Concepts

Question 1

All service interaction goes through this centralized management layer

Answer 1

Azure Resource Manager (ARM)

Question 2

A single organization instance of Azure AD is associated with this level of the Azure resource hierarcy

Answer 2

Tenant

Question 3

These optional group components of the Azure hierarchy can be used to group multiple subscriptions

Answer 3

Management Groups

Question 4

This billing an access isolation boundary also has it’s own billing agreement

Answer 4

Subscription

Question 5

This component of the Azure management hierarchy is used to collate resources that have the same purpose or lifecycle

Answer 5

Resource Groups

Question 6

This manages the “who” of Azure IAM, managing Azure identities

Answer 6

Azure Active Directory

Question 7

This controls the “can do what” in Azure, providing fine grained access control to Azure resources

Answer 7

Azure Role-Based Access Control

Question 8

The general term referring to a user, service, or other authenticated identity in Azure

Answer 8

Security Principle

Question 9

These are a collection of permissions that can be assigned to security principles to grant or deny access

Answer 9

Roles

Question 10

Two components of logs in Azure Monitor

Answer 10

Activity: who created what when?
OS Logs

Question 11

Two components (stores) of Azure Monitor

Answer 11

Logs
Metrics

Question 12

Azure VM capability that consistent replicates a VM in one AZ to another

Answer 12

Availability Set

Question 13

Azure Compute configuration that cna scale up and down copies of a virtual machine

Answer 13

Scale aet

Question 14

Azure equivalent of VPC

Answer 14

Virtual Network (VNET)

Question 15

Can VNETS span regions?

Answer 15

No

Question 16

Azure’s all purpose storage solution providing 5 main types of options

Answer 16

Storage Accounts

Question 17

The level in the hierarchy where Storage Accounts live

Answer 17

Within Resource Groups

Question 18

Object store in Azure

Answer 18

Blob storage

Question 19

Network file share in Azure

Answer 19

Files

Question 20

EBS in Azure

Answer 20

Disks

Question 21

Messaging Services in Storage Accounts

Answer 21

Queues

Question 22

Temporary NoSQL service available in Storage Accounts

Answer 22

Tables…gradually moving this to Cosmos DB

Question 23

Command line interface with persistent storage available in Azure mobile app, Azure console, and web browser

Answer 23

Azure Cloud Shell

Question 24

Similar to AWS Cli, enables easier automation

Answer 24

Azure CLI

Question 25

Enable Azure management through familiar Powershell interface

Answer 25

Azure Powershell

Question 26

The two runtimes available within cloud shell

Answer 26

Bash
Powershell

Question 27

Two or more data centers fiber connected but independently powered

Answer 27

Region

Question 28

Newer regions are likely to have fewer of these

Answer 28

Available services

Question 29

Paired Region

Answer 29

Each region in Azure is paired with another in the same geographical region, except Brazil South

Question 30

Benefits of a paired region

Answer 30

Outage failover - you can failover to a region pair of yours is down

Planned updated - only one region in a pair is upgraded at a time

Replication - Certain services provide automatic data replication

Question 31

Minimum number of AZs in a region

Answer 31

3

Question 32

Zonal vs Zone Redunant services

Answer 32

Azure availability zones-enabled services are designed to provide the right level of resiliency and flexibility. They can be configured in two ways. They can be either zone redundant, with automatic replication across zones, or zonal, with instances pinned to a specific zone. You can also combine these approaches.

Question 33

How many resource groups can an Azure resource be in at a time?

Answer 33

1

Question 34

Can resources from different regions be in the same resource group?

Answer 34

Yes

Question 35

Why do you have to select a region for a resource group?

Answer 35

The resource group has metadata and management stuff that needs to live somewhere.

Question 36

Resource group deletion

Answer 36

When a resource group is removed or deleted, all of the resources within it are deleted with it. You can remove resource groups at any time. To delete a resource group, you need access to the delete action. You also need delete for all resources in the resource group. If you have the required access, but the delete request fails, it may be because there’s a lock on the resources or resource group. Even if you didn’t manually lock a resource group, it may have been automatically locked by a related service. Or, the deletion can fail if the resources are connected to resources in other resource groups that aren’t being deleted. For example, you can’t delete a virtual network with subnets that are still in use by a virtual machine.