AZ-900 Microsoft Certified Azure Fundamentals Exam 2022, Exams of Computer Networks

Download AZ-900 Microsoft Certified Azure Fundamentals Exam 2022 and more Exams Computer Networks in PDF only on Docsity! AZ-900 Microsoft Certified Azure Fundamentals Exam 2022 What are some computing services offered by a Cloud Provider? - Ans •*Compute power* - e.g. Servers or web applications •*Storage* - e.g. Files and Databases •*Networking* - e.g. secure connections between the cloud provider and on-premises. •*Analytics* - e.g. visual telemetry and performance data Jim the systems admin at a fictitious company is an absolute control freak! From the list below, choose the most appropriate cloud solution for him: a). Virtual Machines b). Containers c). Serverless compute - Ans ANSWER: a). *Virtual Machines.* Because he will emulate a physical system, Jim can do whatever he likes (e.g. install software, configure updates etc.) Give the simplest definition of a container. - Ans A container is similar to a VM but it doesn't need a guest operating system. What is Serverless Computing? - Ans Serverless computing lets you run application code(e.g. functions) without creating, configuring, or maintaining a server. When compared to VMs and Containers, it is the lightest and fastest deployment method. Rob is new to cloud computing and is confused by the terms: "Vertical Scaling" and "Horizontal" scaling. Give him a brief rundown on the differences between the two! - Ans *Vertical scaling*: aka "scaling up", is the process of adding resources to increase the power of an existing server. Some examples of vertical scaling are: *adding more CPUs, or adding more memory*. *Horizontal scaling*: aka "scaling out", is the process of adding more servers that function together as one unit. For example, *you have more than one server processing incoming requests* Define: Scalability as it relates to cloud computing - Ans You can increase or decrease the resources and services used based upon the needs of your organization. Define: Elasticity as it relates to cloud computing - Ans As your workload changes due to a spike or drop in demand, a cloud computing system can compensate by automatically adding or removing resources. (e.g. a web-site during Black Friday Sale) Define: redundancy as it relates to cloud computing - Ans If one component fails, another is available to take its place and its workload. Define: fault-tolerance as it relates to cloud computing - Ans Customers and end-users are not impacted when a disaster occurs. Misha the cloud computing class nerd wants to engage you in a discussion on Economies of Scale. Start the conversation off with an adequate definition and an example. - Ans Economies of scale is *the ability to do things more efficiently or at a lower-cost per unit when operating at a larger scale.* In other words, more money is saved, when production rates are higher. Users also pay less for power consumption, cooling and network connectivity than they would with on-premises infrastructure. Compare / Contrast CapEx(Capital Expenditure) vs. OpEx(Operational Expenditure) - Ans •*Capital Expenditure*: the spending of money on physical infrastructure up front, and then deducting that expense from your tax bill over time. CapEx is an upfront cost, which has a value that reduces over time. •*Operational Expenditure*: spending money on services or products now and being billed for them now. You can deduct this expense from your tax bill in the same year. There's no upfront cost. You pay for a service or product as you use it. What is the primary benefit of CapEx? - Ans Fixed Costs and a predictable expense for your budget! Companies on a tight budget will lean here. What is the primary benefit of OpEx? - Ans Grows if demand is increased and shrinks accordingly. For new companies / startups this will make lots of sense. What is Cloud agility? - Ans Cloud agility is the ability to rapidly change an IT infrastructure to adapt to the evolving needs of the business. For e.g. if your service peaks one month, you can scale to demand and pay a larger bill for the month. If the following month the demand drops, you can reduce the used resources and be charged less. This agility lets you manage your costs dynamically, optimizing spending as requirements change. Describe the Public Cloud - Ans Microsoft Azure is a public cloud provider. There is no local hardware to manage or keep up-to-date - everything runs on your cloud provider's hardware. In some cases, you can save additional costs by sharing computing resources with other cloud users. Give one example of where you would use a public cloud solution - Ans Deploy a website or blog. The web-server is handled by the cloud provider. You only worry about managing the site itself. Give three disadvantages to using a public cloud model. - Ans •Security Requirements •Government Policies •Business requirements for a legacy software / application. with it additional benefits of Azure's infrastructure such as scale, availability, and isolation. List some of the core available options for storage that a customer can choose from in Azure. - Ans •Azure Blob Storage •Azure File Storage •Azure Queue Storage •Azure Table Storage They all can be accessed easily from anywhere in the world in a standard web browser! Rob has started his own video surveillance company and wishes to park his customer's footage in the cloud where it is secure and highly accessible. Propose the most appropriate Azure storage solution to him. - Ans Azure Blob Storage, is capable of storing very large objects like video files & bitmaps. A small company with 10 employees and little capital want to migrate their small on- premises storage server to the cloud. Choose an appropriate Azure solution. - Ans Azure File Storage is excellent for this scenario, because it consists of File shares that you can access and manage like a file server A software/web developer has built a 2 Factor Authentication app on Azure. Where can he park separate events or functions that form the building blocks of communication in his application? He only wants these events or functions to run when triggered(e.g. when a customer attempts to authenticate). - Ans Azure Queue storage. It is a service for storing large numbers of messages. You access messages from anywhere in the world via authenticated calls using HTTP or HTTPS. Describe Azure Table Storage in simple terms. - Ans A NoSQL store that hosts unstructured data independent of any schema List some of the key Database Services provided by Azure. - Ans •Azure Cosmos DB •Azure SQL Data Warehouse •Azure Database Migration Service •Azure SQL Database True or False. Azure Cosmos DB only supports SQL databases. - Ans *FALSE*. Comos DB is multi-model (it supports all kinds of different databases, even NoSQL ones!) and is globally distributed making workload migration between nearby geographical locations a breeze! Azure offers services related to the IoT(Internet of Things). A manufacturing company has thousands of smart probes and sensors and would like a way to securely monitor communications and messages between them all. Suggest the most appropriate Azure IoT service. - Ans Azure IoT Hub. It directly handles messages between IoT devices (Think of the Phillips Hue Hub, AppleTV for HomeKit, WINK Hub). What is the IoT Central? - Ans It is a SaaS based Azure software that makes it easy to connect, monitor, and manage your IoT assets (think of WINK, HomeKit etc. as examples) What does the term "BigData" mean? - Ans Simply put, it is referring to huge volumes of data.This data is typically things like weather & communication systems, satellite feeds, scientific research etc. What Azure services can be used to manage BigData? - Ans Azure HD Insights, Azure SQL Data Warehouse, and Azure DataLake Azure is involved in the AI and Machine Learning space. What are some key cognitive services offered? - Ans Vision, Speech, Natural Language Processing. In terms of Server-less Computing concepts, name some of the solutions offered by Azure. - Ans *Azure Logic Apps* (to orchestrate and connect server-less functions & APIs), *Azure Functions* (run computer code without worrying about servers), *Azure Active Directory*. What is an Azure Region? Also name a few popular regions right here in the USA. - Ans A region is a set of datacenters deployed within a latency-defined perimeter and connected through a dedicated regional low-latency network.Some examples of popular regions are: *East US & East US 2, SouthCentral US, West US, West US 2, Central US. * What is an Azure Geography? - Ans It is a special market(made up of at least 2 regions) that caters to customers who due to data-residency and compliance requirements, need to keep their data as geographically close as possible (e.g. a Law firm with Florida Bar Requirements). Geographies are also fault-tolerant. what is an Availability Zone? - Ans Availability Zones are physically separate locations within an Azure region (think of subsets within a Venn Diagram!) Each Availability Zone is made up of one or more datacenters equipped with independent power, cooling, and networking. What popular Azure services make use of Availability Zones? - Ans Availability Zones are primarily for VMs, managed disks, load balancers, and SQL databases. Describe in detail, the primary functions of the Azure Resource Manager. - Ans Azure Resource Manager is the deployment and management service for Azure. It provides a consistent management layer that enables you to create, update, and delete resources in your Azure subscription. You can use its access control, auditing, and tagging features to secure and organize your resources after deployment. Define an Azure Resource and give some examples. - Ans A manageable item that is available through Azure. Virtual machines, storage accounts, web apps, databases, and virtual networks are examples of resources. What is an Azure Resource group? - Ans A container that holds related resources for an Azure solution. The resource group includes those resources that you want to manage as a group. You decide how to allocate resources to resource groups based on what makes the most sense for your organization. For example, networking resources can be placed in their own resource group. What is the Azure Firewall? - Ans It is *a managed, cloud-based, network security service that protects your Azure Virtual Network resources*. It is a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability. What is one of the primary benefits of Azure DDoS protection? - Ans Azure DDoS protection identifies the attacker's attempt to overwhelm the network and blocks further traffic from reaching Azure services. Legitimate traffic from customers still flows into Azure without any interruption of service. Name three kinds of attacks that Azure DDoS protection is capable of mitigating. - Ans *Volumetric attacks*: The attackers goal is to flood the network layer with a substantial amount of seemingly legitimate traffic. *Protocol attacks*. These attacks render a target inaccessible, by exploiting a weakness in the layer 3 and layer 4 protocol stack. *Resource (application) layer attacks*. These attacks target web application packets to disrupt the transmission of data between hosts. Describe the function of Network Security Group(NSG). - Ans It enables you to filter network traffic to and from Azure resources in an Azure virtual network.This can be done by source/dest. IP address, port and protocol. As it relates to IAM(Identity & Access Management), define "Authentication(AuthN)". - Ans *Authentication(AuthN)* is the process of *establishing the identity of a person or service looking to access a resource*. It establishes if they are who they say they are! As it relates to IAM(Identity & Access Management), define "Authorization(AuthZ)". - Ans *Authorization(AuthZ)* is the process of *establishing what level of access an authenticated person or service has*. It specifies what data they're allowed to access and what they can do with it. Describe Azure Active Directory. - Ans Azure AD is a cloud-based identity service. It has built in support for synchronizing with your existing on-premises Active Directory or can be used stand-alone. This means that all your applications, whether on-premises, in the cloud (including Office 365), or even mobile can share the same credentials. True or False. Tags can be applied to any kind of resource on Azure. - Ans ANSWER: *FALSE* Not all resources in Azure support tags! You have to check and see which ones do. Are applied Tags inherited? - Ans ANSWER: *NO*. Every resource that needs to be tagged, should be tagged accordingly. True or False. Resources can be in only one resource group. - Ans ANSWER: *TRUE*. Resources can belong to only one group at a time. Can Resource groups be nested? - Ans ANSWER: *NO* Although other cloud providers may offer this feature, it is not yet offered in Azure. How are the terms Azure Monitor and Telemetry connected? - Ans Azure Monitor is a comprehensive solution for *collecting, analyzing, and acting on telemetry from your cloud and on-premises environments*. It helps you understand how your applications are performing and proactively identifies issues affecting them and the resources they depend on. Robert has created some resources in Azure. How soon can he take advantage of the Azure Monitoring service? - Ans Immediately! He can enable diagnostics on supported resources, and for compute resources he can even add an agent to begin collecting data. List some use cases and benefits of the Azure Monitor. - Ans •A way to *visualize and present data* to different audiences(e.g. a yearly audit, or report for a technology committee meeting, or for a customer whose needs demand it). •*Respond proactively to critical conditions*(e.g. sending a text alert to an administrator responsible for handling the issue or automating a process that attempts to fix it). •Overall *visibility into the operations of your cloud* environment. What is Azure Service Health? - Ans Azure Service Health is a suite of experiences that provide personalized *guidance and support when issues with Azure services affect you*. It can notify you, help you understand the impact of issues, and keep you updated as the issue is resolved. List the components of Azure Health? Also what are some use cases of Azure Service Health? - Ans •*Azure Status* provides a global view of the health state of Azure services •*Service Health* offers a customizable dashboard that tracks the state of your Azure services in the regions where you use them. In this dashboard, you can track active events such as ongoing service issues, upcoming planned maintenance, or relevant Health advisories. •*Resource Health* helps you diagnose and obtain support when an Azure service issue affects your resources. It provides you with details with about the current and past state of your resources. It also provides technical support to help you mitigate problems. A Cloud Administrator has concerns about resources meeting SLAs(Service Level Agreements). Which of the Azure Health components is appropriate for this scenario? - Ans *Azure Resource Health*. It provides a much more in-depth view than Azure Status, plus the administrator can opt to have a customized dashboard that provides insights into how well his resources meet those SLAs. Explain the purpose of the Microsoft Privacy Statement. - Ans This privacy statement explains the personal data Microsoft processes, how Microsoft processes it, and for what purposes. Describe the Microsoft Trust Center? - Ans It contains information and details about how Microsoft implements and supports security, privacy, compliance, and transparency in all Microsoft cloud products and services. Describe the Service Trust Portal? - Ans It hosts the Compliance Manager service, and is the Microsoft public site for published downloadable audit reports and other compliance-related information relevant to how Microsoft builds and operates its cloud services. Microsoft Azure is compliant with several standards, laws and regularitons. List some of these. - Ans ISO, SOC, NIST, FedRAMP, GDPR What is GDPR? - Ans GDPR stands for *General Data Protection Regulation*. It's the core of Europe's digital privacy legislation. What is ISO? - Ans ISO, the International Organization for Standardization, develops and publishes International Standards. What does it mean to be NIST compliant? - Ans Generally speaking, *NIST guidance* provides the set of standards for recommended security controls for information systems at federal agencies. What does it mean to be SOC/SOC2 compliant? - Ans SOC stands for "system and organization controls," and the controls are a series of standards designed to help measure how well a given service organization conducts and regulates its information. What is the Compliance Manager? - Ans Found in the Service Trust Portal, it is comprehensive a dashboard that provides a summary of your data protection and compliance stature and recommendations for improvement for services like Azure, Dynamics 365, & Office 365. What is Azure Government, and what are some of the services offered? - Ans Basically specialized cloud service offerings by Azure for government agencies. It is operated by screened U.S. Citizens. Some mission critical services offered are: Azure Site Recovery(DRaaS-Disaster Recovery-as-a-Service), and Azure Analysis Services. What is Azure Germany? - Ans Basically Azure Cloud Services operated under strict EU regulations and ONLY within Germany data-centers.However *not all Azure US services are offered in Germany*. Some particular services not yet offered are: Azure Active Directory Premium, and Azure Key Vault. When you provision an Azure resource, Azure creates one or more meter instances for that resource. The meters track the resources' usage, and generate a usage record that is used to calculate your bill.Give some examples of tracking meters that can be used? - Ans •Compute Hours •IP Address Hours •Data Transfer In •Data Transfer Out •Standard Managed Disk If an admin de-allocates (the equivalent of turning off) a VM, will he still be charged for usage? - Ans *YES and NO*. He will NOT be charged for compute time, however he will be charge for persistent disks (to keep his data on that VM's storage). Name three options a customer has to purchase Azure Products & Services? - Ans Enterprise, Web, Cloud Service Provider (CSP) Describe an Azure Enterprise agreement. - Ans *Enterprise* customers sign an Enterprise Agreement with Azure that commits them to spend a negotiated amount on Azure services, which they typically pay annually. Enterprise customers also have access to customized Azure pricing. Describe an Azure Web agreement. - Ans *Direct Web* customers pay general public prices for Azure resources, and their monthly billing and payments occur through the Azure website. Describe what takes place when a customer purchases Azure services through a Cloud Service Provider. - Ans *Cloud Solution Providers (CSP)* typically are Microsoft partner companies that a customer hires to build solutions on top of Azure. Payment and billing for Azure usage occur through the customer's CSP. True or False. Customers are required to pay for inbound data transfers (data going into Azure datacenters). - Ans *FALSE*. Most of the time inbound data transfers (data going into Azure datacenters) are free. For outbound data transfers (data going out of Azure datacenters), the data transfer pricing is based on Billing Zones. What is an Azure Billing Zone? - Ans An Zone is a geographical grouping of Azure Regions for billing purposes.(NOTE: not to be confused with Availability Zones!) What countries / territories are part of Zone 1? - Ans United States, Europe, Canada, UK, France