AZ-103T4
What is route priority?
When Azure selects the route type in this order: user-defined (UDR), BGP, then system route
What is the limit for virtual networks in a subscription?
You can have up to 50 vNets per subscription per region
What is the difference between a basic sku and a standard sku for a public IP address?
A basic SKU can have a static or dynamic IP and has no network security groups by default The basic SKU allows for static or dynamic IP, open to inbound traffic by default and does not support Availability Zones. The standard SKU is static IP only, closed to inbound traffic by default and zone redundant.
What is a subnet?
A logical segmentation within a virtual network
What are the two types of Vnet peering?
Regional, where two networks within a region appear as one, or global, where two networks from different regions appear as one from a connectivity standpoint
What happens when a subnet has BGP propagation enabled?
Routes are automatically added to the route table of the subnets when this happens
What is a system route?
route defined by Azure to direct network traffic between virtual machines, on-premises networks, and the Internet
What command would you use in PowerShell to connect a NSG to a Vnet?
set-azurermvirtualnetworksubnetconfig
What are the ways you can connect virtual networks within Azure?
VNet Peering and Vnet-to-Vnet connections are the ways to do this
What are the naming considerations for a virtual network?
up to 80 characters. May contain letters (upper or lower case), numbers, underscore, periods, or hyphens. Must start with a letter or number. Must end with a letter, number, or underscore.
What is a security consideration when using Vnet peering?
while this is a private connection between two virtual networks, it is not encrypted.
What is Network Watcher?
A virtual network diagnostics platform
What does standard DDoS protection include?
Adaptive tuning, telemetry and notifications are included with this network security feature
What are some considerations for planning virtual networks?
Azure locations, communications between locations, communication to on-premise, how many resources, how resources are grouped, how traffic is controlled
What is an IP addressing consideration for a subnet?
Azure reserves the first three and the last IP addresses in the address range
What is the default routing for all traffic within a VNet?
By default, this is routed between all the subnets
What is an address space in a virtual network?
Collection of address prefixes in CIDR notation.
What is a consideration for creating UDR's?
Each route table can be associated to multiple subnets, but a subnet can only be associated to a single route table
What is a route table?
It contains a set of rules that specifies how packets should be routed in a virtual network.
How long is the IP address lease for a VM?
It exists for the life of the resource or when it is stopped and deallocated.
What is a best practice for applying static IP's?
It is recommended not to apply this to the OS of the VM or connections could be dropped or fail entirely
What are common uses for static public IP's?
It should be used for an IP linked to an SSL certificate or it's a prerequisite for a resource
What are common uses for static private IP's?
It should be used for domain controllers, DNS servers or it's a prerequisites for a resource
What are Vnet-to-Vnet Connections?
Site-to-Site VPN tunnels between virtual networks
What is the other difference between a dynamic and a static IP in Azure?
The dynamic IP is allocated when the VM is started. That static IP is allocated during provisioning.
What are additional options to configure for a public IP address in the portal?
The idle timeout for connections and a dns label, unique to the location of the resource can be configured for this
What is a consideration for a public IP for a VPN gateway?
The public IP for this resource must be dynamic
What place store system routes?
These Azure-defined routes are configured in route tables
What is a consideration for Vnet peering or Vnet-to-Vnet VPN gateway?
These methods of connecting separate virtual networks can only do so when the resources are in the same subscription
What is a configuration consideration when using Vnet Peering?
This connectivity can be configured across subscriptions as long as they are part of the same Azure AD tenant
What is longest prefix match?
This happens when Azure selects a route that matches the most octets in a CIDR block.
How is a route selected in Azure?
This is done by either longest prefix match or route priority
When must you add public IP addresses to a network interface?
This must be added after the network interface has been provisioned
What is the public IP address basic sku type?
This sku would be selected if IPv6 public IP addresses were required
What are some typical examples of traffic handled by system routes?
Traffic between VMs in the same subnet, in different subnets in the same virtual network, in a VNet-to-VNet VPN, along with data flow from VMs to the Internet and Site-to-Site or ExpressRoute communication through a VPN gateway.
What is a configuration consideration when using Vnet-to-Vnet connections?
VPN gateways have to be created in each virtual network for this to work, and if being done across subscriptions must be done in PowerShell
What is the smallest CIDR block you can configure in Azure?
a /29 block
What is a route?
a rule that specifies where packets go in a virtual network.
What is the addressprefix of a subnet?
a single CIDR block that is part of one of the Vnet's address spaces
What is Border Gateway Protocol (BGP)?
a standard routing protocol commonly used on the Internet to exchange routing and reachability information between two or more networks.
What are the basic steps to implementing custom routing?
creating the route table, creating the route, and associating the route to the subnet.
What is Vnet peering?
functionality that creates seamless connectivity between virtual networks within Azure. As a result the virtual networks appear as one for connectivity purposes.
What is a virtual network?
it is a logical isolation of the Azure cloud dedicated to your subscription
What are the CIDR blocks that you cannot use?
multicast (224.0.0.0/4), broadcast (255.255.255.255/32), loopback (127.0.0.0/8), link-local (169.254.0.0/16), Azure internal DNS (168.63.129.16/32)
What are the basic properties of a virtual network?
name,location,address space,subnets,dhcpOptions,dnsServers
What are the basic properties of a subnet?
name,location,addressprefix,networkSecurityGroup,routeTable,ipConfigurations
What is a user-defined route (UDR)?
network traffic control that is not defined by Azure