Exam Prep Questions - Implement Storage Flashcards
You administer Azure for the Verigon Corporation. You are responsible for your Azure SQL database named VerigonDB, which is an Azure SQL Database version 12 database. Your active database is hosted in the West US region, with one offline secondary database in West Europe.
The users from USA and from West Europe are using a web application named VerigonApp. The application data is stored in VerigonDB. Because of performance issues, you want the users from West Europe to read their application data from the secondary backup DB in West Europe. For the future, you need to support up to four readable secondary backups of VerigonDB in West Europe.
The database tier is S0 Standard. Which is the most cost-efficient Azure SQL Database pricing tier you can upgrade to improve the performance level?
Azure SQL Database P1 Premium pricing tier
You administer Azure for the Verigon Corporation. You are responsible for the Azure SQL databases and for recovery planning. You have these three Azure SQL databases:
•VerigonDB1, Azure pricing tier B0 Basic
•VerigonDB2, Azure pricing tier S0 Standard
•VerigonDB3, Azure pricing tier P1 Premium
You need to report the following information to your management team:
•What are the retention periods for the Azure point-in-time backups of these databases, by default?
•How often does the Azure SQL Database service create full backups, differential backups, and log backups of your databases?
What should you present to management?
- VerigonDB1 - 7 Day Restore
- VerigonDB2, 14 Day Restore
- VerigonDB3, 35 Day Restore
The intervals for full backup, differential backup, and log backup are independent of the Azure SQL Database pricing tier. A full backup is performed every week, differential backup is performed every day, and a log backup is performed every 5 minutes. This is very import to know, because if your backup/restore requirements are different from the Azure SQL Database default values, you will have to configure the appropriate settings.
You are the administrator for the Verigon Corporation. You manage an Azure storage account named veristacco. You want to use Azure blob snapshots as a fast recovery solution to recover to old blob data versions when a user mistakenly overwrites blob data. You have created a container named snapshots as the location for your blob snapshots, and written an Azure Automation PowerShell Script that automatically creates a blob snapshot every hour and saves the snapshots in the snapshots container.
You want to test that script and verify the snapshot creation. You examine the snapshots with the following PowerShell code:
$Container.CloudBlobContainer.ListBlobs($BlobName, $true, “Snapshots”) | select Name, SnapshotTime
You get the following output:
Name: SnapshotTime:
VerigonPic1.jpg 7/10/2015 1:00:00 PM +00:00
VerigonPic1.jpg 7/10/2015 2:00:00 PM +00:00
VerigonPic1.jpg 7/10/2015 3:00:00 PM +00:00
VerigonPic1.jpg 7/10/2015 4:00:00 PM +00:00
What should you use to promote the blob snapshot from 3:00:00 PM over the base blob?
Start-CopyAzureStorageBlob or Start-AzureStorageBlobCopy
You are the administrator at the Verigon Corporation. You have registered a custom domain name, graphics.verigon.com, for your Azure storage account named VerigonStAcc. You plan to access all blob data through that URL.
You successfully verified access to http://graphics.verigon.com/Graphics/VerigonLogo.jpg. You want to make it possible to access all blob data through HTTPS in a more secure way, but with the least administrative effort.
What do you have to do to accomplish this?
You have to use https://VerigonStAcc.blob.core.windows.net/ to connect to blob data.
Currently Azure does not allow you to use a URL with a custom domain name to access the blob data using the HTTPS protocol. You can only access blob data with the HTTPS protocol if you use the default URL, which is in the scenario.
You administer Azure for the Verigon Corporation. You have deployed an Azure website named VerApp1. Now you want to enable the Azure diagnostics logs feature for VerApp1. Specifically, you want to do the following:
•Save and analyze the log information of VerApp1 through your Azure Storage account.
•Identify all failed HTTP requests in the logs.
What three PowerShell cmdlets do you have run?
Set-AzureWebSite -HttpLoggingEnabled 1
Enable-AzureWebsiteApplicationDiagnostic -BlobStorage -LogLevel Error
Set-AzureWebSite -RequestTracingEnabled $true-name VerApp1
You are the administrator at Verigon Corporation. You have an Azure storage container named verigonvms. You want to organize this container through a directory hierarchy. You want to build a hierarchy that resembles the following example:
verigonvms microsoftservers dcs webservers fileservers applicationservers linuxservers webservers fileservers applicationservers
Which string delimiter within a blob name do you have to use to build this virtual hierarchy?
You have to use the / string delimiter, because the Azure blob service is based on a flat storage scheme, not a hierarchical. You easily can simulate a hierarchy by using this string delimiter as part of the blob name
You administer Azure for the Verigon Corporation. You have to set up the Azure backup service for an on-premises Windows Server 2012 R2 file server that holds tax records. Tax records are added by the Tax department. After 45 to 90 days, tax records must be reconciled with the actual taxes paid. The reconciliation process is conducted by an auditor in another department who must review the original spreadsheet from the previous month and compare it to the tax receipt. The original spreadsheet may have to be retrieved from a backup because the original spreadsheet may have been deleted or placed in offsite storage.
You must design the backup and restore process for these tax records. What are the necessary steps?
- configure the Backup Vault
- Download the vault credentials from your account
- Run MARSAgentInstaller.exe /m /q
- Create passphrase to encrypt and decrypt backups
- Specify backup schedule
- Restore the file to different location with different ACL
You are the administrator of the Verigon Corporation. You are responsible for the Azure storage account named VerigonUSStAcc. You have an Azure container named VerigonFiles. You want to change the Author property of the blob verigonlogo.jpg in this container to MichaelS. You have written some PowerShell code to prepare for that change:
$author1 = “FrankZ”
$author2 = “jeffH”
$author3 = “MichaelS”
$StorageAccountName = “VerigonUSStAcc”
$StorageAccountKey = “ 239dzad38e9e8923288e2e92e238d2eu2839ud2839d2839ud==”
$VerContext = New-AzureStorageContext -StorageAccountName $StorageAccountName
-StorageAccountKey $StorageAccountKey
$ConName = “VerigonFiles”
$BName = “verigonlogo.jpg”
$Blob = Get-AzureStorageBlob -Context $VerContext -Container $ConName -Blob $BName
$CloudBlockBlob = [Microsoft.WindowsAzure.Storage.Blob.CloudBlockBlob] $Blob.ICloudBlob
What additional PowerShell code do you have to add?
$CloudBlockBlob.Metadata[“author”] = “MichaelS” | $CloudBlockBlob.SetMetadata(),
You administer Azure for the Verigon Corporation. You open the Microsoft Edge browser on a Windows 10 client and try to access a picture saved in an Azure container through https://verigon.blob.core.windows.net/test/pic.jpg. You see the following error message:
HTTP 404 error. That’s odd… Microsoft Edge can’t find this page.
The file is saved as a blob in the Azure container named test. You want to allow only the storage account owner to access files in this Azure container.
What PowerShell command or commands can you use?
Set-AzureStorageContainerAcl -Container test -Permission off
This statement uses the Set-AzureStorageContainerAcl cmdlet to set access permissions on a storage container named test. The -Permission parameter is set to off, which will allow only the storage account owner to access files in an Azure container.
You are the administrator at the Verigon Corporation. You maintain an Azure storage account named VerigonUSStAcc. You want to use Azure file storage to a log file named Log1.txt in the Custom Logs subdirectory of an Azure storage share named VerigonLogs. The source files are on the local drive on the C:\Logs folder.
Which PowerShell commands must you use to make that possible?
To begin, you will require the name of your Azure storage account and the primary key. With that information, you can create a context for your storage account and the key using the New-AzureStorageContext cmdlet:
$Verctx=New-AzureStorageContext VergionUsStAcc J2rnMPqNAJYXQilXrENgZa3ARXVMGbTiYla7
In the second step you will create the new Azure File Share with the New-AzureStorageShare cmdlet. The following statement creates a new share named VerigonLogs using the context created in the previous step:
$s=New-AzureStorageShare VerigonLogs -Context $Verctx
The next step is to create the directory in the file share with the New-AzureStorageDirectory cmdlet. The following creates a directory named CustomLogs with in the share that was created in the previous step:
New-AzureStorageDirectory -Share $s -Path CustomLogs
After the directory in the file share has been created, you can upload the log-file to Azure File Storage Share with the Set-AzureStorageFileContent cmdlet. The following uploads the c:\logs\log1.txt file to the CustomLogs directory in the share stored in the variable named $s:
Set-AzureStorageFileContent -Share $s -Source c:\logs\log1.txt -Path CustomLogs
You are the administrator of the Verigon Corporation. You have three SQL databases named DB1, DB2, and DB3 running on different on-premises SQL servers. The databases have following sizes:
DB1 = 50 MB DB2 = 500 GB DB3 = 2 TB
DB1 is hosted on an SQL Server in Chicago (USA). DB2 and DB3 are hosted on an SQL Server in Berlin (Germany). Your Azure Storage account named VerStAcc is located in the West US region.
You want to migrate all three databases to Azure SQL Services.
Which database migration option is the best choice for DB1, DB2, and DB3?
You can migrate DB1 by deploying a database to Microsoft Database Wizard in SQL Server Management Studio. DB1 is a small database with a size of only 50 MB, and it is hosted in the USA, which is the same as the Azure storage account region, so there should be no connectivity or bandwidth problems.
You can migrate DB2 by exporting the data and schema to a BACPAC file in an Azure Blob and then importing the BACPAC file into your Azure SQL instance. DB2 is a medium sized database and is located in a region other than the Azure storage account region. Since it is located in another region, you should expect a lower bandwidth connection and possible network connectivity issues. With a lower bandwidth connection, it is a faster and more reliable solution to use the export/import function through BACPAC files.
You can migrate DB3 by migrating the schema and the data separately, because this will achieve the best performance. To do so, perform the following steps:
1.Script the schema of the database. You could use SQL Server Management Studio to script the database and objects in the database.
2.Deploy the schema to Azure SQL Database.
3.Use BCP to extract the data into flat files. BCP is a utility that can be used to import objects from a flat file or export objects from a database into a flat file.
4.Import files into Azure SQL Database.
DB3 is not in the same region as the Azure storage account and is a very large database. You will achieve the best performance for the migration by splitting the database into schema and data.
You administer Azure for the Verigon Corporation. You have created an Azure backup vault named VerigonVaultWE with a storage replication configuration set to locally redundant. Next, you registered an Azure VM named VerigonVM1 in that vault.
You attempt to change the storage replication configuration setting to geo-redundant. In the VerigonVaultWE settings, you notice the following message:
The storage replication choice cannot be changed once items have been registered to the vault.
You unregister the Azure VM under Registered items, but you still cannot change the storage replication configuration setting. How can you change the storage replication configuration setting to geo-redundant on a backup vault?
Create a new Azure backup vault
You administer Azure for the Verigon Corporation. You have an Azure subscription and an Azure storage account. You want to upload 96 TB of blob data to your storage account, but you have decided that uploading all that data over the network is too expensive for your company.
You want to use Azure Import/Export service as a solution. What are the requirements?
You can use the following requirements for Azure Import/Export:
•3.5-inch SATA II or III internal hard drives are supported.
•Disk size of up to 10 TB.
•Disk drive volumes must be formatted in the NTFS filesystem.
•The disks must be prepared with the Azure Import/Export tool, WAImportExport.exe.
•Max 10 hard drives
You are the administrator of the Verigon Corporation. You have an Azure stored access policy named Policy1, which grants READ permission, and another policy named Policy2, which grants WRITE permission. These policies grant permissions for blobs in the Azure storage blob container named images for the Azure storage account named veristacco. You want to control access through these policies.
On October 4, 2015, a user named VerigonUser1 tries to access the Azure Blob (A) through the following URL:
https://veristaccoblob.blob.core.windows.net/images/verigon.jpg?se=2015-10-05T09%3A07Zsr=b&si=Policy2%sig=Y2CQLua868d6Thi6uMUw1tPtMQo%2FVmZp1Eorqqtzg%3D
He gets the error HTTP 404, The webpage cannot be found in his browser.
On October 6, 2015, the same user tries to access another Azure Blob (B) with the following URL:
https://veristaccoblob.blob.core.windows.net/images/verigon2.jpg?se=2015-10-05T09%3A07Zsr=b&si=Policy1%sig=Y2CQLua868d6Thi6uMUw1tPtMQo%2FVmZp1Eorqqtzg%3D
He gets the following error message:
“AuthenticationFailed Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.”
What do you have to do to allow VerigonUser1 access to both Azure blobs?
For Azure Blob A you have to edit the stored access policy named Policy2 to add the READ permission to that policy. The user had no READ permission, and therefore could not access the file. You can do that with the Azure Storage Explorer tool or with PowerShell.
For Azure Blob B you have to change the expiration date in the policy, because se=2015-10-05 in the URL configures the expiration date. Because the user wants to access the file one day after that date, he cannot access the blob. Because the expiration date comes from the policy named Policy1, you have to change the policy.
You administer Azure for the Verigon Corporation. You want to prepare Azure Backup so that you can schedule regular backups from your on-premises file server to Azure.
What are the necessary steps
- Configure the Backup vault
- Download the vault creds
- download and install the backup agent
- Register the server
- Configure the backup scheduled