Microsoft Azure Fundamentals Flashcards

1
Q

It is the delivery of compute services over the internet to provide faster innovation, flexible resources, and economies of scale.

You typically pay only for services you use.

A

Cloud Computing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Cost
Improved Speed
Scalability
Increased Productivity
Better Performance
Reliability
Improved Security

A

Benefits of Cloud Computing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A cloud computing service that offers compute, storage, and networking resources on demand. Service provider manages the infrastructure.

  • Lift and shift scenario
  • Storage and Backup
  • Web Apps
  • High-performance Computing
A

Infrastructure-As-A-Service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A complete development and deployment environment in the cloud.

Includes servers, storage, networking, middleware, development tools, BI services, database management systems.

Supports the complete web application lifecycle

You manage the applications and services and the service provider manages everything else

  • Development Framework
A

Platform-As-A-Service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Provides a complete software solution that you purchase on a pay-as-you-go basis from a cloud service provider

Infrastructure, middleware, app software, and app data are located in the service provider’s data center

Service provider manages underlying hardware and software

Refers to cloud-based applications that users connect to and use over the internet.

A

Software-As-A-Service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Cloud deployment model where services are offered over the public internet and available to anyone who wants to purchase them

A

Public Cloud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Cloud deployment model used only by users from one business or organization.

Can be physically located in on-site datacenter, or can be hosted by a third-party service provider.

A

Private Cloud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Cloud deployment model that combines a public cloud and a private cloud by allowing data and applications to be shared between them

A

Hybrid Cloud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
  • No upfront costs
  • No need to purchase or manage infrastructure
  • Pay for additional resources only when needed
  • Stop paying for unneeded resources
A

Benefits of a consumption based model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Users pay only for the resources that they use

A

Consumption based model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A continuous user experience with virtually no downtime

A

High Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
  • Can scale vertically (increase compute capacity by adding RAM or CPUs)
  • Can scale horizontally (increase compute capacity by adding instances of resources, such as adding VMs to the configuration)
A

Scalability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Cloud-based apps can take advantage of autoscaling, where resources are always available when needed

A

Elasticity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Deploy and configure cloud-based resources quickly as app requirements change

A

Agility

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Deploy apps and data to regional datacenters around the globe to ensure that your customers always have the best performance in their region

A

Geo-distribution

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Cloud-based backup services, data replication options, and geo-distribution allow you to deploy apps while ensuring that data is safe in the event of disaster

A

Disaster Recovery

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What features are deployed in each Azure region and are deployed within latency-defined parameters?

A

Datacenters

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What protect resources against rack failures within a datacenter?

A

Availability Sets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What do you call physically separate locations within each Azure region that are tolerant to local datacenter failures?

A

Availability Zones

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

True or False. An Azure resource group is a container that holds related resources for an Azure solution, and typically includes resources that you want to manage as a group.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

True or False. Azure is made up of datacenters located around the globe.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

An on-demand computing service for running cloud-based applications.
Popular services:
Azure Virtual Machines
Azure Container Instances
Azure App Service
Azure Functions

A

Azure Compute

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Container offering great for scenarios that can operate in isolated containers

A

Azure Container Instances

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Container offering that is great for full container orchestration

A

Azure Kubernetes Service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Azure service that allows your Azure resources like VMs, web apps and database to communicate with users on the internet and with on-prem clients computers

A

Azure Virtual Networks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Required when creating a VNET. Must be specified using public and private addresses.

A

Address Space

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Enables you to segment the virtual network into one or more sub-networks and allocate a portion of the virtual network’s address space to each subnet.

A

Subnets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

True or False. VNet is scoped to a single region/location; however, multiple virtual networks from different regions can be connected together using Virtual Network Peering.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

True or False. VNet is scoped to a subscription. You can implement multiple virtual networks within each Azure subscription and Azure region.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Allows virtual networks connection within the same Azure region

A

Virtual network peering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Allows virtual network connection across Azure regions

A

Global virtual network peering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

True or False. Traffic between peered virtual networks is private

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

True or False. No public internet, gateways, or encryption is required in peered virtual networks.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Allows you to connect on-prem datacenters to vNets through a site-to-site connection, to connect individual devices to vNets through a point-to-site connection, and to connect vNets to other virtual networks through a network-to-network connection

A

VPN Gateway

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

A VPN gateway type that support IKEv1 and use static routing

A

Policy-based VPN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

A VPN gateway type that support IKEv2 and use dynamic routing

A

Route-based VPN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

It extends on-prem networks into the Microsoft cloud over a private connection and establish connections to Microsoft cloud services.

A

Azure ExpressRoute

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

True or False. Azure ExpressRoute don’t go over the public Internet.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Allows you to access Azure PaaS Services and Azure customer-hosted services over a private endpoint in your virtual network

A

Azure Private Link

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

A network interface that uses a private IP address from your virtual network that connects you privately and securely to a service that’s powered by Azure Private Link

A

A Private endpoint

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

True or False. Traffice between your vNet and the service you are connecting to via a private link travels the Microsoft backbone network.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Premium storage account type for page blobs only.

A

Premium page blobs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

Premium storage account type for file shares only. Recommended for enterprise or high-performance scale applications. Supports both Server Message Block (SMB) and NFS file shares.

A

Premium File Shares

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

Premium storage account type for block blobs and append blobs. Recommended for scenarios with high transaction rates or that use smaller objects or require consistently low storage latency.

A

Premium Block Blobs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

Standard storage account type for blobs, file shares, queues, and tables. Recommended for most scenarios using Azure Storage.

A

Standard general-purpose v2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

It is optimized for storing massive amounts of unstructured data

A

Blob storage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

True or False. Azure files are fully managed file shares in the cloud.`

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

True or False. Server Message Block (SMB) file shares are accessible from Windows, Linux, macOS.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

True or False. Network File System (NFS) shares are accessible from Linux / macOS

A

True

50
Q

To implement communication between components of a distributed app what does Azure Queue Storage implement?

A

Cloud-based queues

51
Q

True or False. Each queue maintains a list of messages that can be added by a sender component and processed by a receiver component

A

True

52
Q

A storage service that stores structured NoSQL data in the cloud and provides key/attribute store with a schemaless design

A

Azure Table storage

53
Q

The following are examples of use case for what kind of Azure storage:
- Storing TBs of structured data capable of serving web scale applications
- Storing datasets that don’t require complex joins, foreign keys, or stored procedures and can be denormalized for fast access
- Quickly querying data using a clustered index
- Accessing data using the OData protocol and LINQ queries with WCF Data Service .NET Libraries

A

Azure Table storage

54
Q

A managed disk that’s attached to a virtual machine to store application data, or other data you need to keep.

A

Data disk

55
Q

A managed disk a pre-installed OS, which was selected when the VM was created. This disk contains the boot volume.

A

OS disk

56
Q

Is not a managed disk, provides short-term storage for applications and processes, and is intended to only store data such as page or swap files

A

Temporary disk

57
Q

Highest-performing storage option for Azure VMs

A

Ultra Disks

58
Q

High-performance and low latency disk support for VMs with IO-intensive workloads

A

Premium SSDs

59
Q

Designed for IO-intense enterprise workloads that require consistent sub-millisecond disk latencies and high IOPs

A

Premium SSD v2

60
Q

Deliver reliable low-cost disk support for VMs running latency-tolerant workloads

A

Standard HDDs

61
Q

What redundancy option provides the following:
- Replicates your data three times within a single data center in the selected region.
- Protects your data against server rack and drive failures.
- Provide at least 99.999999999% (11 9’s) of durability over a given year.

A

Locally-Redundant Storage (LRS)

62
Q

What redundancy option provides the following:
- Synchronously replicates your Azure managed disk across three Azure availability zones in the region you select.
- Provide at least 99.9999999999% (12 9’s) of durability over a given year.

A

Zone-Redundant Storage (ZRS)

63
Q

Copies your data synchronously three times within a single physical location in the primary region using LRS. It then copies your data asynchronously to a single physical location in the secondary region. Within the secondary region, your data is copied synchronously three times using LRS.

A

Geo-redundant storage (GRS)

64
Q

Copies your data synchronously across three Azure availability zones in the primary region using ZRS. It then copies your data asynchronously to a single physical location in the secondary region. Within the secondary region, your data is copied synchronously three times using LRS.

A

Geo-zone-redundant storage (GZRS)

65
Q

Command-line utility used to copy blobs or files to or from a storage account

A

AzCopy

66
Q

AzCopy supported storage type

A

Blob Storage and File Storage

67
Q

AzCopy supported authorization for Blob storage

A

Azure AD & SAS

68
Q

AzCopy supported authorization for File storage

A

SAS only

69
Q

It helps centralize file shares in Azure Files

A

Azure File Sync

70
Q

It helps transform Windows Servers into a quick caches of Azure file shares

A

Azure File Sync

71
Q

Some protocols used by Azure File Sync to access data on Windows server

A

SMB, NFS, FTPS

72
Q

It allows discovery and assessment of servers including SQL and web apps

A

Azure Migrate: Discovery and assessment

73
Q

It is used to migrate VMware VMs, Hyper-V Vms, physical servers, other virtualized servers and public cloud VMs to Azure

A

Azure Migrate: Server Migration

74
Q

A stand-alone tool designed to allow you to asses SQL Server databases for migration to Azure SQL Database, Azure SQL Managed Instance, or Azure VMs running SQL Server

A

Data Migration Assistant

75
Q

It allows you to migrate on-prem databases to Azure VMs running SQL Server, Azure SQL Database, or SQL Managed Instances

A

Azure Database Migration Service

76
Q

It helps in assessing on-prem web apps before migration to Azure

A

Azure App Service Migration Assistant

77
Q

It uses secure transfer of data via a physical storage device and migrate large amounts of offline data, up to 80 TB to Azure

A

Azure Data Box

78
Q

Microsoft’s managed network security service in Azure that protects Azure Virtual Network resources. A cloud-native and intelligent network firewall security service that provides the best of breed threat protection for your cloud workloads running in Azure. It’s a fully stateful, firewall as a service with built-in high availability and unrestricted cloud scalability. It provides both east-west and north-south traffic inspection.

A

Azure Firewall

79
Q

Provides enhanced DDoS mitigation features to defend against DDoS attacks. It’s automatically tuned to help protect your specific Azure resources in a virtual network. Protection is simple to enable on any new or existing virtual network, and it requires no application or resource changes.

A

Azure DDoS Protection

80
Q

It filters network traffic between Azure resources in an Azure virtual network. Contains security rules that allow or deny inbound network traffic to, or outbound network traffic from, several types of Azure resources. You can specify source and destination, port, and protocol for each rule.

A

Azure network security group

81
Q

Enable you to configure network security as a natural extension of an application’s structure, allowing you to group virtual machines and define network security policies based on those groups. You can reuse your security policy at scale without manual maintenance of explicit IP addresses.

A

Application security groups

82
Q

It identifies the entity seeking access to a resource. Challenges for credentials. Basis for creating secure identity & access control principles.

A

Authentication

83
Q

It is separate from authentication. Establishes an authenticated entity’s level of access. Which data can be accessed, and what can be done with it.

A

Authorization

84
Q

Microsoft’s Azure-based identity and access management service

A

Azure Active Directory

85
Q

Provides added security for user authentications by requiring two or more elements for authentication

A

Multi-Factor Authentication

86
Q

A thing that can get authenticated.

A

Identity

87
Q

An identity created through Azure AD Account or another Microsoft cloud service such as Microsoft 365

A

Azure AD Account

88
Q

Includes the tenant’s users, groups, and apps and is used to perform identity and access management functions for tenants resources

A

Azure AD Directory

89
Q

Automatically assigned to whomever created the Azure AD tenant.

A

Azure AD Global Administrator

90
Q

True or False. An Azure Active Directory domain services managed domain is a standalone domain

A

True

91
Q

Azure Active Directory domain services managed domain is not an extension of an on-prem Active Directory domain.

A

True

92
Q

Allows uses to change their passwords via a web browser from virtually any device

A

Self-Service Password Reset (SSPR)

93
Q

Requires a second form of authentication

A

Multi-factor authentication

94
Q

Requires a combination of
- Something the user knows
- Something the user has
- Something the user is

A

Azure multi-factor authentication

95
Q

User credentials are provided via methods like biometrics through Windows Hello for Business or through FIDO2 security key

A

Passwordless Authentication

96
Q

Allows you to specify conditions under which users can access apps and data. Relies on several signals to determine who can access which apps and data

A

Conditional Access

97
Q

Used to dictate what happens when conditions of a Conditional Access policy are met. Used to determine whether access should be granted or not. Used to determine if extra verification should be required.

A

Access Controls

98
Q

True or False. Conditional Access is only available in the paid editions of Azure AD.

A

True

99
Q

True or False. Conditional Access is only available in the paid editions of Azure AD.

A

True

100
Q

Used to control permissions for Azure AD resource management

A

Azure AD Roles

101
Q

True or False. Custom roles can be created if you require more flexibility when granting access.

A

True

102
Q

Management of access using Roles

A

Role-Based Access Control

103
Q

The central feature in Defender for Cloud

A

Secure Score

104
Q

True or False. The higher the score the lower the identified risk level.

A

True

105
Q

It allows you to continually assess your environment, secure it, and defend against threats.

A

Defender for Cloud

106
Q

Collect, analyze, and act upon telemetry from both cloud and on-prem environments

A

Azure Monitor

107
Q

Provides personalized guidance and support whenever issues with Azure services affect you

A

Azure Service Health

108
Q
  • Provide metadata for resources
  • Locally organize resources
  • Consist of a name-value pairs
  • Organize resources for billings
A

Tags

109
Q
  • Performs evaluations of resources and scans for those that are non-compliant.
  • Can automatically remediate non-compliant resources and configurations.
  • Uses policies and initiatives
A

Azure Policy

110
Q
  • Based on allow model
  • Provides fine-grained access management for Azure resources
  • Allows certain actions at each scope level
A

Role Based Active Control

111
Q
  • Used to prevent accidental deletion or modification of Azure resources
  • Managed from within Azure portal
A

Resource Locks

112
Q
  • Used to define repeatable sets of Azure resources that implement and adhere to standards, patterns, and requirements
A

Azure Blueprints

113
Q

Set of tools that organizations can use to monitor, allocate and optimize Azure costs

A

Azure Cost Management

114
Q

This tool can be used by organizations to manage governance across multiple Azure subscriptions

A

Management Groups

115
Q

It is used by organizations to define performance targets (uptime) for Azure products and services

A

Service Level Agreements

116
Q

A logical collection of Azure services that links to an Azure account

A

Azure subscription

117
Q

The support plan that does not offer 24x7 access to Support Engineers by email and phone

A

Developer

118
Q

True or False. An organization that pays for resources in advance can take advantage of discounted pricing through Azure Reservation offers

A

True

119
Q

This give all Azure customers a chance to test beta and other pre-release features

A

Public Preview

120
Q

A product or feature that is released to all Azure customers

A

General availability