AZ-103 Azure Administrator
blob storage account
Specializes in storing unstructured data as blobs (objects).
For what does Security Center provide the tools?
Strengthen security posture, protect against threats, get secure faster.
Cost Analysis
Supports different kinds of Azure account types and exploring and analyzing the organization's costs
How are Advisor recommendations dismissed?
"Postpone" them with a period of "never".
Geo-Redundant Storage (GRS)
Replicates data three times in a datacenter in the primary region and three times in a datacenter in a secondary region.
Azure Site Recovery
Replicates the on-premises environment to Azure or another physical site.
functions
User-defined functions available within the template.
directory-synchornized identity
Users brought into Azure from Windows Server AD through a sync activity using Azure AD Connect.
cloud identity
Users that only exist in Azure AD.
guest user
Users with an email address from outside of Azure AD.
How long can a tag value be?
256 characters.
How many Recovery Services vaults may there be per region?
500
How long can a tag name be?
512 characters.
How long will Log Analytics store logs before there are data retention charges?
90 days
action group
A collection of notification preferences that are defined by the owner of an Azure subscription and used by Azure Monitor and Service Health alerts to notify users that an alert has been triggered.
content delivery network (CDN)
A distributed network of servers that can efficiently deliver data to users by storing cached content on edge servers close to said end-users.
custom script extension
Downloads and executes scripts on Azure VMs allowing post-deployment configuration, software installation, and other types of configurations.
Cosmos DB
A globally-distributed database service that elastically scales throughput and storage.
Azure Domain Name System (DNS)
A hosting service for DNS domains which provides name resolution by resolving a website or service name to its IP address.
Availability Set
A logical grouping capability used to ensure that VM resources are isolated from each when they are deployed within the datacenter.
Azure subscription
A logical unit of Azure services that is linked to an Azure account and helps to organize access to cloud services and resources.
Desired State Configuration (DSC)
A management platform in Windows PowerShell that enables deploying and managing configuration data for software services as well as managing the environments these services run.
Azure Backup
A native data protection service in Azure for on-premises and Azure workloads that backups, protects, and restores data in the Microsoft cloud.
Azure Advisor
A personalized cloud consultant that helps with following best practicies to optimize Azure deployments.
Data Box Edge
A physical device supplied by Microsoft to accelerate secure data transfer between on-prem datacenters and Azure with the capabilities of Data Box Gateway and IoT Edge.
Azure Policy
A service for creating, assigning, and managing policies that enforce different rules over resources so that those resources are complaint iwth corporate standards and service level agreements.
Azure Blob Storage
A service that stores unstructured, text or binary data, such as documents, media files, or application installers, as objects called "blobs."
fault domain
A set of VMs sharing common hardware and a single point of failure.
initiative definition
A set of policy definitions to help track the compliance state for a larger goal.
Azure Activity Log
A subscription log which provides insight from subscription-level events that occurred in Azure including Azure ARM operational data and Service Health Events.
Azure Security Center
A unified infrastructure security management system that strengthens the security posture of data centers and provides advanced threat protection across hybrid workloads in the cloud.
CloudExchange colocation
A virtual cross-connection to the Microsoft Cloud through the colocation provider's ethernet exchange.
Azure Resource Manager (ARM) Template
A way to declare objects for deployment consiting of the set of resources needed for an application constructed in JSON format.
How are Data Boxes encrypted?
AES 128 for Data Box Disk and AES 256 for Data Box and Data Box Heavy
Action
Allowable permissions.
Billing Alert Service
Provides the ability to create alerts when approaching spending limits.
Azure account
An identity in Azure Active Directory (AD) or a directory that is trusted by Azure AD, such as a work or school organization.
Azure Storage Explorer
An installable tool for managing Azure cloud storage from Windows, macOS, or Linux.
Account Administrator
Authorized to access the account center and is responsible as the billing owner. There is one per Azure account.
Contributor
Can manage everything except access.
Azure File Sync
Centralizes files in Azure Files while local Windows Servers act as a quick cache for improved performance in multiple locations.
cloud tiering
Data that has not been accessed for a while is removed from local servers and saved only in Azure Files.
For what are logs best used?
Deep analysis and identifying the root cause of issues.
Azure Premium Storage
Delivers high-performance, low-latency disk support for VMs with I/O intensive workloads.
Azure Monitor
Enables core monitoring for Azure services by collecting metrics, activity logs, and diagnostic logs into a common data platform where it can be used for analysis, visualization, and alerting.
Azure ExpressRoute
Extends on-premises networks into the Microsoft cloud over dedicated private connections facilitated by a connectivity provider.
How long may metrics be kept?
For up to 93 days.
general purpose storage account
Grants access to Azure Storage Services including tables, queues, files, blobs, and Azure VM disks.
container
Groups a set of blobs within a storage account.
Data Lake Store
Hadoop distributed file system as a service.
Global Administrator
Has access to all administrative features and is, by default, the person who signed up for the Azure subscription.
Co-Administrator
Has the same permissions as the Service Administrator except that it cannot change the association of Azure subscriptions to Azure directories. There can be up to 200 per subscription.
Alert Management
Helps analyze all of the alerts in the Log Analytics repository.
group
Helps organize users to make it easier to manage permissions.
Alert Management
Helps view operations manager and Log Analytics alerts across the entire environment.
Blobs
Highly scale, REST-based object storage
append blob
Ideal for append operations like logging.
block blob
Ideal for storing text or binary files such as documents and media files.
Azure AD Connect
Integrates on-premises directories with Azure Active Directory to provide a common identity for users of Office 365, Azure, and SaaS applications integrated with Azure AD.
any-to-any (IPVPN) connection
Integrates the corporate WAN, including between branch offices and datacenters, with the Microsoft cloud through VPN tunnels.
Geo-zone-redundant storage (GZRS)
Replicates data across three Azure availability zones in the primary region and to a secondary geographic region.
diagnostic logs
Logs provided by Azure Monitor that give useful data about the operation of Azure resources and services.
federation with AD FS
Microsoft's implementation of an identity federation solution that uses claims-based authentication.
Azure Monitor Alerts
Notify users when resources are performing at a predetermined level or if a detrimental event has occurred.
AD joined devices
Organization-owned devices running Windows 10 and manually registered to Azure AD.
hybrid joined devices
Organization-owned devices running Windows 7, 8, or 10 and automatically registered to Azure AD.
Azure Backup reports
Power BI analysis of how data is protected including storage used, backup items, job health, job duration, and alerts.
How can Metrics data be retrieved?
PowerShell cmdlets, REST API, CLI
delete lock
Prevents the deletion of the resource.
control/management logs
Provide information about Azure Resource Manager CREATE, UPDATE, and DELETE operations.
data plane logs
Provide information about events raised as part of Azure resource usage, such as Windows event system, security, and application logs and diagnostics logs.
alerts
Provide notification of critical conditions and can take automated corrective actions.
Azure Backup Server
Provides a single console for managing the backups of VMs and Microsoft servers.
Azure Storage Account
Provides a unique namespace in the cloud to store and access data objects.
Azure Files
Provides an SMB interface, client libraries, and REST interface for access to stored files from anywhere.
Azure Disks
Provides client libraries and a REST interface allowing users to store and access data from an attached VHD.
Azure Blobs
Provides client libraries and a REST interface enabling accessing and storing unstructured data on a massive scale.
Azure Data Box
Provides offline and online solutions for moving data to the cloud.
Data Box Disk
Secure, ruggedized USB drive with a 8 TB capacity for moving data when the project requires a smaller form factor.
Data Box Heavy
Secure, ruggedized appliance with a 1 PB capacity for moving PB-sized datasets to Azure.
Data Box
Secure, ruggedized appliance with a 100 TB capacity for bulk, offline migration to Azure.
connected sources
The computers and other reosurces that generate data collected by Log Analytics.
data sources
The different kinds of data collected from each connected source.
$schema
The location of JSON schema file that describes the version of the template language.
Border Gateway Protocol (BGP)
The standard routing protocol commonly used in the Internet to exchange routing and reachability information between two or more networks.
contentVersion
The version of the template (such as 1.0.0.0).
Blob access
There is anonymous public read access to blobs only.
Container access
There is anonymous public read and list access to the entire container, including all blobs.
For what is the Activity Log used?
To determine the what, who, and when for any write operations (PUT, POST, DELETE) taken on the resources in a subscription.
Azure Import/Export Service
Transfers data between on-prem and Azure Blob or Azure Files by shipping disk drives to an Azure Data Center.
data disk
USed to store application data or other types of permanent data not related to the operating system.
How many VMs can a scale set support?
Up to 1000 instances
How many action groups may a subscription have?
Up to 2000
How many tags can a resource or resource group have?
Up to 50.
Data Box Gateway
Virtual network transfer appliance that runs on an on-premises hypervisor for transferring data to and from Azure.
How is distributed tracing enabled in Azure Monitor?
With the Application Insights SDK.
How many routes may be attached to a subnet?
Zero or more.
For what are metrics best used?
alerting, fast detection of issues
At what levels can Resource Policies be applied?
subscription, resource group
At what levels can resource locks be applied?
subscription, resource group, resource