AZ900 Certification Flashcards

Question 1

Q

Name the 6 main Azure compute services described in the Azure fundamentals course and very briefly what they are.

Answer

A

Azure Virtual Machines: software emulations of physical computers.
Azure App Service: a PaaS for quickly building, deploying and scaling enterprise-grade web, mobile and API apps.
Azure Container Instances: A compute resource for deploying and managing containers.
Azure Kubernetes Service: Orchestration service for containers in Azure
Azure Functions: Service for running event triggered code which can be completed quickly.
Azure Virtual Desktop: A desktop and application virtualization service.

Question 2

Q

What are virtual machine scale sets?

Answer

A

An Azure compute resource used to deploy and manage a set of identical VM’s.

Question 3

Q

Give 4 examples of when to use VM’s from the Azure Fundamentals learning path

Answer

A

During testing and development
When running applications in the cloud
When extending your datacenter to the cloud
During disaster recovery

Question 4

Q

How can you scale VM’s in Azure? Name 2 ways and when to use which.

Answer

A

Virtual machine scale sets: Let’s you create and manage a group of identical, load-balanced VM’s
Azure Batch: Enables large-scale high performance computing (HPC) batch jobs with the ability to scale to many VM’s.

Question 5

Q

When you run a batch job in Azure Batch which 6 tasks does Batch perform?

Answer

A

Starts a pool of compute VM's for you
Installs applications and staging data
Runs jobs with as many tasks as you have
Identifies failures
Requeues work
Scales down the pool as the work completes

Question 6

Q

What are the 4 most common app service styles which can be hosted in Azure and what are they?

Answer

A

Web app: A computer program that utilizes web browsers and web technology to perform tasks over the internet.
API app: platform for creating hosting and using API’s for cloud and on-premise (separates business logic and UI).
WebJobs: Background processes for a WebApp in Azure - such as resizing an image when uploaded to blob storage.
Mobile apps: Unlike a web app which runs in the the browser, mobile apps are native apps which are installed on a mobile device.

Question 7

Q

What is a container?

Answer

A

Containers are virtualizations environment - virtual machines virtualize hardware, containers virtualize the operating system (OS). Containers bundle an app and all its dependencies.

Question 8

Q

What is Kubernetes?

Answer

A

Kubernetes is an orchestration service for containers with distributed architectures and large volumes of containers.

Question 9

Q

What is serverless computing? Also name 3 benefits of serverless computing

Answer

A

Serverless computing is the abstraction of servers, infrastructure, and operating systems.

Abstraction of servers: Serverless computing abstracts the servers you run on so you never explicitly need to reserve server instances and developers can focus on coding instead of infrastructure.
Event-driven scale: Serveless computing is excellent for workloads that respond to incoming events which can be triggered by timers, HTTP requests, Queues and more.
Micro-billing: You only pay for the time your code is running, letting costs scale with demand.

Question 10

Q

What are the 2 implementations of serveless computing in Azure called?

Answer

A

Azure Functions

Azure Logic Apps

Question 11

Q

What is the difference between a stateless and a stateful process?

Answer

A

Stateless processes have no knowledge or reference to past transactions. They are isolated and have no context. Stateful processes are performed with the context of previous transactions. If a stateful interaction is interrupted you can pick up where you left off - if a stateless interaction is interrupted you have to start over.

Question 12

Q

Name three reasons that make cloud computing cheaper than on prem?

Answer

A

1) Lower your operating costs.
2) Run your infrastructure more efficiently.
3) Scale as your business needs change.

Question 13

Q

Name 6 compute resources in Azure

Answer

A

1) VM
2) VM scale sets
3) Kubernetes
4) Service fabric
5) Azure batch
6) Container instances

Question 14

Q

Name 9 Azure networking services

Answer

A

1) Virtual network
2) Load balancer
3) Azure application gateway
4) Azure VPN gateway
5) Azure DNS
6) Azure DDoS protection
7) Azure ExpressRoute
8) Azure Firewall
9) Azure Virtual WAN

Question 15

Q

Name the 4 Azure storage services

Answer

A

1) Blob starage
2) File storage
3) Queue storage
4) Table storage

Question 16

Q

Name 6 Azure Database services

Answer

A

Azure Cosmos DB
- Globally distributed database that supports NoSQL options.

Azure SQL Database
- Fully managed relational database with auto-scale, integral intelligence, and robust security.

Azure Database for MySQL
- Fully managed and scalable MySQL relational database with high availability and security.

Azure Database for PostgreSQL
- Fully managed and scalable PostgreSQL relational database with high availability and security.

SQL Server on Azure Virtual Machines
- Service that hosts enterprise SQL Server apps in the cloud.

Azure Synapse Analytics
- Fully managed data warehouse with integral security at every level of scale at no extra cost.

Question 17

Q

Name 4 Azure services for building web applications

Answer

A

Azure App Service
- Quickly create powerful cloud web-based apps.

Azure Notification Hubs
- Send push notifications to any platform from any back end.

Azure API Management
- Publish APIs to developers, partners, and employees securely and at scale.

Azure Cognitive Search
- Deploy this fully managed search as a service.

Question 18

Q

Name the 3 Azure IoT services

Answer

A

IoT Central
- Fully managed global IoT software as a service (SaaS) solution that makes it easy to connect, monitor, and manage IoT assets at scale.

Azure IoT Hub
- Messaging hub that provides secure communications between and monitoring of millions of IoT devices.

Azure Sphere

Question 19

Q

Name the 3 Azure big data services

Answer

A

Azure Synapse Analytics
- Run analytics at a massive scale by using a cloud-based enterprise data warehouse that takes advantage of massively parallel processing to run complex queries quickly across petabytes of data.

Azure HDInsight
- Process massive amounts of data with managed clusters of Hadoop clusters in the cloud.

Azure Databricks
- Integrate this collaborative Apache Spark-based analytics service with other big data services in Azure.

Question 20

Q

Name the two types of AI services in Azure

Answer

A

Azure Machine Learning

Azure Cognitive services

Question 21

Q

Name the two Devops services in Azure

Answer

A

Azure DevOps
- Use development collaboration tools such as high-performance pipelines, free private Git repositories, configurable Kanban boards, and extensive automated and cloud-based load testing. Formerly known as Visual Studio Team Services.

Azure DevTest Labs
- Quickly create on-demand Windows and Linux environments to test or demo applications directly from deployment pipelines.

Question 22

Q

Name and explain the 3 different cloud models

Answer

A

Public cloud
- Services are offered over the public internet and available to anyone who wants to purchase them. Cloud resources, such as servers and storage, are owned and operated by a third-party cloud service provider, and delivered over the internet.

Private cloud
- A private cloud consists of computing resources used exclusively by users from one business or organization. A private cloud can be physically located at your organization’s on-site (on-premises) datacenter, or it can be hosted by a third-party service provider.

Hybrid cloud
- A hybrid cloud is a computing environment that combines a public cloud and a private cloud by allowing data and applications to be shared between them.

Question 23

Q

Name some of the pros/cons of the different cloud models (private, public, hybrid)

Answer

A

Public cloud
No capital expenditures to scale up.
Applications can be quickly provisioned and deprovisioned.
Organizations pay only for what they use.

Private cloud
Hardware must be purchased for start-up and maintenance.
Organizations have complete control over resources and security.
Organizations are responsible for hardware maintenance and updates.

Hybrid cloud
Provides the most flexibility.
Organizations determine where to run their applications.
Organizations control security, compliance, or legal requirements.

Question 24

Q

Name benefits of cloud computing

Answer

A

High availability

Scalability

Agility (Deploy and configure cloud-based resources quickly)

Geo-distribution

Disaster recovery

Question 25

Q

Explain IaaS

Answer

A

This cloud service model is the closest to managing physical servers; a cloud provider will keep the hardware up-to-date, but operating system maintenance and network configuration is up to you as the cloud tenant. For example, Azure virtual machines are fully operational virtual compute devices running in Microsoft datacenters. An advantage of this cloud service model is rapid deployment of new compute devices. Setting up a new virtual machine is considerably faster than procuring, installing, and configuring a physical server.

Question 26

Q

Explain Paas

Answer

A

This cloud service model is a managed hosting environment. The cloud provider manages the virtual machines and networking resources, and the cloud tenant deploys their applications into the managed hosting environment. For example, Azure App Services provides a managed hosting environment where developers can upload their web applications, without having to worry about the physical hardware and software requirements.

Question 27

Q

Explain SaaS

Answer

A

In this cloud service model, the cloud provider manages all aspects of the application environment, such as virtual machines, networking resources, data storage, and applications. The cloud tenant only needs to provide their data to the application managed by the cloud provider. For example, Microsoft Office 365 provides a fully working version of Microsoft Office that runs in the cloud. All you need to do is create your content, and Office 365 takes care of everything else.

Question 28

Q

Relate IaaS, PaaS and SaaS in terms of least user responsibility/management

Answer

A

SaaS>PaaS>IaaS

Question 29

Q

Explain serverless computing

Answer

A

Like PaaS, serverless computing enables developers to build applications faster by eliminating the need for them to manage infrastructure. With serverless applications, the cloud service provider automatically provisions, scales, and manages the infrastructure required to run the code. Serverless architectures are highly scalable and event-driven, only using resources when a specific function or trigger occurs.

Question 30

Q

IoT services

Name the central message hub, that handles bi-directional communication between IoT device and IoT apps

Answer

A

Azure IoT hub

Question 31

Q

IoT services

Name the services that build on the Azure IoT hub, including a dashboard that allows you to connect, monitor, and manage your IoT devices

Answer

A

Azure IoT central

Question 32

Q

IoT services

Name this service: end-to-end, highly secure IoT solution for customers that encompasses everything from the hardware and operating system on the device to the secure method of sending messages from the device to the message hub.

Answer

A

Azure Sphere

Question 33

Q

IoT services

Decision criteria for IoT services and the service choice for each

Answer

A

1) Is it critical to ensure that the device is not compromised?
A: AZURE SPHERE

2) Do I need a dashboard for reporting and management?
A: AZURE IoT CENTRAL

else:
Azure IoT Hub

Question 34

Q

AI SERVICES

Name the service choice if you want to make custom predictions

Answer

A

Azure Machine Learning is a platform for making predictions. It consists of tools and services that allow you to connect to data to train and test models to find one that will most accurately predict a future result. After you’ve run experiments to test the model, you can deploy and use it in real time via a web API endpoint.

Question 35

Q

AI SERVICES

Name the service choice that enable applications to see, hear, speak, understand, and even begin to reason.

Answer

A

Azure cognitive services

Azure Cognitive Services provides prebuilt machine learning models that enable applications to see, hear, speak, understand, and even begin to reason. Use Azure Cognitive Services to solve general problems, such as analyzing text for emotional sentiment or analyzing images to recognize objects or faces. You don’t need special machine learning or data science knowledge to use these services. Developers access Azure Cognitive Services via APIs and can easily include these features in just a few lines of code.

While Azure Machine Learning requires you to bring your own data and train models over that data, Azure Cognitive Services, for the most part, provides pretrained models so that you can bring in your live data to get predictions on.

Question 36

Q

AI SERVICES

Name the service choice if you want a virtual agent that understand and reply to questions just like a human.

Answer

A

Azure Bot Service

Azure Bot Service and Bot Framework are platforms for creating virtual agents that understand and reply to questions just like a human. Azure Bot Service is a bit different from Azure Machine Learning and Azure Cognitive Services in that it has a specific use case. Namely, it creates a virtual agent that can intelligently communicate with humans. Behind the scenes, the bot you build uses other Azure services, such as Azure Cognitive Services, to understand what their human counterparts are asking for.

Bots can be used to shift simple, repetitive tasks, such as taking a dinner reservation or gathering profile information, on to automated systems that might no longer require direct human intervention. Users converse with a bot by using text, interactive cards, and speech. A bot interaction can be a quick question and answer, or it can be a sophisticated conversation that intelligently provides access to services.

Question 37

Q

AI services

Decision criteria for AI services and the service choice for each

Answer

A

Are you building a virtual agent that interfaces with humans via natural language?
A: AZURE BOT SERVICES

Do you need a service that can understand the content and meaning of images, video, or audio, or that can translate text into a different language?
A: AZURE COGNITIVE SERVICES

Do you need to predict user behavior or provide users with personalized recommendations in your app?
A:COGNITIVE SERVICES

Will your app predict future outcomes based on private historical data?
A: AZURE MACHINE LEARNING

Question 38

Q

SERVERLESS OPTIONS

Decision criteria for serverless computing services and the service choice for each

Answer

A

Do you need to execute custom algorithms or perform specialized data parsing and data lookups?
A: AZURE FUNCTIONS

Do you need to perform an orchestration across well-known APIs?
a: AZURE LOGIC APPS

Do you have existing automated tasks written in an imperative programming language?
A: AZURE FUNCTIONS

Do you prefer a visual (declarative) workflow or writing (imperative) code?
A: AZURE LOGIC APPS/AZURE FUNCTIONS

Question 39

Q

Compare Azure functions and Azure logic apps

Answer

A

With the Azure Functions service, you can host a single method or function by using a popular programming language in the cloud that runs in response to an event. An example of an event might be an HTTP request, a new message on a queue, or a message on a timer.

Because of its atomic nature, Azure Functions can serve many purposes in an application’s design. Functions can be written in many common programming languages, such as C#, Python, JavaScript, Typescript, Java, and PowerShell.

Logic Apps is a low-code/no-code development platform hosted as a cloud service. The service helps you automate and orchestrate tasks, business processes, and workflows when you need to integrate apps, data, systems, and services across enterprises or organizations. Logic Apps simplifies how you design and build scalable solutions, whether in the cloud, on-premises, or both. This solution covers app integration, data integration, system integration, enterprise application integration (EAI), and business-to-business (B2B) integration.

Question 40

Q

BUILD SOLUTIONS
Azure DevOps, GitHub, Github Actions, Azure DevTest labs

Choice if you need to automate and manage test-lab creation?

Answer

A

A: Azure DevTest Labs

If your aim is to automate the creation and management of a test lab environment, consider choosing Azure DevTest Labs.
Among the three tools and services we’ve described, it’s the only one that offers this functionality.

However, you can automate the provisioning of new labs as part of a toolchain by using Azure Pipelines or GitHub Actions.

Question 41

Q

BUILD SOLUTIONS
Azure DevOps, GitHub, Github Actions, Azure DevTest labs

Choice if you need to build open-source software?

Answer

A

A: GitHub

Although Azure DevOps can publish public code repositories, GitHub has long been the preferred host for open-source software. If you’re building open-source software, you would likely choose GitHub if for no other reasons than its visibility and general acceptance by the open-source development community.

Question 42

Q

BUILD SOLUTIONS
Azure DevOps, GitHub, Github Actions, Azure DevTest labs

Choice if you need sophisticated project management and reporting

Answer

A

A: Azure DevOps

Although GitHub has work items, issues, and a Kanban board, project management and reporting is the area where Azure DevOps excels. Azure DevOps is highly customizable, which allows an administrator to add custom fields to capture metadata and other information alongside each work item. By contrast, the GitHub Issues feature uses tags as its primary means of helping a team categorize issues.

Question 43

Q

BUILD SOLUTIONS
Azure DevOps, GitHub, Github Actions, Azure DevTest labs

Choice if you need a high level of permission granularity

Answer

A

A: Azure DevOps

GitHub works on a simple model of read/write permissions to every feature. Meanwhile, Azure DevOps has a much more granular set of permissions that allow organizations to refine who is able to perform most operations across the entire toolset.

Question 44

Q

BUILD SOLUTIONS
Azure DevOps, GitHub, Github Actions, Azure DevTest labs

Choice if you need to integrate w. third party tools

Answer

A

A: GitHub + Azure DevOps

Although we make no specific recommendations about third-party tools, it’s important for you to understand your organization’s existing investments in tools and services and to evaluate how these dependencies might affect your choice. It’s likely that most vendors that create DevOps tools create hooks or APIs that can be used by both Azure Pipelines and GitHub Actions. Even so, it’s probably worth the effort to validate that assumption.

Question 45

Q

Name the four developer services in Azure used for collaboration on code development and building and deploying solutions.

Answer

A

Azure DevOps
Azure Devtest Labs
GitHub
GitHub actions

Question 46

Q

Name the management tools in Azure

Visual tools provide full, visually friendly access to all the functionality of Azure as well as command line tools

Answer

A

Azure Portal
- The user friendly GUI option

Azure mobile app
- Mobile app for Azure resources

Azure PowerShell
- a shell with which developers and DevOps and IT professionals can execute called cmdlets

Azure CLI
- The Azure CLI command-line interface is an executable program with which a developer, DevOps professional, or IT professional can execute commands in Bash.

ARM templates
- The template then orchestrates the creation of those resources in parallel. That is, if you need 50 instances of the same resource, all 50 instances are created at the same time.

Question 47

Q

MANAGING AND CONFIGURING
PORTAL, MOBILE, POWERSHELL, CLI, ARM TEMPLATES

Choice if you need to perform one-off management, administrative, or reporting actions?

Answer

A

PORTAL + POWERSHELL + CLI,

Question 48

Q

MANAGING AND CONFIGURING
PORTAL, MOBILE, POWERSHELL, CLI, ARM TEMPLATES

Choice if you need a way to repeatedly set up one or more resources and ensure that all the dependencies are created in the proper order?

Answer

A

ARM templates

Question 49

Q

MANAGING AND CONFIGURING
PORTAL, MOBILE, POWERSHELL, CLI, ARM TEMPLATES

Choice if you are Windows/Linux based

Answer

A

Windows: PowerShell

Linux: Azure CLI

Question 50

Q

Compare Azure Advisor, Azure Monitor and Azure Service Health

Answer

A

AZURE ADVISOR

Advisor dashboard displays personalized recommendations for all your subscriptions, and you can use filters to select recommendations for specific subscriptions, resource groups, or services

(reliability, Security, Performance, Cost, operational excellence)

AZURE MONITOR

Azure Monitor is a platform for collecting, analyzing, visualizing, and potentially taking action based on the metric and logging data from your entire Azure and on-premises environment.

AZURE SERVCE HEALTH
- Azure Service Health provides a personalized view of the health of the Azure services, regions, and resources you rely on

Question 51

Q

MONITORING SERVICES
ADVISOR, MONITOR, SERVICE HEALTH

Choice if you need to analyze how you’re using Azure to reduce costs, improve resilience, or harden your security?

Answer

A

Azure Advisor

Question 52

Q

MONITORING SERVICES
ADVISOR, MONITOR, SERVICE HEALTH

Choice if you want to monitor Azure services or your usage of Azure?

Answer

A

Azure monitor

Question 53

Q

MONITORING SERVICES
ADVISOR, MONITOR, SERVICE HEALTH

Choice if you want to measure custom events alongside other usage metrics?

Answer

A

Azure monitor

Question 54

Q

MONITORING SERVICES
ADVISOR, MONITOR, SERVICE HEALTH

Choice if you need to set up alerts for outages or when autoscaling is about to deploy new instances?

Answer

A

Azure monitor

Question 55

Q

MONITORING SERVICES
ADVISOR, MONITOR, SERVICE HEALTH

Choice if you want to monitor Azure services or your usage of Azure?

Answer

A

Azure Service Health to monitor Azure services and Azure Monitor if it’s related to your specific services.

Question 56

Q

Describe the difference between authorization and authentication

Answer

A

Authentication is the process of establishing the identity of a person or service that wants to access a resource.
Authentication establishes the user’s identity, but authorization is the process of establishing what level of access an authenticated person or service has. It specifies what data they’re allowed to access and what they can do with it.

Question 57

Q

Name the Azure authentication and authorazation service, that enables users to sign-in and access applications on your tenant?

Answer

A

Azure Active Directory

Question 58

Q

Name services within Azure AD

Answer

A

Authentication
SSO
Application management
Device management

Question 59

Q

Explain the difference between multifactor authentication and conditional access

Answer

A

Multifactor authentication is a process where a user is prompted during the sign-in process for an additional form of identification. Examples include a code on their mobile phone or a fingerprint scan (something the user knows, has or are)

Conditional Access is a tool that Azure Active Directory uses to allow (or deny) access to resources based on identity signals. These signals include who the user is, where the user is, and what device the user is requesting access from.

Question 60

Q

Name the four management levels in Azure and explain how you can manage access easily between these mangement levels

Answer

A

A management group (a collection of multiple subscriptions).
A single subscription.
A resource group.
A single resource.

Control access via RBAC

Question 61

Q

How can you prevent accidental changes of resources?

Answer

A

Resource lock

Question 62

Q

Name the two levels of locking via resource locks

Answer

A

CanNotDelete means authorized people can still read and modify a resource, but they can’t delete the resource without first removing the lock.

ReadOnly means authorized people can read a resource, but they can’t delete or change the resource. Applying this lock is like restricting all authorized users to the permissions granted by the Reader role in Azure RBAC.

Question 63

Q

Explain Azure blueprint and how it relates to resource locks

Answer

A

To make the protection process more robust, you can combine resource locks with Azure Blueprints. Azure Blueprints enables you to define the set of standard Azure resources that your organization requires. For example, you can define a blueprint that specifies that a certain resource lock must exist. Azure Blueprints can automatically replace the resource lock if that lock is removed.

Question 64

Q

Descirbe “tags” and how they are beneficial

Answer

A

Tags are used to identify grouped resources. This is helpful in usage tracking and invoicing

Answer 65

A

Azure Policy enables you to define both individual policies and groups of related policies, known as initiatives. Azure Policy evaluates your resources and highlights resources that aren’t compliant with the policies you’ve created. Azure Policy can also prevent noncompliant resources from being created.

An Azure Policy initiative is a way of grouping related policies together. The initiative definition contains all of the policy definitions to help track your compliance state for a larger goal.

Answer 66

A

Azure blueprints

Answer 67

A

The Cloud Adoption Framework for Azure provides you with proven guidance to help with your cloud adoption journey. The Cloud Adoption Framework helps you create and implement the business and technology strategies needed to succeed in the cloud.

Answer 68

A

Define your strategy.
Make a plan.
Ready your organization.
Adopt the cloud.
Govern and manage your cloud environments.

Answer 69

A

Isolation and segmentation, Internet communications, communication between Azure resources, communication with on-premises resources, route network traffic, filter network traffic, connect virtual networks.

Answer 70

A

Point-to-site virtual private networks, site-to-site virtual private networks, Azure ExpressRoute

Answer 71

A

A VPN is a virtual private network. VPNs extend a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. The traffic is usually encrypted. For point-to-site virtual networks in Azure the client computer initiates an encrypted VPN connection to connect that computer to the Azure virtual network. For site-to-site VPNs in Azure an on-premise VPN gateway or device is linked to the Azure VPN gateway in a virtual network such that Azure devices appear as being on the local network. The connection between the gateways is encrypted.

Answer 72

A

Define rules about how traffic should be directed. Custom route tables allow you to control how packets are routed between subnets.

Answer 73

A

A BGP is a Border Gateway Protocol. A Border Gateway Protocol works with Azure VPN gateways, Azure Route Servers or ExpressRoute to propagate on-premise BGP routes to Azure virtual networks.

Answer 74

A

A network security group (NSG) is an Azure resource that can contain multiple inbound and outbound security rules. The rules can allow or block traffic based on factors such as source and destination IP, port and protocol.

Answer 75

A

Peering is a way of linking Azure VNets thereby enabling resources in each virtual network to communicate with each other.

Answer 76

A

Yes, VNets can be peered across separate regions allowing a global interconnected network through Azure.

Answer 77

A

Subscription.

It does not need to be globally unique.

Answer 78

A

Global
US goverment
Industry
Regional

Answer 79

A

An address space is a range of valid ip-adresses within a network. The defined in the Classless Interdomain Routing (CIDR) format. It must be unique within your subscription and any other networks that you connect to.

Answer 80

A

1) The Microsoft Privacy Statement explains what personal data Microsoft collects, how Microsoft uses it, and for what purposes.
2) The Online Services Terms (OST) is a legal agreement between Microsoft and the customer. The OST details the obligations by both parties with respect to the processing and security of customer data and personal data.
3) The Data Protection Addendum (DPA) further defines the data processing and security terms for online services

Answer 81

A

MS trust center

Answer 82

A

Azure Government is a separate instance of the Microsoft Azure service. It addresses the security and compliance needs of US federal agencies, state and local governments, and their solution providers. Azure Government offers physical isolation from non-US government deployments and provides screened US personnel.

Answer 83

A

Azure China 21Vianet is operated by 21Vianet. It’s a physically separated instance of cloud services located in China.

Answer 84

A

Within a virtual networks address range you can create one or more subnets that partition the virtual networks address space. Routing between the subnets depend on the default traffic routes, and any defined custom routes.

Answer 85

A

A service endpoint allows virtual network resources to use private IP addresses to connect to an Azure service’s public endpoint, extending the identity of the virtual network to the target resource. The traffic then flows to the service resource over the Azure backbone network instead of over the internet.

Answer 86

A

Azure ExpressRoute is used for environments where you need very high bandwidth and security. It provides a dedicated private connectivity to Azure that does not travel over the internet.

Answer 87

A

A virtual network NAT is a fully managed and highly resilient Network Adress Translation (NAT) service. It simplifies outbound internet connectivity for virtual networks. When configured on a subnet all outbound connectivity uses the NAT’s static public IP addresses (as opposed to the individual VMs or other compute resources IP which in turn can remain private)

Answer 88

A

The provider (Azure) manages the service, so that the user (us) does not have to worry about the technical details.

Answer 89

A

A bastion host is a special purpose computer on a network specifically designed to withstand attacks. The Azure BastionHost service provides a secure and seamless RDP(remote desktop protocol)/SSH(secure shell) connection to virtual machines in the Azure Portal over SSL (secure socket layer - a standard for keeping an internet connection secure and safeguarding sensitive data being sent between 2 systems preventing interception from criminals).

Answer 90

A

A DDoS attack is a distributed denial-of-service attack, in which an attacker attempts to disrupt the normal traffic of the targeted server, service or network by overwhelming it or the surrounding infrastructure with a flood of internet traffic. You can choose DDoS Protection Standard when creating Azure VNets to protect against DDoS attacks.

Answer 91

A

A route table defines how traffic is routed between subnets, VNets and on-premise networks. Azure automatically creates a route table for each subnet within an Azure VNet and adds the system default routes to the table. You can add custom route tables to modify how the traffic is routed.

Answer 92

A

Subnet delegation is the act of designating a subnet to be used by a dedicated service.

Answer 93

A

The Domain Name System (DNS) is the phonebook of the internet. It couples a domain name which is easy to remember - such as google.com to the correct IP address for the site. DNS servers are machines dedicated to answering DNS queries.

Answer 94

A

A server is a device or program dedicated to providing services to other programs referred to as clients.

Answer 95

A

site-to-site, point-to-site, network-to-network.

Answer 96

A

Support for IKEv1 only (internet key exchange version 1. It requires symmetric authentication and is vulnerable to certain attacks. )

Use of static routing - combinations of address prefixes from both networks control how traffic is encrypted and decrypted the the VPN. Source and destination of the tunneled networks are declared in the policy and don’t need to be declared in the routing tables.

Policy-based VPNs must be used in specific scenarios that require them, such as compatibility with legacy on-premise VPN devices.

Answer 97

A

Use a route-based VPN gateway if you need any of the following types of connectivity:

Connections between virtual networks
Point-to-site connections
Multisite connections
Coexistence with an Azure ExpressRoute gateway

Answer 98

A

Supports IKEv2 (internet key exchange version 2)
Uses any-to-any (wildcard) traffic selectors
Can use dynamic routing protocols - data packets are encryoted based on network routing tables that are created dynamically using routing protocols such as Border Gateway Protocol (BGP).

Answer 99

A

A SKU is a stock-keeping unit - a number assigned to a product to identify it, such as a bar code.

Answer 100

A

A virtual network, GatewaySubnet, public IP address, local network gateway, virtual network gateway, connection.

Answer 101

A

The address space for the virtual network can not overlap with the on-premise network that you’re connecting to and only one VPN gateway can be deployed within a virtual network. The address space of the virtual network must be large enough for the additional subnet you’ll need for the VPN gateway.

Answer 102

A

A VPN device that supports policy-based or route-based VPN gateways
A public-facing (internet routable) IPv4 address

Answer 103

A

A VPN device that supports policy-based or route-based VPN gateways
A public-facing (internet routable) IPv4 address

Answer 104

A

By default, VPN gateways are deployed as two instances in an active/standby configuration. When planned maintenance or unplanned disruption affects the active instance the standby instance automatically assumes responsibility.

VPN gateways can also be deployed in an active/active configuration where each instance has a unique IP address and separate tunnels can be created from the on-premise device to each IP address. You can extend the high availability by deploying an additional VPN on-premise.

VPNs can be configured as a secure failover path for ExpressRoute connections if the physical ifrastructure of the ExpressRoute is compromised.

In regions that support availability zones VPN gateways and ExpressRoute gateways can be deployed in a zone redundant configuration.

Answer 105

A

Physically separate location that are tolerant to local failures

Answer 106

A

A redundant system consists of at least two systems that are interconnected and designed for the same purpose. If one system fails, the other can take over. Redundancy in cloud architecture ensures that any individual failure has a fallback within the architecture.

Answer 107

A

2: Data link layer: provides node-to-node communication between 2 nodes on the same network
3: Network layer: provides addressing and routing between nodes on a multi-node network

Answer 108

A

Layer 3 connectivity between on-premises network and Azure through connectivity partners.

Answer 109

A

point-to-point or any-to-any

Answer 110

A

Cloud exchange co-location, poit-to-point ethernet connection any-to-any (IPVPN) connection, directly from ExpressRoute sites.

Answer 111

A

DNS queries, certificate revocation list checking, Azure Content Delivery Network requests.

Answer 112

A

File transfer protocol (FTP) is used to communicate and transfer files from one host to another.

Answer 113

A

ExpressRoute does provide private connectivity, but it isn’t encrypted.

Answer 114

A

HTTP (hyper text transfer protocol) is a protocol for communication between client computers and web servers. It is done by sending HTTP requests and receiving HTTP responses. HTTPS(ecure) used an encryption protocol to encryt communications. The encryption protocol is called TLS (transport layer security)formerly known as SSL (Secure Sockets Layer).

Answer 115

A

Persistent storage is any data storage device that retains data after power to the device is shut of . Hard Disks are persistent storage units while RAM and cache systems are typically non-persistent (volatile) storage devices.

Answer 116

A

solid-state drives (SSDs) and traditional spinning hard disk drives (HDDs).

Answer 117

A

Serving images or documents to a browser
Storing files for distributed access
Streaming video and audio
Storing data for backup and restore, disaster recovery, and archiving
Storing data for analysis by an Azure-hosted service
Storing up to 8 TB of data for VMs.

Answer 118

A

In containers.

Answer 119

A

When migrating on-premise file shares to the cloud.
Storing configuration files on a file share and access them from multiple VMs
Writing data such as diagnostic logs, metrics and crash dumps to a file share for later processing or analysis

Answer 120

A

Shared Access Signature (SAS) token.

Answer 121

A

Hot access tier: Optimized for storing data that is accessed frequently (for example, images for your website).
Cool access tier: Optimized for data that is infrequently accessed and stored for at least 30 days (for example, invoices for your customers).
Archive access tier: Appropriate for data that is rarely accessed and stored for at least 180 days, with flexible latency requirements (for example, long-term backups).

Answer 122

A

Cosmos DB, SQL Database, SQL Managed Instance, Database for MySql, Database for PostgreSQL

Answer 123

A

Azure SQL Database and Azure SQL Managed Instance share a common code base with the latest stable version of SQL Server. Most of the standard SQL language, query processing, and database management features are identical. Azure SQL Database does not support native virtual network integration which the managed instance does and the managed instance has nearly full compatibility with SQL Server on-premise and is generally better for migrations. Azure Database for MySQL is separate from the others in that it is powered by the MySQL community edition. SQL is a query language whereas MySQL is a relational database that uses SQL to query a database.

Answer 124

A

A globally distributed multi-model database service

Answer 125

A

A database management system designed to support multiple data models (such as document, graph, relational, and key-value models) against a single integrated backend.

Answer 126

A

A distributed system is a group of interconnected components that appear as a single system. A distributed database is a database which is physically distributed across sites allowing applications to operate on a copy of the data that’s close to its users for fast response times.

Answer 127

A

A schemaless database in which there is no predefined schema for how data is stored.

Answer 128

A

SQL, MongoDB, Cassandra, Tables, Gremlin

Answer 129

A

A relational database in the cloud based on the community version of the open-source PostgreSQL database engine.

Answer 130

A

The Hyperscale (Citus) option horizontally scales queries across multiple machines by using sharding. Its query engine parallelizes incoming SQL queries across these servers for faster responses on large datasets. It serves applications that require greater scale and performance, generally workloads that are approaching, or already exceed, 100 GB of data.

Answer 131

A

Azure Data Lake Analytics
Azure Databricks
Azure HDInsight
Azure Synapse Analytics

Answer 132

A

Azure HDInsight is a cloud distribution of the Hadoop components. It makes it easy fast and cost-effective to process massive amounts of data. Azure Databricks is a premium offering optimized for easy setup, collaboration on shared projects in an interactive workspace, and autoscaling.

Answer 133

A

HDInsight is an analytics service that requires many configurations and is suitable for heavy computations where you have very detailed needs and the learning curve is very steep. HDInsight is always on, whereas Azure Synapse Analytics is consumption-based and brings together enterprise data warehousing and big data analytics.

Answer 134

A

Azure Data Lake Analytics is an on-demand analytics job service to simplify big data analytics. You can focus on writing, running, and managing jobs rather than on operating distributed infrastructure. Instead of deploying, configuring, and tuning hardware, you write queries to transform your data and extract valuable insights.

Answer 135

A

MySQL is part of the LAMP (Linux, Apache, MySQL, PHP) stack and therefore Azure Database for MySQL would be the logical choice.

Answer 136

A

A monitoring service that provides visibility of your security posture across all of your services, both on Azure and on-premises

Answer 137

A

The term security posture refers to cybersecurity policies and controls, as well as how well you can predict, prevent, and respond to security threats.

Answer 138

A

1) Monitor security settings across on-premises and cloud workloads.
2) Automatically apply required security settings to new resources as they come online.
3) Provide security recommendations that are based on your current configurations, resources, and networks.
4) Continuously monitor your resources and perform automatic security assessments to identify potential vulnerabilities before those vulnerabilities can be exploited.
5) Use machine learning to detect and block malware from being installed on your virtual machines (VMs) and other resources. You can also use adaptive application controls to define rules that list allowed applications to ensure that only applications you allow can run.
6) Detect and analyze potential inbound attacks and investigate threats and any post-breach activity that might have occurred.
7) Provide just-in-time access control for network ports. Doing so reduces your attack surface by ensuring that the network only allows traffic that you require at the time that you need it to.

Answer 139

A

Secure score is a measurement of an organization’s security posture.

Secure score is based on security controls, or groups of related security recommendations. Your score is based on the percentage of security controls that you satisfy. The more security controls you satisfy, the higher the score you receive. Your score improves when you remediate all of the recommendations for a single resource within a control.

Answer 140

A

Report on the current state of your organization’s security posture.
Improve your security posture by providing discoverability, visibility, guidance, and control.
Compare with benchmarks and establish key performance indicators (KPIs).

Answer 141

A

Just-in-time access to VMs blocks traffic by default to specific network ports of VMs, but allows traffic for a specified time when an admin requests and approves it.

Answer 142

A

Just-in-time access to VMs blocks traffic by default to specific network ports of VMs, but allows traffic for a specified time when an admin requests and approves it.

Answer 143

A

Adaptive network hardening: Security Center can monitor the internet traffic patterns of the VMs, and compare those patterns with the company’s current network security group (NSG) settings. From there, Security Center can make recommendations about whether the NSGs should be locked down further and provide remediation steps.

Answer 144

A

A machine learning process in Azure used to provide alerts about unauthorized applications running.

Answer 145

A

Important files in a system can be monitored by configuring file integrity monitoring to detect changes to important files such as registry settings.

Answer 146

A

Security Center

Answer 147

A

Azure Sentinel

Answer 148

A

Azure Monitor Workbooks

Answer 149

A

You can use workflow automation which uses Azure Logic Apps and Security Center connectors.

Answer 150

A

Manage Secrets: You can use Key Vault to securely store and tightly control access to tokens, passwords, certificates, API keys, and other secrets.

Manage Encryption Keys: You can use Key Vault as a key management solution. Key Vault makes it easier to create and control the encryption keys that are used to encrypt your data.

Manage SSL/TLS certificates: Key Vault enables you to provision, manage, and deploy your public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for both your Azure resources and your internal resources.

Store Secrets backend by hardware security modules: These secrets and keys can be protected either by software or by FIPS 140-2 Level 2 validated HSMs.

Answer 151

A

Centralized storage: Centralizing the storage for your application secrets enables you to control their distribution, and reduces the chances that secrets are accidentally leaked.

Securely stored secrets and keys: Azure uses industry-standard algorithms, key lengths, and HSMs. Access to Key Vault requires proper authentication and authorization.

Access monitoring and access control: By using Key Vault, you can monitor and control access to your application secrets.

Simplified administration of application secrets: Key Vault makes it easier to enroll and renew certificates from public certificate authorities (CAs). You can also scale up and replicate content within regions and use standard certificate management tools.

Integration with other Azure services You can integrate Key Vault with storage accounts, container registries, event hubs, and many more Azure services. These services can then securely reference the secrets stored in Key Vault.

Answer 152

A

Azure Dedicated Host provides dedicated physical servers to host your Azure VMs for Windows and Linux.

Benefits:
Gives you visibility into, and control over, the server infrastructure that’s running your Azure VMs.

Helps address compliance requirements by deploying your workloads on an isolated server.

Lets you choose the number of processors, server capabilities, VM series, and VM sizes within the same host.

Answer 153

A

For high availability, you can provision multiple hosts in a host group, and deploy your VMs across this group. VMs on dedicated hosts can also take advantage of maintenance control. This feature enables you to control when regular maintenance updates occur, within a 35-day rolling window.

Answer 154

A

You’re charged per dedicated host, independent of how many VMs you deploy to it. The host price is based on the VM family, type (hardware size), and region.

Software licensing, storage, and network usage are billed separately from the host and VMs

Answer 155

A

Create an application control rule in Azure Security Center

Answer 156

A

Collect security data in Azure Sentinel.

Answer 157

A

Collect security data in Azure Sentinel.

Answer 158

A

The objective of defense in depth is to protect information and prevent it from being stolen by those who aren’t authorized to access it.

A defense-in-depth strategy uses a series of mechanisms to slow the advance of an attack that aims at acquiring unauthorized access to data.

Answer 159

A

The objective of defense in depth is to protect information and prevent it from being stolen by those who aren’t authorized to access it.

A defense-in-depth strategy uses a series of mechanisms to slow the advance of an attack that aims at acquiring unauthorized access to data.

Answer 160

A

1) The physical security layer is the first line of defense to protect computing hardware in the datacenter.
2) The identity and access layer controls access to infrastructure and change control.
3) The perimeter layer uses distributed denial of service (DDoS) protection to filter large-scale attacks before they can cause a denial of service for users.
4) The network layer limits communication between resources through segmentation and access controls.
5) The compute layer secures access to virtual machines.
6) The application layer helps ensure that applications are secure and free of security vulnerabilities.
7) The data layer controls access to business and customer data that you need to protect.

Answer 161

A

The principle of least privilege means restricting access to information only to individuals explicitly granted access, at only the level that they need to perform their work. This information includes protection of user passwords, email content, and access levels to applications and underlying infrastructure.

Answer 162

A

The common principles used to define a security posture are confidentiality, integrity, and availability, known collectively as CIA.

Answer 163

A

The integrity of data must be preserved by preventing unauthorized changes to information:

At rest: when it’s stored.
In transit: when it’s being transferred from one place to another, including from a local computer to the cloud.

A common approach used in data transmission is for the sender to create a unique fingerprint of the data by using a one-way hashing algorithm. The hash is sent to the receiver along with the data. The receiver recalculates the data’s hash and compares it to the original to ensure that the data wasn’t lost or modified in transit.

Answer 164

A

The availability principle must ensure that services are functioning and can be accessed only by authorized users. Denial-of-service attacks are designed to degrade the availability of a system, affecting its users.

Answer 165

A

A managed, cloud-based network security service that helps protect resources in your Azure virtual networks. A virtual network is similar to a traditional network that you’d operate in your own datacenter. It’s a fundamental building block for your private network that enables virtual machines and other compute resources to securely communicate with each other, the internet, and on-premises networks.

Answer 166

A

Built-in high availability.
Unrestricted cloud scalability.
Inbound and outbound filtering rules.
Inbound Destination Network Address Translation (DNAT) support.
Azure Monitor logging.

Answer 167

A

Application rules that define fully qualified domain names (FQDNs) that can be accessed from a subnet.
Network rules that define source address, protocol, destination port, and destination address.
Network Address Translation (NAT) rules that define destination IP addresses and ports to translate inbound requests.

Answer 168

A

Azure Application Gateway provides a firewall that’s called the web application firewall (WAF). WAF provides centralized, inbound protection for your web applications against common exploits and vulnerabilities. Azure Front Door and Azure Content Delivery Network also provide WAF services.

Answer 169

A

Basic and Standard

Basic

The Basic service tier is automatically enabled for free as part of your Azure subscription.

Always-on traffic monitoring and real-time mitigation of common network-level attacks provide the same defenses that Microsoft’s online services use. The Basic service tier ensures that Azure infrastructure itself is not affected during a large-scale DDoS attack.

The Azure global network is used to distribute and mitigate attack traffic across Azure regions.

Standard

The Standard service tier provides additional mitigation capabilities that are tuned specifically to Azure Virtual Network resources. DDoS Protection Standard is relatively easy to enable and requires no changes to your applications.

The Standard tier provides always-on traffic monitoring and real-time mitigation of common network-level attacks. It provides the same defenses that Microsoft’s online services use.

Protection policies are tuned through dedicated traffic monitoring and machine learning algorithms. Policies are applied to public IP addresses, which are associated with resources deployed in virtual networks such as Azure Load Balancer and Application Gateway.

The Azure global network is used to distribute and mitigate attack traffic across Azure regions.

Answer 170

A

Volumetric attacks

The goal of this attack is to flood the network layer with a substantial amount of seemingly legitimate traffic.

Protocol attacks

These attacks render a target inaccessible by exploiting a weakness in the layer 3 and layer 4 protocol stack.

Resource-layer (application-layer) attacks (only with web application firewall)

These attacks target web application packets to disrupt the transmission of data between hosts. You need a web application firewall (WAF) to protect against L7 attacks. DDoS Protection Standard protects the WAF from volumetric and protocol attacks.

Answer 171

A

A network security group enables you to filter network traffic to and from Azure resources within an Azure virtual network. You can think of NSGs like an internal firewall. An NSG can contain multiple inbound and outbound security rules that enable you to filter traffic to and from resources by source and destination IP address, port, and protocol.

Answer 172

A

Name: A unique name for the NSG.
Priority: A number between 100 and 4096. Rules are processed in priority order, with lower numbers processed before higher numbers.
Source or Destination: A single IP address or IP address range, service tag, or application security group.
Protocol TCP, UDP, or Any.
Direction: Whether the rule applies to inbound or outbound traffic.
Port Range: A single port or range of ports.
Action: Allow or Deny.

Answer 173

A

The TCO Calculator helps you estimate the cost savings of operating your solution on Azure over time, instead of in your on-premises datacenter.

The term total cost of ownership is commonly used in finance. It can be hard to see all the hidden costs related to operating a technology capability on-premises. Software licenses and hardware are additional costs.

Answer 174

A

Free trial

A free trial subscription provides you with 12 months of popular free services, a credit to explore any Azure service for 30 days, and more than 25 services that are always free. Your Azure services are disabled when the trial ends or when your credit expires for paid products, unless you upgrade to a paid subscription.

Pay-as-you-go

A pay-as-you-go subscription enables you to pay for what you use by attaching a credit or debit card to your account. Organizations can apply for volume discounts and prepaid invoicing.

Member offers

Your existing membership to certain Microsoft products and services might provide you with credits for your Azure account and reduced rates on Azure services. For example, member offers are available to Visual Studio subscribers, Microsoft Partner Network members, Microsoft for Startups members, and Microsoft Imagine members.

Answer 175

A

There are three main ways to purchase services on Azure. They are:

Through an Enterprise Agreement

Larger customers, known as enterprise customers, can sign an Enterprise Agreement with Microsoft. This agreement commits them to spending a predetermined amount on Azure services over a period of three years. The service fee is typically paid annually. As an Enterprise Agreement customer, you’ll receive the best customized pricing based on the kinds and amounts of services you plan on using.

Directly from the web

Here, you purchase Azure services directly from the Azure portal website and pay standard prices. You’re billed monthly, as a credit card payment or through an invoice. This purchasing method is known as Web Direct.

Through a Cloud Solution Provider

A Cloud Solution Provider (CSP) is a Microsoft Partner who helps you build solutions on top of Azure. Your CSP bills you for your Azure usage at a price they determine. They also answer your support questions and escalate them to Microsoft, as needed.

Answer 176

A

Resource type
Resource usage
Azure subscription types
Location
Zones for billing of network traffic

Answer 177

A

The Pricing calculator displays Azure products in categories. You add these categories to your estimate and configure according to your specific requirements. You then receive a consolidated estimated price, with a detailed breakdown of the costs associated with each resource you added to your solution. You can export or share that estimate or save it for later. You can load a saved estimate and modify it to match updated requirements.

You also can access pricing details, product details, and documentation for each product from within the Pricing calculator.

Answer 178

A

The options that you can configure in the Pricing calculator vary between products, but they can include:

Region

A region is the geographical location in which you can provision a service. Southeast Asia, Central Canada, Western United States, and Northern Europe are a few examples.

Tier

Tiers, such as the Free tier or Basic tier, have different levels of availability or performance and different associated costs.

Billing options

Billing options highlight the different ways you can pay for a service. Options can vary based on your customer type and subscription type and can include options to save costs.

Support options

These options enable you to select additional support pricing options for certain services.

Programs and offers

Your customer or subscription type might enable you to choose from specific licensing programs or other offers.

Azure Dev/Test pricing

This option lists the available prices for development and test workloads. Dev/Test pricing applies when you run resources within an Azure subscription that’s based on a Dev/Test offer.

Answer 179

A

Choose cost-effective operating systems, Use Azure Hybrid Benefit to repurpose software licenses on Azure, Migrate from IaaS to PaaS services, Delete unused resources, Deallocate virtual machines during off hours, Resize underutilized virtual machines, Apply tags to identify cost owners, Use Azure Cost Management + Billing to control spending, Research available cost-saving offers, Choose low-cost locations and regions, Use Azure Reservations to prepay, Use spending limits to restrict your spending, Use Azure Advisor to monitor your usage, Understand estimated costs before you deploy

Answer 180

A

A service-level agreement (SLA) is a formal agreement between a service company and the customer. For Azure, this agreement defines the performance standards that Microsoft commits to for you, the customer.

Answer 181

A

Introduction

This section explains what to expect in the SLA, including its scope and how subscription renewals can affect the terms.

General terms

This section contains terms that are used throughout the SLA so that both parties (you and Microsoft) have a consistent vocabulary. For example, this section might define what’s meant by downtime, incidents, and error codes.

This section also defines the general terms of the agreement, including how to submit a claim, receive credit for any performance or availability issues, and limitations of the agreement.

SLA details

This section defines the specific guarantees for the service. Performance commitments are commonly measured as a percentage. That percentage typically ranges from 99.9 percent (“three nines”) to 99.99 percent (“four nines”).

The primary performance commitment typically focuses on uptime, or the percentage of time that a product or service is successfully operational. Some SLAs focus on other factors as well, including latency, or how fast the service must respond to a request.

This section also defines any additional terms that are specific to this service.

Answer 182

A

A service credit is the percentage of the fees you paid that are credited back to you according to the claim approval process.

An SLA describes how Microsoft responds when an Azure service fails to perform to its specification. For example, you might receive a discount on your Azure bill as compensation when a service fails to perform according to its SLA.

Credits typically increase as uptime decreases

Answer 183

A

Azure status provides a global view of the health of Azure services and regions. If you suspect there’s an outage, this is often a good place to start your investigation.

Azure status provides an RSS feed of changes to the health of Azure services that you can subscribe to. You can connect this feed to communication software such as Microsoft Teams or Slack.

From the Azure status page, you can also access Azure Service Health. This provides a personalized view of the health of the Azure services and regions that you’re using, directly from the Azure portal.

Answer 184

A

Typically, you need to file a claim with Microsoft to receive a service credit. If you purchase Azure services from a Cloud Solution Provider (CSP) partner, your CSP typically manages the claims process.

Each SLA specifies the timeline by which you must submit your claim and when Microsoft processes your claim. For many services, you must submit your claim by the end of the calendar month following the month in which the incident occurred.

Answer 185

A

Usage patterns define when and how users access your application.

One question to consider is whether the availability requirement differs between critical and non-critical time periods. For example, a tax-filing application can’t fail during a filing deadline.

Answer 186

A

The process of combining SLAs helps you compute the composite SLA for a set of services. Computing the composite SLA requires that you multiply the SLA of each individual service.

Answer 187

A

Choose customization options that fit your required SLA
Build availability requirements into your design
Include redundancy to increase availability

Answer 188

A

The service lifecycle defines how every Azure service is released for public use.

Every Azure service starts in the development phase. In this phase, the Azure team collects and defines its requirements, and begins to build the service.

Next, the service is released to the public preview phase. During this phase, the public can access and experiment with it and provide real-world feedback. Your feedback helps Microsoft improve services. More importantly, providing feedback gives you the opportunity to request new or different capabilities so that services better meet your needs.

After a new Azure service has been validated and tested, it’s released to all customers as a production-ready service. This is known as general availability (GA).

Brainscape's Knowledge GenomeTM

AZ900 Certification Flashcards

Brainscape's Knowledge Genome^TM