AZ_900 Quizlet_v2_0

" NOSQL - Design

"Not only SQL". Motivations for this approach include: simplicity of design, simpler "horizontal" scaling to clusters of machines (which is a problem for relational databases), finer control over availability and limiting the object-relational impedance mismatch. The data structures used by NoSQL databases (e.g. key-value, wide column, graph, or document) are different from those used by default in relational databases, making some operations faster in NoSQL.

" "Types of proof for MFA within Azure Active Directory

1) A knowledge factor - something the user knows. 2) A possession factor - something the user owns, such as an email address or mobile device. 3) An inheritance factor - something that confirms identity via a physical characteristic, such as a fingerprint or other biometric.

" "cost-saving options which are available to Enterprise customers

15% Discounts on Public Prices

" "ACID Properties

A database transaction, by definition, must be atomic (it must either complete in its entirety or have no effect whatsoever), consistent (it must conform to existing constraints in the database), isolated (it must not affect other transactions) and durable (it must get written to persistent storage). Database practitioners often refer to these properties of database transactions using the acronym ACID.

The Azure networking resource to deploy to ensure that you distribute the incoming requests for your application hosted on multiple virtual machines within a single virtual network

A load balancer can distribute incoming requests between virtual machines within a virtual network, as well as incoming requests from an on-premise location network

" "Partitioning and Clustering in BigQuery

A partitioned table is a special table that is divided into segments, called partitions, that make it easier to manage and query your data. By dividing a large table into smaller partitions, you can improve query performance, and you can control costs by reducing the number of bytes read by a query. Use clustering over a partitioned table when: Your data is already partitioned on a date, timestamp, or integer column. You commonly use filters or aggregation against particular columns in your queries. clustering is not possible for unpartitioned tables. When you create a clustered table in BigQuery, the table data is automatically organized based on the contents of one or more columns in the table's schema. the order of columns you specify is important. Clustering can improve the performance of certain types of queries such as queries that use filter clauses and queries that aggregate data.

" "Azure Portal and RBAC operate within the control plane.

A useful concept to understand is the idea of the control plane, sometimes also called the management plane. The Azure portal is mostly at least, concerned with the control plane. Control plane operations are CRUD operations on Azure resources. Examples of control plane operations are creating a new SQL database server, configuring a network security group firewall, deleting an Azure storage account, modifying the identity and access management permissions on an Azure resource group, or auditing control plane operations, perhaps to see the recent permission changes on Azure resource groups.

"What are valid use cases for Azure Active Directory (AAD)?

Add a custom domain name to your directory Monitor application usage and protect against advanced threats with reporting and monitoring Enable on-premises users single sign-on access to Office 365

" "Microsoft recommendation when creating a resource group

All the resources in a group should share the same lifecycle. One factor to verify that all the resources in a group share the same lifecycle because you deploy, update, and delete them together

What actions can Azure Firewall perform that a network security group cannot?

Allow or deny inbound traffic to or from specific domain names

" "availability sets VS virtual machine scale sets

Availability sets can contain various types of virtual machines, but virtual machine scales sets only contain identical virtual machines.

" "What is Azure Active Directory?

Azure Active Directory (Azure AD) is Microsoft's cloud-based identity and access management service, which helps your employee's sign in and access resources in: External resources, such as Microsoft Office 365, the Azure portal, and thousands of other SaaS applications. Internal resources, such as apps on your corporate network and intranet, along with any cloud apps developed by your own organization

What service can recommend cost optimization methods based on your usage of Azure virtual machines?

Azure Advisor. Advisor will show you the regions and sizes where you potentially have the most savings and will show you the estimated savings from purchasing reservations.

" "A company currently has a requirement to ingest data from a variety of data sources such as their Line of Business applications, click stream analysis from their web applications and data captured from IoT sensors deployed within their environment. Which of the below Azure services would be best suited for ingestion of data?

Azure Data Lake Store Azure Data Lake Store is an enterprise-wide hyper-scale repository for big data analytic workloads. Azure Data Lake enables you to capture data of any size, type, and ingestion speed in one single place for operational and exploratory analytics

" "What Azure services can read data in Azure Data Lake Store directly and perform analytics on it?

Azure HDInsight Azure Data Lake Analytics Azure Data Lake Analytics and HDInsight can access data in Azure Data Lake Store directly (using the WebHDFS-compatible REST APIs in the case of HDInsight). In order for Azure Log Analytics or Azure Stream Analytics to read data from Azure Data Lake Store, you need to transfer the data to those services (through Blob Storage in the case of Stream Analytics).

" "service can you use to prevent employees from sending out confidential business records or data?

Azure Information Protection AIP lets you label information as confidential

" "Azure Service Health

Azure Service Health provides a personalized view of the health of the Azure services and regions you're using. This is the best place to look for service impacting communications about outages, planned maintenance activities, and other health advisories because the authenticated Azure Service Health experience knows which services and resources you currently use. The best way to use Service Health is to set up Service Health alerts to notify you via your preferred communication channels when service issues, planned maintenance, or other changes may affect the Azure services and regions you use.

"Features of Azure Security Center

Azure Storage recommendations Alerts for suspected VM malware and potential SQL DB injection attacks VM recommendations such as OS patches

" "Zone-redundant Storage

Azure Storage replication option that provides maximum durability within a single region

" "can help a company compare the costs of on-premises data centers and Azure The Azure Total Cost of Ownership (TCO) Calculator tool will help you estimate your current cost for hosting your on-premises resources. Then it will display the cost savings over a 3-5 year period when hosting the same resources in Azure.

Azure TCO Calculator

" "Azure Resource Health

Azure management service that can provide the status of specific instances, as well as a log of recent platform events. Azure Resource Health helps you diagnose and get support when an Azure service problem affects your resources. It informs you about the current and past health of your resources. And it provides technical support to help you mitigate problems

" "Compliance Manager

Azure resource that helps you organize and track your organization's adherence to local, regional, or international regulations

How does Azure Resource Manager enable control over access to specific actions to resources?

Azure role-based access control (RBAC) offers fine-grained access management for Azure. Using RBAC, you can segregate duties within your team and grant only the amount of access to users that they need to perform their jobs.

" "Pricing Calculator

Azure service allows you to estimate the cost of resources you plan to deploy in the future For the planning phase of an Azure deployment, Microsoft provides an excellent online tool to assist in estimating your Azure costs. This tool allows you to select and estimate the cost of deploying resources to Azure. Of course, to generate the best cost estimate, you'll need to know exactly what resources you plan to deploy to Azure and their compute and storage requirements. For example, Azure virtual machines are available in a range of sizes based on the number of CPU cores and memory.

?" "Azure Resource Health

Azure service that can provide the status of specific instances, as well as a log of recent platform events Azure Resource Health helps you diagnose and get support when an Azure service problem affects your resources. It informs you about the current and past health of your resources. And it provides technical support to help you mitigate problems.

"Azure Active Directory

Azure's cloud-based identity and access management (IAM) service. Azure Active Directory is Microsoft Azure's cloud-based identity and access management (IAM) service. It can be used to access internal and external resources.

NOSQL - Barriers to adoption

Barriers to the greater adoption of NoSQL stores include the use of low-level query languages (instead of SQL, for instance the lack of ability to perform ad-hoc joins across tables), lack of standardized interfaces, and huge previous investments in existing relational databases. Most NoSQL stores lack true ACID transactions, although a few databases have made them central to their designs.

"CAP Theorem

CAP theorem states that it is impossible for a distributed data store to simultaneously provide more than two out of the following three guarantees: Consistency: Every read receives the most recent write or an error Availability: Every request receives a (non-error) response, without the guarantee that it contains the most recent write Partition tolerance: The system continues to operate despite an arbitrary number of messages being dropped (or delayed) by the network between nodes

" "Consistency

Consistency -Every read receives the most recent write or an error (CAP) -it must conform to existing constraints in the database (ACID)

What is the Consistent prefix level in COSMOS DB?

Consistent prefix guarantees that in absence of any further writes, the replicas within the group eventually converge. Consistent prefix guarantees that reads never see out of order writes.

" "Bounded staleness

Cosmos DB consistency level which has the second highest consistency guarantee and allows you to distribute your database across regions

" List the four paid levels of customer support in ascending order (from the lowest level of support to highest)

Developer, Standard, Professional-Direct, Premier

" "valid type of Azure subscriptions

Free subscriptions Member Offer subscriptions Pay-As-You-Go subscriptions

" "Azure Government services

If you're involved in cloud solutions for the US government, then be aware that Microsoft provides Azure Government services that are in physically isolated data centers and networks. Azure Government is available to US government agencies at the federal, state, and local levels, as well as to their partners. To use these services, your organization has to meet eligibility requirements.

NOSQL - Consistency

Many NoSQL stores compromise consistency (in the sense of the CAP theorem) in favor of availability, partition tolerance, and speed. Instead, most NoSQL databases offer a concept of "eventual consistency" in which database changes are propagated to all nodes "eventually"

" "valid use cases for Azure Active Directory

Monitor application usage and protect against advanced threats with reporting and monitoring Enable on-premises users single sign-on access to Office 365 Add a custom domain name to your directory Azure AD does not do Group Policy Management.

Network Security Groups (NSG)

NSG is the Virtual Network resource that can be used to control inbound and outbound access to network interfaces (NICs), VMs, and subnets. NSGs contain Access Control List (ACL) rules to allow or deny network traffic to VM instances in a Virtual Network.

" "Outbound data transfer rates vary slightly, based on what?

Outbound data transfer rates vary slightly, based on the zone. There are currently four zones: Zone 1 through 3 and DE Zone 1. The learn what zone your datacenter is in, select the region from the drop-down box. The Zone number in the table will change to reflect the zone number of the selected region and will display the outbound data transfer rates for that region and zone

" What are Outbound transfer rates are based on?

Outbound data transfer rates vary slightly, based on the zone. There are currently four zones: Zone 1 through 3 and DE Zone 1.

"Valid types of Azure subscriptions

Pay-As-You-Go subscriptions Free subscriptions Member Offer subscriptions

" "three primary characteristics of Azure services that are specifically mentioned in a Service Level Agreement (SLA)

Performance Uptime Connectivity Microsoft's Azure SLAs define three primary characteristics of Azure service: Performance Targets, Uptime and Connectivity Guarantees. It should be noted that the Free and Shared tiers of many services do not come with an SLA

Azure Machine Learning Studio is intended for what type of analysis?

Predictive Analytics. Microsoft Azure Machine Learning Studio is a collaborative, drag-and-drop tool you can use to build, test, and deploy predictive analytics solutions on your data.

A tool used to assist in estimating your Azure costs.

Price Calculator

used to estimate the cost of resources you plan to deploy in the future

Pricing Calculator. This tool allows you to select and estimate the cost of deploying resources to Azure

" "Azure storage replication option allows data to be read from the secondary region as well as from the primary region

Read-access geo-redundant storage (RA-GRS) Replication is used to protect service level agreements in the event of transient hardware failures. It copies data either within the same data center, or to a second data center. With read-access geo-redundant storage (RA-GRS) replication, data can be read from the secondary location as well as from the primary location.

" "the difference between role-based access controls (RBAC) and resource locks

Resource locks apply a restriction across all users and roles Unlike RBAC, management locks apply a restriction across all users and roles.

" " a key feature of policy that is different from RBAC?

Resource policies focus on the properties of the resource itself. There are a few key differences between policy and role-based access control (RBAC). RBAC focuses on user actions at different scopes. Policy focuses on resource properties during deployment. Unlike RBAC, policy is a default allow and explicit deny system. Also, to use policies, you must be authenticated through RBAC.

" "few key differences between policy and RBAC.

Resource policies focus on the properties of the resource itself. There are a few key differences between policy and role-based access control (RBAC). RBAC focuses on user actions at different scopes. Policy focuses on resource properties during deployment. Unlike RBAC, policy is a default allow and explicit deny system. Also, to use policies, you must be authenticated through RBAC.

" "SQL Database elastic pools

SQL Database elastic pools are a simple, cost-effective solution for managing and scaling multiple databases that have varying and unpredictable usage demands. The databases in an elastic pool are on a single Azure SQL Database server and share a set number of resources (elastic Database Transaction Units (eDTUs)) at a set price. Elastic pools in Azure SQL Database enable SaaS developers to optimize the price performance for a group of databases within a prescribed budget while delivering performance elasticity for each database.

" "Athis zure data service is ideal when you have a set of on-premise SQL Server databases containing tables with cold data, and you would like to archive the cold data onto Azure.

SQL Server Stretch Database SQL Server Stretch Database is very similar to StorSimple, except it's for database records instead of files. It migrates cold table rows (that is, infrequently queried rows) to Azure. This happens in the background automatically. And you can still query the data that has migrated to Azure too. The only difference is that the query will take a bit longer than usual.

"The aspects of a hosted application's security and maintenance are your responsibility In a VM

Security of networking hardware Operating system patches Securely configured application code

Azure bares the highest-degree of responsibility for security within SaaS model services

Software as a Service (SaaS) is the cloud computing service model where Microsoft Azure or another cloud service provider offers the highest level of service management, meaning they take care of a great deal of day-to-day service management. This can include responsibilities including data center security, virtual machine, and network controls, as well as application controls.

What does Microsoft Azure's Standard Support Plan provide?

Standard plan provides 24/7 access to support engineers by phone or email for your production workloads and Microsoft response time is within 1 hour (for business-critical issues).

How can you migrate your on-premises storage to Azure Storage with automatic backups to the cloud?

StorSimple is a hybrid storage solutions with automatic replication to Azure. It stores your frequently used documents on-premises, and stores other docs in Azure.

Used to identify ideal table data to migrate to Azure

Stretch Database Advisor tells you which databases and tables would be good candidates for Stretch Database. It also tells you about potential blocking issues, because there are a number of constraints that can prevent data from being migrated, such as tables that have more than 1,023 columns.

" "Stretch Database

Stretch Database is a good solution if your on-site data keeps growing. First, instead of buying more storage to handle the growth, you can just migrate your cold data to Azure, which is usually cheaper and easier. Second, as your data grows, backups take longer to run. Eventually, your backups may not be able to run within your backup window. By migrating your cold data to the cloud, your on-site backups run faster and your cloud backups happen automatically.

" "Role-Based Access and Control (RBAC) features

Supports hierarchical assignments Limit Access to Resources based on Users, Group, or Roles Can be controlled via PowerShell, Azure CLI, and the REST API Limiting the amount of resources is called an Azure Resource Policy which is not a part of RBAC. RBAC does have the ability to limit access to resources and can programmatically be controlled. It also supports inheritance in a hierarchical structure.

" Locally redundant storage (LRS)

The Azure replication option offers the lowest cost option and the least durability. LRS creates three replicas that are stored onsite at the local datacenter. Note that these could be destroyed along with the primary site should a disaster occur at the local datacenter. For this reason, GRS is recommended for most applications instead of LRS.

" "Which plan offers Launch Support?

The Premier plan offers 24/7 technical support with a 15 minute response time and includes all of the features of the Professional Direct plan but includes Launch Support for an additional fee, as well as guidance by a designated technical account manager and on-demand training.

" "What can affect an organization's eligibility for an Enterprise Agreement with Microsoft?

The number of registered devices The number of users signing up Whether the organization is public or private The Enterprise option is when a customer enters into an Enterprise Agreement with Microsoft. The Enterprise Agreement essentially is an agreement to purchase a negotiated amount of Azure services, typically paid on an annual basis but there are other flexible payment options. In order to qualify for an Enterprise Agreement, a private business must have at least 500 users and devices while public organizations must have at least 250 users and devices. A business' location does not affect their eligibility for enterprise, as it could for using Azure Government or Azure Germany.

" "What can affect an organization's eligibility for an Enterprise Agreement with Microsoft?

The number of users signing up The number of registered devices Whether the organization is public or private The Enterprise option is when a customer enters into an Enterprise Agreement with Microsoft. The Enterprise Agreement essentially is an agreement to purchase a negotiated amount of Azure services, typically paid on an annual basis but there are other flexible payment options. In order to qualify for an Enterprise Agreement, a private business must have at least 500 users and devices while public organizations must have at least 250 users and devices. A business' location does not affect their eligibility for enterprise, as it could for using Azure Government or Azure Germany

" "the difference between role-based access controls (RBAC) and resource locks

Unlike RBAC, management locks apply a restriction across all users and roles

How can you ensure that VMs remain available when any server within the data center is offline for maintenance?

Update domains are configured to limit the effects of server maintenance within an Azure data center. You can deploy your virtual machines in separate update domains by configuring them within an availability set.

" "mechanism connects two virtual networks (VNets), in the same region or different regions, through the Azure backbone network?

VNet peering VNets can be connected to each other using network gateways or VNet peering. Once peered, the two Virtual Networks will appear like a single Virtual Network for all connectivity purposes. The virtual machines in these virtual networks can communicate with each other directly by using private IP addresses.

" "Standard Support Plan--What is the earliest you can expect a response from technical support?

Within 1 hour The Standard plan provides 24/7 access to support engineers by phone or email for your production workloads and Microsoft response time is within 1 hour (for business-critical issues).

" "Consistency Levels

You can choose from five well-defined levels on the consistency spectrum. From strongest to weakest, the levels are: •Strong (can only be applied within a single region) •Bounded staleness (offers lower latency and works across regions.) •Session •Consistent prefix •Eventual Each level provides availability and performance tradeoffs and is backed by comprehensive SLAs.

" "outbound transfer rates will vary based on ___

Zone Outbound data transfer rates vary slightly, based on the zone. There are currently four zones: Zone 1 through 3 and DE Zone 1. The learn what zone your datacenter is in, select the region from the drop-down box. The Zone number in the table will change to reflect the zone number of the selected region and will display the outbound data transfer rates for that region and zone

" "ZRS - how many copies of data does it maintain?

Zone-redundant storage (ZRS) maintains three copies of your data. ZRS is replicated three times across two to three facilities, either within a single region or across two regions, providing higher durability than LRS. ZRS ensures that your data is durable within a single region.

" "Azure's free subscription

_Azure's free subscription includes a $200 credit _At the end of the free subscription, you must convert your account to a paid account to continue using your free resources. _Azure offers a spending limits feature to all free subscribers The free account is a subscription that provides unlimited access to Azure resources for twelve months, with a $200 credit that can be applied to paid products. At the end of the trial period, any Azure services created with the subscription are disabled, unless the subscription is upgraded to a paid subscription.

" "An initiative

a group of policies across different resource groups, management groups, or subscriptions If you need to assign the same policies to a number of different resource groups or subscriptions, you can group related policies into what's called an initiative and then assign that initiative to various subscriptions, resource groups, and management groups.

" "Azure TCO Calculator

can help a company compare the costs of on-premises data centers and Azure The Azure Total Cost of Ownership (TCO) Calculator tool will help you estimate your current cost for hosting your on-premises resources. Then it will display the cost savings over a 3-5 year period when hosting the same resources in Azure.

" "Elastic Pools

feature within SQL Database would allow a user to group multiple databases with variable usage demands together while limiting the cost to the customer

" "Azure Service Health

service provides notifications about Azure services and tools you are currently using, and provides updates about planned maintenance, service deprecation, and when you approach a service's resource limits

" "Azure Data Factory

service that automatically provision and terminate clusters as needed for unstructured data processing jobs

" SEE GCP notes

tbd

" "An initiative

term that describes a group of policies across different resource groups, management groups, or subscriptions

When should you configure your Blob storage account as a hot storage tier?

when you have data in this account that is in active use. Hot storage is recommended for more frequently accessed data at a lower access cost. That is, frequently accessed data high storage costs are offset with lower access costs.

" "Azure Blob Storage offers three types of blobs:

• Block blobs are optimized for streaming and storing cloud objects. • Append blobs can be appended to and are good for storing logs and audit files. • Page blobs are optimized for representing IaaS disks and supporting random writes.