AZ 900 Product Summary Flashcards
Disater Recovery
The ability to recover from a cloud service outage. Should happen quickly through automation.
High Availability
The ability to keep services up and running for long periods of time, while
experiencing little to no downtime.
Scalability
The ability to increase or decrease resources for a given workload. You can add resources to service a
workload (scale out), or add additional capabilities to handle increases in demand (scale up).
Elasticity
The ability to automatically or dynamically increase or decrease resources as necessary.
Agility
The ability to react quickly. Cloud services can allocate and deallocate resources quickly.
Fault Tolerance
The ability to remain up & running even if a component or service is no longer functioning.
Predicitve Cost
The ability to predict what costs will be incurred for a particular cloud service or offering.
Azure Virtual Machines
Best when you need more control over the computing environment than what other compute choices
Azure Container Instances
Offers the fastest and simplest way to run a container in Azure, without having to manage any virtual
machines.
A great solution for any scenario that can operate in isolated containers, including simple applications,
task automation, and build jobs.
Azure App Services
An HTTP-based service for hosting web applications, REST APIs, and mobile back ends.
Azure Kubernetes Service
A managed Kubernetes offering that simplifies container-based application deployment and
management.
Azure Functions
Allows you to implement your system’s logic into readily available blocks of code. These code blocks are
called “functions”. Different functions can run anytime you need to respond to critical events.
Internet of Things
A collection of Microsoft-managed cloud services that connect, monitor, and control billions of IoT
assets. In simpler terms, an IoT solution is made up of one or more IoT devices that communicate with
one or more back-end services hosted in the cloud.
Multi-Factor Authentication
Provides added security for user authentications by requiring two or more elements for authentication
Application Security Group
Allows you to configure network security as an extension of an application’s structure and reuse your
security policies at scale
Azure handles the complexity of explicit IP addresses and multiple rule sets.
Network Security Group
Filters network traffic to and from Azure resources connected to Azure Virtual Networks.
Consists of inbound and outbound rules.
Devops
Provides developer services for support teams to plan work, collaborate on code development, and build
and deploy applications.
Azure Blob Storage
Designed for serving images or documents directly to a browser, storing files for distributed access,
streaming video and audio, and for writing to log files.
Also used to store data for backup and restore, disaster recovery, archiving, and analysis by an on-
premises or Azure-hosted service.
Azure Files
Fully managed file shares in the cloud that are accessible via the industry standard Server Message Block
(SMB) protocol or Network File System (NFS) protocol.
Ccan be mounted concurrently by cloud or on-premises deployments.
Azure Firewall
Microsoft’s managed network security service in Azure that protects Azure Virtual Network resources.
Uses a static public IP address to represent the virtual network resources behind it.
Azure Sentinel
A scalable, cloud-native, security information event management (SIEM) and security orchestration
automated response (SOAR) solution that delivers intelligent security analytics and threat intelligence
across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting,
and threat response.
Azure Security Center
Used to provide threat protection for services in Azure and on-premises. Continuously monitors all
services, performs automatic security assessments, and uses machine learning to detect and block
malware.
Azure Key Vault
Stores application secrets in a centralized cloud location, to securely control access permissions, and
access logging
Azure Advanced Threat Protection
Microsoft’s security solution that is used to identify, detect, and investigate advanced threats and
compromised identities. Available as part of the Enterprise Mobility + Security 5 suite and as a
standalone license.
Azure Policy
Used to create, assign, and, manage policies that enforce different rules and effects over your resources.
Performs evaluations of resources and scans for those that are not compliant
Role-Based Access Control
Provides fine-grained access management for Azure resources. Used to segregate duties within your
team, granting only the specific access that your users need to perform their jobs.
Resource Locks
Used to prevent accidental deletion or modification of Azure resources. Managed from within the Azure
portal.
Azure Blueprints
Used to define repeatable sets of Azure resources that implement and adhere to standards, patterns,
and requirements.
A declarative way to manage the deployment of many different resource templates and other artifacts,
like role assignments, policy assignments, Azure Resource Manager templates, and Resource Groups.
Azure Tags
Used to logically organize your Azure resources. Consist of name-value pairs, and help organize
resources for billing
Azure Monitor
Allows you to collect, analyze, and act upon telemetry from both cloud and on-prem environments
Azure Serivice Health
Provides personalized guidance and support whenever issues with Azure services affect you
Trust Center
Provides information and details that outline how Microsoft implements and supports security, privacy,
compliance, and transparency in all Microsoft cloud products and services.
Service Trust Portal (STP)
The Service Trust Portal hosts the Compliance Manager service. It’s where Microsoft publishes audit
reports and other compliance-related information.
Compliance Manager
A workflow-based risk assessment dashboard within the Trust Portal used to track, assign, and verify
regulatory compliance activities.
Azure Government Services
Addresses the security and compliance needs of many federal agencies in the US, state and local
governments, and their solution providers.
Azure China 21Vianet
A physically separate instance of Azure that’s located in China, and operated by a separate organization,
called 21Vianet.
Geographies
Discrete markets that preserve data residency and compliance boundaries that typically contain two or
more regions.
Allow customers with specific data-residency and compliance needs to keep their data and applications
in close proximity.
Categorized as Americas, Europe, Asia Pacific, Middle East, and Africa.
Availability Zones
Physically separate locations within an Azure region. Each zone includes one or more datacenters,
equipped with independent power, cooling, and networking.
Acts as an isolation boundary, so if one availability zone goes down, the other continues working.
Resource Groups
Containers for multiple resources that share the same life cycle.
Azure Resource Manager
Provides a management layer that enables you to create, update, and delete resources in your Azure
subscription.
Azure Compete
Cloud-based on-demand computing service that provides computing resources such as disks, CPUs,
memory, networking, and OS.
VM Scale Set
A set of identically-configured virtual machines that supports true auto-scale. Can be scaled manually,
automatically, or a combination of the two.
Azure Virtual Network
Allows several types of Azure resources to securely communicate
Azure Load Balancer
Supports inbound and outbound scenarios and allows you to scale applications and create high
availability solutions.
Load balances incoming internet traffic and internal traffic across Azure services.
Virtual Network Gateway
Sends encrypted traffic over the public internet between an Azure Virtual Network and an on-prem
network and provides a secure connection from an on-prem environment to Azure.
Azure Application Gateway
Provides for the management of traffic to web applications.
Content Delivery Network
Provides a distributed network of servers that efficiently deliver web content in their local region.
IaaS
An instant computing infrastructure, provisioned and managed over the internet. IaaS helps you avoid
the expense and complexity of buying and managing your own physical servers and other datacenter
infrastructure.
PaaS
includes servers, storage, and networking, as well as middleware, development tools, business
intelligence (Bl) services, database management systems, and more. PaaS is designed to support the
complete web application lifecycle: building, testing, deploying, managing, and updating.
SaaS
Provides a complete software solution that you purchase on a pay-as-you-go basis from a
cloud service
provider. You rent the use of an app for your organization, and your users connect to it over the
Internet, usually with a web browser.
Capex
Upfront expenditures on physical infrastructure that are deducted come tax time
Opex
Billed immediately for products or services that are purchased when needed. OPEX expenses deducted
from tax bill in the same year.
Economies of Scale
The ability to reduce costs while improving efficiency as a result of operating at a larger scale versus
operating at a smaller scale.
Public Cloud
Resources do not belong to the organization that is utilizing them, but rather they are owned and
operated by a third party such as the cloud service provider.
Public cloud models may make their resources available to multiple organizations.
The most common cloud-type deployment model.
Private Cloud
A private cloud is owned and operated by the organization that uses the cloud resources.
Each organization creates its own cloud environment in its datacenter
Organization provides self-service access to compute resources to its user base and is responsible for
maintaining and operating the services it provides
Hybrid Cloud
A hybrid cloud combines both Public and Private clouds in order to run applications where most
appropriate.
Shared Responsibility Model
Ensures cloud workloads are secure and well-managed
Azure Subscription
Authenticates & authorizes users so they can access Azure products.
An account can have one subscription or multiple subscriptions.
Pricing Calculator
Used to estimate the cost of different Azure products
TCO Calculator
Allows you to estimate cost savings that you can realize by migrating your workloads to Azure
Cost Management
A set of tools that you use to monitor, allocate, and optimize your Azure costs
The 4 Azure Support Plan Options
Basic Support
Developer Support
Standard Support
Professional Direct
Service Level Agreement
Formal document that details the performance standards that apply to Azure products and services.
There are separate SLAS for many individual Azure products and services.
Availability Metrics
MTTR: Mean Time To Recovery is the average time it takes to restore a component or service after a
failure occurs.
MTBF: Mean Time Between Failures is the length of time that you can reasonably expect a component to
last between outages
Recovery Metrics
RTO: Recovery Time Objective refers to the maximum acceptable time that an application or service can
be unavailable after a failure.
RPO: Recovery Point Objective defines the maximum duration of data loss that is acceptable during a
disaster.
Private Preview
An Azure feature available to certain Azure customers for evaluation purposes.
Public Preview
An Azure feature available to all Azure customers for evaluation purposes.
Azure Cosmos DB
A globally-distributed database service that enables you to elastically and independently scale
throughput and storage
Azure SQL Database
A relational database as a service (DaaS) based on the latest stable version of the Microsoft SQL Server
database engine
Azure Database Migration
a fully-managed service designed to enable seamless migrations from multiple database sources to
Azure data platforms with minimal downtime.
Azure Synapse Analytics
An integrated analytics service that accelerates time to insight across data warehouses and big data
systems. Azure Synapse brings together the best of SQL technologies used in enterprise data
warehousing, Spark technologies used for big data, Pipelines for data integration and ETL/ELT, and deep
integration with other Azure services such as Power BI, CosmosDB, and AzureML.
Azure HDInsight
Azure HDInsight is a cloud distribution of Hadoop components. Azure HDInsight makes it easy, fast, and
cost-effective to process massive amounts of data. You can use the most popular open-source
frameworks such as Hadoop, Spark, Hive, LLAP, Kafka, Storm, R, and more.
Azure Data Lake Analytics
An on-demand analytics job service that simplifies big data. Instead of deploying, configuring, and tuning
hardware, you write queries to transform your data and extract valuable insights.
Azure Databricks
An Apache Spark-based analytics platform that’s optimized specifically for Microsoft Azure. You can use
Azure Databricks to read data from multiple data sources, including Azure Blob Storage, Azure Data Lake
Storage, Azure Cosmos DB, and others.
Machine Learning
A technique that allows computers to leverage existing data to forecast future behaviors or outcomes.
Azure Machine Learning Studio
A collaborative, drag-and-drop visual workspace where you can build, test, and deploy machine learning
solutions without needing to write code.
Azure Logic Apps
A cloud service that helps you automate and orchestrate tasks, business processes, and workflows when
you need to integrate apps, data, systems, and services.
Azure Event Grid
A fully-managed, intelligent event routing service that uses a publish-subscribe model for uniform event
consumption. Allows you to easily build applications with event-based architectures.
Azure DevTest Labs
Allows you to quickly create environments in Azure while minimizing waste and controlling cost.
Azure Portal
A management tool that you can use to identify services that you’re looking for. It can be used to get
links for help on different topics and to deploy, manage, and delete Azure resources.
Azure PowerShell
The most-used command-line tool. Can be used to connect to Azure subscriptions, and to deploy,
manage, and delete Azure resources.
Azure CLI
A cross-platform command-line program that you can use to connect to Azure and to execute
administrative commands against Azure resources. Can be run on Windows, Linux, and even macOS.
Azure Cloud Shell
A browser-based scripting environment that allows you to choose the shell experience that suits you
best.
Azure Mobile App
An Azure management tool that you can use to access, manage, and monitor your Azure accounts and
resources from an iOS or Android phone or tablet. Also allows you to get notifications and alerts about
important health issues and diagnose and fix many issues. Can be used to start, stop, restart, and
connect to VMs.
Azure REST APIs
Service endpoints that support sets of HTTP operations, or methods. Are used to provide create, retrieve,
update, and delete access to the service’s resources.
Azure Advisor
The tool to use when you want to get recommendations on improving your Azure environment and for
when you want to find ways to save on costs.
Azure Cognitive Services
Cloud services client library SDKs and rest APIs that you can use to build cognitive with intelligence into
applications.
