Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Cloud > Services & Concepts > Flashcards

Services & Concepts Flashcards

1
Q

What are Iaas, Paas, Saas and On-prem and what a re the differences?

A

Infrastructure as a Service (IaaS)
Platform as a Service (PaaS)
Software as a Service (SaaS)

For On-premises services, you control everything:
Applications, Data, Runtime, Middleware, OS, Virtualization, Servers, Storage, Networking.

For IaaS, Virtualization, Servers, Storage and Networking are managed by the vendor

For PaaS, You control only Applications and Data, everything else is managed by the vendor

SaaS - everything is managed by the vendor.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is Virtualization?

A

Virtualization is concept when you run multiple Virtual machines (Guest machines) on just one Virtual Host.

It also implements a Virtualization layer (Hypervisor)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is Cloud Computing?

A

Cloud computing enables companies to consume a compute resource, such as a virtual machine, storage or an application, as a utility rather than having to build and maintain computing infrastructures in-house

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the most popular cloud providers?

A

Infrastructure as a Service: Microsoft Azure, Amazon Web Services, Google Compute Engine
Platform as a Service: Heroku, Azure Logic Apps, Amazon Elastic Beanstalk
Software as a Service: Office 365, Google G Suite, Salesforce, Dropbox

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are common IaaS Scenarios?

A
  • Test and development scenarios
  • Storage and backups
  • High performance computing
  • Big data analysis
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are common PaaS Scenarios

A
  • Analytics or business intelligence

- Development framework

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the Cloud Computing Deployment Models?

A

Public Cloud - Cloud service provided by a third-party provider, hardware can be shared amongst multiple clients
Private Cloud - Hardware is only used by a single company which often owns the hardware and datacenter
Hybrid Cloud - Combination of public and private cloud with automation and orchestration between the two
Community Cloud - infrastructure is shared between several orgs from a specific community with common concerns (security, compliance, etc.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is Azure Stack product family?

A

Azure Stack product family are solutions for private and hybrid markets.

Azure Stack can be used for connected or disconnected scenarios

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Explain Azure datacenter security policies

A
  • Physical: Accessing datacenter requires prior approval, biometric verifications - standard ISO 27001, HIPAA, Region specific standards
  • Virtual:
  • Data is Encrypted
  • Stored separate from data of other clients
  • Redundancy: data in azure storage is stored 3 times within a single data center, in case of server failure - You can choose to expand that to store this data across different data centers to have true disaster recovery.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are Resources in Azure?

A 
Virtual Machines
Storage Accounts
Web Apps
Databases
VNETs
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is a Resource Group?

A

A resource group is a container that holds related resources for an Azure solution.

  • Resources share the same lifecycle (meaning: you deploy, update and delete them together)
  • Resources you provision should only exist in one Resource Group
  • Resources can communicate across Resource Groups
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is Azure Resource Manager

A

Azure Resource Manager (ARM) - is the deployment and management service for Azure. It’s central for creation, deletion and modification of resources in Azure.

Azure Portal -> Sends request to ARM endpoint -> ARM provides authentication using Azure AD and authorizes that you can perform the action -> ARM sends request to Azure service you are attempting to create, modify or delete

Azure Portal / Azure PowerShell / Azure CLI
\/
Azure Resource Manager -> Azure AD
\/
VM, WebApp, SQL, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is DevOps?

A

In DevOps original division between development and It Operation roles has disappeared.

  • Teams are managing infrastructure using code
  • Definitions can be stored and versioned in code repositories
  • Can be deployed in a repeatable ways (Using CI/CD pipelines)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How does Azure manage Infrastructure-as-Code?

A

Azure has Resource Manager Templates, which

  • are files written in JSON
  • define infrastructure and configuration for all Azure resource in use
  • have declarative syntax
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What’s the purpose of Azure Service Health and Azure Monitor?

A

Azure Service Health and Azure Monitor can help you get informed about the health of your resources in Azure and overall health of the Azure Regions you’ve deployed them to.

Azure Service Health scopes the effected services to the ones that you just use.

  • Service Issues - shows the global view of health across all regions (This information comes from Azure status service: https://status.azure.com/status/
  • Planned maintenance
  • Health advisories - changes in Azure services that require your attention (If features in Service are being deprecated)
  • Security advisories - notifications or violations that may effect availability of Azure applications

Azure Monitor is a solution to analyze telemetry. It allows you to monitor recommendations for Costs, Security, Reliability, operational Excellence, Performance of your resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is Azure Compute?

A

Azure compute is a set of services that provide on-demand computing power. Logical grouping.

  • Virtual Machines
  • Containers (Virtualized environments for running applications)
  • Azure App Service (PaaS) allows hosting API Apps and Mobile Apps
  • Serverless Computing - a way to build applications without managing any underlaying infrastructure. (Azure Functions, Azure Logic Apps, Azure Event Grid)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

How do Azure Virtual Machines work?

A

Azure Virtual Machines are IaaS (Infrastructure as a Service) offering.

  • That means,
  • we have full control over the VM’s, including the operating system - we can install any software and configure it however we want.
  • We can shut it down to save costs (Manually or on schedule)
  • enables hybrid cloud (backups of On-prem environment in the cloud)
  • When creating a VM, there are few key decisions:
  • Type of image (determines operating system and any software that may come preinstalled)
  • Size of VM (Amount of RAM and number of Processors)
  • Availability options (we can deploy two same VM’s to two availability zone and provide load balancing between them; Another Option to provide High Availibility is to configure Virtual Machine Scale Sets)
  • When we create a VM there are other resources that get created:
  • Virtual Network
  • Disk
  • Storage Account
    which
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What are Virtual Machine Scale Sets?

A

They are another option of providing High Availibilty to a VM. We can configure them if we want to create multiple VM’s at once and have load balancing configured.

  • It is a set of Identical Virtual Machines with the same configuration and load balancing
  • Number of VM’s can scale out/in
  • Spread across fault domains and update domains
  • Only pay for the underlying resources (VM’s, Load Balancer, Disk Storage)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is Azure Batch?

A

Azure Batch is another Azure product that leverages Azure VM’s.

  • Allows to create a Pool of Virtual Machines to do
  • Large Scale, High Performance Computing (HPC) in parallel
  • Create a Manage a Pool of Virtual Machines (install applications on them and run computing intensive jobs like image and video rendering, risk modelling, ETL operation or software test execution)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is the purpose of Containers?

A

Containers are a way to wrap up an Application into an isolated package (Server based applications and services). When an app is deployed using a container, everything the application needs to run successfully is included in the container - runtimes, library dependencies.

Container makes environment the same across different deployments

Container is an instance of a Container Image (An Image is a readonly template with instructions on how to create a container). You can create your own container images by levereging existing images and adding frameworks, dependencies and code for the application. Then you can deploy the container in a repeatable way across environments

Container Registry is a service that stores and distributes container images. (Docker Hub, for Azure: Azure Container Registry)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

How Containers are different from Virtual Machines?

A

Virtual Machines (virtualize the hardware):

1) Run on some sort of Infrastructure
2) There is a host Operating System
3) There is a Hypervisor Layer
4) There is a Virtual Machine (contains a full copy of the operating system and virtualizes the underlying hardware)

Containers (virtualize the operating system):

1) The host can be a physical or virtual server
2) On top of Operating system there is a runtime (Docker)
3) On top of the Runtime there are containers, which contain the applications along with any dependencies for that applications

The Containers emulate underlying operating system, rather than emulating the hardware, which makes containers smaller in size than VM and quicker to spin up.

22
Q

What is a Hypervisor?

A

Hypervisor (also known as a virtual machine monitor) runs the virtual machine and provides resources from the host operating system.
A computer on which a hypervisor runs one or more virtual machines is called a host machine. Each virtual machine is called a guest machine.

Hyper-V is Microsoft Hypervisor Technology (There are others like VMware)

23
Q

What is a Docker Container?

A

Docker:

  • is a standard that describes the format of containers
  • provides a runtime for docker containers
  • automates the deployment of containers that can run in the cloud or on premises
  • has a runtime process, that you can install on any workstation or VM.
24
Q

What are the Hosting Options for Containers?

A
  • You can setup a Local Environment by installing a docker runtime (then you can develop the app locally and pack it up into a container image that you would like to deploy)
  • On-premises Servers (hardware or Virtual Servers) by installing the Docker runtime there
  • VMs in Azure
  • Azure Container Instances (ACI) (for environments in Azure that you can deploy containers to, without needing to maintain or patch that environment), its intended for smaller applications. With ACI you only have a single container instance per container image, so you have limited scalability
  • Azure Kubernetes Service (AKS) (for more complex architectures involving containers, when you want more control around deploying and managing health or performance of containers that make up your application)
25
Q

What is Azure Kubernetes Service?

A

AKS:

  • is a container management system that runs in Azure
  • it can scale your application to meet demands by adding or removing container instances
  • as well as monitoring and deploying containers
26
Q

What is Kubernetes?

A

Kubernetes is a platform known as a Container Orchestrator. Kubernetes provides you with a framework to run distributed systems resiliently. It takes care of scaling and failover for your application, provides deployment patterns

Terminology:
Pods - group of one or more containers with shared storage and network resources
Nodes - Virtual Machines

27
Q

What is Azure App Service?

A

You can use Azure App Service in order to host your containers as well as a PaaS (for hosting code directly).

  • It’s similar to traditional web hosting
  • Frameworks runtimes installed on the servers
  • Azure manages web servers for you

Web Apps, API Apps, Mobile Apps, Containers (but you don’t have to), WebJobs (which allows you to run services on the underyling VM’s of the App Service; Can run continuously or on schedule)

Before you can create an App Service you need to have an App Service Plan (App Service Plan, defines the size of the underlying infrastructure - VM’s). You can run multiple App Service’s on one App Service Plan.

App Service has an option to Auto Scale which means that you can configure the App Service Plan to add VM’s when there is increased traffic (Will remove when traffic is lighter) or on schedule

28
Q

Serverless Compute in Azure

A

Serverless computing is about letting developers focus on code and business logic they are developing and not on the underlying infrastructure (abstract).

1) Azure Functions - allow you to run small pieces of code. Are initiated by triggers.
2) Azure Logic Apps - allow you to design workflows in the Azure portal. You can call Azure Functions if you need to. Are initiated from triggers. They have a huge library of connectors (from anything like Sharepoint, Azure Storage, Zendesk, SAP)
3) Azure Event Grid - helps you build apps with event-based architectures. Event Grid connects Event Data Sources and Event Handlers (Subscription to Events and Automation)

29
Q

What is Azure Virtual Network?

A

Azure Virtual Network is the fundamental building block in your private network (it’s a representation of your private network in the cloud).

VNet enables many types of Azure Resources to securely communicate with each other, the internet, and on-premises networks.

Key scenarios that you can accomplish with a virtual network include:

  • communication of Azure resources with the internet, between Azure resources, with on-premises resources,
  • filtering network traffic,
  • routing network traffic,
  • integration with Azure services.

Virtual network has an address space, which is a group of IP addresses that can be assigned to resources like Virtual Machines. They can be further segmented into Subnets.

30
Q

What is the role of Subnets in VNet?

A

VNet is segmented into one or more subnetworks, which are allocated a portion of VNets address space.

Then, you can deploy Azure Resources (like VM’s) to specific Subnet. They can communicate to other VM’s on the same network.

You can also deploy other Azure Resources to VNet, like:

  • Azure Firewall
  • Application Gateway
  • VPN Gateway
  • Redis Cache
31
Q

What is the purpose of VNET Peering?

A

By default, resources assigned in one Virtual Network cannot communicate to resources in another Virtual Network.

You can enable that communication using VNET Peering.

32
Q

What is Public IP Address needed for in Azure?

A

Virtual Machines on the VNet can communicate out to the internet by default. But, in order for inbound communication to take place from the internet, the VM’s need to be assigned a Public IP Address.

Public IP Address, is a separate resource in Azure, it gets assigned to Virtual Resources, like VM’s

33
Q

What are Load Balancers?

A

You can distribute the incoming traffic between Virtual Machines using Load Balancer (there are Public or Private/Internal Load Balancers). It can translate public IP addresses to private IP addresses of the VMs inside the VNet. It’s a high-performance solution that can handle a lot of traffic.

It’s just a load balancing and port forwarding engine, which does not interact with the traffic. It checks the health of the back-end resources and routes incoming traffic.

34
Q

What is Azure Application Gateway?

A

Azure Application Gateway allows for more control of the traffic coming in to the public IP addresses coming in.
It also has additional features and security.

Application Gateway is a web traffic load balancer that exposes a public IP to the internet and can do things like:

  • SSL Termination (Traffic between the client and App Gateway is encrypted, but traffic between the App Gateway and back-end flows unencrypted, which unburdens the VMs from encryption and decryption overhead)
  • Autoscaling
  • Session Affinity (For Applications that require a user to return to the same web server after they’ve started a session)
  • HTTP Header Rewriting
  • Advanced Routing (look at things like host headers or part of the path in the URL)
  • Web Application Firewall (protects from common exploits like SQL injection attacks of cross-site scripting)
35
Q

How can you connect you Azure VNets to your on-premises Networks?

A

You can connect them so the resources are able to communicate to each other (Hybrid Cloud). This can make possible to send encrypted data over the internet, connect to the services and DB’s on on-premises network

You create this connection by creating a virtual network gateway.
- The gateway is created on a virtual machine or machines that are deployed to their own subnet.
- You’ll need an approved VPN device on-premises in order to set up what’s called a site-to-stie VPN.
(You can also create a point-to-site VPN from a single computer to an Azure VNet (not for clients, but rather for administrators))

36
Q

What is an ExpressRoute connection in Azure?

A

ExpressRoute connection is a private connection that doesn’t go over the public internet.

In the standard model, Express Routes require you to work with a third-party provider, which is partnered with Microsoft to connect to Azure.

These providers (AT&T, Verizon) have infrastructure at data centers, where they are colocated Microsoft servers.

ExpressRoute Direct is another service, for big corporate clients with security requirements.

37
Q

What are Network Security Groups?

A

Using Network Security Groups you can control inbound and outbound communication to VMs. They can be attached to subnets to protect access to and from all the resources on the subnet. NSGs contain security rules that allow or deny inbound or outbound traffic from the resources that NSG protects.

38
Q

What is Windows Virtual Desktop?

A

Windows Virtual Desktop is a desktop and app virtualization service in Azure.

  • can provide full desktop to users
  • direct access an app running on a Virtual Machine
  • it’s similar to Remote Desktop Services (RDS)
  • fully managed solution in the cloud

Windows Virtual Desktop supports Windows 10 multi-session, which means you don’t have to overprovision VMs (like previously)

With Host Pools, you can allocate users to sets of VMs - depending on type of workloads it’s gonna have.

39
Q

What is a CDN?

A

Content Deliver Network is a distributed network of servers all around the world that store cached (Caching: the process of storing data locally so that it can be provided more quickly, when it’s requested again in the future) data in order to:

  • minimize the latency of serving the data to global users
  • offloading traffic from the source web or storage servers where the data originates

The data is typically static.

40
Q

What are the benefits of Azure CDN and how it works?

A

With Azure CDN, there is also an option to speed up the delivery of dynamic data using Dynamic Site Acceleration (DSA).

Azure CDN can connect to several back-end sources in order to cache their data. The server it connects to in order to cache the content is called the Origin Server.

  • App Service/Web App
  • Blob Storage
  • Media services
  • Custom origin (to cache data from any publicly accessible server)

The CDN servers that cache the content that’s retrieved from the origin and provide to users are called Edge Servers. They are located in Point-of-presence (POP) locations, which are grouped into CDN regions.

When a request for a web page comes to an Azure CDN endpoint, it redirects it to the edge server, that is geographically closest to the user

Azure CDN is made up of profiles and endpoints.

  • CDN Endpoint is an URL that provides access to content.
  • CDN Profile is a collection of endpoints (Azure CDN is priced at CDN Profile level)
41
Q

What is Dynamic Site Acceleration (DSA)?

A

Dynamic Site Acceleration is a feature of Azure CDN.
It is an optimization option in order to speed up serving dynamic data that is send in response to user behavior (it can’t be cached).

It consists of:

  • Route optimization (find fastest route from edge servers to origin server)
  • TCP Optimization (check bandwidth between edge servers and make decisions so higher data packet transfers are possible)
  • Object prefetch (edge server parses the requested HTML and serves the embedded images and scripts at the same time)
  • Adaptive image compression (monitors network quality and implements JPEG compression methods so users can receive smaller sized images when network speeds are lower)
42
Q

What are the benefits of Azure Data storage solutions?

A

1) Automated backup and recovery
2) Replication across the world to protect against unplanned events and failures
3) encryption capabilities
4) Security and platform integration (Azure AD for Authentication)
5) Development features and support.

43
Q

What are the categories of data stored in the Azure cloud?

A
  • Structured data - data that adheres to a schema, typically stored in a db with rows and columns. (You can host your database on-premises, where you’re responsible for managing and patching the database, but it also has managed offerings which provide convenience and scalability - Azure SQL Database, Azure Database for MySQL, Azure Database for PostgreSQL)
  • Unstructured data doesn’t adhere to schema and is typically stored in different file formats (Azure Blob Storage, Azure File Storage, both of them offer REST APIs, so the data can be securely accessed over the internet)
  • Semi-structured Data (NoSQL) - Cosmos DB
44
Q

What are the options for managing relational databases in Azure?

A

There are three offerings for SQL Server in Azure:

  • Hosting SQL Server on virtual machines (gives full control over the product), but you can also provision a virtual machine with SQL Server already installed. Automated updates and maintenance window, with managed backups in Azure
  • Fully managed PaaS version of the SQL Server known as Azure SQL Database (most of the management functions handled for you - patching, upgrading, backups, monitoring). Pricing model dependent on Vcores or DTU (database transaction units). Can provision, single isolated database or an Elastic Pool (Collection of databases with shared set of resources). Automatic scaling.
  • Azure SQL Managed Instance - it allows you to deploy VM with SQL Server onto your own VNet. Some organizations have security concerns about deploying databases onto a managed public cloud platform.
45
Q

What is Azure Synapse Link?

A

Azure Synapse Link is Azures’ service for analytics. It formats a version of you data that’s optimized for use in analytic queries, so it can be leveraged for machine learning and big data analytics.

46
Q

What are options for creating Azure Storage Accounts?

A

1) Blob storage service - for unstructured data like files and documents
2) File storage - similar to Blob storage, but it supports the SMB protocol, so it can be attached to the VM, which makes migrating traditional on-premises application to the cloud much more seamless
3) Disk storage, which stores the virtual machine disks used by infrastructure-as-a-service VMs
4) Table storage - lets you store structured data in the form of NoSQL, norelational data
5) Queue storage - store and receive messages, to help you build asynchronous, reliable applications that pass messages.

47
Q

What are the main properties of Azure Storage?

A
  • Azure Storage stores the data 3 times in the primary data center by default. This can be extended with other replication options
  • Data in Azure storage can be reached over HTTPS from the internet, each of them has its own rest endpoint https://mystorageaccount.blob.core.windows.net
  • The cost of Azure Storage comes from the amount of storage and transaction costs related to accessing the data)
48
Q

How can you control access to data plane in Azure Storage?

A

There are few options:

  • Role-based access control (for users with identities stored in Azure AD)
  • Storage account key (which gives access to the entire storage account)
  • Shared Access Signatures (is a security token string which gets appended onto the end of the URL, it can scope access to a particular service like only the Blob service as well as to a particular container or folder within that service, contains permissions like read, update, delete)
49
Q

What are Blobs?

A

Blob (Binary Large OBject), can be any type of file. The blob service is optimized for storing massive amount of unstructured data.

There are three types of blobs that you can store:

  • Block blobs store text and binary data (Single block is made of multiple blocks, which helps optimize uploading - is the most cost-effective way to store large number of files)
  • Append blobs (are optimized for appending only: ideal for logs)
  • Page Blobs (store random access files up to 8TB in size)
50
Q

What are the Blob Access tiers in Azure?

A
  • Hot tier - for data that’s accessed frequently (highest storage cost & lowest data access cost)
  • Cool tier - storing infrequently accessed data (lower storage cost and higher transaction data access costs)
  • Archive Tier - for storing archive data - Lowest storage cost, highest data retrieval cost (data is offline, so you have to be willing to wait hours to rehydrate the data)
51
Q

What are the Blob Service Features available in Azure?

A
  • Blob snapshots
  • Blob Leases (that prevent other people from modifying them)
  • Soft delete
  • Static Website Hosting
  • CDN Integration (optimize delivery of blobs to clients over the world)
  • Azure Search Integration - Index the contents of the documents like Word docs, so it enables searching inside of those documents
52
Q

What is Azure Database Migration Service?

A

Azure Database Migration Service (DMS) is a managed service that enables migrating from multiple data sources to Azure data platforms with minimal downtime.
- supports migrating from on-premises databases or dbs in the cloud (Azure or AWS)

Cloud (3 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions