Questions Flashcards
Explain IaaS Infrastructure as a Service
Renting server resources (CPU, Mem, Disk) from a Cloud provider. Eg; Azure Virtual Machines and Container Services, allows access to underlying OS
Expain PaaS Platform as a Service
Renting server platforms to run code on. Eg: Azure SQL Databases, App Services, CDN. No access to underlying OS
Explain FaaS Function as a Service
PaaS for event-driven serverless computing. Eg: Azure Functions
What is Azure App Services?
Fully Managed service for running Web, API, Mobile, Logic, and Function apps
What is a Site-to-Site VPN used for?
Connecting on-prem environments to Azure services
What is a P2S Point-to-Site VPN used for?
Connecting a single device to Azure services securely
What is a VNet Peering Connection used for?
Connecting services in separate virtual networks together
What is Azure Monitor used for?
Collecting, Analyzing, and Acting on status events for Azure and on-prem services. Basically Zabbix.
What is Azure Resource Manager Templates?
Infrastructure as Code for Azure. Similar to Terraform.
What is Azure Resource Manager?
The API Layer used for all interactions with Azure services, used for creating/deleting/modifying/managing Azure services via console, cli, or script
What is Azure Events Hub?
PaaS for ingesting and processing streaming data, compatible with Kafka
What is Azure Advisor used for?
Checking Azure environment for best practices, advises on optimising cost, performance, reliability, and security
What’s the difference between Availability Sets and Scale Sets?
Availability sets define hardware redundancy (across physical networks, AZ’s, etc). Scale Sets are groups of autoscaling VM’s
What platforms is Azure Powershell available on?
Windows, Mac, and Linux
What is Azure Blob?
Object cloud storage, similar to Amazon S3
What is Azure Disks?
Block level storage volumes that can be attached to VM’s
What is Azure Tables?
Structured NoSQL datastore
What is Azure Files?
NFS stores that can be accessed via SMB
What are VNet Service Endpoints used for?
Connecting Azure services in the same region via private/backend networking
What’s the difference between a Site-to-Site VPN and ExpressRoute?
Site-to-Site goes over public internet, ExpressRoute uses private connections
What is a Network Security Group and what resources can be attached to it?
A list of Allow/Deny rules for traffic going in/out of Azure Resources. Can be attached to a Subnet or a Network Interface
Does Azure charge for Inbound or Outbound Traffic?
Inbound is free. Outbound is charged per GB
What tool can be used to identify idle and underutilized resources?
Azure Cost Management + Billing
What is a Azure Blueprint?
A set of Groups, Policies, ARM Templates, and Roles, used to set up an Azure infrastructure, iterate over it, maintain relationships and versioning
What is Azure vnTAP (Virtual Network Terminal Access Point)?
A Service that allows vm network traffic to be streamed to an analytics tool or packet collector
What’s the difference between Azure Files and Managed Disks?
Files can be mounted on-prem as an NFS share using SMB. Managed Disks can only be mounted onto Azure VM’s
What is Azure Service Fabric?
Fully managed service for deploying microservice based apps
What is Azure Application Insights used for?
Application monitoring for performance and usage data
What does Azure AD Connect Health do?
Monitors on-prem AD and connection health to Microsoft & o365 services
What is an Azure Subscription?
A sub account that sits under your root/main account, AD, Management Groups, and above Resource Groups. Can be used, eg: to separate departments and the resources they directly control. Resources and Resource Groups must belong to a specific Subscription.
What tool can be used for Regulatory / Security compliance?
Microsoft Defender for Cloud
What is Azure Traffic Manager?
A DNS Based load balancer
Do Private and Public Service Previews have Support and SLA’s
Public has support, neither have SLA’s
What is Azure Logic Apps?
A way to to run/schedule/orchestrate tasks between different apps and services.
What Service allows you to quickly create custom VM’s and Azure PaaS for dev purposes?
Azure DevTest Labs
Which regions is Azure Government available in?
USA Only
What does Azure Site Recovery do?
Replicates VM’s to secondary location, helps with Disaster Recovery
What data does a Resource Group contain?
Meta-data about resources, nothing else
How do availability sets work?
When you configure the range of VM’s to provision, the Availability Set specifies and automates which Regions and AZ’s those VM’s are provisioned in to ensure High Availability
What services does Microsoft Sentinel provide?
SIEM (Security Information & Event Management) and SOAR (Security Orchestration Automation Response)
What service do you use for Data Analytics and Big Data Warehousing?
Azure Synapse
What is Azure Event Grid?
Pub/Sub service that can ingest and notify other services of specific events (condition/state changes)
What’s the lowest support plan that includes tickets and billing/subscription management? What’s the lowest that includes phone support?
Basic/free includes ticket support. Phone support requires at least Standard.
What service ensures your Azure env adheres to regional compliance requirements?
Azure Trust Centre
What does Azure Information Protection AIP protect?
Emails and Documents
What service allows JiT VM Access
Microsoft Defender for Cloud
Explain Storage Archive Rehydration
Moving data from the Archive tier to the Hot or Cold tier so it can be read and modified. This process takes a few hours
What are Azure Management Groups?
A collection of 1 or more subscriptions. Sits between AD and Subscriptions. Allows easily managing Azure usage permissions for multiple Subscriptions.
Which Management Tool is used to access CloudShell and Azure Powershell?
Azure Portal
