Exam 70-534 Flashcards
1
Q
What is a key strategy to improve service availability in the cloud?
A
Reduce MTTR (Mean Time to Recover)
2
Q
What are 2 ways to avoid service throttling limits?
A
Application level caching
CDN
3
Q
Azure has been verified for what 4 compliance programs?
A
ISO 27001/27002
FedRAMP
HIPPAA
EU Model Clauses
4
Q
How does a service qualify for SLA?
A
Must use availability set with at least 2 instances (running same functions)
5
Q
A VM can have 4 types of IP addresses associated with it, name them?
A
Public virtual IP - VIP
Dynamic private IP - DIP
Static Public IP
Static privateip
6
Q
What are the 3 default tags for an NSG?
A
VIRTUAL_NETWORK - all network address space on VNET
AZURE_LOADBALANCER - ip addresses from which health probes originate
INTERNET - all IP addresses outside the VNET
7
Q
Name the 5 NSG rule fields or pairs?
A
Source ip/source port Target ip/target port Protocol (tcp,udp or all) Priority Access
8
Q
What are the 4 ACL rule fields?
A
Number
Remote subnet
Endpoint
Permit/Deny
9
Q
What is CIDR?
A
Classless Internet Domain Routing
Short hand notation for subnet mask. 255.0.0.0 uses 8 bits so its /8 and 255.255.0.0 uses 16 bits so its /16
Ex: 10.0.0.0/8 is ip of 10.0.0.0 with subnet mask 255.0.0.0
10
Q
Why can performance of large virtual networks suffer?
A
Like a large network of roads, packets collide and slow down. Subnets can help control and limit traffic.
11
Q
If you borrow 3 bits from the host id for the network id how many subnets can you create?
A
8 = 2 raised to power of 3
0, 32, 64, 96, 128, 160, 196, 224
So 10.32.0.0 would be first address on second subnet
12
Q
Each VM has at least 2 associated ip addresses, what are they?
A
A public facing virtual ip
Internal dynamic ip
13
Q
Where does a vip come from?
A
A public pool of ip addresses managed by microsoft. (Not assigned directly to vm , is assigned to cloud service)
14
Q
What is a PIP?
A
An instance level public IP that is assigned directly to a VM. Appropriate for large workloads that use a lot of ports.
15
Q
When you create a vm on azure what is accessible by default?
A
Remote desktop and powershell for windows instances
Ssh for linux
16
Q
What is an endpoint?
A
An ip address and port
17
Q
A VM has VIP and a DIP. The VIP is associated with load balancer which forwards it to?
A
DIP with a private port on a VM
18
Q
The FQDN name is specified by?
A
The name of the cloud service
19
Q
Endpoints are for public access, why are they not needed for private access?
A
Each machine in vnet can already talk to each other
20
Q
What VM series is for general compute?
A
A series A0 = extra small A1 = small A2 = medium A3 = large A4 = extra large
21
Q
What is windows power shell DSC?
A
Desired state configuration
Instead of building the configuration you specify what the desired end state should be in script
22
Q
What is Custom Script Extension?
A
Downloads run scripts from Azure blob storage
23
Q
What compute series should be used for high performance IO?
A
DS series
24
Q
How many drives can you attach to a standard_G5 series vm?
A
64
25
What is the format of an Azure Resource Template?
JSON
26
What 4 technologies can help manage consistent state of VMs?
Custom Script Extension (cse)
Chef or Puppet
Azure Automation (using Azure Resource Templates)
Containerization
27
What are 3 methods of connecting to a hybrid cloud?
Point to site vpn - vpn client to any vm or cloud service
Site to site vpn - extends local network to cloud
Express route - connects on prem data centers to azure data centers
28
Can you connect 2 azure vnets with a vpn connection?
Yes
29
How do you connect multi-site connections to allow multiple on-prem networks?
Azure virtual network gateway (hub and spoke)
| Image of 2 on-prem networks each using a vpn device to connect to a gateway in cloud
30
What is service bus relay?
Allows a local wcf service to register a relay endpoint to allow access
31
What is Express Route?
A private dedicated connection between on prem data center and azure data center
32
What is the max bandwidth of express route?
10 gbps
33
What protocol does site to point vpn use?
SSTP Secured Socket Tunneling Protocol
34
What are the limitations of site to point vpn?
Because each site connects through a gateway, you are limited by the number of s2s tunnels the gateway supports
35
What do you need for site 2 site vpn connections?
A public facing ipv4 address and a compatible vpn device or RRAS running on win server 2012 , works both ways
36
What are the 2 ways to use Express Route to connect to Azure?
Connect Azure through an exchange provider location
| Connect Azure through a network service provider
37
Traffic manager can route traffic based on what?
Availability and performance
38
What 3 methods can traffic manager use to decide which edpoints to route traffic?
Round-robin
Failover
Performance
39
What protocols are accepted by Azure AD?
Ws-federation
Saml 2.0
OpenID connect
40
To ensure confidentiality, integrity, and authenticity of security tokens what 4 techniques can be used?
HTTPS
Digital signature
Encryption
Token expiration
41
To interact with AAD objects what are the 2 options?
Graph API
| ADAL and AD graph client library
42
In a claims based architecture what issues security tokens?
Identity Provider
43
What is a claims based architecture?
A system design that uses an external party to manage identities
44
What is a securable identity?
A user, application or service identity that makes service requests
45
What is a claim
An assertion made on an attribute of an entity
46
What is a security token?
A collection of claims
47
What is a service provider in context of claims architecture?
A relying party that relies on third party manage identities on its behalf
48
What does an identity provider do?
Authenticates entities and issues security tokens to relying parties. The relying party can use claims in the token for authorization
49
What is a trust relationship?
Ties an identity provider and service provider together
50
What other services beyond identity provider does AAD provide?
Multi-factor authentication
Centralized application access panel to manage access to SaaS applications
An app proxy yo manage access for remote access to on prem services
Graph api to interact directly with AD objects
51
What is ADAL?
Azure AD Authentication Library - facilitates authentication with both cloud and on-prem directories, automatically refreshes expired access tokens
52
What 3 tiers are AAD offered in?
Free
Basic
Premium
Last 2 only available through enterprise licensing, come with sla, mfa, reports, machine learning
53
Difference between ADDS and AAD?
Use different protocols such as kerberos, ldap vs saml2 wsfederation, openid connect, graph api
No forests, domains, ou's
54
What 3 parties are involved in a basic claims based Authentication workflow for a web app?
User Agent (Browser)
Identity Provider
Service Provider
55
What 4 parties are involved for oAuth 2.0 native app auth workflow?
User Agent (Native app)
Authorization Service
Token Service
Service Provider
56
What 5 parties are involved in a multi-tiered application workflow sometimes referred o as a trusted sub-system?
```
User Agent (native app)
Authorization Service
Token Service
Front End
Business Tier
```
57
What does ADFS allow you to do?
Allow cloud based apps to use on premises ADDS user credentials to authenticate using standard protocols and SAML tokens
58
What is advantage of using Directory Syncing with AdFS?
Centralized management plane
| Monitoring, analysis and self serve capabilities
59
What are 3 methods of syncing aad and on prem adds?
AAD Sync
DirSync
FIM /AAD connector
60
What are 3 core concepts of DirSync?
Connector space
Metaverse
Sync rules
61
What does AD Application Proxy do?
Expose on prem applications to the cloud
62
When you have 2 accounts representing same user in different forests with same email what is best way to handle?
Use matching rules ro match both accounts by email address
63
Name 4 identity providers supported by ACS
Microsoft account
Facebook
Yahoo
AD FS
64
What can you do by defining claim rules?
Claim types can be changed during token transformation
Change claim values
Pass through
65
During auth workflow what roles does ACS play?
Auth broker
Identity provider
Relying party
66
What does a claim rule do?
Defines how a claim from identity provider should be transformed
67
What is OWIN?
Open spec that defines layer between web servers and web apps
68
What is middleware?
Layers of components that are chined together into a pipeline before they reach the application. Ex: authentication, logging, ...
69
What do you need to do before enabling social network as an identity provider?
Register app with provider and retrieve token/username, secret ...
70
Name 3 Azure solutions for backup and recovery?
Backup
StorSimple
Site recovery
71
Name the 4 storage replication models supported by Azure.
Locally redundant storage (LRS)
Zone Redundant Storage (ZRS)
Geo-redundant Storage (GRS)
Read-Access Geo-Redundant Storage (RA-GRS)
72
What 4 types of storage does Azure Storage offer?
BLOB Storage
Table Storage (no sql key value)
Queue Storage
File Storage
73
Does Azure provide an out of box encryption feature for Azure Storage?
Nope
74
How many keys does each storage account have?
2 - primary and secondary
75
What level of protection do Shared Access Keys (SAS) provide?
Direct Access to containers, BLOBs, queues, tables, table rows with R/W with a span of time
76
What do Shared Access Policies (SAP) allow you to do?
Manage SASs in bulk
77
What roles do AAD support?
GBPUS + user
78
What 3 roles does AZ service bus support?
Admin, receiver, sender
79
How many replicas does Azure SQL have at any given time?
3
80
Where does AZ SQL automatically store your most recent backups?
A different geo-graphical location
81
Where does AZ SQL store your backups when using Active geo-replication?
4 geo-replicated live secondaries
82
What does Azure Rights Management do?
Data access travels with you data
Encryption/ decryption
Manage and track key distributions
Key management and data access policies
83
What is Azure Key vault?
Protects keys and secrets in cloud with a Hardware Security Module
84
To join a device to a workplace which Azure service should be used?
Device registration servicewh
85
What are 4 self service features of AAD?
Reset password
Manage group members
Request to join a group
Invite external members
86
What are the 4 types of storage in a storage account?
Blob
Table
Queue
File share
87
What are queues used for?
Decouple components of a system (scalability)
88
What is table storage used for?
Use to store structured non relational data
89
What is blob data used for?
Stores large amounts of unstructured data
90
What is file storage for?
Shared storage that uses SMB (server message block) 2.1 or api
91
How big of a db can az sql store?
500 gb
92
What does sql azure not have?
```
Sql agent
Sql profiler
Native encryption service broker
CLR
distributed transactions or views
```
93
Howmuch data can document db store per capacity unit?
10gb, 2000 reads per second
94
What is needed to access storage accounts?
Account name and access keys
SAS
Shared access policy
95
AZ SQL tier storage sizes?
Basic - 2gb
Standard - 250 gb
Premium - 500 gb
96
What are max dtu, database size, worker threads, sessions for all 3 tiers?
```
Basic = 5 dtu, 2gb size, 30 threads, 300 sessions
Standard = 100 dtu, 250 gb, 200 threads, 2400 sessions
Premium = 800 dtu, 500 gb, 1600 threads, 19,200 sessions
```
97
What are 3 main features of mobile services?
- create a proxy to a data source
- authentication with builtin support for social providers and ad
- push notifications to all mobile platforms
98
What are the 2 basic steps to consume mobile services on any platform?
Add reference to mobile service client
| Create an instance of MobileServiceClient that points to url of service and uses application key
99
What are the 4 modes for api auth in a mobile service?
- application key (only for dev)
- everyone
- authenticated users (user id and matching auth token)
- admins and other scripts (master key)
100
What are the six elements of an azure resource template?
```
$schema
Content version
Parameters
Variables
Resources
Outputs
```
101
What is the difference between the push notification directly in mobile services and using the notification hub?
Hub is much larger scale
102
Each notification platform requires an api key, certificate or secret, where do you get them?
Obtain from the dev store account
103
What are some of the advantages of notification hubs?
- supports more device types
- avoid storing device info in mobile service
- register and use tags to work with large groups
- can use templates to push specific data
- set up triggers for sensitive data
104
Basic and standard azure websites can be scaled out to how many instances?
3 and 10
105
Autoscaling is only available at what level?
Standard
106
What is a webjob?
A script or executable that run in a website to handle long running jobs
107
What file types can webjobs use?
- cmd, bat, exe (windows)
- ps1 (powershell)
- sh (bash)
- php
- py (python)
- js (node)
108
If a webjob needs to have additional files for data or dlls what fo you do?
zip and upload all the files
109
What 3 modes can webjobs run in?
Continuously
Scheduled
On demand
110
If a webjob is setup to run continuously how should it be written?
In a continuous loop or use the Webjob sdk
111
Continuous webjobs will run on how many instances of your site?
All by default, can be configured to run on a single
112
How many copies run for on demand or scheduled webjobs run on?
A single copy
113
How can you deploy webjobs?
Management portal (required for scheduled)
Preview management portal?
Ftp (app_data/jobs folder)
114
What are 3 methods of securing a WebAPI?
Azure AD
AD FS
ACS (Azure Access Control Service)
115
If you have an Webapi app only for company intranet how should you secure it?
Windows Auth
116
How can you set up a mobile service or web site to an on-prem database?
Use Biztalk api hybrid connector
117
What does service bus relay do?
Securely expose on-prem WCF services to public cloud
118
What is the max number of networks you can connecting via vpn to other networks?
10
119
What are the 2 ways you can join VMs and cloud services to domain
Windows power shell
| Add code to cloud service itself
120
When adding code to join a domain to cloud service, what entry point do you use?
RoleEntryPoint
121
What are 2 ways join vms to a domain?
Manual
| Powershell
122
What 2 security models does Media Services support?
AES Clear Key dynamic encryption
| Playready DRM Technology
123
What 2 steps are needed to set up live streaming?
Configure a channel
| Add a program to it
124
What does Media Indexer do?
Make media files searchable
| Transcript for close captioning
125
What is immediate consistency vs eventual?
When an entity is updated all servers will have a consistent view for everyone or for eventual can see different data until synced
126
Pessimistic concurrency vs optimistic
Pessimistic uses a lock on data vs assuming it wont be in use
127
What are typical usage of data types for sql, blob, no sql, azure search?
Sql for transactional
Azure blob storage for large binary files
Document db for loosely structured data
Azure search for indexing free-text files
128
What is layered storage?
Frequently queried stays in cache while cold data is stored in cheaper storage
129
How many replicas does Azure storage use by default?
3 across different geo-graphic regions
130
How does sql azure protect its data?
Data is backed by multiple active secondaries that automatically step in
131
What is a common practice to scaled data stores?
Sharding
132
What are 4 components of a big data solution?
Event hubs
Stream analytics
Machine learning
Power bi
133
What are 4 azure services you can use to connect on-premise resources?
Biztalk API hybrid connector
Service bus relay
Azure app proxy
Azure virtual network
134
What is a basic way to troubleshoot website in azure?
Monitor
135
What is Site Control Manager?
SCM is a tool for debugging website
136
What languages does Azure support?
```
.net
Java
Node
Php
Python
(Ruby not in app service)
```
137
What was App Service web apps called previously?
Azure websites
138
Web apps and web sites are same thing?
True
139
Cloud Services are the old and first way to create a website, what components did they have?
Web Roles, Worker Roles
| WCF service web role
140
What are azure site extensions?
A feature of appservices that allow you to create and deploy custom admin functionality
141
A web deploy package includes what?
A cmd file that can be customized
All the files zipped
A couple xml files for changing params
Readme.txt file
142
What is an app service plan?
A way to group apps and services so they can logically be scaled and managed together
143
How does a slot swap work?
Exchanges only pointers and names
144
What are the ways of deploying to an app service?
Web deploy - visual studio
Ftp
Source control
Dropbox
145
What is elastic scale for db?
Same as shards
146
What is sql sync?
Allows az sql to sync data to other db's, not a replacement for replication
147
what is sql geo-replication?
Sets up replica databases in other data centers for dr. Requires standard or higher
148
What tier is backup and restore for web apps available?
Standard or higher
149
What is system center?
```
A suite of tools for managing and monitoring systems. There are 8 tools:
Operations manager (SCOM
Config manager
Virtual machine manager
Orchestrator
Data protection manager
Service mananger
App controller
Endpoint protection
```
150
What is a cloud distribution point?
Allows you to update to azure vm's directly
151
What is the fastest nd easiest way to deploy all or most components of system center?
Powershell deployment toolkit
152
Azure site recovery can manage replication and orchestration of site failres
True
153
Using azure with system center data protection manager to store off site data can shorten data recovery time and complexity
True
154
What are some third party cloud monitoring tools?
CloudNinja
New Relic
AzureWatch
AppDynamics
155
What is Global Service Monitor?
An Azure cloud service used to monitor availability of public websites
156
What is application insights?
Displays metrics for app service
157
What is RPO/
Recovery point objective - max time data loss can occur
158
What is RTO?
Recovery time objective - amount of time a system can be unavailable
159
What are SLAs for compute, sql, storage?
Compute 99.95 / 21.6 min
Sql 99.9 /43.2
Storage 99.9 / 43.2
160
In Azure PowerShell, what does OB stand for?
Online Backup
Examples: Get-OBPolicy retrieves current backup policy which includes the schedule
Start-OBBackup -Policy $policy -Force executes a backup now
161
What workloads does Data Protection Manager support?
Server backups - volumes, files, folders, shares
Client backups - files, folders, shares
SQL server
Sharepoint - farms, db, front end web servers
Hyper-V VM, hosts, vhd, files, folders, volumes
Guest-level backup of VM - application level
Exchange
162
Be aware that hosting Data Protection Manager in Azure limits you to 16 volumes on a drive
True
163
What protocol does StorSimple use to link data storage?
ISCSI so storage in Azure is presented as locally attached volumes
164
What is best use case for StorSimple?
Use when you want local storage that is very fast and scalable for tiering data in Azure
165
When is Data Protection Manager a best use case?
When a restore needs to happen before accessing data (no live-access)
166
What type of backup and restore is possible with Azure backup?
Block level backup with file restore
167
What Power shell commands can be used to authenticate PS to Azure?
Add-AzureAccount
Get-AzurePublishSettingsFile
Import-AzurePublishSettingsFile
168
Does the publishSettingsFile have certificate credentials embedded in it?
Yes, delete after use
169
What does Get-AzureAccount cmdlet do?
List accounts of which Windows PowerShell is aware
170
What does Remove-AzureAccount do?
Removes an Azure account from PS, not Azure
171
What does Get-Help -example cmdlet do?
Gets help and example scripts to run a command
172
After authenticating to Azure with PS what do you need to do?
Set the subscription with Set-AzureSubscription
| Could be helpful to call Get-AzureSubscription to get list
173
Basic PS constructs
$ is a variable
$_ is THIS token
| pipe is take output and pass it to another command for chaining
' back tick is continue command on next line
# is single line comment
## multi line comment
$() is evaluate sub expression in parens
174
Built in PS variables
$true, $false, $PSVersionTable, $HOME
175
Primary commands for working with VMs
Get-AzureVM - list vms
New-AzureVMConfig - create a new vm config object
Add-AzureProvisioningConfig - adds provisioning configuration to vm
Set-AzureSubnet - sets the subnet list for a vm configuration
New-AzureVM -adds a new vm to existing AZ service or creates new vm and service in current subscription
Remove-AzureVM
Restart-AzureVM
Start-AzureVM
Stop-AzureVM
176
Working with Storage cmdlets
```
New-AzureStorageAccount
Get-AzureStorageKey
New-AzureStorageContext
Set-AzureStorageBlobContent - upload a file to container and context
New-AzureStorageContainer
```
177
Azure PS command to retrieve primary storage account
$StorageAccountKey = Get-AzureStorageKey $storeName | %{ $_.Primary }
178
Exam tip: find powershell workflows in management portal, go to main section look for automation
True
179
What is an azure workflow also refrred to as?
Runbook
180
What is a runbook do?
Allows you to automate or orgastrate the creation, deployment, maintenance and monof services and resources in Azure
181
What is Desired State Configuration?
Automated process of forcing a desired configuration onto a system
182
What are other tools for Azure Automation?
Chef, Puppet, Azure Automation
183
What is the valet key pattern?
Offload secure storage reads or writes off of web and provide token so storage can handle it
184
What is resiliency?
Resiliency is the ability of a system to gracefully handle and recover from failures
185
What are transient errors?
Error conditions that are resolved simply be retrying your request (typically a few milliseconds later) are referred to as transient faults
186
What is the retry pattern?
Use of a retry policy to retry application logic for transient faults
187
What are http codes you would not do a retry on?
400, 401, 404
188
What are http codes you would retry on?
408, 429,503, 520
189
What are 3 basic functions of all message queues?
Post a message
Retrieve a message
Peek if there is a message to avoid blocking when try to retrieve from an empty queue
190
What is the competing consumer pattern?
Producers create messages and multiple consumers process messages. (Compete to process)
191
What are the 2 primary methods of application caching?
In-memory cache - issues with syncing across instances
| Shared cache - as a separate service
192
What is the Cache-aside pattern?
Determine if item is in cache
If not retrieve from data store
Store a copy of item in cache
193
Which retry strategy is ideal for applications that process large amounts of data and send the data to the back-end service in a high throughput fashion
Random exponential backoff intervals
194
Difference between azure queues and storage bus queues?
As a solution architect/developer, you should consider using Storage queues when:
Your application must store over 80 GB of messages in a queue, where the messages have a lifetime shorter than 7 days.
Your application wants to track progress for processing a message inside of the queue. This is useful if the worker processing a message crashes. A subsequent worker can then use that information to continue from where the prior worker left off.
You require server side logs of all of the transactions executed against your queues.
As a solution architect/developer, you should consider using Service Bus queues when:
Your solution must be able to receive messages without having to poll the queue. With Service Bus, this can be achieved through the use of the long-polling receive operation using the TCP-based protocols that Service Bus supports.
Your solution requires the queue to provide a guaranteed first-in-first-out (FIFO) ordered delivery.
You want a symmetric experience in Azure and on Windows Server (private cloud). For more information, see Service Bus for Windows Server.
Your solution must be able to support automatic duplicate detection.
You want your application to process messages as parallel long-running streams
Your solution requires transactional behavior and atomicity when sending or receiving multiple messages from a queue.
The time-to-live (TTL) characteristic of the application-specific workload can exceed the 7-day period.
Your application handles messages that can exceed 64 KB but will not likely approach the 256 KB limit.
You deal with a requirement to provide a role-based access model to the queues, and different rights/permissions for senders and receivers.
Your queue size will not grow larger than 80 GB.
You want to use the AMQP 1.0 standards-based messaging protocol.
Your messaging solution must be able to support the "At-Most-Once" delivery guarantee without the need for you to build the additional infrastructure components.
You would like to be able to publish and consume batches of messages.
195
Azure app services consist of what 4 services?
Web apps
Mobile app services
API apps
Logic apps
196
What 4 languages can web apps in azure be written in?
Asp.Net
Ruby?
Python
Java
197
What is an App-Service Plan?
Free
Shared
Basic (reserved VM)
Standard (reserved VM)
App Service Plans represent an assignment of features and capacity for multiple services within App Service. Each Mobile, Logic, Web or API App must be associated with an App Service Plan which dictates both the features available, capacity available and billing for the services. The App Service Plans are grouped into the following tiers:
198
What are different ways to can deploy to a web app in app service?
```
FTP
WebDeploy
Manual Upload to wwwroot folder (not recommended)
Visual Studio Monaco Site Extension
Continous Deployment from Source Control or Storage Providers
GitHub
Visual Studio Online
BitBucket
DropBox, one drive
External Git Repository
Local Git Repository
```
199
What does a web deploy package contain?
Xml manifest file
Cmdline script
Zip file with assets for deployment
200
What is azure service fabric?
Its azure's new model for containers
201
What type of exe's can you run in a web job?
```
cmd
bat
exe (.nET)
ps1 (PowerShell)
sh
php
py (Python)
js (Node)
jar
```
202
What 2 ways can a webjob be run?
Continuously
| Scheduled/manual
203
Can you backup and restore web apps in azure?
Yes, can be done in portal, manually or automatically
| Includes, database and configuration and can be restored to existing or new app service
204
What are the main 3 use cases of traffic manager?
Failover - priority order if an instance is down
Geography - direct to closest location that is available
Distribution- can deliver near random traffic to prioritized or weighted endpoints
205
How do you configure traffic manager?
After setting up traffic manager on azure, add a cname record to dns to point at traffic manager which will resolve dns query based on config
206
What are App Service Environments?
When you need more control of your PaaS environment ASE allows you to:
Configure network access and isolation (subnets, NSGs, connect app to a VNet)
Scale using pools and instances far beyond regular app service plans
ASE is dedicated to your application alone
207
An app service has a public endpoint that cannot be removed, what about an ASE?
ASE allows web apps to be placed in VNETS that so not have to have a pubic endpoint and do not by default
208
Can you run an App Service on Linux?
Yes, it deploys a docker containerized web app from docker hub, private registry or built in
209
Can you deploy a My-SQL db in a web app?
Yes, for dev/test scenarios you can deploy an in-app mysql instance accessible only through localhost. If you deploy to production you must use a MYSQL on a vm or using marketplace
210
What are DTUs?
Data Throughput Unit used to measure database performance of sql server in azure. It is a blend of cpu, memory, reads and writes
211
What are the 3 service tiers for SQL DB?
Basic - 5 dtu, 2gb size, performance by hour
Standard (s0-s3) - up to 100 dtu, 250 gb, perf by minue
Premium (p1-p3) - up to 1000 dtu, 500 gb, perf by sec
212
What are the 4 layers of sql Azure architecture?
Client - tools
Services - billing, connection, allocation
Platform - where server and data lives
Infrastructure - hypervisor management
213
What are 4 methods you can use to migrate on-prem existing db's to sql azure?
Azure websites migration assistant
Sql database migration wizard
SSIS
Import bacpac files
214
What are 3 primary concepts of Resource manager?
Resource - an instance of a service
Resource group - a logical container for grouping of resources
Resource group template - a json file that declaratively creates a set of resources
215
What 6 ways can you interact with ARM?
```
Powershell
Xplat cli
Client libraries
Visual studio
Portal template deployment
Rest api
```
216
What are 4 basic rules for resource groups?
Resources can only exist in one resource group
Resource Groups cannot be renamed
Resource Groups can have resources of many different types (services)
Resource Groups can have resources from many different regions.
217
What is azure resource explorer?
Resouces.azure.com will show you what all your json files look like graphically, you can also export resources to generate the json
218
Can a resource group be nested in another resource group?
N0
219
When you are using arm for immutable deployments, what resource group name should you deploy to?
A new name each time
220
Which 5 resources are minimally required to create a Windows Virtual Machine in Azure that you can connect to using Remote Desktop Protocol from any internet connected computer?
Storage account for VHD
Virtual Network with defined Subnet
Network Interface Card bound to Virtual Network's Subnet
Public IP Address bound to Network Interface Card
Virtual Machine (Compute Allocation)
221
What JSON property would you use in the template to collect input for creation?
Parameters
222
What are azure storage costs based on?
Usage not amount of storage
223
What feature of storage helps it scale?
Auto-partitioning based on traffic, load balanced
224
All azure storage can be accessed using a REST API, What client libraries are available?
```
.NET
Java/Android
Node.js
PHP
Ruby
Python
PowerShell
```
225
What are the 4 different types of replication supported by Azure Storage?
LRS - locally redundant 3x
ZRS - zone redundant 3x across facilities or different regions
GRS - geo redundant 3x in region and 3x in a secondary region
RA-GRS - same as grs but available as read only
226
What are blobs ideal for and what 2 types are there?
Data sharing, Big Data, Backups
| Block and page
227
What are tables best for?
Ideal for: User, device and service metadata, structured data
Schema-less entities with strong consistency
No limits on number of table rows or table size
Dynamic load balancing of table regions
Best for Key/value lookups on partition key and row key
Entity group transactions for atomic batching
228
For a storage queue, what is max message size and max queue size?
64k and 500TB
229
What are 8 actions you can perform on storage queues?
```
Create
Measure queue length (num msgs)
Insert message
Retrieve next message
Extend message lease
Peek
Update
Delete
```
230
What is the file share format for an Azure file share?
https://[account].file.core.windows.net/
231
What protocol does a Azure file share use?
Smb 2.1 standard protocol
232
What is the max file size for an azure file share?
1 tb
233
What is the best way to maintain control over a sas signature?
Use a storage access policy
234
What controls what data is public in a container?
Public read access property
235
What does a sas signature look like
GET https://[account].blob.core.windows.net/pictures/profile.jpg?sv=2012-02-12&st=2009-02-09&se=2009-02-10&sr=c&sp=r&si=YWJjZGVmZw%3d%3d&sig=
236
In its simplest form what 6 elements make up an azure resource template?
```
$Schema
Contentversion
Parameters
Variables
Resources
Outputs
```
237
What size is an azure resource template limited to?
1MB
238
What other limits apply to resource templates?
```
256 parameters
256 variables
800 resources (including copy count)
64 output values
24,576 characters in a template expression
```
