Exam 70-534

Question 1

What is a key strategy to improve service availability in the cloud?

Answer 1

Reduce MTTR (Mean Time to Recover)

Question 2

What are 2 ways to avoid service throttling limits?

Answer 2

Application level caching

CDN

Question 3

Azure has been verified for what 4 compliance programs?

Answer 3

ISO 27001/27002
FedRAMP
HIPPAA
EU Model Clauses

Question 4

How does a service qualify for SLA?

Answer 4

Must use availability set with at least 2 instances (running same functions)

Question 5

A VM can have 4 types of IP addresses associated with it, name them?

Answer 5

Public virtual IP - VIP
Dynamic private IP - DIP
Static Public IP
Static privateip

Question 6

What are the 3 default tags for an NSG?

Answer 6

VIRTUAL_NETWORK - all network address space on VNET
AZURE_LOADBALANCER - ip addresses from which health probes originate
INTERNET - all IP addresses outside the VNET

Question 7

Name the 5 NSG rule fields or pairs?

Answer 7

Source ip/source port
Target ip/target port
Protocol (tcp,udp or all)
Priority
Access

Question 8

What are the 4 ACL rule fields?

Answer 8

Number
Remote subnet
Endpoint
Permit/Deny

Question 9

What is CIDR?

Answer 9

Classless Internet Domain Routing
Short hand notation for subnet mask. 255.0.0.0 uses 8 bits so its /8 and 255.255.0.0 uses 16 bits so its /16
Ex: 10.0.0.0/8 is ip of 10.0.0.0 with subnet mask 255.0.0.0

Question 10

Why can performance of large virtual networks suffer?

Answer 10

Like a large network of roads, packets collide and slow down. Subnets can help control and limit traffic.

Question 11

If you borrow 3 bits from the host id for the network id how many subnets can you create?

Answer 11

8 = 2 raised to power of 3
0, 32, 64, 96, 128, 160, 196, 224
So 10.32.0.0 would be first address on second subnet

Question 12

Each VM has at least 2 associated ip addresses, what are they?

Answer 12

A public facing virtual ip

Internal dynamic ip

Question 13

Where does a vip come from?

Answer 13

A public pool of ip addresses managed by microsoft. (Not assigned directly to vm , is assigned to cloud service)

Question 14

What is a PIP?

Answer 14

An instance level public IP that is assigned directly to a VM. Appropriate for large workloads that use a lot of ports.

Question 15

When you create a vm on azure what is accessible by default?

Answer 15

Remote desktop and powershell for windows instances

Ssh for linux

Question 16

What is an endpoint?

Answer 16

An ip address and port

Question 17

A VM has VIP and a DIP. The VIP is associated with load balancer which forwards it to?

Answer 17

DIP with a private port on a VM

Question 18

The FQDN name is specified by?

Answer 18

The name of the cloud service

Question 19

Endpoints are for public access, why are they not needed for private access?

Answer 19

Each machine in vnet can already talk to each other

Question 20

What VM series is for general compute?

Answer 20

A series
A0 = extra small
A1 = small
A2 = medium
A3 = large
A4 = extra large

Question 21

What is windows power shell DSC?

Answer 21

Desired state configuration

Instead of building the configuration you specify what the desired end state should be in script

Question 22

What is Custom Script Extension?

Answer 22

Downloads run scripts from Azure blob storage

Question 23

What compute series should be used for high performance IO?

Answer 23

DS series

Question 24

How many drives can you attach to a standard_G5 series vm?

Answer 24

64

Question 25

What is the format of an Azure Resource Template?

Answer 25

JSON

Question 26

What 4 technologies can help manage consistent state of VMs?

Answer 26

Custom Script Extension (cse)
Chef or Puppet
Azure Automation (using Azure Resource Templates)
Containerization

Question 27

What are 3 methods of connecting to a hybrid cloud?

Answer 27

Point to site vpn - vpn client to any vm or cloud service
Site to site vpn - extends local network to cloud
Express route - connects on prem data centers to azure data centers

Question 28

Can you connect 2 azure vnets with a vpn connection?

Answer 28

Yes

Question 29

How do you connect multi-site connections to allow multiple on-prem networks?

Answer 29

Azure virtual network gateway (hub and spoke)

Image of 2 on-prem networks each using a vpn device to connect to a gateway in cloud

Question 30

What is service bus relay?

Answer 30

Allows a local wcf service to register a relay endpoint to allow access

Question 31

What is Express Route?

Answer 31

A private dedicated connection between on prem data center and azure data center

Question 32

What is the max bandwidth of express route?

Answer 32

10 gbps

Question 33

What protocol does site to point vpn use?

Answer 33

SSTP Secured Socket Tunneling Protocol

Question 34

What are the limitations of site to point vpn?

Answer 34

Because each site connects through a gateway, you are limited by the number of s2s tunnels the gateway supports

Question 35

What do you need for site 2 site vpn connections?

Answer 35

A public facing ipv4 address and a compatible vpn device or RRAS running on win server 2012 , works both ways

Question 36

What are the 2 ways to use Express Route to connect to Azure?

Answer 36

Connect Azure through an exchange provider location

Connect Azure through a network service provider

Question 37

Traffic manager can route traffic based on what?

Answer 37

Availability and performance

Question 38

What 3 methods can traffic manager use to decide which edpoints to route traffic?

Answer 38

Round-robin
Failover
Performance

Question 39

What protocols are accepted by Azure AD?

Answer 39

Ws-federation
Saml 2.0
OpenID connect

Question 40

To ensure confidentiality, integrity, and authenticity of security tokens what 4 techniques can be used?

Answer 40

HTTPS
Digital signature
Encryption
Token expiration

Question 41

To interact with AAD objects what are the 2 options?

Answer 41

Graph API

ADAL and AD graph client library

Question 42

In a claims based architecture what issues security tokens?

Answer 42

Identity Provider

Question 43

What is a claims based architecture?

Answer 43

A system design that uses an external party to manage identities

Question 44

What is a securable identity?

Answer 44

A user, application or service identity that makes service requests

Question 45

What is a claim

Answer 45

An assertion made on an attribute of an entity

Question 46

What is a security token?

Answer 46

A collection of claims

Question 47

What is a service provider in context of claims architecture?

Answer 47

A relying party that relies on third party manage identities on its behalf

Question 48

What does an identity provider do?

Answer 48

Authenticates entities and issues security tokens to relying parties. The relying party can use claims in the token for authorization

Question 49

What is a trust relationship?

Answer 49

Ties an identity provider and service provider together

Question 50

What other services beyond identity provider does AAD provide?

Answer 50

Multi-factor authentication
Centralized application access panel to manage access to SaaS applications
An app proxy yo manage access for remote access to on prem services
Graph api to interact directly with AD objects

Question 51

What is ADAL?

Answer 51

Azure AD Authentication Library - facilitates authentication with both cloud and on-prem directories, automatically refreshes expired access tokens

Question 52

What 3 tiers are AAD offered in?

Answer 52

Free
Basic
Premium
Last 2 only available through enterprise licensing, come with sla, mfa, reports, machine learning

Question 53

Difference between ADDS and AAD?

Answer 53

Use different protocols such as kerberos, ldap vs saml2 wsfederation, openid connect, graph api
No forests, domains, ou’s

Question 54

What 3 parties are involved in a basic claims based Authentication workflow for a web app?

Answer 54

User Agent (Browser)
Identity Provider
Service Provider

Question 55

What 4 parties are involved for oAuth 2.0 native app auth workflow?

Answer 55

User Agent (Native app)
Authorization Service
Token Service
Service Provider

Question 56

What 5 parties are involved in a multi-tiered application workflow sometimes referred o as a trusted sub-system?

Answer 56

User Agent (native app)
Authorization Service
Token Service
Front End
Business Tier

Question 57

What does ADFS allow you to do?

Answer 57

Allow cloud based apps to use on premises ADDS user credentials to authenticate using standard protocols and SAML tokens

Question 58

What is advantage of using Directory Syncing with AdFS?

Answer 58

Centralized management plane

Monitoring, analysis and self serve capabilities

Question 59

What are 3 methods of syncing aad and on prem adds?

Answer 59

AAD Sync
DirSync
FIM /AAD connector

Question 60

What are 3 core concepts of DirSync?

Answer 60

Connector space
Metaverse
Sync rules

Question 61

What does AD Application Proxy do?

Answer 61

Expose on prem applications to the cloud

Question 62

When you have 2 accounts representing same user in different forests with same email what is best way to handle?

Answer 62

Use matching rules ro match both accounts by email address

Question 63

Name 4 identity providers supported by ACS

Answer 63

Microsoft account
Facebook
Yahoo
AD FS

Question 64

What can you do by defining claim rules?

Answer 64

Claim types can be changed during token transformation
Change claim values
Pass through

Question 65

During auth workflow what roles does ACS play?

Answer 65

Auth broker
Identity provider
Relying party

Question 66

What does a claim rule do?

Answer 66

Defines how a claim from identity provider should be transformed

Question 67

What is OWIN?

Answer 67

Open spec that defines layer between web servers and web apps

Question 68

What is middleware?

Answer 68

Layers of components that are chined together into a pipeline before they reach the application. Ex: authentication, logging, …

Question 69

What do you need to do before enabling social network as an identity provider?

Answer 69

Register app with provider and retrieve token/username, secret …

Question 70

Name 3 Azure solutions for backup and recovery?

Answer 70

Backup
StorSimple
Site recovery

Question 71

Name the 4 storage replication models supported by Azure.

Answer 71

Locally redundant storage (LRS)
Zone Redundant Storage (ZRS)
Geo-redundant Storage (GRS)
Read-Access Geo-Redundant Storage (RA-GRS)

Question 72

What 4 types of storage does Azure Storage offer?

Answer 72

BLOB Storage
Table Storage (no sql key value)
Queue Storage
File Storage

Question 73

Does Azure provide an out of box encryption feature for Azure Storage?

Answer 73

Nope

Question 74

How many keys does each storage account have?

Answer 74

2 - primary and secondary

Question 75

What level of protection do Shared Access Keys (SAS) provide?

Answer 75

Direct Access to containers, BLOBs, queues, tables, table rows with R/W with a span of time

Question 76

What do Shared Access Policies (SAP) allow you to do?

Answer 76

Manage SASs in bulk

Question 77

What roles do AAD support?

Answer 77

GBPUS + user

Question 78

What 3 roles does AZ service bus support?

Answer 78

Admin, receiver, sender

Question 79

How many replicas does Azure SQL have at any given time?

Answer 79

3

Question 80

Where does AZ SQL automatically store your most recent backups?

Answer 80

A different geo-graphical location

Question 81

Where does AZ SQL store your backups when using Active geo-replication?

Answer 81

4 geo-replicated live secondaries

Question 82

What does Azure Rights Management do?

Answer 82

Data access travels with you data
Encryption/ decryption
Manage and track key distributions
Key management and data access policies

Question 83

What is Azure Key vault?

Answer 83

Protects keys and secrets in cloud with a Hardware Security Module

Question 84

To join a device to a workplace which Azure service should be used?

Answer 84

Device registration servicewh

Question 85

What are 4 self service features of AAD?

Answer 85

Reset password
Manage group members
Request to join a group
Invite external members

Question 86

What are the 4 types of storage in a storage account?

Answer 86

Blob
Table
Queue
File share

Question 87

What are queues used for?

Answer 87

Decouple components of a system (scalability)

Question 88

What is table storage used for?

Answer 88

Use to store structured non relational data

Question 89

What is blob data used for?

Answer 89

Stores large amounts of unstructured data

Question 90

What is file storage for?

Answer 90

Shared storage that uses SMB (server message block) 2.1 or api

Question 91

How big of a db can az sql store?

Answer 91

500 gb

Question 92

What does sql azure not have?

Answer 92

Sql agent
Sql profiler
Native encryption service broker
CLR
distributed transactions or views

Question 93

Howmuch data can document db store per capacity unit?

Answer 93

10gb, 2000 reads per second

Question 94

What is needed to access storage accounts?

Answer 94

Account name and access keys
SAS
Shared access policy

Question 95

AZ SQL tier storage sizes?

Answer 95

Basic - 2gb
Standard - 250 gb
Premium - 500 gb

Question 96

What are max dtu, database size, worker threads, sessions for all 3 tiers?

Answer 96

Basic = 5 dtu, 2gb size, 30 threads, 300 sessions
Standard = 100 dtu, 250 gb, 200 threads, 2400 sessions
Premium = 800 dtu, 500 gb, 1600 threads, 19,200 sessions

Question 97

What are 3 main features of mobile services?

Answer 97

• create a proxy to a data source
• authentication with builtin support for social providers and ad
• push notifications to all mobile platforms

Question 98

What are the 2 basic steps to consume mobile services on any platform?

Answer 98

Add reference to mobile service client

Create an instance of MobileServiceClient that points to url of service and uses application key

Question 99

What are the 4 modes for api auth in a mobile service?

Answer 99

• application key (only for dev)
• everyone
• authenticated users (user id and matching auth token)
• admins and other scripts (master key)

Question 100

What are the six elements of an azure resource template?

Answer 100

$schema
Content version
Parameters
Variables
Resources
Outputs

Question 101

What is the difference between the push notification directly in mobile services and using the notification hub?

Answer 101

Hub is much larger scale

Question 102

Each notification platform requires an api key, certificate or secret, where do you get them?

Answer 102

Obtain from the dev store account

Question 103

What are some of the advantages of notification hubs?

Answer 103

• supports more device types
• avoid storing device info in mobile service
• register and use tags to work with large groups
• can use templates to push specific data
• set up triggers for sensitive data

Question 104

Basic and standard azure websites can be scaled out to how many instances?

Answer 104

3 and 10

Question 105

Autoscaling is only available at what level?

Answer 105

Standard

Question 106

What is a webjob?

Answer 106

A script or executable that run in a website to handle long running jobs

Question 107

What file types can webjobs use?

Answer 107

• cmd, bat, exe (windows)
• ps1 (powershell)
• sh (bash)
• php
• py (python)
• js (node)

Question 108

If a webjob needs to have additional files for data or dlls what fo you do?

Answer 108

zip and upload all the files

Question 109

What 3 modes can webjobs run in?

Answer 109

Continuously
Scheduled
On demand

Question 110

If a webjob is setup to run continuously how should it be written?

Answer 110

In a continuous loop or use the Webjob sdk

Question 111

Continuous webjobs will run on how many instances of your site?

Answer 111

All by default, can be configured to run on a single

Question 112

How many copies run for on demand or scheduled webjobs run on?

Answer 112

A single copy

Question 113

How can you deploy webjobs?

Answer 113

Management portal (required for scheduled)
Preview management portal?
Ftp (app_data/jobs folder)

Question 114

What are 3 methods of securing a WebAPI?

Answer 114

Azure AD
AD FS
ACS (Azure Access Control Service)

Question 115

If you have an Webapi app only for company intranet how should you secure it?

Answer 115

Windows Auth

Question 116

How can you set up a mobile service or web site to an on-prem database?

Answer 116

Use Biztalk api hybrid connector

Question 117

What does service bus relay do?

Answer 117

Securely expose on-prem WCF services to public cloud

Question 118

What is the max number of networks you can connecting via vpn to other networks?

Answer 118

10

Question 119

What are the 2 ways you can join VMs and cloud services to domain

Answer 119

Windows power shell

Add code to cloud service itself

Question 120

When adding code to join a domain to cloud service, what entry point do you use?

Answer 120

RoleEntryPoint

Question 121

What are 2 ways join vms to a domain?

Answer 121

Manual

Powershell

Question 122

What 2 security models does Media Services support?

Answer 122

AES Clear Key dynamic encryption

Playready DRM Technology

Question 123

What 2 steps are needed to set up live streaming?

Answer 123

Configure a channel

Add a program to it

Question 124

What does Media Indexer do?

Answer 124

Make media files searchable

Transcript for close captioning

Question 125

What is immediate consistency vs eventual?

Answer 125

When an entity is updated all servers will have a consistent view for everyone or for eventual can see different data until synced

Question 126

Pessimistic concurrency vs optimistic

Answer 126

Pessimistic uses a lock on data vs assuming it wont be in use

Question 127

What are typical usage of data types for sql, blob, no sql, azure search?

Answer 127

Sql for transactional
Azure blob storage for large binary files
Document db for loosely structured data
Azure search for indexing free-text files

Question 128

What is layered storage?

Answer 128

Frequently queried stays in cache while cold data is stored in cheaper storage

Question 129

How many replicas does Azure storage use by default?

Answer 129

3 across different geo-graphic regions

Question 130

How does sql azure protect its data?

Answer 130

Data is backed by multiple active secondaries that automatically step in

Question 131

What is a common practice to scaled data stores?

Answer 131

Sharding

Question 132

What are 4 components of a big data solution?

Answer 132

Event hubs
Stream analytics
Machine learning
Power bi

Question 133

What are 4 azure services you can use to connect on-premise resources?

Answer 133

Biztalk API hybrid connector
Service bus relay
Azure app proxy
Azure virtual network

Question 134

What is a basic way to troubleshoot website in azure?

Answer 134

Monitor

Question 135

What is Site Control Manager?

Answer 135

SCM is a tool for debugging website

Question 136

What languages does Azure support?

Answer 136

.net
Java
Node
Php
Python
(Ruby not in app service)

Question 137

What was App Service web apps called previously?

Answer 137

Azure websites

Question 138

Web apps and web sites are same thing?

Answer 138

True

Question 139

Cloud Services are the old and first way to create a website, what components did they have?

Answer 139

Web Roles, Worker Roles

WCF service web role

Question 140

What are azure site extensions?

Answer 140

A feature of appservices that allow you to create and deploy custom admin functionality

Question 141

A web deploy package includes what?

Answer 141

A cmd file that can be customized
All the files zipped
A couple xml files for changing params
Readme.txt file

Question 142

What is an app service plan?

Answer 142

A way to group apps and services so they can logically be scaled and managed together

Question 143

How does a slot swap work?

Answer 143

Exchanges only pointers and names

Question 144

What are the ways of deploying to an app service?

Answer 144

Web deploy - visual studio
Ftp
Source control
Dropbox

Question 145

What is elastic scale for db?

Answer 145

Same as shards

Question 146

What is sql sync?

Answer 146

Allows az sql to sync data to other db’s, not a replacement for replication

Question 147

what is sql geo-replication?

Answer 147

Sets up replica databases in other data centers for dr. Requires standard or higher

Question 148

What tier is backup and restore for web apps available?

Answer 148

Standard or higher

Question 149

What is system center?

Answer 149

A suite of tools for managing and monitoring systems. There are 8 tools:
Operations manager (SCOM
Config manager
Virtual machine manager
Orchestrator
Data protection manager
Service mananger
App controller
Endpoint protection

Question 150

What is a cloud distribution point?

Answer 150

Allows you to update to azure vm’s directly

Question 151

What is the fastest nd easiest way to deploy all or most components of system center?

Answer 151

Powershell deployment toolkit

Question 152

Azure site recovery can manage replication and orchestration of site failres

Answer 152

True

Question 153

Using azure with system center data protection manager to store off site data can shorten data recovery time and complexity

Answer 153

True

Question 154

What are some third party cloud monitoring tools?

Answer 154

CloudNinja
New Relic
AzureWatch
AppDynamics

Question 155

What is Global Service Monitor?

Answer 155

An Azure cloud service used to monitor availability of public websites

Question 156

What is application insights?

Answer 156

Displays metrics for app service

Question 157

What is RPO/

Answer 157

Recovery point objective - max time data loss can occur

Question 158

What is RTO?

Answer 158

Recovery time objective - amount of time a system can be unavailable

Question 159

What are SLAs for compute, sql, storage?

Answer 159

Compute 99.95 / 21.6 min
Sql 99.9 /43.2
Storage 99.9 / 43.2

Question 160

In Azure PowerShell, what does OB stand for?

Answer 160

Online Backup
Examples: Get-OBPolicy retrieves current backup policy which includes the schedule
Start-OBBackup -Policy $policy -Force executes a backup now

Question 161

What workloads does Data Protection Manager support?

Answer 161

Server backups - volumes, files, folders, shares
Client backups - files, folders, shares
SQL server
Sharepoint - farms, db, front end web servers
Hyper-V VM, hosts, vhd, files, folders, volumes
Guest-level backup of VM - application level
Exchange

Question 162

Be aware that hosting Data Protection Manager in Azure limits you to 16 volumes on a drive

Answer 162

True

Question 163

What protocol does StorSimple use to link data storage?

Answer 163

ISCSI so storage in Azure is presented as locally attached volumes

Question 164

What is best use case for StorSimple?

Answer 164

Use when you want local storage that is very fast and scalable for tiering data in Azure

Question 165

When is Data Protection Manager a best use case?

Answer 165

When a restore needs to happen before accessing data (no live-access)

Question 166

What type of backup and restore is possible with Azure backup?

Answer 166

Block level backup with file restore

Question 167

What Power shell commands can be used to authenticate PS to Azure?

Answer 167

Add-AzureAccount
Get-AzurePublishSettingsFile
Import-AzurePublishSettingsFile

Question 168

Does the publishSettingsFile have certificate credentials embedded in it?

Answer 168

Yes, delete after use

Question 169

What does Get-AzureAccount cmdlet do?

Answer 169

List accounts of which Windows PowerShell is aware

Question 170

What does Remove-AzureAccount do?

Answer 170

Removes an Azure account from PS, not Azure

Question 171

What does Get-Help -example cmdlet do?

Answer 171

Gets help and example scripts to run a command

Question 172

After authenticating to Azure with PS what do you need to do?

Answer 172

Set the subscription with Set-AzureSubscription

Could be helpful to call Get-AzureSubscription to get list

Question 173

Basic PS constructs

Answer 173

$ is a variable
$_ is THIS token
| pipe is take output and pass it to another command for chaining
‘ back tick is continue command on next line
# is single line comment
## multi line comment
$() is evaluate sub expression in parens

Question 174

Built in PS variables

Answer 174

$true, $false, $PSVersionTable, $HOME

Question 175

Primary commands for working with VMs

Answer 175

Get-AzureVM - list vms
New-AzureVMConfig - create a new vm config object
Add-AzureProvisioningConfig - adds provisioning configuration to vm
Set-AzureSubnet - sets the subnet list for a vm configuration
New-AzureVM -adds a new vm to existing AZ service or creates new vm and service in current subscription
Remove-AzureVM
Restart-AzureVM
Start-AzureVM
Stop-AzureVM

Question 176

Working with Storage cmdlets

Answer 176

New-AzureStorageAccount
Get-AzureStorageKey
New-AzureStorageContext
Set-AzureStorageBlobContent - upload a file to container and context
New-AzureStorageContainer

Question 177

Azure PS command to retrieve primary storage account

Answer 177

$StorageAccountKey = Get-AzureStorageKey $storeName | %{ $_.Primary }

Question 178

Exam tip: find powershell workflows in management portal, go to main section look for automation

Answer 178

True

Question 179

What is an azure workflow also refrred to as?

Answer 179

Runbook

Question 180

What is a runbook do?

Answer 180

Allows you to automate or orgastrate the creation, deployment, maintenance and monof services and resources in Azure

Question 181

What is Desired State Configuration?

Answer 181

Automated process of forcing a desired configuration onto a system

Question 182

What are other tools for Azure Automation?

Answer 182

Chef, Puppet, Azure Automation

Question 183

What is the valet key pattern?

Answer 183

Offload secure storage reads or writes off of web and provide token so storage can handle it

Question 184

What is resiliency?

Answer 184

Resiliency is the ability of a system to gracefully handle and recover from failures

Question 185

What are transient errors?

Answer 185

Error conditions that are resolved simply be retrying your request (typically a few milliseconds later) are referred to as transient faults

Question 186

What is the retry pattern?

Answer 186

Use of a retry policy to retry application logic for transient faults

Question 187

What are http codes you would not do a retry on?

Answer 187

400, 401, 404

Question 188

What are http codes you would retry on?

Answer 188

408, 429,503, 520

Question 189

What are 3 basic functions of all message queues?

Answer 189

Post a message
Retrieve a message
Peek if there is a message to avoid blocking when try to retrieve from an empty queue

Question 190

What is the competing consumer pattern?

Answer 190

Producers create messages and multiple consumers process messages. (Compete to process)

Question 191

What are the 2 primary methods of application caching?

Answer 191

In-memory cache - issues with syncing across instances

Shared cache - as a separate service

Question 192

What is the Cache-aside pattern?

Answer 192

Determine if item is in cache
If not retrieve from data store
Store a copy of item in cache

Question 193

Which retry strategy is ideal for applications that process large amounts of data and send the data to the back-end service in a high throughput fashion

Answer 193

Random exponential backoff intervals

Question 194

Difference between azure queues and storage bus queues?

Answer 194

As a solution architect/developer, you should consider using Storage queues when:
Your application must store over 80 GB of messages in a queue, where the messages have a lifetime shorter than 7 days.

Your application wants to track progress for processing a message inside of the queue. This is useful if the worker processing a message crashes. A subsequent worker can then use that information to continue from where the prior worker left off.

You require server side logs of all of the transactions executed against your queues.

As a solution architect/developer, you should consider using Service Bus queues when:

Your solution must be able to receive messages without having to poll the queue. With Service Bus, this can be achieved through the use of the long-polling receive operation using the TCP-based protocols that Service Bus supports.

Your solution requires the queue to provide a guaranteed first-in-first-out (FIFO) ordered delivery.

You want a symmetric experience in Azure and on Windows Server (private cloud). For more information, see Service Bus for Windows Server.

Your solution must be able to support automatic duplicate detection.

You want your application to process messages as parallel long-running streams

Your solution requires transactional behavior and atomicity when sending or receiving multiple messages from a queue.

The time-to-live (TTL) characteristic of the application-specific workload can exceed the 7-day period.

Your application handles messages that can exceed 64 KB but will not likely approach the 256 KB limit.

You deal with a requirement to provide a role-based access model to the queues, and different rights/permissions for senders and receivers.

Your queue size will not grow larger than 80 GB.

You want to use the AMQP 1.0 standards-based messaging protocol.

Your messaging solution must be able to support the “At-Most-Once” delivery guarantee without the need for you to build the additional infrastructure components.

You would like to be able to publish and consume batches of messages.

Question 195

Azure app services consist of what 4 services?

Answer 195

Web apps
Mobile app services
API apps
Logic apps

Question 196

What 4 languages can web apps in azure be written in?

Answer 196

Asp.Net
Ruby?
Python
Java

Question 197

What is an App-Service Plan?

Answer 197

Free
Shared
Basic (reserved VM)
Standard (reserved VM)

App Service Plans represent an assignment of features and capacity for multiple services within App Service. Each Mobile, Logic, Web or API App must be associated with an App Service Plan which dictates both the features available, capacity available and billing for the services. The App Service Plans are grouped into the following tiers:

Question 198

What are different ways to can deploy to a web app in app service?

Answer 198

FTP
WebDeploy
Manual Upload to wwwroot folder (not recommended)
Visual Studio Monaco Site Extension
Continous Deployment from Source Control or Storage Providers
GitHub
Visual Studio Online
BitBucket
DropBox, one drive
External Git Repository
Local Git Repository

Question 199

What does a web deploy package contain?

Answer 199

Xml manifest file
Cmdline script
Zip file with assets for deployment

Question 200

What is azure service fabric?

Answer 200

Its azure’s new model for containers

Question 201

What type of exe’s can you run in a web job?

Answer 201

cmd
bat
exe (.nET)
ps1 (PowerShell)
sh
php
py (Python)
js (Node)
jar

Question 202

What 2 ways can a webjob be run?

Answer 202

Continuously

Scheduled/manual

Question 203

Can you backup and restore web apps in azure?

Answer 203

Yes, can be done in portal, manually or automatically

Includes, database and configuration and can be restored to existing or new app service

Question 204

What are the main 3 use cases of traffic manager?

Answer 204

Failover - priority order if an instance is down
Geography - direct to closest location that is available
Distribution- can deliver near random traffic to prioritized or weighted endpoints

Question 205

How do you configure traffic manager?

Answer 205

After setting up traffic manager on azure, add a cname record to dns to point at traffic manager which will resolve dns query based on config

Question 206

What are App Service Environments?

Answer 206

When you need more control of your PaaS environment ASE allows you to:
Configure network access and isolation (subnets, NSGs, connect app to a VNet)
Scale using pools and instances far beyond regular app service plans
ASE is dedicated to your application alone

Question 207

An app service has a public endpoint that cannot be removed, what about an ASE?

Answer 207

ASE allows web apps to be placed in VNETS that so not have to have a pubic endpoint and do not by default

Question 208

Can you run an App Service on Linux?

Answer 208

Yes, it deploys a docker containerized web app from docker hub, private registry or built in

Question 209

Can you deploy a My-SQL db in a web app?

Answer 209

Yes, for dev/test scenarios you can deploy an in-app mysql instance accessible only through localhost. If you deploy to production you must use a MYSQL on a vm or using marketplace

Question 210

What are DTUs?

Answer 210

Data Throughput Unit used to measure database performance of sql server in azure. It is a blend of cpu, memory, reads and writes

Question 211

What are the 3 service tiers for SQL DB?

Answer 211

Basic - 5 dtu, 2gb size, performance by hour
Standard (s0-s3) - up to 100 dtu, 250 gb, perf by minue
Premium (p1-p3) - up to 1000 dtu, 500 gb, perf by sec

Question 212

What are the 4 layers of sql Azure architecture?

Answer 212

Client - tools
Services - billing, connection, allocation
Platform - where server and data lives
Infrastructure - hypervisor management

Question 213

What are 4 methods you can use to migrate on-prem existing db’s to sql azure?

Answer 213

Azure websites migration assistant
Sql database migration wizard
SSIS
Import bacpac files

Question 214

What are 3 primary concepts of Resource manager?

Answer 214

Resource - an instance of a service
Resource group - a logical container for grouping of resources
Resource group template - a json file that declaratively creates a set of resources

Question 215

What 6 ways can you interact with ARM?

Answer 215

Powershell
Xplat cli
Client libraries 
Visual studio
Portal template deployment 
Rest api

Question 216

What are 4 basic rules for resource groups?

Answer 216

Resources can only exist in one resource group
Resource Groups cannot be renamed
Resource Groups can have resources of many different types (services)
Resource Groups can have resources from many different regions.

Question 217

What is azure resource explorer?

Answer 217

Resouces.azure.com will show you what all your json files look like graphically, you can also export resources to generate the json

Question 218

Can a resource group be nested in another resource group?

Answer 218

N0

Question 219

When you are using arm for immutable deployments, what resource group name should you deploy to?

Answer 219

A new name each time

Question 220

Which 5 resources are minimally required to create a Windows Virtual Machine in Azure that you can connect to using Remote Desktop Protocol from any internet connected computer?

Answer 220

Storage account for VHD
Virtual Network with defined Subnet
Network Interface Card bound to Virtual Network’s Subnet
Public IP Address bound to Network Interface Card
Virtual Machine (Compute Allocation)

Question 221

What JSON property would you use in the template to collect input for creation?

Answer 221

Parameters

Question 222

What are azure storage costs based on?

Answer 222

Usage not amount of storage

Question 223

What feature of storage helps it scale?

Answer 223

Auto-partitioning based on traffic, load balanced

Question 224

All azure storage can be accessed using a REST API, What client libraries are available?

Answer 224

.NET
Java/Android
Node.js
PHP
Ruby
Python
PowerShell

Question 225

What are the 4 different types of replication supported by Azure Storage?

Answer 225

LRS - locally redundant 3x
ZRS - zone redundant 3x across facilities or different regions
GRS - geo redundant 3x in region and 3x in a secondary region
RA-GRS - same as grs but available as read only

Question 226

What are blobs ideal for and what 2 types are there?

Answer 226

Data sharing, Big Data, Backups

Block and page

Question 227

What are tables best for?

Answer 227

Ideal for: User, device and service metadata, structured data

Schema-less entities with strong consistency
No limits on number of table rows or table size
Dynamic load balancing of table regions
Best for Key/value lookups on partition key and row key
Entity group transactions for atomic batching

Question 228

For a storage queue, what is max message size and max queue size?

Answer 228

64k and 500TB

Question 229

What are 8 actions you can perform on storage queues?

Answer 229

Create
Measure queue length (num msgs)
Insert message
Retrieve next message
Extend message lease
Peek
Update 
Delete

Question 230

What is the file share format for an Azure file share?

Answer 230

https://[account].file.core.windows.net/

Question 231

What protocol does a Azure file share use?

Answer 231

Smb 2.1 standard protocol

Question 232

What is the max file size for an azure file share?

Answer 232

1 tb

Question 233

What is the best way to maintain control over a sas signature?

Answer 233

Use a storage access policy

Question 234

What controls what data is public in a container?

Answer 234

Public read access property

Question 235

What does a sas signature look like

Answer 235

GET https://[account].blob.core.windows.net/pictures/profile.jpg?sv=2012-02-12&st=2009-02-09&se=2009-02-10&sr=c&sp=r&si=YWJjZGVmZw%3d%3d&sig=

Question 236

In its simplest form what 6 elements make up an azure resource template?

Answer 236

$Schema
Contentversion
Parameters
Variables
Resources
Outputs

Question 237

What size is an azure resource template limited to?

Answer 237

1MB

Question 238

What other limits apply to resource templates?

Answer 238

256 parameters
256 variables
800 resources (including copy count)
64 output values
24,576 characters in a template expression