Azure

Question 1

Microsoft Entra ID

Answer 1

is cloud-based identity and access management service provided by Microsoft, a comprehensive solution for managing identities, enforcing access policies, and securing your applications and data in the cloud and on-premises.

It’s not a part of the core infrastructure that customers own and manage, nor is it an Infrastructure as a service offering. While this implies that you have less control over its implementation, it also means that you don’t have to dedicate resources to its deployment or maintenance.

Question 2

Active Directory Domain Services

Answer 2

is a directory service that provides the methods for storing directory data, such as user accounts and passwords, and makes this data available to network users, administrators, and other devices and services. It runs as a service on Windows Server, referred to as a domain controller.

Question 3

tenant

Answer 3

The term tenant in this context typically represents a company or organization that signed up for a subscription to a Microsoft cloud-based service such as Microsoft 365, Intune, or Azure, each of which uses Microsoft Entra ID.

Question 4

Objects of the Application and servicePrincipal classes represent applications in Microsoft Entra ID.

Answer 4

An object in the Application class contains an application definition and an object in the servicePrincipal class constitutes its instance in the current Microsoft Entra tenant.

Separating these two sets of characteristics allows you to define an application in one tenant and use it across multiple tenants by creating a service principal object for this application in each tenant. Microsoft Entra ID creates the service principal object when you register the corresponding application in that Microsoft Entra tenant.

Question 5

Azure, one key issue is how to provide authentication services to these apps

Answer 5

To satisfy this need, you can choose to implement a site-to-site virtual private network (VPN) between your local infrastructure and the Azure IaaS, or you can deploy replica domain controllers from your local AD DS as virtual machines (VMs) in Azure.

Question 6

Microsoft Entra Domain Services

Answer 6

This service, which runs as part of the Microsoft Entra ID P1 or P2 tier, provides domain services such as Group Policy management, domain joining, and Kerberos authentication to your Microsoft Entra tenant. These services are fully compatible with locally deployed AD DS, so you can use them without deploying and managing additional domain controllers in the cloud.

Question 7

Microsoft Entra Connect

Answer 7

users can utilize organizational credentials in both on-premises AD DS and in Microsoft Entra Domain Services. Even if you don’t have AD DS deployed locally, you can choose to use Microsoft Entra Domain Services as a cloud-only service

Question 8

Virtual machine data

Answer 8

Virtual machine data storage includes disks and files. Disks are persistent block storage for Azure IaaS virtual machines. Files are fully managed file shares in the cloud.

Each data disk has a maximum capacity of 32,767 GB.

Question 9

Structured data

Answer 9

Structured data is stored in a relational format that has a shared schema. Structured data is often contained in a database table with rows, columns, and keys. Tables are an autoscaling NoSQL store.

Structured data can be stored by using Azure Table Storage, Azure Cosmos DB, and Azure SQL Database. Azure Cosmos DB is a globally distributed database service. Azure SQL Database is a fully managed database-as-a-service built on SQL.

Question 10

Standard storage accounts

Answer 10

are backed by magnetic hard disk drives (HDD). A standard storage account provides the lowest cost per GB. You can use Standard storage for applications that require bulk storage or where data is infrequently accessed.

Question 11

Premium storage accounts

Answer 11

are backed by solid-state drives (SSD) and offer consistent low-latency performance. You can use Premium storage for Azure virtual machine disks with I/O-intensive applications like databases.

Question 12

Azure Blob Storage (containers):

Answer 12

A massively scalable object store for text and binary data

Question 13

Azure Files

Answer 13

Managed file shares for cloud or on-premises deployments.

Question 14

Azure Queue Storage

Answer 14

A messaging store for reliable messaging between application components.

Question 15

Azure Table Storage

Answer 15

A service that stores nonrelational structured data (also known as structured NoSQL data).

Question 16

Azure Storage offers four data services that can be accessed by using an Azure storage account

Answer 16

Azure Blob Storage (containers): A massively scalable object store for text and binary data.

Azure Files: Managed file shares for cloud or on-premises deployments.

Azure Queue Storage: A messaging store for reliable messaging between application components.

Azure Table Storage: A service that stores nonrelational structured data (also known as structured NoSQL data).