1_2Design Azure virtual networks, networking services, DNS

Question 1

Topic

Answer 1

Answer

Question 2

Operate remotely Azure

Answer 2

Using remote desktop or Secure Shell (SSH)

Question 3

Azure Virtual Networks

Answer 3

Vms deployed on a virtual network can communicate with one another as if they were on a LAN

Question 4

Creating a cloud-only virtual network

Answer 4

You can create a new virtual networ using Azure management portal, Azure PowerShell, and xplat-cli

Question 5

Virtual Network Details

Answer 5

Wizard requires: 1)Name of the courd virtual network, 2)suscription, 3)location -Azure region-

Question 6

DNS Servers and VPN Connectivity page

Answer 6

When you manage a larger virtual network you might want to create multiple subnets to improve performance. And also for manageability (i.e. for business area or type of processing -web servers, file, etc-)

Question 7

CIDR Notation

Answer 7

Classless Inter-Domain Routing (CIDR) notation is a representation of a subnet mask.

Question 8

SUBNET BITS and the number of SUBNETS

Answer 8

Your subnet take anumber of bits from the host ID, adding them to the network ID.

Question 9

IP Addresses

Answer 9

Each VM has at least two associated IP addresses: a public-facing virtual IP (VIP) and an internal dynamic IP (DIP) address.

Question 10

About VIP

Answer 10

VIP comes from a pool of IP addresses managed by Microsoft. It’s not assigned directly to the VM. It’s assigned to the Cloud Service that contains the VM.

Question 11

Static Public IPs

Answer 11

Yo can assign static public IPs to your VMs. Azure allowed to each suscription to reserve up 20 VIPs.

Question 12

VM

Answer 12

Each VM belongs to a cloud service. It’s a management a security boundary for VMs.

Question 13

VIP Azure PowerShell command

Answer 13

New-AzureReservedIP -ReservedIPName “myReservedIP” - Label “MyLabel” -Location “west us”

Question 14

DIP address

Answer 14

It’s a dynamic IP address associated with your VM. DIP is assigned by DHCP. It’s remain stable as long as you don’t stop or deallocate the machine.

Question 15

Name resolution and DNS Servers

Answer 15

VMs on the same network can address one another by DIP. If you want to refer them by hostnames or fully qualified domain name (FQDN) directly, yo need name resolutions. Azure provides a built-in hostname resolution for VMs and role instances within the same cloud service. However, for VMs across multiple cloud services, you’ll need to set up your own DNS server.

Question 16

HOST NAMES and FQDNS

Answer 16

complete

Question 17

Understanding Access Control Lists and Network Security Groups

Answer 17

You can use both network Access Control Lists (ACLs) and Network Security Groups (NSGs) to control traffic to your VMs.

Question 18

VM endpoints

Answer 18

to compelte

Question 19

Network ACLs

Answer 19

complete

Question 20

NSGs

Answer 20

complete

Question 21

VIRTUAL NETWORK

Answer 21

This tag specifies all network address space on your virtual network….complete

Question 22

AZURE_LOADBALANCER

Answer 22

Azure Load Balancer……comp

Question 23

INTERNET

Answer 23

complete

Question 24

INCOMPATIBILITY BETWEEN ACL AND NSG

Answer 24

YOU CANNOT USE BOTH ACL AND NSG on the same VM instance. You must first remove all endpoint ACLs before you can associate an NSG.

Question 25

1.2 SUMMARY

Answer 25

1) Yo can create private virtual networks in Azure. VMs deployed on the same virtual network can communicate with one another in the same service.
2) each machine has a public VIP address and one of multiple PIP addresses, one per NIC.
3) You can associate both static virtual IP addresses and private IP addresses to VMs on a virtual network.
4) ACLs are associated to VM endpoints to control traffic to VMs.
5) NSGs are associated to VMs or subnets to provide greater traffic control to VMs or virtual networks.
6) Both ACLs and NSGs define prioritized rules to control network traffic, but they cannot be used in conjuction.