AZ-900 Flashcards
(126 cards)
1
Q
What is cloud computing?
A
delivery of services over the internet
2
Q
What is a private cloud?
A
A cloud used by a single entity
3
Q
What is a public cloud?
A
a cloud that is built, controlled, and maintained by a third party provider
4
Q
What is a multi-cloud model?
A
Where you use multiple public cloud providers
5
Q
What is the set of technologies that helps to manage your environment called?
A
Azure Arc
6
Q
What is CapEx?
A
Capital Expenditures
7
Q
What is OpEx?
A
Operational Expenditures
8
Q
Which cloud model uses some datacenters focused on providing cloud services to anyone that wants them, and some data centers that are focused on a single customer?
A
Hybrid Cloud
9
Q
According to the shared responsibility model, which cloud service type places the most responsibility on the customer?
A
IaaS
10
Q
What is vertically scaling in a cloud environment?
A
Gaining new features
11
Q
What is horizontal scaling in a cloud environment?
A
Creating more of what you have deployed
12
Q
Which type of scaling involves adding or removing resources (such as virtual machines or containers) to meet demand?
A
Horizontal Scaling
13
Q
What is characterized as the ability of a system to recover from failures and continue to function?
A
Reliability
14
Q
In IaaS, what is the cloud provider responsible for?
A
physical security, networking, hardware
15
Q
What more does the cloud provider maintain in PaaS when compared to IaaS?
A
operating systems, middleware, development tools, and business intelligence services
16
Q
Which cloud service type is most suited to a lift and shift migration from an on-premises datacenter to a cloud deployment?
A
IaaS
17
Q
What type of cloud service type would a Finance and Expense tracking solution typically be in?
A
SaaS
18
Q
Can Bash be used to control Azure?
A
Yes
19
Q
Can PowerShell be used to control Azure?
A
Yes
20
Q
What is Azure CLI interactive mode?
A
a way to interact with CLI in a way that more resembles an IDE
21
Q
What is a region?
A
a geographical area that contains at least one datacenter
22
Q
What are availability zones?
A
physically separate datacenters within an Azure region
23
Q
Does each availability zone have independent cooling, power, and networking?
A
Yes
24
Q
What is a resource in Azure?
A
a basic building block of Azure. Anything you create is a resource
25
Are all resources required to be in a resource group?
Yes
26
How many resource groups can a resource be a part of?
1
27
What is an Azure subscription?
a unit of management, billing, and scale
28
Must every Azure account have a subscription?
Yes
29
Can an account have multiple subscriptions?
Yes
30
What are the two types of subscription boundaries?
Billing boundary and access control boundary
31
What are resource groups grouped under?
subscriptions
32
What can manage subscriptions?
Management groups
33
What happens to the resources within a resource group when an action or setting at the Resource Group level is applied?
The setting is applied to current and future resources
34
What Azure feature replicates resources across regions that are at least 300 miles away from each other?
Region Pairs
35
Are VM's IaaS, PaaS, or SaaS?
IaaS
36
What are VM scale sets?
Allows you to create and manage a group of identical load balanced VM's
37
What are VM availability sets?
allows you to build a more resilient, highly available environment by staggering updates and having different power and network sources
38
What are the two domains in an availability set
Update domain and fault domain
39
What is Azure Virtual Desktop?
A type of virtual machine that is a desktop and application virtualization service
40
What should you use if you want to run multiple instances of an application on a single host machine?
Containers
41
What are containers?
A virtualization enviroment
42
What is Azure's container orchestration service?
Axure Kubernetes Service
43
What is Azure's container service that has load balancing and scaling?
Azure Container Apps
44
What is Azure functions?
an event driven, serverless compute option that doesn't require maintaining virtual machines or containers
45
What does it mean for a Function to be stateless?
Every time it is triggered, it acts as if it is restarted
46
What does it mean for a Function to be stateful?
Durable functions track prior activity
47
What is Azure App Service?
enables you to build and host web apps, background jobs, mobile back-ends, and RESTful APIs in the programming language of your choice without managing infrastructure
48
What is Azure virtual networking?
enable Azure resources, such as VMs, web apps, and databases, to communicate with each other, with users on the internet, and with your on-prem client computers
49
What does a VPN do?
creates an encrypted tunnel in an untrusted network for two or more trusted networks to commuincate
50
What is a VPN gateway?
a type of virtual network gateway
51
How many VPN gateways can you provision in a virtual network?
one
52
What authentication type is employed for Azure VPN's?
a pre-shared key
53
What are the two types of VPN's in Azure?
policy based and route based
54
What is Azure ExpressRoute?
lets you extend your on-prem networks into the microsoft cloud over a private connection
55
Does your data travel over the public internet with ExpressRoute?
No
56
What is Azure DNS?
Azure DNS is a hosting service for DNS domains that provides name resolution by using MS Azure infrastructure
57
Which Azure Virtual Machine feature staggers updates across VMs based on their update domain and fault domain?
Availability sets
58
Which Azure service allows users to use a cloud hosted version of Windows from any location and connect from most modern browsers?
Azure Virtual Desktop
59
What is Microsoft Entra ID?
a directory service that enables you to sign in and access both Microsoft cloud applications and cloud applications that you develop
60
True or False: Azure always stores multiple copies of your data
True
61
How many times is data replicated in the primary region?
three times
62
What is LRS?
Locally redundant storage replicates your data three times in a single datacenter
63
How many nines of durability is LRS?
11
64
What is the lowest redundancy storage option?
LRS
65
What is ZRS?
Zone redundant storage replicates your data across three different availability zones
66
How many nines of durability does ZRS have?
12 nines
67
What is GRS?
Geo-redudant storage is when there is a LRS in two regions
68
How many nines of durability is GRS?
16 nines
69
What is GZRS?
Geo-zone redundant storage is ZRS in the primary region and LRS in the secondary
70
How many nines of durability is GZRS?
16 nines
71
What is an Azure blob?
a massively scalable object store for text and binary data. Also includes support for big data analytics through Data Lake Storage Gen2
72
What is Azure Files?
managed file share for cloud and on-prem
73
What is Azure Queues?
A messaging store for reliable messaging between applications
74
What is Azure Disks?
block level storage volumes for VMs
75
What is Azure Tables?
A noSQL table option for structured, nonrelational data
76
What are the 4 storage tiers of blob storage?
Hot, cool, cold, and archive
77
What are services that can help you migrate your data to Azure?
Azure migrate or Azure Databox
78
Which is a physical migration service: Azure migrate or Azure Databox?
Azure databox
79
What is AzCopy?
a command line utility that you can use to copy blobs or files
80
Which tool automatically keeps files between an on-premises Windows server and an Azure cloud environment updated?
Azure File Sync
81
What provides a graphical user interface to manage storage solutions?
Azure storage explorer
82
Which Azure Storage service supports big data analytics, as well as handling text and binary data types?
Azure Blob
83
84
What is the on prem identity and access management service on Window servers?
Active Directory
85
Can Active Directory and Entra ID connect?
Yes
86
What is the service that provides managed domain services such as domain join, group policy lightweight directory access protocol (LDAP), and Kerberos/NTLM authentication?
Entra Domain Service
87
Define authentication
the process of establishing the identity of a person, service, or device
88
What is an external identity?
a person, device, service, etc. that is outside of your organization
89
What is the tool Entra ID can leverage to allow or deny access to resources based on identity signals?
Conditional access
90
What is zero trust?
a security model that assumes the worst case scenario and protects resources with that expectation.
91
What are the three guiding principles of Zero Trust?
Verify Explicitly, use least privilege access, assume breach
92
What are all the layers of the Defense in Depth framework?
Physical Security, Identity Access, Perimeter, Network, Compute, Application, Data
93
What is Microsoft Defender for Cloud?
a monitoring tool for security posture management and threat protection.
94
True or False: Microsoft Defender for Cloud can monitor on-prem, hybrid, and multi-cloud environments as well as non-azure resources and resources in other Cloud environments
True
95
Which Microsoft Entra tool can vary the credentials needed to log in based on signals, such as where the user is located?
Conditional Access
96
Which security model assumes the worst-case security scenario, and protects resources accordingly?
Zero Trust
97
A user is simultaneously assigned multiple roles that use role-based access control. What are their actual permissions? The role permissions are: Role 1 - read || Role 2 - write || Role 3 - read and write.
Read and Write
98
What is the pricing calculator?
designed to give you an estimated cost for provisioning resources in Azure
99
What is the Total Cost of Ownership (TCO) calculator?
designed to help you compare the costs for running an on-premises infrastructure compared to an Azure Cloud Infrastructure
100
What is Cost Management?
a tool that provides the ability to quickly check Azure resource costs, create alerts based on resource spend, and create budgets that can be used to automate managent of resources
101
What are the three types of cost alerts?
Budget alerts, credit alerts, and department spending quota alerts
102
What are resource tags?
A way to organize resources
103
What Azure feature can help stay organized and track usage based on metadata associated with resources?
Tags
104
What’s the best method to estimate the cost of migrating to the cloud while incurring minimal costs?
Use the total cost of ownership calculator to estimate expected costs
105
What is microsoft purview?
a family of data governance, risk, and compliance solutions that help you get a single, unified view into your data
106
What service allows you to create, manage, and assign policies that control or audit your resources?
Azure Policy
107
What is a something that will prevent resources from being altered or deleted?
Resource locks
108
What portal provides access to various content, tools, and other resources about Microsoft security, privacy, and compliance practices?
Microsoft Service Trust Portal
109
How can you prevent creation of non-compliant resources, without having to manually evaluate each resource?
Azure Policy
110
What's the best way to prevent inadvertent deletion of a resource?
Azure resource locks
111
What allows you to extend your Azure compliance and monitoring to your hybrid and multi-cloud configurations?
Azure Arc
112
What are ARM templates?
Azure resource manager templates allow you to create resources that are identical to other created from the same JSON template
113
What service helps you manage your Azure, on-premises, and multicloud environments?
Azure Arc
114
What two components could you use to implement a “infrastructure as code” deployment?
Bicep and ARM templates
115
What service evaluates your Azure resources and makes recommendations to help improve reliability, security, performance, and reduce costs?
Azure advisor
116
What is Azure Service Health?
gives you a complete view of your Azure environemnt
117
What is Azure Monitor?
platform for collecting data on your resources, analyzing the data, visualizing the information, and acting on the results
118
What five categories does Azure Advisor address?
reliability, security, performance, operational excellence, cost
119
You receive an email notification that virtual machines (VMs) in an Azure region where you have VMs deployed is experiencing an outage. Which component of Azure Service Health will let you know if your application is impacted?
Resource Health
120
What operating systems does Microsoft supply Azure Virtual Machine images for?
Windows and Linux
121
What is a public endpoint?
Enables access to your data or application form outside the virtual network
122
True or False: Azure PowerShell scripts and Command line Interface scripts are entirely compatible with each other
False
123
True or False: An Azure Storage Account can have both a public endpoint and a private endpoint at the same time.
True
124
What type of documents does the Microsoft Service Trust Portal provide?
A list of documents that Microsoft follows, pen test results, security assessments, white papers, faqs, and other documents that can be used to show Microsoft compliance efforts
125
What affect does using a "read only" resource lock on a Azure Storage Account have?
The storage account cannot have its properties altered but it doesnt affect the data itself
126
What is the purpose of Azure Blueprints?
Allows you to create new subscriptions that already have policies, roles, resource groups, and ARM templates
