Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Azure > Azure SQL Database > Flashcards

Azure SQL Database Flashcards

1
Q

What are the types of Azure SQL Databases (MS)

A
  1. SQL Virtual Machines
  2. SQL Managed Instance
  3. SQL Databases
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

When is it best to use Azure SQL Managed Instance?

A

best fit for most lift and shift to cloud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

When is it best to use Azure SQL Database?

A

Best for modern cloud applications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

When is it best to use Azure SQL Virtual Machines?

A

Best for VMs requiring OS-level access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Who is responsible for patching the operating system when using Azure SQL on virtual machines?

A

You are.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Who pats the SQL software when using Azure SQL on virtual machines?

A

You are.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

When using Azure SQL on virtual machines, what VM type should you be considering?

A

Consider memory-optimized or storage-optimized VM sizes for maximum performance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How can you quickly back up the VM running your Azure SQL on a virtual machine?

A

Use Azure Backup to backup the whole VM, and use consistent backup to create a consistent backup of the VM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is Azure SQL Database latency when data stays in the same region as going to a secondary?

A

All data passing over the network in a region is less than 2ms.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Explain how availability is achieved for the general-purpose tier for Azure SQL Database and Azure SQL Instance?

A

Data from the primary is stored in Azure Blob Storage, and there are three replicas; if the primary node compute fails, there are spare nodes kept available in the regional and one will be selected and pointed to the storage and booted to replace the failed primary

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Explain how availability is achieved for the business-critical tier for Azure SQL Database and Azure SQL Instance.

A

The business-critical data is stored on the node’s local disk, with several secondary nodes; data is sync replication and acknowledged from at least one node. This is called SQL always on

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Where is data stored when using the business-critical tier for Azure SQL Database and Azure SQL Instance?

A

Node local storage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Where is data stored when using the general-purpose tier for Azure SQL Database and Azure SQL Instance?

A

Azure Blog Storage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Explain always-on the context of Azure SQL Database and Azure SQL Instance?

A

In always-on, data is replicated between primary and secondary replicas; data can be synced or async.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What the the tiers available in Azure SQL?

A

General-purpose
Buisness-critical
Hyperscale

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

When would I use the General-Purpose Tier?

A
  1. Most general-purpose workloads
  2. moderate performance needs.
  3. Budget-friendly: Provides cost-effective options.
  4. Storage: Uses Azure Premium SSD for storage, with up to 8 TB of database size.
  5. Availability: Provides high availability using the Always On availability groups with automated backups and replication.
  6. Sutable for: Applications with standard OLTP workloads.
  7. Sutable for: Moderate transaction rates and throughput.
  8. Sutable for: Applications that need balanced performance at a lower cost.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

How is High-Availability achieved for the General-Purpose Tier for Azure SQL Database?

A

Availability: Provides high availability using the Always On availability groups with automated backups and replication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What workload is suitable for the General-Purpose Tier for Azure SQL Database?

A
  1. Most general-purpose workloads
  2. Moderate performance needs.
  3. Budget-friendly: Provides cost-effective options.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What workload is suitable for the General-Purpose Tier for Azure SQL Instance?

A
  1. Most general-purpose workloads
  2. Moderate performance needs.
  3. Budget-friendly: Provides cost-effective options.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What workload is suitable for the General-Purpose Tier for Azure SQL Instance?

A
  1. Applications with standard OLTP workloads.
  2. Moderate transaction rates and throughput.
  3. Applications that need balanced performance at a lower
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What workload is suitable for the General-Purpose Tier for Azure SQL Database?

A
  1. Applications with standard OLTP workloads.
  2. Moderate transaction rates and throughput.
  3. Applications that need balanced performance at a lower
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What are the purchasing models available for both Azure SQL Database and Instance?

A
  1. vCore
  2. DTU
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

For the purchasing model for both Azure SQL Database and Instance, what is the MS recommended model?

A

We recommend the vCore-based model because it allows you to independently select compute and storage resources. The DTU-based model is a bundled compute, storage, and I/O resource measure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What SSD types are used with the General-Purpose Tier for Azure SQL Database?

A

Azure Premium SSD for storage (Blob Storage)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What SSD types are used with the General-Purpose Tier for Azure SQL Instance?

A

Azure Premium SSD for storage (Blob Storage)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What SSD types are used with the Buisness-Critical Tier for Azure SQL Database?

A

Uses local SSDs to offer low-latency reads and writes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What SSD types are used with the Buisness-Critical Tier for Azure SQL Instance?

A

Uses local SSDs to offer low-latency reads and writes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

How is High-Availability acheived for the Business-Critical Tier for Azure SQL Database?

A

High availability: Three replicas in the primary region ensure higher availability. In this case, three replicas are in the same area with the same data, and data is synced using the sync process.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

How is High-Availability acheived for the Business-Critical Tier for Azure SQL Instance?

A

High availability: Three replicas in the primary region ensure higher availability. In this case, three replicas are in the same area with the same data, and data is synced using the sync process.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

For Azure SQL Database, explain backups.

A
  1. Azure SQL Database automatically creates
  2. Full Backup: Taken once a week.
  3. Differential Backup: Taken every 12 to 24 hours.
  4. Transaction Log Backup: Taken every 5 to 10 minutes.
  5. Stored in geo-redundant storage (GRS) by default, ensuring high availability and disaster recovery capabilities.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

For Azure SQL Database, what are the backup retention periods?

A
  1. Basic Tier: Backups are retained for seven days.
  2. Standard and Premium Tiers: Backups are retained for 35 days.
  3. Long-Term Retention (LTR): You can configure long-term retention for up to 10 years if needed, by moving backups to Azure Blob Storage.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

For Azure SQL Database, do you select the retention periods?

A
  1. Basic Tier: Backups are retained for 7 days.
  2. Standard and Premium Tiers: Backups are retained for 35 days by default.
  3. Custom retention period up to 10 year
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Can I restore the Azure SQL Database to any point in time? If so, please explain.

A

You can restore the database to any point in time within the retention period. This feature helps recover from accidental data changes or corruption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

For Azure SQL Instance, explain backups?

A
  1. Azure SQL Instance automatically creates
  2. Full Backup: Taken once a week.
  3. Differential Backup: Taken every 12 to 24 hours.
  4. Transaction Log Backup: Taken every 5 to 10 minutes.
  5. Stored in geo-redundant storage (GRS) by default, ensuring high availability and disaster recovery capabilities.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

For Azure SQL Instance, explain backup retention?

A
  1. Automated backups are retained for 7 to 35 days, depending on your configuration and service tier.

2.Long-Term Retention (LTR): Similar to Azure SQL Database, you can configure long-term retention for up to 10 years.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

What are my deployment options for SQL in Azure

A
  1. Azure SQL on a VM
  2. Azure SQL Instance
  3. Azure SQL Database
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

For Azure SQL Database, what pricing tiers are available?

A
  1. vCore: General Purpose
  2. vCore: Business Critical
  3. vCore: Hyperscale
  4. DTU: Basic
  5. DTU: Standard
  6. DTU: Premium
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Does Azure SQL Instance support SQL Server Integration Services?

A

SQL Server Integration Services (SSIS) is supported

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Does Azure SQL Databasesupport SQL Server Integration Services?

A

No

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Does Azure SQL Instance support Cross Database transactions?

A

No

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Does Azure SQL Instance support Linked Services?

A

No

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Does Azure SQL Instance support CLR?

A

No

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

Does Azure SQL Instance support Service Broker?

A

No

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

Does Azure SQL Instance support SQL Server Replication?

A

No

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

Does Azure SQL Instance support Database Mail?

A

No

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

Does Azure SQL Instance support Stretch Database?

A

No

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

Does Azure SQL Instance support Data Quality Service?

A

No

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

What is the upper limit to retain automatic backups for Azure SQL Database and Azure SQL Instance?

A

10year

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

How are backups handled in Azure SQL Instance?

A
  1. Backups are automatic
  2. Full weekly backup
  3. Diff backups every 12 - 24 hrs
  4. Transaction log backups every 5 - 10 min
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

How long are backups retained in Azure SQL Instance?

A
  1. Default retention is 7 to 35 days
  2. Long Term Retention up to 10 years
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

Explain how to recover a recent backup in Azure SQL Instance?

A
  1. Use point-in-time restore
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

How are backups handled in Azure SQL Instance?

A
  1. Backups are automatic
  2. Full weekly backup
  3. Diff backups every 12 - 24 hrs
  4. Transaction log backups every 5 - 10 min
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

How long are backups retained in Azure SQL Instance?

A
  1. Default retention is 7 to 35 days
  2. Long Term Retention up to 10 years
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

Explain how to recover a recent backup in Azure SQL Instance?

A

Use point-in-time restore

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

Do I manually tune for performance for the Azure SQL Instance and Database performance?

A

No it is automatic performance tuning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

Should I be concerned about the database version for the Azure SQL Instance?

A

No, the Azure SQL Instance is updated by MS to the latest release to fix issues.
1. Latest version
2. Version less

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

Should I be concerned about the database version of the Azure SQL Database?

A

No, the Azure SQL Database is updated by MS to the latest release to fix issues.
1. Latest version
2. Version less

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

I wnat to use the Azure Hybrid Benefit model with Azure SQL Database and Instance; what purchasing model should I use?

A

Use the vCore model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

Can I use Hybrid Benefits with Azure SQL?

A

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

You have a web application that uses Azure SQL Database as its backend. The database contains sensitive customer data that must be protected from unauthorized access. It would be best to recommend a solution implementing row-level security (RLS) in the database. The solution must meet the following requirements: * Allow users to access only the data that is relevant to them. * Ensure that users cannot access data that is not relevant to them. * Minimize the amount of administration required to manage the security. What should you include in the recommendation?

A

RLS is a feature in Azure SQL Database that restricts data access for specific rows in a table, based on the characteristics of the user executing the query. RLS ensures that users can only view and manipulate rows of data they are authorized to access, which aligns perfectly with the requirement of allowing users to access only the relevant data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

Explain how RLS works in Azure SQL Database?

A
  1. Security Policies: You define a security policy that enforces the restrictions for each query executed by a user. This policy can include a predicate that is evaluated for each query.
  2. Filter Predicate: A function returns a boolean value to decide which rows the user can access. This predicate is applied every time a query runs on a table with RLS enabled.
  3. Block Unauthorized Access: Users will automatically be blocked from accessing rows that do not match the filter predicate.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

Explain how RLS is used in the Azure SQL Database?

A

Query data is filtered based on user, so the users only return a subset of the database data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

Explain an Azure SQL Instance SQL Server-level Firewall Rule?

A

Controls access to the entire network ranges or specific IP addresses across all databases under the server. This is beneficial for managing multiple applications or clients accessing different databases but sharing the same security policies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
64
Q

Using SQL Server-level Firewall Rule, can you specify a database to an IP?

A

No, SQL Server-level firewall rules in Azure SQL cannot be used to specify access to a single database for a particular IP address. These rules operate at the server level, meaning they control access for all databases under the server. Once an IP address is allowed at the server level, that IP can access any database on that server, provided the user has the necessary authentication and permissions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
65
Q

When using Azure SQL Service Instance SQL Server-level Firewall Rules, what is the scope of the rules?

A

All databases belong to the server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
66
Q

I have three databases running on an Azure SQL server instance; how can I ensure that IP1 for DB1 and IP2 for DB2, and IP3 for DB3?

A

Use Database-level Firewall Rules

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
67
Q

What is Always-Encrypted Client-Side Encryption?

A

The encryption and decryption process happens on the client side. Sensitive data is never visible to the database or database administrators in plaintext.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
68
Q

What is Always-Encrypted Column-Level Encryption Encryption?

A

You can encrypt specific sensitive columns (e.g., credit card numbers, social security numbers) in a table while leaving the rest of the data unencrypted.

69
Q

What is Always-Encrypted Separation of Roles ?

A

Always Encrypted helps to separate the roles between the application developers or administrators and the database administrators. Database administrators have access to the database but do not have access to the encryption keys and thus cannot view sensitive data in plaintext.

70
Q

What is Always-Encrypted Encryption Types?

A

Deterministic Encryption: Always produces the same encrypted value for the same plaintext value. This allows equality searches but may reveal patterns.
Randomized Encryption: Produces different encrypted values for the same plaintext value, providing better security but does not support equality searches.

71
Q

What is Always-Encrypted Transparent to Applications Encryption?

A

Applications can interact with the data without needing to be aware of the encryption process. The client driver (e.g., ADO.NET) transparently handles encryption and decryption when configured with the necessary keys.

72
Q

What is Always-Encrypted Transparent Keys and Key Management?

A

There are two key types used:
Column Encryption Key (CEK): Encrypts the actual data.
Column Master Key (CMK): Encrypts the CEK. The CMK is stored in an external key store (e.g., Azure Key Vault).

73
Q

When using an auto-failover group, can you have a data loss?

A

Yes, 5 seconds

74
Q

When using an auto-failover group, can you use the secondary for both read and write?

A

No, only read.

75
Q

When using an auto-failover group, should the secondary be in a separate resource group?

A

No, its a requirment to have both primary and secondary in same resource group.

76
Q

When using an auto-failover group, should you locate both primary and secondary in the same region?

A

No, separate regions.

77
Q

Are server-side transaction supported for Azure SQL Managed Instance?

A

Yes

78
Q

Can you have a private vNET and deploy Azure SQL Database?

A

No, deploying Azure SQL is supported, but you could have a private or service endpoint to the SQL service or the database.

79
Q

Is Azure SQL Managed Instance a single-tenant environment?

A

Yes, Azure SQL Managed is a single-tenant environment

80
Q

Is Azure SQL Database a single-tenant environment?

A

No, it is a multi-tenant environment

81
Q

Are service-side transactions supported in Azure SQL Database?

A

No

82
Q

Are service-side transactions supported in Azure SQL Managed Instance?

A

Yes

83
Q

For Azure Managed Instance, explain service-side dynamic masking?

A

Dynamic Data Masking automatically masks the data when it is queried, but the underlying data in the database remains unchanged. This means users with the appropriate permissions can still see and work with the actual data, while others only see masked data based on predefined rules.

84
Q

For Azure Managed Instance, how could you ensure compliance so that when user A queries the database, credit card nu members are not returned masked, but for user B, they are returned as numbers?

A

Use dynamic masking to assign user A masked data and user B unmasked.

85
Q

When using dynamic masking of data, is it supported for Azure SQL Managed instance and Azure SQL database?

A

Yes, both support dynamic masking.

86
Q

What makes up the DR for Azure DQL Database?

A
  1. Active Geo-Replication
  2. Auto-Failover Groups
  3. Point-in-Time Restore:
  4. Geo-Restore
  5. Zone Redundant Configuration
  6. Geo-redundant backups
87
Q

How can you provide read-only replicas of an Azure SQL Database DB in a separate region?

A

Create secondary read replicas.

88
Q

Are failover groups used with Active Geo-replication?

A

No, Failover Groups and Active Geo-Replication are separate features in Azure SQL Database. They serve similar but distinct purposes. While they provide disaster recovery and high availability across regions, they are typically used independently, not together.

89
Q

Are they using Azure SQL Database DB with a secondary read replica in a separate region, can you manually failover?

A

Yes

90
Q

For Geo-Replication, when you manually failover to the secondary database, is the DNS used to connect to the database the same?

A

No, your apps will have to consider DNS name change in failover.

91
Q

I have an Azure SQL Database with a secondary for DR; how can I configure the system for automatic failover?

A

Auto-Failover Groups:

Auto-Failover Groups provide automatic failover capabilities for geo-replicated databases without needing manual intervention.

It supports automatic failover in the event of a regional outage, ensuring continuous availability.

This feature enables seamless management of multiple databases and maintains read-write access to the database after the failover event.

With Auto-Failover Groups, you can configure policies for automatic or manual failover between the primary and secondary regions.

92
Q

Explain Azure SQL Database Point-in-Time Restore?

A
  1. Azure SQL Database automatically performs continuous backups for databases, allowing you to restore the database to any point within the backup retention period (up to 35 days for Standard and Premium tiers).
  2. Point-in-Time Restore is valuable for recovering from accidental data loss, corruption, or malicious activity without relying on regional failover.
  3. You can restore databases within the same region or even across regions using geo-redundant backups.
93
Q

Explain Azure SQL Database Geo-Replication?

A
  1. Active Geo-Replication allows you to create up to four readable secondary replicas of your database in different Azure regions.
  2. These replicas are synchronized asynchronously, meaning they can serve as failover databases if the primary database becomes unavailable.
  3. In the event of a failure, you can manually fail over to a secondary replica to restore service with minimal data loss (dependent on replication lag).
  4. The secondary replicas are also available for read-only queries, improving availability and performance in global applications.
94
Q

Explain Azure SQL Database Auto-Failover Groups?

A
  1. Auto-Failover Groups provide automatic failover capabilities for geo-replicated databases without needing manual intervention.
  2. It supports automatic failover in the event of a regional outage, ensuring continuous availability.
  3. This feature enables seamless management of multiple databases and maintains read-write access to the database after the failover event.
  4. With Auto-Failover Groups, you can configure policies for automatic or manual failover between the primary and secondary regions.
95
Q

Can you use auto-failover groups with several DB’s

A

Yes

96
Q

Explain Azure SQL Database Point-in-Time Restore?

A

Azure SQL Database automatically performs continuous backups for databases, allowing you to restore the database to any point within the backup retention period (up to 35 days for Standard and Premium tiers).

Point-in-Time Restore is valuable for recovering from accidental data loss, corruption, or malicious activity without relying on regional failover.

You can restore databases within the same region or even across regions using geo-redundant backups.

97
Q

Explain Azure SQL Database Geo-Restore?

A

Geo-Restore allows you to recover your database from a geo-replicated backup to any Azure region in the event of a major regional outage or disaster.

This feature ensures that even if your primary region is inaccessible, you can restore your database from backups in a secondary region.

Geo-restore uses geo-redundant backups stored in different regions, providing protection against region-wide failures.

The recovery time is longer compared to Active Geo-Replication or Failover Groups, but it provides a last-resort recovery option.

98
Q

Explain Azure SQL Database Zone Redundant Configuration?

A

For Premium and Business Critical tiers, Azure SQL Database supports Zone Redundant Databases, which replicate databases across different availability zones within a region.

This ensures that the database remains available through replicas in other zones even if a failure occurs in one availability zone.

Zone redundancy enhances high availability and protects against localized failures within a region.

99
Q

Explain Azure SQL Database Zone Geo-Redundant Backups?

A

By default, geo-redundant backups are enabled for Azure SQL Database, meaning backups are stored in both the primary and secondary regions.

These backups ensure that even if your primary region is down, you can restore your database using backups stored in another region.

100
Q

How do you perform an Azure SQL Database?

A

You do no, performance tuning is automatic

101
Q

Is performance tuning also available for Azure SQL-managed instances?

A

Yes

102
Q

You have an Azure SQL-managed instance, and the application team asked about recommending an easy way to store NoSQL with the least effort?

A

Azure SQL-managed instance is multi-model; you can store and work with NoSQL data.

103
Q

You have an Azure SQL Database database, and the application team asked about recommending an easy way to store NoSQL with the least effort?

A

Azure SQL-managed database is multi-model; you can store and work with NoSQL data.

104
Q

For Azure SQL Database, what is the SLA?

A

99.99% (4 min in a month) (Out of the box by default)

105
Q

For Azure SQL Database, what is the RPO?

A

0 (Out of the box by default)

106
Q

For Azure SQL Database, what is the RTO?

A

0 (Out of the box by default)

107
Q

What type of protection do I require from corruption when using Azure SQL Database?

A

Automated backups

108
Q

What is the target use case for General Purpose tier in Azure SQL Database?

A

Standard applications with balanced cost and performance

109
Q

Does the General Purpose tier in Azure SQL Database have compute and storage separation?

A

Yes, compute and storage are separated (remote storage)

110
Q

What is the IO performance like in General Purpose tier?

A

Moderate, using Azure Premium SSD-backed storage

111
Q

What is the max database size for General Purpose tier?

A

4 TB

112
Q

What kind of high availability (HA) does the General Purpose tier offer?

A

Zone-redundant with Always On availability groups using remote storage

113
Q

How does backup and restore work in the General Purpose tier?

A

Automated backups, geo-redundant, and supports point-in-time restore

114
Q

What is the failover time for the General Purpose tier?

A

30 seconds to several minutes

115
Q

What kind of storage does the General Purpose tier use?

A

Azure Premium SSD with remote storage

116
Q

How does the General Purpose tier handle scaling?

A

Moderate scaling capabilities

117
Q

What workloads is the General Purpose tier best for?

A

Standard workloads with balanced requirements

118
Q

Does the General Purpose tier offer read replicas?

A

No read replicas available

119
Q

What is the target use case for Business-Critical tier in Azure SQL Database?

A

Applications requiring high availability and low-latency IO operations

120
Q

Does the Business-Critical tier in Azure SQL Database have compute and storage separation?

A

No, local SSD-based storage

121
Q

What is the IO performance like in Business-Critical tier?

A

High, using local SSD with low-latency

122
Q

What is the max database size for Business-Critical tier?

A

4 TB

123
Q

What kind of high availability (HA) does the Business-Critical tier offer?

A

Zone-redundant using Always On availability groups with local SSD storage

124
Q

How does backup and restore work in the Business-Critical tier?

A

Automated backups, geo-redundant, and supports point-in-time restore

125
Q

What is the failover time for the Business-Critical tier?

A

3-10 seconds (fast failover with SSD)

126
Q

What kind of storage does the Business-Critical tier use?

A

Local SSD storage with fast local access

127
Q

How does the Business-Critical tier handle scaling?

A

Moderate scaling capabilities

128
Q

What workloads is the Business-Critical tier best for?

A

Mission-critical workloads needing low-latency and high availability

129
Q

How many read replicas are available in the Business-Critical tier?

A

Up to 4 read replicas

130
Q

What is the target use case for Hyperscale tier in Azure SQL Database?

A

Applications needing high scalability and large database size

131
Q

Does the Hyperscale tier in Azure SQL Database have compute and storage separation?

A

Yes, highly scalable storage and compute

132
Q

What is the IO performance like in Hyperscale tier?

A

Scalable based on workload demand

133
Q

What is the max database size for Hyperscale tier?

A

Up to 100 TB

134
Q

What kind of high availability (HA) does the Hyperscale tier offer?

A

Storage-level redundancy with highly distributed architecture

135
Q

How does backup and restore work in the Hyperscale tier?

A

Automated backups with fast snapshot-based restores

136
Q

What is the failover time for the Hyperscale tier?

A

Minutes, depending on scaling needs

137
Q

What kind of storage does the Hyperscale tier use?

A

Remote object storage, highly scalable

138
Q

How does the Hyperscale tier handle scaling?

A

Rapid horizontal scaling with no downtime

139
Q

What workloads is the Hyperscale tier best for?

A

Large-scale, rapidly growing, read-heavy workloads

140
Q

How many read replicas are available in the Hyperscale tier?

A

Unlimited replicas for read scaling

141
Q

I require a Azure SQL Database for 50TB of data and many read nodes, what service tier best suites these requirements?

A

Hyperscale tier as it has upto 100TB of storage

142
Q

For Azure SQL Database Hyperscale how many read replicas can i have?

A

Unlimited

143
Q

For Azure SQL Database Hyperscale how is IO performance managed, is it fixed, manual, scale on demand?

A

Scalable based on workload demand

144
Q

I have a web app that uses SQL, the web app is only used by 20 people during business hours and dose not use

A
145
Q

When using Azure SQL Database standard

A
146
Q

Has Azure SQL Database got partitioning and shading?

A

Yes, Azure SQL Database has both capabilities.

147
Q

What is an Azure SQL - Server Lever Firewall?

A

A server lever firewall is an IP firewall created at the single server level or the pool level and blocks connection from IP addresses with no permissions.

148
Q

What is an Azure SQL - DatabaseLever Firewall?

A

A database firewall rule is a rule to block access to the database.

149
Q

By default, does Azure SQL - Database Level Firewall block traffic?

A

No, by default, it opens and relies on the server-level rule to block traffic.

150
Q

Explain writing audit in Azure SQL server.

A

In Azure SQL, to securely write audit logs to a storage account behind a VNet and firewall, configure Azure SQL auditing to target a storage account restricted to specific networks. Set up firewall rules and VNet integration on the storage account to limit access, and use a managed identity for secure permissions. This approach enhances data protection by isolating audit logs within trusted network boundaries.

151
Q

Explain Azure SQL server Advanced Threat Protection for Azure SQL Database?

A

Advanced Threat Protection for Azure SQL Database detects anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases. Advanced Threat Protection can identify Potential SQL injection, Access from unusual location or data center, Access from unfamiliar principal or potentially harmful application, and Brute force SQL credentials - see more details in Advanced Threat Protection alerts.

152
Q

Explain dynamic masking?

A

Dynamic data masking helps prevent unauthorized access to sensitive data by enabling customers to designate how much of the sensitive data to reveal with minimal effect on the application layer. It’s a policy-based security feature that hides the sensitive data in the result set of a query over designated database fields, while the data in the database isn’t changed.

For example, a service representative at a call center might identify a caller by confirming several characters of their email address, but the complete email address shouldn’t be revealed to the service representative. A masking rule can be defined that masks all the email address in the result set of any query. As another example, an appropriate data mask can be defined to protect personal data, so that a developer can query production environments for troubleshooting purposes without violating compliance regulations.

153
Q

Can you use Azure Policies with Azure SQL Instance and Database to enforce regulatory compliance?

A

Yes, Azure provides a number of out-of-the-box compliance profiles for Azure SQL Instance and Database:

154
Q

Explain the security baseline for Azure SQL.

A

Using Azure Policy, this security baseline applies guidance from the Microsoft cloud security benchmark version 1.0 to Azure SQL.

155
Q

Why is Azure always encrypted?

A

Azure SQL Always Encrypted is a feature that protects sensitive data by encrypting it on the client side before storing it in the database. Only clients with the correct encryption keys can decrypt and read the data, ensuring that even database administrators cannot access it. This provides enhanced security for confidential information like social security numbers or credit card detail

156
Q

What is Always Encrypted with secure enclaves?

A

Azure Always Encrypted with secure enclaves enhances data security by protecting sensitive data in use, ensuring it remains encrypted during query execution. This feature leverages secure enclaves, isolated and hardware-protected memory regions, allowing computations on encrypted data without exposing it. It ensures higher security for data operations, reducing risk even for administrators with elevated privileges.

157
Q

What is Azure SQL Database and Instance Data Discovery & Classification?

A

Data Discovery & Classification is built into Azure SQL Database, Azure SQL Managed Instance, and Azure Synapse Analytics. It provides basic capabilities for discovering, classifying, labeling, and reporting the sensitive data in your databases.

158
Q

Explain Transparent data encryption for SQL Database, SQL Managed Instance, and Azure Synapse Analytics?

A

Transparent data encryption (TDE) helps protect Azure SQL Database, Azure SQL Managed Instance, and Azure Synapse Analytics against the threat of malicious offline activity by encrypting data at rest. It performs real-time encryption and decryption of the database, associated backups, and transaction log files at rest without requiring changes to the application. By default, TDE is enabled for all newly deployed Azure SQL Databases and must be manually enabled for older databases of Azure SQL Database. For Azure SQL Managed Instance, TDE and freshly created databases are enabled at the instance level. TDE must be manually enabled for Azure Synapse Analytics.

159
Q

Can you bring your key when using Transparent data encryption for SQL Database, SQL Managed Instance?

A

Yes, you can use your key or a managed key.

160
Q

What is an always-on availability group?

A

Azure SQL on VM only: It is a one-to-eight replication for high availability and disaster recovery, an alternative to mirroring. It groups one or more databases on the primary and replicates to eight instances per primary database.

161
Q

When using an always-on availability group, can the secondary databases be written?

A

Azure SQL on VM only: No

162
Q

When using an always-on availability group, can the secondary databases be read?

A

Azure SQL on VM only: Yes, this is optional,

163
Q

When using an always-on availability group, is the secondary databases a backup?

A

Azure SQL on VM only: No, because in a disaster situation, insufficient data could corrupt the primary and secondary databases.

164
Q

Explain Always Encrypted?

A

It uses client-side keys to encrypt the data in the SQL database.

165
Q

For Azure SQL Managed Instance, where is database data stored?

A

It’s stored on premium Azure Storage

166
Q

When using Transparent encryption, what key type options do you have available?

A

Azure Managed
Customer managed keys

167
Q

For Azure SQL Managed Instance, is database data stored in LRS, ZRS or GRS?

A

It’s stored on LRS

168
Q

What is the difference between Transparent encryption and Always encrypt?

A

Transparent encryption, encrypts transparently the database data and the logs.
Always encrypt uses client-side keys to encrypt data,

Azure (42 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions