A3 Problem Solving Report. The term "A3" represents the paper size historically used for the report (a size roughly
equivalent to 11" x 17").
Granting an authenticated identity access to an authorized resource (e.g., data, service,

Access
environment) based on defined criteria (e.g., a mapped role), while preventing an
Management
unauthorized identity access to a resource.
Access provisioning is the process of coordinating the creation of user accounts, e-mail
Access Provisioning authorizations in the form of rules and roles, and other tasks such as provisioning of physical
resources associated with enabling new users to systems or environments.
Any person making a decision must seek advice from everyone meaningfully affected by
the decision and people with expertise in the matter. Advice received must be taken into
consideration, though it does not have to be accepted or followed. The objective of the
Advice Process advice process is not to form consensus, but to inform the decision-maker so that they can
make the best decision possible. Failure to follow the advice process undermines trust and
unnecessarily introduces risk to the business.
See: http://reinventingorganizationswiki.com/Decision_Making
Able to move quickly and easily; well-coordinated.

Agile (adjective)
Able to think and understand quickly; able to solve problems and have new ideas.
Fast moving, flexible and robust company capable of rapid response to unexpected
Agile Enterprise
challenges, events, and opportunities.
A formal proclamation of values and principles to guide an iterative and people-centric

Agile Manifesto
approach to software development.
Agile Principles The twelve principles that underpin the Agile Manifesto.
Agile Process The aspect of Agile Service Management (Agile SM) that applies the same Agile approach
Design to process design as developers do to software development.
Agile Process The aspect of Agile SM that aligns Agile values with ITSM processes through continuous
Improvement improvement.
Agile Process An ITSM or other type of process owner that uses Agile and Scrum principles and practices to
Owner design, manage and measure individual processes.
Framework that ensures that ITSM processes reflect Agile values and are designed with “just
Agile Service
enough” control and structure in order to effectively and efficiently deliver services that
Management
facilitate customer outcomes when and how they are needed.
The operational equivalent to Dev’s ScrumMaster. A role within an IT organization that
Agile Service
understands how to leverage Agile and Scrum methods to improve the design, speed and
Manager
agility of ITSM processes.
Group of software development methods in which requirements and solutions evolve

Agile Software
through collaboration between self-organizing, cross-functional teams. Usually applied using
Development
the Scrum or Scaled Agile Framework approach
Amazon Web
Services (AWS)
Antifragile The ability to improve with stress rather than merely resist it.
Application
A set of protocols used to create applications for a specific OS or as an interface between
Programming
modules or applications.
Interface (API)
Architecture The fundamental underlying design of computer hardware, software or both in combination.
Any element in a software development project including documentation, test plans,

Artifact
images, data files and executable modules.
The chain of weaknesses a threat may exploit to achieve the attacker’s objective. For
example, an attack path may start by compromising a user’s credentials, which are then
Attack path
used in a vulnerable system to escalate privileges, which in turn is used to access a
protected database of information, which is copied out to an attacker’s own server(s).
The process of verifying an asserted identity. Authentication can be based on what you
Authentication know (eg, password or PIN), what you have (token or one-time code), what you are
(biometrics) or contextual information.
Authorization The process of granting roles to users to have access to resources.
A common set of minimum security practices that must be applied to all environments
without exception. Practices include basic network security (firewalls and monitoring),
Basic Security
hardening, vulnerability and patch management, logging and monitoring, basic policies
Hygiene
and enforcement (may be implemented under a “policies as code” approach), and identity
and access management.
Bug An error in software that results in an unexpected or system-degrading condition.
Burndown Chart Chart showing the evolution of remaining effort against time.
Changing how the business functions. Making this a reality means changing culture,
Business
processes, and technologies in order to better align everyone around delivering on the
Transformation
organization’s mission.
Cadence Flow or rhythm of events.
Considered the pillars or values of DevOps: Culture, Automation, Lean, Measurement,

CALMS Model
Sharing (as put forth by John Willis, Damon Edwards and Jez Humble).
Carrots Positive incentives, for encouraging and rewarding desired behaviors.
Addition, modification or removal of anything that could have an effect on IT services.

Change
(ITIL® definition)
Change Failure
A measure of the percentage of failed/rolled back changes.
Rate
A general sense of apathy or passive resignation towards organizational changes by

Change Fatigue
individuals or teams.
Change Lead Time A measure of the time from a request for change to delivery of the change.
Change
Process that controls all changes throughout their lifecycle. (ITIL definition)
Management
An approach to managing technical and business operations through a group chat room
ChatOps
(coined by GitHub).
The practice of using remote servers hosted on the internet to host applications rather than
Cloud Computing
local servers in a private datacenter.
A repository where developers can commit and collaborate on their code. It also tracks
Code Repository historical versions and potentially identifies conflicting versions of the same code. Also
referred to as “repository” or “repo.”
Collaboration People jointly working with others towards a common goal.
From Wikipedia: “Configuration management (CM) is a systems engineering process for

Configuration establishing and maintaining consistency of a product's performance, functional, and
Management physical attributes with its requirements, design, and operational information throughout its
life.” https://en.wikipedia.org/wiki/Configuration_management
Constraint Limitation or restriction; something that constrains. See also bottleneck.
A way of packaging software into lightweight, stand-alone, executable packages including

Containers everything needed to run it (code, runtime, system tools, system libraries, settings) for
development, shipment and deployment.
Continual Service
One of the ITIL Core publications and a stage of the service lifecycle.
Improvement (CSI)
Continuous A methodology that focuses on making sure software is always in a releasable state
Delivery throughout its lifecycle.
Continuous A set of practices that enable every change that passes automated tests to be
Deployment automatically deployed to production.
Smoothly moving people or products from the first step of a process to the last with minimal
Continuous Flow
(or no) buffers between steps.
Continuous A development practice that requires developers to merge their code into a shared
Integration repository — ideally, multiple times per day.
Cooperation vs. The key cultural value shift toward being highly collaborative and cooperative, and away
Competition from internal competitiveness and divisiveness.
Critical Success Something that must happen for an IT service, process, plan, project or other activity to
Factor (CSF) succeed.
CSI Register Vehicle for recording and managing improvement opportunities throughout their lifecycle.
Culture
The values and behaviors that contribute to the unique psychosocial environment of an
(Organizational
organization.
Culture)
Cycle Time A measure of the time from start of work to ready for delivery.
Daily timeboxed event of 15 minutes or less for the Team to replan the next day of work
Daily Scrum
during a Sprint.
Definition of Done
Shared understanding of what it means for work to be complete.
(DoD)
A four-stage cycle for process management, attributed to W. Edwards Deming. Also called
Deming Cycle
Plan-Do-Check-Act (PDCA).
The installation of a specified version of software to a given environment (e.g., promoting a

Deployment
new build into production).
Individuals involved in software development activities such as application and software

Dev
engineers.
A cultural and professional movement that stresses communication, collaboration and

integration between software developers and IT operations professionals while automating
the process of software delivery and infrastructure changes. It aims at establishing a culture
DevOps and environment where building, testing, and releasing software, can happen rapidly,
frequently, and more reliably.” (Source: Wikipedia)
The tools needed to support a DevOps continuous integration, continuous deployment, and
DevOps Toolchain
continuous release and operations initiative.
A mindset that "everyone is responsible for security" with the goal of safely distributing security
DevSecOps decisions at speed and scale to those who hold the highest level of context without
sacrificing the safety required.
A DMZ in network security parlance is a network zone in between the public internet and
DMZ (network internal protected resources. Any application, server, or service (including APIs) that need to
security zone) be exposed externally are typically placed in a DMZ. It is not uncommon to have multiple
DMZs in parallel.
Dynamic
Application
A type of testing that runs against built code to test exposed interfaces.
Security Testing
(DAST)
Erik Erikson (1950, 1963) proposed a psychoanalytic theory of psychosocial development

Erickson (Stages of
comprising eight stages from infancy to adulthood. During each stage, the person
Psychosocial
experiences a psychosocial crisis which could have a positive or negative outcome for
Development)
personality development.
A central identity used for access to a wide range of applications, systems, and services, but
with a particular skew toward web-based applications. Also often referenced as Identity-as-
Federated Identity
a-Service (IDaas). Any identity that can be reused across multiple sites, particularly via SAML
or OAuth authentication mechanisms.
How people, products or information move through a process. Relative to information and
Flow
culture, please see: http://reinventingorganizationswiki.com/Information_Flow
A core cultural value that with the freedom of self-management (such as afforded by
Freedom and
DevOps) comes the responsibility to be diligent, to follow the advice process and to take
Responsibility
ownership of both successes and failures.
From Wikipedia: “Fuzzing or fuzz testing is an automated software testing technique that
Fuzzing involves providing invalid, unexpected, or random data as inputs to a computer
program.” https://en.wikipedia.org/wiki/Fuzzing
A cultural view wherein long-term outcomes are of primary focus, which in turn drives
Generativity
investments and cooperation that enable an organization to achieve those outcomes.
A model by Simon Sinek that emphasizes an understanding of the business’ “why” before
Golden Circle
focusing on the “what” and “how”.
Golden Image A template for a virtual machine (VM), virtual desktop, server or hard disk drive. (TechTarget)
Governance, Risk A software platform intended for concentrating governance, compliance and risk
Management and management data, including policies, compliance requirements, vulnerability data, and
Compliance (GRC) sometimes asset inventory, business continuity plans, etc. In essence, a specialized
(platform/software) document and data repository for security governance.
Governance, Risk
Management and A team of people who specialize in IT/security governance, risk management and
Compliance (GRC) compliance activities. Most often non-technical business analyst resources.
(practice area)
Securing a server or infrastructure environment by removing or disabling unnecessary

software, updating to known good versions of the operating system, restricting network-level
Hardening
access to only that which is needed, configuring logging in order to capture alerts,
configuring appropriate access management and installing appropriate security tools.
Organizations with a high-trust culture encourage good information flow, cross-functional

High-trust Culture
collaboration, shared responsibilities, learning from failures and new ideas.
The unique name of a person, device, or the combination of both that is recognized by a
Identity
digital system. Also referred to as an “account” or “user.”
Identity and
From webopedia: “[A] framework of policies and technologies for ensuring the proper
Access
people have the appropriate access to technology resources.”
Management
(http://www.webopedia.com/TERM/I/iam-identity-and-access-management.html)
(IAM)
Identity as a Identity and access management services that are offered through the cloud or on a
Service (IDAAS) subscription basis.
Impediment
Anything that prevents a team member from performing work as efficiently as possible.
(Scrum)
A structured way to create a culture of continuous learning and improvement.
Improvement Kata (In Japanese business, Kata is the idea of doing things the “correct” way. An organization’s
culture can be characterized as its Kata through its consistent role modeling, teaching and
coaching.)
A system designed to motivate people to complete tasks toward achieving objectives. The
Incentive model
system may employ either positive or negative consequences for motivation.
Any unplanned interruption to an IT service or reduction in the quality of an IT service.

Incident
Includes events that disrupt or could disrupt the service. (ITIL definition)
Incident Process that restores normal service operation as quickly as possible to minimize business
Management impact and ensure that agreed levels of service quality are maintained. (ITIL definition)
“[An] organized approach to addressing and managing the aftermath of a security breach
or attack (also known as an incident). The goal is to handle the situation in a way that limits
Incident Response damage and reduces recovery time and costs.”
http://searchsecurity.techtarget.com/definition/incident-response
Increment Potentially shippable completed work that is the outcome of a Sprint.
All of the hardware, software, networks, facilities, etc., required to develop, test, deliver,
monitor and control or support IT services. The term IT infrastructure includes all of the
Infrastructure
information technology but not the associated people, processes and documentation. (ITIL
definition)
Infrastructure as
The practice of using code (scripts) to configure and manage infrastructure.
Code
An integrated development environment (IDE) is a software suite that consolidates the basic
Integrated tools developers need to write and test software. Typically, an IDE contains a code editor, a
development compiler or interpreter and a debugger that the developer accesses through a single
environment (IDE) graphical user interface (GUI). An IDE may be a standalone application, or it may be
included as part of one or more existing and compatible applications. (TechTarget)
Integrated
Linting is the process of running a program that will analyze code for potential errors (e.g.,
development
formatting discrepancies, non-adherence to coding standards and conventions, logical
environment (IDE)
errors).
‘lint’ checks
A network of physical devices that connect to the internet and potentially to each other
Internet of Things
through web-based wireless services.
A mnemonic was created by Bill Wake as a reminder of the characteristics of a quality user
INVEST
story
ISO 31000 A family of standards that provide principles and generic guidelines on risk management.
International standard for IT service management. ISO/IEC 20000 is used to audit and certify
ISO/IEC 20000
service management capabilities.
A process for capturing, tracking, and resolving bugs and issues throughout the software
Issue Management
development lifecycle.
Set of best practice publications for IT service management. Published in a series of five core
ITIL books representing the stages of the IT service lifecycle which are: Service Strategy, Service
Design, Service Transition, Service Operation and Continual Service Improvement.
IT Service A service provided to a customer from an IT organization.
Kaizen The practice of continuous improvement.
Kanban Method of work that pulls the flow of work through a process at a manageable pace.
Kanban Board Tool that helps teams organize, visualize and manage work.
Key Performance Key metric used to measure the achievement of critical success factors. KPIs underpin critical
Indicator (KPI) success factors and are measured as a percentage. (ITIL definition)
Knowledge Process that ensures the right information is delivered to the right place or person at the right
Management time to enable an informed decision.
Knowledge Process that ensures the right information is delivered to the right place or person at the right
Management time to enable an informed decision.
Known Error Problem with a documented root cause and a workaround. (ITIL definition)
Kubler-Ross
Describes and predicts the stages of personal and organizational reaction to major changes.
Change Curve
Laloux (Culture
Frederic Laloux created a model for understanding organizational culture.
Models)
Lean (adjective) Spare, economical. Lacking richness or abundance.
Production philosophy that focuses on reducing waste and improving the flow of processes
Lean (production)
to improve overall customer value.
Organization that strategically applies the key ideas behind lean production across the
Lean Enterprise
enterprise.
Applying the key ideas behind lean production to the development and management of IT
Lean IT
products and services.
Lean
Lean production philosophy derived mostly from the Toyota Production System.
Manufacturing
The goal of lean thinking is to create more value for customers with fewer resources and less
Lean Thinking
waste. Waste is considered any activity that does not add value to the process.
“The collective processes and policies used to administer and facilitate the generation,
transmission, analysis, storage, archiving and ultimate disposal of the large volumes of log
Log Management
data created within an information
system.” http://searchitoperations.techtarget.com/definition/log-management
Machine Learning Data analysis that uses algorithms that learn from data.
Many-factor The practice of using at least 2 factors for authentication. The two factors can be of the
Authentication same class.
Mean Time
Used to measure deployment frequency.
Between Deploys
Mean Time Average time that a CI or IT service can perform its agreed function without interruption.
Between Failures Often used to measure reliability. Measured from when the CI or service starts working, until
(MTBF) the time it fails (uptime). (ITIL definition)
Mean Time to
Detect Incidents Average time required to detect a failed component or device.
(MTTD)
Mean time to
How long a vulnerability or software bug/defect exists before it’s identified.
Discovery
Mean time to
How long it takes to apply patches to environments once a vulnerability has been identified.
Patch
Mean Time to Average time required to repair a failed component or device. MTTR does not include the
Repair (MTTR) time required to recover or restore service.
Mean time to
How long it takes for a production-impacting issue to be resolved.
Resolution
Used to measure time from when the CI or IT service fails until it is fully restored and delivering
Mean Time to
its normal functionality (downtime). Often used to measure maintainability. (ITIL definition)
Restore Service
(MTRS)
Something that is measured and reported upon to help manage a process, IT service or
Metric
activity.
A software architecture that is composed of smaller modules that interact through APIs and
Microservices
can be updated without affecting the entire system.
Minimum Viable Most minimal version of a product that can be released and still provide enough value that
Product people are willing to use it.
Representation of a system, process, IT service, CI, etc. that is used to help understand or
Model predict future behavior. In the context of processes, models represents pre-defined steps for
handling specific types of transactions.
Multi-factor The practice of using 2 or more factors for authentication. Often used synonymously with 2-
Authentication factor Authentication.
Software that is distributed with its source code so that end user organizations and vendors
Open Source
can modify it for their own purposes.
Operations Function that performs the daily activities needed to deliver and support IT services and the
Management supporting IT infrastructure at the agreed levels. (ITIL)
Individuals involved in the daily operational activities needed to deploy and manage
systems and services such as quality assurance analysts, release managers, system and
Ops
network administrators, information security officers, IT operations specialists and service desk
analysts.
An approach to building automation that interfaces or “orchestrates” multiple tools together

Orchestration
to form a toolchain.
Organizational Efforts to adapt the behavior of humans within an organization to meet new structures,
Change processes or requirements.
A method for splitting a server into multiple partitions called "containers" or "virtual
OS Virtualization
environments" in order to prevent applications from interfering with each other.
Outcome Intended or actual results.
Requirements that specify criteria that can be used to judge the operation of a system,
Non-functional
rather than specific behaviors or functions (e.g., availability, reliability, maintainability,
requirements
supportability); qualities of a system.
Patch A software update designed to address (mitigate/remediate) a bug or weakness.
Patch
The process of identifying and implementing patches.
management
From Wikipedia: “an authorized simulated attack on a computer system that looks for
security weaknesses, potentially gaining access to the system's features and
data.” https://en.wikipedia.org/wiki/Penetration_test It should be noted that pentesting is
Penetration
distinctly different from vulnerability scanning (vuln scanning), though a vuln scan may be
Testing, or
performed during a pentest engagement. Sometimes also referred to as “red teaming” or
Pentesting
“tiger teaming,” though this isn’t necessarily correct. Red teams or tiger teams are designed
to model specific threats rather than the more broad pentesting objective of looking for as
many weaknesses as possible.
Plan-Do-Check-Act Four-stage cycle for process management, attributed to W. Edwards Deming. Also known as
(PDCA) the Deming Cycle.
Formal documents that define boundaries in terms of what the organization may or may not
Policies
do as part of its operations.
The notion that security principles and concepts can be articulated in code (e.g., software,
configuration management, automation) to a sufficient degree that the need for an
Policy as Code extensive traditional policy framework is greatly reduced. Standards and guidelines should
be implemented in code and configuration, automatically enforced and automatically
reported-on in terms of compliance, variance or suspected violations.
Post
Review that takes place after a change or a project has been implemented that assesses
Implementation
whether the change was successful and opportunities for improvement.
Review (PIR)
Potentially
Increment of work that is “done” and capable of being released if it makes sense to do so.
Shippable Product
The relative importance of an incident, problem or change; based on impact and urgency.
Priority
(ITIL definition)
Privileged Access Technologies that help organizations provide secured privileged access to critical assets and
Management meet compliance requirements by securing, managing and monitoring privileged accounts
(PAM) and access. (Gartner)
Problem The underlying cause of one or more incidents. (ITIL definition)
Procedure Step‐by‐step instructions that describe how to perform the activities in a process.
Structured set of activities designed to accomplish a specific objective. A process takes

Process inputs and turns them into defined outputs. Eelated work activities that take specific inputs
and produce specific outputs that are of value to a customer.
Role accountable for the overall quality of a process. May be assigned to the same person
Process Owner who carries out the Process Manager role, but the two roles may be separate in larger
organizations. (ITIL definition)
Prioritized list of everything that needs to be designed or improved for a process including
Process Backlog
current and future requirements.
Process Customer Recipient of a process’ output.
Process Owner Person accountable for the overall quality of a process and owner of the Process Backlog.
Process Planning A high level event to define the goals, objectives, inputs, outcomes, activities, stakeholders,
Meeting tools and other aspects of a process. This meeting is not timeboxed.
Process Supplier Creator of process input.
Requirements for a system, expressed as a prioritized list of product backlog items. The
Product Backlog
product backlog is prioritized by the Product Owner and includes functional, non-functional
(Scrum)
and technical team-generated requirements.
Product Backlog Ongoing process of adding detail, estimates and order to backlog items. Sometimes referred
Refinement to as Product Backlog grooming.
Product Owner An individual responsible for maximizing the value of a product and for managing the
(Scrum) product backlog.
Release (noun) Software that is built, tested and deployed into the production environment.
Release Process that manages releases and underpins Continuous Delivery and the Deployment
Management Pipeline.
Release Planning Timeboxed event that establishes the goals, risks, features, functionality, delivery date and
Meeting cost of a release. It also includes prioritizing the Product Backlog.
Measure of how long a service, component or CI can perform its agreed function without
Reliability
interruption. Usually measured as MTBF or MTBSI. (ITIL definition)
Remediation Plan Plan that determines the actions to take after a failed change or release. (ITIL definition)
Request for Formal proposal to make a change. The term RFC is often misused to mean a change
Change (RFC) record, or the change itself. (ITIL definition)
Resilience Building an environment or organization that is tolerant to change and incidents.
Return on Difference between the benefit achieved and the cost to achieve that benefit, expressed as
Investment (ROI) a percentage.
Possible event that could cause harm or loss, or affect an organization’s ability to achieve its
objectives. The management of risk consists of three activities: identifying risks, analyzing risks
and managing risks. The probably frequency and probable magnitude of future loss.
Risk
Pertains to a possible event that could cause harm or loss, or affect an organization’s ability
to execute or achieve its objectives.
Risk management The process by which “risk” is contextualized, assessed, and treated. From ISO 31000: 1)
process Establish context, 2) Assess risk, 3) Treat risk (remediate, reduce or accept).
Set of responsibilities, activities and authorities granted to a person or team. A role is defined
by a process. One person or team may have multiple roles.
Role
A set of permissions assigned to a user or group of users to allow a user to perform actions
within a system or application.
Role-based Access An approach to restricting system access to authorized

Control (RBAC) users. https://en.wikipedia.org/wiki/Role-based_access_control
Root Cause
Actions take to identify the underlying cause of a problem or incident.
Analysis (RCA)
Rugged Rugged Development (DevOps) is a method that includes security practices as early in the
Development continuous delivery pipeline as possible to increase cybersecurity, speed, and quality of
(DevOps) releases beyond what DevOps practices can yield alone.
Scaled Agile A proven, publicly available, framework for applying Lean-Agile principles and practices at
Framework (SAFE) an enterprise scale.
Scrum A simple framework for effective team collaboration on complex projects. Scrum provides a
small set of rules that create “just enough” structure for teams to be able to focus their
innovation on solving what might otherwise be an insurmountable challenge. (Scrum.org)
Scrum
Scrum’s roles, events, artifacts and the rules that bind them together.
Components
The definition of Scrum concepts and practices, written by Ken Schwaber and Jeff
Scrum Guide
Sutherland.
An individual who provides process leadership for Scrum (i.e., ensures Scrum practices are
ScrumMaster
understood and followed) and who supports the Scrum Team by removing impediments.
A self-organizing, cross-functional team that uses the Scrum framework to deliver products
Scrum Team iteratively and incrementally. The Scrum Team consists of a Product Owner, the
Development Team, and a Scrum Master.
Building security into DevOps tools and practices, making it an essential part of tool chains
and
Security as Code
workflows. https://www.safaribooksonline.com/library/view/devopssec/9781491971413/ch04.
html
Security
Practices intended to protect the confidentiality, integrity and availability of computer
(Information
system data from those with malicious intentions.
Security)
Means of delivering value to customers by facilitating outcomes customers want to achieve

Service
without the ownership of specific costs and risks.
Service Design One of the ITIL Core publications and a stage of the service lifecycle.
Subset of the Service Portfolio that consists of services that are live or available for
Service Catalog deployment. Has two aspects: the Business/Customer Service Catalog (visible to customers)
and the Technical/Supporting Service Catalog. (ITIL definition)
Service Desk Single point of contact between the service provider and the users.
Service Level Written agreement between an IT service provider and its customer(s) that defines key
Agreement (SLA) service targets and responsibilities of both parties.
Service Lifecycle
Structure of the ITIL Core guidance.
Service Set of specialized organizational capabilities for providing value to customers in the form of
Management services. (ITIL definition)
Service Operation One of the ITIL Core publications and a stage of the service lifecycle.
Organization that supplies services to one or more internal or external customers. (ITIL
Service Provider
definition)
Service Strategy One of the ITIL Core publications and a stage of the service lifecycle.
Service Request User request for a standard service from an IT service provider. (ITIL definition)
Service Transition One of the ITIL Core publications and a stage of the service lifecycle.
An approach that strives to build quality into the software development process by
Shift Left incorporating testing early and often. This notion extends to security architecture, hardening
images, application security testing, and beyond.
SMART Goals Specific, measurable, achievable, relevant and time-bound goals.
Software
Composition A tool that checks for libraries or functions in source code that have known vulnerabilities.
Analysis
A time-boxed iteration of work during which an increment of product functionality is

Sprint (Scrum)
implemented.
Person who has an interest in an organization, project or IT service. Stakeholders may include
Stakeholder
customers, users and suppliers. (ITIL definition)
Standard Change Pre-approved, low risk change that follows a procedure or work instruction. (ITIL definition)
Static Application
Security Testing A type of testing that checks source code for bugs and weaknesses.
(SAST)
Sticks Negative incentives, for discouraging or punishing undesired behaviors.
Subversion control A repository where developers can commit and collaborate on their code. It also tracks
repository historical versions and potentially identifies conflicting versions of the same code.
External (third party) supplier, manufacturer or vendor responsible for supplying goods or
Supplier
services that are required to deliver IT services.
From Wikipedia: “A system of record is a data management term for an information storage
system that is the authoritative data source for a given data element or piece of
System of Record information.”
https://en.wikipedia.org/wiki/System_of_record
From Wikipedia: “Test-driven development (TDD) is a software development process that
relies on the repetition of a very short development cycle: requirements are turned into very
Test-driven
specific test cases, then the software is improved to pass the new tests, only. This is opposed
development
to software development that allows software to be added that is not proven to meet
requirements.” https://en.wikipedia.org/wiki/Test-driven_development
From Wikipedia:
“1. Add a test
2. Run all tests and see if the new test fails
Test-driven 3. Write the code

development
cycle 4. Run tests
5. Refactor code
Repeat”
https://en.wikipedia.org/wiki/Test-driven_development#Test-driven_development_cycle
The situation wherein an audit-centric perspective focuses exclusively on “checking the box”
The Checkbox Trap
on compliance requirements without consideration for overall security objectives.
The Three Ways Key principles of DevOps – Flow, Feedback, Continuous experimentation and learning.
Methodology for identifying the most important limiting factor (i.e., constraint) that stands in
Theory of
the way of achieving a goal and then systematically improving that constraint until it is no
Constraints
longer the limiting factor.
Thomas Kilmann
Measures a person’s behavioral choices under certain conflict situations.
Inventory (TKI)
A bad actor, human or automated, that acts against a system with intent to harm or
Threat compromise that system. Sometimes also called a “Threat Agent” or “Threat
Actor.” https://en.wikipedia.org/wiki/Factor_analysis_of_information_risk
Information pertaining to the nature of a threat or the actions a threat may be known to be
Threat Intelligence perpetrating. May also include “indicators of compromise” related to a given threat’s
actions, as well as a “course of action” describing how to remediate the given threat action.
From Wikipedia: “[A] process by which potential threats can be identified, enumerated, and
Threat Modeling prioritized – all from a hypothetical attacker’s point of
view.” https://en.wikipedia.org/wiki/Threat_model
Time to Value Measure of the time it takes for the business to realize value from a feature or service.
A philosophy that involves using an integrated set of complimentary task specific tools to
Toolchain
automate an end to end process (vs. a single-vendor solution).
User Consumer of IT services. Or, the identity asserted during authentication (aka username).
Value Stream All of the activities to go from a customer request to a delivered product or service.
Value Stream Lean tool that depicts the flow of information, materials and work across functional silos with
Mapping an emphasis on quantifying waste, including time and quality.
An approach where traditional and digital processes co-exist within an organization while
Variable Speed IT
moving at their own speed.
Measure of the quantity of work done in a pre-defined interval. The amount of work an
Velocity
individual or team can complete in a given amount of time.
Version control Ensure a ‘single source of truth’ and enable change control and tracking for all production
tools artifacts.
Voice of the A process that captures and analyzes customer requirements and feedback to understand
Customer (VOC) what the customer wants.
Vulnerability A weakness in a design, system, or application that can be exploited by an attacker.
Information describing a known vulnerability, including affected software by version, relative

severity of the vulnerability (for example, does it result in escalation of privileges for user role,
Vulnerability or does it cause a denial of service), exploitability of the vulnerability (how easy/hard it is to
Intelligence exploit), and sometimes current rate of exploitation in the wild (is it being actively exploited
or is it just theoretical). This information will also often include guidance on what software
versions are known to have remediated the described vulnerability.
Vulnerability
The process of identifying and remediating vulnerabilities.
management
Waste (Lean
Any thing or process that does not add value to a product.
Manufacturing)
Waterfall (Project Linear and sequential approach to managing software design and development projects in
Management) which progress is seen as flowing steadily (and sequentially) downwards (like a waterfall) /
Westrum Ron Westrum developed a typology of organizational cultures that includes three types of
(Organization organizations: Pathological (power-oriented), Bureaucratic (rule-oriented) and Generative
Types) (performance-oriented).
Work in Progress
Any work that has been started but has not been completed.
(WIP)
Temporary way to reduce or eliminate the impact of incidents or problems. May be logged
Workaround
as a known error in the Known Error Database. (ITIL definition)
Reference Cards
Exam Registration
Procedure
o

Ahead DevOps Foundation STUDENT BINDER V3.0 PDF

Uploaded by

Copyright:

Available Formats

Ahead DevOps Foundation STUDENT BINDER V3.0 PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Ahead DevOps Foundation STUDENT BINDER V3.0 PDF

Uploaded by

Copyright:

Available Formats

What are the core DevOps principles discussed in the document?

What are the core DevOps principles discussed in the document?

What are some of the benefits of DevOps adoption according to the document?

What are some of the benefits of DevOps adoption according to the document?

DevOps

Module 4: Business and Technology Frameworks _________________________ 60

DevOps Foundation is a freestanding certification from the DevOps Institute. The

Eligibility for Examination

Format of the Examination

Exam Type 40 multiple choice questions

Duration 60 minutes for candidates in their respective language

Module Description Max Questions

DOFD – 1 Exploring DevOps Purpose, objectives and business value 5

DOFD – 3 Key DevOps Practices Emerging DevOps Practices such as 7

● Agile Manifesto ● Improvement kata

A. Understand why the organization exists

2. What is the Three Ways?

A. Methodology for identifying and removing constraints

3. Which statement about Kanban is CORRECT?

A. Pushes work through a process

4. What is the Agile Manifesto?

A. Values and principles to guide an iterative and people-centric approach to software

7. Due to a tightly-coupled architecture, an organization is unable to increase the frequency

A. Mean Time to Repair (MTTR)

9. Which statement about DevOps teams is MOST accurate?

12. Which is NOT a goal of DevOps?

13. An organization is implementing a disruptive application similar to the Simian Army.

A. The First Way

14. An organization is looking to improve real-time collaboration between teams. Which

15. Which is a characteristic of a DevOps culture?

A. Effective one-way communication from the top down

A. Automation version of the ITSM change management process

A. Predicting future scenarios

18. Which statement about the Improvement Kata is CORRECT?

A. It focuses on short term goal

A. Managing the product backlog

20. Which of the following is a characteristic of a high trust organizational culture?

A. Good information flow

22. What is a primary benefit of DevOps toolchains?

A. To automate steps in the deployment pipeline

A. Purpose, cause and belief

A. Business strategies and goals

28. The Theory of Constraints supports which of the Three Ways?

A. The First Way

29. Which of the following is required for Continuous Integration?

A. Automated unit, integration and acceptance testing

A. Change, Release and Service Asset and Configuration Management

34. What of the following is NOT a typical element in a DevOps toolchain?

35. Which of the following is a critical success factor for DevOps?

A. Establishing a tool chain

A. Help to improve self-diagnosis

A. The First Way

38. What does the concept of “shift left” represent?

40. An organization is preparing to automatically deploy every release that passes

Videos Featured in the Course

Module Featured Title & Description Link

1: Exploring DevOps Abbreviated version of Simon Sinek’s https://youtu.be/IPYeCltXpxw

3: Key DevOps Principles ‘GitHub Professional Guide: https://youtu.be/xSv_m3KhUO8

4: Business & Technology Frameworks ‘Spotify Engineering Culture Part 1’ https://youtu.be/4GK1NDTWbkY