Monitor and back up Azure resources

Question 1

Describe ‘Azure Backup’

Answer 1

Provides backup solutions for all Azure-managed data assets.

Question 2

Define Recovery Time Objective (RTO)

Answer 2

Target time within which a business process must be restored after a disaster occurs to avoid unacceptable consequences.

Question 3

Define Recovery Point Objective (RPO)

Answer 3

The max time of acceptable data loss that is not detrimental to operations; Frequency at which backups should occur.

Question 4

What are the four components of the Azure backup service?

Answer 4

1. Workload integration layer - Backup Extension
2. Access tiers - Data Plane
3. Availability and Security - Data Plane
4. Management Plane – Recovery Services vault/Backup vault and Backup center

Question 5

Where is the data backed up by Azure backup service stored?

Answer 5

Stores backed-up data in vaults.

Question 6

Describe the functionality of the vaults Azure backup services stores backed up data?

Answer 6

An online-storage entity in Azure that’s used to hold data such as backup copies, recovery points, and backup policies.

Question 7

What are the two types of Azure backup service vaults?

Answer 7

Recovery Services vaults and Backup vaults.

Question 8

What are the two backup methods Azure backup service offers?

Answer 8

Supports full backups and incremental backups.

Question 9

What are the four additional backup methods does Azure backup service offer only for SQL servers?

Answer 9

Differential (Incremental); Multiple backups per day; Selective disk backup; Transaction Log.

Question 10

Describe the Multiple backups per day method Azure backup service offers for SQL servers

Answer 10

Enhanced backup policy to set the backup schedule to 4, 6, 8, 12, and 24 hours.

Question 11

Describe the selective disk backup method Azure backup service offers for SQL servers

Answer 11

Enhanced backup policy; Selectively back up a subset of the data disks.

Question 12

Describe the Transaction Log backup method Azure backup service offers for SQL servers

Answer 12

Point-in-time restoration from 15 minutes up to a specific second.

Question 13

Define the ‘Backup Extension/Workload integration layer’

Answer 13

Agent installed on the source and generates the backup.

Question 14

How is the backup data transported/transferred?

Answer 14

Transferred to the data plane (Azure Backup managed storage) via secure Azure network connections.

Question 15

Describe the ‘Access tier/Data plane’

Answer 15

Tiers where data are stored based on the type of type of backup.

Question 16

What are the 3 access tiers in the data plane that store backups from Azure backup service?

Answer 16

1. Snapshot tier
2. Vault-Standard tier
3. Archive tier

Question 17

Describe the snapshot tier in the data plane of Azure backup service

Answer 17

Specific storage Azure file snapshots and Azure blob snapshots (including data disks and VMs).

Question 18

What the the purpose of the snapshot tier in the data plane of Azure backup service?

Answer 18

Snapshot-tier restores are faster because they eliminate the wait time for snapshots to get copied to from the vault.

Question 19

How is the snapshot tier faster than the tiers that utilize the vault?

Answer 19

Data in this tier is retained in the customer’s subscription itself in a specified resource group.

Question 20

The ensure redundancy, where is an extra copy of data stored in the snapshot tier located?

Answer 20

There’s a copy of the backup data in both the snapshot tier and the vault-standard tier.

Question 21

Describe the ‘Vault-Standard tier - data plane’

Answer 21

Where backup data for all workloads supported by Azure Backup is stored;

Question 22

Define a ‘vault’

Answer 22

An online storage tier that allows you to store an isolated copy of backup data managed by Azure backup.

Question 23

Describe the ‘Archive tier’

Answer 23

Storage tier for Long-Term Retention (LTR) backup data with retention needs typically defined by compliance rules.

Question 24

After data is stored, how does Azure ensure availability in the data plane?

Answer 24

Data is replicated to another failure domain based on a replication service chosen by the customer.

Question 25

After data is stored, how does Azure ensure security in the data plane?

Answer 25

By encrypting it and implementing Azure role-based access control (Azure RBAC).

Question 26

How does Azure backup service provide protection against accidental deletion of a backup?

Answer 26

By using soft-delete operations; Deleted backup is stored for 14 days, free of charge.

Question 27

How can backups be managed to ensure they don’t take up too much space

Answer 27

Backup retention policies with backup data lifecycle management.

Question 28

What is the logical assignment of a vault?

Answer 28

In the management plane because its used to orchestrate and manage backups with policies.

Question 29

What tool can you use to manage backups spanning multiple workload types, vaults, subscriptions, regions, and Azure Lighthouse tenants?

Answer 29

Backup center.

Question 30

What are the four backup services Microsoft Azure offers for VMs?

Answer 30

1. Azure Backup
2. Azure managed disks images
3. Azure managed disks snapshots
4. Azure Site Recovery

Question 31

Describe how Azure backup performs backups for VMs

Answer 31

Takes a snapshot of the VM and stores the data as recovery points in vaults.

Question 32

When resorting a VM from Azure backup, what are the restore methods available?

Answer 32

Restore the entire VM or specific files only.

Question 33

Describe ‘Azure Site Recovery’

Answer 33

Protects your virtual machines from a major disaster scenario when a whole region experiences an outage due

Question 34

Describe ‘Azure managed disks - snapshot’

Answer 34

A read-only full copy of a managed disk that’s stored as a standard managed disk by default.

Question 35

How is a managed disk snapshot billed?

Answer 35

For the total amount of backup data.

Question 36

Describe ‘Azure managed disks - image’

Answer 36

Captures a single image that contains all managed disks associated with a virtual machine, including both the operating system and data disks.

Question 37

What are the two phases performed by the backup job/service when creating a VM snapshot?

Answer 37

1. Snapshot of the VM data
2. Transfer the snapshot to an Azure Recovery Services vault

Question 38

What is the default recovery point objective Azure keeps snapshots for?

Answer 38

2 days.

Question 39

What is the most amount time the default retention value can be set to?

Answer 39

5 days.

Question 40

How are incremental backups stored in Azure backup or what are they stored as?

Answer 40

Stored as page blobs (Azure Disks).

Question 41

Can a snapshot be recovered in-between phase 1 and phase 2 of the backup job/service?

Answer 41

Yes

Question 42

Where is the backup data from phase 1 in the backup job/service stored?

Answer 42

Local Redundancy Service; in a specified resource group.

Question 43

What is the purpose of the ‘Azure Recovery Services vault’

Answer 43

To store copies of data, or configuration information for virtual machines, workloads, servers, or workstations.

Question 44

What are the required steps to implement Azure backup?

Answer 44

1. Create a Recovery Services vault
2. Define backup policy options
3. Backup VMs

Question 45

What are the two replication options to choose from when creating a recovery services vault?

Answer 45

Geo-redundant (GRS) is the default or Locally Redundancy (LRS).

Question 46

What is the purpose of a backup policy?

Answer 46

Specifies when to take the data snapshots, and how long to keep the snapshots.

Question 47

What do stored snapshots represent?

Answer 47

A recovery point of the data.

Question 48

What is required for the backup job/service to operate and perform phase 1 and 2?

Answer 48

Requires the Microsoft Azure Virtual Machine Agent to be present on your Azure virtual machine.

Question 49

Which Azure backup service can be used to backup physical servers, on-prem VMs, and AWS VMs?

Answer 49

Azure Site Recovery

Question 50

What’s the best backup method for a company’s production virtual machines?

Answer 50

Azure Backup

Question 51

Define ‘Azure Monitor’

Answer 51

Solution for collecting, analyzing, and responding to telemetry data from on-premises and cloud environments.

Question 52

What does monitoring a system consist of?

Answer 52

Collecting and analyzing data.

Question 53

What is the data collected by Azure Monitor used for?

Answer 53

Used to determine the performance, health, and availability of applications resources.

Question 54

What are the 4 categories of services Azure Monitor offers?

Answer 54

1. Core
2. Application
3. Infrastructure
4. Shared Capabilities

Question 55

What are the two types of data Azure monitor collects?

Answer 55

1. Metrics
2. Logs

Question 56

Describe ‘Metrics’

Answer 56

Numerical values that describe some aspect of a system (compute power/performance) at a particular point in time.

Question 57

Describe ‘Logs’

Answer 57

Data organized into records with different sets of properties for each type.

Question 58

What are the general sources Azure monitor can collect data from?

Answer 58

Apps; OS; Services/Resources/Dependencies; APIs.

Question 59

When does Azure Monitor begin collecting data on cloud resources?

Answer 59

As soon as you create your Azure subscription and add resources.

Question 60

Where are logs regarding the creation or modification of resources stored?

Answer 60

Stored in Azure Monitor activity logs.

Question 61

What are the 5 tiers of Azure Monitoring data?

Answer 61

1. Application
2. Guest OS
3. Azure resource
4. Azure subscription
5. Azure tenant

Question 62

What monitoring data is stored in the Azure Monitor application tier?

Answer 62

Contains monitoring data about the performance and functionality of application code.

Question 63

What monitoring data is stored in the Azure Monitor Guest OS tier?

Answer 63

Data about the operating system on which your application is running.

Question 64

What monitoring data is stored in the Azure Monitor resource tier?

Answer 64

Data about the operation of any Azure based resource including consumption details.

Question 65

What monitoring data is stored in the Azure Monitor subscription tier?

Answer 65

Data about the operation and management of the Azure subscription as well as the health and operation of Azure itself.

Question 66

What monitoring data is stored in the Azure Monitor tenant tier?

Answer 66

Data about the operation of your tenant-level Azure services, such as Microsoft Entra ID.

Question 67

What is the purpose/function of Azure Monitor Activity Logs

Answer 67

Provides insight into subscription-level events that occur in Azure; Help determine “what, who, and when” for any write operation.

Question 68

What is the retention period for Azure Monitor activity logs?

Answer 68

90 days.

Question 69

What is the purpose of Azure Log Analytic(s)?

Answer 69

A tool in Azure Monitor to edit and run log queries for the data collected in Azure Monitor Logs.

Question 70

What is the first step in utilizing log analytics in Azure Monitor?

Answer 70

Create a workspace.

Question 71

What is unique to each workspace in log analytics?

Answer 71

Workspace ID and resource ID.

Question 72

What is the purpose of a workspace?

Answer 72

The configured destination for the sources to send data for analysis and storage.

Question 73

How is data stored in the log analytics workspace?

Answer 73

In tables

Question 74

Describe ‘Azure Network Watcher’

Answer 74

Monitor, diagnose, and manage resources in an Azure virtual network.

Question 75

Describe is the function of the ‘IP flow verify’ feature of Azure Network Watcher

Answer 75

To monitor, diagnose, and manage resources in an Azure virtual network.

Question 76

What is the purpose of ‘IP flow verify’

Answer 76

Helping to ensure correct application of your security rules in an NSG.

Question 77

If IP flow verify in Network Watcher fails, but the cause is not the NSG, what is the next course of action?

Answer 77

Explore other areas, such as firewall restrictions.

Question 78

Describe is the function of the ‘Next hop’ feature of Azure Network Watcher

Answer 78

View the next hop in a network route to analyzing routing configuration.

Question 79

Describe is the function of the ‘NSG diagnostics’ feature of Azure Network Watcher

Answer 79

Map IP traffic through a network security group.

Question 80

Describe is the function of the ‘Connection troubleshoot’ feature of Azure Network Watcher

Answer 80

Check a direct TCP or ICMP connection from a virtual machine, application gateway, or Azure Bastion host to a virtual machine.

Question 81

What is the purpose of the next hop feature of Azure Network Watcher?

Answer 81

Checks if traffic is being directed to the intended destination or next hop of if a route is broken.

Question 82

What is the purpose of the Network Watcher feature ‘topology’

Answer 82

Generates a visual diagram of the resources in a virtual network/infrastructure.

Question 83

What are the 4 components of an alert rule in Azure Monitor?

Answer 83

1. Resource/target
2. Condition - Metric; Activity; Log
3. Action
4. Alert Details

Question 84

What triggers an alert?

Answer 84

A specified threshold.

Question 85

Define a static metric alert

Answer 85

Static conditions and thresholds that you define.

Question 86

Define a dynamic metric alert

Answer 86

Use machine-learning tools that Azure provides to automatically improve the accuracy of the thresholds defined by the initial rule.

Question 87

What are the two parameters defined when configuring dynamic threshold alerts?

Answer 87

1. look-back period
2. number of violations

Question 88

How is a ‘dimension’ created?

Answer 88

Define one metric alert rule and have it applied to multiple related instances.

Question 89

What does a log alert rule consist of?

Answer 89

Log query (specified query); Time range/period; Frequency; Threshold.

Question 90

What are the two types of log alert search results?

Answer 90

1. Number of records
2. Metric measurement

Question 91

Describe the ‘number of records’ log search

Answer 91

Returns a single alert when the number of records in a search result reaches or exceeds the value for the number of records (threshold).

Question 92

Describe the ‘Metric measurement’ log search

Answer 92

Triggered when a range of criteria that defines a patter or trend is found.

Question 93

What are the four criteria used to define a metric measurement log search?

Answer 93

1. Aggregate function
2. Group field
3. Interval
4. Threshold

Question 94

How are users or admin notified of alerts in Azure Monitor?

Answer 94

Action groups containing actions and users to contact are notified.

Question 95

What type of data does Azure Monitor collect automatically?

Answer 95

Azure Monitor Metrics automatically monitors a predefined set of metrics for every Azure VM, and retains the data for 93 days with some exceptions.

Question 96

How is data collected for a guest OS, workload, or application installed on a VM?

Answer 96

Install Azure Monitor Agent and set up a data collection rule (DCR).

Question 97

Describe a ‘data collection rule (DCR)’

Answer 97

DCRs define what data to collect and where to send that data.

Question 98

Can Azure Monitor Logs store both metrics and event logs?

Answer 98

Yes.

Question 99

Can Azure Monitor Metrics store both metrics and event logs?

Answer 99

No; Azure Monitor Metrics can store only metrics data

Question 100

Describe ‘VM insights’

Answer 100

Azure Monitor feature useful for exploring overall VM usage and performance when you don’t yet know the metric of primary interest.

Question 101

What configuration is predefined in VM insights to automatically draw common Windows and Linux performance counters?

Answer 101

Preconfigured data collection rule (DCR).

Question 102

Describe a VM insight ‘workbook’

Answer 102

Workbooks show performance, connections, active ports, traffic, and other collected data from one or several VMs.

Question 103

What are the two main types of monitoring data that Azure Monitor collects for Azure VMs?

Answer 103

Metrics and logs.

Question 104

What do you need to do to enable recommended alert rules when you create a VM?

Answer 104

Select Enable recommended alert rules on the Monitoring tab.

Question 105

What’s a quick way to install the Azure Monitor Agent to collect guest OS metrics?

Answer 105

Select the Azure Monitor Agent when you enable VM insights.

Question 106

How can you view log data collected by a DCR?

Answer 106

By using a KQL query in your Log Analytics workspace.