Azure Fundamentals -- exam objectives PDFs

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Describe the service lifecycle in Azure -(Public Preview -and General Availability)

-(Public Preview Every Azure service starts in the development phase. In this phase, the Azure team collects and defines its requirements, and begins to build the service. Next, the service is released to the public preview phase. During this phase, the public can access and experiment with it so that it can provide feedback. Your feedback helps Microsoft improve services. More importantly, providing feedback gives you the opportunity to request new or different capabilities so that services better meet your needs. -and General Availability) available for everyone After a new Azure service is validated and tested, it's released to all customers as a production-ready service. This is known as general availability (GA).

Identify factors that can reduce costs -(reserved instances, -reserved capacity, -hybrid use benefit, -spot pricing)

-(reserved instances, Azure Reservations offers discounted prices on certain Azure services. Azure Reservations can save you up to 72 percent as compared to pay-as-you-go prices. To receive a discount, you reserve services and resources by paying in advance. For example, you can prepay for one year or three years of use of VMs, database compute capacity, database throughput, and other Azure resources. -reserved capacity, Recall that to deallocate a VM means to no longer run the VM, but preserve the associated hard disks and data in Azure. If you have VM workloads that are only used during certain periods, but you're running them every hour of every day, you're wasting money. These VMs are great candidates to shut down when not in use and start back when you need them, saving you compute costs while the VM is deallocated. -hybrid use benefit If you've purchased licenses for Windows Server or SQL Server, and your licenses are covered by Software Assurance, you might be able to repurpose those licenses on VMs on Azure.

Identify factors that can affect costs -(resource types, -services, -locations, -ingress and egress traffic)

-(resource types, A number of factors influence the cost of Azure resources. They depend on the type of resource or how you customize it. For example, with a storage account you specify a type (such as block blob storage or table storage), a performance tier (standard or premium), and an access tier (hot, cool, or archive). These selections present different costs. -services, You can also purchase Azure-based solutions and services from third-party vendors through Azure Marketplace. Examples include managed network firewall appliances or connectors to third-party backup services. Billing structures are set by the vendor. -locations, Azure infrastructure is distributed globally, which enables you to deploy your services centrally or provision your services closest to where your customers use them. Different regions can have different associated prices. Because geographic regions can impact where your network traffic flows, network traffic is a cost influence to consider as well. -ingress and egress traffic) a meter for tracking usage of a virtual machine: Incoming (ingress) and outgoing (egress) network traffic in and out of the VM.

Describe the benefits and usage of -Container (Blob) Storage, -Disk Storage, -File Storage, -and storage tiers

-Container (Blob) Storage, Blob Storage is ideal for: +Serving images or documents directly to a browser. Storing files for distributed access. +Streaming video and audio. +Storing data for backup and restore, disaster recovery, and archiving. +Storing data for analysis by an on-premises or Azure-hosted service. +Storing up to 8 TB of data for virtual machines. You store blobs in containers, which helps you organize your blobs depending on your business needs. -Disk Storage, Disks come in many different sizes and performance levels, from solid-state drives (SSDs) to traditional spinning hard disk drives (HDDs), with varying performance tiers. You can use standard SSD and HDD disks for less critical workloads, premium SSD disks for mission-critical production applications, and ultra disks for data-intensive workloads such as SAP HANA, top tier databases, and transaction-heavy workloads. Azure has consistently delivered enterprise-grade durability for infrastructure as a service (Iaas) disks, with an industry-leading ZERO% annualized failure rate. Azure File storage: Many on-premises applications use file shares. Azure Files makes it easier to migrate those applications that share data to Azure. If you mount the Azure file share to the same drive letter that the on-premises application uses, the part of your application that accesses the file share should work with minimal changes, if any. Store configuration files on a file share and access them from multiple VMs. Tools and utilities used by multiple developers in a group can be stored on a file share, ensuring that everybody can find them, and that they use the same version. Write data to a file share, and process or analyze the data later. For example, you might want to do this with diagnostic logs, metrics, and crash dumps. -and storage tiers Hot access tier: Optimized for storing data that is accessed frequently (for example, images for your website). Cool access tier: Optimized for data that is infrequently accessed and stored for at least 30 days (for example, invoices for your customers). Archive access tier: Appropriate for data that is rarely accessed and stored for at least 180 days, with flexible latency requirements (for example, long-term backups).

Describe the benefits and usage of -Cosmos DB, -Azure SQL Database, -Azure Database for MySQL, -Azure Database for PostgreSQL, -and SQL Managed Instance

-Cosmos DB, Azure Cosmos DB is a globally distributed, multi-model database service. You can elastically and independently scale throughput and storage across any number of Azure regions worldwide. You can take advantage of fast, single-digit-millisecond data access by using any one of several popular APIs. Azure Cosmos DB provides comprehensive service level agreements for throughput, latency, availability, and consistency guarantees. -Azure SQL Database, Azure SQL Database is a platform as a service (PaaS) database engine. It handles most of the database management functions, such as upgrading, patching, backups, and monitoring, without user involvement. SQL Database provides 99.99 percent availability. PaaS capabilities that are built into SQL Database enable you to focus on the domain-specific database administration and optimization activities that are critical for your business. SQL Database is a fully managed service that has built-in high availability, backups, and other common maintenance operations. Microsoft handles all updates to the SQL and operating system code. You don't have to manage the underlying infrastructure. -Azure Database for MySQL, Azure Database for MySQL is a relational database service in the cloud, and it's based on the MySQL Community Edition database engine, versions 5.6, 5.7, and 8.0. With it, you have a 99.99 percent availability service level agreement from Azure, powered by a global network of Microsoft-managed datacenters. This helps keep your app running 24/7. With every Azure Database for MySQL server, you take advantage of built-in security, fault tolerance, and data protection that you would otherwise have to buy or design, build, and manage. With Azure Database for MySQL, you can use point-in-time restore to recover a server to an earlier state, as far back as 35 days. -Azure Database for PostgreSQL, Azure Database for PostgreSQL is a relational database service in the cloud. The server software is based on the community version of the open-source PostgreSQL database engine. Your familiarity with tools and expertise with PostgreSQL is applicable when you're using Azure Database for PostgreSQL. -and SQL Managed Instance Like Azure SQL Database, Azure SQL Managed Instance is a platform as a service (PaaS) database engine, which means that your company will be able to take advantage of the best features of moving your data to the cloud in a fully-managed environment. For example, your company will no longer need to purchase and manage expensive hardware, and you won't have to maintain the additional overhead of managing your on-premises infrastructure. On the other hand, your company will benefit from the quick provisioning and service scaling features of Azure, together with automated patching and version upgrades. In addition, you'll be able to rest assured that your data will always be there when you need it through built-in high availability features and a 99.99% uptime service level agreement (SLA). You'll also be able to protect your data with automated backups and a configurable backup retention period.

Describe the benefits and usage of -Internet of Things (IoT) Hub, -IoT Central, -and Azure Sphere

-Internet of Things (IoT) Hub, Azure IoT Hub is a managed service that's hosted in the cloud and that acts as a central message hub for bi-directional communication between your IoT application and the devices it manages. You can use Azure IoT Hub to build IoT solutions with reliable and secure communications between millions of IoT devices and a cloud-hosted solution back end. You can connect virtually any device to your IoT hub. -IoT Central, Azure IoT Central builds on top of IoT Hub by adding a dashboard that allows you to connect, monitor, and manage your IoT devices. The visual user interface (UI) makes it easy to quickly connect new devices and watch as they begin sending telemetry or error messages. You can watch the overall performance across all devices in aggregate, and you can set up alerts that send notifications when a specific device needs maintenance. Finally, you can push firmware updates to the device. -and Azure Sphere Azure Sphere creates an end-to-end, highly secure IoT solution for customers that encompasses everything from the hardware and operating system on the device to the secure method of sending messages from the device to the message hub. Azure Sphere has built-in communication and security features for internet-connected devices.

Describe the benefits and usage of -Virtual Machines, -Azure App Services, -Azure Container Instances (ACI), -Azure Kubernetes Service (AKS), -and Windows Virtual Desktop

-Virtual Machines, With Azure Virtual Machines, you can create and use VMs in the cloud. VMs provide infrastructure as a service (IaaS) in the form of a virtualized server and can be used in many ways. Just like a physical computer, you can customize all of the software running on the VM. VMs are an ideal choice when you need: Total control over the operating system (OS). The ability to run custom software. To use custom hosting configurations. -Azure App Services, Web apps: App Service includes full support for hosting web apps by using ASP.NET, ASP.NET Core, Java, Ruby, Node.js, PHP, or Python. You can choose either Windows or Linux as the host operating system. API apps: Much like hosting a website, you can build REST-based web APIs by using your choice of language and framework. You get full Swagger support and the ability to package and publish your API in Azure Marketplace. The produced apps can be consumed from any HTTP- or HTTPS-based client. WebJobs: You can use the WebJobs feature to run a program (.exe, Java, PHP, Python, or Node.js) or script (.cmd, .bat, PowerShell, or Bash) in the same context as a web app, API app, or mobile app. They can be scheduled or run by a trigger. WebJobs are often used to run background tasks as part of your application logic. Mobile apps: Use the Mobile Apps feature of App Service to quickly build a back end for iOS and Android apps. -Azure Container Instances (ACI), Containers are a virtualization environment. Much like running multiple virtual machines on a single physical host, you can run multiple containers on a single physical or virtual host. Unlike virtual machines, you don't manage the operating system for a container. Virtual machines appear to be an instance of an operating system that you can connect to and manage, but containers are lightweight and designed to be created, scaled out, and stopped dynamically. While it's possible to create and deploy virtual machines as application demand increases, containers are designed to allow you to respond to changes on demand. With containers, you can quickly restart in case of a crash or hardware interruption. One of the most popular container engines is Docker, which is supported by Azure. -Azure Kubernetes Service (AKS), The task of automating, managing, and interacting with a large number of containers is known as orchestration. Azure Kubernetes Service is a complete orchestration service for containers with distributed architectures and large volumes of containers. -and Windows Virtual Desktop: Azure Virtual Desktop on Azure is a desktop and application virtualization service that runs on the cloud. It enables your users to use a cloud-hosted version of Windows from any location. Azure Virtual Desktop works across devices like Windows, Mac, iOS, Android, and Linux. It works with apps that you can use to access remote desktops and apps. You can also use most modern browsers to access Azure Virtual Desktop-hosted experiences.

Describe the benefits and usage of -Virtual Networks, -VPN Gateway, -Virtual Network peering, -and ExpressRoute

-Virtual Networks, Azure virtual networks enable Azure resources, such as VMs, web apps, and databases, to communicate with each other, with users on the internet, and with your on-premises client computers. You can think of an Azure network as a set of resources that links other Azure resources. -VPN Gateway, A VPN gateway is a type of virtual network gateway. Azure VPN Gateway instances are deployed in Azure Virtual Network instances and enable the following connectivity: --Connect on-premises datacenters to virtual networks through a site-to-site connection. --Connect individual devices to virtual networks through a point-to-site connection. --Connect virtual networks to other virtual networks through a network-to-network connection. -Virtual Network peering, You can link virtual networks together by using virtual network peering. Peering enables resources in each virtual network to communicate with each other. These virtual networks can be in separate regions, which allows you to create a global interconnected network through Azure. -and ExpressRoute Azure ExpressRoute For environments where you need greater bandwidth and even higher levels of security, Azure ExpressRoute is the best approach. ExpressRoute provides dedicated private connectivity to Azure that doesn't travel over the internet. (You'll learn more about ExpressRoute in a separate unit later in this module.)

Describe the functionality and usage of the -Pricing calculator -and the Total Cost of Ownership (TCO) calculator

-and the Total Cost of Ownership (TCO) calculator The TCO Calculator helps you estimate the cost savings of operating your solution on Azure over time, instead of in your on-premises datacenter. The term total cost of ownership is commonly used in finance. It can be hard to see all the hidden costs related to operating a technology capability on-premises. Software licenses and hardware are additional costs. With the TCO Calculator, you enter the details of your on-premises workloads. Then you review the suggested industry average cost (which you can adjust) for related operational costs. These costs include electricity, network maintenance, and IT labor. You're then presented with a side-by-side report. Using the report, you can compare those costs with the same workloads running on Azure.

Describe Hybrid cloud

A hybrid cloud is a computing environment that combines a public cloud and a private cloud by allowing data and applications to be shared between them.

Describe Private cloud

A private cloud consists of computing resources used exclusively by users from one business or organization. A private cloud can be physically located at your organization's on-site (on-premises) datacenter, or it can be hosted by a third-party service provider.

Describe the benefits and usage of Availability Zones

Availability zones are physically separate datacenters within an Azure region. Each availability zone is made up of one or more datacenters equipped with independent power, cooling, and networking. An availability zone is set up to be an isolation boundary. If one zone goes down, the other continues working. Availability zones are connected through high-speed, private fiber-optic networks.

Describe the purpose of -Azure Sovereign Regions (Azure Government cloud services and Azure China cloud services)

Azure Government cloud services: Azure Government is a separate instance of the Microsoft Azure service. It addresses the security and compliance needs of US federal agencies, state and local governments, and their solution providers. Azure Government offers physical isolation from non-US government deployments and provides screened US personnel. Azure China cloud services: Azure China 21Vianet is operated by 21Vianet. It's a physically separated instance of cloud services located in China. Azure China 21Vianet is independently operated and transacted by Shanghai Blue Cloud Technology Co., Ltd. ("21Vianet"), a wholly owned subsidiary of Beijing 21Vianet Broadband Data Center Co., Ltd.

Describe the benefits and usage of Azure Resource Manager

Azure Resource Manager is the deployment and management service for Azure. It provides a management layer that enables you to create, update, and delete resources in your Azure account. You use management features like access control, locks, and tags to secure and organize your resources after deployment. The benefits of using Resource Manager With Resource Manager, you can: -Manage your infrastructure through declarative templates rather than scripts. A Resource Manager template is a JSON file that defines what you want to deploy to Azure. -Deploy, manage, and monitor all the resources for your solution as a group, rather than handling these resources individually. -Redeploy your solution throughout the development life cycle and have confidence your resources are deployed in a consistent state. -Define the dependencies between resources so they're deployed in the correct order. -Apply access control to all services because RBAC is natively integrated into the management platform. -Apply tags to resources to logically organize all the resources in your subscription. -Clarify your organization's billing by viewing costs for a group of resources that share the same tag.

Identify the differences between -Capital Expenditure (CapEx) -and Operational Expenditure (OpEx)

Capital Expenditure (CapEx) is the up-front spending of money on physical infrastructure, and then deducting that up-front expense over time. The up-front cost from CapEx has a value that reduces over time. Operational Expenditure (OpEx) is spending money on services or products now, and being billed for them now. You can deduct this expense in the same year you spend it. There is no up-front cost, as you pay for a service or product as you use it.

Define cloud computing

Cloud computing is the delivery of computing services over the internet by using a pay-as-you-go pricing model. You typically pay only for the cloud services you use, which helps you: -Lower your operating costs. -Run your infrastructure more efficiently. -Scale as your business needs change.

Describe the consumption-based model

Cloud service providers operate on a consumption-based model, which means that end users only pay for the resources that they use. Whatever they use is what they pay for. A consumption-based model has many benefits, including: --No upfront costs. --No need to purchase and manage costly infrastructure that users might not use to its fullest. --The ability to pay for additional resources when they are needed. --The ability to stop paying for resources that are no longer needed.

Identify the benefits of cloud computing, such as -High Availability, -Scalability, -Elasticity, -Agility, -and Disaster Recovery

High availability: Depending on the service-level agreement (SLA) that you choose, your cloud-based apps can provide a continuous user experience with no apparent downtime, even when things go wrong. Scalability: Apps in the cloud can scale vertically and horizontally: Scale vertically to increase compute capacity by adding RAM or CPUs to a virtual machine. Scaling horizontally increases compute capacity by adding instances of resources, such as adding VMs to the configuration. Elasticity: You can configure cloud-based apps to take advantage of autoscaling, so your apps always have the resources they need. Agility: Deploy and configure cloud-based resources quickly as your app requirements change. Geo-distribution: You can deploy apps and data to regional datacenters around the globe, thereby ensuring that your customers always have the best performance in their region. Disaster recovery: By taking advantage of cloud-based backup services, data replication, and geo-distribution, you can deploy your apps with the confidence that comes from knowing that your data is safe in the event of disaster.

Identify a service type based on a use case

IaaS (infrastructure as a service) PaaS (platform as a service) SaaS (software as a service)

Describe the benefits and usage of Management Groups

If your organization has many subscriptions, you might need a way to efficiently manage access, policies, and compliance for those subscriptions. Azure management groups provide a level of scope above subscriptions. You organize subscriptions into containers called management groups and apply your governance conditions to the management groups. All subscriptions within a management group automatically inherit the conditions applied to the management group. Management groups give you enterprise-grade management at a large scale no matter what type of subscriptions you might have. All subscriptions within a single management group must trust the same Azure AD tenant.

Describe Software-as-a-Service (SaaS)

In this cloud service model, the cloud provider manages all aspects of the application environment, such as virtual machines, networking resources, data storage, and applications. The cloud tenant only needs to provide their data to the application managed by the cloud provider. For example, Microsoft Office 365 provides a fully working version of Microsoft Office that runs in the cloud. All you need to do is create your content, and Office 365 takes care of everything else.

Describe serverless computing

Like PaaS, serverless computing enables developers to build applications faster by eliminating the need for them to manage infrastructure. With serverless applications, the cloud service provider automatically provisions, scales, and manages the infrastructure required to run the code. Serverless architectures are highly scalable and event-driven, only using resources when a specific function or trigger occurs.

Identify actions that can impact an -SLA (i.e. Availability Zones)

Make sure that your purchasing decisions take into account the impact on the SLA for the Azure services that you choose. Doing so ensures that the SLA supports your required application SLA.

Compare and contrast the three types of cloud computing

Public cloud: -No capital expenditures to scale up. -Applications can be quickly provisioned and deprovisioned. -Organizations pay only for what they use. Private cloud: -Hardware must be purchased for start-up and maintenance. -Organizations have complete control over resources and security. -Organizations are responsible for hardware maintenance and updates. Hybrid cloud: -Provides the most flexibility. -Organizations determine where to run their applications. -Organizations control security, compliance, or legal requirements.

Describe the benefits and usage of Regions and Region Pairs

Region: A region is a geographical area on the planet that contains at least one but potentially multiple datacenters that are nearby and networked together with a low-latency network. Azure intelligently assigns and controls the resources within each region to ensure workloads are appropriately balanced. Region pair: Each Azure region is always paired with another region within the same geography (such as US, Europe, or Asia) at least 300 miles away. This approach allows for the replication of resources (such as VM storage) across a geography that helps reduce the likelihood of interruptions because of events such as natural disasters, civil unrest, power outages, or physical network outages that affect both regions at once. If a region in a pair was affected by a natural disaster, for instance, services would automatically failover to the other region in its region pair.

Describe the benefits and usage of Resource Groups

Resource groups: Resources are combined into resource groups, which act as a logical container into which Azure resources like web apps, databases, and storage accounts are deployed and managed. Resource groups are a fundamental element of the Azure platform. A resource group is a logical container for resources deployed on Azure. These resources are anything you create in an Azure subscription like VMs, Azure Application Gateway instances, and Azure Cosmos DB instances. All resources must be in a resource group, and a resource can only be a member of a single resource group. Many resources can be moved between resource groups with some services having specific limitations or requirements to move. Resource groups can't be nested. Before any resource can be provisioned, you need a resource group for it to be placed in.

Explain Azure resources

Resource: A manageable item that's available through Azure. Virtual machines (VMs), storage accounts, web apps, databases, and virtual networks are examples of resources. Resource group: A container that holds related resources for an Azure solution. The resource group includes resources that you want to manage as a group. You decide which resources belong in a resource group based on what makes the most sense for your organization.

Describe Public cloud

Services are offered over the public internet and available to anyone who wants to purchase them. Cloud resources, such as servers and storage, are owned and operated by a third-party cloud service provider, and delivered over the internet.

Describe the purpose of the -Azure compliance documentation

The Azure compliance documentation provides you with detailed documentation about legal and regulatory standards and compliance on Azure. Here you find compliance offerings across these categories: Global US government Financial services Health Media and manufacturing Regional

Describe the purpose of the -Trust Center

The Trust Center showcases Microsoft's principles for maintaining data integrity in the cloud and how Microsoft implements and supports security, privacy, compliance, and transparency in all Microsoft cloud products and services. The Trust Center is an important part of the Microsoft Trusted Cloud Initiative and provides support and resources for the legal and compliance community.

Describe the shared responsibility model

This can include IaaS, PaaS, and SaaS, (Infrastructure as a service), (Platform as a service), (Software as a service)

Describe Platform-as-a-Service (PaaS)

This cloud service model is a managed hosting environment. The cloud provider manages the virtual machines and networking resources, and the cloud tenant deploys their applications into the managed hosting environment. For example, Azure App Services provides a managed hosting environment where developers can upload their web applications, without having to worry about the physical hardware and software requirements.

Describe Infrastructure-as-a-Service (IaaS),

This cloud service model is the closest to managing physical servers; a cloud provider will keep the hardware up-to-date, but operating system maintenance and network configuration is up to you as the cloud tenant. For example, Azure virtual machines are fully operational virtual compute devices running in Microsoft datacenters. An advantage of this cloud service model is rapid deployment of new compute devices. Setting up a new virtual machine is considerably faster than procuring, installing, and configuring a physical server.

Describe the purpose of an -Azure Service Level Agreement (SLA)

Understanding the SLA for each Azure service you use helps you understand what guarantees you can expect. When you build applications on Azure, the availability of the services that you use affect your application's performance. Understanding the SLAs involved can help you establish the SLA you set with your customers. Later in this module, you'll learn about some strategies you can use when an Azure SLA doesn't meet your needs.

Describe the benefits and usage of Subscriptions

Using Azure requires an Azure subscription. A subscription provides you with authenticated and authorized access to Azure products and services. It also allows you to provision resources. An Azure subscription is a logical unit of Azure services that links to an Azure account, which is an identity in Azure Active Directory (Azure AD) or in a directory that Azure AD trusts.

Define Azure Active Directory

i

Describe the -Cloud Adoption Framework for Azure

i

Describe the Microsoft core tenets of -Security, -Privacy, -and Compliance

i

Describe the benefits and usage of -Azure DevOps, -GitHub, -GitHub Actions, -and Azure DevTest Labs

i

Describe the benefits and usage of -Azure Machine Learning, -Cognitive Services -and Azure Bot Service

i

Describe the benefits and usage of serverless computing solutions that include -Azure Functions -and Logic Apps

i

Describe the concept of -defense in depth

i

Describe the functionality and usage of -Network Security Groups (NSG)

i

Describe the functionality and usage of -Azure Active Directory

i

Describe the functionality and usage of -Azure Advisor

i

Describe the functionality and usage of -Azure Blueprints

i

Describe the functionality and usage of -Azure DDoS protection

i

Describe the functionality and usage of -Azure Firewall

i

Describe the functionality and usage of -Azure Monitor

i

Describe the functionality and usage of -Azure Policy

i

Describe the functionality and usage of -Azure Resource Manager (ARM) templates

i

Describe the functionality and usage of -Azure Service Health

i

Describe the functionality and usage of -Conditional Access, -Multi-Factor Authentication (MFA), -and Single Sign-On (SSO)

i

Describe the functionality and usage of -Network Security Groups (NSG)

i

Describe the functionality and usage of -Role-Based Access Control (RBAC)

i

Describe the functionality and usage of -resource locks

i

Describe the functionality and usage of -tags

i

Describe the functionality and usage of the -Azure Portal, -Azure PowerShell, -Azure CLI, -Cloud Shell, -and Azure Mobile App

i

Describe the purpose of the -Microsoft Privacy Statement, -Online Services Terms (OST) -and Data Protection Amendment (DPA)

i

Explain the difference between -authentication -and authorization

i

describe the functionality and usage of Azure Cost Management

manage those costs boi!


Ensembles d'études connexes

ATI Adaptive Quiz PEDS/OB - Hard Questions

View Set

Cyber Awareness 2025 Knowledge Check Answers

View Set

Health and Life Insurance Review

View Set

Test 3; Plant Structure and Function

View Set