Describe Azure compute and networking services Flashcards
What cloud service model would a VM fall under?
Infrastructure as a service (IaaS).
With a VM being infrastructure as a service (IaaS), what would the tenant be responsible for?
Configuring, updating, and maintaining software on the VM.
How can multiple identical VMs be created?
Preconfigured VM image; A template used to create a VM and may already include an OS and other software.
Define ‘Azure Virtual Desktop’
Desktop and application virtualization service that enabling you to use a cloud-hosted version of Windows.
Define a ‘container’
A bundle of application code with all the files and libraries it needs to run on any infrastructure.
What is the benefit of an azure function?
Ideal when you’re only concerned about the code running your service and not about the underlying platform or infrastructure.
How do azure functions operate?
Runs your code when it’s triggered and automatically deallocates resources when the function is finished.
What are the two forms of azure functions?
- Stateless
- Stateful
Define a stateless azure function
Behave as if they’re restarted every time they respond to an event; does not retain information about previous processes.
Define a stateful azure function
The function can store, record, and return to already established information and processes.
Define the ‘azure app service’
Enables you to build and host web apps, background jobs, and RESTful APIs in any programming language without managing infrastructure.
How does the azure app service integrate with code repositories?
Enables automated deployments from GitHub, Azure DevOps, or any Git repo.
How does azure manage the infrastructure that supports an app service?
Secured endpoints; Integrated deployment/management; Load balancing; Scalability.
What is the purpose of virtual networking in azure?
Enables azure resources to communicate with each other, the internet, and with on-premises infrastructure.
What are the three ways to link an azure network with an on-premises network?
- Point-to-site VPN
- Site-to-site VPN
- Azure ExpressRoute
Define ‘Azure ExpressRoute’ gateway
A direct/private connection between on-premises infrastructure and Microsoft cloud services.
How can network traffic be filtered in azure?
Network security groups; network virtual appliances.
Define a network security group
Azure resources that can contain multiple inbound and outbound security rules.
Define a network virtual appliance
VMs that carry out a particular network function, such as firewall or performing WAN optimization.
Define ‘virtual network peering’
Creates a direct/private connection between two virtual networks on the Microsoft backbone that will never travel the internet.
What function allows you to control routing tables between subnets within a virtual network or between virtual networks?
User-defined routes (UDR).
When deploying a VPN gateway, how many can be in one virtual network?
You can deploy only one VPN gateway in each virtual network; Once gateway can be used to connect multiple locations.
What are the two types of VPN gateways?
- Policy-based
- Route-based
Define how a ‘policy-based’ VPN gateway functions
An encrypted tunnel is created when source, destination, interface, application, and action, match a policy.
Define how a ‘route-based’ VPN gateway functions
You have to create tunnels specifying all IPSec-related settings, add routes for remote networks, create Security rules to allow traffic.
What are the best use cases for a route-based VPN?
- Connections between virtual networks
- Point-to-site connections
- Multisite connections
- Coexistence with an Azure ExpressRoute gateway
How are VPN gateways made to be fault tolerant?
By default, VPN gateways are deployed as two instances in an active/standby configuration; zone-redundant gateways; Active/Active.
What is the connection between on-prem and azure called when using ExpressRoute?
ExpressRoute Circuit.
How can on-prem sites be connected using ExpressRoute?
If two sites have existing independent ExpressRoute to azure, they can establish an additional ExpressRoute between each other.
Define a ‘point-to-point’ ExpressRoute
Using a point-to-point connection to connect your facility to the Microsoft cloud.
Define an ‘any-to-any’ ExpressRoute
Integrate your wide area network (WAN) with Azure by providing connections to your offices and datacenters.
Define ‘Azure DNS’
DNS hosting service for DNS domains that provides name resolution by using Microsoft Azure infrastructure.
Where is Azure DNS hosted?
On Azure’s global network of DNS name servers.
How dos Azure DNS ensure efficiency?
Uses anycast networking, so each DNS query is answered by the closest available DNS server.
How can the security of Azure DNS be managed by a tenant?
Azure role-based access control; Activity logs; Resource locking.
Can Azure DNS provide service for external resources?
Yes.
How does Azure DNS provide customizable DNS?
Supports private DNS domains; Allows you to use your own custom domain names in your private virtual networks.
Define an ‘alias record set’
Used to refer to an Azure public IP address, an Azure Traffic Manager profile, or an Azure Content Delivery Network (CDN) endpoint.
Define the function of an alias record set
The alias record set points to the service instance and the service instance is associated with an IP address.
Define the purpose of an alias record set
If the IP address of the underlying resource changes, the alias record set seamlessly updates itself during DNS resolution.
Which Azure Virtual Machine feature staggers updates across VMs based on their update domain and fault domain?
Availability sets.
What can you use to connect Azure resources, such as Azure SQL databases, to an Azure virtual network?
Service endpoints are used to expose Azure services to a virtual network, providing communication between the two.
