AZ-900 Flashcards
Types of cloud
Public cloud, private cloud and hybrid card
cloud service models
IaaS Infrastructure-as-a-Service
PaaS Platform-as-a-Service
SaaS Software-as-a-Service
Operating Expenses (OpEx)
With Operating Expenses (OpEx), you are only responsible for the computing resources that you use.
Capital Expenditure (CapEx)
Capital Expenditure (CapEx) is the up-front spending of money on physical infrastructure, and then deducting that up-front expense over time. The up-front cost from CapEx has a value that reduces over time.
Azure regions
A region is a geographical area on the planet that contains at least one but potentially multiple datacenters that are nearby and networked together with a low-latency network.
availability zone
Availability zones are physically separate datacenters within an Azure region. Each availability zone is made up of one or more datacenters equipped with independent power, cooling, and networking.
Zonal services
You pin the resource to a specific zone (for example, VMs, managed disks, IP addresses).
Zone-redundant services
The platform replicates automatically across zones (for example, zone-redundant storage, SQL Database).
Non-regional services:
Services are always available from Azure geographies and are resilient to zone-wide outages as well as region-wide outages.
region pair
Each Azure region is always paired with another region within the same geography (such as US, Europe, or Asia) at least 300 miles away. This approach allows for the replication of resources (such as VM storage) across a geography that helps reduce the likelihood of interruptions because of events such as natural disasters, civil unrest, power outages, or physical network outages that affect both regions at once.
Resource
A manageable item that’s available through Azure. Virtual machines (VMs), storage accounts, web apps, databases, and virtual networks are examples of resources.
Resource group
A container that holds related resources for an Azure solution. The resource group includes resources that you want to manage as a group. You decide which resources belong in a resource group based on what makes the most sense for your organization
What get deleted when you delete a resource group?
all resources contained within it are also deleted
Azure Resource Manager
Azure Resource Manager is the deployment and management service for Azure. It provides a management layer that enables you to create, update, and delete resources in your Azure account.
Azure subscription
An Azure subscription is a logical unit of Azure services that links to an Azure account, which is an identity in Azure Active Directory (Azure AD) or in a directory that Azure AD trusts.
Billing boundary
This subscription type determines how an Azure account is billed for using Azure. You can create multiple subscriptions for different types of billing requirements.
Access control boundary
Azure applies access-management policies at the subscription level, and you can create separate subscriptions to reflect different organizational structures
Azure compute services
Azure Virtual Machines
Azure Container Instances
Azure App Service
Azure Functions (or serverless computing)
What are virtual machine scale sets?
Virtual machine scale sets let you create and manage a group of identical, load-balanced VMs
What is Azure Batch?
Azure Batch enables large-scale parallel and high-performance computing (HPC) batch jobs with the ability to scale to tens, hundreds, or thousands of VMs.
What’s app service?
App Service enables you to build and host web apps, background jobs, mobile back-ends, and RESTful APIs in the programming language of your choice without managing infrastructure
What’s a container?
Containers are a virtualization environment. Much like running multiple virtual machines on a single physical host, you can run multiple containers on a single physical or virtual host. Unlike virtual machines, you don’t manage the operating system for a container.
Micro-billing
pay only for the time their code runs
What are Azure Functions?
Azure Functions is a serverless solution that allows you to write less code, maintain less infrastructure, and save on costs. Instead of worrying about deploying and maintaining servers, the cloud infrastructure provides all the up-to-date resources needed to keep your applications running
Azure Logic Apps
Azure Logic Apps is a cloud platform where you can create and run automated workflows with little to no code. By using the visual designer and selecting from prebuilt operations, you can quickly build a workflow that integrates and manages your apps, data, services, and systems.
Management groups
governance scope above subscriptions. You organize subscriptions into management groups; the governance conditions you apply cascade by inheritance to all associated subscriptions.
How many AD can trust a management group?
One
How many management group can be supported in a single directory?
10,000
How many levels can support a management group?
Six
Can policies be applied at group level?
Yes
Who gets access to the root management group?
No one is given the default access but Azure AD global administrators can elevate themselves to get access.
Built in role that Grants full access to manage all resources, but does not allow you to assign roles in Azure RBAC, manage assignments in Azure Blueprints, or share image galleries.
Contributor
Built in role that Grants full access to manage all resources, including the ability to assign roles in Azure RBAC.
Owner
Built in role that View all resources, but does not allow you to make any changes
Reader
Built in role that Lets you manage user access to Azure resources.
User Access administrator
What is Microsoft Cloud Adoption Framework for Azure?
It is a full lifecycle framework that enables cloud architects, IT professionals, and business decision makers to achieve their cloud adoption goals. It provides best practices, documentation, and tools that help you create and implement business and technology strategies for the cloud.
Cloud adoption framework methodologies
Strategy, plan, ready, migrate, innovate, secure, manage, govern and Organize
CAF: Strategy
Define business justification and expected adoption outcomes.
CAF: Plan
Align actionable adoption plans to business outcomes.
CAF: Ready
Prepare your cloud environment for planned changes.
CAF: Migrate
Migrate and modernize existing workloads.
CAF: Innovate
Develop new cloud-native or hybrid solutions.
CAF: Secure
Improve security over time.
CAF: Manage
Manage operations for cloud and hybrid solutions.
CAF: Govern
Govern your environment and workloads.
CAF: Organize
Align the teams and roles supporting your organization’s cloud adoption efforts.
Can azure storage be disabled?
No
What are azure storage tiers?
Standard and premium
Who handles storage encryption keys?
There’s microsoft-managed keys, customer-managed key and customer-provided keys.
Which services support customer-managed keys?
Blob storage and azure files
Which service support customer-provided keys?
Blob storage
Who handles storage encryption and descryption/
Azure
What’s is Doubly encrypt?
Data storage is encrypted twice. Once at service level and once at infrastructure level.
Does azure storage support client or service side encryption?
Both, but service side is recommended and client side is supported by some languages like java, python and .net.
Which tool can help you meet regulatory compliance requirements?
Microsoft Defender for Cloud using the regulatory compliance dashboard.
When does the Microsoft cloud security benchmark gets assigned?
When you enable Defender for Cloud on an Azure subscription
What’s application insights?
Application Insights is an extension of Azure Monitor and provides Application Performance Monitoring. it helps monitor:
Proactively understand how an application is performing.
Reactively review application execution data to determine the cause of an incident.
What does application insight provides?
Live metrics, availability, GitHub or Azure DevOps integration, usage and smart detection.
How do you enable application insight?
Application Insights is enabled through either Auto-Instrumentation (agent)(prefered) or by adding the Application Insights SDK to your application code.
Which tool can collect metrics, application telemetry and collect and store application trace logging data?
Application insights
How does the azure hybrid benefit works?
It works by letting you use Software Assurance-enabled Windows Server and SQL Server licenses, and RedHat and SUSE Linux subscriptions on virtual machines in Azure.
With the hybrid benefit, what’s the cost of a Windows Server VMs on Azure?
The license for Windows Server is covered by Azure Hybrid Benefit, so you only need to pay for the base compute rate of the virtual machine.
What’s an azure policy initiative?
Initiatives enable you to group several related policy definitions to simplify assignments and management because you work with a group as a single item.
What’s cloud bursting?
In cloud computing, cloud bursting is a configuration that’s set up between a private cloud and a public cloud to deal with peaks in IT demand.
When is cloud bursting used?
If an organization using a private cloud reaches 100 percent of its resource capacity, the overflow traffic is directed to a public cloud so there’s no interruption of services.
What is virtual network peering?
Virtual network peering enables you to seamlessly connect two or more Virtual Networks in Azure. The virtual networks appear as one for connectivity purposes.
Where is the blog data stored?
All blob data is stored within containers, you must create a storage container before you can begin to upload data.
What is spot pricing?
Use Spot Virtual Machines to buy unused compute capacity at significant cost savings.
What’s azure monitor?
Azure Monitor is a comprehensive monitoring solution for collecting, analyzing, and responding to telemetry from your cloud and on-premises environments. You can use Azure Monitor to maximize the availability and performance of your applications and services.
it’s the system ability to scale (allocate/deallocate) resources
Scalability
it’s the ability to scale quickly.
Agility
The ability to scale quickly and automatically. Processing power matches the demand
Elasticity
