AZ-305 FlashCards
Azure SQL Managed Instance max DB size
2-8 TB
When to use Azure SQL Serverless Databases
Azure SQL Database Serverless used for database with infrequent use. It pauses database when not active
Benefits of Azure SQL Hyperscale
Supports multiple secondary and read only replicas
Scales up to 100 TB
Supports auto replication between primary and secondary replicas
Supports failover between primary and secondary replicas within 15 mins
Supports geo replications with a 15 min RTO
What is Azure Batch
Is a cloud service for job scheduling and computes resource management
Azure Monitor Data Collection Endpoint
Helps you setup the endpoint to which logs will be sent to. A data collection endpoint is connected to your log analytics workspace in the same region
Always Encrypted
Not even cloud administrators can see the data. The encryption and de-encryption is transparently handled by the client application by using keys managed by the application
TDE Encryption
Will not prevent cloud admins from seeing the data. This encryption works at the page level–this encrypts the entire database. This service does not allow encryption of specific columns like social security numbers for example
Azure Data Factory
Azure Data Factory is a managed cloud service that’s built for hybrid extract-transform-load (ETL), extract-load-transform (ELT), and data integration projects.
Azure Entra Enterprise Application
This is a service that integrates your on-prem apps with Azure Entra. This provides an identity solution for these on-prem apps.
Azura Entra Application Proxy
(Used to be called Azure AD application proxy)
The proxy makes your on-prem web apps accessible to users outside your corp network (off network). A connector is downloaded and installed on a on-prem server
What is SQL Edge
Is basically used for IOT devices–its basically a scaled down version of SQL for receiving data from IOT devices
What is Azure Bicep
Is the more streamlined version of an arm template–you create the template in bicep and then its converted to json template
SQL Managed Instance Features
- Supports user initiated backups
- Supports multiple automictically replicated instances across Azure regions
- Minimizes admin effort
- Also uses auto failover groups
User Delegated Shared Access Signature for block blobs
- Maximize security
- Prevents the use of shared access keys
- Supports time-limited access to storage accounts storing block blobs
You need to maximize security for file shares- limited time access and prevent key sharing
Azure AD creds
Azure Synapse pools to ingest data from Data Lake into hash-distributed tables
Azure SQL dedicated pools
Azure synapse pools to implement query, and update data in a Data lake
Serverless Apache Spark Pool
Azure Key Vault solution for storing and accessing API keys with minimum admin effort
Secrets
Migrate SQL server offline migration with low admin effort
Azure database migration services
Azure Data Explorer
Is a powerful analytics service optimized for analyzing large volumes of data quickly and interactively.
Azure Service Principal
Provides authentication for both Azure resources and on-prem resources
Azure Managed Identity
Only provides authentication between Azure resources
You need to recommend an authentication solution for Azure Functions. Must minimize admin effort
System Assigned Managed identity
A company has just setup an Azure subscription and an Azure tenant. They want to use the below features in Azure AD
– Ability to provision and managed group-based access.
Which price tier?
Basic- This feature is available with the Basic pricing tier for Azure AD
A company has just setup an Azure subscription and an Azure tenant. They want to use the below features in Azure AD
“Allow Self-service password reset for cloud-based users’
What price tier?
Basic- the key word is cloud-based users
Collect IIS logs from the Windows virtual machines located in Azure and send them across to Azure Storage
Azure Diagnostics Agent
Collect metrics from the on-premise Windows virtual machines
Log Analytics Agent
-Collect metrics from the on-premise Linux virtual machines
Log Analytics Agent
A company is developing an application that will be hosted using the Azure Kubernetes Service. The application modules need to transmit files to a destination location and must make use of an encryption key for the encryption of the files before transmission. Which of the following will be used for managing the storage of the encryption keys?
Kubernetes Deployment YAML file
A company is developing an application that will consist of different modules. The different modules need to communicate asynchronously with each other. Which of the following is the ideal service to use for this requirement?
Azure Queue Storage
A company is planning on deploying a stateless based application based on microservices using the Azure Service Fabric service. You need to design the infrastructure that would be required in the Azure Service Fabric service. Which of the following should you consider?
2 answers
- Number of node types in the cluster
- Properties of each node type
What does Azure Logic Apps do
Cloud platform where you can create and run automated workflows with little to no code.
Azure Logic Apps is more of a workflow-based application.
Recommend a solution to copy new info from the data sources to Data Lake by using ETL
Azure Data Factory
You are designing an Azure resource deployment that will use Azure Resource Manager templates. The deployment will use Azure Key Vault to store secrets.
You need to recommend a solution to meet the following requirements:
Prevent the IT staff that will perform the deployment from retrieving the secrets directly from Key Vault.
Use the principle of least privilege.
Which two actions should you recommend?
- From Access policies in key vault, enable access to the ARM template deployment
- Assign the IT staff custom role that includes the microsoft.keyvaullt.deployaction permission
