Cloud Flashcards by Thomas Eyre

What are the 2 basic services offers by cloud providers?

Compute power and storage

How well did you know this?

Not at all

Perfectly

How much processing your computer can do?

Compute power
Storage
RAM
Utilization

Compute power

How well did you know this?

Not at all

Perfectly

In a shared responsibility model who is responsible for the physical security, power cooling, and network connection?

Cloud provider

How well did you know this?

Not at all

Perfectly

The cloud provider is responsible for data and information stored in the cloud as well as access security of who receives access

False, consumer

How well did you know this?

Not at all

Perfectly

Infrastructure as a service you are responsible for your own platform’s software but none of your infrastructure

True

How well did you know this?

Not at all

Perfectly

Infrastructure as a service you are responsible for your own platform’s software but none of your infrastructure

True

How well did you know this?

Not at all

Perfectly

Physical hosts, physical network, and physical data enter are responsibility of the customer

False,
Microsoft/cloud provider

How well did you know this?

Not at all

Perfectly

What responsibilities are shared in paas?

-identity and directory infrastructure
-applications
-network controls

How well did you know this?

Not at all

Perfectly

True or false. Information and data stored in the cloud, devices allowed to connect to the cloud and the accounts/identities are responsibility of the customer and not the cloud provider

True

How well did you know this?

Not at all

Perfectly

What is a con to a private cloud?

Higher cost

How well did you know this?

Not at all

Perfectly

You use multiple public cloud providers. You use different features from different cloud providers or are migrating from one cloud to the other is called what?

Azure migration
Multi cloud
Entra I’d
Azure integration

Multi cloud

How well did you know this?

Not at all

Perfectly

Ms set of technologies to help manage your cloud environment is what?

Arc
Purview
Application insight
Arm

Azure arc

How well did you know this?

Not at all

Perfectly

Let’s you run your VMware workloads in azure with seamless integration and scalability is what?

Purview
VMware solution
VMware application
Consumption

Azure VMware solution

How well did you know this?

Not at all

Perfectly

What 2 types of expenses are considered for IT infrastructure models?

Capital expenditure and operational expenditure

How well did you know this?

Not at all

Perfectly

One time up front expenditure to purchase or secure tangible resources such as a building, repaving parking lot

Opex
Capex
Multi
Azure solution

Capex

How well did you know this?

Not at all

Perfectly

Spending money on services or products over time such as leasing a company vehicle or signing up for cloud service

Opex
Capex
Multi
Azure solutions

Opex

How well did you know this?

Not at all

Perfectly

Which cloud service places the most responsibility on the customer?

Paas
Saas
Iaas
Faas

Iaas

How well did you know this?

Not at all

Perfectly

When building or deploying a cloud app what 2 considerations do you need to factor?

Uptime (availability) and ability to handle demand (scale)

How well did you know this?

Not at all

Perfectly

What happens if the percentage of uptime is not kept from a cloud provider for a company that was agreed on in the SLA?

Entitled to a credit,

How well did you know this?

Not at all

Perfectly

What are reasons you do t want 100% uptime?

-required maintenance or upgrades
-duplicating every component in case one component failed
-would require back up components to pick up service tasks with 0 interruption to customers

How well did you know this?

Not at all

Perfectly

True or false, Service at 99 and 99.9% doesn’t have a big discrepancy

False,
99% can have down time of 1.68 hours per week, 7.2hours per month

99.9% down time is 10 minutes per week, 43.2 minutes per month

How well did you know this?

Not at all

Perfectly

Azure services is one standard SLA. True or False

False, each is different

How well did you know this?

Not at all

Perfectly

Ability to adjust resources to meet demand

Scalability
Elasticity
Storage
Computing

Scalability

How well did you know this?

Not at all

Perfectly

Focuses on increasing or decreasing capabilities of a resource

Vertical elasticity
Vertical scaling
Horizontal elasticity
Horizontal scaling

Vertical scaling

How well did you know this?

Not at all

Perfectly

If you were developing an app and you needed more processing power you could scale up to add more cpu or ram to the vm or scale down if needed is an example of what?

Vertical scaling

Adding or subtracting the number of Vertical elasticity Vertical scaling Horizontal elasticity Horizontal scaling

Horizontal scaling

What is an example of horizontal scaling?

Steep jump in demand, you can add additional vm’s or drop (manual or automatic)

Ability if a system to recover from failures and continue to function. Pillar of Azure Well-Architect framework Elasticity Scalability Predictability Reliability

Reliability

Influenced by azure well architect framework, focused on by performance or cost Reliability Predictability Performance Cost

Predictability

Predicts resources needed to deliver a positive experience for your customers. Supports: auto scaling, load balancing, and HA Vertical scaling Horizontal scaling Performance Cost

Performance

Using cloud analytics you can predict cost and adjust resources. What are 2 cloud cost resources?

Total Cost of Ownership (TCO) Pricing calculator

Helps flag any resources out of compliance with corporate standards and has mitigation strategies Cloud auditing Templates Predictability Cost

Cloud auditing

If you want patches and maintenance taken care of automatically then IaS is the best deployment

False, paS or saS IAS would give you maximum control

Managing cloud resources such as: Scaling resources auto, deploy resources by preconfigured template, monitor health resources, auto alerts on performance metrics in real time Management in the cloud Management of the cloud Management within Management without

Management of the cloud

How you are able to manage your cloud environment and resources: web portal, command line, api, power shell Management in the cloud Management of the cloud Management within Management without

Management in the cloud

Ability if a system to recover from failures and continue to function Reliability Predictability Scalability

Reliability

You’re setting up cloud resources similar to your on premise data center, then moving the things running on prem to running on Iaas is what migration?

Lift and shift migration

You have established configurations for development and test environments that you need to rapidly replicate. You can start up or shut down the different environments rapidly with which cloud service

Iaas

Renting space in a data center is iaas

True

Paying for a complete deployed solution is iaas

False, SaaS

In paas the customer maintains the physical infrastructure, physical security, and connection to the internet

False, the cloud provider

Identity and directory infrastructure, applications, and network controls are shared b/w cloud provider and customer

True

Dev frameworks Analytics or business intelligence Are examples of what? Paas SaaS Iaas

Paas

Email, messaging and connectivity software are what cloud service?

Saas

What type of cloud service would a finance and expense tracking solution typically be in?

SaaS Access to software solutions, finance and expense tracking,email or ticketing systems

Used within the price calculator and provides recommendations, how to optimize services and spending limits Azure advisor TCO Capex Opex

Azure advisor

Operational expense is building out and maintaining infrastructure

False, capital expense Opex is renting of infrastructure as you need it like compute, storage and networking

Resource type, Consumption, Maintenance, Geography, Subscription type, Azure marketplace Are cost factors for what? Opex Capex TCO Pricing calculator

Opex

How does azure track resources usage and generate a usage record for a calculated bill? TCO Metered instances Pricing calculator Capex

Metered instances

True or false. Creating the same storage account in a different region may show a different cost and changing of the settings Can also impact the price

True

Commiting to using a set amount of cloud resources in advance and receiving discounts on those “reserved” resources Subscription type Pay as you go Consumption Maintenance

Consumption

Where can you purchase azure based solutions and services from third party vendors like a managed network firewall appliance? TCO Pricing calculator Consumption Azure market place

Azure marketplace

Designed to give you an estimated cost for provisioning resources in Azure. Can see an estimate of the Azure spend Pricing calculator TCO Opex Consumption cost

Pricing calculator Nothing is provisioned, just estimates for services

Designed to help you compare costs for running an on premises infrastructure compared to azure cloud. Pricing calculator TCO Opex Consumption

TCO

Products, Example scenarios, Saved estimate, FAQs are tabs for what? TCO pricing calculator Application insight Tags

Pricing calculator

How would you share a cost estimate from a pricing calculator with your team? -Select export to save your estimate as an excel doc -select save or save as to save your estimate to the saved estimates tab for later -Select share to generate a url so you can share the estimate with your team

All the above

Define workloads, Adjust assumptions, View report are steps for what? TCO Policy Application insight Arc

TCO

True or false. Adjust assumptions specifies your currency within TCO

True

Quickly being able to check azure resource costs, create alerts on resources create budgets to automate management of resources Cost management Opex Consumption Capex

Cost management

View total cost in a variety of different ways like billing cycle, region and resource Cost management Cost anyalysis Cost alert Budget alert

Cost analysis

Single location to check on all of the different alert types that show up Cost management Cost awareness Cost alerts Cost analysis

Cost alerts

Budget alerts and cost management are creating using the azure portal or the azure consumption api

True

What notifies you when you azure monetary commitments are consumed? Credit alerts Frosty spending quota alerts Budget alerts Cost alerts

Credit alerts

Notify when a fixed threshold is met and configured in the EA portal Credit alerts Department spending quota alerts Budget alerts Cost alerts

Department spending quota alerts

Resource management, Cost manage and optimize, Operations, Security, Governance and regulatory compliance, Workload optimization Are meta data for what? TCO Application insight Tags Purview

Tags

Family of data governance, risk and compliance solutions that help you get a single unified view into your data Purview Consumption TCO Price calculator

Purview Insight for on premise, multi cloud, and SaaS data together

2 main solution area of Ms Purview

-Risk and compliance -unified data governance

Ms 360 is a core component, includes teams, one drive and exchange. Protects sensitive data and risks within purview Unified data governance Risk and compliance solutions Data classification Data lineage

Risk and compliance

In purview unified data governance helps you create up to date map of entire data classification, identify where sensitive data is in your estate, create secure data environment, insight on how data is stored, manage access to data

True

Where would you create, assign, and manage or audit your resources to enforce different rules across your resource configuration so they compliant with corporate standards? Data governance Azure policy Risk management solutions Azure compliance

Azure policy

Azure policy enables individuals and group policies called initiative

True

Azure policy is a way of grouping related initiatives together

False, azure policy initiative

Prevents resources from being accidentally deleted Azure Rbac Azure policy Resource lock Governance

Resource lock

Read only resource lock means authorized users can still ready and modify a resource but can’t delete it

False, delete Read only can read a resource but can’t delete the resource. Similar to permissions granted

Provides access to various content, tools and other resources about ms security, privacy and compliance practices Azure policy Risk lock Governance Service trust

Service trust

Let’s you save or pin documents to quickly access them on your my library page. Can also receive notifications when documents are updated Service trust My library All documents Azure policy

My library

Single landing place for documents. Can pin documents here Service trust My library All documents Azure policy

All documents

How can you prevent the creation of a non compliant resource without having to manually evaluate each source? Azure policy Azure purview Azure resource manage azure resource lock

Azure policy

What’s the best way to prevent inadvertently deletion of a resource? Azure policy Azure purview Azure resource manage azure resource lock

Azure resource lock

Web based unified console that provides an alternative to command line tools. Designed for resiliency and continuous availability. Configure access options,create dashboards and build/monitor everything Azure portal Azure power shell Azure CLI Azure lock

Portal

Browser based tool with no local installation that allows you to create/manage azure resources through a shell. Authenticates to azure credentials and knows your permissions. Azure portal Azure power shell Azure CLI Azure cloud shell

Cloud shell Supports both powershell and CLI

Where you can run command-let’s (cmdlets) call rest api to perform manage tasks in azure. Can configure in windows, Linux and Mac Azure portal Azure power shell Azure CLI Azure lock

Powershell

Syntax commands. Handles tasks and complex orchestrastiobs through code. Bash based Azure portal Azure power shell Azure CLI Azure lock

Azure CLI

Provides a centralized way to manage entire environment including non azure resources, hybrid virtual machines, services regardless of location, devops practices to support new cloud patterns, cluster extensions Azure portal Azure power shell Azure CLI Azure Arc

Arc Resource manager

Name 2 resources azure arc allows you to manage outside of azure

Servers Kubernetes Data services SQL server Vm

You use this to manage deployments using repeatable templates and configurations. ARM templates and Bicep are 2 examples of using this to maintain your environment Infrastructure as code CLI Power shell ARM

Infrastructure as code

Name 2 benefits of ARM templates

Declarative syntax Repeat results Orchestration Modular files Extensibility

Language that uses declarative syntax to deploy azure resources. Defines infrastructure and config. Arm deploys based on this file. Arm is written in json. These are simpler CLI Bicep Infrastructure as code Powershell

Bicep

Name 2 benefits of bicep

-Support for all resource types and api versions -simple syntax -Repeatable result -orchestration -modularity

What service helps you manage on premise and multi cloud environments? Azure arc Policy Cloud manager ARM

Arc

2 components for infrastructure as code deployment Bicep/arm templates Policy/arc Monitor/arc Arm/json

Bicep/arm templates

Evaluates azure resources and makes recommendations to help improve reliability, security, performance and reduce costs. Designed to help you save time on cloud optimization.b Azure advisor Resource manager Arc Arm

Advisor

What 5 categories of filters are in azure advisor?

Reliability Security Performance Operational excellence Cost

Operational excellence is to improve the continuity of your business critical applications

False, reliability Oper excel is to achieve process and workflow efficiency, resource management, and deploy best practice

Global cloud solution to help manage infrastructure need, reach customers, innovate and adapt rapidly. Keeps track of resources both specifically deployed and overall status of azure Azure advisor Service health Elasticity Horizontal scaling

Service health

Broad picture of the status of azure globally.binfirms you if service outages in azure on azure status page. Global view of the health of all azure services. Good reference for incident with widespread impact Azure advisor Resource manager Status Arm

Azure status

Resource health is a tailored view of actual azure resources. Provides information about health of indv cloud resources like vm instance.

True Service health focuses on services/region you’re using. Look here for service impacting communication, planned maintenance

Platform for collecting data on resources, analyzing that data, visualizing the information and even acting on the results. Not just azure but watches on premis and other vms on different cloud providers Azure advisor Resource manager Monitor Service health

Azure monitor

Write and run log queries on the data gathered by azure monitor. Robust tool that will you to write and test queries Azure advisor Log analytics Monitor Service health

Log analytics

Monitors applications running on azure, on premise or a different cloud environment. Installed by an SDK or the agent. Monitors broad array of information is azure monitor

False, application insight Azure monitor is for metrics or when a threshold has been met/past

Request rates, Dependency rates, Page views, Ajax, Session count, CPU or memory Are examples of what can be monitored through what? TCO Tags Application insight Purview

Application insight

Which is not a category for azure advisor Reliability Capacity Cost

Capacity

You get an email notification the vm in azure region you have vm’s deployed is having an outage. Which will let you know your application is impacted? Azure status Service health Resource health

Resource health

Within an azure account you can create subscriptions in it based off of sales, business, hr etc

True

In powershell this gives you date and time Get-date Bash Nano Ipconfig

Get-date

Get-date is an azure CLI command

False powershell Date is azure CLI (bash)

How would you write an azure command in bash mode? az Bash Get-date pwsh

How would you change from bash to powershell? az Bash Get-date pwsh

pwsh

Az interactive puts you in interactive mode

True

Data centers are grouped into azure regions or availability zones?

Both Help for resiliency and reliability for business critical workloads

Contains at least one but possibly more data centers that are nearby and networked together with a low latency network Physical infrastructure Regions Availability zones Geography

Regions

Physically separate data centers within a region with each made up of one or more data centers with independent power, cooling and networking. ISO boundary, redundancy and connected by high speed private fiber optic networks is availability zones

True

Not all azure regions support availability zones

True Minimum of 3bdifferent available zones in all available zone enabled regions

Azure services that support available zones fall into 3 categories

Zonal zervice Zone redundant services Non regional services

Pin the resource to a specific zone Zonal zervice Zone redundant services Non regional services Region pair

Zonal

Platform replicates automatically across zones like sql database Zonal zervice Zone redundant services Non regional services Region pair

Zone redundancy

Always available from azure geographies and are resilient to zone wide outages as well a region wide outages Zonal zervice Zone redundant services Non regional services Region pair

Non regional

Replication of resources across geography to reduce interruptions Zonal zervice Zone redundant services Non regional services Region pair

Region pair

Region pair are instances of azure that are isolated from the main instance of azure

False Sovereign region

Anything you create, provision or deploy is a resource. Name 2 types

Vm Virtual network Databases Cognitive services

Subscription level and you can create separate subscriptions to reflect different organizational structures is a billing boundary

False, access control boundary Billing boundary is the type of subscription that determines azure account is billed for using azure.

Ñame a reason for creating an additional subscriptions to separate

-Environments like testing -organizational structure like lower cost team compared to higher cost -billing to track costs based off of need

Resources into resource groups, rg into subscriptions, sub into azure management groups

True

How many resource groups can a resource be in at the same time? 1 2 3 5

What happens to resources within a resource group when an action or setting at the resource group level is applied? Current resources inherit setting but future don’t Future resources do but current don’t Setting is applied to both

Applied to botj

Feature replicates resources across regions that are at least 300 miles away Region pair Availability zone Sovereign regions

Región pair

Use this when you need total control or an os, ability to run customer software, or to use custom hosting configurations Vm Servers Kubernetes Database

This is a template used to create a VM and may already include an OS, and other software like the dev tools or web hosting environments Update domain Image Fault domain Iaas

Image

Let you create/manage a group of identical load balanced vm’s. Automatically deploy a load balancer Availability set Vm Scale set Update domain Fault domain

Vm Scale set

Designed to ensure VM’s stagger updates and have varied power and network connectivity preventing you from losing your VM’s Availability set Scale set Update domain Fault domain

Availability set

Fault domain groups your VM’s by common power source and switch. Splits your VM’s to 3 fault domains to protect against outage by having VM’s in different fault domains

True update domain is Availability set that groups VM’s that can be rebooted at the same time. One update group is offline. 30 minute recover before maintenance

Testing, running applications in the cloud, extending data center to the cloud, disaster recovery are common examples to use this Availability set Update domain Vm Scale set

“Az vm create” command does what? Creates a server Duplicates a vm Creates a vm Creates a Linux vm

Creates a Linux vm

What would you use to run multiple instances of an application on a single host machine? Containers Virtual desktop Vm Paas

Containers

Containers virtualize the OS

Trye

Azure container instances are a Iaas

False, paas

This is an orchestration service that manages life cycle containers Containers apps VM’s Kubernetes Virtual desktop

Kubernetes

Containers are solutions to micro service architecture

True

Event driven, server less compute option that doesn’t require maintaining VM’s or containers Azure functions Marketplace Containerization Virtualization

Fubctions

Enables you to build and host web apps, background jobs, mobile back ends and RESTful API’s in the programming language of your choice without managing infrastructure. Continuous deployment Azure function App service Purview Tags

Azure app service

Which is a common app service? Web API Webjobs Mobile

All

Web apps include full support for hosting web apps by using ASP. Net, core? Java, Python etc.

True API is you can build a rest based web by using your choice of language and framework. Full swagger support http

Mobile apps are to run a program or script in the same context as a web app. Scheduled and used to run background tasks

False, webjobs Mobile builds a back end for iOS and android apps

You can securely enable azure resources to communicate together through virtual networks and service endpoints

True

VPN connections are from a computer outside your organization back into your corporate network. Client computer initiated an encrypted vpn connection to connect to azure virtual network Point to site Site to site Azure express route

Point to site

Private networks link your on premises vpn devices or gateway to the azure vpn h gateway in a virtual network. In effect the devices in azure can appear as being on the local network. Encrypted over internet Point to site Site to site Azure express route

Site to site

Provides a dedicated private connectivity to azure that doesn’t travel over the internet. Express route is useful for environments where you need greater bandwidth and even the higher levels of security Point to site Site to site Azure express route

Azure express route

Resources that can contain multiple inbound and outbound security rules. You can define these rules to allow or block traffic based on factors such as source and destination ip address, port and protocol Point to site Site to site Azure express route Network security groups

Network security groups

Special vm that can be compared to a hardened network appliance. Carries out a particular network function such as a firewall or performaning wide area network Point to site Network virtual appliance Azure express route Network security groups

Network virtual appliance

Link virtual networks together. Private traffic and travels Ms backbone network, never going public. Point to site Peering Azure express route Network security groups

Peering

Allow you to control the routing tables between subnets within a virtual network or between virtual networks Point to site Site to site Azure express route UDR

User defined routes

- - connect-timeout argument specifies to allow up to 5 seconds for the connection to occur. After that an error message stated that the connection timed out

True

Azure vpn gateway instances are deployed where? Subnet Containers Virtualization Segmentation

Subnet

Policy based vpn gateway specify statically the ip address of packets that should be encrypted through each tunnel. Evaluates data packets against ip addresses to choose the tunnel the packet is sent through

True, Route based gateways IPsec tunnels are modeled as a network interface or virtual tunnel interface. Ip routing decides which tunnel interface to use to send a packet. Preferred method for on premise

True or false, Connections b/w virtual networks, point to site connections, multi site connections, coexistence with azure express route gateway use *policy based routing for connectivity

False, Route based

HA option for vpn gateway. Built in resiliency. Uses internet as alt method of connectivity. Always a connection to virtual network Zone redundant Express route failover Active/active Active/standby

Express route failover

Zone redundant gateways are in regions that support availability zones. Resiliency, scalability. Physically and logically separate gateways in a region and protects from zone level failures. Stock keeping units SKU and uses standard public ip addresses

True

Extends on premise networks in Ms cloud over private connection. Connects to offices. Data centers etc Express route Vertical scaling HA Application insight

Express route

Connectivity to azure cloud seduces across all regions for geopolitical and global reach,dynamic routing and BGP, and built in redundancy are benefits of express route

True

Cloud exchange collocation, point to point Ethernet connection, any to any connection and directly from express route sites are four models for what that connects your on premise to cloud? Point to point Express route Collocation Purview

Express route

Point to point Ethernet connection refers to datacenter collocated at a cloud exchange such as ISP

False, collocation at a cloud exchange Point to point Ethernet connection connects facility to the cloud

Any to any networks you can integrate your wan with azure by providing connections to offices and data centers

True, Peering location is where you can connect directly to the world

Azure dns uses what so the closest available dns server answers each dns query for fast and HA domain? Multicast Broadcast Any cast Simulcast

Any cast

Azure dns has RBAC, log monitoring and resource locking for security

True

You can use azure dns to buy a domain name.

False, only through app service domains if third party finding name registrar

Which azure vm feature staggers across VM’s based on their update domain and fault domain? Availability set Scale sets Update sets

Availability sets

Which azure services allows users to use a cloud hosted version of windows from any location and connect from most modern browser Azure virtual desktop Azure virtual machines Azure container instances

Virtual desktop

If you need connections b/w virtual networks, point to site connections, multi site connections or coexistence with an azure express route gateway, which type of vpn gateway should you use? Policy based Point based Route based

Route based

Standard storage account type for blobs, file shares, quests and table. Most scenarios. Standard general purpose v2 Premium block blobs Premium file shares Premium page blobs

Standard general purpose

Block blobs and append blobs. Recommended for scenarios with high transaction rates or that use smaller objects or require consistently low storage latency Standard general purpose v2 Premium block blobs Premium file shares Premium page blobs

Premium block blobs

Premium storage account for file shares only. Enterprise or high performance scale applications. Use account type if you want a storage account that supports both SMB and nfs file shares Standard general purpose v2 Premium block blobs Premium file shares Premium page blobs

Premium file shares

Premium storage account for page blobs only Standard general purpose v2 Premium block blobs Premium file shares Premium page blobs

Premium page blobs

How many times is data replicated in azure storage? 1 3 4 2

Locally redundant storage replicates your data 3 times within a single data center in the primary region. At least 21 nines of durability (99.9999999%) of objects over a given year

True, Lowest cost and least durable

Az enabled regions replicate your azure storage data synchronously across 3 azure availability zones in the primary region. 12 nines (99.9999999999%) Local zone storage Redundancy in a second region Zone redundant storage Redundancy in primary region

Zone redundancy storage

A paired secondary region for redundancy is based on azure region pairs and can’t be changed

True

Azure storage offers star 2 options for copying your data to a secondary region?

Geo redundant storage and geo zone redundant storage Grs is similar to running lrs in 2 regions and gzrs is similar to running zrs in primary region and lrs in the secondary region

Azure storage has an RPO of 25 minutes

False, 15 minutes

Geo zone redundant storage copies your data synchronously 3 times within a single physical location in the primary region using lrs. Then copies asynchronously to a single physical location in the secondary region. 16 nines per year

False, geo redundant storage Geo zone redundant storage combines the high availability across zones with protection from regional outages by geo replication. Data is copied across 3 azure zones in the primary region. 16 nines per year

Massively scalable object store for text and binary data. Also includes support for big data analytics through data lake storage gen2 Blob Files Ques Disks Tables

Azure blobs

Use queues this to manage files shares for cloud or on premises deployments

False, azure files Azure queues are a messaging store for reliable messaging b/w application components

Block level storage volume for azure VM’s Blob Files Ques Disks Tables

Azure Disks

NoSQL table option for structured, non-relational data Blob Files Ques Disks Tables

Azure tables

Blob storage doesn’t require developers to think about or manage disks

True

Serving images to a browser, storing files for access, streaming audio/video, backup data, data analysis are best stored with which? Blob Files Ques Disks Tables

Blob

Storing data that is accessed frequently like images from a website Hot access tier Cool Cold Archive

Hot

Infrequently accessed and stored for 30 days like invoices for your customers is cold access tier

False, cool 90 days is cold access tier

Data that is rarely accessed and stored for at least 180 data with flexible latency like long term backups Hot access tier Cool Cold Archive

Archive access tier

Cold and archive access aren’t available at the account level

True

Azure files stored large numbers of messages

False, azure queues

single portal to start, run and track migration to azure, discovery/assessment and server migration with independent software vendor, on premise infrastructure to azure

Azure migration

Located on premise servers running on VMware, hyper v and physical servers to migrate to azure Discover and asses Server migration Migration assistant Data box

Discover and assess

Stand alone took to asses sql servers. Helps pinpoint problems blocking migration. Shows unsupported features Discover and asses Server migration Migration assistant Data box

Migration assistant

Move large amounts of offline data to azure Discover and asses Server migration Migration assistant Data box

Azure Data box

AzCopy is a command line that you can copy blobs or files from your storage account. Can synchronize all files

True

Provides graphical interface to manage files and blobs. Azure storage explorer File sync AzCopy Az CLI

Azure storage explorer

Centralized file shares, use any protocol to access data locally, unlimited cache, replace local server, cloud tiering to replicate local files Storage explorer File sync AzCopy Migration

File sync

Which tool automatically keeps files between an on premises windows server and an azure cloud environment? Azure file sync Azure storage explorer AzCopy

Azure file sync

Which storage provides durability of 16nines? Local redundancy Zone redundancy Geo redundancy

Geo

Which azure storage service supports big data analytics as well as text and binary data types Blob Files Disks

Blobs

Directory service that enables you to sign in and access both Ms cloud applications and cloud applications you develop. Maintains on premise Active Directory

Microsoft entra ID

Provides authentication, single sign on, application management and device management Entra ID Domain services Azure authentication Azure storage

Entra id

Synchronizes user identities b/w on premise Active Directory and Microsoft entra id Entra ID Domain services Entra connect Azure storage

Entra Connect

What would allow you to run legacy applications in the cloud that can’t use modern authentication methods? Entra ID Entra Domain services Entra Connect Azure storage

Domain services

Windows hello did business has a biometric and pin credentials directly tied to the users pc

True

Fido

Built in key to a device

Microsoft entra external ID refers to all the ways you can securely interact with outside users not in your organization

True

External identification that collaborates with external users by letting use their preferred identity to sign in to your Microsoft applications or other enterprise applications like SaaS, represented in directory and typically guest user B2B collab B2B direct Azure AD business to customer

Business to business collaboration

External identity that establishes a mutual 2 way trust with another Ms entra org. Supports teams and users aren’t represented in your directory but are visible within teams admin center reports B2B collab B2B direct Azure AD business to customer

B2B direct connect

External identity that publish modern SaaS apps or custom dev apps to consumers and customers while using azure ad B2B for identify and access management B2B collab B2B direct Azure AD business to customer

AD business to customer

Management group, subscription, resource group, single resource are included in what? Entra Scope Purview Tags

Scope

Layers of defense in depth

Physical Identification and access Perimeter Network Compute Application Data

Network from defense in depth protects Afganistán network based attacks. Uses dos protection and firewalls to identify and alert

False, perimeter Network limits network connectivity across resources to only allow what is required

Compute for defense in depth focuses on making sure that your compute resources are secure and you have proper controls in place for security issues. Secured access to vm and implements endpoint protection

True, Data is storage and access are secured. Stored in database, disk in vm, software and cloud

Monitoring tool for security posture management and threat protection.bmonitors cloud on premise, hybrid and multi cloud to provide guidance. Entra Perimeter B2C Defender for cloud

Defender for cloud

3 vital needs for defense for cloud are continuously asses for vulnerable, secure by gardening resources, and defend by detecting and resolving threats

True

Set of guidelines for security and compliance best practices based on common compliance frameworks Security benchmark Entra Cloud defender Blob

Security benchmark

Conditional access is a tool for entra that allows access to resources based on identity signals. They may challenge authentication if your sign in signals are unusual from an unexpected location

True

Which 2 attributes are characteristics of the private cloud deployment model? -Applications can be provisioned and de provisiones quickly -Hardware must be purchased -Organization only pays for what they use -Company has complete control over physical resources and security

-Hardware must be purchased -Company has complete control over physical resources and security

2 characteristics of consumption based model -High capital expenditure -No upfront cost -Purchase of physical infrastructure -Ability to stop paying for resources no longer used

No upfront cost -Ability to stop paying for resources no longer used

Increasing compute capacity for an app by adding instances of resources such as virtual machines is what? Disaster recovery HA Horizontal scaling Vertical scaling

Horizontal scaling Vertical is adding ram or cpu to a vm

Increasing capacity of an application by adding additional virtual machines is what? Agility HA Horizontal scaling Vertical scaling

Horizontal scaling Compute capacity is added by resources such as VM’s

Ms 365 is what? SaaS Paas Iaas

Saas

Which uses az sql database Iaas Paas SaaS

Paas

Virtual networks are Iaas Paas SaaS

Iaas

Compare cost of running applications on premises with cost of running applications in azure Azure advisor Cost management Pricing calculator TCO

TCO

You plan to build a new solution in azure that will use paas. What would give you an estimate to the monthly cost? Advisor Cost management Pricing calculator TCO

Pricing calculator

Your org plans to deploy several VM’s with consistent usage through the year. What can minimize the cost of VM’s without reducing functionality? Monitor alerts Azure reservations Spending limits

Reservations

What can you use to ensure that new and existing azure resources stay I. Compliance with corporate standards? Advisor Policy Resource locks Tags

Policy

Use this to create a resource in azure that includes a validation step to ensure all resources are created in specific order based on dependencies CLI Powershell ARM Rest api

Arm

These templates define an application’s infrastructure requirements for repeatable deployment that is done in a consistent manner. Includes validation step in proper based dependencies Arm Arc Consumption Tags

Arm

What 2 components are created in azure subscriptions? Entra Resource groups Resources Management groups

Resources Resource groups

Deployment and management service for azure Entra API management Monitor ARM

ARM

Azure compute service you can use to deploy and manage a set of identical VM’s Availability set Availability zone Containers instances Vm scale sets

Vm scale sets

What can you use to connect azure resources like sql database to virtual network? Express route Network security groups Peering Service endpoints

Service endpoints

What can a Mac or android user use for access to a windows environment that will run windows based applications Functions Containers instances Logic apps Virtual desktop

Virtual desktop

Low storage and unlimited file formats make blob storage a good location to store backups and archives

True

What object is azure role based access control? Policy Resource lock Resource tag Scope

Scope

You need to associate the costs of resources to different groups within an organization without changing the location of resources Admin unit Resource groups Resource tags Subscriptions

Resource tags

What 2 actions can be performed by azure portal? Change availability zone of vm Assign deny permission on a resource group Create new resource Create Microsoft entra user

Create new resource Create Microsoft entra user

Azure service that evaluates resources and makes recommendations to improve reliability, security, performance and cost reduction Advisor Service health Log analytics Monitor

Advisor

You need to create a custom solution that uses threshold trigger auto scaling function to scale an app up or down to meet user demand Application insight Advisor Monitor Service health

Monitor

Deploying and configuring cloud based resources quickly as business requirements change is called Agility Elasticity HA Scalability

Agility

Configure cloud based apps for auto scaling Agility Elasticity HA Scalability

Elasticity

In paas which 2 are responsibility of cloud service provider? Information and data Os Physical network User access

Os Physical network

Physically separate data centers within azure region Available zones Geographies Region pairs Resource groups

Availability zone

In a region pair a region is paired with another region I. The same Availability zone Data center Geography Resource group

Geography

You need to allow resources in 2 different azure virtual networks to communicate with each other Network security group Point to site vpn Peering Service endpoints

Peering