Core Azure Architectural Components

Question 1

Describe the benefits and usage of Regions

Answer 1

Each Azure region features datacenters deployed within a latency-defined perimeter. They’re connected through a dedicated regional low-latency network. This design ensures that Azure services within any region offer the best possible performance and security.

Question 2

Describe the benefits and usage of Region Pairs

Answer 2

An Azure Region Pair is a relationship between 2 Azure Regions within the same geographic region for disaster recovery purposes. If one of the regions were to experience a disaster or failure, then the services in that region will automatically failover to that regions secondary region in the pair.

Question 3

Describe the benefits and usage of Availability Zones

Answer 3

Azure availability zones are physically separate locations within each Azure region that are tolerant to local failures. Failures can range from software and hardware failures to events such as earthquakes, floods, and fires. Tolerance to failures is achieved because of redundancy and logical isolation of Azure services. To ensure resiliency, a minimum of three separate availability zones are present in all availability zone-enabled regions.

Question 4

Describe the benefits and usage of Resource Groups

Answer 4

A resource group is a container that holds related resources for an Azure solution. The resource group can include all the resources for the solution, or only those resources that you want to manage as a group. You decide how you want to allocate resources to resource groups based on what makes the most sense for your organization. Generally, add resources that share the same lifecycle to the same resource group so you can easily deploy, update, and delete them as a group.

The resource group stores metadata about the resources. Therefore, when you specify a location for the resource group, you are specifying where that metadata is stored. For compliance reasons, you may need to ensure that your data is stored in a particular region.

First management group is called the ROOT management group

Question 5

Describe the benefits and usage of Subscriptions

Answer 5

An Azure subscription is linked to a single account, the one that was used to create the subscription and is used for billing purposes. Within the subscription, resources can be provisioned as instances of the many Azure products and services.
You can have more than one subscription, and many organizations do, often for billing purposes, since each subscription generates its own set of billing reports and invoices. Or, separate subscriptions can be used simply to isolate the development and testing environment from production. The person who creates an Azure subscription becomes the global administrator for that subscription and has full access to every aspect of that subscription, but only that subscription. So, separate subscriptions can also be a way to create a division of responsibility for Azure services.

Question 6

Describe the benefits and usage of Management Groups

Answer 6

If your organization has many subscriptions, you may need a way to efficiently manage access, policies, and compliance for those subscriptions. Azure management groups provide a level of scope above subscriptions. You organize subscriptions into containers called “management groups” and apply your governance conditions to the management groups. All subscriptions within a management group automatically inherit the conditions applied to the management group. Management groups give you enterprise-grade management at a large scale no matter what type of subscriptions you might have. All subscriptions within a single management group must trust the same Azure Active Directory tenant.

Question 7

Describe the benefits and usage of Azure Resource Manager

Answer 7

Azure Resource Manager is the deployment and management service for Azure. It provides a management layer that enables you to create, update, and delete resources in your Azure account. You use management features, like access control, locks, and tags, to secure and organize your resources after deployment.

Also known as ARM templates

Question 8

Explain Azure resources

Answer 8

Azure Resources Groups are logical collections of virtual machines, storage accounts, virtual networks, web apps, databases, and/or database servers. Organizations can use subscriptions to manage costs and the resources that are created by users, teams, or projects. A subscription is essentially a billing unit.

Question 9

Azure Virtual Machines

Answer 9

An Azure virtual machine is an on-demand, scalable computer resource that is available in Azure. Virtual machines are generally used to host applications when the customer requires more control over the computing environment than what is offered by other compute resources.

Question 10

Azure App Services

Answer 10

An HTTP-based service for hosting web applications, REST APIs, and mobile back ends. You can develop in your favorite language, be it . NET, . NET Core, Java, Ruby, Node

Question 11

Azure Container Instances (ACI)

Answer 11

Run Docker containers on-demand in a managed, serverless Azure environment. Azure Container Instances is a solution for any scenario that can operate in isolated containers, without orchestration. Run event-driven applications, quickly deploy from your container development pipelines, and run data processing and build jobs.

Question 12

Azure Kubernetes Service (AKS)

Answer 12

Deploy and manage containerized applications more easily with a fully managed Kubernetes service. Azure Kubernetes Service (AKS) offers serverless Kubernetes, an integrated continuous integration and continuous delivery (CI/CD) experience, and enterprise-grade security and governance. Unite your development and operations teams on a single platform to rapidly build, deliver, and scale applications with confidence.

Kubernetes is an open-source container orchestration system for automating software deployment, scaling, and management. Originally, Google designed Kubernetes, but now, the Cloud Native Computing Foundation maintains the project.

Question 13

Azure Virtual Desktop

Answer 13

Azure Virtual Desktop is a desktop and app virtualization service that runs on the cloud.

Here’s what you can do when you run Azure Virtual Desktop on Azure:

Set up a multi-session Windows 10 deployment that delivers a full Windows 10 with scalability
Virtualize Microsoft 365 Apps for enterprise and optimize it to run in multi-user virtual scenarios
Provide Windows 7 virtual desktops with free Extended Security Updates
Bring your existing Remote Desktop Services (RDS) and Windows Server desktops and apps to any computer
Virtualize both desktops and apps
Manage Windows 10, Windows Server, and Windows 7 desktops and apps with a unified management experience

Question 14

Azure Virtual Networks

Answer 14

Azure Virtual Network (VNet) is the fundamental building block for your private network in Azure. VNet enables many types of Azure resources, such as Azure Virtual Machines (VM), to securely communicate with each other, the internet, and on-premises networks. VNet is similar to a traditional network that you’d operate in your own data center, but brings with it additional benefits of Azure’s infrastructure such as scale, availability, and isolation.

Question 15

Azure VPN Gateway

Answer 15

A virtual network gateway is composed of two or more VMs that are automatically configured and deployed to a specific subnet you create called the gateway subnet. The gateway VMs contain routing tables and run specific gateway services. You can’t directly configure the VMs that are part of the virtual network gateway, although the settings that you select when configuring your gateway impact the gateway VMs that are created.

Question 16

Azure Virtual Network Peering

Answer 16

Virtual network peering enables you to seamlessly connect two or more Virtual Networks in Azure. The virtual networks appear as one for connectivity purposes. The traffic between virtual machines in peered virtual networks uses the Microsoft backbone infrastructure. Like traffic between virtual machines in the same network, traffic is routed through Microsoft’s private network only.

Azure supports the following types of peering:

Virtual network peering: Connect virtual networks within the same Azure region.
Global virtual network peering: Connecting virtual networks across Azure regions.
The benefits of using virtual network peering, whether local or global, include:

A low-latency, high-bandwidth connection between resources in different virtual networks.
The ability for resources in one virtual network to communicate with resources in a different virtual network.
The ability to transfer data between virtual networks across Azure subscriptions, Azure Active Directory tenants, deployment models, and Azure regions.
The ability to peer virtual networks created through the Azure Resource Manager.
The ability to peer a virtual network created through Resource Manager to one created through the classic deployment model. To learn more about Azure deployment models, see Understand Azure deployment models.
No downtime to resources in either virtual network when creating the peering, or after the peering is created.

Question 17

Azure ExpressRoute

Answer 17

ExpressRoute lets you extend your on-premises networks into the Microsoft cloud over a private connection with the help of a connectivity provider. With ExpressRoute, you can establish connections to Microsoft cloud services, such as Microsoft Azure and Microsoft 365.

Connectivity can be from an any-to-any (IP VPN) network, a point-to-point Ethernet network, or a virtual cross-connection through a connectivity provider at a colocation facility. ExpressRoute connections don’t go over the public Internet. This allows ExpressRoute connections to offer more reliability, faster speeds, consistent latencies, and higher security than typical connections over the Internet. For information on how to connect your network to Microsoft using ExpressRoute

Question 18

Container (Blob) Storage

Answer 18

A container organizes a set of blobs, similar to a directory in a file system. A storage account can include an unlimited number of containers, and a container can store an unlimited number of blobs

Question 19

Azure Disk Storage

Answer 19

Designed to be used with Azure Virtual Machines and Azure VMware Solution (in preview), Azure Disk Storage offers high-performance, durable block storage for your mission- and business-critical applications. Confidently migrate to Azure infrastructure with four disk storage options for the cloud – Ultra Disk Storage, Premium SSD, Standard SSD and Standard HDD – to optimise costs and performance for your workload. Get high performance with sub-millisecond latency for throughput and transaction-intensive workloads such as SAP HANA, SQL Server and Oracle.

Question 20

Azure File Storage

Answer 20

Azure Files is an Azure File Storage service you can use to create a file share in the cloud. It is based on the Server Message Block (SMB) protocol and enables you to access files remotely or on-premises via API through encrypted communications. Azure Files is designed for sharing files, development or debugging tools, and applications that rely on native file systems.With Azure Files, you can create and manage your file shares using the built-in UI, through the Azure CLI or PowerShell. Each file share is limited to 5TB but you can operate multiple shares.

Question 21

Azure storage tiers

Answer 21

Data stored in the cloud grows at an exponential pace. To manage costs for your expanding storage needs, it can be helpful to organize your data based on how frequently it will be accessed and how long it will be retained. Azure storage offers different access tiers so that you can store your blob data in the most cost-effective manner based on how it is being used. Azure Storage access tiers include:

Hot tier - An online tier optimized for storing data that is accessed or modified frequently. The Hot tier has the highest storage costs, but the lowest access costs.

Cool tier - An online tier optimized for storing data that is infrequently accessed or modified. Data in the Cool tier should be stored for a minimum of 30 days. The Cool tier has lower storage costs and higher access costs compared to the Hot tier.

Archive tier - An offline tier optimized for storing data that is rarely accessed, and that has flexible latency requirements, on the order of hours. Data in the Archive tier should be stored for a minimum of 180 days.

Azure storage capacity limits are set at the account level, rather than according to access tier. You can choose to maximize your capacity usage in one tier, or to distribute capacity across two or more tiers.

Question 22

Cosmos DB

Answer 22

Azure Cosmos DB is a fully managed NoSQL database for modern app development. Single-digit millisecond response times, and automatic and instant scalability, guarantee speed at any scale. Business continuity is assured with SLA-backed availability and enterprise-grade security. App development is faster and more productive thanks to turnkey multi region data distribution anywhere in the world, open source APIs and SDKs for popular languages. As a fully managed service, Azure Cosmos DB takes database administration off your hands with automatic management, updates and patching. It also handles capacity management with cost-effective serverless and automatic scaling options that respond to application needs to match capacity with demand.

Question 23

Azure SQL Database

Answer 23

Azure SQL Database is a fully managed platform as a service (PaaS) database engine that handles most of the database management functions such as upgrading, patching, backups, and monitoring without user involvement. Azure SQL Database is always running on the latest stable version of the SQL Server database engine and patched OS with 99.99% availability. PaaS capabilities that are built into Azure SQL Database enable you to focus on the domain-specific database administration and optimization activities that are critical for your business.

With Azure SQL Database, you can create a highly available and high-performance data storage layer for the applications and solutions in Azure. SQL Database can be the right choice for a variety of modern cloud applications because it enables you to process both relational data and non-relational structures, such as graphs, JSON, spatial, and XML.

Question 24

Azure Database for MySQL

Answer 24

Azure Database for MySQL is a relational database service powered by the MySQL community edition.You can use either Single Server or Flexible Server to host a MySQL database in Azure. It’s a fully managed database as a service offering that can handle mission-critical workloads with predictable performance and dynamic scalability.

Question 25

Azure Database for PostgreSQL

Answer 25

Azure Database for PostgreSQL is a relational database service based on the open-source Postgres database engine. It’s a fully managed database-as-a-service that can handle mission-critical workloads with predictable performance, security, high availability, and dynamic scalability.

Question 26

SQL Managed Instance

Answer 26

Azure SQL Managed Instance is the intelligent, scalable cloud database service that combines the broadest SQL Server database engine compatibility with all the benefits of a fully managed and evergreen platform as a service. SQL Managed Instance has near 100% compatibility with the latest SQL Server (Enterprise Edition) database engine, providing a native virtual network (VNet) implementation that addresses common security concerns, and a business model favorable for existing SQL Server customers. SQL Managed Instance allows existing SQL Server customers to lift and shift their on-premises applications to the cloud with minimal application and database changes. At the same time, SQL Managed Instance preserves all PaaS capabilities (automatic patching and version updates, automated backups, high availability) that drastically reduce management overhead and TCO.

Question 27

Azure Marketplace

Answer 27

Azure Marketplace is an online store that contains thousands of IT software applications and services built by industry-leading technology companies. In Azure Marketplace you can find, try, buy, and deploy the software and services you need to build new solutions and manage your cloud infrastructure. The catalog includes solutions for different industries and technical areas, free trials, and also consulting services from Microsoft partners.