Azure Achitecture and Services 2.2 Flashcards

Compute and Networking

1
Q

Azure VMs

A

Server virtualization (compute)
on-demand without need for hardware purchase

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Virtual machine
scale sets

A

Allow you to create and manage a group of
identical, load-balanced VMs.
The number of VM instances can automatically
increase or decrease in response to demand or
based on a schedule.
Focus = scale (scalability, capacity)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Virtual machine
availability sets

A

Help build a more resilient, highly available
environment by staggering VM updates and
ensuring varied power and network connectivity.
Focus = resiliency (availability)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Virtual machine
availability sets

A

They do this through two mechanisms:
FAULT DOMAINS and UPDATE DOMAINS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Update Domains

A

Allows you to apply updates while knowing
that only one update domain grouping will
be offline at a time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Fault Domains

A

Groups your VMs by common power source
and network switch.
By default, an availability set will split your VMs
across up to three fault domains.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Azure Virtual Desktop

A

A desktop and app virtualization
service that runs in Microsoft Azure.
Enable IT Pros and MSPs to create Windows
10 & 11 virtual desktops in Azure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Azure Container Instance (ACI)

A

Runs Docker containers on-demand in a
managed, serverless Azure environment.
A solution for any scenario that can operate
in isolated containers, without orchestration.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Azure Kubernetes Services (AKS)

A

A hosted Kubernetes service, where
Azure handles critical tasks like health
monitoring and maintenance for you.
You pay only for the agent nodes within
your clusters, not for the masters (free tier).
For a financially backed SLA, you pay a few
cents per hour for cluster management.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

VM Resource Requirements

A

Virtual Disk
Virtual Network (VNET)
Network Interface (Virtual NIC)
Network Security Group
Public IP Address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

App Service

A

An HTTP-based service for hosting
web applications, REST APIs, and mobile back ends.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

App Service Types

A

Web apps
API apps
Web jobs
Mobile apps

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

App Service Web apps

A

Using ASP.NET, ASP.NET
Core, Java, Ruby, Node.js,
PHP, or Python.
Run on Windows or Linux as
host OS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

App Service API apps

A

Build REST-based web APIs
by using your choice of
language and framework.
Full Swagger support and
publish to Azure Marketplace.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

App Service Web jobs

A

Run a program (.exe, Java, PHP,
Python, or Node.js) or script
(.cmd, .bat, PowerShell, or Bash)
in the same context as a web
app, API app, or mobile app.
Can be scheduled or run by a
trigger.
Often used to run background
tasks as part of your application
logic.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

App Service Mobile apps

A

Used to quickly build a back end
for iOS and Android apps.
Enables auth with social identity
providers, send push notifications,
and execute backend logic.

17
Q

Virtual Network VNET

A

A logical representation of your network in Azure.
A VNET contains one or more SUBNETS.
VNETs provide logical isolation in
Azure dedicated to your subscription.

18
Q

Virtual Network VNET benefits

A

Create a dedicated private cloud-only network.
Securely extend your data center (Site-to-Site VPN).
Enable hybrid cloud scenarios.

19
Q

Virtual Network VNET Rule

A

VMs in different VNETS cannot communicate by default

20
Q

Virtual Subnet

A

Segment address space of VNET to create sub-networks.
Allows Azure resource deployment into a specific subnet.
Can affect outbound access and routing traffic between resources.

21
Q

Virtual Subnet Rule

A

VMs in different subnets within a VNET can communicate by default!

22
Q

VPN Gateway

A

Core component of “hybrid cloud”
A virtual network gateway that sends encrypted traffic between an Azure VNET and
an on-premises location over the Internet.

23
Q

VPN Rule

A

site-to-site VPN traffic traverses the Internet

24
Q

VNET Peering

A

Enables seamless connection of two or more Virtual Networks in Azure.
The two networks function as one in terms of connectivity.

25
Q

ExpressRoute

A

Extends your on-premises networks into
Azure over a private connection with
the help of a connectivity provider

26
Q

ExpressRoute Rule

A

traffic does NOT traverse the Internet

27
Q

Azure DNS

A

a hosting service for DNS domains that
provides name resolution by using
Microsoft Azure infrastructure.
Can provide internal and external DNS.

28
Q

Service Endpoint

A

Provides a way to lock down access to all instances of a PaaS
service to a VNET.
Accessible from public Internet

29
Q

Private Endpoint

A

Grants access to a specific instance (resource) of a PaaS service in your VNET
on a private IP address.
Enables access from on premises without public endpoint

30
Q

Defense in-Depth

A

A layered (defense in depth) approach that does not rely on one method to completely protect your environment.

31
Q

Network Security Group

A

Contains security rules that allow or deny
inbound network traffic to, or outbound network
traffic from, several types of Azure resources.
For each rule, you can specify source and
destination port and protocol.
Can be applied to a subnet or network adapter.

32
Q

Azure Firewall

A

A managed, cloud-based network security
service that protects your Azure Virtual Network resources.
It’s a fully stateful firewall as a service with
built-in high availability and unrestricted
cloud scalability.

33
Q

Azure DDoS

A

Standard tier provides enhanced DDoS mitigation
features to defend against DDoS attacks.
Also includes logging, alerting, and telemetry not
included in the free Basic tier present by default.