Implement and manage virtual networking Flashcards
what is a subnet?
A logical division within the virtual network
How many reserved addresses are there in a subnet?
5! xxx.xxx.x.[0-3] and xxx.xxx.x.255
What are some requirements of subnets?
the address range for each subnet must be unique within the address space for the virtual network, the range for one subnet can’t overlap another subnet
What are the two types of IP addressing?
Private and public. Private: enables communications within the azure virtual network and your on-prem network. Public: enables you to communicate with the internet
What are some characteristics of IP addresses?
IP addresses can be statically assigned or dynamically assigned, you can separate dynamically and statically assigned IP resources into different subnets
What are network security groups?
A network security group uses security rules in the group to limit network traffic in the virtual network.
What are the four characteristics of a network security group?
There is a list of security rules that contain a list of security rules that allow or deny inbound or outbound traffic. the nsg can be associated with a subnet or a network interface. a nsg can be associated multiple times. you can create an nsg and define security rules in the azure portal
How do network security groups and subnets interact?
an nsg can restrict traffic flow to all machines within the subnet, each subnet can have a maximum of one associated nsg
How do network security groups and network interface cards interact?
NSGs can have rules that control all traffic that flow through a NIC. Each network interface in a subnet can have up to one associated NSG
What are the characteristics of the rules in network security groups?
Azure makes a bunch of default rules in each NSG you create. You can make more rules. You can’t delete the default rules, but you can nullify them by making them low priority to created rules that have conflicting wordings.
What are the effects of the 3 default inbound traffic rules?
deny all inbound traffic except from the virtual network and azure load balancers
What are the effects of the 3 default outbound traffic rules?
Allow outbound traffic to the internet and to the vnet
What are application security groups for?
It seems like an alternate method of security than network security groups. Where nsgs are focused on addresses, asgs are focused on the applications. I imagine that it is more dynamic and can work with dynamic addresses better than NSGs.
What are the valid service tags for network security group rules?
AzureLoadBalancer, AzureTrafficManager, Internet, SQL, Storage, VirtualNetwork
What is the domain name system (DNS)?
It allows for site names instead of address numbers
Why are there initial domain names and custom domain names?
You start out with an initial domain name because custom domain names must be registered.
What are the requirements for using a custom domain name?
the custom domain name must be added to your directory and verified. Domain names must be unique.
What is the verification process for custom domain names?
You need to provide a DNS record for the custom domain name to prove ownership
What is a DNS zone for?
The DNS zone hosts the DNS records for a domain
What are the specifications for DNS zones?
name, number of records, resource group, zone location, subscription, dns name servers
What are some important characteristics of DNS zones?
names must be unique within a resource group. If there is an identically named resource group in a different resource group or subscription, they will have separate entries in the DNS name server.
What are the three steps of DNS delegation?
Identify the DNS name servers, Update the parent domain, delegate subdomains
Where can you find the name servers?
In the overview of the DNS zone
How do you update the parent domain?
Ho to the registrar’s DNS management page, find the existing NS records for your parent domain, replace the existing NS records with the NS records created for your domain by Azure DNS
