AZ-103 Azure Administrator

blob storage account

Specializes in storing unstructured data as blobs (objects).

For what does Security Center provide the tools?

Strengthen security posture, protect against threats, get secure faster.

Cost Analysis

Supports different kinds of Azure account types and exploring and analyzing the organization's costs

How are Advisor recommendations dismissed?

"Postpone" them with a period of "never".

Geo-Redundant Storage (GRS)

Replicates data three times in a datacenter in the primary region and three times in a datacenter in a secondary region.

Azure Site Recovery

Replicates the on-premises environment to Azure or another physical site.

functions

User-defined functions available within the template.

directory-synchornized identity

Users brought into Azure from Windows Server AD through a sync activity using Azure AD Connect.

cloud identity

Users that only exist in Azure AD.

guest user

Users with an email address from outside of Azure AD.

How long can a tag value be?

256 characters.

How many Recovery Services vaults may there be per region?

500

How long can a tag name be?

512 characters.

How long will Log Analytics store logs before there are data retention charges?

90 days

action group

A collection of notification preferences that are defined by the owner of an Azure subscription and used by Azure Monitor and Service Health alerts to notify users that an alert has been triggered.

content delivery network (CDN)

A distributed network of servers that can efficiently deliver data to users by storing cached content on edge servers close to said end-users.

custom script extension

Downloads and executes scripts on Azure VMs allowing post-deployment configuration, software installation, and other types of configurations.

Cosmos DB

A globally-distributed database service that elastically scales throughput and storage.

Azure Domain Name System (DNS)

A hosting service for DNS domains which provides name resolution by resolving a website or service name to its IP address.

Availability Set

A logical grouping capability used to ensure that VM resources are isolated from each when they are deployed within the datacenter.

Azure subscription

A logical unit of Azure services that is linked to an Azure account and helps to organize access to cloud services and resources.

Desired State Configuration (DSC)

A management platform in Windows PowerShell that enables deploying and managing configuration data for software services as well as managing the environments these services run.

Azure Backup

A native data protection service in Azure for on-premises and Azure workloads that backups, protects, and restores data in the Microsoft cloud.

Azure Advisor

A personalized cloud consultant that helps with following best practicies to optimize Azure deployments.

Data Box Edge

A physical device supplied by Microsoft to accelerate secure data transfer between on-prem datacenters and Azure with the capabilities of Data Box Gateway and IoT Edge.

Azure Policy

A service for creating, assigning, and managing policies that enforce different rules over resources so that those resources are complaint iwth corporate standards and service level agreements.

Azure Blob Storage

A service that stores unstructured, text or binary data, such as documents, media files, or application installers, as objects called "blobs."

fault domain

A set of VMs sharing common hardware and a single point of failure.

initiative definition

A set of policy definitions to help track the compliance state for a larger goal.

Azure Activity Log

A subscription log which provides insight from subscription-level events that occurred in Azure including Azure ARM operational data and Service Health Events.

Azure Security Center

A unified infrastructure security management system that strengthens the security posture of data centers and provides advanced threat protection across hybrid workloads in the cloud.

CloudExchange colocation

A virtual cross-connection to the Microsoft Cloud through the colocation provider's ethernet exchange.

Azure Resource Manager (ARM) Template

A way to declare objects for deployment consiting of the set of resources needed for an application constructed in JSON format.

How are Data Boxes encrypted?

AES 128 for Data Box Disk and AES 256 for Data Box and Data Box Heavy

Action

Allowable permissions.

Billing Alert Service

Provides the ability to create alerts when approaching spending limits.

Azure account

An identity in Azure Active Directory (AD) or a directory that is trusted by Azure AD, such as a work or school organization.

Azure Storage Explorer

An installable tool for managing Azure cloud storage from Windows, macOS, or Linux.

Account Administrator

Authorized to access the account center and is responsible as the billing owner. There is one per Azure account.

Contributor

Can manage everything except access.

Azure File Sync

Centralizes files in Azure Files while local Windows Servers act as a quick cache for improved performance in multiple locations.

cloud tiering

Data that has not been accessed for a while is removed from local servers and saved only in Azure Files.

For what are logs best used?

Deep analysis and identifying the root cause of issues.

Azure Premium Storage

Delivers high-performance, low-latency disk support for VMs with I/O intensive workloads.

Azure Monitor

Enables core monitoring for Azure services by collecting metrics, activity logs, and diagnostic logs into a common data platform where it can be used for analysis, visualization, and alerting.

Azure ExpressRoute

Extends on-premises networks into the Microsoft cloud over dedicated private connections facilitated by a connectivity provider.

How long may metrics be kept?

For up to 93 days.

general purpose storage account

Grants access to Azure Storage Services including tables, queues, files, blobs, and Azure VM disks.

container

Groups a set of blobs within a storage account.

Data Lake Store

Hadoop distributed file system as a service.

Global Administrator

Has access to all administrative features and is, by default, the person who signed up for the Azure subscription.

Co-Administrator

Has the same permissions as the Service Administrator except that it cannot change the association of Azure subscriptions to Azure directories. There can be up to 200 per subscription.

Alert Management

Helps analyze all of the alerts in the Log Analytics repository.

group

Helps organize users to make it easier to manage permissions.

Alert Management

Helps view operations manager and Log Analytics alerts across the entire environment.

Blobs

Highly scale, REST-based object storage

append blob

Ideal for append operations like logging.

block blob

Ideal for storing text or binary files such as documents and media files.

Azure AD Connect

Integrates on-premises directories with Azure Active Directory to provide a common identity for users of Office 365, Azure, and SaaS applications integrated with Azure AD.

any-to-any (IPVPN) connection

Integrates the corporate WAN, including between branch offices and datacenters, with the Microsoft cloud through VPN tunnels.

Geo-zone-redundant storage (GZRS)

Replicates data across three Azure availability zones in the primary region and to a secondary geographic region.

diagnostic logs

Logs provided by Azure Monitor that give useful data about the operation of Azure resources and services.

federation with AD FS

Microsoft's implementation of an identity federation solution that uses claims-based authentication.

Azure Monitor Alerts

Notify users when resources are performing at a predetermined level or if a detrimental event has occurred.

AD joined devices

Organization-owned devices running Windows 10 and manually registered to Azure AD.

hybrid joined devices

Organization-owned devices running Windows 7, 8, or 10 and automatically registered to Azure AD.

Azure Backup reports

Power BI analysis of how data is protected including storage used, backup items, job health, job duration, and alerts.

How can Metrics data be retrieved?

PowerShell cmdlets, REST API, CLI

delete lock

Prevents the deletion of the resource.

control/management logs

Provide information about Azure Resource Manager CREATE, UPDATE, and DELETE operations.

data plane logs

Provide information about events raised as part of Azure resource usage, such as Windows event system, security, and application logs and diagnostics logs.

alerts

Provide notification of critical conditions and can take automated corrective actions.

Azure Backup Server

Provides a single console for managing the backups of VMs and Microsoft servers.

Azure Storage Account

Provides a unique namespace in the cloud to store and access data objects.

Azure Files

Provides an SMB interface, client libraries, and REST interface for access to stored files from anywhere.

Azure Disks

Provides client libraries and a REST interface allowing users to store and access data from an attached VHD.

Azure Blobs

Provides client libraries and a REST interface enabling accessing and storing unstructured data on a massive scale.

Azure Data Box

Provides offline and online solutions for moving data to the cloud.

Data Box Disk

Secure, ruggedized USB drive with a 8 TB capacity for moving data when the project requires a smaller form factor.

Data Box Heavy

Secure, ruggedized appliance with a 1 PB capacity for moving PB-sized datasets to Azure.

Data Box

Secure, ruggedized appliance with a 100 TB capacity for bulk, offline migration to Azure.

connected sources

The computers and other reosurces that generate data collected by Log Analytics.

data sources

The different kinds of data collected from each connected source.

$schema

The location of JSON schema file that describes the version of the template language.

Border Gateway Protocol (BGP)

The standard routing protocol commonly used in the Internet to exchange routing and reachability information between two or more networks.

contentVersion

The version of the template (such as 1.0.0.0).

Blob access

There is anonymous public read access to blobs only.

Container access

There is anonymous public read and list access to the entire container, including all blobs.

For what is the Activity Log used?

To determine the what, who, and when for any write operations (PUT, POST, DELETE) taken on the resources in a subscription.

Azure Import/Export Service

Transfers data between on-prem and Azure Blob or Azure Files by shipping disk drives to an Azure Data Center.

data disk

USed to store application data or other types of permanent data not related to the operating system.

How many VMs can a scale set support?

Up to 1000 instances

How many action groups may a subscription have?

Up to 2000

How many tags can a resource or resource group have?

Up to 50.

Data Box Gateway

Virtual network transfer appliance that runs on an on-premises hypervisor for transferring data to and from Azure.

How is distributed tracing enabled in Azure Monitor?

With the Application Insights SDK.

How many routes may be attached to a subnet?

Zero or more.

For what are metrics best used?

alerting, fast detection of issues

At what levels can Resource Policies be applied?

subscription, resource group

At what levels can resource locks be applied?

subscription, resource group, resource