AZ-IAAS Flashcards Preview

Azure > AZ-IAAS > Flashcards

Flashcards in AZ-IAAS Deck (92):
1

What 4 things should you check when first accessing Azure?

Subscription
Health services
Help and Support
Administrative privileges
Create Dashboard

2

When beginning examining solutions for Azure, where should you start?

Gather Requirements
Proposal and costing
Define network
Define Storage

3

What advantage does hybrid cloud present to a new org that is new to Azure?

smooth trans to cloud and reduced cost as it is now only using resources it needs.

4

What are the two account types you can use to sign into Azure?

Work or school account
Microsoft account

5

What are the three built-in roles?
(Andrew, Sells, Cats)

Account Admin
Service Admin
Co-Admin

6

For security purposes what is the best practice when granting admin access?

Create purpose built account with only the required privileges for use.

7

What are the four support plans?
(Don't, Sell, Playful, Pets)

Developer
Standard
Professional Direct
Premier

8

7 option to provide app and compute based services?
(Andrew, Cant, Sell, Violet, Colored, Cats, Frankly)

Azure App Service
Cloud Services
Service Fabric
Virtual Machines
Containers
Container service
Functions

9

You want to protect against accidental deletions. What feature can you use?

Locks

10

What is the most expensive storage option?

read access geo-redundant

11

What storage tier would you use for infrequently access data?

Cool

12

What storage tier would you use for frequently access data?

Hot

13

What PS command would you use to authenticate to your Azure portal?

Login-AzureRMAccount

14

What PS command would you use to create a VM?

New-AzureRMVM

15

Using the CLI, how would you authenticate to Azure?

az login

16

What command would you use to select a subscription with the CLI?

az account set

17

What would you use in Azure to logically group resources?

resource groups

18

Can you move resources to other regions?

No

19

During move can you make changes to the resource?

No. acloudgacsource and target are locked

20

Can a resource belong to more than one resource group?

No

21

You want to protect your resource against accidental deletion. How would you do that?

locks

22

Resource manager templates are made up of what?

Parameters
Variables
Resources
Outputs

23

What are the 5 RM template functions?

Numeric
String
Array
Deployment Value
Resource

24

What are the six components of azure networking?

Virtual Network
Azure DNS
Application Gateway
Traffic Manager
Express Route
Load Balancer

25

What are the three network connectivity options?

Cross prem
Cross virtual
Virtual GW

26

What are the two Virtual gw options?

VPN
ExpressRoute

27

Which cross-virtual network option would you use for peering in the same region?

VNet peering

28

Which cross-virtual network option would you use for peering in a different region?

VNet 2 Vnet

29

Can NIC be added to an instance post deployment?

Yes

30

What is the max number of NIC that can be configured on an instance?

8

31

describe what the following command will do?
New-AzureRMNetworkInterface -Name AdatumNIC
-ResourceGroupname AdatumRG -Location cenralus -SubnetID $vnet.subnet[0].id -PrivateIPAddress 192.168.0.10

creates a new nic in the AdtumRG resource group in centralUS and assigns a private IP

32

What types of IPs does a LB need?

Public and Provate

33

Can you move VMs between subnets?

Yes, within the same virtual network

34

You need DNS server to resolve on-prem and Azure vnets. Will you use a custom DNS server or Azure DNS?

custom

35

You need a DNS server to provide name resolution for Private DNS domain names. Will you use a custom DNS server or Azure DNS?

Custom

36

You need a DNS server to provide name resolution for between Azure resource manager VMS Will you use a custom DNS server or Azure DNS?

Azure DNS

37

What are the VM tiers?

Basic
Standard

38

What is the max VM disk size?

4 TB

39

When planning a vm deployment, what should be considered?

sizing
availability
storage

40

What is an availability set?

logical grouping of two or more VMs

41

What are managed disks?

eev

42

Can VS and PS use the same commands?

`Yes

43

How do you use ARM template to deploy mult VMs with diff config?

use parameters

44

What virtual network connectivity options are available for cross-prem?

Point-to-Site
Site-to-Site
ExpressRoute

45

What virtual network connectivity options are available for Cross-virtual network?

VNet peering - the same Azure region
VNet-to-VNet - different Azure regions

46

What virtual network connectivity options are available for Virtual gateways?

VPN gateways
ExpressRoute gateways

47

What VPN that connects individual computers to
an Azure virtual network. You must create a VPN connection from each
on-premises computer that you want to connect to the Azure virtual
network.

point-to-site VPN.

48

a VPN that connects an on-premises network
and all its computers to an Azure virtual network. To create this
connection, you must configure a gateway and IP routing in the
on-premises network; it is not necessary to configure individual
on-premises computers.

site-to-site VPN.

49

An connection is a dedicated service that
does not connect across the Internet. Instead, it uses a private connection to Azure datacenters, provided by a network provider. Increases security, reliability, and bandwidth.

Express Route

50

Max number of virtual networks?

500 upon request. Default 50

51

Steps to configure a load balancer?

Assign a front-end IP
Public for an Internet-facing load balancer
Private for an internal load balancer
Assign back-end address pool
Create load-balancing rules
Create inbound NAT rules (optional)
Create health probes

52

What service provides routing and load-balancing services at the application layer, and is commonly known as a layer-7 load balancer

Application gateway

53

What solution is available in Azure, and that can load balance between endpoints that are located in different
Azure regions, hosted providers or even in your
on-premises datacenters.

Traffic Manager

54

What must be configured to provide Name Resolution by using your own DNS server?

Must support dynamic registration of resource
records in DNS

Must have record scavenging switched off. Because
DHCP leases in an Azure virtual network are infinite

Must have DNS recursion enabled

Must be accessible on TCP/UDP port 53 from all
clients

55

Network security group rules consist of:

Name
Direction
Priority
Source
Source port range
Destination
Destination port range
Protocol
Action

56

What would you use to isolate virtual
networks in security zones, create protected screened subnets

Network security group

57

Virtual machine disks size and performance limits?

Size limit: 4TB

Performance limit:
Standard. 60 MBps or 500 8-KB IOPS per disk
Premium. 250 MBps or 7500 256-KB IOPS per disk

58

VM size options?

General purpose:
Balanced CPU-to-memory ratio
A0-A7, Av2, D, Dv2, Dv3, DS, DSv2, Dsv3 series

Compute optimized:
High CPU-to-memory ratio
Fs and F series

Memory optimized:
High memory-to-CPU ratio
D, Dv2, DS, DSv2, Ev3, Esv3, Ms, G, and GS series

Storage optimized:
High-performance disk I/O
Ls series

GPU:
Graphic Processing Unit support
NV and NC series

High performance compute:
Fastest CPUs and optional high-throughput RDMA
H series and A8-A11

59

Managed disks characteristics?


Up to 10,000 disks per region
Storage account performance limits not relevant
Disks of VMs in the same availability set in different stamps
A custom image must be in the same region as VM disks

60

UNManaged disks characteristics?

Up to 200 storage accounts per region
Up to 40 disks per Standard storage account
Storage accounts for VMs in the same availability set might be in the same storage stamp
A custom image must be in the same storage account as VM disks

61

Scaling VMs With managed disks?

With managed disks:
Up to 1000 VMs when using VM Marketplace image
Up to 100 VMs when using custom images





62

Scaling VMs With unmanaged disks?

Up to 100 VMs when using VM Marketplace image
Up to 40 VMs when using custom images (overprovision = $true)
Up to 20 VMs when using custom images (overprovision = $false)
5 fault domains and 5 update domains
Stateless workloads

63

What VM security option:

Encrypt OS and data volumes on Windows and Linux VMs
Integrate with Azure Key Vault
Encrypt by using existing keys

Azure Drive Encryption

64

What VM security option:
Store secrets and keys
Use Azure AD authentication to control access

Azure Key Vault

65

What VM security option:
Restrict access to individual IP addresses
Combine with OS-level protection

Network Security groups

66

What options are available to secure VMs in Azure?

Network Security groups
Azure Key Vault
Azure Drive Encryption

67

What azure service Deploys and manages are integrated into the platform, sites can scale quickly to handle high traffic loads, and the built-in load balancing and traffic manager provide high availability. What should you use?

Azure App Service

68

You're installing a web app and looking for a platfrom
It should use a microservice architecture.
Run on a shared pool of machines and can start small and grow to massive scale with hundreds or thousands of machines as needed.
The service should be stateful and make it easy to consistently and reliably store app state, A
Automatically manages service partitioning, scaling, and availability for you and also supports WebAPI with Open Web Interface for .NET (OWIN) and ASP.NET Core. What should you use?

Service Fabric

69

You have an existing application you need to move to Azure Substantial modifications would be required to run in App Service or Service Fabric. What should you use?

loud compute

70

I need a web front end with background processing and database backend to run business applications integrated with on-premises assets.

Azure App Service

71

I need a reliable way to host my corporate website that scales well and offers global reach.

Azure App Service

72

My application depends on highly customized Windows or Linux environments and I want to move it to the cloud

Virtual Machines is probably the best solution.

73

Commnad to Configure and creates an Azure virtual machine.

New-AzureQuickVM

74

Commnad to create a virtual machine that runs the Windows operating system in an existing service. The cmdlet bases the virtual machine on the specified image. The command specifies the WaitForBoot parameter. Therefore, the cmdlet waits for the virtual machine to start

New-AzureQuickVM -Windows -ServiceName "ContosoService17" -Name "VirutalMachine01" -ImageName "Image07" -Password "password" -AdminUsername "AdminMain" -WaitForBoot

75

What needs to be explicitly enabled in your web app to be used in a SignalR application;

WebSockets

76

What is the default maximum number of storage accounts?

200

77

What is the max size available per standard storage account?

500 TB

78

What is the max size available per premium storage account?

35 TB

79

You must define to following for each storage accout

name
deployment model
performance
kind
Replication
Location
encryption
Secure transfer req

80

What are the storage replication options?

Locally redundant
Zone redundant
Geo Redundant
Read-Access geo-redundant

81

Is storage encryption available when deployed in the classic model?

No

82

large amounts of unstructured data in the form of files,
users can access them through a unique URL.

Blob

83

Blob url format

http://myaccount.blob.core.windows.net/mycontainer/myblob.jpg

84

large amounts of unstructured data in the form of files,
optimized for uploads and downloads.

Block Blobs

85

large amounts of unstructured data in the form of files
optimized for random read and write operations.

Page blobs

86

large amounts of unstructured data in the form of files
for append operations

Append blobs

87

You need a storage solution for partially structured data
without the constraints of traditional relational databases

Table storage

88

You need to provide a temporary messaging store for your developers for a queue to facilitate reliable exchange of messages between individual components of multitier or distributed systems

Queue Storage

89

service allows you to create SMB file shares in Azure just as you would with an on-premises file server. Within each file share, you can create multiple levels of folders to categorize content. Each directory can contain multiple files and folders.

File storage

90

Max size of a file a file storage?

1 TB

91

Max file share size in file storage?

5 TB

92

When MFA is required, when would you need to use an MFA server vs MFA cloud?

If IIS app is used and not published through AZ App Proxy
On Prem AD
Hardware tokens
PIN mode
One time bypass
Cache