practice Flashcards
In the Infrastructure as a service cloud service model, the subscriber is responsible for the management of which two components?
- application
- physical networking
- operating system
- storage
- virtualization
Application
Operating system
it stores three data copies in each of two regions
Geo-redundant storage(GRS)
It allows replicated data to be accessed in two zones
Read-access GRS(RA-GRS)
It stores all replicas in one data center
Locally redundant storage(LRS)
(T/F) Azure powershell can be used to create scripts to automate Azure Management tasks
True
(T/F) Azure pwoershell virtual machine(VM) management is limited to WIndows VMs only
False
(T/F) Azure powershell can be run in a browser in the Azure Cloud Shell
True
(T/F)Azure Resource Manager templates use Azure PowerShell syntax
False
(T/F) Azure Active Directory(Azure AD) is used to manage API cryptographic keys
False
(T/F)Azure Storage encryption is enabled by default and cannot be disabled
True
(T/F) Azure Expressroute is used to secure traffic between virtual networks
False
Includes a virtual processor, memory, storage, and networking resources
Azure Virtual Machines
Is a lightweight, virtualized application environment
Container Instances
Includes the abstraction of servers, infrastructure, and operating systems.
Azure functions
Which two locations are valid destination for platform logs and metrics collected by Azure Monitor? Each correct answer presents a complete solution
- a resource health dashboard
- an azure storage account
- an azure log analytics workspace
- an azure advisor monitor
- an azure storage account
- an azure log analytics workspace
_______is the ability to restore a cloud service in the wake of a catastrophic loss
Disaster Recovery
Build a baseline behavioral profile of organizational entities to identify anomalous activity
Microsoft Sentinel
Secure store a database connection string to avoid its accidental exposure in a web site’s source code
Azure Key Vault
Deny traffic to your Azure Virtual Network resource from known malicious IP addresses
Azure firewall
____ defines initiative that allows you to control the type of resources that can be deployed
purpose of a resource group
You should use _________ to provision virtual machines automatically
Scale sets
prevents users from deleting resources from a subscription with contents spanning multiple resource groups
Azure locks
use _________ to use any information from Azure Security Center to develop best practices recommendation for optimization
Azure Advisor
use __________ to define a set of policies to help ensure compliance for resource contained in a resource group
Initative
use ________ to define policies you would combine into a set as an Initiative
Azure Policies
____ are used to define granular security for users and groups over management groups, subscriptions, resource groups and resources
role based access controls (RBACs)
What is the maximum length of time you can use credits from an Azure free subscription before it expires?
30 days
your company wants to create a virtual network with 10 virtual machines and no capital expenditure cost. (what type of cloud model?)
public
your company wants to control the methods used to have high level security for its resources. what kind of cloud model?
private
your company do not have IT experts or money to purchase own servers. What cloud model do you use?
public
what resource is required to use azure cloud shell?
Storage account
(T/F) authentication ensures that the username and password combination is correct
true
(T/F) authorization ensures that an account has sufficient permissions to access a resource
true
(T/F) authentication can use certificates to identify a person or service
True
(T/F) authorization can use passwords to identify a person
false
(T/F) when a blueprint is updated and the updated version is published, any assignment of the blueprints are updated automatically
False
(T/F) when a blueprint is unassigned, all of the resources assigned by the blueprint remain in place, but blueprint resource locking is removed
True
(T/F) When you delete a core blueprint, any assigned version of the blueprint remains in place
true
Outlook
SaaS
Azure SQL Database
PaaS
Virtual machine is what type of infrastructure?
Iaas
(T/F) azure powershell can be used to create scripts to automate Azure management tasks
True
(T/F) Azure powershell virtual machine management is limited to windows vm only
false
(T/F) azure powershell can be run in a browser in the Azure Cloud Shell
True
(T/F) Azure resource manager templates use Azure powershell syntax
false
you use azure cost management and billing to create cost reports. To understand the data in a cost report, microsoft recommends you implement_____
tags
(T/F) azure ad authentication and authorization support requires integration with an on-premise AD
False
(T/F) web apps must be registered with azure ad to support authentication and authorization services
True
(T/F) Azure ad supports authorization through the use of role-based access control
True
An azure multifactor authentication server is required
for authentication when supporting users located on on-premise Active directory only
which azure component provides information about planned maintence and advisories such as depreciated offerings?
Azure Service Health
(T/F) a subscription can contain one or more resource groups
true
(T/F) a subscription can have only one license
False
(T/F) multiple subscriptions can be owned by a single organization
True
use ______ to enable developers to improve app performance and usability
Application insights
use______ to recieve email when the number of request to a web app exceeds 10,000 within an hour
Alerts
use __________ to view the number of VMs that are currently down
Resource health
What does a resource lock do to a virtual machine?
prevents the vm from being deleted
Benefits of using container instances
- a container can be accessed over the internet by ip address or domain name
- a container can run on windows or linux
- a container can scale out as needed
- a container represents a single app and its dependencies
(T/F) Azure active directory is used to manage API cryptographic keys
false
(T/F) Azure storage encrpytion is enabled by default and cannot be disabled
false
(T/F) azure express route is used to secure traffic between virtual networks
false
Benefit cloud bursting provides
cloud based resource are provisioned when on-premise servers reach 100% resource capacity
Azure monitor begins collecting data
as soon as you add a resource to a new azure subscription
Azure advisor integrates with ___________ to help prevent, detect, and respond to threats to azure resources
Microsoft defender for cloud
