Cloud Architecture Terminologies Flashcards
(182 cards)
1
Q
What are the five aspects of cloud architecture terminology
A, S, E, F, D
A
- Availability
- Scalability
- Elasticity
- Fault Tolerance
- Disaster Recovery
2
Q
_________: Your ability to ensure a service remains available.
A
Availability
3
Q
_____: Your ability to grow or shrink rapidly or unimpeded
A
Scalability
4
Q
The ability to automatically shrink and grow to meet demand
A
Elasticity
5
Q
The ability to prevent a failure
A
Fault Tolerance
6
Q
The ability to recover from a failure
A
Disaster Recovery
7
Q
What is a fundamental aspect of high availability?
A
No single point of failure
8
Q
Types of Scalability
V, H
A
- Vertical scaling
2. Horizontal scaling
9
Q
What is it when you add more capacity (more or bigger processors, more or faster storage) to existing infrastucture?
A
Vertical Scaling (scaling up)
10
Q
What is it when you add more of the same infrastructure (e.g. more servers)?
A
Horizontal Scaling (scaling out)
11
Q
Removing more servers of the same size
A
Scaling in
12
Q
Adding more servers of the same size
A
Scaling out
13
Q
What is an example of horizontal scaling on Azure?
A
Using Azure VM Scale Sets - automatically increase or decrease in response to demand or a defined schedule
14
Q
A physical server wholly used by a single customer
A
Dedicated server
15
Q
Five considerations to having a dedicated server
GUOCS
A
- You have to guess your capacity
- Upgrading will be slow and expensive
- Limited by your operating system
- Multiple apps can result in conflicts in resource sharing
- You have a guarantee to security and privacy and full utilization of underlying resources.
16
Q
This allows you to run multiple ____________ on one machine
A
Virtual Machines, or VMs
17
Q
Software layer that lets you run VMs
A
Hypervisor
18
Q
Five considerations to using a VM
MCOOA
A
- Physical server is used by multiple customers
- You pay for a fraction of the server
- You overpay for underutilized VM capacity
- Limited by the guest operating system you chose
- Multiple apps on a single VM can conflict with each other.
19
Q
You can run multiple _____ within a VM
A
Containers
20
Q
Software layer that allows you to run multiple containers
A
Docker daemon
21
Q
_________ are known as Serverless Compute
A
Functions
22
Q
Four aspects of functions
C, P, CS
A
- You upload a piece of code and choose the amount of memory and duration
- Only responsible for code and data, nothing else
- Only pay for when the code is running, VMs only run when there is code to be executed
- Cold Starts are a side effect
23
Q
This is a grouping of multiple data centers
A
Region
24
Q
Number of Azure regions
A
58 regions in 140 countries
25
A discreet market of two or more regions that preserves data residency and compliance boundaries
Geography
26
The five Azure geographies
| U, G, C, B, M
1. United States
2. Azure Government
3. Canada
4. Brazil
5. Mexico
27
Each region is _____ with another region 300 miles away
Paired
28
This is done with paired regions to ensure no outages
Only one region is updated at a time
29
Some services use paired regions for this
Disaster recovery
30
Some services use paired regions for this
Disaster recovery
31
Azure has these to meet compliance or legal reasons
Specialized regions
32
Name four specialized regions
| D, GV, GI, T
1. US DoD Central
2. US Gov Virginia
3. US Gov Iowa
4. Three undisclosed regions
33
Physical location made up of one or more datacenters
Availability Zone
34
A region will generally have this many Availability Zones
Three
35
____ regions do not have support for availability zones
Alternate or other
36
An availabilty zone in a region has a combination of these two domains
(F, U)
1. Fault
| 2. Update
37
Logical grouping of hardware to avoid a single point of failure in an AZ
Fault Domain
38
_____ domains ensure your resources do not go offline, domains are updated one at a time.
Update domain
39
Logical grouping of VMs that are different fault/update domains to avoid downtime
Availabilty Sets
40
Name six Azure compute services
| V, C, K, S, F, B
1. Virtual Machines
2. Container Services
3. Kubernetes Services
4. Service Fabric
5. Functions
6. Azure batch
41
Most common type of compute service
Virtual Machine
42
Run ______ apps on Azure without provisioning servers or VMs
Azure Container Services
43
Easy to deploy, manage and scale containerized applications
Azure Kubernetes Service (AKS)
44
Easy to package, deploy and manage scalable and reliable microservices
Azure Service Fabric
45
Event-driven, serverless ______ run code with provisioning or managing servers
Azure Functions
46
plans, manages and schedules your ______ processes across 100+ jobs in parallel
Azure Batch Service
47
Name eight storage services
| B, D, F, Q, T, DB, A, DL
1. Blob
2. Disk
3. File
4. Queue
5. Table
6. Data Box
7. Archive
8. Data Lake
48
Store very large sized and volume of unstructured files
Blob Storage
49
Virtual volume, you can choose SSD or HDD
Disk Storage
50
shared volume you can access like a file server, eg SMB
Azure File Storage
51
Data store for reliably delivering messages between application
Azure Queue Storage
52
A NOSQL data store that stores unstructured data without schema
Azure Table Store
53
Briefcase computer designed to move terabytes or petabytes of storage
Azure Data Box
54
Storage that allows you to store any volume or structured or unstructured data
Azure Data Lake
55
Azure Database Services
| C, S, M, SV, S, DM, R, T
1. Cosmos DB
2. SQL Server
3. MySQL/Postgres/Maria
4. SQL Server on VMs
5. Synapse
6. Database Migration Service
7. Cache Redis
8. Table Service
56
Fully managed NOSQL database designed for scale
Cosmos DB
57
fully managed datawarehouse
Synapse
58
Migrates database to the cloud
Azure Database Migration Service
59
frequently used and static data for low latency
Redis
60
Azure Application Integration Services
| N, A, SB, SA, L, AM, Q
1. Azure Notifications Hub
2. API Apps
3. Service Bus
4. Stream Analytics
5. Logic Apps
6. API Management
7. Queue Storage
61
Sends push notifications to any platform from any back end
Azure Notifications Hub
62
Quickly build and consume APIs in the cloud. Routes APIs to Azure Services
Azure API Apps
63
Reliable cloud messaging as a service (MaaS) and simple hybrid integration
Azure Service Bus
64
Serverless, real-time analytics from the cloud to the edge
Azure Stream Analytics
65
Schedule, automate and orchestrate tasks, business processes and workflows. Integration with enterprise SaaS and enterprise applications
Azure Logic Apps
66
Hybrid, multi-cloud management platform for APIs across all environments
Azure API Management
67
data store for queuing and reliably delivering messages between applications
Azure Queue Storage
68
Developer and Mobile Tools
| SS, AS, VS, X
1. SignalR Service
2. App Service
3. Visual Studio
4. Xamarin
69
Real-time messaging service (like Pusher)
Azure SignalR Service
70
Service for deploying and scaling web applications with .NET, node.js, java, python and PHP (like Heroku)
Azure App Service
71
IDE designed for creating apps for Azure
Visual Studio
72
Mobile app framework
Xamarin
73
Azure DevOps Services
| B, P, R, TP, A, DL
1. Boards
2. Pipeline
3. Repos
4. Test Plans
5. Artifacts
6. DevTest Labs
74
Deliver value to your users using proven agile tools to plan, track and discuss work
Azure Boards
75
Build, test and deploy with CI/CD that works with any language, platform, and cloud. Connects to github or any other git provider
Azure Pipelines
76
Unlimited, cloud-hosted git repos and collaborate to build better code with pull requests and advanced file management.
Azure Repos
77
Test and ship too
Azure Test Plans
78
Create, host and share packages with team and add artifacts to CI/CD pipeline
Azure Artifacts
79
Dev test environments
Azure DevTest Labs
80
Allows you to programmatically create Azure resources via JSON template
Azure Resource Manager
81
library of pre-made ARM templates provided by the community and partners to launch new projects for a variety of stack scenarios
Azure Quickstart
82
logically isolated section of the Azure Network where you launch your Azure resources. You choose a range of IPs using CIDR Range
Virtual Network (vNet).
83
range of IP addresses used in a virtual network
CIDR range
84
subnets need to have a CIDR range ________ than the vNet to represent their portion
smaller
85
___ subnet can reach the Internet
Public
86
_____ subnet cannot reach the Internet
Private
87
Cloud-native Networking Services
| D, VN, LB, AG, NSG
1. DNS
2. vNet
3. Load Balancer
4. Application Gateway
5. Network Security Groups.
88
provides DNS responses and high domain availability
Azure DNS
89
logical isolated section of the Azure network for customers to launch Azure resources
Azure Virtual Network
90
OSI Level 4 load balancer
Azure Load Balancer
91
OSI Level 7 load balancer can apply a web application firewall
Azure Application Gateway
92
virtual firewall at the subnet level
Network Security Groups
93
Enterprise/Hybrid Networking Services
| FD, ER, VW, C, VNG
1. Front Door
2. Express Route
3. Virtual WAN
4. Connection
5. Virtual Network Gateway
94
scalable and secure entry point for fast delivery of your global applications
Azure Front Door
95
connection between your on-premise to Azure cloud
Azure Express Route
96
networking service for networking, security and routing
Virtual WAN
97
VPN connection securely connection two Azure local network via IPsec
Azure Connection
98
site-to-site VPN connection between an Azure virtual network and your local network
Virtual Network Gateway
99
operates at the DNS layer to direct incoming DNS requests based on the routing method of your choice
Azure Traffic Manager
100
allows you to host your domains names on Azure
Azure DNS
101
evenly distributes incoming network traffic across a group of backed resources or servers
Azure Load Balancer
102
Two configurations for Azure Load Balancer
Public and private
103
allows you to group together identical VMs and automatically increase or decrease the amount of servers
Scale sets
104
types of scenarios you set up scale sets
| C, S
1. change in CPU, memory, disk and network performance
| 2. predefined schedule
105
network of internet connected objects able to collect and exchange data
IoT Services
106
lot Services
| C, H, E
1. IoT Central
2. IoT Hub
3. IoT Edge
107
connects your IoT devices to the cloud
IoT Central
108
Enables secured communication between IoT application and devices it manages
IoT Hub
109
Allows data processing and analysis nearest the IoT devices
IoT Edge
110
Big Data and Analytics Services
| S, H, D, DLA
1. Synapse
2. HDInsight
3. Databricks
4. Data Lakes Analytics
111
runs SQL queries against large databases for reporting
Azure Synapse
112
analytics software for running Hadoop, Kafka and Spark
HDInsights
113
Spark-based analytics platform
Azure Databricks
114
On-demand analytics job service that simplifies big data
Data Lake Analytics
115
AI/ML Services
1. Azure Machine Learning Service
| 2. Machine Learning Studio
116
service that allows you to run pipelines to automate ML workflows
Azure Machine Learning Service
117
Aspects of Serverless Services
| E, A, M
1. Event-driven scale
2. Abstraction of servers
3. micro billing
118
Serverless Services
| F, B, L, E
1. Functions
2. Blob storage
3. Logic Apps
4. Event grid
119
run small amounts of code as serverless functions in several languages
Azure functions
120
Serverless object storage.
Blob Storage
121
build serverless workflows composed of Azure functions
Logic Apps
122
pub/sub messaging system to allow you to react to events and trigger other cloud services
Event Grid
123
interactive, authenticated, browser-accessible shell for managing Azure resources
Azure Cloud shell
124
command line interface for managing Azure resources
Azure CLI
125
Microsoft Security Development Lifecycle
the SDL is a mandatory MS policy embedding security and privacy in software and culture
126
Azure Security Policies
AP evalulates resources in Azure by comparing the properties of those resources to business rules (Policy Definitions - described in JSON)
127
Azure Role-Based Access Control (RBAC)
| U, G, SP
1. User - individual with a profile in Azure AD
2. Group - set of users in AAD
3. Service Principal - security identity used by applications or services to access specific Azure resources
128
RBAC - Scope
```
set of resources that access for the Role Assignment applies to.
Management Group
- > Subscriptions
-> Resource groups
-> resources
```
129
____ allows organizations to take advantage of Microsoft’s unused capacity with significant cost saving
Spot VMs
130
T/F: Spot VM offers high availability guarantees.
False
131
Spot VMs are great for ...
workloads that can handle interruptions such as batch processing jobs, dev/test environments, large compute workloads, and more.
132
Which of the following help you save money by committing to one-year or three-year plans for multiple products?
Azure reservations
133
A 99.99% VM uptime SLA is offered when ?
two or more VMs are deployed across two or more Availability Zones within an Azure region.
134
a tool that helps in estimating cost savings resulting from migrating workloads to Azure.
Azure Total Cost Ownership (TCO) Calculator
135
business metrics to measure availability as part of an SLA agreement
Mean Time to Recover (MTTR) is the average time it takes to restore a component after a failure.
Mean Time Between Failures (MTBF) is how long a component can reasonably expect to last between outages.
136
is the maximum acceptable time an application is unavailable after an incident.
Recovery time objective (RTO)
137
is the maximum duration of data loss that's acceptable during a disaster.
Recovery point objective (RPO)
138
PREVIEWS ARE PROVIDED
| A, F, Av, S, W
"AS-IS," "WITH ALL FAULTS," AND "AS AVAILABLE," AND ARE EXCLUDED FROM THE SERVICE LEVEL AGREEMENTS AND LIMITED WARRANTY
139
gives the tenant (that is, consumer or customer) maximum control over cloud resources.
IaaS
140
Advantages of a private clouds
| F, S, S
More flexibility: An organization can customize its cloud environment to meet specific business needs.
Improved security: Resources are not shared with others, so higher levels of control and security are possible.
High scalability: Private clouds afford the same scalability and efficiency as a public cloud.
141
Reasons for using private cloud
government agencies, financial institutions, and other midsize to large organizations with business-critical operations seeking enhanced control over their environments.
142
PaaS features
| SL, I, A
Software Licensing - avoid the expense and complexity normally associated with buying and managing software licenses.
Infrastructure - tenants do not need to manage underlying application infrastructure, middleware, container orchestrators (such as Kubernetes), development tools, and other resources.
Application/Service management - allows developers to focus on building and managing their own applications and services, while the cloud service provider typically manages everything else.
143
enables systems to continue operating properly in the event of failure or when there are faults within components.
Fault tolerance
144
__________ application has components running in both Azure and on premises.
A hybrid cloud
145
Azure has three cloud deployment models
Private cloud
Public cloud
Hybrid cloud
146
gives you the tools to plan for, analyze and reduce your spending to maximize your cloud investment.
Cost Management
147
is a service that assesses your organization's current workloads in on-premises datacenters
Azure Migrate
148
allows you to mix and match different combinations of Azure services to see an estimate of the costs.
The Azure pricing calculator
149
is a service that, among other things, identifies virtual machines with low utilization from a CPU or network usage standpoint.
Azure Advisor
150
allow you to prepay for one-year or three-years of virtual machine or SQL Database compute capacity. Pre-paying will allow you to get a discount on the resources you use.
Azure Reservations
151
an analytical service that encompasses enterprise data warehousing and big data analytics.
Synapse
152
Azure Synapse has four components
| T, Sp, P, St
Synapse SQL: Complete T-SQL–based analytics
SQL Pool
SQL On-demand
Spark: Deeply integrated Apache Spark
Synapse Pipelines: Hybrid data integration
Studio: Unified user experience
153
set of data centers deployed within a latency-defined perimeter and connected through a dedicated regional low-latency network
Region
154
personalized cloud consultant that helps organizations follow best practices to optimize Azure deployments
Azure Advisor
155
used to send encrypted traffic between an Azure virtual network and an on-premises location over the public Internet
VPN gateway
156
VPN gateways can be deployed in __________ for resiliency, scalability, and higher availability in virtual network gateways.
Azure Availability Zones
157
allows developers/administrators to run and test small pieces of code (called functions) without the worry of managing infrastructure.
Azure functions environment
158
solution for any scenario that can operate in isolated containers, including simple applications, task automation, and build jobs.
Azure Container Instances
159
scenarios where full container orchestration is needed, (such as service discovery across multiple containers, automatic scaling, and coordinated application upgrades),
Azure Kubernetes
160
container that holds related resources for an Azure solution. A resource group can include all the resources for a solution or only the resources to be managed as a group.
Resource group
161
makes it possible to extend on-premises networks to connect to Azure over a private connection with the help of a connectivity provider
ExpressRoute
162
enables teams of developers to proactively self-manage virtual machines (VMs) and PaaS resources without waiting for approvals.
Azure DevTest Labs
163
personalized cloud consultant that helps organizations follow best practices in optimizing their Azure deployments.
Azure Advisor
164
is an interactive, authenticated, browser-accessible shell for managing Azure resources.
Azure Cloud Shell
165
is a cloud service that helps schedule, automate, and orchestrate tasks, business processes, and workflows to integrate apps, data, systems, and services across enterprises or organizations.
Azure Logic Apps
166
simplifies how organizations design and build scalable solutions for app integration, data integration, system integration, enterprise application integration (EAI), and business-to-business (B2B) communication, whether in the cloud, on premises, or both.
Logic Apps
167
provides a management layer that enables the creation, updating, and deletion of resources in an Azure subscription, which helps to maintain consistency across environments and allows various level of security on groups as well as individual resources in the groups.
Azure Resource Manager (ARM)
168
Azure managed disks are currently available in four disk types:
Ultra Disk
Premium Solid-State Drive (SSD)
Standard SSD
Standard Hard Disk Drive (HDD)
169
service tier is a paid service and provides additional mitigation capabilities over the Basic service tier (which is free) that are tuned specifically to Azure virtual network resources.
The Azure Standard DDoS
170
is a collection of documentation, implementation guidance, best practices, and tools that from Microsoft that is designed to accelerate customer cloud adoption journeys.
The Cloud Adoption Framework
171
is a managed, full-spectrum, open-source analytics service in the cloud for enterprises.
Azure HDInsight
172
has several built-in roles that can be assigned to users, groups, service principals, and managed identities. Role assignments can be used to control access to Azure resources.
Azure role-based access control (Azure RBAC)
173
______________is a cloud platform built on the foundational principles of security, privacy and control, compliance, and transparency. ___________delivers a dedicated cloud that enables government agencies and their partners to transform mission-critical workloads to the cloud.
Azure Government
174
---------- makes it is possible to designate limited administration roles for the purpose of managing identity tasks in less-privileged roles. Administrators can be assigned to manage users, assign administrative roles, reset user passwords, manage user licenses, and manage domain names.
Azure Active Directory (Azure AD),
175
enables Microsoft Azure applications and users to store and use several types of secret/key data,
Azure Key Vault
176
enables a cloud architect or a central information technology group to define a repeatable set of Azure resources that implements and adheres to the organization's standards, patterns, and requirements.
Azure Blueprints
177
Provides customers and partners with easier access to regulatory compliance information.
Azure Trust Center
178
is a tool for bringing together signals, making decisions, and enforcing organizational policies.
Azure Conditional Access
179
is a managed, cloud-based network security service that protects Azure virtual network resources
Azure Firewall
180
are used to filter network traffic to and from Azure resources in an Azure virtual network (VNet). ________contains security rules that allow or deny inbound network traffic to or outbound network traffic from several types of Azure resources.
Azure network security groups (NSGs)
181
provides an integrated environment that is especially built for bot development.
Azure Bot Service
182
is the process of validating that someone is who he or she claims to be.
Authentication
