Test

Ace your homework & exams now with Quizwiz!

Azure portal

A graphic interface for deploying managing and monitoring Azure resources - it can be used to manage all aspects of your applications has a home view, which is the default view with menus, a dashboard view, which gives you easy access to tools and information

Azure Scale sets

A VM scale set is a group of identical autoscaling VMs in the Azure cloud. Allow you to easily deploy and manage large number of VMs as a single unit. Sets to provision VMs automatically,

What is Azure App service?

A cloud platform for developing and hosting web applications and services. It enables you to build web apps and preform automated deployments from ADO Tools and service for software developers. CO/CD platforms, control repos, SQL databases, container registries.

Describe regions

Regions are always paired with other regions regions contain one or more data centers regions specify the location of resources

Tags

- not all Azure resources support tags, cannot be applied to resources that came out before Aure resource manager. Are name/ value pairs- can apply to Azure resources, RGs or subscriptions using powershell, CLI- as many as 50 applied by RG, not inherited by resources can create a policy that tags resources

What are Azure dedicated hosts?

A provided physical severs dedicated to your organization's workload only. They are isolated physical servers where you run organizations workload only. They are single tenant, so they are dedicated to a single subscription only. They are only charged per dedicated host.

Resource groups?

Allow you to group resources togther

Vnet peering

Allows virtual machines in two separate virtual networks to communicate directly, using their private IP addresses.

Azure CLI

An automated way to control and automate many of the same tasks that can be performed through the Aure portal, such as creating and managing VMs, networking, storage and more used to manage multiple subscriptions

ASG

Application security groups- mutli tier arch provide the possibility to group network interfaces of the virtual machines per service tier and give each tier human readable labels. Much easier than IP addresses.

What are aviabiity sets?

Availability sets are separate deployments in the same data center. they provide separate fault and update zones, but same data center.

Azure Cloud Shell

Azure Cloud Shell is a browser-based scripting environment in your portal.

What is Azure Advisor?

Azure advisor integrates with MSFT defender for cloud to help prevent, detect and respond to threats to Azure resources. Azure Advisor analyzes resource configuration and usage telemetry to provide recommendations for: high availability, security, performance and Cost. used to review security recommendations for your deployed resources. Advisor integrates with security center to allow you to detect issues before the occur You can then view recommendations to help mitigate the threat

Azure File Storage

Azure files is a cloud file storage service from MSFT that operates like a traditional file server. Accessed using Server Message Block (SMB protocol). SMB is a file sharing protocl used on Windows operating systems. Can be accessed using Network File System protocol. SAS not required

Azure Storage

Cloud storage designed for large-scale applications, including providing a storage foundation for Azure virtual machines. A valid destination for platform metrics and logs

Describe Azure Storage access tiers

Cold Storage: incurs penalties for data deleted within 30 days Archive storage tier is not available at the account level The archive tier incurs the highest rehydration costs Hot tier: best performance and lowest access latencies but is the most expensive. Data used frequently. Cool tier- accessed less frequently. must be stored for at least 30 days. moving or deleting incurs penalties Archive tier: rarely access. Highest access latencies.

Your team does not have the resources to provision and scale the infrastructure your applications require to run. What should you do?

Create an Azure functions subscription and upload your code Azure functions is an example of serverless computing. In the serverless computing model, ad customer can submit their application code to a cloud service provider such as Azure Azure provisions and maintains the servers and infrastructure required to run the application: including backups, high availability and autoscaling

Azure Data Studio

Data management tool that enables you to connect to and query data stores and build reports.

A company plans to use a custom software as a Service application and wants to minimize costs The company is legally required to maintain and secure all access on site.

Hybrid model- combines features of public and private clouds, this provides a way to save costs by sharing less secure solution needs in a public cloud and providing high risk, high value resources internal to the network

Application Security Groups

Let you organize similar servers so you can easily define and implement security policies based on hose groups

What are policies?

Policies allow you to specify what type of resources can be created

A company needs to implement a solution where it maintains management control over hardware and infrastructure. The solution can be physcially deployed offsite

Private model- one where an org builds and maintains its own solution within its own datacenter or hosted as dedicated resources by a solution provider. Services and infrastructure are hosted on a private network dedicated to that organization only

What are regional pairs?

Provides separate fault and update zones but does not min latency.

What are Role Based Access Controls?

RBAC allow you to assign permissions to users so that they can create resources in Azure. This allows you to control which users are allowed to create resources. assigns permissions that apply to users and groups

Azure Key Vault

Securely store a database connection string to avoid its accidental exposure in a web sites source code. an azure service that allows you to securely store and access cryptographic keys, passwords, certifications and other secrets. To avoid exposure of your backend database connection string in a web applications source doe, you can store it in Azure Key Vault and retrieve it in your application programmatically

A private cloud

Services and the infrastructure are run on a private network by definition, will have a single tenant

What are spot VMs?

Spot pricing provides access to Azure compute resources at deep discounts when unused Azure capacity is avialble Not use standard SLA for Azure VMs- evicted with 30 second notice you set the cap

Resource helth

View the number of VMs hat are currently down. Resource health displays a list of health issues that are related to a particular resource, such as either a VM is available or not

What are iniatives?

What are initiatives

What us Azure blue prints?

When a blueprint is updated and the updated version is published, any assignments of the blueprint are not updated automatically. You must update the blueprint assignment with the new updated version of the assignment When a blueprint is unassigned, all of the resources assigned by the blueprint remain in place, but blueprint resources lacking is removed. This also results in the deletion of the blueprint assignment object When you deleted a core blueprint, any assigned versions of the blueprint remain in place A blueprint must be unassigned before it can be deleted.

When to use a policy

When you want to ensure that only CMs of a specific size are deployed to a scope such as a RG or a subscription. Policy definition is a JSON files, assigned to a scope. Used to enforce rules that apply to ensure compliance and identify non-compliant resources

Lock

When you want to prevent VMS from being deleted by anyone after they have been deployed. When you want to prevent new resources from being added to a RG prevent accidental modification of a RG

Health Advisories

You want to view the Azure features that are planned to be deprecated or when usage exceeds quota

Container group

a container group is a group of containers that all run on the same host VM, this means the group itself is tied to the operating system. So, all containers in the container group share the same operating system

What is Azure SQL

a family of relational database services built on MSFT SQL server. High availability, scale, global distribution while still providing familiarity and compatibility of SQL server.

Azure monitor

a monitoring solution that can collect telemetry from your resources to analyze their performance, create alerts, and build dashboards with a system health overview of your Azure and on premise env allows a admin to configure actions that should occur when specific conditions are met on the consumer side- when CPU for a VM exceeds a certain threshold or resource usage quotas, such as CPU is reached metrics are numerical values that describe some aspects of the system- such as CPU time- nt an analysis feature

Azure lo analytics workspace

a place in the cloud where you can collect and query your log data. You can use Aure Log analytics workspace to explore and analyze data from a variety of sources

Azure QuickStart templates

a stored VM config used to speed up the deployment of frequently used OS configs. It is an infrastructure component

Vertical Scalability

add compute and memory resources to each virtual machine describes an environment where the number of compute nodes is minimized but compute resources for each node are increased nodes

Azure resource manager

allows you to increase default limits how many of select resources of each type can be provisioned per azure region- lets you increase default limits but does not exceed hard times used to deploy resources based on templates and provides an easy to deploy consistent resources uses basic JSON sytax with support for expressions and functions that extend JSOn values

Health history

allows you to know how many time your web app has been unavailable during the past month. Keeps track of inactivity for 90 days.

PaaS

allows you to manage applicatiosn without managing underlying OS you do not create CM- only have control of te applications on the V<

Iaas

allows you to rent hardware and have control over the OS- includes VMs, Vnets can create VMs, attach devices to them, and assign the VM to Vnets that you create. you control applications. OS updates don by azure

Azure ad

analyzes your resource config to ep you optimize your Azure deployments, provides best practices recommendations regarding performance, Secuity and avaibility

What are availability zones?

availability zones are deployed in separate data centers, so interruptions in one zone do not affect the other. Each availability zone is a separate fault and update zone and low latency with other availability zones in the region

Azure Reservations

can cut costs- can be applied to VMs, Blob storage, Cosmos or SQL - commit a 3 year plan for VMs and storage resources to receive a reduction in pay as you go

VPN Gateway

can deploy to a v net to connect them to each other over the public internet v net is created in the scope of a region- v nets from different regions can talk to each other through MSFt connectivity in Azure or via VPN gateways

Azure SQL database

cost effective, serverless database with an intermittent usage pattern and low computer utilization over time. Serverless service tier is optimized for scenarios with intermittent of unpredictable usage patterns Automatically passes the database during times of inacibiy nd resunes with aciity retuens.

advantage of public cloud over private cloud

costs are lower and spread among multiple tenants. This possible because subscribing tenants share resources, and the provider can take advantage of economies of scale. Usually, higher level of reliability because it is based on a larger network of services

User defined roles

custom routing tables that are used to override and supplement the default routing tables in V nets

Azure firewall

deny traffic to your azure virtual network resources from known malicious IP addresses is firewall as a service in Azure that can protect your resources

Microsoft cloud defender

designed to help protect azure cloud, non-Azure cloud and hybrid computing resources through a set of Secuity tools. MSFT defender for cloud provides tool to help strengthen your orgs security posture, protect against threats and quickly secure your computing enviorment

Free subscriptions

evaluate Azure App services for six months- $200 credit- free access to azure services for a year

A free azure subscription

free for 30 days, $200 credit

Azure database for Postgrse SQL

fully manages database service based on the PostgreSQL community edition database engine, As a PaaS offering not provide access to the OS. Not compatible with SQL service to provide smooth lift and shift service

Azure front door

global endpoint that works at layer 7 (http/https) to enable fast, secure and widely scalable web apps

Why private cloud over cloud?

greater security- based on a private network, including storage public cloud does not support high level of customization for each tenant- while there are levels of it available on demand scalability is a feature of both

Which five factors affect the cost of an app service?

instance type- size of VM- CPU (memory) and storage number of instances- number of VMs that host web app operating system region- location tier

Azure traffic manager

is a DNS based traffic load balancer that allows optimal distribution of traffic to azure services spread across global Azure regions

Azure express route

is a service that enables private connectivity between your on-premise network and MSFt azure or MSFT 365 is routed over private connection enabled through a connectivity provider at a co location facility

Azure spending limits

limits that are set on a subscription and set a shard limit on how much can be spent during a billing period- once set, cannot be increased

Azure SQL server managed instance

near 100 percent compatibility with the latest version of SQL server enterprise edition.... PaaS offering, eliminating over head for the management of underlying infrastructure

NSGs

network security groups are specialized packet filtering firewalls that let you define security rules to control traffic into and out of a Vnet, between subnets, or per VM. You have the option of applying NSGs

SaaS

office 365

What three authentication types are supported by both self-service password reset and multifactor authentication

password, voice call and SMS

hybrid cloud

private cloud and public cloud on prem infrastructure and a public cloud

Azure cost manager

provided at no cost to azure customers and partners- multi cloud platform a free SaaS solution that allows to monitor, allocate and optimize cloud spend in a multi cloud environment

Azure Service Health

provides information about planned maintenance and advisories such as depreciated offerings. This is provided through azure status at the global level and Service health at the individual service level Also includes Resource health, which reports about individual resources through a configurable dashboard used to notify admin when certain events take place for which cloud provider is repsonsible-

A company wants to deploy multiple servers to host web applications but wants to keep hardware cats and management costs to a minimum The solution should be highly scalable

public model- the solution is managed by a provider. Most solutions are based on a multi-tenant model with the solution run is a shared environment with customer data

Alerts

receive an email whenever the number of requests to a web app exceeds 10,000 within an hour. Alerts are notifications that you set up to be sent when a metric exceeds a certain threshold

Health alerts

receive text messages when azure maintenance is planned

self-service password reset vs MFA

security questions and email addresses are for SSPR only MFA supports app password- non browser applications

Azure Functions

serverless computing that allows a subscriber to submit their application code to a cloud provider. allows you execute your code when needed and pay for the actual runtime only- without worrying about config of management of the underlying or physical and application infrastructure- triggered by any event types- including HTTP requests

Metrics

simply tells you how a resource is preforming and what it is consuimg

High Aviability

the ability to keep cloud resources and services functioning for long periods of time. Cloud service providers typically offer an SLA that guarantees HA or uptime of resources and services as a percentage

Agility

the ability to react quickly with allocation and deallocation of cloud resources. It allows deployment of required resources and Services in minutes without manual administration of providing or deprovisioning services

Disaster recovery is

the ability to restore a cloud service in the wake of catastrophic loss taking reg backups and replicating your application across different regions are some of the disaster recovery measures that help you ensure that data remains safe and that your applications availability is not impacted after an unexpected disastrous event

User access administrator

thei srole grants permissions to assign access and assign policies only

Application Insights

to enable developers to improve app performance and usability in Realtime allows cloud on on prem apps to send telemetry data to Azure * VISUALLY AANALYSE TELEMTRY DATA Monitors the availability, performance, and usage of web applications. it exposes an API so that developers can log data to Azure and evaluate performance bottlenecks and app usability

MSFT backbone infrastructure

traffic between peered Vnets is not routed over the public internet- instead routed through MSFT backbone

Container

typically contain only the binaries and libraries to run a single app or service. it is a infrastructure that component tat must be created, deployed, and periodically updated. azure supports AKS can be accessed over the internet by IP address or domain name. similar to a VM. - With Azure container instances- can specify the DNS label allowing container to be reachable with a URL Can run on windows or Linux represents a single app and dependencies- allows you to package, deploy, and manage the container as a unit Not require you to manually install dependencies- dependencies are installed automatically can be scaled out as needed

Shared Access Signature

unique identifier that you can use to authorize access to your Azure resources. Has info to authenticate and access resources- URI, permissions and expiry. generated programmatically or manually.

AZURE POWERSHELL

use when you need to log in to Azure with the following command without manually opening browser: - connect Account can install locally on linnux, iOs or mac az login - Azure CLI a cross platform command line tool to allow you manage Azure resources from your computer can be used to create scripts to automate azure management tasks- provides support for the concurrent execution of multiple scripts- most tasks can be automated through the use of PowerShell scrips

MSFT sentinel

used to build a baseline behavioral profile of organizational entities to identify anomalous activity. Is a security information and event manager platform that can analyze data across the enterprise to identify potential threats, including anomalous activities of users of applications, and help with faster and smarter responses.

Pay as you go

want to evaluate Azure VMs for 18 months- charges you monthly

Initative

want to manage a collection of policy definitions. Allows you to manage Mutiple polices as a while

Cloud bursting

when a company uses its own computing infrastructure for normal usage and accesses the public cloud infrastructure when it needs to scale for peak load requirements, ensuring that a sudden spike in usage does not result in poor performance or system crashes

Enterprise subscription

when you want to purchase Azure VMs and software licenses under one agreement- saves money

Horizontal scablity

where load distributed across compute nodes that are added and removed as needed. This approach does not add compute or memory resources to existing Vms


Related study sets

French questions quiz (Etre et Avoir)

View Set

peril -serious and immediate danger pos-noun form-adjective perils,perilous adverb

View Set

History and Geography 902 self test 2 study guide

View Set

Chapter 2 Cells, Tissue , Organs and Systems

View Set