Design and Implement a Storage Strategy (20-25%)

Question 1

What are the 2 types of SAS keys?

Answer 1

1. Service SAS - delegate to resource in one of the storage services
2. Account SAS - delegate to resources in one or more storage services

Question 2

What is a Shared access signature (SAS)?

Answer 2

A shared access signature is a signed URI that points to one or more storage resources and includes a token that contains a special set of query parameters. The token indicates how the resources may be accessed by the client.

Question 3

What are the 2 forms of SAS keys?

Answer 3

1. Ad hoc SAS

2. SAS with stored access policy

Question 4

True/False: A shared access signature URI is associated with the account key used to create the signature, and the associated stored access policy (if any). If no stored access policy is specified, the only way to revoke a shared access signature is to change the account key.

Answer 4

True

Question 5

What are Stored Access Polices?

Answer 5

Stored access policies give you the option to revoke permissions without having to regenerate the storage account keys. Set the expiration on these very far in the future (or infinite) and make sure it’s regularly updated to move it farther into the future.

Question 6

What is the max characters allowed in a Stored Access Policy for the Unique Signed Identifier?

Answer 6

64 characters

Question 7

What is the max number of access policies (Stored Access Policy) allowed on a container ?

Answer 7

5

Question 8

True/False: To revoke a stored access policy, you can either delete it, or rename it by changing the signed identifier. Changing the signed identifier breaks the associations between any existing signatures and the stored access policy. Deleting or renaming the stored access policy immediately effects all of the shared access signatures associated with it.

Answer 8

True

Question 9

What is the max number of days for a Retention Policy?

Answer 9

356 Days

Question 10

What value do you use if you dont want a retention policy and want to be responsible for deleting the monitoring data when you see fit?

Answer 10

0

Question 11

How are metrics stored in Azure?

Answer 11

in Table Storage of an Azure storage account

Question 12

What is the name of the blob container for diagnostic logs?

Answer 12

$logs

Question 13

Max Size of Storage Analytics?

Answer 13

20TB

Question 14

What is the process to update a Storage Access Key(s)?

Answer 14

1. Update connection sting in app code to reference the second access key.
2. Regenerate Primary Access key for the storage account
3. Update connection strings in code for primary keys
4. regenerate Secondary keys in the same manner.

Question 15

3 Azure CDN Offerings?

Answer 15

Standard Akamai, Standard Verizon, Premium Verizon

Question 16

Default Cache time on CDN?

Answer 16

7 days

Question 17

Default CDN url?

Answer 17

.azureedge.net

Question 18

Why can you Not use SSL if you use a Custom Domain with CDN?

Answer 18

If you use a CNAME, you cannot use SSL because the CDN uses its own single SSL certificate, and this certificate will not match your custom domain/subdomain names.

Question 19

What are the 3 types of Query String Caching for CDN and what do they do?

Answer 19

1. Ignore Query Strings - This is the default mode. The CDN edge node will pass the query string from the requestor to the origin on the first request and cache the asset. All subsequent requests for that asset that are served from the edge node will ignore the query string until the cached asset expires.
2. Bypass caching for URL with query strings - In this mode, requests with query strings are not cached at the CDN edge node. The edge node retrieves the asset directly from the origin and passes it to the requestor with each request.
3. Cache every unique URL - This mode treats each request with a query string as a unique asset with its own cache. For example, the response from the origin for a request for foo.ashx?q=bar would be cached at the edge node and returned for subsequent caches with that same query string. A request for foo.ashx?q=somethingelse would be cached as a separate asset with its own time to live.

Question 20

How is Token Authentication used for Azure CDN?

Answer 20

Allows you to prevent Azure CDN from serving assets to unauthorized clients. This is typically done to prevent “hotlinking” of content, where a different website, often a message board, uses your assets without permission.
It verifies requests are generated by a trusted site by requiring requests to contain a token value containing encoded information about the requester. Content will only be served to requester when the encoded information meet the requirements, otherwise requests will be denied.

Question 21

How long can it take for Azure Verizon CDN options to propagate?

Answer 21

up to 90 minutes

Question 22

What is the CNAME subdomain you need for intermediary verification of your CDN Endpoint?

Answer 22

cdnverify.www or cdnverify.cdn.

Question 23

How can you purge the CDN?

Answer 23

Using the Purge Button in either the CDN endpoint blade or the CDN profile Blade

Question 24

What are the 2 options for Compression with the CDN?

Answer 24

1. Enable compression on your origin server, in which case the CDN will pass through the compressed files and deliver compressed files to clients that request them.
2. Enable compression directly on CDN edge servers, in which case the CDN will compress the files and serve it to end users, even if they are not compressed by the origin server

Question 25

Which feature restricts Azure CDN content by country?

Answer 25

Geo-Filtering

Question 26

How is Geo-Filtering used in Azure CDN?

Answer 26

Set the path of a file/folder to be blocked or allowed based on a Country Code.

Question 27

Default URL for Azure SQL db?

Answer 27

.database.windows.net

Question 28

CLI: Create SQL DB Logical Server

Answer 28

az sql server create

Question 29

CLI: Create SQL DB

Answer 29

az sql db create

Question 30

PS: Create SQL DB Logical Server

Answer 30

New-AzureRmSqlServer

Question 31

PS: Create SQL DB

Answer 31

New-AzureRmSqlDatabase

Question 32

What type of file is used to import/export data and schema into Azure SQL?

Answer 32

.bacpac

Question 33

What type of file is used to import/export schema info Azure SQL or Visual Studio?

Answer 33

.dac

Question 34

What is Active Geo-Replication for Azure SQL?

Answer 34

A database can have up to four readable secondary databases in the regions of your choice. These secondary databases are kept synchronized with the primary database using an asynchronous replication mechanism. This feature is used to protect against business disruption if a data center outage occurs or during an application upgrade. Active geo-replication can also be used to provide better query performance for read-only queries to geographically dispersed users.

Question 35

What is Point-in-Time restore for Azure SQL?

Answer 35

Uses the automated backups function to recover a copy of the database to a known good point in time within your retention period.

Question 36

PS: Restore SQL DB

Answer 36

Restore-AzureRmSqlDatabase

Question 37

What are the 2 Storage options for Azure Backup?

Answer 37

1. Locally redundant storage (LRS) replicates your data three times (it creates three copies of your data) in a paired datacenter in the same region. LRS is a low-cost option for protecting your data from local hardware failures.
2. Geo-redundant storage (GRS) replicates your data to a secondary region (hundreds of miles away from the primary location of the source data). GRS costs more than LRS, but GRS provides a higher level of durability for your data, even if there is a regional outage.

Question 38

What is a Recover Services Vault?

Answer 38

A Recovery Services vault is an online storage entity in Azure used to hold data such as backup copies, recovery points, and backup policies. You can use Recovery Services vaults to hold backup data for Azure services and on-premises servers and workstations.

Question 39

What is Azure Site Recovery?

Answer 39

Azure Site Recovery coordinates virtual-machine and physical-server replication, failover, and failback. It keeps your workloads available (Site Recovery) when outages occur.