All Topics Flashcards
What is Azure SQL Database Auto-Tune?
Automatic tuning is a fully managed intelligent performance service that uses built-in intelligence to continuously monitor queries executed on a database and automatically improve their performance. This is achieved through dynamically adapting a database to changing workloads and applying tuning recommendations. Automatic tuning learns horizontally from all databases on Azure through AI, and dynamically improves its tuning actions. The longer a database runs with automatic tuning on, the better it performs.
https://learn.microsoft.com/en-us/azure/azure-sql/database/automatic-tuning-overview?view=azuresql
What can Azure SQL Database Auto-Tune do?
- Force the last good execution plan to be used
- Add new indexes
- Remove unused indexes
https://learn.microsoft.com/en-us/azure/azure-sql/database/automatic-tuning-overview?view=azuresql
What is Azure Service Health?
Azure offers a suite of experiences to keep you informed about the health of your cloud resources. This information includes current and upcoming issues such as service impacting events, planned maintenance, and other changes that may affect your availability.
Azure Service Health is a combination of three separate smaller services.
- Azure status
- Service health
- Resource health
https://learn.microsoft.com/en-us/azure/service-health/overview
How would you debug an application on an Azure Virtual Machine?
You can debug a Visual Studio application that has been deployed on a different computer. To do so, you use the Visual Studio remote debugger.
https://learn.microsoft.com/en-us/visualstudio/debugger/remote-debugging?view=vs-2022
What is Studio Remote Tools?
You can debug a Visual Studio application that has been deployed on a different computer.
https://learn.microsoft.com/en-us/visualstudio/debugger/remote-debugging?view=vs-2022
What is AZCopy?
AzCopy is a command-line tool that moves data into and out of Azure Storage.
The advantage of azcopy is that some of the processes happen on the server side in the cloud. For instance, I could download a file from one container and then upload it to the second but that wouldn’t really be a copy and kind of defeats the purpose.
https://learn.microsoft.com/en-us/azure/storage/common/storage-ref-azcopy
What is Azure Storage Explorer?
Microsoft Azure Storage Explorer is a standalone app that makes it easy to work with Azure Storage data on Windows, macOS, and Linux.
https://learn.microsoft.com/en-us/azure/vs-azure-tools-storage-manage-with-storage-explorer?tabs=windows
What is the maximum number of storage accounts per region with standard endpoints per region per subscription?
250
What is a DNS?
The Domain Name System (DNS) is the phonebook of the Internet. Humans access information online through domain names, like nytimes.com or espn.com. Web browsers interact through Internet Protocol (IP) addresses. DNS translates domain names to IP addresses so browsers can load Internet resources.
What is the maximum number of storage accounts with Azure DNS zone endpoints per region per subscription?
5000
What is the maximum storage compacity in a Storage Account?
5 PiB
What is the maximum number of blob containers, blobs, file shares, tables, queues, entities, or messages per storage account?
No limit
What is the default maximum request per second rate per storage account?
20,000 requests per second
What is Event Hub?
Event Hub – (external events) If events are happening outside of Azure, then you would want to use Event Hub.
What are Storage Queues?
Storage Queues - a message queue - (think storage account containers) it is extremely cheap and reliable, but it is not the same as a Azure Service Bus queue.
What is IoT Hub?
IoT Hub – (external events) “Enable highly secure and reliable communication between your Internet of Things (IoT) application and the devices it manages.”
What is Event Grid?
Event Grid – (internal events) It is a way for different Azure services including your subscription level, your resource groups and other services that fire off events and then be triggered and picked up by other services.
What is Service Bus?
Service Bus is enterprise-grade message queue
What are the three CDN vendors in Azure?
- Verizon
- Akamai
- Microsoft
How does a CDN improve the performance of a website?
By reading the HTML as it serves it, it can prefetch the next set of URLs before the users browser even requests them; and it can apply dynamic compression to images if the browser client is on a slower internet connection or mobile device.
What is the primary function of a CDN?
The primary purpose of a content delivery network (CDN) is to reduce latency, or reduce the delay in communication created by a network’s design. Because of the global and complex nature of the internet, communication traffic between websites (servers) and their users (clients) has to move over large physical distances.
What does an application need to allow Azure Active Directory to be used as its authentication provider?
- Redirect URI
- Application ID
What is Azure Active Directory?
Azure Active Directory (Azure AD), is an enterprise identity service that provides single sign-on, multifactor authentication, and conditional access to guard against 99.9 percent of cybersecurity attacks.
What is Table Storage?
Table Storage is the most cost effective solution for storing data in table format, but does not offer the features and speed of other solutions
What is Azure Data Lake?
A data lake is a centralized repository that ingests and stores large volumes of data in its original form. The data can then be processed and used as a basis for a variety of analytic needs. Due to its open, scalable architecture, a data lake can accommodate all types of data from any source, from structured (database tables, Excel sheets) to semi-structured (XML files, webpages) to unstructured (images, audio files, tweets), all without sacrificing fidelity. The data files are typically stored in staged zones—raw, cleansed, and curated—so that different types of users may use the data in its various forms to meet their needs. Data lakes provide core data consistency across a variety of applications, powering big data analytics, machine learning, predictive analytics, and other forms of intelligent action.
https://azure.microsoft.com/en-us/resources/cloud-computing-dictionary/what-is-a-data-lake/#what-is-a-data-lake
How can Azure Monitor collect data on external sources, not just the native ones?
Using the Data Collector API which is designed to allow bespoke data inputs into Azure Monitor
What is Azure Monitor? [5]
- Azure Monitor is used for detecting and diagnosing the [1] issues across dependencies and applications.
- [2] Enhance the performance and availability of services
- [3,4,5] Collect, analyse and act upon the metrics collected from the cloud and the on-premise environments
Azure Monitor is a service by Microsoft that has the potential to enhance the performance and availability of services and applications. With Azure Monitor, you can intend to collect, analyze and act upon the metrics collected from the cloud and the on-premise environments. With this collective information, you will get an idea of how the applications within Azure performs. Hence, you can identify the issues that affect those applications.
To be precise, Azure Monitor is used for detecting and diagnosing the issues across dependencies and applications.
https://www.whizlabs.com/blog/what-is-azure-monitoring/#:~:text=Azure%20Monitor%20is%20a%20service%20by%20Microsoft%20that,collected%20from%20the%20cloud%20and%20the%20on-premise%20environments.
What is Blob Storage?
Blob stands for ‘Binary large object’. Azure Blob storage service are used to store and retrieve unstructured data like Documents, pictures, videos and music. Blobs are organised into containers and each Blob can store several hundreds of Gigabyte (GB) data.
https://www.tutorialkart.com/azure_tutorials/what-is-azure-blob-storage/
How do you give access to a single container in an Azure Storage Account?
Create a Shared Access Signature (SAS). It will give specific access to the Container without offering access to the Storage Account?
What is a Content Delivery Network (CDN)?
A content delivery network (CDN) is a geographically distributed group of servers that caches content close to end users.
A CDN allows for the quick transfer of assets needed for loading Internet content, including HTML pages, JavaScript files, stylesheets, images, and videos. The popularity of CDN services continues to grow, and today the majority of web traffic is served through CDNs, including traffic from major sites like Facebook, Netflix, and Amazon.
A properly configured CDN may also help protect websites against some common malicious attacks, such as Distributed Denial of Service (DDOS) attacks.
https://www.cloudflare.com/en-gb/learning/cdn/what-is-a-cdn/
How does a Content Delivery Network (CDN) optimise client side performance?
A CDN uses edge networks to ensure that the files are closest to the users that need them, resulting in low latency.
What is an Edge Server?
An edge server is a piece of hardware that performs data computation at the end (or “edge”) of a network. Like a regular server, an edge server can provide compute, networking, and storage functions. Edge servers process data physically close to the end-users and on-site apps, so these devices process requests faster than a centralized server.
What hardware does a CDN use to improve end user application performance?
Edge Servers
An edge server is a piece of hardware that performs data computation at the end (or “edge”) of a network. Like a regular server, an edge server can provide compute, networking, and storage functions. Edge servers process data physically close to the end-users and on-site apps, so these devices process requests faster than a centralized server.
What is API Management?
The API Management service allows you to force developers to register and be approved before using an API, and allows you to enforce limits on them to protect your application.
What is Azure Cognitive Search?
It’s a search engine like Google which you can used to search across multiple data sources.
What common scenarios is Azure Cognitive Search used for?
Search is foundational to any app that surfaces text to users, where common scenarios include catalog or document search, online retail apps, or data exploration over proprietary content.
What is a Web Job?
Web Jobs is a feature of Azure App Service that enables you to run a program or script in the same instance as a web app, API app, or mobile app. There is no additional cost to use WebJobs.
You can use the Azure WebJobs SDK with WebJobs to simplify many programming tasks.
https://learn.microsoft.com/en-us/azure/azure-functions/functions-compare-logic-apps-ms-flow-webjobs
What programming languages do Web Jobs support? [6]
C#
F#
JavaScript
Java
Python
PowerShell
https://learn.microsoft.com/en-us/azure/azure-functions/functions-compare-logic-apps-ms-flow-webjobs
What is a Virtual Machine Scale Set?
A Virtual Machine Scale Set allows you to deploy and manage a set of auto-scaling virtual machines. You can scale the number of VMs in the scale set manually, or define rules to autoscale based on resource usage like CPU, memory demand, or network traffic. An Azure load balancer then distributes traffic to the VM instances in the scale set.
What is the maximum number of virtual machines scales sets?
1000
What is the maximum number of apps you can install in a single App service free account?
10
https://azure.microsoft.com/en-gb/pricing/details/app-service/windows/
What is the maximum number of apps you can install in a single App service Shared account?
100
https://azure.microsoft.com/en-gb/pricing/details/app-service/windows/
What is the maximum number of apps you can install in a single App service Basic account?
Unlimited
https://azure.microsoft.com/en-gb/pricing/details/app-service/windows/
What is the maximum number of apps you can install in a single App service Standard account?
Unlimited
https://azure.microsoft.com/en-gb/pricing/details/app-service/windows/
What is the maximum number of apps you can install in a single App service Premium account?
Unlimited
https://azure.microsoft.com/en-gb/pricing/details/app-service/windows/
What is the maximum number of apps you can install in a single App service Isolated account?
Unlimited
https://azure.microsoft.com/en-gb/pricing/details/app-service/windows/
What is Cosmos DB? 5 points
- Non-relational database
- Data can be globally distributed
- support multiple data models
- No SQL
- Query Language is similar to SQL
Cosmos DB is a database service that is globally distributed. It allows you to manage your data even if you keep them in data centers that are scattered throughout the world. It provides the tools you need to scale both global distribution pattern and computational resources, and these tools are provided by Microsoft Azure. It can support multiple data models using one backend. This means that it can be used for document, key value, relational, and graph models. It is more or less a NoSQL database because it does not rely on any schemas. However, because it uses query language similar to SQL and can easily support ACID transactions, some people have been classifying it as a NewSQL type of database. What differentiates it from other NewSQL databases, however, is that it does not have a relational data model.
https://stackify.com/what-is-azure-cosmos-db/#:~:text=Cosmos%20DB%20is%20a%20database%20service%20that%20is,and%20these%20tools%20are%20provided%20by%20Microsoft%20Azure.
What is Strong consistency and when is it used?
Strong consistency means that when a region writes a piece of data that all the other replicated regions are able to read that data at the exact same moment, so we have perfect consistency between regions:
This means that reads are guaranteed to see the most recent write.
Strong consistency can be scoped to a single region or to multiple regions, depending on the configuration you choose for your Cosmos DB account.
Single-region strong consistency: In this mode, strong consistency is achieved within a single region. When you read data from the same region where the write occurred, you are guaranteed to see the most recent write.
Multi-region strong consistency: This is where things get more complex. Cosmos DB allows you to replicate your data across multiple regions globally. In this case, strong consistency can also be achieved across all the regions, not just within a single region. However, achieving strong consistency across multiple regions might involve more latency due to the need to propagate data changes to all regions before acknowledging a write.
So, to summarize, strong consistency in Cosmos DB can indeed provide perfect consistency between regions, but this applies when multi-region replication is enabled and configured for strong consistency. If you’re using single-region strong consistency, the perfect consistency only applies within that single region.
What is Bounded Stalesness consistency and when is it used?
Unlike strong consistency which is scoped to a single region, you can choose bounded staleness consistency with any number of read regions (along with a write region). Bounded staleness is great for applications featuring group collaboration and sharing, stock ticker, publish-subscribe/queueing etc.
What is Session consistency?
It provides write latencies, availability and read throughput comparable to that of eventual consistency but also provides the consistency guarantees that suit the needs of applications written to operate in the context of a user.
Depending on the session of the user that person is going to get consistency, so they can write in session A and then read in another region and they will have consistency because they are in the same session. Whereas another client in another region using a different session will see the same consistent data but there will be an undefined delay
What is Consistent Prefix consistency and when is it used?
If writes were performed in the order A, B, C
, then a client sees either A
, A, B, or
A,B,C, but never out of order like
A,C or
B,A,C`. Consistent Prefix provides write latencies, availability and read throughput comparable to that of eventual consistency, but also provides the order guarantees that suit the needs of scenarios where order is important.
Data will always be displayed in the right order, but there is a definite lag between the time it is written and when any particular region has it available for writing but there is a guarantee that the data updates will come in the right order.
What is Eventual consistency and when is it used?
In the absence of any further writes, the replicas within the group will eventually converge. Eventual consistency is ideal where the application does not require any ordering guarantees. Examples include count of Retweets, Likes or non-threaded comments.
This is the weakest choice, no guarantees when the data will come in. It’s a good data model for low priority stuff.
What is Azure Container Registry (ACR)?
Azure Container Registry allows you to build, store, and manage container images and artifacts in a private registry for all types of container deployments.
Use Azure container registries with your existing container development and deployment pipelines. Use Azure Container Registry Tasks to build container images in Azure on-demand, or automate builds triggered by source code updates, updates to a container’s base image, or timers.
What is Docker?
Docker provides the ability to package and run an application in a loosely isolated environment called a container. The isolation and security allows you to run many containers simultaneously on a given host. Containers are lightweight and contain everything needed to run the application, so you do not need to rely on what is currently installed on the host. You can easily share containers while you work, and be sure that everyone you share with gets the same container that works in the same way.
What are Docker container images?
When using Docker, a developer creates an app or service and packages it and its dependencies into a container image. An image is a static representation of the app or service and its configuration and dependencies.
What is Kubernetes and what does it do?
Kubernetes is open-source orchestration software for deploying, managing, and scaling containers
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
Modern applications are increasingly built using containers, which are microservices packaged with their dependencies and configurations. Kubernetes (pronounced “koo-ber-net-ees”) is open-source software for deploying and managing those containers at scale—and it’s also the Greek word for helmsmen of a ship or pilot.
What is KubectI and what does it do?
Kubectl is a command-line tool designed to manage Kubernetes objects and clusters. It provides a command-line interface for performing common operations like creating and scaling Deployments, switching contexts, and accessing a shell in a running container.
What is the Azure PowerShell?
PowerShell is a cross-platform task automation solution made up of a command-line shell, a scripting language, and a configuration management framework. PowerShell runs on Windows, Linux, and macOS.
https://learn.microsoft.com/en-us/powershell/scripting/overview?view=powershell-7.2
What is the Azure PowerShell command for creating a VM?
New-AzVM -ResourceGroupName $myResourceGroup -Location $location -VM $vm
What is the Azure PowerShell command for getting information about a VM?
Get-AzVM -ResourceGroupName $myResourceGroup -Name $myVM
What is the PowerShell command for starting a VM?
Start-AzVM -ResourceGroupName $myResourceGroup -Name $myVM
What do API Management policies allow you to do?
Policies allow you to modify the inbound request as well as the outbound result without modifying the API code itself
What does the ‘Always Encrypted’ optional security configuration for Azure SQL Database and SQL Server ensure?
Data will remain encrypted while at rest, during movement between client and server and while the data is in use.
What does Transparent Data Encryption (TDE) do? And what for?
Transparent Data Encryption (often abbreviated to TDE) is a technology used to encrypt database files. TDE offers encryption at file level. TDE solves the problem of protecting data at rest, encrypting databases both on the hard drive and consequently on backup media.
What does Transport Layer Security do?
Transport Layer Security, or TLS, is a widely adopted security protocol designed to facilitate privacy and data security for communications over the Internet. A primary use case of TLS is encrypting the communication between web applications and servers, such as web browsers loading a website.
What is the Azure Custom Script Extension?
The Custom Script Extension downloads and runs scripts on Azure virtual machines (VMs). This extension is useful for post-deployment configuration, software installation, or any other configuration or management task. You can download scripts from Azure Storage or GitHub, or provide them to the Azure portal at extension runtime.
The Custom Script Extension integrates with Azure Resource Manager templates. You can also run it by using the Azure CLI, PowerShell, the Azure portal, or the Azure Virtual Machines REST API.
What is Redis?
- Redis is an open source, in-memory, key-value data store most commonly used as a primary database, cache, message broker, and queue.
Redis is an open source, in-memory, key-value data store most commonly used as a primary database, cache, message broker, and queue. Redis delivers sub-millisecond response times, enabling fast and powerful real-time applications in industries such as gaming, fintech, ad-tech, social media, healthcare, and IoT.
//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
Redis is the most-loved database by developers for five years running. Developers love Redis because of its ease of use, performance, and scalability. There is a Redis client available for use in every popular modern programming language. This, coupled with the performance benefits, makes Redis the most popular choice for caching, session management, gaming, fraud detection, leaderboards, real-time analytics, geospatial indexing, ride-sharing, social media, and streaming applications.
https://developer.redis.com/explore/what-is-redis/
What is a Redis Cluster ?
- Redis Cluster is a distributed implementation of Redis that automatically shards (i.e. partitions) data across multiple Redis nodes.
- Redis Cluster helps improve the scalability, availability, and fault-tolerance of Redis databases, beyond the base version of Redis.
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
No one can predict the exact amount of resources their Redis database will consume. This means that being able to adequately scale your Redis database is crucial during periods of high demand. Scalability goes hand-in-hand with availability, a metric that measures users’ ability to actually access the database.
Redis Cluster helps improve the scalability, availability, and fault-tolerance of Redis databases, beyond the base version of Redis. The features of Redis Cluster include:
Scalability: Redis Cluster can scale out to a maximum limit of 1000 nodes.
Availability: There are two conditions for a Redis cluster to continue operating: the majority of master nodes must be reachable, and any master node that is unreachable must have a backup slave node. This is a generous policy that helps improve the availability of your Redis database.
Write safety: Redis Cluster attempts to behave in a write-safe manner: it will try to preserve the writes from any client connected to the majority of master nodes in the cluster.
https://redisson.org/glossary/redis-cluster.html
How do you increase Redis memory Cache?
Add another shard
Redis Cluster supports up to 10 shards to create 530 GB of Memory
What are the different Command Line environments that you can use?
- Azure CLI
- Azure PowerShell
REVISIT THIS LINK ONCE YOU GET IT RIGHT A FERW TIMES:
https://learn.microsoft.com/en-us/cli/azure/choose-the-right-azure-command-line-tool
What is the Azure CLI command to create a Resource Group?
az group create –name <ResourceGroupName> --location eastus</ResourceGroupName>
What is the Azure CLI command to create a Virtual Machine?
az vm create –resource-group myResourceGroup –name myVM –image UbuntuLTS –admin-username azureuser –admin-password ‘<Password>'</Password>
What is the Azure CLI command to stop a Virtual Machine?
az vm stop –name myVM –resource-group <ResourceGroupName></ResourceGroupName>
What does ‘At most once’ delivery do in Azure Service Bus?
Messages do not get processed more than once, even if sometimes they don’t get processed at all.
What is a Transmission Control Protocol (TCP)?
TCP (Transmission Control Protocol) is one of the main protocols of the Internet protocol suite. It lies between the Application and Network Layers which are used in providing reliable delivery services. It is a connection-oriented protocol for communications that helps in the exchange of messages between different devices over a network. The Internet Protocol (IP), which establishes the technique for sending data packets between computers, works with TCP.
https://www.geeksforgeeks.org/what-is-transmission-control-protocol-tcp/
What TCP network port allows traffic to pass through so that you can connect to an SQL Server database, by default?
Port: 1433
What is a Virtual Network Service Endpoint?
Virtual Network (VNet) service endpoint provides secure and direct connectivity to Azure services over an optimized route over the Azure backbone network. Endpoints allow you to secure your critical Azure service resources to only your virtual networks. Service Endpoints enables private IP addresses in the VNet to reach the endpoint of an Azure service without needing a public IP address on the VNet.
https://learn.microsoft.com/en-us/azure/virtual-network/virtual-network-service-endpoints-overview
What is an Integration Service Environment?
An integration service environment is a fully isolated and dedicated environment for all enterprise-scale integration needs. When you create a new integration service environment, it’s injected into your Azure Virtual Network, allowing you to deploy Logic Apps as a service in your VNET.
https://azure.microsoft.com/en-gb/updates/integration-service-environments-ise-are-now-generally-available/#:~:text=An%20integration%20service%20environment%20is%20a%20fully%20isolated,Logic%20Apps%20as%20a%20service%20in%20your%20VNET.
What are Logic Apps?
- Azure Logic Apps is a cloud platform where you can create and run automated workflows with little to no code.
- You can quickly build a workflow that integrates and manages your apps, data, services, and systems.
Azure Logic Apps is a cloud platform where you can create and run automated workflows with little to no code. By using the visual designer and selecting from prebuilt operations, you can quickly build a workflow that integrates and manages your apps, data, services, and systems.
Azure Logic Apps simplifies the way that you connect legacy, modern, and cutting-edge systems across cloud, on premises, and hybrid environments and provides low-code-no-code tools for you to develop highly scalable integration solutions for your enterprise and business-to-business (B2B) scenarios.
https://learn.microsoft.com/en-us/azure/logic-apps/logic-apps-overview
What is RBAC?
Role Based Access Control(RBAC)
https://learn.microsoft.com/en-us/azure/role-based-access-control/overview
What is Cross-origin Resource Sharing? (CORS)
CORS is a standard with web browsers that will prevent a website from calling an API in the browser unless the API explicitly allows the call.
What is a DNS record?
- DNS records or zone files store information about domains.
They consist of a series of text files written in the DNS syntax and are stored on DNS servers. A (address) records are one of the most basic and commonly used DNS record types. They translate domain names and store them as IP addresses. A records can only hold IPv4 addresses.
Domain name: Record type: Value: TTL
example-website.com @ A 192.0.0.1 14400
What are Elastic Database Pools?
Azure SQL Database elastic pools are a simple, cost-effective solution for managing and scaling multiple databases that have varying and unpredictable usage demands. The databases in an elastic pool are on a single server and share a set number of resources at a set price. Elastic pools in SQL Database enable software as a service (SaaS) developers to optimize the price performance for a group of databases within a prescribed budget while delivering performance elasticity for each database.
https://learn.microsoft.com/en-us/azure/azure-sql/database/elastic-pool-overview?view=azuresql
What two elements determine the usage cost of Cosmos DB?
- Storage used in GB
- Provisioned Request Units per Second (RU/s)
Is it possible to trigger a Logic App deployed in Azure from Visual Studio?
Yes, it is possible to manually run a logic app using Visual Studio.
What is a Network Security Group (NSG)?
You can use an Azure network security group to filter network traffic to and from Azure resources in an Azure virtual network. A network security group contains security rules that allow or deny inbound network traffic to, or outbound network traffic from, several types of Azure resources. For each rule, you can specify source and destination, port, and protocol.
What is a Block Blob?
- primarily intended for storage of media files
- with a maximum size of 4000 MiB per block
- can be modified or replaced, and blocks can be added to or deleted from the block blob
Block blobs are subdivided into blocks and primarily intended for storage of media files, documents, text files, and binary files. Blocks can be of varying sizes, with a maximum size of 4000 MiB per block, in the most current Azure version. There may be anywhere up to 50,000 blocks per blob, giving a maximum block blob size of around 190.7 TiB.
Individual blocks within a block blob can be modified or replaced, and blocks can be added to or deleted from the block blob. Parallel uploading of individual blocks optimizes the upload time for block blobs as well.
What is the maximum file size of a block blob?
4 GB
What is an Append Blob?
Append blobs also consist of blocks and are specifically designed for use with append operations. The most common use of an append blob is for storage and updating of log files. Blocks may be appended to the end of an append blob, but previously existing blocks may not be modified or deleted.
Just as with block blobs, an append blob may contain up to 50,000 blocks, each up to 4 MiB.
What is a Page Blob?
A page blob is intended for read and write operations. A page blob is an assembly of 512-byte pages, with a maximum page blob size of 8 TiB. Page blobs are useful for storage of items such as operating systems and disaster recovery data.
What is Azure Firewall?
Azure Firewall is a cloud-native and intelligent network firewall security service that provides the best of breed threat protection for your cloud workloads running in Azure. It’s a fully stateful, firewall as a service with built-in high availability and unrestricted cloud scalability.
Azure Firewall is offered in three SKUs: Standard, Premium, and Basic.
https://learn.microsoft.com/en-us/azure/firewall/overview
What is Advanced Threat Protection and how does it do it? [6]
Azure ATP is a threat protection solution that helps:
- Detect and identify suspicious user and device activity
- Leverage threat intelligence across the cloud and on-premises environments
- Protect user identities and credentials stored in Active Directory
- Provide clear attack information on a simple timeline for fast triaging
- Monitor multiple entry points through integration with Windows Defender Advanced Threat Protection
- Azure ATP is able to detect advanced malicious attacks leveraging both cloud and on-premises signals
What is Azure DDoS Protection?
- Azure DDoS Protection, combined with application design best practices, provides enhanced DDoS mitigation features to defend against DDoS attacks.
Distributed denial of service (DDoS) attacks are some of the largest availability and security concerns facing customers that are moving their applications to the cloud. A DDoS attack attempts to exhaust an application’s resources, making the application unavailable to legitimate users. DDoS attacks can be targeted at any endpoint that is publicly reachable through the internet.
Azure DDoS Protection, combined with application design best practices, provides enhanced DDoS mitigation features to defend against DDoS attacks. It’s automatically tuned to help protect your specific Azure resources in a virtual network. Protection is simple to enable on any new or existing virtual network, and it requires no application or resource changes.
https://learn.microsoft.com/en-us/azure/ddos-protection/ddos-protection-overview
What is an App Service Environment?
An App Service Environment is an Azure App Service feature that provides a fully isolated and dedicated environment for running App Service apps securely at high scale.
https://learn.microsoft.com/en-us/azure/app-service/environment/overview
What is Privileged Identity Management in Azure Active Directory?
- It enables you to manage and monitor access to important resources in your organization
Privileged Identity Management (PIM) is a service in Azure Active Directory (Azure AD) that enables you to manage, control, and monitor access to important resources in your organization. These resources include resources in Azure AD, Azure, and other Microsoft Online Services such as Microsoft 365 or Microsoft Intune.
https://learn.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure
What is the maximum storage compacity of a Cosmos DB container?
Unlimited
What is a Asynchronous request?
- Its a way to make a non-blocking web request, allowing the program to continue executing while the request is being processed.
In C#, an asynchronous request is a way to make a non-blocking web request, allowing the program to continue executing while the request is being processed. Asynchronous requests are particularly useful for applications that require a responsive user interface, as they allow the application to perform other tasks while waiting for a response from the server.
What do ‘Availability Options’ do?
Means how guaranteed the server uptime is, It allows you to have multiple copies of your application over multiple servers.
What do ‘Availability Options - “No infrastructure redundancy required” mean?
The server will still probably have 99.99% uptimes, only dropping for maintenance or updates. If you do have essential applications running in the cloud then you need redundancy, often in the form of having multiple copies of an application running across multiple servers.
What do ‘Availability Options - “Availability set” mean?
You are signalling to Microsoft that your machines are related and that they should not be kept on different fault domains, i.e., they should not be distributed on the same physical server or even on the same rack. By doing this, if something happens to one VM then the other is still operational.
What do ‘Availability Options - “Availability zone” mean?
A zone is roughly equivalent to a data center. Each region consists of three or more data centers, the option will split the applications between regions. This should eliminate the building level outages.
What do ‘Availability Options - “Virtual Machine Scale Set” mean?
Allows applications to be run across fault domains and allow you to add more machines when they have more demand placed upon them.
What does “Azure Spot instance” mean?
You request that Azure give you a discounted rate, its great for low priority tasks. Azure will give you the VM at a lower rate if there is spare compacity but may reclaim during high demand.
What happens if you ‘Select Inbound Ports’ when spinning up a VM?
It makes the VM publicly accessible
What ‘Inbound Ports’ can a VM have?
RDP (Remote Desktop Port), HTTP/HTTPS (Hyper Text Transport Protocol / Secure), SSH (Secure Shell)
When spinning up a VM, what does “(Default) Encryption at-rest with a platform-managed key”, mean?
It means the disk is encrypted using a key that is kept/controlled by Microsoft.