Preparing for the Bio Section of the FSOT

I suspect the greatest difficulty in preparing for the Bio section is understanding exactly what is being tested. Some people never realize that it derives from popular psychological examinations that were all the rage in the 80’s and 90’s and that strict biographical detail is often secondary to other factors, namely internal consistency and value assessment. The Bio section, as conceived, tests for experience, but has built in tests for exaggeration, lying, and consistency. Therefore, one can expect several questions that seemingly ask the same thing, with only a qualifying word or two different. An example would be:

17. Was task x a significant aspect of experience y?

30. List the most important aspects of experience y.

55. List the number of experiences in which you have utilized task x.

In order to be NDA compliant, these are ruthlessly general, but you get the idea. Also, other questions might change qualifiers: “significant” to “major,” etc…By not being consistent across questions, your score would actually be lowered relative to other test takers. And, furthermore, because of the gap in number of questions and time between two related questions, applicants often fail to realize that a similar question has already been asked and, thus, forget to include a given task or experience. The best method for avoiding these errors is to know your biography extremely well, to not rush through the Bio section, and to compare like questions. The Bio is not a section on which you should be sloppy. This type of exam is similar to those used by banks to test whether or not an employee is prone to theft or to ignoring theft by others: it ascertains a value judgment and then asks several questions to verify whether or not he or she is committed to that value. On the FSOT, needless to write, the values tested are the 13-Ds and one’s commitment to the type of work the foreign service offers.


  1. Ankur says:

    Is there time to write more than one example for the questions that ask for you to give examples? I’ve been making a list of examples I think they may ask, but I’m wondering if I need to take into consideration how long my examples are?

  2. Anonymous says:

    I remember having enough time to write 1-2 samples for each question. In my opinion the best strategy for this section is to go through all the questions and then go back to fill in questions with samples. You can brainstorm while going through the questions. I think a lot of people get caught up on a question or two and spend too much time giving extensive samples. Be brief, but succinct and you’ll be ok!

    Great site, I’m glad to see someone getting this info out in a central location. Very slick!

    • Marcela says:

      Hi BillThanks for the great question, and one I find myslef explaining to customer’s allot.Historically Storage Networks have always been 2 separate networks, SAN A and SAN B, this as I’m sure you are aware is to provide two distinctly separate paths for the storage traffic in order to provide full resiliency.These two separate networks obviously provide multiple paths between the Host (Initiator / Server) and the Array containing the logical disk (Target), and all these paths can be intelligently used by multipathing aware drivers (MPIO, EMC PowerPath etc..)OK so back to your question about why don’t we dual attach the Fabric Interconnects to the SAN Switches like we do the Array Controllers.Well as you may know in the default N Port virtualization (NPV) mode the Fabric Interconnects act like an Initiator (N Port) as far as the upstream SAN Switches are concerned. So as with any initiator it is best practice to have one HBA to SAN A and a Separate HBA to SAN B, so you can think of the Fabric Interconnects as HBA’s. So that answers your first question.Your second question around, if the point is to have two completely separate SAN Networks why are the Array Controllers often dual attached to both fabrics.This actually provides several benefits the main one being around fail over.As you may know whenever you create a LUN on an array, that LUN is active on a single Storage Processor (SP), if the active SP ever failed then the secondary SP would take ownership of that LUN. However imagine the scenario in the above diagram if Fabric Interconnect A or SAN Switch A failed. If the Blade was using a LUN which was being owned by SP A and SP A was only attached to SAN Switch A, the server would now be isolated from its LUN, as all paths to SP A would be broken.Now depending what failed and what array you have this at best would cause the LUN to failover to the other SP which while works well is a “Moving Part” in the failover process that should be avoided as a best practice.Hence the best practice to dual attach the SP’s in the Array to both fabrics, as this enables the Host to have a path to its LUNs across both fabrics regardless to the SP that owns them.I mentioned this also has other benefits; the one I capitalise on most is when performing a migration of a host from one SAN to another or even a SAN replacement.For example a few weeks back I moved a client from a Brocade SAN to a Nexus SAN and had to move all their Servers and Arrays to the new Nexus Fabric with no downtime.This was a fairly easy task as all the Arrays (VNX and Clariion in this case) were dual attached to both fabrics. So it was a case of, install the Nexus Fabric, configure all the aliasing and zoning etc.. Then move each host and array off the Brocade SAN A and onto the Nexus SAN A. This obviously breaks SAN A but as long as all paths across both fabrics were active this will not cause the Host to lose connectivity to its LUNs (Regardless of which SP own s them)Then once done confirm all is well and all paths are back up and then do the same for SAN B.Appreciate we got a bit off topic, but thought it was a good opportunity provide some context and examples around the topic for other readers.RegardsColin

    • either wash says:

      Articles like this really grease the shafts of knowledge.

    • That’s a quick-witted answer to a difficult question

    • What a pleasure to meet someone who thinks so clearly

    • That’s a posting full of insight!

    • That insight’s just what I’ve been looking for. Thanks!

    • order viagra says:

      It’s a pleasure to find someone who can think so clearly

  3. fsot hopeful says:

    The suggestion above is very good. I remember kicking myself when I took the FSOT this past October for not going this route when I took the test. I didn’t get to finish them all in time. I remember going through this section that I made the mistake of going really in depth in one question, but not in another because I was short on time. If I had gone through the whole test I think I would have been able to balance the answers a little better.

    The big problem with this section in my opinion is the way you answer. I think I was too humble in some areas, I think it hurt me. I got a 48.7 on this section.

  4. Jason says:

    Wish I’d come across this site when I was studying for the section. I’m in the fortunate but stressful stage of waiting for QEP results. My bio score was the lowest of the three, but I think the practice I got filling out KSA’s for jobs on really helped me out. A lot of the questions DHS positions have similar questions.

  5. BMS says:

    I just got my FSOT results. Just to comment on the FSOT itself, I found the Biographical Information section the hardest to get through. Admittedly, my strategy for this section wasn’t effective, since I tried to answer all the questions including the list questions in order.

    After the 3rd list question or so, I was running short on time and switched to a strategy of answering the multiple choice questions first and come back to the lists. What I found most difficult about the lists is that they ask for specific examples or claim to ask for specific examples, but only allow 120 characters total for all 3 or 4 examples for that specific question. I kept running out of space and having to figure out how best to describe the examples within the character limits.

    End result, Biographical Information score: 49.88 (56.28 is the FSOT average)

  6. Dani says:

    If I ever take this test again, I’ll be sure to heed your advice. Without a doubt, the bio section was the hardest, not only because it was hard to remember information, but because the time given was way to short. 40 minutes for 70 odd questions. Ridiculous.

    • Antonio says:

      Hi GSThanks for the great question, and one (as you might except) with potentially several answers depending on the implementation, i.e. whether using Standard vSwitches / vDS, Nexus 1000V or VM-FEX. Lets take the most common implementation I tend to do which is vSphere using standard vSwitches.Ok, Thats narrowed us down but still a lengthy topic, so I’ll concentrate on the Cisco UCS specific aspects and not so much on the standard VMware config, I/O control etc.. which is equally relevant whatever platform is used and I’m sure you are familiar with.So the first question I tend to address with customers is how do they want their hosts networking to look. What I mean by that is, the client may well have a Networking Standard for their ESXi hosts or want to use their standard host templates, which is fine. But Cisco UCS does have some nice features which could greatly simplify the Hosts networking. Features that you may well already be aware of like Hardware Fabric Failover, where you can present a single vNIC to the OS / Hyper-visor and that vNIC is backed by Hardware fabric failover, i.e. if there is any break in the traffic path on the primary fabric that the vNIC is mapped to then UCS Manager will immediately switch the data path to the other fabric, without the OS ever seeing the vNIC go down. This as you may have guessed could potentially half the number of Network interfaces in your hosts (i.e. you could potentially leave out all the Uplink interfaces which are purely there for redundancy, and you can salt and pepper the remaining single vNICs to be mapped primarily to Fabric A and Fabric B to provide load balancing across both Fabrics.The Potential situation to be aware of here though is if a VM which has its active traffic flow via an Uplink mapped to fabric A is communicating with a VM whose traffic flow is mapped via Fabric B then that flow has to be forwarded to beyond the Fabric Interconnects to the upstream LAN switches to be switched at Layer 2 between fabrics even if both VM’s are on the same VLAN.So what I tend to do is use a mixture of both single vNICs backed by hardware fabric failover and dual teamed vNICs for vSwitch uplinks which I would like to load balance across both fabrics.But lets assume the customer wants to retain their Physical Host Networking standard so vSphere admins have a consistent view and config for all hosts whatever platform they are hosted on.So a typical ESXi Host would look something like:2 x Teamed vNICs for Management vSwitch eth 0 mapped to fabric A eth 1 mapped to fabric B1 x vNIC for VMware user PortGroups uplinking to a dVS eth 2 mapped to fabric A1 x vNIC with Fabric Failover enabled for vMotion eth 3 mapped to fabric BOf course you can add other vNICs if you have more networking requirements or require more than a simple port-group (802.1q tag) separation. i.e. an add in an iSCSI vSwitch, Backup vSwitch etc.. So the setup would look something like thisThe reason I go with a single fabric failover vNIC for vMotion is for the potential issue pointed out above, which if I have 2 vNIC uplinks to my vMotion vSwitch and were using them in an Active/Active team for redundancy and load balancing I would map one to fabric A and one to fabric B, that could mean that vMotion traffic is potentially taking a very suboptimal route across the network i.e having to go via the upstream swicthes. so by using only 1 vNIC and mapping it so a single fabric all my East/West vMotion traffic will be locally switched within the Fabric Interconnect and not have to be sent to the upstream LAN at all. And if in the event we had a failure within the primary fabric path UCS would switch this traffic transparently from the ESXi host to the other fabric which would again locally switch all vMotion traffic. Also important to note when teaming the vNICs within vSphere to use Port-ID as the hash, this is to prevent hosts flapping between fabrics in the eyes of the upstream LAN switches.OK once the above its setup you do have the option of mapping UCS QoS policies to each of the above vNICs within UCS Manager (by default all traffic is placed in a best effort policy)As a standard I generally set a 1Gbs reservation for the vMotion vNICs and leave the others as default. Bearing in mind that these are multiple 10Gbs links and the QoS would only kick in in the event of congestion. NB) FCoE traffic is inherently prioritised within the 802.1Qbb Priority-based Flow Control standard a sub component of the Data Center Bridging (DCB) standard which Cisco UCS inherently uses. between the Mez Card on the blade and the Fabric Interconnect.Ok, so with reagrds to Northbound load balancing, as you may know when you create the vNIC within the Mez card what you are actually creating is a Veth port within the Fabric Interconnect, as the Mez card (Cisco VIC) is an adapter Fabric Extender.So when you create your teamed pair of vNICs within vSphere that will only get your load balanced traffic to the fabric Interconnects. Now assuming you are running your fabric Interconnects in the default end host mode (Where the FI’s appear to the upstream LAN as a Big Server, The FI’s obviously need load balancing uplinks into the LAN. Now for redundancy you will likely have a pair of LAN switches hopefully capable of running a Multi-Chassis Ethernet service live Nexus vPC or Catalyst VSS. If thats the case you just size your uplinks to what you want and dual connect your FI’s to the upsteam switch pair and channel them at both ends (Standard LACP).As shown belowThe end to end result is that load balancing is done safely and optimally and East/West traffic is maintained within the UCS Infrastructure as much as possible.Hope that answers your question, if not fire back at me, after all us Guru’s need to stick together RegardsColin

    • Thanks for contributing. It’s helped me understand the issues.

  7. John Derringer says:

    Dani, absolutely agree. The best part was that I thought this wans’t even counted so got as far as Q45………………………………..
    Got a 32

  8. Skyler says:

    I think this strategy would have gotten me over the hump I needed up front. As it was I did alright my first time out, but obviously not good enough. I had a hard time keeping my answers straight, and it seemed they encouraged detail, but the reality of the timeline cut any real meat out. I got a 48.66, with only 10 days to study and having a baby born within that time. Not sure I have the year to wait either…

  9. Paragraph writing is also a excitement, if you know after that you
    can write if not it is complicated to write.

    My homepage – Battle Nations Cheats

  10. It’s very trouble-free to find out any topic on web as compared to textbooks,
    as I found this post at this site.

    Here is my web site – Download Zoo Tycoon 2

  11. Joop says:

    Hello Jonathan I am working tguorhh your tutorial to build a training lab at my house. I am using VMWare Workstation which has different network settings than VirtualBox. Before I switch to VirtualBox, I thought I would check with you and see if you have any advice on my issue. I have gotten the Active Directory server setup and configured as per your instructions. I have built my SAN machine and working on joining to the domain. I have configured the network cards as you outline and I cannot join the domain. I get DNS errors. I was wondering if you had to do anything special with DNS records. I can ping from, but I cannot ping the name.Error:The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller (AD DC) for domain “home.lab”:The error was: “DNS name does not exist.”(error code 0×0000232B RCODE_NAME_ERROR)The query was for the SRV record for _ldap._tcp.dc._msdcs.home.labCommon causes of this error include the following:- The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses: One or more of the following zones do not include delegation to its child zone:home.lablab. (the root zone)Any advice on how I can proceed past this issue.

  12. Articles like this make life so much simpler.

  13. I love these articles. How many words can a wordsmith smith?

Leave a Comment