All Topics Flashcards

1
Q

What is Azure SQL Database Auto-Tune?

A

Automatic tuning is a fully managed intelligent performance service that uses built-in intelligence to continuously monitor queries executed on a database and automatically improve their performance. This is achieved through dynamically adapting a database to changing workloads and applying tuning recommendations. Automatic tuning learns horizontally from all databases on Azure through AI, and dynamically improves its tuning actions. The longer a database runs with automatic tuning on, the better it performs.

https://learn.microsoft.com/en-us/azure/azure-sql/database/automatic-tuning-overview?view=azuresql

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What can Azure SQL Database Auto-Tune do?

A
  • Force the last good execution plan to be used
  • Add new indexes
  • Remove unused indexes

https://learn.microsoft.com/en-us/azure/azure-sql/database/automatic-tuning-overview?view=azuresql

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is Azure Service Health?

A

Azure offers a suite of experiences to keep you informed about the health of your cloud resources. This information includes current and upcoming issues such as service impacting events, planned maintenance, and other changes that may affect your availability.

Azure Service Health is a combination of three separate smaller services.
- Azure status
- Service health
- Resource health

https://learn.microsoft.com/en-us/azure/service-health/overview

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How would you debug an application on an Azure Virtual Machine?

A

You can debug a Visual Studio application that has been deployed on a different computer. To do so, you use the Visual Studio remote debugger.

https://learn.microsoft.com/en-us/visualstudio/debugger/remote-debugging?view=vs-2022

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is Studio Remote Tools?

A

You can debug a Visual Studio application that has been deployed on a different computer.

https://learn.microsoft.com/en-us/visualstudio/debugger/remote-debugging?view=vs-2022

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is AZCopy?

A

AzCopy is a command-line tool that moves data into and out of Azure Storage.

The advantage of azcopy is that some of the processes happen on the server side in the cloud. For instance, I could download a file from one container and then upload it to the second but that wouldn’t really be a copy and kind of defeats the purpose.

https://learn.microsoft.com/en-us/azure/storage/common/storage-ref-azcopy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is Azure Storage Explorer?

A

Microsoft Azure Storage Explorer is a standalone app that makes it easy to work with Azure Storage data on Windows, macOS, and Linux.

https://learn.microsoft.com/en-us/azure/vs-azure-tools-storage-manage-with-storage-explorer?tabs=windows

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the maximum number of storage accounts per region with standard endpoints per region per subscription?

A

250

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is a DNS?

A

The Domain Name System (DNS) is the phonebook of the Internet. Humans access information online through domain names, like nytimes.com or espn.com. Web browsers interact through Internet Protocol (IP) addresses. DNS translates domain names to IP addresses so browsers can load Internet resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the maximum number of storage accounts with Azure DNS zone endpoints per region per subscription?

A

5000

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the maximum storage compacity in a Storage Account?

A

5 PiB

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the maximum number of blob containers, blobs, file shares, tables, queues, entities, or messages per storage account?

A

No limit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the default maximum request per second rate per storage account?

A

20,000 requests per second

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is Event Hub?

A

Event Hub – (external events) If events are happening outside of Azure, then you would want to use Event Hub.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are Storage Queues?

A

Storage Queues - a message queue - (think storage account containers) it is extremely cheap and reliable, but it is not the same as a Azure Service Bus queue.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is IoT Hub?

A

IoT Hub – (external events) “Enable highly secure and reliable communication between your Internet of Things (IoT) application and the devices it manages.”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is Event Grid?

A

Event Grid – (internal events) It is a way for different Azure services including your subscription level, your resource groups and other services that fire off events and then be triggered and picked up by other services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is Service Bus?

A

Service Bus is enterprise-grade message queue

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What are the three CDN vendors in Azure?

A
  • Verizon
  • Akamai
  • Microsoft
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

How does a CDN improve the performance of a website?

A

By reading the HTML as it serves it, it can prefetch the next set of URLs before the users browser even requests them; and it can apply dynamic compression to images if the browser client is on a slower internet connection or mobile device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What is the primary function of a CDN?

A

The primary purpose of a content delivery network (CDN) is to reduce latency, or reduce the delay in communication created by a network’s design. Because of the global and complex nature of the internet, communication traffic between websites (servers) and their users (clients) has to move over large physical distances.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What does an application need to allow Azure Active Directory to be used as its authentication provider?

A
  • Redirect URI
  • Application ID
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is Azure Active Directory?

A

Azure Active Directory (Azure AD), is an enterprise identity service that provides single sign-on, multifactor authentication, and conditional access to guard against 99.9 percent of cybersecurity attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What is Table Storage?

A

Table Storage is the most cost effective solution for storing data in table format, but does not offer the features and speed of other solutions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What is Azure Data Lake?

A

A data lake is a centralized repository that ingests and stores large volumes of data in its original form. The data can then be processed and used as a basis for a variety of analytic needs. Due to its open, scalable architecture, a data lake can accommodate all types of data from any source, from structured (database tables, Excel sheets) to semi-structured (XML files, webpages) to unstructured (images, audio files, tweets), all without sacrificing fidelity. The data files are typically stored in staged zones—raw, cleansed, and curated—so that different types of users may use the data in its various forms to meet their needs. Data lakes provide core data consistency across a variety of applications, powering big data analytics, machine learning, predictive analytics, and other forms of intelligent action.

https://azure.microsoft.com/en-us/resources/cloud-computing-dictionary/what-is-a-data-lake/#what-is-a-data-lake

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

How can Azure Monitor collect data on external sources, not just the native ones?

A

Using the Data Collector API which is designed to allow bespoke data inputs into Azure Monitor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What is Azure Monitor? [5]

A
  • Azure Monitor is used for detecting and diagnosing the [1] issues across dependencies and applications.
  • [2] Enhance the performance and availability of services
  • [3,4,5] Collect, analyse and act upon the metrics collected from the cloud and the on-premise environments

Azure Monitor is a service by Microsoft that has the potential to enhance the performance and availability of services and applications. With Azure Monitor, you can intend to collect, analyze and act upon the metrics collected from the cloud and the on-premise environments. With this collective information, you will get an idea of how the applications within Azure performs. Hence, you can identify the issues that affect those applications.

To be precise, Azure Monitor is used for detecting and diagnosing the issues across dependencies and applications.

https://www.whizlabs.com/blog/what-is-azure-monitoring/#:~:text=Azure%20Monitor%20is%20a%20service%20by%20Microsoft%20that,collected%20from%20the%20cloud%20and%20the%20on-premise%20environments.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What is Blob Storage?

A

Blob stands for ‘Binary large object’. Azure Blob storage service are used to store and retrieve unstructured data like Documents, pictures, videos and music. Blobs are organised into containers and each Blob can store several hundreds of Gigabyte (GB) data.

https://www.tutorialkart.com/azure_tutorials/what-is-azure-blob-storage/

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

How do you give access to a single container in an Azure Storage Account?

A

Create a Shared Access Signature (SAS). It will give specific access to the Container without offering access to the Storage Account?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

What is a Content Delivery Network (CDN)?

A

A content delivery network (CDN) is a geographically distributed group of servers that caches content close to end users.

A CDN allows for the quick transfer of assets needed for loading Internet content, including HTML pages, JavaScript files, stylesheets, images, and videos. The popularity of CDN services continues to grow, and today the majority of web traffic is served through CDNs, including traffic from major sites like Facebook, Netflix, and Amazon.

A properly configured CDN may also help protect websites against some common malicious attacks, such as Distributed Denial of Service (DDOS) attacks.

https://www.cloudflare.com/en-gb/learning/cdn/what-is-a-cdn/

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

How does a Content Delivery Network (CDN) optimise client side performance?

A

A CDN uses edge networks to ensure that the files are closest to the users that need them, resulting in low latency.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

What is an Edge Server?

A

An edge server is a piece of hardware that performs data computation at the end (or “edge”) of a network. Like a regular server, an edge server can provide compute, networking, and storage functions. Edge servers process data physically close to the end-users and on-site apps, so these devices process requests faster than a centralized server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

What hardware does a CDN use to improve end user application performance?

A

Edge Servers

An edge server is a piece of hardware that performs data computation at the end (or “edge”) of a network. Like a regular server, an edge server can provide compute, networking, and storage functions. Edge servers process data physically close to the end-users and on-site apps, so these devices process requests faster than a centralized server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

What is API Management?

A

The API Management service allows you to force developers to register and be approved before using an API, and allows you to enforce limits on them to protect your application.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

What is Azure Cognitive Search?

A

It’s a search engine like Google which you can used to search across multiple data sources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

What common scenarios is Azure Cognitive Search used for?

A

Search is foundational to any app that surfaces text to users, where common scenarios include catalog or document search, online retail apps, or data exploration over proprietary content.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

What is a Web Job?

A

Web Jobs is a feature of Azure App Service that enables you to run a program or script in the same instance as a web app, API app, or mobile app. There is no additional cost to use WebJobs.

You can use the Azure WebJobs SDK with WebJobs to simplify many programming tasks.

https://learn.microsoft.com/en-us/azure/azure-functions/functions-compare-logic-apps-ms-flow-webjobs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

What programming languages do Web Jobs support? [6]

A

C#
F#
JavaScript
Java
Python
PowerShell

https://learn.microsoft.com/en-us/azure/azure-functions/functions-compare-logic-apps-ms-flow-webjobs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

What is a Virtual Machine Scale Set?

A

A Virtual Machine Scale Set allows you to deploy and manage a set of auto-scaling virtual machines. You can scale the number of VMs in the scale set manually, or define rules to autoscale based on resource usage like CPU, memory demand, or network traffic. An Azure load balancer then distributes traffic to the VM instances in the scale set.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

What is the maximum number of virtual machines scales sets?

A

1000

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

What is the maximum number of apps you can install in a single App service free account?

A

10

https://azure.microsoft.com/en-gb/pricing/details/app-service/windows/

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

What is the maximum number of apps you can install in a single App service Shared account?

A

100

https://azure.microsoft.com/en-gb/pricing/details/app-service/windows/

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

What is the maximum number of apps you can install in a single App service Basic account?

A

Unlimited

https://azure.microsoft.com/en-gb/pricing/details/app-service/windows/

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

What is the maximum number of apps you can install in a single App service Standard account?

A

Unlimited

https://azure.microsoft.com/en-gb/pricing/details/app-service/windows/

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

What is the maximum number of apps you can install in a single App service Premium account?

A

Unlimited

https://azure.microsoft.com/en-gb/pricing/details/app-service/windows/

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

What is the maximum number of apps you can install in a single App service Isolated account?

A

Unlimited

https://azure.microsoft.com/en-gb/pricing/details/app-service/windows/

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

What is Cosmos DB? 5 points

A
  • Non-relational database
  • Data can be globally distributed
  • support multiple data models
  • No SQL
  • Query Language is similar to SQL

Cosmos DB is a database service that is globally distributed. It allows you to manage your data even if you keep them in data centers that are scattered throughout the world. It provides the tools you need to scale both global distribution pattern and computational resources, and these tools are provided by Microsoft Azure. It can support multiple data models using one backend. This means that it can be used for document, key value, relational, and graph models. It is more or less a NoSQL database because it does not rely on any schemas. However, because it uses query language similar to SQL and can easily support ACID transactions, some people have been classifying it as a NewSQL type of database. What differentiates it from other NewSQL databases, however, is that it does not have a relational data model.

https://stackify.com/what-is-azure-cosmos-db/#:~:text=Cosmos%20DB%20is%20a%20database%20service%20that%20is,and%20these%20tools%20are%20provided%20by%20Microsoft%20Azure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

What is Strong consistency and when is it used?

A

Strong consistency means that when a region writes a piece of data that all the other replicated regions are able to read that data at the exact same moment, so we have perfect consistency between regions:
This means that reads are guaranteed to see the most recent write.

Strong consistency can be scoped to a single region or to multiple regions, depending on the configuration you choose for your Cosmos DB account.

Single-region strong consistency: In this mode, strong consistency is achieved within a single region. When you read data from the same region where the write occurred, you are guaranteed to see the most recent write.

Multi-region strong consistency: This is where things get more complex. Cosmos DB allows you to replicate your data across multiple regions globally. In this case, strong consistency can also be achieved across all the regions, not just within a single region. However, achieving strong consistency across multiple regions might involve more latency due to the need to propagate data changes to all regions before acknowledging a write.

So, to summarize, strong consistency in Cosmos DB can indeed provide perfect consistency between regions, but this applies when multi-region replication is enabled and configured for strong consistency. If you’re using single-region strong consistency, the perfect consistency only applies within that single region.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

What is Bounded Stalesness consistency and when is it used?

A

Unlike strong consistency which is scoped to a single region, you can choose bounded staleness consistency with any number of read regions (along with a write region). Bounded staleness is great for applications featuring group collaboration and sharing, stock ticker, publish-subscribe/queueing etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

What is Session consistency?

A

It provides write latencies, availability and read throughput comparable to that of eventual consistency but also provides the consistency guarantees that suit the needs of applications written to operate in the context of a user.

Depending on the session of the user that person is going to get consistency, so they can write in session A and then read in another region and they will have consistency because they are in the same session. Whereas another client in another region using a different session will see the same consistent data but there will be an undefined delay

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

What is Consistent Prefix consistency and when is it used?

A

If writes were performed in the order A, B, C, then a client sees either A, A, B, or A,B,C, but never out of order like A,C or B,A,C`. Consistent Prefix provides write latencies, availability and read throughput comparable to that of eventual consistency, but also provides the order guarantees that suit the needs of scenarios where order is important.

Data will always be displayed in the right order, but there is a definite lag between the time it is written and when any particular region has it available for writing but there is a guarantee that the data updates will come in the right order.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

What is Eventual consistency and when is it used?

A

In the absence of any further writes, the replicas within the group will eventually converge. Eventual consistency is ideal where the application does not require any ordering guarantees. Examples include count of Retweets, Likes or non-threaded comments.

This is the weakest choice, no guarantees when the data will come in. It’s a good data model for low priority stuff.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

What is Azure Container Registry (ACR)?

A

Azure Container Registry allows you to build, store, and manage container images and artifacts in a private registry for all types of container deployments.

Use Azure container registries with your existing container development and deployment pipelines. Use Azure Container Registry Tasks to build container images in Azure on-demand, or automate builds triggered by source code updates, updates to a container’s base image, or timers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

What is Docker?

A

Docker provides the ability to package and run an application in a loosely isolated environment called a container. The isolation and security allows you to run many containers simultaneously on a given host. Containers are lightweight and contain everything needed to run the application, so you do not need to rely on what is currently installed on the host. You can easily share containers while you work, and be sure that everyone you share with gets the same container that works in the same way.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

What are Docker container images?

A

When using Docker, a developer creates an app or service and packages it and its dependencies into a container image. An image is a static representation of the app or service and its configuration and dependencies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

What is Kubernetes and what does it do?

A

Kubernetes is open-source orchestration software for deploying, managing, and scaling containers

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Modern applications are increasingly built using containers, which are microservices packaged with their dependencies and configurations. Kubernetes (pronounced “koo-ber-net-ees”) is open-source software for deploying and managing those containers at scale—and it’s also the Greek word for helmsmen of a ship or pilot.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

What is KubectI and what does it do?

A

Kubectl is a command-line tool designed to manage Kubernetes objects and clusters. It provides a command-line interface for performing common operations like creating and scaling Deployments, switching contexts, and accessing a shell in a running container.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

What is the Azure PowerShell?

A

PowerShell is a cross-platform task automation solution made up of a command-line shell, a scripting language, and a configuration management framework. PowerShell runs on Windows, Linux, and macOS.

https://learn.microsoft.com/en-us/powershell/scripting/overview?view=powershell-7.2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

What is the Azure PowerShell command for creating a VM?

A

New-AzVM -ResourceGroupName $myResourceGroup -Location $location -VM $vm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

What is the Azure PowerShell command for getting information about a VM?

A

Get-AzVM -ResourceGroupName $myResourceGroup -Name $myVM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

What is the PowerShell command for starting a VM?

A

Start-AzVM -ResourceGroupName $myResourceGroup -Name $myVM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

What do API Management policies allow you to do?

A

Policies allow you to modify the inbound request as well as the outbound result without modifying the API code itself

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

What does the ‘Always Encrypted’ optional security configuration for Azure SQL Database and SQL Server ensure?

A

Data will remain encrypted while at rest, during movement between client and server and while the data is in use.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
64
Q

What does Transparent Data Encryption (TDE) do? And what for?

A

Transparent Data Encryption (often abbreviated to TDE) is a technology used to encrypt database files. TDE offers encryption at file level. TDE solves the problem of protecting data at rest, encrypting databases both on the hard drive and consequently on backup media.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
65
Q

What does Transport Layer Security do?

A

Transport Layer Security, or TLS, is a widely adopted security protocol designed to facilitate privacy and data security for communications over the Internet. A primary use case of TLS is encrypting the communication between web applications and servers, such as web browsers loading a website.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
66
Q

What is the Azure Custom Script Extension?

A

The Custom Script Extension downloads and runs scripts on Azure virtual machines (VMs). This extension is useful for post-deployment configuration, software installation, or any other configuration or management task. You can download scripts from Azure Storage or GitHub, or provide them to the Azure portal at extension runtime.

The Custom Script Extension integrates with Azure Resource Manager templates. You can also run it by using the Azure CLI, PowerShell, the Azure portal, or the Azure Virtual Machines REST API.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
67
Q

What is Redis?

A
  • Redis is an open source, in-memory, key-value data store most commonly used as a primary database, cache, message broker, and queue.

Redis is an open source, in-memory, key-value data store most commonly used as a primary database, cache, message broker, and queue. Redis delivers sub-millisecond response times, enabling fast and powerful real-time applications in industries such as gaming, fintech, ad-tech, social media, healthcare, and IoT.

//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////

Redis is the most-loved database by developers for five years running. Developers love Redis because of its ease of use, performance, and scalability. There is a Redis client available for use in every popular modern programming language. This, coupled with the performance benefits, makes Redis the most popular choice for caching, session management, gaming, fraud detection, leaderboards, real-time analytics, geospatial indexing, ride-sharing, social media, and streaming applications.

https://developer.redis.com/explore/what-is-redis/

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
68
Q

What is a Redis Cluster ?

A
  • Redis Cluster is a distributed implementation of Redis that automatically shards (i.e. partitions) data across multiple Redis nodes.
  • Redis Cluster helps improve the scalability, availability, and fault-tolerance of Redis databases, beyond the base version of Redis.
    ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
    No one can predict the exact amount of resources their Redis database will consume. This means that being able to adequately scale your Redis database is crucial during periods of high demand. Scalability goes hand-in-hand with availability, a metric that measures users’ ability to actually access the database.

Redis Cluster helps improve the scalability, availability, and fault-tolerance of Redis databases, beyond the base version of Redis. The features of Redis Cluster include:

Scalability: Redis Cluster can scale out to a maximum limit of 1000 nodes.
Availability: There are two conditions for a Redis cluster to continue operating: the majority of master nodes must be reachable, and any master node that is unreachable must have a backup slave node. This is a generous policy that helps improve the availability of your Redis database.
Write safety: Redis Cluster attempts to behave in a write-safe manner: it will try to preserve the writes from any client connected to the majority of master nodes in the cluster.

https://redisson.org/glossary/redis-cluster.html

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
69
Q

How do you increase Redis memory Cache?

A

Add another shard

Redis Cluster supports up to 10 shards to create 530 GB of Memory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
70
Q

What are the different Command Line environments that you can use?

A
  • Azure CLI
  • Azure PowerShell

REVISIT THIS LINK ONCE YOU GET IT RIGHT A FERW TIMES:
https://learn.microsoft.com/en-us/cli/azure/choose-the-right-azure-command-line-tool

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
71
Q

What is the Azure CLI command to create a Resource Group?

A

az group create –name <ResourceGroupName> --location eastus</ResourceGroupName>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
72
Q

What is the Azure CLI command to create a Virtual Machine?

A

az vm create –resource-group myResourceGroup –name myVM –image UbuntuLTS –admin-username azureuser –admin-password ‘<Password>'</Password>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
73
Q

What is the Azure CLI command to stop a Virtual Machine?

A

az vm stop –name myVM –resource-group <ResourceGroupName></ResourceGroupName>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
74
Q

What does ‘At most once’ delivery do in Azure Service Bus?

A

Messages do not get processed more than once, even if sometimes they don’t get processed at all.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
75
Q

What is a Transmission Control Protocol (TCP)?

A

TCP (Transmission Control Protocol) is one of the main protocols of the Internet protocol suite. It lies between the Application and Network Layers which are used in providing reliable delivery services. It is a connection-oriented protocol for communications that helps in the exchange of messages between different devices over a network. The Internet Protocol (IP), which establishes the technique for sending data packets between computers, works with TCP.

https://www.geeksforgeeks.org/what-is-transmission-control-protocol-tcp/

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
76
Q

What TCP network port allows traffic to pass through so that you can connect to an SQL Server database, by default?

A

Port: 1433

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
77
Q

What is a Virtual Network Service Endpoint?

A

Virtual Network (VNet) service endpoint provides secure and direct connectivity to Azure services over an optimized route over the Azure backbone network. Endpoints allow you to secure your critical Azure service resources to only your virtual networks. Service Endpoints enables private IP addresses in the VNet to reach the endpoint of an Azure service without needing a public IP address on the VNet.

https://learn.microsoft.com/en-us/azure/virtual-network/virtual-network-service-endpoints-overview

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
78
Q

What is an Integration Service Environment?

A

An integration service environment is a fully isolated and dedicated environment for all enterprise-scale integration needs. When you create a new integration service environment, it’s injected into your Azure Virtual Network, allowing you to deploy Logic Apps as a service in your VNET.

https://azure.microsoft.com/en-gb/updates/integration-service-environments-ise-are-now-generally-available/#:~:text=An%20integration%20service%20environment%20is%20a%20fully%20isolated,Logic%20Apps%20as%20a%20service%20in%20your%20VNET.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
79
Q

What are Logic Apps?

A
  • Azure Logic Apps is a cloud platform where you can create and run automated workflows with little to no code.
  • You can quickly build a workflow that integrates and manages your apps, data, services, and systems.

Azure Logic Apps is a cloud platform where you can create and run automated workflows with little to no code. By using the visual designer and selecting from prebuilt operations, you can quickly build a workflow that integrates and manages your apps, data, services, and systems.

Azure Logic Apps simplifies the way that you connect legacy, modern, and cutting-edge systems across cloud, on premises, and hybrid environments and provides low-code-no-code tools for you to develop highly scalable integration solutions for your enterprise and business-to-business (B2B) scenarios.

https://learn.microsoft.com/en-us/azure/logic-apps/logic-apps-overview

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
80
Q

What is RBAC?

A

Role Based Access Control(RBAC)

https://learn.microsoft.com/en-us/azure/role-based-access-control/overview

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
81
Q

What is Cross-origin Resource Sharing? (CORS)

A

CORS is a standard with web browsers that will prevent a website from calling an API in the browser unless the API explicitly allows the call.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
82
Q

What is a DNS record?

A
  • DNS records or zone files store information about domains.

They consist of a series of text files written in the DNS syntax and are stored on DNS servers. A (address) records are one of the most basic and commonly used DNS record types. They translate domain names and store them as IP addresses. A records can only hold IPv4 addresses.

Domain name: Record type: Value: TTL
example-website.com @ A 192.0.0.1 14400

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
83
Q

What are Elastic Database Pools?

A

Azure SQL Database elastic pools are a simple, cost-effective solution for managing and scaling multiple databases that have varying and unpredictable usage demands. The databases in an elastic pool are on a single server and share a set number of resources at a set price. Elastic pools in SQL Database enable software as a service (SaaS) developers to optimize the price performance for a group of databases within a prescribed budget while delivering performance elasticity for each database.

https://learn.microsoft.com/en-us/azure/azure-sql/database/elastic-pool-overview?view=azuresql

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
84
Q

What two elements determine the usage cost of Cosmos DB?

A
  • Storage used in GB
  • Provisioned Request Units per Second (RU/s)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
85
Q

Is it possible to trigger a Logic App deployed in Azure from Visual Studio?

A

Yes, it is possible to manually run a logic app using Visual Studio.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
86
Q

What is a Network Security Group (NSG)?

A

You can use an Azure network security group to filter network traffic to and from Azure resources in an Azure virtual network. A network security group contains security rules that allow or deny inbound network traffic to, or outbound network traffic from, several types of Azure resources. For each rule, you can specify source and destination, port, and protocol.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
87
Q

What is a Block Blob?

A
  • primarily intended for storage of media files
  • with a maximum size of 4000 MiB per block
  • can be modified or replaced, and blocks can be added to or deleted from the block blob

Block blobs are subdivided into blocks and primarily intended for storage of media files, documents, text files, and binary files. Blocks can be of varying sizes, with a maximum size of 4000 MiB per block, in the most current Azure version. There may be anywhere up to 50,000 blocks per blob, giving a maximum block blob size of around 190.7 TiB.

Individual blocks within a block blob can be modified or replaced, and blocks can be added to or deleted from the block blob. Parallel uploading of individual blocks optimizes the upload time for block blobs as well.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
88
Q

What is the maximum file size of a block blob?

A

4 GB

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
89
Q

What is an Append Blob?

A

Append blobs also consist of blocks and are specifically designed for use with append operations. The most common use of an append blob is for storage and updating of log files. Blocks may be appended to the end of an append blob, but previously existing blocks may not be modified or deleted.

Just as with block blobs, an append blob may contain up to 50,000 blocks, each up to 4 MiB.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
90
Q

What is a Page Blob?

A

A page blob is intended for read and write operations. A page blob is an assembly of 512-byte pages, with a maximum page blob size of 8 TiB. Page blobs are useful for storage of items such as operating systems and disaster recovery data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
91
Q

What is Azure Firewall?

A

Azure Firewall is a cloud-native and intelligent network firewall security service that provides the best of breed threat protection for your cloud workloads running in Azure. It’s a fully stateful, firewall as a service with built-in high availability and unrestricted cloud scalability.

Azure Firewall is offered in three SKUs: Standard, Premium, and Basic.

https://learn.microsoft.com/en-us/azure/firewall/overview

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
92
Q

What is Advanced Threat Protection and how does it do it? [6]

A

Azure ATP is a threat protection solution that helps:
- Detect and identify suspicious user and device activity
- Leverage threat intelligence across the cloud and on-premises environments
- Protect user identities and credentials stored in Active Directory
- Provide clear attack information on a simple timeline for fast triaging
- Monitor multiple entry points through integration with Windows Defender Advanced Threat Protection
- Azure ATP is able to detect advanced malicious attacks leveraging both cloud and on-premises signals

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
93
Q

What is Azure DDoS Protection?

A
  • Azure DDoS Protection, combined with application design best practices, provides enhanced DDoS mitigation features to defend against DDoS attacks.

Distributed denial of service (DDoS) attacks are some of the largest availability and security concerns facing customers that are moving their applications to the cloud. A DDoS attack attempts to exhaust an application’s resources, making the application unavailable to legitimate users. DDoS attacks can be targeted at any endpoint that is publicly reachable through the internet.

Azure DDoS Protection, combined with application design best practices, provides enhanced DDoS mitigation features to defend against DDoS attacks. It’s automatically tuned to help protect your specific Azure resources in a virtual network. Protection is simple to enable on any new or existing virtual network, and it requires no application or resource changes.

https://learn.microsoft.com/en-us/azure/ddos-protection/ddos-protection-overview

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
94
Q

What is an App Service Environment?

A

An App Service Environment is an Azure App Service feature that provides a fully isolated and dedicated environment for running App Service apps securely at high scale.

https://learn.microsoft.com/en-us/azure/app-service/environment/overview

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
95
Q

What is Privileged Identity Management in Azure Active Directory?

A
  • It enables you to manage and monitor access to important resources in your organization

Privileged Identity Management (PIM) is a service in Azure Active Directory (Azure AD) that enables you to manage, control, and monitor access to important resources in your organization. These resources include resources in Azure AD, Azure, and other Microsoft Online Services such as Microsoft 365 or Microsoft Intune.

https://learn.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
96
Q

What is the maximum storage compacity of a Cosmos DB container?

A

Unlimited

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
97
Q

What is a Asynchronous request?

A
  • Its a way to make a non-blocking web request, allowing the program to continue executing while the request is being processed.

In C#, an asynchronous request is a way to make a non-blocking web request, allowing the program to continue executing while the request is being processed. Asynchronous requests are particularly useful for applications that require a responsive user interface, as they allow the application to perform other tasks while waiting for a response from the server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
98
Q

What do ‘Availability Options’ do?

A

Means how guaranteed the server uptime is, It allows you to have multiple copies of your application over multiple servers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
99
Q

What do ‘Availability Options - “No infrastructure redundancy required” mean?

A

The server will still probably have 99.99% uptimes, only dropping for maintenance or updates. If you do have essential applications running in the cloud then you need redundancy, often in the form of having multiple copies of an application running across multiple servers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
100
Q

What do ‘Availability Options - “Availability set” mean?

A

You are signalling to Microsoft that your machines are related and that they should not be kept on different fault domains, i.e., they should not be distributed on the same physical server or even on the same rack. By doing this, if something happens to one VM then the other is still operational.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
101
Q

What do ‘Availability Options - “Availability zone” mean?

A

A zone is roughly equivalent to a data center. Each region consists of three or more data centers, the option will split the applications between regions. This should eliminate the building level outages.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
102
Q

What do ‘Availability Options - “Virtual Machine Scale Set” mean?

A

Allows applications to be run across fault domains and allow you to add more machines when they have more demand placed upon them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
103
Q

What does “Azure Spot instance” mean?

A

You request that Azure give you a discounted rate, its great for low priority tasks. Azure will give you the VM at a lower rate if there is spare compacity but may reclaim during high demand.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
104
Q

What happens if you ‘Select Inbound Ports’ when spinning up a VM?

A

It makes the VM publicly accessible

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
105
Q

What ‘Inbound Ports’ can a VM have?

A

RDP (Remote Desktop Port), HTTP/HTTPS (Hyper Text Transport Protocol / Secure), SSH (Secure Shell)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
106
Q

When spinning up a VM, what does “(Default) Encryption at-rest with a platform-managed key”, mean?

A

It means the disk is encrypted using a key that is kept/controlled by Microsoft.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
107
Q

When spinning up a VM, what does “Encryption at-rest with a customer-managed key”, mean?

A

It means the disk is encrypted using a key that is kept/controlled by the customer in Key Vault for example.

108
Q

When spinning up a VM, what does “Double encryption with platform-managed and customer-managed key”, mean?

A

Its where both Microsoft and the customer have/control a key.

109
Q

When spinning up a VM, what does “Enable ultra-disk compatibility”, mean?

A

It makes read/write to disk extremely quick but only available in certain zones for a certain size VM.

110
Q

When spinning up a VM, What is a Subnet?

A

It is a range of IP addresses in your virtual network that can be used to isolate VMs from each other or the internet.

111
Q

When spinning up a VM, what is the “Public IP” checkbox setting?

A

Needed/used when you want to communicate with the VM outside the network.

112
Q

When spinning up a VM, what does “Capacity reservation”, mean?

A

Microsoft reserves capacity for your VM and won’t give it away to someone else. However, you will not be able to Auto-shutdown as you will be changed 24/7.

113
Q

When spinning up a VM, what does “Site Recovery”, mean?

A

Ensure that there is a cold backup ready to go.

114
Q

When spinning up a VM, what does “Proximity placement group”, mean?

A

Its kind of the opposite of the availability sets, allows you to group resources closer together within the same region. This is useful if you have machines that need to communicate with each other as this is done quicker.

115
Q

What are the two main components of an ARM template?

A

There are two main parts to an ARM Template, [1] the template itself, [2] the parameters.

116
Q

How can you deploy ARM templates?

A

You can deploy the template via PowerShell and Azure CLI.

117
Q

What is a Container instance?

A

Azure Container Instances is a service that enables a developer to deploy containers on the Microsoft Azure public cloud without having to provision or manage any underlying infrastructure.

Remember that I created an app (Container) in Visual Studio which you deployed into an Azure Container Instance.

https://www.techtarget.com/searchcloudcomputing/definition/Azure-Container-Instances#:~:text=Azure%20Container%20Instances%20is%20a%20service%20that%20enables,having%20to%20provision%20or%20manage%20any%20underlying%20infrastructure.

118
Q

What is the difference between Container Instances and the a Container Registry?

A

The simplest form of containers is Container Instances, which is a very low effort way to create containers, they are not great for production instances but are good if you want to deploy something quickly then its good.

Container Registry – It is like a directory for private container images. So, you can create one for your company and your developers can push their completed and built code into containers in the container registry and from there it becomes very simple to deploy that code into development, staging or production into the container hosting services.

119
Q

What is the difference between an Azure Containers Instance and Azure Web app?

A

The Azure Web App has a lot more options when spinning up and on post-creation in terms of scaling up/out, whereas a Container Instance is limited to four running instances, so the decision lies in how much do you need to scale, integrate and complexity, things like that.

120
Q

What is an App Service? And what kind of service is it? (SaaS, IaaS, PaaS)

A

App Service is an example of PaaS, it is designed so that you can deploy to the cloud with as few interactions with the hardware as possible.

You give your app to Azure to run. It allows you to integrate with a host of other applications so that you can deploy apps easily (think Visual Studio as an example). It is really easy to scale, and it has a load balancer built into it so you can have several copies of your application running and Azure will manage distributing the traffic across all the applications.

121
Q

What does enabling ‘Zone redundancy’ mean when configuring an App Service?

A

Zone redundancy enabled means that the App Service plan instance count will be three.

Zone redundancy disabled means that the App Service plan instance count will be one.

122
Q

What is TLS mean ?

A

TLS (Transport Layer Security) is just an updated, more secure, version of SSL.

123
Q

What steps do you need to follow to create a Blob?

A

The general flow for this option is create a Subscription > create storage account > create container (blob)

124
Q

What is a ‘Deployment Slot’?

A

Traditionally, everytime you do a deployment it will overwrite whatever was there previously. The purpose of a deployment slot is so that you can have different versions of your application (stagging, development, testing). It allows me to test my code without it effecting the live site.

125
Q

When configuring Web Apps, what does the applications tab allow you to configure?

A

This is similar to the .config file in Visual Studio projects. The idea is that you are not supposed to hardcode your application settings but add them to the .config file. The application settings override the .config file from the application and allows you to configure within this subsection, apparently it is a more secure way of handling sensitive settings. Database password or API connection strings can be kept in here, by adding important stuff here it means that the devs don’t have access to important data, only those with access to Application settings do.

126
Q

When configuring Web Apps, what does ARR affinity do when selected?

A

ARR affinity is to do with sessions, if a user comes to your website, they will get a cookie which will bring them back to the same session each time they visit your site.

127
Q

When configuring Web Apps, what does ‘Default documents’ do?

A

The default document is for client requests to a Web site that do not specify a document name, such as www.microsoft.com. The default document specifies what file to serve. You can configure multiple default documents for a Web site, but there is a performance benefit to using fewer documents.

128
Q

What does ‘Scale up’, mean?

A

Scaling up increases the performance of your machine.

129
Q

What does ‘Scale out’, mean?

A

You increase the number of instances of your application/hardware

130
Q

What can you auto scale on?

A

Scales based on a schedule or based on any metrics. For instance, number of disk-reads or the number of people in line waiting for the application to reply or the CPU percentage utilization.

You can add Auto scale rules once you have set a minimum and maximum instance count so that you can automate scale out. You also need to set rules that scales in once the traffic frequency has decreased to reduce the number of instances used

131
Q

What is the Kudu service?

A

Kudu has long been associated with Web Apps that allows them to integrate with things like Git.

Kudu is the engine behind a number of features in Azure App Service related to source control based deployment, and other deployment methods like Dropbox and OneDrive sync.

It gives details of the Web App and it allows you to debug using a console and navigate through the directory. Its good for debugging and diagnosing problems with the application.

https://learn.microsoft.com/en-us/azure/app-service/resources-kudu

132
Q

What is a Function App?

A

A Function App is like a container for a bunch of functions that you will create.

133
Q

What are the 6 main characteristics of a basic function?

A
  • Serverless design
  • Simple
  • Stateless
  • Short-lived-start, do work, stop
  • Triggered by a timer, http request, blob event, or message queue (there needs to be a trigger of some sort)
  • Best to work Asynchronously with other code, meaning that it’s better for a function to store its data into a data table or to add a message to a queue or to store a file in a Storage Account, rather than wait/call something else and wait for that other API to do a piece of work and return something. Having your function in a waiting state can be problematic, for instance, Azure Functions have a timeout (30 minutes the tutor believes but will need to check), so if you are going to be doing something that will take longer than 30 minutes the function will timeout.
134
Q

How are Functions started?

A

Triggers - like a timer or making a HTTP request

135
Q

What can you bind to an Azure Function to trigger it? (8 Azure applications that I recognise but there is more)

A
  • Blob Storage
  • Azure Cosmos DB
  • Event Grid
  • Event Hub
  • HTTP & Webhooks
  • IoT - Hub
  • Queue Storage
  • Service Bus
136
Q

What do timer functions use as the time frequency formatting?

A

A Chronos format (expression)

137
Q

What is the format Chronos expressions?

A

Value Allowed Values Description
{second} 0-59; * {second} when the trigger will be fired
{minute} 0-59; * {minute} when the trigger will be fired
{hour} 0-23; * {hour} when the trigger will be fired
{day} 1-31; * {day} when the trigger will be fired
{month} 1-12; * {month} when the trigger will be fired
{day of the week} 0-6; SUN-SAT; * {day of the week} when the trigger will be fired

https://arminreiter.com/2017/02/azure-functions-time-trigger-cron-cheat-sheet/#:~:text=They%20define%20how%20often%20a%20trigger%2Fthe%20Azure%20function,0%20%2A%20%2A%20%2A%20%2A%20%2A%20%28%3Devery%20minute%29

138
Q

How frequent does a function get triggered using this Chronos expression? 0 * * * * *

A

every minute 09:00:00; 09:01:00; 09:02:00; … 10:00:00

https://arminreiter.com/2017/02/azure-functions-time-trigger-cron-cheat-sheet/#:~:text=They%20define%20how%20often%20a%20trigger%2Fthe%20Azure%20function,0%20%2A%20%2A%20%2A%20%2A%20%2A%20%28%3Devery%20minute%29

139
Q

How frequent does a function get triggered using this Chronos expression? 0 */5 * * * *

A

every 5 minutes 09:00:00; 09:05:00

https://arminreiter.com/2017/02/azure-functions-time-trigger-cron-cheat-sheet/#:~:text=They%20define%20how%20often%20a%20trigger%2Fthe%20Azure%20function,0%20%2A%20%2A%20%2A%20%2A%20%2A%20%28%3Devery%20minute%29

140
Q

How frequent does a function get triggered using this Chronos expression? 0 0 * * * *

A

every hour (hourly) 09:00:00; 10:00:00; 11:00:00

https://arminreiter.com/2017/02/azure-functions-time-trigger-cron-cheat-sheet/#:~:text=They%20define%20how%20often%20a%20trigger%2Fthe%20Azure%20function,0%20%2A%20%2A%20%2A%20%2A%20%2A%20%28%3Devery%20minute%29

141
Q

How frequent does a function get triggered using this Chronos expression? 0 0 */6 * * *

A

every 6 hours 06:00:00; 12:00:00; 18:00:00; 00:00:00

https://arminreiter.com/2017/02/azure-functions-time-trigger-cron-cheat-sheet/#:~:text=They%20define%20how%20often%20a%20trigger%2Fthe%20Azure%20function,0%20%2A%20%2A%20%2A%20%2A%20%2A%20%28%3Devery%20minute%29

142
Q

How frequent does a function get triggered using this Chronos expression? 0 0 8-18 * * *

A

every hour between 8-18 08:00:00; 09:00:00; … 18:00:00; 08:00:00

https://arminreiter.com/2017/02/azure-functions-time-trigger-cron-cheat-sheet/#:~:text=They%20define%20how%20often%20a%20trigger%2Fthe%20Azure%20function,0%20%2A%20%2A%20%2A%20%2A%20%2A%20%28%3Devery%20minute%29

143
Q

How frequent does a function get triggered using this Chronos expression? 0 0 0 * * *

A

every day (daily) Mar 1, 2017 00:00:00; Mar 2, 2017 00:00:00

https://arminreiter.com/2017/02/azure-functions-time-trigger-cron-cheat-sheet/#:~:text=They%20define%20how%20often%20a%20trigger%2Fthe%20Azure%20function,0%20%2A%20%2A%20%2A%20%2A%20%2A%20%28%3Devery%20minute%29

144
Q

How frequent does a function get triggered using this Chronos expression? 0 0 10 * * *

A

every day at 10:00:00 Mar 1, 2017 10:00:00; Mar 2, 2017 10:00:00

https://arminreiter.com/2017/02/azure-functions-time-trigger-cron-cheat-sheet/#:~:text=They%20define%20how%20often%20a%20trigger%2Fthe%20Azure%20function,0%20%2A%20%2A%20%2A%20%2A%20%2A%20%28%3Devery%20minute%29

145
Q

How frequent does a function get triggered using this Chronos expression? 0 0 * * * 1-5

A

every hour on workdays

https://arminreiter.com/2017/02/azure-functions-time-trigger-cron-cheat-sheet/#:~:text=They%20define%20how%20often%20a%20trigger%2Fthe%20Azure%20function,0%20%2A%20%2A%20%2A%20%2A%20%2A%20%28%3Devery%20minute%29

146
Q

How frequent does a function get triggered using this Chronos expression? 0 0 0 * * 0

A

every sunday (weekly) Mar 5 (SUN), 2017 00:00:00; Mar 12 (SUN), 2017 00:00:00

https://arminreiter.com/2017/02/azure-functions-time-trigger-cron-cheat-sheet/#:~:text=They%20define%20how%20often%20a%20trigger%2Fthe%20Azure%20function,0%20%2A%20%2A%20%2A%20%2A%20%2A%20%28%3Devery%20minute%29

147
Q

How frequent does a function get triggered using this Chronos expression? 0 0 9 * * MON

A

every monday at 09:00:00 Mar 6 (MON), 2017 09:00:00; Mar 13 (MON), 2017 09:00:00

https://arminreiter.com/2017/02/azure-functions-time-trigger-cron-cheat-sheet/#:~:text=They%20define%20how%20often%20a%20trigger%2Fthe%20Azure%20function,0%20%2A%20%2A%20%2A%20%2A%20%2A%20%28%3Devery%20minute%29

148
Q

How frequent does a function get triggered using this Chronos expression? 0 0 0 1 * *

A

every 1st of month (monthly) Mar 1, 2017 00:00:00; Apr 1, 2017 00:00:00; May 1, 2017 00:00:00

https://arminreiter.com/2017/02/azure-functions-time-trigger-cron-cheat-sheet/#:~:text=They%20define%20how%20often%20a%20trigger%2Fthe%20Azure%20function,0%20%2A%20%2A%20%2A%20%2A%20%2A%20%28%3Devery%20minute%29

149
Q

How frequent does a function get triggered using this Chronos expression? 0 0 0 1 1 *

A

every 1st of january (yearly) Jan 1, 2017 00:00:00; Jan 1, 2018 00:00:00; Jan 1, 2019 00:00:00

https://arminreiter.com/2017/02/azure-functions-time-trigger-cron-cheat-sheet/#:~:text=They%20define%20how%20often%20a%20trigger%2Fthe%20Azure%20function,0%20%2A%20%2A%20%2A%20%2A%20%2A%20%28%3Devery%20minute%29

150
Q

How frequent does a function get triggered using this Chronos expression? 0 0 * * * SUN

A

every hour on sunday Mar 5 (SUN), 2017 23:00:00; Mar 12 (SUN), 2017 00:00:00; Mar 12 (SUN), 2017 01:00:00

https://arminreiter.com/2017/02/azure-functions-time-trigger-cron-cheat-sheet/#:~:text=They%20define%20how%20often%20a%20trigger%2Fthe%20Azure%20function,0%20%2A%20%2A%20%2A%20%2A%20%2A%20%28%3Devery%20minute%29

151
Q

How frequent does a function get triggered using this Chronos expression? 0 0 0 * * SAT,SUN

A

every saturday and sunday Mar 3 (SUN), 2017 00:00:00; Mar 11 (SAT) 00:00:00; Mar 12 (SUN), 2017 00:00:00

https://arminreiter.com/2017/02/azure-functions-time-trigger-cron-cheat-sheet/#:~:text=They%20define%20how%20often%20a%20trigger%2Fthe%20Azure%20function,0%20%2A%20%2A%20%2A%20%2A%20%2A%20%28%3Devery%20minute%29

152
Q

How frequent does a function get triggered using this Chronos expression? 0 0 0 * * 6,0

A

every saturday and sunday Mar 3 (SUN), 2017 00:00:00; Mar 11 (SAT) 00:00:00; Mar 12 (SUN), 2017 00:00:00

https://arminreiter.com/2017/02/azure-functions-time-trigger-cron-cheat-sheet/#:~:text=They%20define%20how%20often%20a%20trigger%2Fthe%20Azure%20function,0%20%2A%20%2A%20%2A%20%2A%20%2A%20%28%3Devery%20minute%29

153
Q

How frequent does a function get triggered using this Chronos expression? 0 0 0 1-7 * SUN

A

every first sunday of the month at 00:00:00 Mar 5 (SUN), 2017 00:00:00; Apr 2 (SUN), 2017 00:00:00

https://arminreiter.com/2017/02/azure-functions-time-trigger-cron-cheat-sheet/#:~:text=They%20define%20how%20often%20a%20trigger%2Fthe%20Azure%20function,0%20%2A%20%2A%20%2A%20%2A%20%2A%20%28%3Devery%20minute%29

154
Q

How frequent does a function get triggered using this Chronos expression? 11 5 23 * * *

A

daily at 23:05:11 Mar 1, 2017 23:05:11; Mar 2, 2017 23:05:11

https://arminreiter.com/2017/02/azure-functions-time-trigger-cron-cheat-sheet/#:~:text=They%20define%20how%20often%20a%20trigger%2Fthe%20Azure%20function,0%20%2A%20%2A%20%2A%20%2A%20%2A%20%28%3Devery%20minute%29

155
Q

How frequent does a function get triggered using this Chronos expression? 30 5 /6 * * *

A

every 6 hours at 5 minutes and 30 seconds 06:05:30; 12:05:30; 18:05:30; 00:05:30

https://arminreiter.com/2017/02/azure-functions-time-trigger-cron-cheat-sheet/#:~:text=They%20define%20how%20often%20a%20trigger%2Fthe%20Azure%20function,0%20%2A%20%2A%20%2A%20%2A%20%2A%20%28%3Devery%20minute%29

156
Q

How frequent does a function get triggered using this Chronos expression? */15 * * * * *

A

every 15 seconds 09:00:15; 09:00:30; … 09:03:30; 09:03:45; 09:04:00

https://arminreiter.com/2017/02/azure-functions-time-trigger-cron-cheat-sheet/#:~:text=They%20define%20how%20often%20a%20trigger%2Fthe%20Azure%20function,0%20%2A%20%2A%20%2A%20%2A%20%2A%20%28%3Devery%20minute%29

157
Q

What are the 7 main characteristics of a Durable function?

A

Durable functions are more complicated than the other examples that I have seen. Their characteristics include:

  • Stateful
  • Could be long running.
  • Or a multi-step process
  • Can “suspend” while waiting for long-running API to return – checkpoints.
  • Supports complex design patterns.
  • Functions can call other functions – chaining.
  • Made up of a client, orchestrator, and activities.
158
Q

What are the three main parts to a Durable Functions ?

A

[1] the client, [2] the orchestrator and [3] the activity. The client is just like the simple functions that we have seen so far, the client typically sets up the orchestrator and gets the orchestrator running. The orchestrator is like a traffic cop, so if you have multiple things going on and they need to happen in a certain order then you will be writing code in the orchestrator function which will perform that task. The orchestrator is a bit like Logic Apps, which is drag and drop, boxes and lines and is generally a no code workflow tool, well the orchestrator is code, so you can write in C# or whatever you like, so it’s basically a Logic App flow in code. The activity is the function that does the work, things like calling a file or performing a task, the activity function is what will do this.

159
Q

What do you need to instal before you can run a Durable Function?

A

Node Package Manager (NPM) to install the dependencies for Durable Functions

160
Q

Can you start Functions using Azure Cloud Shell?

A

Yes, you can.

161
Q

Can you create Functions using Visual Studio?

A

Yes, There is a major benefit of working from Visual Studio as the functions can be kept within a Source Control System and you can publish directly into the Azure environment.

162
Q

Does Cosmos DB support multiple kinds of database?

A

Yes, it does. You select one when you create it.

163
Q

What are the 6 types of database that can be created using Cosmos DB?

A
  • Cosmos DB for NoSQL
  • Cosmos DB for MongoDB
  • Cosmos DB for Apache Cassandra
  • Cosmos DB for Table
  • Cosmos DB for Apache Gremlin
  • Cosmos DB for PostgreSQL
164
Q

When creating and configuring a Cosmos Db database, what are the two capacity modes and what is the difference between them?

A

Serverless - meaning that it will dynamically add remove resources as you are paying per execution.
Provisioned - throughout (the traditional way), meaning that you are reserving throughput.

165
Q

When configuring Cosmos DB, what does ‘Geo-redundancy’ mean?

A

If you chose it for creating a West US database you will also create a database in East US because the East and West are pairs. Depending on the region that you started with it will set you up with a different pair. It will double the cost of the database because you have double the size database.

166
Q

When configuring Cosmos DB, what does ‘Multi-region Writes ‘ mean?

A

Gives you the ability to write from all of the Geo-Redundancy databases but doubles the cost yet again. So double for option one and then that would be doubled again if you select this option.

167
Q

What is a Request Units per Second (RU/s) in Cosmos DB?

A

A request unit is the amount of compute required to read one kilobyte of data in one second.

168
Q

What is the lowest number of Request Units per Second (RU/s) that you can have in a Container when using Cosmos DB?

A

The lowest number of request units that you can have when creating a container is 400. So you can read 400 kilobyte of data per second.

169
Q

What is a Partition Key in Cosmos DB?

A

In a nutshell: The Partition Key is a property that will exist on every single object that is used to group similar objects together.

Good examples include Location (like City), Customer Id, Team, and more. Naturally, it wildly depends on your solution; so perhaps if you were to post what your object looks like we could recommend a good partition key.

170
Q

What is the primary Goal of a Partition Key in Cosmos DB?

A
  • That the partitions are balanced.

The goal for selecting a patrician key should be that there are roughly an equal number of items in every patrician. So if you chose ‘/country’ as the patrician key then you might get a situation where 99% of your employees (in this example) are all in one country so it might be better to use ‘/city’ then the partitions will hopefully be more evenly distributed.

171
Q

What are the implications of not having an evenly distributed Partition Key in Cosmos DB?

A

The implications of having unevenly distributed partitions will have a performance hit on those that have more employees than the others. It will slow queries down act.

172
Q

Can you use SQL like syntax to query data in a Cosmos DB database?

A

Yes, you can.

173
Q

Can you use SQL to insert data in a Cosmos DB database?

A

No, you can’t. You would use JSON key value pairs

174
Q

Is there a R/U per second cost to running SQL queries in Cosmos DB?

A

Yes, there is. You can see the cost in Query Stats

175
Q

Can you auto scale a Cosmos DB to increase the R/Us per second?

A

Yes, you can. You can also manually do it.

176
Q

What do change feed notifications do in Cosmos DB?

A

Notification Feeds allow you to trigger some actions based on changes to documents within cosmos db. One way that you can do this is via Azure Functions or you can use Visual Studio or VS Code (STK’s).

As an example, one a record is entered into the database you can receive some kind of notification.

177
Q

What are the different types of Blob Storage tiers?

A
  • Hot
  • Cold
  • Archive
178
Q

When creating a Storage Account and configuring redundancy, what is ‘Locally-redundant storage’?

A

Lowest-cost option with basic protection against server rack and drive failures. Recommended for non-critical scenarios.

Its keeping three copies of your files, so you would upload three copies to Azure and it’s going to store it in three locations. For the LRS, the location is all within the same data center.

179
Q

When creating a Storage Account and configuring redundancy, what is ‘Geo-redundant storage’?

A

Intermediate option with failover capabilities in a secondary region. Recommended for backup scenarios.

its keeping six copies of your files, so you would upload three copies to Azure and it’s going to store it in three locations, three in a local region and three of them in another region, so an external region.

180
Q

When creating a Storage Account and configuring redundancy, what is ‘Zone-redundant storage’?

A

Intermediate option with protection against datacenter-level failures. Recommended for high availability scenarios.
Its keeping three copies of your files, so you would upload three copies to Azure and it’s going to store it in three locations, for the Zone ZRS, you can imagine each copy being stored in a different data center within a region.

181
Q

When creating a Storage Account and configuring redundancy, what is ‘Geo-zone-redundant storage’?

A

Optimal data protection solution that includes the offerings of both GRS and ZRS. Recommended for critical data scenarios.

The Geo-zone-redundant storage (GZRS) is also six copies of your file, three are stored zone redundantly (locally) and three of them are stored within another region but not zone redundant.

182
Q

What are the different types of storage that you can have in a Storage Account?

A
  • Containers
  • File shares
  • Queues
  • Tables
183
Q

What is a ‘Blob’, and what does it stand for?

A
  • Binary Large Object
  • The term ‘blob’ is any file, txt, bin, images, video, anything that you can think of.
184
Q

If you ‘rotate’ a Storage Account key, what are you doing?

A

It will create a new key and invalidate the old one.

185
Q

Can a Shared access signature (SAS) allow secure access to a container as well as a Storage Account?

A

Yes, it can. The SAS allows you to craft a very broad or fined grained option for creating access (see above).
To get access to the Storage account you can use the Blob service SAS URL.

186
Q

What do Storage Account SAS stand for?

A

Shared access signature (SAS)

187
Q

When accessing a Blob via Visual Studio, what is the namespace?

A

using Azure.Storage.Blobs;

There were two other used as well for setting Metadata and such, just bare them in mind:
using Azure.Storage.Blobs.Models;
using Azure.Storage.Blobs.Specialized;

188
Q

In Storage Accounts, what does the ‘Lifecycle management’ tab under Data management allow you to do?

A

It basically allows you to setup a rule based policies that will automatically move files from a hot tier to a cool tier or to the archive tier or delete them.

189
Q

What is the Azure ‘identity’ service?

A

Azure Active Directory

190
Q

In terms of Azure Active Directory, what must all users belong to?

A

A tenant. You can have many users to a tenant.

191
Q

Can you be added to a tenant without a subscription?

A

Yes, you can. Tenants can exist without a subscription. You cannot create resources in a tenant with no subscription.

192
Q

What does B2C stand for?

A

Business Two Consumer

193
Q

What two primary things does Azure Active Directory do?

A

Authenticate and Authorise

194
Q

What do you need to do before you can have a Web App or Web API authenticate users using Azure Active Directory?

A

To do that you need to create a ‘New registration’ in Azure Active Directory to get the details of that application, so this is how applications are going to get access to any users that you have created.

195
Q

What is Microsoft Graph?

A

Microsoft Graph exposes REST APIs and client libraries to access data on the following Micorsoft cloud services:

  • Microsoft 365
  • Enterprise Mobility + Security (Azure Active Directory)
  • Windows services
  • Dynamics 365 Business Central Services
196
Q

When accessing Microsoft Graph in Visual Studio, what namespaces do you use?

A

using Azure.Identity;
using Microsoft.Graph;

197
Q

Where can you store certain application values/settings other than Key Vault in Azure?

A

In the Configuration tab. Think .config file.

Application settings are encrypted at rest and transmitted over an encrypted channel. You can choose to display them in plain text in your browser. Application Settings are exposed as environment variables for access by your application at runtime.

If you create an Application setting then most developers will not have access to it unless you give them access to the app service configuration.

198
Q

What is Azure Key Vault?

A

It is used to manage keys, secretes and certificates.

You add your secrets and then you need to provide access to them for use in the application. It means having a managed identity for the application and using rule-based access control to grant permissions to the key vault. So, basically your app needs to authenticate itself by providing appropriate credentials to gain access to your secrets. As a result, its more complicated to implement but also more secure. It is the official Microsoft way of keeping secrets.

199
Q

Can you access Key Vault programmatically?

A

Yes, its the primary what to access keys, secretes and certificates in Key Vault.

200
Q

Are Storage Accounts encrypted?

A

Storage accounts are encrypted by default

201
Q

What does SSE stand for and what does it do?

A

Secure Storage Encryption (SSE). Storage Accounts are are encrypted at rest.

202
Q

What does ‘Secure transfer required’ mean in Storage Account configuration?

A

“The secure transfer option enhances the security of your storage account by only allowing requests to the storage account by secure connection. For example, when calling REST APIs to access your storage accounts, you must connect using HTTPs. Any requests using HTTP will be rejected when ‘secure transfer required’ is enabled. When you are using the Azure files service, connection without encryption will fail, including scenarios using SMB 2.1, SMB 3.0 without encryption, and some flavors of the Linux SMB client. Because Azure storage doesn’t support HTTPs for custom domain names, this option is not applied when using a custom domain name.”

203
Q

In Azure Key Vault, what are secrets? [1]

A

[1] Secrets are things that your application needs to store but that you don’t want to hard code in the application itself.

An example of this would be and API from a third party vender weather service, and in order to call it you need to use a security key as part of the API calls. Traditionally you would put that in the Web.config file or the app.config and then the application would just call the configuration method and then get the key from the config file. But if your secret is valuable to you its going to cost you a lot of money to use that key or its very hard of impossible to replace if it gets leaked then you might want to take that extra step and store the secret in the Azure Key Vault.

204
Q

In Azure Key Vault, what are Certificates?

A

A security certificate is a tool that websites use for validation and encryption. They are part of the HTTPS protocol which secures the flow of data between your browser and the servers of the websites you visit. Certificates are issued by a trusted certificate authority.

http://choosetoencrypt.com/tech/how-do-security-certificates-actually-work/#:~:text=Certificates%20Are%20a%20Very%20Effective%20System%201%20Encryption%3A,actually%20coming%20from%20where%20it%20says%20its%20from.

205
Q

What are managed identities for Azure resources?

A
  • Managed identities provide an automatically managed identity in Azure Active Directory (Azure AD) for applications to use when connecting to resources that support Azure AD authentication.

A common challenge for developers is the management of secrets, credentials, certificates, and keys used to secure communication between services. Managed identities eliminate the need for developers to manage these credentials.

While developers can securely store the secrets in Azure Key Vault, services need a way to access Azure Key Vault. Managed identities provide an automatically managed identity in Azure Active Directory (Azure AD) for applications to use when connecting to resources that support Azure AD authentication. Applications can use managed identities to obtain Azure AD tokens without having to manage any credentials.

https://learn.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview

206
Q

What is Microsoft Azure Cache for Redis ?

A

Azure Cache for Redis helps your application stay responsive even as user load increases. It does so by leveraging the low latency, high-throughput capabilities of the Redis engine. This separate distributed cache layer allows your data tier to scale independently for more efficient use of compute resources in your application layer.

Redis is an open-source application that is very popular for use on website for cashing. It’s called in memory chasing, so it doesn’t actually write anything to disk. You basically store data in Redis and when you do a post back you retrieve the data from Redis as apposed to an SQL database as it offers much improved performance as it is very low latency. As its in memory it doesn’t even require it to go to a disk.

207
Q

Azure Cache for Redis is available in what tiers?

A
  • Basic – Single node, multiple sizes, ideal for development/test and non-critical workloads. The basic tier has no SLA.
  • Standard – A replicated cache in a two node Primary/Secondary configuration managed by Microsoft, with a high availability SLA.
  • Premium – The new Premium tier includes all the Standard-tier features and more, such as better performance compared to Basic or Standard-tier caches, bigger workloads, data persistence, and enhanced network security.
208
Q

When in Visual Studio, what is the namespace for Azure Cache for Redis?

A

using StackExchange.Redis;

209
Q

What Azure service allows you to troubleshoot other Azure services like VMs and Storage accounts?

A

Azure Monitor

210
Q

What Azure service does the following? “It will take you to this central location that will take your log files, your alerts and your metrics from all the various services and put them into this central place. You can run queries on them and create graphs and such.”

A

Azure Monitor

211
Q

What kinds of metric can be collected and passed to Azure Monitor?

A

CPU, Memory, Disk or Network or add custom counters.

212
Q

What can an unmanaged API lead to?

A

If end users call your API thousands of times per second, they are basically impacting your production environments., they can do a denial of service unwittingly which can cause you costs that you weren’t expecting.

213
Q

What is Azure API Management?

A

Think of it as an API front end that’s a developer portal that connects into your backend APIs. So you can create a ‘dot’? API documentation, you can allow them to register and apply and subsequently approve them. You can put limits and quotas on the API, so for example you can say that an organization can only call your API 1000 times a day. This will help to improve performance and prevent them from taking your application down. You can also see who calling your APIs, run reports, talk to the people that are being a bit abusive, if people aren’t calling your API you can talk to them and see what’s going on. So basically, it’s a management tool and a portal that sits in front of your API.

214
Q

Can API Management allow you to set inbound and outbound policies?

A

Yes, it can monitor, set policies, report, that kind of stuff.

215
Q

What is the open API Specification?

A

The Open API specification is a way documenting your API for consumption by others. So you can basically develop an API in whatever code or tool that you lose and then you use The Open API Specification to describe the functions and properties and give some textual descriptions of each of those fields

216
Q

What is the name of the tab where you give access to an API using the API Management?

A

You do that under the Products tab.

217
Q

Using API Management, can you have multiple ‘Products’?

A

Yes, you can create different levels and give the API different permissions and different access depending on your level.

218
Q

What are the differnt Azure approaches for sending messages between application?

A
  • Storage Accounts have a queue system
  • ‘Service Bus’ is the enterprise grade queue system within Azure
  • Event Grid
  • Event Hub
219
Q

What is Azure Event Grid

A

It is a way for different Azure services including your subscription level, your resource groups and other services that fire off events and then be triggered and picked up by other services.

https://learn.microsoft.com/en-us/azure/event-grid/overview

Its for internal events

220
Q

What is Azure Event Hub?

A

If events are happening outside of Azure, then you would want to use Event Hub. There are a couple of types to choose from, ‘Event Hub’ and ‘IoT Event Hub’.

https://learn.microsoft.com/en-us/azure/event-hubs/event-hubs-features

221
Q

What is a ‘queue’?

A

A Queue is effectively a way of storing small bits of data for another application to read.

The queue is designed for two applications to talk to each other in an asynchronous manner. This means that the applications do not need to be standing by waiting to receive the requests. A typical API model, means that someone has to be listening, receive the request, process the request and then return a response to the caller, and the caller is waiting around for the response. In a messaging metaphor, its asynchronous, you will leave a message and sometime later, you don’t know when someone is going to read this message.

Queues are 1 to 1 where one client writes a message and one reader reads it, whereas, Topics are one to many.

Messages are short, in this case messages can be up to 64 kilobytes. Usually in XML or JSON

222
Q

What do you need in order to get access to a Storage Account queue?

A

The URL and access key

223
Q

What namespaces do you use to access a ‘Queue’ via Visual Studio?

A

Accessing the queue in the Storage Account can be done via Visual Studio using namespaces like Microsoft.Azure.Storage and Microsoft.Azure.Storage.Queue.

224
Q

What is ‘Azure Service Bus’?

A

It is the enterprise grade queues system within Azure. The service Bus is more expensive, but it does offer more features.

Queues are 1 to 1 where one client writes a message and one reader reads it, whereas, Topics are one to many.

225
Q

Are custom connectors created in Power Automate available in Power Apps?

A

Yes
https://learn.microsoft.com/en-us/connectors/custom-connectors/

226
Q

Are custom connectors created in Power Apps available in Power Automate?

A

Yes
https://learn.microsoft.com/en-us/connectors/custom-connectors/

227
Q

Are custom connectors created in Logic Apps available in Power Automate?

A

No
https://learn.microsoft.com/en-us/connectors/custom-connectors/

228
Q

Are custom connectors created in Logic Apps available in Power Apps?

A

No
https://learn.microsoft.com/en-us/connectors/custom-connectors/

229
Q

What service is Application Insights part of?

A

Azure Monitor

230
Q

What is the max size of a logical patrician in in Cosmos DB?

A

20GB
https://learn.microsoft.com/en-us/azure/cosmos-db/partitioning-overview

231
Q

What is the maximum number of logical patricians available within a Cosmos DB container?

A

Unlimited
https://learn.microsoft.com/en-us/azure/cosmos-db/partitioning-overview

232
Q

What is an identity provider?

A

An identity provider [1] creates, [2] maintains, and [3] manages identity information while [4] providing authentication services to applications.

When sharing your apps and resources with external users, Azure AD is the default identity provider for sharing. This means when you invite external users who already have an Azure AD or Microsoft account, they can automatically sign in without further configuration on your part.

https://learn.microsoft.com/en-us/azure/active-directory/external-identities/identity-providers

233
Q

What are Access Tokens used for? [2]

A

Access tokens enable clients to [1] securely call protected web APIs. [2] Web APIs use access tokens to perform authentication and authorization.

https://learn.microsoft.com/en-us/azure/active-directory/develop/access-tokens

234
Q

Can you create web tests in Application Insights to monitor the availability of your application?

A

Yes

After you’ve deployed your web app or website, you can set up recurring tests to monitor [1] availability and [2] responsiveness. Application Insights sends web requests to your application at regular intervals from points around the world. It can alert you if your application isn’t responding or responds too slowly.

You can set up availability tests for [3] any HTTP or HTTPS endpoint that’s accessible from the public internet. You don’t have to make any changes to the website you’re testing. In fact, it doesn’t even have to be a site that you own. You can test the availability of a REST API that your service depends on.

https://learn.microsoft.com/en-us/azure/azure-monitor/app/availability-overview

235
Q

What are roles designed to do?

A

Role assignments are the way you control access to Azure resources.

236
Q

Can you create custom roles?

A

Yes

If the built-in roles don’t meet the specific needs of your organization, you can create your own Azure custom roles.

237
Q

What are the four Built-in general roles?

A
  • Contributor
  • Owner
  • Reader
  • User Access Administrator
238
Q

What can you assign roles to? [4]

A
  • Users
  • Groups
  • Service principals
  • Managed identities.

https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles

239
Q

What access rights does a Contributor role have? [4]

A

[1] Grants full access to manage all resources but [2] does not allow you to assign roles in Azure RBAC, [3] manage assignments in Azure Blueprints, or [4] share image galleries.

240
Q

What access rights does an Owner role have?

A

Grants full access to manage all resources, including the ability to assign roles in Azure RBAC.

241
Q

What access rights does a reader role have?

A

View all resources but does not allow you to make any changes.

242
Q

What access rights does a reader role have?

A

View all resources but does not allow you to make any changes.

243
Q

What access rights does a User Access Administrator role have?

A

Let’s you manage user access to Azure resources.

244
Q

A role association is a relationship between?

A
  • A security principle
  • A Scope
  • A role

Scope is the set of resources that access applies to. When you assign a role, it’s important to understand scope so that you can grant a security principal just the access that it really needs. By limiting the scope, you limit what resources are at risk if the security principal is ever compromised.

https://learn.microsoft.com/en-us/azure/role-based-access-control/scope-overview

245
Q

Can you create custom connectors for Azure Logic Apps, Microsoft Power Automate and Microsoft PowerApps?

A

Yes

246
Q

What is a transient fault?

A

A transient error, also known as a transient fault, [1] has an underlying cause that soon resolves itself. An occasional cause of transient errors is when [2] the Azure system quickly shifts hardware resources to better load-balance various workloads. Most of these reconfiguration events finish in less than 60 seconds. During this reconfiguration time span, you might have issues with connecting to your database in SQL Database.

247
Q

What is a nontransient fault?

A

Nontransient faults, also known as [1] permanent faults or hard faults, are [2] persistent and enduring. [3] Unlike transient faults, they do not resolve spontaneously. [4] Nontransient faults occur when there is a permanent defect or failure in a system component, such as a hardware malfunction, software bug, or a faulty connection. [5] These faults typically require manual intervention or repair to restore the system to its normal functioning state.

248
Q

What is Azure Log Analytics?

A

[1] Its part of Azure Monitor

Log Analytics is a tool in the Azure portal that’s used to [2] edit and run log queries [3] against data in the Azure Monitor Logs store.

You might write a simple query that returns a set of records and then use features of Log Analytics to sort, filter, and analyse them. Or you might write a more advanced query to perform statistical analysis and visualize the results in a chart to identify a particular trend.

https://learn.microsoft.com/en-us/azure/azure-monitor/logs/log-analytics-overview

249
Q

What is a Security Principle? [4]

A

A security principal [1] is any entity that can be authenticated by the operating system, such as a [2] user account, [3] a computer account, or [4] a thread or process that runs in the security context of a user or computer account, or the security groups for these accounts.

https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/understand-security-principals

250
Q

What does a permission allow a Security Principle to do?

A

Make an action against a resource.

251
Q

Can you implement multifactor authentication using Azure Active Directory?

A

Yes

252
Q

What is a Dockerfile?

A

The Dockerfile is [1] a text file that [2] contains the instructions needed to create a new container image.

[3] These instructions include identification of an existing image to be used as a base, [4] commands to be run during the image creation process, and a [5] commands that will run when new instances of the container image are deployed.

253
Q

What do Shared Access Signatures do (SAS)?

A

They [1] act as an authentication mechanism for granting access to Azure Storage Accounts [2] without sharing access keys.

254
Q

How can you lock down inbound traffic to a Azure Virtual Machine? And how do ypu go about unlocking it?

A

[1] Azure Security Center’s just-in-time (JIT) virtual machine access feature.

[2] When you need to access the consumer’s managed resources, you send a request for a [3] specific role, [4} time, and [5] duration. The consumer must then approve the request.

https://learn.microsoft.com/en-us/azure/azure-resource-manager/managed-applications/request-just-in-time-access

255
Q

What does Azure Security Center’s just-in-time (JIT) access feature do?

A

To [1] give consumers greater control over granting access to managed resources, Azure Managed Applications provides a feature called just-in-time (JIT) access.

[2] JIT access enables you to request elevated access to a managed application’s resources for [3] troubleshooting or maintenance. [4] You always have read-only access to the resources, [5] but for a specific time period you can have greater access.

https://learn.microsoft.com/en-us/azure/azure-resource-manager/managed-applications/request-just-in-time-access

256
Q

What is Application Request Routing (ARR)?

A

Application Request Routing (ARR) is a feature where when a client (or browser) request to any Azure based website, a cookie will be created and stick to the first time request received web site instance.

The same cookie will be used for subsequent requests from this client or browser and these requests will be guided to the same web site instance the one which was served for the first time.

This is really useful if the client is maintaining lots of data

http://techxposer.com/2017/09/04/what-is-aar-application-request-routing-affinity/#:~:text=Application%20Request%20Routing%20%28ARR%29%20is%20a%20feature%20where,to%20the%20first%20time%20request%20received%C2%A0web%20site%20instance.

257
Q

What is Applications Insights? [6]

A

[1] Application Insights is an extension of Azure Monitor and [2] provides application performance monitoring (APM) features. APM tools are useful to monitor applications from development, through test, and into production in the following ways:

[3] Proactively understand how an application is performing.
[4] Reactively review application execution data to determine the cause of an incident.

Along with [5] collecting metrics and application telemetry data, which describe application activities and health, you can [6] use Application Insights to collect and store application trace logging data.

https://learn.microsoft.com/en-us/azure/azure-monitor/app/app-insights-overview?tabs=net

258
Q

When you create a new instance of a container image, what is the container called by default?

A

The container instance is called ‘container’.

259
Q

What are the four scopes in Azure?

A

[1] Management groups, [2] subscriptions, [3] resource groups and [4] resources.

260
Q

When using ARM templates, what is the syntax to specify the location of a resource?

A

“[resourceGroup().location]”

261
Q

What is OAuth authentication? [3]

A

[1] It is the industry-standard protocol for authorization. [2] After application users provide credentials to authenticate, [3] OAuth determines whether they are authorized to access the resources.

https://learn.microsoft.com/en-us/power-apps/developer/data-platform/authenticate-oauth

262
Q

What are the main ‘actors’ in OAuth authentication?

A

Client
Authentication Server
Resource Server
Resource Owner

263
Q

Does Azure Cashe for Redis allow for the caching of dynamic content?

True or False

A

True

264
Q

What out of the following messaging services allows you to use the publish-subscribe model and eliminates the need for constant polling?

Event Grid
Event Hub
Service Bus
Queue

A

Event Grid
Service Bus

265
Q

Would Application Request Routing (AAR) ensure that:

  • Share session state across all ASP.NET web applications
  • Support controlled, concurrent access to the same session state data for multiple readers
    and a singer writer
  • Save full HTTP responses for concurrent requests
A

No

No, ARR directs requests to the same instance of the application. Instead, you can use a caching solution like Azure Redis Cache

266
Q

A web service uses Azure application insights for all telemetry and dependency tracking.
The web service reads and writes data to a database other than Microsoft SQL Server.
You need to ensure that dependency tracking works for calls to 3rd party database.
What two lines of code do you need?

A

Telemetry.Id
Telemetry.Context.Operation.Id