Azure Architecture and Services Flashcards
The Azure free account includes free access to popular Azure products for how long?
12 Months
What is a geographical area on the planet that contains at least one, but potentially multiple datacenters that are nearby and networked together with a low-latency network?
A region
Availability zones are connected through what?
High-speed, private fiber-optic networks
To ensure resiliency, how many separate availability zones are present in all availability zone-enabled regions?
At least three.
What can you use to run mission-critical applications and build high-availability into your application architecture?
Availability Zones
When you pin a resource to a specific zone, you’re using what kind of Azure service?
A zonal service
Zone-redundant services do what?
Replicate automatically across zones
Services that are always available from Azure geographies are known as what?
Non-regional services
What provides a level of scope above subscriptions?
Azure management groups
Resource groups are gathered into what?
Subscriptions
How many management groups can be supported in a single directory?
10,000
How many levels of depth can a management group tree support?
Six, not including the root level or the subscription level.
How many parents can a management group have?
One
How many parents can a subscription have?
One
How many resource groups can a resource be in at the same time?
One
What happens to the resources within a resource group when an action or setting at the Resource Group level is applied?
The setting is applied to current and future resources.
What Azure feature replicates resources across regions that are at least 300 miles away from each other?
Region pairs
Data in an Azure Storage account is replicated how many times in the primary region?
Three
What are the two options for how your data is replicated in the primary region?
Locally redundant storage (LRS) and zone-redundant storage (ZRS)
What replicates your data three times within a single data center in the primary region?
Locally redundant storage (LRS)
What is the lowest-cost redundancy option for Azure storage?
Locally redundant storage (LRS)
What replicates your Azure Storage data synchronously across three Azure availability zones in the primary region?
Zone-redundant storage (ZRS)
What are two storage options for copying your data to a secondary region?
Geo-redundant storage (GRS) and geo-zone-redundant storage (GZRS)
What copies your data asynchronously to a single physical location in a secondary region, from a single physical location in the primary region?
Geo-redundant storage (GRS)
What is a massively scalable object store for text and binary data?
Azure Blobs
What manages file shares for cloud or on-premises deployments?
Azure Files
What is a messaging store for reliable messaging between application components?
Azure Queues
What is a messaging store for reliable messaging between application components?
Azure Queues
What are block-level storage volumes for Azure VMs?
Azure Disks
Data in Azure Storage is accessible from anywhere in the world over what?
HTTP or HTTPS
What storage type has multiple access tiers?
Blob storage
What access tiers for Blob storage can be set at the account level?
Hot and cool
What is a service that helps you migrate from an on-premises environment to the cloud?
Azure Migrate
Which Azure Migrate tool is a stand-alone tool to assess SQL Servers?
Data Migration Assistant
Which tool is used to migrate on-premises databases to Azure VMs running SQL Server, Azure SQL Database, or SQL Managed Instances?
Azure Database Migration Service
What tool is used to migrate VMware VMs, Hyper-V VMs, physical servers, other virtualized servers, and public cloud VMs to Azure?
Azure Migrate: Server Migration
What is a standalone tool to assess on-premises websites for migration to Azure App Service?
Web app migration assistant
What is used to discover and assess on-premises servers running on VMware, Hyper-V, and physical servers in preparation for migration to Azure?
Azure Migrate: Discovery and assessment
Which product is used to move large amounts of offline data to Azure?
Azure Data Box
What is a command-line utility that you can use to copy blobs or files to or from your storage account?
AzCopy
What is a standalone app that provides a graphical interface to manage files and blobs in your Azure Storage Account?
Azure Storage Explorer
What is a tool that lets you centralize your file shares in Azure Files and keep the flexibility, performance, and compatibility of a Windows file server?
Azure File Sync
Which tool automatically keeps files between an on-premises Windows server and an Azure cloud environment updated?
Azure File Sync
Which storage redundancy option provides the highest degree of durability, with 16 nines of durability?
Geo-redundant storage and Geo-zone-redundant-storage
Which Azure Storage service supports big data analytics, as well as handling text and binary data types?
Azure Blobs
What allows you to centrally manage, configure, and update a large number of VMs in minutes?
Virtual machine scale sets
What groups VMs that can be rebooted at the same time?
Update domain grouping
What groups VMs by common power source and network switch?
Fault domain grouping
What are designed to ensure that VMs stagger updates and have varied power and network connectivity, preventing you from losing all your VMs with a single network or power failure?
Virtual machine availability sets
What is a desktop and application virtualization service that runs on the cloud?
Azure Virtual Desktop
What provides centralized security management for users’ desktops with Azure Active Directory (Azure AD)?
Azure Virtual Desktop
What are a platform as a service (PaaS) offering and offer the fastest and simplest way to run a container in Azure?
Azure Container Instances
What is an event-driven, serverless compute option that doesn’t require maintaining virtual machines or containers?
Azure Functions
What are commonly used when you need to perform work in response to an event (often via a REST request), timer, or message from another Azure service?
Azure Functions
What enables you to build and host web apps, background jobs, mobile back-ends, and RESTful APIs in the programming language of your choice without managing infrastructure?W
App Service
What enables Azure resources, such as VMs, web apps, and databases, to communicate with each other, with users on the internet, and with your on-premises client computers?
Azure Virtual Networking
What network connections are from a computer outside your organization back into your corporate network?
Point-to-site virtual private network connections
What links on-premises VPN devices or gateways to the Azure VPN gateway in a virtual network?
Site-to-site virtual private networks
What provides a dedicated private connectivity to Azure that doesn’t travel over the internet?
Azure ExpressRoute
What are typically deployed to connect two or more trusted private networks to one another over an untrusted network (typically the public internet)?
Virtual private networks (VPNs)
Dynamic routing between your network and Microsoft via Border Gateway Protocol (BGP) is a benefit of what?
Azure ExpressRoute
You have an office in Asia and a datacenter in Europe, both with ExpressRoute circuits connecting them to the Microsoft network. What do you use to connect those two facilities, allowing them to communicate without transferring data over the public internet?
ExpressRoute Global Reach
What protocol is used to exchange routes between on-premises networks and resources running in Azure?
Border Gateway Protocol (BGP)
What refers to your datacenter, office, or other facility being physically co-located at a cloud exchange, such as an ISP?
CloudExchange colocation
What refers to your datacenter, office, or other facility being physically co-located at a cloud exchange, such as an ISP?
CloudExchange colocation
What integrates your wide area network (WAN) with Azure by providing connections to your offices and datacenters?
An Any-to-any connection
What is a hosting service that provides name resolution by using Microsoft Azure infrastructure?
Azure DNS
Azure DNS is based on what?
Azure Resource Manager
Which Azure Virtual Machine feature staggers updates across VMs based on their update domain and fault domain?
Availability sets
Which Azure service allows users to use a cloud hosted version of Windows from any location and connect from most modern browsers?
Azure Virtual Desktop
What is a directory service that enables you to sign in and access both Microsoft cloud applications and cloud applications that you develop?
Azure Active Directory (Azure AD)
What is Microsoft’s cloud-based identity and access management service?
Azure AD
What is a service that provides managed domain services such as domain join, group policy, lightweight directory access protocol (LDAP), and Kerberos/NTLM authentication?
Azure Active Directory Domain Services (Azure AD DS)
What enables a user to sign in one time and use that credential to access multiple resources and applications from different providers?
Single sign-on (SSO)
What is the process of prompting a user for an extra form (or factor) of identification during the sign-in process?
Multifactor authentication
What is a Microsoft service that provides multifactor authentication capabilities?
Azure AD Multi-Factor Authentication
Fast Identity Online (FIDO) is an open standard for what?
Passwordless authentication
What allows users and organizations to leverage the standard to sign-in to their resources without a username or password by using an external security key or a platform key built into a device?
FIDO (Fast IDentity Online)
What refers to all the ways you can securely interact with users outside of your organization?
Azure AD External Identities
What is a tool that Azure Active Directory uses to allow (or deny) access to resources based on identity signals?
Conditional Access
What is a security model that assumes the worst case scenario and protects resources with that expectation?
Zero Trust
What strategy uses a series of mechanisms to slow the advance of an attack that aims at acquiring unauthorized access to data?
A defense-in-depth strategy
What is a monitoring tool for security posture management and threat protection?
Microsoft Defender for Cloud
Which Azure Active Directory tool can vary the credentials needed to log in based on signals, such as where the user is located?
Conditional Access
Which security model assumes the worst-case security scenario, and protects resources accordingly?
Zero trust
A user is simultaneously assigned multiple roles that use role-based access control. What are their actual permissions? The role permissions are: Role 1 - read || Role 2 - write || Role 3 - read and write.
Read and write
