Post Exam Study Material Flashcards
What is part of Azure Monitor?
Azure Log Analytics
Application Insights
How do Azure Monitor, Service Health and Azure advisor alert you?
Through action groups
T or F
anytime you do anything with your resources ARM is involved
True
Infrastructure as a code
manage your infrastructure as lines of code
what are two examples of using infrastructure as a code?
ARM templates and Bicep
Managing tools for your enviornment
Azure portal
Azure PowerShell
Azure Command Line Interface (CLI)
OpEx
operational expense
impacting factors that affect cost
Resource type
Consumption
Maintenance
Geography
Subscription type
Azure Marketplace
can creating the same storage in another region change the cost?
yes, as well as changing any settings
are some data inbound transfers free? (data going into Azure datacenter)
yes
what is the pricing for outbound data transfers? (data leaving Azure datacenter)
pricing is based on the zone
what is a zone?
geographical grouping of Azure regions for billing purposes
What is the cost management tool?
quickly check Azure resource costs, create alerts based on resource spend, and create budgets that can be used to automate management of resources.
What are the 3 types of cost alerts?
Budget alerts
Credit alerts
Department spending quota alerts.
what can you set budgets for?
You can set budgets based on a subscription, resource group, service type, or other criteria
how are tags beneficial?
they provide extra information about resources such as
resource management
cost management and optimization
operations management
security
Governance and regulatory compliance
Workload optimization and automation
how can you manage tags?
You can add, modify, or delete resource tags through Windows PowerShell, the Azure CLI, Azure Resource Manager templates, the REST API, or the Azure portal.
what is an action group?
a collection of notification preferences
CapEx - Capital expenditure
one time up front cost.
ex - buy a car
pave a parking lot
build a datacenter
OpEx - operational expenditure
spending money on products or services over time.
renting
leasing a vehicle
what is scailability
the ability to adjust resources to meet demand
what is reliability?
the ability for the system to recover from failures and continue to function
what is performance predictability?
focuses on predicting the resources needed to deliver a positive experience for your customers
what is cost predictability?
focused on predicting or forecasting the cost of the cloud spend
management IN the cloud
Through a web portal.
Using a command line interface.
Using APIs.
Using PowerShell.
management of the cloud
managing your resources
who uses Sovereign regions?
US DoD Central, US Gov Virginia, US Gov Iowa and more
and china??????
What are Azure Reservations?
help you save money by committing to one-year or three-year plans for multiple products.
Reservations provide a billing discount and don’t affect the runtime state of your resource
t or f
Reservations provide a billing discount and don’t affect the runtime state of your resource
true
Azure App Service, Azure SQL Database, and Cosmos DB are examples of which cloud computing service?
PaaS
Can an Azure resource have multiple delete locks?
yes
can an azure resource inherit locks from its resource group?
yes
if an azure resource has a read only lock, can you add a delete lock to the resource?
yes
what is a resource?
anything you create, provision, deploy, etc. - VMs, virtual networks, databases, cognitive services, etc
t or f
a resource can only be in one resource group at a time
true
how many management groups can be supported in a single directory?
10,000
t or f
each management group and subscription can support multiple parents
fales.
each can support only one
azure management groups
organize subscriptions into management groups and apply governance conditions to the management groups.
what is azure storage redundancy?
ensures your storage account meets it availability and durability targets even in the face of failures
storage tiers
hot - accessed frequently
cool - 30 days
cold - 90 days
archive - 180 days
Azure Queues
stores large number of messages
Azure Disks
block level storage volumes for use with VMs
Azure Tables
store large amounts of structured data. NoSQL datastore
what is Azure Data Box?
a physical migration service that helps transfer large amounts of data in a quick inexpensive reliable way
what is AzCopy?
a command line utility that you can use to copy blobs or files
What is Azure Storage Explorer?
a standalone app that manages files and blobs
which tool automatically keeps files between an on premises windows server and azure cloud environment updated?
azure file sync
what is Microsoft Purview?
a family of data governance, risk, and compliance solutions that helps you get a single unified view into your data
what are the two main solution areas that comprise Microsoft Purview?
risk and compliance
unified data governance
t or f
Microsoft Purview helps to manage and monitor your data
true
t or f
Microsoft Purview provides a unified data governance solution to help manage and govern your on premises, multi cloud, and software as a service (SaaS) data
true
Is microsoft purview a pay for what you use?
yes,
it helps reduce the need for manual and custom data discovery
plus scan SQL servers and Power BI tenants at no extra cost
what’s an availability set?
logical groupings of VMs that reduce the chance of correlated failures bringing down related VMs at the same time
how many fault domains and update domains can availability sets have?
fault - 3
update domains - 20
public endpoints
have public IP addresses and can be accessed from anywhere in the world
private endpoints
exist within a virtual network and have a private IP address from within the address space of that virtual network
Economies of scale
do things more efficiently or at a lower cost per unit when operating at a large scale
fixed price model
provision resources and pay for the instances whether you use them or not
Azure Functions
an event-driven, serverless compute platform that helps you develop more efficiently using the programming language of your choice.
Azure Functions are triggered by what?
triggered by events. means they don’t have to pull remote systems to see if an event has occurred
Serverless and push =
event grid
are logic apps serveless?
yes
Word Association : Serverless
Logic App
Functions
Event Grid
Logic App
helps you schedule, automate, and orchestrate tasks, business processes, and workflows
what has prebuilt connectors?
logic apps
event grid
easily manage events across many different Azure services and applications
Generally expressed as 9’s
availability
elasticity
automatically grow and shrink based on app demand
Storage redundancy options
LRS
ZRS
GRS
GZRS
LRS - locally redundant storage
copies your data 3x within a single physical location in the primary region
ZRS - zone redundant storage
copies your data synchronously across 3 Azure availability zones in the primary region
t or f
with LRS and ZRS redundancy is limited to the primary region only
true. will not help in a disaster that takes out an entire region
GRS - geo redundant storage
Copies your data synchronously three times within a single physical location in the primary region using LRS. It then copies it asynchronously to a single physical
location in the secondary region.
GZRS - geo zone redundant storage
Copies your data synchronously three times within the
primary region using ZRS.
It then copies it asynchronously to a single physical
location in the secondary region.
Authentication
proving who you say you are
Authorization
granting an authenticated party permission to do something
what is zero trust based on
security based on identity, not on network primeter
t or f
with zero trust you must prove everything
true
zero trust security
assume breach, verify explicitly, least privilege access
Reserved capacity
manage cost across predictable and variable workloads
Initiative
a collection of azure policies that are grouped together
do locks override permissions?
yes
azure mobile app
app for iOS and Androids that enables managing, tracking health and status, and troubleshooting your Azure resources
hybrid connection options for Azure
VPN gateway
ExpressRoute
t or f
availability sets stagger VM updates
true
t or f
update domains apply up dates while knowing only one update domain grouping will be offline at a time
true
t or f
fault domains group your VMs by common power source and network switch
true
Azure container instances run what kind of containers?
docker container on demand in a managed, serverless Azure environment.
good for solutions that can operate in ISOLATED CONTAINERS without orchestration
fault tolerance
to continue operating without interruption when one or more of its components fail
t or f
PaaS solution provides full control of Operating Systems that host applications
false
t or f
you must install the software that you want to use with IaaS
true
t or f
You must apply software updates when consuming SaaS service
false
t or f
Azure Backup is an example of PaaS
true
t or f
Azure Container Instances lets you run Docker containers
true
t or f
serverless computing is an example of consumption based plan
true
t or f
with a consumption based plan, you reduce overall costs by paying only for extra capacity when it is required
true
can you have resources that belong to multiple locations in the same resource group?
yes
t or f
Azure provides flexibility between CapEx and OpEx
true
Restrict which virtual machine types can be created in subscription
Azure Policy
deploy a comple Azure application enviornment including resources configuration and role assignments
Azure Blueprints
Process data from millions of sensors
Azure IoT Hub
Provides a cloud based Enterprise data warehouse solution
Azure Synapse Analytics
you need to control the ports that devices on the internet can use to access virtual machines, what do you use?
network security group
t or f
you can create group policies in Azure Active Directory?
false
t or f
app service, azure search, and azure CDN are examples of PaaS?
true
you are building an application using Azure and you need a service that sends push notifications from the backend.
Azure notification hubs
You can use Azure file sync agent to sync on premise data to an azure
file share
t or f
each azure subscription can contain multiple account administrators
false
t or f
an azure subscription can be managed by using a Microsoft account only
false
at which layer of OSI does ExpressRoute Operate?
layer 3
which factor always increases your network costs no matter how your Azure topology is constructed?
the amount of outbound data
which azure service provides a graphical way to model business processes as a series of steps?
logic apps
A managed service that provides bidirectional communication between IoT devices and Azure
IoT Hub
a software and hardware solution that provides communication and security features from IoT devices
Azure Sphere
A fully managed SaaS solution to connect, monitor and manage IoT devices at scale
IoT Central
t or f
Azure Active Directory lets you set dynamic membership rules
true
t or f
Authentication is the process of establishing which level of access an authenticated user of service has
false - this is authorization
which Azure service provides server less workflow orchestration to let you integrate apps, data, systems or organizations?
Logic Apps
what should you use to evaluate whether your company’s azure enviornment meets regulatory requirements?
Microsoft defender for cloud
you need to create a storage solution in Azure for a planned mapped drive
file service in a storage account
your company has several business units. each unit requires 20 different azure resources daily. you need a solution to automate the creation of azure resources
ARM templates
which node in the Azure portal should you use to assign a user the Reader role for a resource group?
Access Control (IAM)
to deploy an application to a number of Azure virtual machines, you should create what kind of group?
deployment group
you attempt to create several managed microsoft SQL Server instances in an Azure enviornment and receive a message that you must increase your Azure subscription limits. what should you so to increase the limits?
Create a new support request
an example of how an organization can enforce Zero trust
encrypt files in transit and at rest
you have an Azure enviornment that contains multiple Azure VMs. you plan to implement a solution that enables the client computers on your on premises network to communicate to the Azure VMs. you need to recommend which Azure resources must be created for the planned solution. which two resources should you include in the recommendation?
a virtual network gateway
a gateway subnet
Which azure networking service offers an encrypted public connection between Azure networks and on premises network?
virtual private networks
when you transfer data to an Azure resource its know as?
ingress traffic
when you transfer data out of an Azure resource its know as?
egress traffic
t or f
Trust Center provides information about the Azure Compliance offering?
true
t or f
You can improve composite SLA by adding redundant service to your application?
true
t or f
all azure services in private preview must be accessed by using separate Azure portal?
false
what is Microsofts managed network security service in Azure that protect Azure Virtual networks resources?
Firewall
what is an Apache spark based analytics service?
Azure Databricks
what azure service provides a set of version control tools to manage code?
Azure Repos
which storage access tier has the highest storage costs but the lowest access cost?
Hot tier
what provides in depth information about security, privacy, compliance offerings, policies, and features across Microsoft Cloud Products?
Microsoft Purview Compliance portal
Premium block blob storage accounts only support what redundancy?
ZRS
what is used to store app secrets?
Azure Key Valut
what is used to grant permission to Azure Virtual Desktop resources?
RBAC
can you use azure Active Directory to set permissions by dividing users into groups?
yes
are azure logic apps a server less solution for running code?
no - you cannot run code like on azure functions
what two services can you use to manage containers?
Azure container instances
Azure Kubernetes service
provides access to Azure compute capacity at deep discounts
Azure Spot Virtual machine instances
you need to collect and automatically analyze security events from azure Active Directory. what should you use?
Microsoft Sentinel
DDoS protection is an example of a protection of
Network layer
where should you store certifications?
Azure Key Vault
t or f
Azure DevOps Services includes a Git repository for developers to store code
True
Which Azure service helps you automatically classify and label data based on its sensitivity to enforce data protection policies?
Azure Purview
what provides a platform for creating workflows?
logic apps
what should you use to store unmanaged data disks for a VM?
Containers
examples of PaaS
Azure Web App
Azure Logic App
Azure SQL Database
