Azure Fundamentals Training Day

Question 1

Regions

Answer 1

Made up of one or more datacenters in close proximity for hosting Azure services

Question 2

Agility

Answer 2

Deploying and configuring cloud-based resources quickly as business requirements change

Question 3

Availability Zones

Answer 3

Physically separate datacenters within the same region
Provide protection against downtime due to datacenter failure
Each datacenter is equipped with independent power, cooling, and networking
Connected through private fiber-optic networks

Question 4

Region Pairs

Answer 4

Allow the replication of Azure resources across geographies to help ensure that a secondary region is available in case of any disaster at the primary region

Question 5

Azure Sovereign Regions

Answer 5

Separate instance of Azure, physically isolated from non-US government deployments
Accessible only to screened, authorized personnel
Meets the security and compliance needs of US federal agencies, state and local government

Question 6

Azure China

Answer 6

All data stays within China to ensure compliance
Physically separated instance of Azure cloud services

Question 7

___ can only be associated with a single subscription

Answer 7

Resources

Question 8

Resource Group

Answer 8

Logical container used to combine and organize Azure resources
Resources can only exist in one resource group
Resources can exist in different regions
Resources can be moved to different resource groups
Applications can utilize multiple resource groups

Question 9

What is an Azure Storage account named storage001 an example of?

Answer 9

A resource

Question 10

Azure Subscription

Answer 10

Provides you with authenticated and authorized access to Azure accounts

Question 11

Billing Boundary

Answer 11

Generate separate billing reports and invoices for each subscription

Question 12

Access Control Boundary

Answer 12

Manage and control access to the resources that users can provision with specific subscriptions

Question 13

Management Groups

Answer 13

Used to manage multiple Azure subscriptions at scale, including their access, policies, and compliance

Question 14

VM Scale Sets

Answer 14

Provide a load-balanced opportunity to automatically scale resources; scale out when resource needs increase, scale in when needs are lower

Question 15

VM Availability Sets

Answer 15

Groups VMs into three domains so that if power or network fails in one domain, VMs are still available from another domain

Question 16

Azure Container Instances

Answer 16

Allows you to deploy containers in Azure without having to provision or manage any underlying infrastructure

Question 17

Azure Container Apps

Answer 17

Fully managed serverless container service for building and deploying modern apps at scale

Question 18

Azure Kubernetes Service

Answer 18

An orchestration service for containers with distributed architectures and large volumes of containers

Question 19

Azure Functions

Answer 19

PaaS offering that supports serverless compute operations. Event-based code runs when called without requiring server infrastructure during inactive periods

Question 20

Azure App Services

Answer 20

Fully managed platform to build, deploy, and scale web apps and APIs quickly.
Works with .NET, .NET Core, Node.js, Java, Python, or php

Question 21

Azure Virtual Network (VNet)

Answer 21

Enables Azure resources to communicate with each other, the internet, and on-premises networks
Can be used for public or private access, virtual subnets, or network peering to connect private networks

Question 22

ExpressRoute

Answer 22

Extends on-prem networks into Azure over a private connection that is facilitated by a connectivity provider

Question 23

Azure DNS

Answer 23

Host and manage DNS domains or DNS zones through Azure

Question 24

Storage Accounts

Answer 24

Must have a globally unique name
Provides over-the-internet access worldwide
Determine storage and redundancy options

Question 25

LRS

Answer 25

Locally redundant storage
Single datacenter in primary region
11 nines durability

Question 26

ZRS

Answer 26

Zone redundant storage
Three availability zones in the primary region
12 nines durability

Question 27

GRS

Answer 27

Geo redundant storage
Single datacenter in the primary and secondary region
16 nines durability

Question 28

GZRS

Answer 28

Geo zone redundant storage
Three availability zones in the primary region and a single datacenter in the secondary region
16 nines durability

Question 29

Azure Blob

Answer 29

Optimized for storing massive amounts of unstructured data, such as text or binary data

Question 30

Azure Disk

Answer 30

Provides disks for VMs, applications, and other services to access and use

Question 31

Azure Queue

Answer 31

Message storage service that provides storage and retrieval for large amounts of messages, each up to 64KB
Commonly used to create a backlog of work to be accessed asynchronously

Question 32

Azure Files

Answer 32

Sets up a highly available network file share that can be accessed using the SMB protocol

Question 33

Azure Tables

Answer 33

Provides a key/attribute option for structured non-relational data storage with a schema-less design

Question 34

Azure storage tier optimized for frequently accessed data

Answer 34

Hot

Question 35

Azure storage tier optimized for storing data accessed infrequently and stored for at least 30 days

Answer 35

Cool

Question 36

Azure storage tier optimized for storing data accessed infrequently and stored for at least 90 days

Answer 36

Cold

Question 37

Azure storage tier optimized for storing data accessed rarely and stored for at least 180 days with flexible latency requirements

Answer 37

Archive

Question 38

Early removal of data from access tiers with storage requirements will result in ____

Answer 38

Fees

Question 39

Azure Migrate

Answer 39

Unified migration platform with a range of integrated and standalone tools. Performs assessment and migration of on prem datacenters to Azure

Question 40

Azure Data Box

Answer 40

Store up to 80 TB of data to move disaster recovery backups to Azure.
Protects data in a rugged case during transit.
Migrate data out of Azure for Compliance or regulatory needs
Migrate data to Azure from remote locations with limited or no connectivity

Question 41

AzCopy

Answer 41

Command line utility
Copy blobs or files to or from your storage account
One-direction synchronization

Question 42

Azure Storage Explorer

Answer 42

GUI compatible with Windows, MacOS, and Linux. Uses AzCopy to handle file operations

Question 43

Azure File Sync

Answer 43

Synchronizes Azure and on-prem Windows File Server in a bi-directional manner.
Cloud tiering keeps frequently accessed files local, while freeing up space
Rapid reprovisioning of failed local server (install and resync)

Question 44

Microsoft Entra ID

Answer 44

Azure’s cloud-based identity and access management service. Handles:
Authentication
SSO
Application management
Business to Business
Device management

Question 45

Microsoft Entra Domain Services

Answer 45

Cloud based domain services without managing domain controllers
Run legacy applications (that can’t use modern auth standards) in the cloud
Automatically sync from Microsoft Entra ID

Question 46

Microsoft Entra External ID B2B

Answer 46

A method to securely grant access to your resources with external partners, vendors, suppliers, or other collaborators.

Question 47

External Identities B2C

Answer 47

Allows customers/consumers of your app to sign up and sign in to utilize it
Automatically reacts to DoS and password spraying activities

Question 48

Conditional Access

Answer 48

Used to bring signals together, to make decisions, and enforce organizational policies. Based on:
User or Group Membership
IP Location
Device
Application
Risk Detection

Question 49

Azure RBAC

Answer 49

Role Based Access Control - applied to a scope (resource or set of resources the access applies to)
Enforces principle of least privilege by granting permissions that are appropriate for user’s role, nothing more

Question 50

How many pre-built RBAC roles are available in Azure?

Answer 50

70

Question 51

Owner Role

Answer 51

Grants full access to manage all resources, including the ability to assign roles in Azure RBAC

Question 52

Contributor Role

Answer 52

Grants full access to manage all resources, but does not allow role assignment in RBAC

Question 53

Reader Role

Answer 53

View all resources, but does not allow you to make any changes

Question 54

RBAC Administrator

Answer 54

Manage user access to Azure resources
Assign roles in RBAC
Assign themselves or others the Owner role
Can’t manage access using other ways, such as Azure Policy

Question 55

User Access Administrator

Answer 55

Manage user access to Azure resources

Question 56

Microsoft Defender for Cloud

Answer 56

Monitoring service that provides threat protection across both Azure and on-prem datacenters
Provides security recommendations
Detect and block malware
Analyze and identify potential attacks
Just-in-time access control for ports

Question 57

Azure Security Benchmark

Answer 57

Defender for Cloud feature that compares your environment to security best practices and makes recommendations to enhance security
Based on widely accepted compliance frameworks

Question 58

Factors Affecting Cost

Answer 58

Resource-Specific Costs
Consumption - pay-as-you-go
Maintenance- monitoring Azure footprint and mitigating costs that aren’t necessary
Geography- different costs per region
Network Traffic- outbound data or data between Azure resources is impacted by billing zones
Subscription

Question 59

Azure Marketplace

Answer 59

Allows customers to find, try, purchase, and provision applications and services from hundreds of leading service providers.

Question 60

Pricing Calculator

Answer 60

Tool that helps you estimate the cost of Azure products with configuration options like region, tier, etc

Question 61

TCO Calculator

Answer 61

Total Cost of Ownership
Allows prospective Azure customers to calculate cost of migration to Azure

Question 62

Azure Cost Management

Answer 62

Allows you to create and manage cost and usage budgets by monitoring resource demand trends, consumption rates, and cost patterns
Also allows you to use historical data to generate reports and forecast future usage and expenditures

Question 63

Tags

Answer 63

Provides metadata for your Azure resources. Offers custom grouping of resources based on tags
Logically organizes resources into a taxonomy
Consists of a name-value pair (example- owner: joe)

Question 64

Microsoft Purview

Answer 64

Family of data governance, risk, and compliance solutions that helps you get a single, unified view into your data
Automated data discovery
Sensitive data classification
End-to-end data lineage

Question 65

Azure Policy

Answer 65

Azure service that enables you to create, assign, and manage policies that control our audit resources. These policies enforce different rules across all resource configurations so they stay compliant with corporate standards.

Question 66

Resource Locks

Answer 66

Protect your Azure resources from accidental deletion or modification
Manage locks at subscription, resource group, or individual resource levels within Azure Portal

Question 67

Service Trust Portal

Answer 67

Publicly accessible website where Microsoft publishes audit reports- “built on a foundation of trust, security, and compliance”

Question 68

Azure Portal

Answer 68

GUI for interacting with Azure

Question 69

Azure Cloud Shell

Answer 69

Web based shell for interaction with Azure resources

Question 70

Azure PowerShell

Answer 70

Uses commandlets to perform administrative tasks on Azure resources

Question 71

CLI

Answer 71

Command Line Interface; similar capabilities as PowerShell for performing administrative tasks on Azure resources, however uses Bash

Question 72

Azure Resource Manager (ARM)

Answer 72

The deployment and management service for Azure that enables you to create, update, and delete resources in your Azure subscription

Question 73

ARM Templates

Answer 73

JSON files that define an application’s infrastructure requirements for a repeatable deployment that is done in a consistent manner.
A validation step ensures that all resources can be created in the proper order based on dependencies, in parallel, and without being altered

Question 74

Bicep

Answer 74

Language/syntax for ARM template creation

Question 75

Azure Arc

Answer 75

Multi-cloud and on-prem management platform
Lets you manage Windows and Linux physical servers and VMs hosted outside of Azure, on your corporate network, or other cloud provider

Question 76

Azure Advisor

Answer 76

Analyzes account usage and makes recommendations based on its set and configured rules
Recommendations can help improve reliability, security, and performance, achieve operational excellence, and reduce costs

Question 77

Azure Service Health

Answer 77

Provides details of planned maintenance and service outages, including official incident reports called root cause analysis which can be shared with stakeholders

Question 78

You need to allow resources on two different Azure virtual networks to communicate with each other. What should you configure?

Answer 78

Peering

Question 79

Service Endpoints

Answer 79

Used to expose Azure services to a virtual network, providing communication between the two

Question 80

NSGs

Answer 80

Network Security Groups
Allow you to configure inbound and outbound rules for virtual networks and virtual machines

Question 81

Which two services can you use to establish network connectivity between an on-prem network and Azure resources?

Answer 81

Azure VPN Gateway
ExpressRoute

Question 82

Application Insights

Answer 82

Feature of Azure Monitor that allows you to monitor running applications, automatically detect performance anomalies, and use built-in analytics tools to see what users do on an app

Question 83

Azure Monitor

Answer 83

Platform for collecting, analyzing, visualizing, and alerting based on metrics. Can log data from an entire Azure and on-prem environment.