Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Azure Fundamentals > AZ-204 > Flashcards

AZ-204 Flashcards

1
Q

What are ARM templates?

A

Preconfigured scripts, written in JSON, used to deploy resources (i.e. VMs) or entire environments, which makes it easy to deploy and duplicate.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are modulized ARM templates?

A

Templates that are connected, i.e. modules.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What interfaces can deploy ARM templates? (6)

A

Azure Portal, Azure CLI, PowerShell, REST API, GitHub, CloudShell

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

ARM templates consist of 8 elements, which?

A
  • Schema
  • Content version
  • API profile
  • Parameters
  • Variables
  • Functions
  • Resources
  • Outputs
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Only three elements are needed to deploy an ARM template, which?

A

Schema, Content version, and resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What do the Schema element do in an ARM template?

A

It defines the version of the template language, which is set depending on the editor used (VS Code, VS Pro) and how deployment is made (subscriptions, management groups, or tenants).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What do the Content Version element do in an ARM template?

A

It defines the version of the template and the script, and is decided by the user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What do the API Profile element do in an ARM template?

A

It is used to maintain consistency between Azure and any Azure stack location.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What do the Parameters element do in an ARM template?

A

It is used for building rules and static responses. Useful för source controlled environments, since it defines parameters used for deployment constraints.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What do the Variables element do in an ARM template?

A

Defines the variables (name and default value), can be updated during deployment if needed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What do the Functions element do in an ARM template?

A

Defines where the expressions (processes that generate names, subnets, or manipulates values) used in the script are located.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What do the Resources element do in an ARM template?

A

It defines what to deploy or update.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What do the Outputs element do in an ARM template?

A

It is where one can pull values from returned from a deployment, and store data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the Azure Container Registry?

A

It works like an inventory manager for container images. When a container image is uploaded to the registry, it’s able to run in Azure Container Instances.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

There are three price tiers for the Azure Container Registry, what are they?

A
  • BASIC: cost-optimized, focused on developers (in terms of adjusted throughput and storage) and is not suitable for production.
  • STANDARD: same as basic, but more performance, storage, and throughput. Has SLAs. Is the default option for production workloads.
  • PREMIUM: Most expensive, highest performance, has features like geo-replication, content trust, is compatible with Private Link (used for securing resources). Is the best option for high-volume scenarios.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is an Service Level Agreement (SLA)?

A

It describes the commitment for uptime and connectivity for the provided services, meaning that the cloud provider “promises” that resources are available and working correctly according to the agreement.

There are different tiers, such as “99%” and “99.9%” which sets the expected availability, and cost accordingly.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What are the steps to publish a container image?

A
  1. Create a Container Registry in a resource group
  2. Log into the registry
  3. Pull the image from source
  4. Tag the image with the login server
  5. Push the image to the registry
  6. Deploy the image as a container instance
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What are containers?

A

A container is a self-contained entity that can hold services, dependencies, and libraries, and can be used to run web servers etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Container images can be created using three interfaces, which?

A
  • Azure CLI
  • PowerShell
  • Azure Console
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is a container group?

A

A collection of all the containers that run on the same host machine

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What are microservices?

A

An architecture where instead of having a single application, the solution is divided into smaller, independently deployed core functions, or services.

Azure Microservices is a serverless offering, and two serverless services are Azure App Service and Azure Functions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is Azure App Service?

A

A method for running application code like web apps or application APIs without any underlying server or container.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is Azure Functions?

A

A true serverless architecture, that allows for processes in or between services where everything but the code and triggers are handled by Azure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Azure Functions has three parts, what are they?

A
  • Trigger (IF this DO that)
  • Input (data to use for outputs, not always required)
  • Output (the result of a function)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What are Durable Functions?

A

An extension that allows for the creation of stateful functions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What is the difference between stateless and statefull?

A

While a stateless architecture or application doesn’t store any states from previous transactions, a stateful one allows users to store, record and return to already established information and processes from previous.

All processes of a stateful application run on the same server, while the stateless can be divided to multiple, since the processes aren’t interlinked.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What are Custom Handlers?

A

Small web servers that retrieve events from a Functions host, that allow implementing function apps using languages or runtimes that aren’t supported by Azure.

To implement a custom handler you need to have
- a host.json file at the app root
- a local.settings.json file at the app root
- a function.json file for each function inside a folder for each function named
- a command, script, or executable that runs the web server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What is a virtual machine?

A

A virtualized server that runs in the cloud, and run workloads or operating environments. Is a IaaS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

What interfaces can you use to deploy a virtual machine?

A
  • Azure Console
  • Azure CLI
  • PowerShell (cmdlets)
  • ARM Templates (JSON scripts)
  • Third-party tools like Terraform or Ansible
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

What is Azure API Management?

A

A front-end layer for APIs, that allows publishing APIs internally, externally, and amongst partner developers, without giving them direct access to the back-end.

31
Q

API Management has three portals, what are they?

A
  • Dev Portal: main portal for developers for interacting with an API, used to set up subscriptions, documentation, managing API keys, analytics etc
  • Admin Portal: the management console, used to define and import API schemas, packaging for publishing etc
    Proxy
32
Q

What is Azure Event Grid?

A

An event storage solution that gather events from multiple sources to use in workflow triggers and analysis.

33
Q

What are Azure Event Grid’s five key points?

A
  • Events: “what happened?”
  • Event source: “Where did it happen?”
  • Topics: “Where did the publisher send events?”
  • Event Subscribers: “Which endpoint are events routed to?”
  • Event Handlers: “Which app or service reacts to the event?”
34
Q

What is Azure Event Hub?

A

A big-data driven event storage solution, that stores and process data in real-time by streaming it. Uses the HTTP/S and AMQP protocols to recieve event data from the sources.

Can store data up to 7 days, if needed longer it can be stored in Azure Blob Storage or Azure Data Lake using Event Hub CAPTURE.

35
Q

What is Logic Apps?

A

A service that helps scheduling orchestration, automation, processes, and workflows inside Azure. Considered a “integrates platform as a service” (iPaaS).

36
Q

What are Azure Service Bus?

A

A message storage service, that stores messages synchronously, and uses a infrastructure designed specifically to support message brokering.

37
Q

What is Azure Storage Queue?

A

A part of Azure Storage Accounts, and uses the underlying architecture to store messages. Transmits and stores via HTTP/S, allows messages to be up to 64 KB of size, and processes asynchronously.

38
Q

What is Azure Notification Hub?

A

Used to send push notifications to multiple platforms from a central location. Supports
- Apple Push Notification Service
- Google’s Firebase Cloud Messaging
- Microsoft Windows Notifications Service

Need to register each of these, although Azure takes care the integrations instead of separate backends.

39
Q

What are three ways of setting up cache configurations?

A
  • Content Delivery Networks (CDN): good for static content (videos, images, documents etc)
  • Cache for Redis: primarily for handling session and application caches (user session states, jobs, message queuing, distributing transactions)
  • Front Door: similar to CDN, but focuses on finding the most efficient route to the most performing source of the user request
40
Q

What are the two types of caching rules?

A
  • Global: set per endpoint and applies to all requests to that endpoint. There can only be one rule per endpoint.
  • Custom: multiple caching rules per endpoint in a CDN profile, and must match paths and extensions. They are processes in order and override any global rule set.
41
Q

What are the three modes of Query String Caching?

A
  • Ignore Query Strings: default, passes an original string to the origin server and caches an object. Any new requests are ignored until the first object expires.
  • Bypass Caching: requests with query strings are not cached at the presence node, but at the POP node, which retrieves the object from source and gives it to the requester every time
  • Cache Every Unique URL: puts every unique request in cache
42
Q

What are the ways of controlling CDN caching?

A
  • Caching rules
  • Query String Caching
43
Q

What is Content Delivery Network (CDN)?

A

A service that serve content to users outside of the residing region, to provide a smooth experience wherever an app or website is accessed from.

This allows webpages to load faster (static content is cached closer to the user), enables streaming content like videos on demand, and provides paster connection and control of IoT based devices.

Is accessed in Azure via CDN profiles, which need CDN to be registered.

44
Q

What are four ways of enabling authentication and authorization?

A
  • OAuth2
  • Shared Access Signatures (SAS)
  • Azure AD
  • Role-Based Access Control
45
Q

What is Shared Access Signatures and what are the three access levels?

A

SAS provides secure access to specific resources inside storage accounts using URIs that contain the information needed.

Has three access levels:
- Account: root level access with admin privileges to resources and child levels
- Service: access to only one service within an account (i.e. blob, queue, table, file). Can only manage on the service level
- User: access containers and specific blobs inside Blob storage, allows authentication using Azure AD

46
Q

What is Role-Based Access Control (RBAC)?

A

Control access based on role assignment, and is used for so called “course grain access”: allowing read, write, or both, to resources inside a storage account.

47
Q

What is a Security Principal and what are the three main roles?

A

An object that represents a user, group, service principal, or managed identity, that exists within Azure AD.

Main roles are
- Owner: full access to Blob storage containers and data, allows to set the owner of an item, and to modify the Access Control Lists of all items
- Contributor: a read/write/delete access to a container or blob. Can’t set the ownership of an item, but can modify Access Control Lists
- Reader: read access to allowed resources

48
Q

What is an Access Control List (ACL) and what are the two categories?

A

ACLs are used to control specific access to objects and directories, and to apply so-called “Finer Grain” access.

The two categories are:
- Access ACL: access to an object
- Default ACL: parent template for access to child objects/directories. Doesn’t apply to files (since they don’t have child objects)

49
Q

What are the main permissions that can be applied to an Access Control List (ACL)?

A
  • Read (R)
  • Write (W)
  • Execute (X)
50
Q

What is Azure App Configuration and what are the two service tiers?

A

A service used for centralizing and securing application settings and features. This allows for scaling applications and managing settings across all instances in one place.

Service tiers:
- Free: limited in terms of resources, storage, and request quotas. Mainly used for introducing App Configuration and not suitable for production
- Standard: suited for production environments, with unlimited resources per subscription, 1 GB of storage per resource, higher RA, and includes SLA etc.

51
Q

What are Access Keys?

A

Used to authenticate and authorize applications attempting to connect, and enables locking down access to configurations.

They are generated when an Application Configuration instance is created, and can be both read-write and read-only.

52
Q

What is Managed Identities and what are the four specific roles?

A

Used to control levels of access to configurations, and is configured through Azure AD. Azure AD access can be granted through utilizing RBAC, and roles can be assigned to any Azure AD security principal (user, group, service principal, managed identity).

The specific roles are:
- App Configuration Data Owner: gives rwx access to App Configuration data, bot not to resources
- App Configuration Data Reader: read access to data, but not resources
- Contributor: can manage resources, but doesn’t grant access to the resource’s data
- Reader: read access to resources, but not to access keys or data

53
Q

What is Azure Key Vault and what are the two resource types?

A

A service used for storing secrets, certificates, and keys for use by applications and users via REST API. This allows applications to use keys for signing and encryption without containing them.

Secrets are accessed using a secure URI that looks like:
https://vault.azure.net/secrets/secret

The two resource types:
- Logical vaults: general standard, used for secrets, keys, and certificates
- Hardware Security Module: only for storing keys

54
Q

What is Azure Monitor and what are the two associated data types?

A

Gathers data from different services and applications, used to review and report on issues in an environment.

Azure Monitor collects data from apps, guest OSs, resources, subscriptions, and tenants, or via REST with data collector APIs from custom sources that isn’t integrated.

All collected data is sorted into two types:
- Log data: can vary in size and have different properties, used to trace performance events or errors in environments to give insight into what is happening through querying and analyzing the data, usually through Log Analytics. Uses Kusto Query Language (KQL).
- Metric data: composed of numeric values that track resources in an environment over time, takes little space to store, and can be reviewed in close to real-time, to see how resources are performing.

Azure Monitor has the ability to respond to issues, either through notifications or actions, and can be automated with Azure Alerts based on metric data.

55
Q

What are the four steps to set Alert Rules?

A
  1. Defining the scope, the resource
  2. Defining the conditions, like performance and security type alerts
  3. Assign an action group, a predefined set of actions to take
  4. Set Alert Rule details, like name notate, and resource
56
Q

What is Application Insight and what are the two easy ways it can be set up?

A

A feature of Azure Monitor that gives insights on individual applications, to help understand how an app is performing and how it’s being used.

Collects metrics that Azure Monitor doesn’t, like request and dependency rates, exceptions, page views, user and session information etc.

Is easily set up either
- After an application has been deployed (Web Apps, IIS in a VM, VM scale set, or on-premise)
- During development: using references in application code

57
Q

What are the three forms of Availability Alerts?

A
  • URL ping test: checks for basic availability, and is configured from the console
  • Multi-step web test: tests availability and functionality against a web page (only available in VS Enterprise)
  • Custom tracking: use of TrackAvailability() method in the application code
58
Q

What is Graph API?

A

A RESTful web API used to access Microsoft Cloud service resources (like Microsoft 365, Enterprise Mobility + Security, Windows 10 user data), and can be used to control user experience by providing data for web apps, bots, and agents, and workflow automation etc.

An important feature of Graph API is to fetch data from Azure AD.

A web tool used to query data is the Graph Explorer.

59
Q

What are the two types of Managed Identities?

A
  • System-Assigned Identity: part of the configuration store, and if this is removed, so is the identity. There can only be one system-assigned identity
  • User-Assigned Identity: standalone resource that can be assigned to the configuration store (such as a user or group), which can have multiple user-assigned identities.
60
Q

What are Blob Containers?

A

Part of Azure Storage Accounts, an object-oriented storage, useful for unstructured data (video and audio files, files that need to be accessed from multiple sources, log file storage, images, and long-term retention).

Supported development APIs:
- .NET
- Java
- Python
- No.js
- Go
- PHP
- Ruby

61
Q

What are Azure Storage Accounts?

A

Storage solution for data objects, which can have an infinite number of containers, which in turn can have an infinite number of blobs.

62
Q

What are the three types of blobs in Azure Storage Accounts?

A
  • Block: general use storage, optimized for text and binary data. Made up of blocks of data that can be managed individually, and can store up to 4.75 TiB
  • Append: almost identical to block blobs, but is optimized for appending operations, like logging type data. Same maximum storage per blob as blocks.
  • Page: suitable for files that are frequently accessed, like Random Access files and virtual hard drives. Can be up to 8 TiB
63
Q

What are the six types of storage accounts?

A
  • Blob
  • General-Purpose V2: default
  • General-Purpose V1: used for legacy services in Azure
    BlockBlobStorage: optimized for block and append blobs, used for high transaction rates, large amount of small objects, or critical low-latency access. Not usable with Page blobs, tables, or queues
  • FileStorage: similar to BlockBlobStorage, used with Azure File storage, cannot store blobs
  • BlobStorage: only usable with older Azure service models
64
Q

What are the three access tiers, and when should they be used?

A
  • Hot: default, used for frequently accessed data
  • Cool: used for data accesses once every month
  • Archive: only available for block blobs, used when data doesn’t have to be accessed quickly or frequently (unused for 180+ days)
65
Q

What is Cosmos DB?

A

A highly available NoSQL database that supports multiple database APIs:
- NoSQL
- MongoDB
- PostgreSQL Cassandra
- Gremlin
- Table

66
Q

What are the two capacity modes for Cosmos DB:

A
  • Provisioned throughput: cost and performance based on pre-defined threshold that can be scaled (configured either manually or automatically in increments of 100 RU, request units per second)
  • Serverless (preview): based on what is used, automatically scaled, suitable for inconsistent, unpredictable workloads
67
Q

What are the two ways of getting high availability for Cosmos DB?

A
  • Replicating data across multiple regions within an account
  • Rely on Azure, which keeps 4 copies of data at all time in the region where the Cosmos account is set up
68
Q

What is a consistency model, and what are the five consistency levels?

A

A consistency model represents how data is distributed amongst any additional instances put in different regions.

The five consistency levels are:
- Strong: strongest consistency, writes are made to all regions in real-time, guarantees reads to return up-to-date data
- Boundless Staleness: writes are made to all regions with guaranteed consistency, with a tolerated delay to additional regions
- Session: default, consistency for user session, but doesn’t wait for global commits, may be inconsistent for other sessions
- Consistent Prefix: data is updated in correct order, but at an inconsistent rate
- Eventual: weakest, updates out-of-order, may be inconsistent but will eventually be consistent with source container

69
Q

What is a Cosmos DB Container?

A

A storage unit, comparable to a table in a relational database. Can store data, scale settings, functions, triggers, and stored procedures.

Can be accessed via SDKs from an application, Azure Data Explorer, or the web explorer on the Azure Console.

70
Q

What are the two forms of partitions in Cosmos DB?

A
  • Physical: how the data is physically stored, sizes are automatically decided based on throughput settings and the size of the data. Max throughput is 10k RU/s and size per partition is 50 GB
  • Logical: how the data is organized, set by creating a partition key, which is the data used to sort the container by (similiar to a clustered index in a relational database)
71
Q

What are the two levels on which Cosmos DB can be scaled, and when must the scaling be set?

A

Database and container level.

Scaling must be set at deployment, since a shared throughput is created in the container.

Scaling can be adjusted to be manual or automatic.

72
Q

What is Azure Site Recovery Manager?

A

A service designed to function as disaster recovery, to keep applications running during outages or regional failures

73
Q

What languages are supported by Durable Functions?

A
  • C#
  • JavaScript
  • Python
  • F#
  • Java
  • PowerShell
74
Q

What parts are there in the function.json file?

A
  • Input Binding
  • Output Binding
  • Trigger

Azure Fundamentals (3 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions