Azure Networking Flashcards
What are the two main components of an Azure virtual network?
The two main components of an Azure virtual network are an address space and subnets.
Explain the difference between static and dynamic IP addresses in Azure VMs.
Static IPs remain the same when a VM is stopped and restarted, while dynamic IPs are released and a new one is assigned upon restart.
Is a public IP address required for an Azure VM? Explain why or why not.
A public IP address is technically optional for an Azure VM. VMs are required to have at least one private IP address.
What is network peering in Azure?
Network peering is private connectivity across one or more Azure virtual networks, staying completely on Microsoft’s private backbone.
What are the key advantages of network peering compared to a VPN connection?
Network peering is faster, less expensive, and simpler compared to VPN, although network peering connections are not encrypted.
What is the primary function of DNS?
The primary function of DNS is to translate domain names into computer IP addresses.
What is the required name for the subnet used by an Azure virtual network gateway?
The required name for the subnet used by an Azure virtual network gateway is “gateway subnet”.
Describe the difference between site-to-site and point-to-site VPN connections.
Site-to-site VPN connects network-to-network, while point-to-site VPN connects network-to-device.
How does ExpressRoute differ from a VPN connection?
ExpressRoute is a private line connection that does not use the public internet, is faster, more private, and significantly more expensive than a VPN.
What is the purpose of a private endpoint for a managed service in Azure?
The purpose of a private endpoint is to provide private IP networking to a managed service within a virtual network, potentially removing or deleting the public-facing endpoint for increased privacy and compliance.
What is an Address Space?
The broad range of private IP addresses assigned to an Azure virtual network.
What is a Dynamic IP Address?
An IP address that is released when a VM is stopped and a new one is assigned when the VM is started again.
What is DNS (Domain Name System)?
A system that translates domain names (like microsoft.com) into IP addresses (like 104.215.148.63).
What is ExpressRoute?
A private, dedicated connection to Microsoft’s network, typically for on-premises locations, that does not traverse the public internet.
What is the Gateway Subnet?
The specifically named subnet required for an Azure virtual network gateway resource.
What is Hybrid Networking?
Connecting on-premises networks to Azure networks.
What is the Local Gateway Resource?
A component of a site-to-site VPN connection that provides remote configuration information.
What is a Managed Service?
A service provided and managed by Microsoft (also known as Platform as a Service or PaaS).
What is Network Peering?
Private connectivity across one or more Azure virtual networks, including those in different regions or subscriptions.
What is a Point-to-Site VPN?
A VPN connection from a network to a single device or laptop.
What is a Private Endpoint?
A managed network interface integrated into a VNet subnet, providing private IP networking to a managed service.
What is a Public Endpoint?
The default public-facing exposure of a managed service.
What are Resource Locks?
A feature used to lock down or freeze changes to Azure resources, including DNS records.
What is a Route-Based VPN?
A more modern type of VPN with advanced capabilities.
