Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Az-305 Dec 2023 > 4.8 Networking in Azure > Flashcards

4.8 Networking in Azure Flashcards

1
Q

What are the two types of networks in Azure?

A) Public and private networks

B) Azure backbone and Azure VNets

C) Virtual networks and physical networks

D) Standard pass storage accounts and managed services

A

B) Azure backbone and Azure VNets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

When do services in Azure use the Azure backbone for communication?

A) When they are connected to a VNet

B) When they are non-VNet-connected services

C) When they are using standard pass storage accounts

D) When they are integrated with managed services

A

B) When they are non-VNet-connected services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the purpose of the Azure backbone?

A) To replicate data between storage accounts

B) To provide a fully-managed networking service in Azure

C) To integrate services with managed services

D) To communicate effectively and safely between solution components

A

Answer: D) To communicate effectively and safely between solution component

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which type of networking is a key skill in Azure?

A) Public networking

B) Private networking

C) Networking as a general term

D) Azure backbone networking

A

C) Networking as a general term

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What do solution components in Azure need to be able to do?

A) Communicate with each other effectively and safely

B) Replicate data between storage accounts

C) Integrate with non-VNet-connected services

D) Use the Azure backbone for communication

A

A) Communicate with each other effectively and safely

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which Azure service is used to manage and secure the virtual networks in Azure?

A) Azure Firewall

B) Azure Virtual Network

C) Azure Load Balancer

D) Azure VPN Gateway

A

B) Azure Virtual Network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the purpose of Azure Load Balancer?

A) To manage and secure virtual networks in Azure

B) To distribute network traffic across multiple VMs

C) To establish a secure connection between on-premises networks and Azure

D) To provide a fully-managed networking service in Azure

A

B) To distribute network traffic across multiple VMs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the role of Azure Firewall in networking?

A) To distribute network traffic across multiple VMs

B) To establish a secure connection between on-premises networks and Azure

C) To manage and secure virtual networks in Azure

D) To provide a fully-managed networking service in Azure

A

C) To manage and secure virtual networks in Azure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which Azure service is used to establish a secure connection between on-premises networks and Azure?

A) Azure Firewall

B) Azure Virtual Network

C) Azure Load Balancer

D) Azure VPN Gateway

A

D) Azure VPN Gateway

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the purpose of Azure ExpressRoute?

A) To manage and secure virtual networks in Azure

B) To distribute network traffic across multiple VMs

C) To establish a secure connection between on-premises networks and Azure

D) To provide a fully-managed networking service in Azure

A

C) To establish a secure connection between on-premises networks and Azure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the purpose of network security groups (NSGs) in Azure?

A) To manage and secure virtual networks

B) To distribute network traffic across multiple VMs

C) To define inbound and outbound rules for traffic flow

D) To establish a secure connection between on-premises networks and Azure

A

C) To define inbound and outbound rules for traffic flow

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Why is blocking outbound traffic important in network security?

A) To manage and secure virtual networks

B) To distribute network traffic across multiple VMs

C) To prevent insider threats and unauthorized data exfiltration

D) To establish a secure connection between on-premises networks and Azure

A

C) To prevent insider threats and unauthorized data exfiltration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is a common use case for network security groups (NSGs)?

A) To manage and secure virtual networks

B) To distribute network traffic across multiple VMs

C) To define inbound and outbound rules for traffic flow

D) To establish a secure connection between on-premises networks and Azure

A

C) To define inbound and outbound rules for traffic flow

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the first line of defense for network security in Azure?

A) Network security groups (NSGs)

B) Azure Firewall

C) Azure Virtual Network

D) Azure VPN Gateway

A

A) Network security groups (NSGs)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which component of Azure allows the definition of specific inbound and outbound rules for network traffic?

A) Network security groups (NSGs)

B) Azure Firewall

C) Azure Virtual Network

D) Azure VPN Gateway

A

A) Network security groups (NSGs)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is the main purpose of Azure Firewall?

A) To manage and secure virtual networks

B) To distribute network traffic across multiple VMs

C) To provide stateful packet inspection and network-level security

D) To establish a secure connection between on-premises networks and Azure

A

C) To provide stateful packet inspection and network-level security

17
Q

Which feature of Azure Firewall allows for centralized control and cost savings?

A) Application rules

B) Network rules

C) NAT rules

D) Central deployment and peering

A

D) Central deployment and peering

18
Q

Which deployment methods can be used to install Azure Firewall?

A) Azure portal only

B) PowerShell only

C) REST API only

D) Azure portal, PowerShell, REST API, or templates

A

D) Azure portal, PowerShell, REST API, or templates

19
Q

Which service can be used to analyze logs generated by Azure Firewall?

A) Azure Monitor

B) Azure Firewall Manager

C) Network Security Groups

D) Azure Virtual Network

A

A) Azure Monitor

20
Q

How does Azure Firewall differ from other services like NVAs and Application Gateway WAF?

A) It provides stateful packet inspection and network-level security

B) It supports features such as application rules, network rules, and NAT rules

C) It can be centrally deployed and peered with other virtual networks

D) It complements Network Security Groups for better network security

A

A) It provides stateful packet inspection and network-level security

21
Q

By default, can multiple VNETs in Azure communicate with each other?

A) Yes, they can communicate without any additional configuration

B) No, they cannot communicate by default

C) It depends on the region where the VNETs are located

D) It depends on the size of the VNETs

A

B) No, they cannot communicate by default

22
Q

When can two VNETs in Azure use the same IP address base?

A) When they are located in the same region

B) When they are of the same size

C) When they never need to communicate with each other

D) When they are connected to physical networks

A

C) When they never need to communicate with each othe

23
Q

What should you consider when connecting VNETs in Azure?

A) The size of the VNETs

B) The region where the VNETs are located

C) The potential impact on network security

D) The number of subnets within each VNET

A

C) The potential impact on network security

24
Q

Why should you ensure that VNETs in Azure do not use overlapping address bases?

A) To avoid conflicts between subnets within the same VNET

B) To improve network performance between VNETs

C) To enable communication between VNETs in the same region

D) To prevent network security risks when connecting VNETs

A

D) To prevent network security risks when connecting VNETs

25
Q

Can VNETs in Azure be located in different regions?

A) Yes, VNETs can be located in different regions

B) No, VNETs must be located in the same region

C) It depends on the size of the VNETs

D) It depends on the number of subnets within each VNET

A

A) Yes, VNETs can be located in different regions

26
Q

What is the more secure option for controlling traffic to services in Azure?

a) Allowing traffic from any source

b) Controlling traffic from within your local VNET

c) Allowing traffic from specific IP addresses

d) Disabling all traffic to the services

A

b) Controlling traffic from within your local VNET

27
Q

Which services in Azure can be connected to a VNET using VNET integration?

a) Storage

b) Azure SQL

c) CosmosDB

d) Web apps and function apps

A

d) Web apps and function apps

28
Q

What must be configured to ensure traffic originates from within your local VNET?

a) Default endpoint settings

b) Local firewall settings

c) Service Endpoints

d) Azure Backbone Network

A

c) Service Endpoints

29
Q

What do Service Endpoints provide in Azure?

a) Secure access to the internet

b) Direct and secure access from one Azure service to another

c) Access to Azure services through public addresses

d) Secure access to virtual machines connected to a VNET

A

b) Direct and secure access from one Azure service to another

30
Q

What is the default behavior for communication to the default endpoint in Azure?

a) Traffic originates from within the local VNET

b) Traffic originates from any source

c) Traffic originates from specific IP addresses

d) Traffic originates from the public address

A

d) Traffic originates from the public address

31
Q

Scenario: I’ve got two servers I’ve built in Azure.

The first is a Linux server here, which is running Apache. It does not have a public IP address, but it has a private IP address. This is running on a VNET called VNET-2 on a default subnet.

I have another server, which is a Windows virtual machine that I’m currently working on. It is running on a different VNET, VNET-1, compared to the Linux server. The Windows server has a private IP range and its IP address is slightly different from the Apache server. The Apache server is on 10.1.0.4 while the Windows server is on 10.0.0.4. Although the Windows server has a public IP address, it is only used for me to connect to it.

I have a Linux server running Apache on VNET-2 with a private IP. My Windows virtual machine is on VNET-1 with a different IP range, and has a public IP.

The virtual machine running Linux is on Apache and the default website. I’m remotely accessing Windows 11 through a virtual machine on Azure. But browsing to the address won’t work since communication between VNETs is not automatic. We’ll fix that by adding a new peering in the VNET-1.

Let’s name our network VNET1-VNET2 and accept the default settings. We’re creating a standard point-to-point connection, so we’ll need to specify that this gateway is VNET2 to VNET1. Next, we can add the remote VNET, which is VNET-2. After connecting, we can test connectivity by pinging the other IP address using the command prompt. If we receive a reply, we’re all set.

A web server issue may be caused by a network security group blocking traffic. We can fix this by checking port rules, deleting blocking traffic rules, and reverting to the default rule set. After that, we should refresh the server and test the communication.

We can’t access the image folder in our storage account because we have restricted traffic from specific virtual networks and IPs. To resolve this, we can add the virtual network “traffic VNET-1” from where our virtual machine is running. Once we save these changes, we need to wait for them to take effect and then we can access the image.

If we try to access this from a public endpoint, we won’t be able to because of the service endpoint rule we’ve created.

These are two important things to remember when building and configuring networks in Azure. Using service endpoints with VNET integration is a great way to ensure traffic only comes from internal services. Peering is a great way to build HubSpot model networks easily and quickly.

A
32
Q

In the given scenario, which server is running Apache?

a) Linux server on VNET-2

b) Windows virtual machine on VNET-1

c) Both servers are running Apache

d) None of the servers are running Apache

A

a) Linux server on VNET-2

33
Q

What is the purpose of the public IP address on the Windows virtual machine?

a) To connect to the Linux server

b) To connect to the internet

c) To establish a secure connection

d) To communicate with other virtual machines

A

b) To connect to the internet

34
Q

Which network is the Windows virtual machine running on?

a) VNET-2

b) Default subnet

c) VNET-1

d) None of the above

A

c) VNET-1

35
Q

What is the IP address of the Linux server?

a) 10.0.0.4

b) 10.1.0.4

c) 10.0.0.1

d) 10.1.0.1

A

b) 10.1.0.4

36
Q

What are the topics covered in the course “Microsoft Azure Solutions Architect Expert (AZ-305) Cert Prep: 4 Design Infrastructure Solutions”?

a) Routing, peering, and network security groups

b) Azure administration and development

c) Azure data storage solutions

d) Azure identity and governance solutions

A

a) Routing, peering, and network security groups.

Az-305 Dec 2023 (29 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions