Azure Flashcards
Availability zone
You want to ensure your services and data are redundant so you can protect your information in case of failure .
Availability zones are physically separate datacenters within an Azure region. Each Availability zone is made up of one or more datacenters with independent power, cooling and networking.
Regions - list
Central US, East US2, West Europe, Southeast Asia
Availability zones - 2 categories
Zonal services - you pin the resource to a specific zone (VM, disks,..)
Zone-redundant services - platform replicates automatically across zones
Region pairs
Each Azure region is always paired with another region within the same geography at least 300 miles away
Azure virtual machine scale sets
a group of identical, load balanced VMs. The number of VM instances can automatically increase or decrease in response to demand or a defined schedule. Scale sets support up to 1,000 VM instances.
Azure Virtual Network
enables many types of Azure resources, such as Azure Virtual Machines (VM), to securely communicate with each other, the internet, and on-premises networks
VPN gateway
is a specific type of virtual network gateway that is used to send encrypted traffic between an Azure virtual network and an on-premises location over the public Internet.
Cosmos DB
Database that is replicated all over the regions
Azure Database Migration service
fully managed service designed to enable seamless migrations from multiple database sources to Azure data platforms with minimal downtime (online migrations).
Azure SQL Data Warehouse
is a cloud-based Enterprise Data Warehouse (EDW) that leverages Massively Parallel Processing (MPP) to quickly run complex queries across petabytes of data.
The Azure Internet of Things (IoT)
is a collection of Microsoft-managed cloud services that connect, monitor, and control billions of IoT assets.
IoT Central
This is a SaaS solution that helps you connect, monitor, and manage your IoT devices.
IoT Hub
This service allows you to connect from your devices to an IoT hub, and monitor and control billions of IoT devices. This is especially useful if you need bi-directional communication between your IoT devices and your back end.
Azure HDInsight
is a fully managed, full-spectrum, open-source analytics service for enterprises. Azure HDInsight can be used for a variety of scenarios in big data processing.
Azure Functions
is a serverless compute service that enables you to run code on-demand without having to explicitly provision or manage infrastructure.
Azure Logic Apps
Azure Logic Apps simplifies how you build automated scalable workflows that integrate apps and data across cloud services and on-premises systems.
Example uses for Event Grid
Serverless application architectures -use Event Grid to instantly trigger a serverless function to run image analysis each time a new photo is added to a blob storage container.
Ops automation - Event Grid can notify Azure Automation when a virtual machine is created
Application integration-
Azure Firewall
Azure Firewall is a managed, cloud-based network security service that protects your Azure Virtual Network resources. It is a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability.
Types of DDoS attacks that DDoS Protection Standard mitigates
Volumetric attacks: The attack’s goal is to flood the network layer with a substantial amount of seemingly legitimate traffic.
Protocol attacks
Resource (application) layer attacks: These attacks target web application packets, to disrupt the transmission of data between hosts. The attacks include HTTP protocol violations, SQL injection, cross-site scripting, and other layer 7 attacks.
Azure Key Vault
Cloud applications and services use cryptographic keys and secrets to help keep information secure. Azure Key Vault safeguards these keys and secrets.
Azure Information Protection
is a cloud-based solution that helps an organization to classify and optionally, protect its documents and emails by applying labels. Labels can be applied automatically by administrators who define rules and conditions, manually by users, or a combination where users are given recommendations.
Azure Advanced Threat Protection (ATP)
is a cloud-based security solution that leverages your on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization.
Azure Initiative
is a collection of policy definitions that are tailored towards achieving a singular overarching goal. Initiative definitions simplify managing and assigning policy definitions.
Lock
Lock resources to prevent unexpected changes. You can set the lock level to CanNotDelete or ReadOnly.
Azure Advisor
Advisor is a personalized cloud consultant that helps you follow best practices to optimize your Azure deployments.
Azure Monitor
collecting, analyzing, and acting on telemetry
Service Health
provides you with a customizable dashboard which tracks the health of your Azure services in the regions where you use them.
Azure Policy
Azure Policy is a service in Azure that you use to define, assign, and, manage standards for resources in your environment. It can prevent the creation of disallowed resources, ensure new resources have specific settings applied, and run evaluations of your existing resources to scan for non-compliance.
Azure Blueprint
Azure Blueprint is a declarative way to orchestrate the deployment of various resource templates and other artifacts, such as:
Role assignments
Policy assignments
Azure Resource Manager templates
Resource groups
compliance
https://docs.microsoft.com/en-us/learn/modules/intro-to-governance/6-azure-compliance
Azure Customer types
Enterprise
Web direct
Cloud Solution Provider
Azure Customer types - Enterprise
Enterprise - Enterprise customers sign an Enterprise Agreement with Azure that commits them to spend a negotiated amount on Azure services, which they typically pay annually. Enterprise customers also have access to customized Azure pricing.
Azure Customer types - Web direct
Web direct - Direct Web customers pay general public prices for Azure resources, and their monthly billing and payments occur through the Azure website.
Azure Customer types - Cloud Solution Provider
Cloud Solution Provider (CSP) typically are Microsoft partner companies that a customer hires to build solutions on top of Azure. Payment and billing for Azure usage occur through the customer’s CSP.
Subscription types
Free,
Pay as you go,
Enterprise ,
Student
