D084 Cloud Platform Solutions,
Summary
- ANS-"A resource group template is a JSON file that allows you to declaratively describe a
set of resources. These resources can then be added to a new or existing resource group.
For example, a template can contain the configuration necessary to create two API App
instances, a Mobile App instance, and a Document DB instance."
\ - ANS-"An ExpressRoute connection provides connectivity between an on-premises
network and Azure virtual network, using a dedicated connection from a connectivity
provider."
\ - ANS-A VPN gateway can be shared by peered VNets. The peering connections must
enable the settings to Use Remote Gateway (on the peering towards the gateway) and Allow
Gateway Transit (on the peering from the gateway).
\"blobs - ANS-tables, queues, and files",Azure storage accounts provide 4 separate services:
_____. Understand the usage scenarios of each service.
\"general purpose v1 - ANS-general purpose v2 and blob storage",There are 3 kinds of
storage account: _____. The availability of features varies between storage account kinds.
\"Owner - ANS-Contributor, and Reader","Role-based access control (RBAC) allows you to
grant users, groups, and service principals access to Azure resources at the subscription,
resource group, or resource scopes with RBAC inheritance. The three core roles are _____."
\"Standard HDD - ANS-Standard SSD, Premium SSD, Ultimate SSD (in preview)",VM
storage comes in _____. Understanding which tier to choose for capacity and performance
planning is important.
\A single Network - ANS-"By default, peered VNets appear and perform as _____. There is
an option to limit connectivity, in which case NSG rules must be used to define the permitted
connections."
\Access to Storage Accounts - ANS-"_____ can be controlled using several techniques.
Among them are: storage account name and key, shared access signature (SAS), SAS with
access policy, and using the storage firewall and virtual network service endpoints. Access
to blob storage can also be controlled using the public access level of the blob container."
\AD Tenants - ANS-Multiple Azure _____ can be created and managed through Azure. This
includes creating new directories and deleting existing directories.
\ALB Load-Balancing - ANS-"An _____ configuration comprises frontend IP configuration,
backend pool, health probes, and load-balancing rule."
\Alerts - ANS-"You can configure _____ based on metric alerts (captured from Azure
Diagnostics) to Activity Log alerts that can notify by email, voice, web hook, SMS, Logic
Apps, or even an Azure Automation Runbook."
\Alerts - ANS-"You can configure _____ based on metric alerts (captured from Azure
Metrics) to Activity Log alerts that can notify by email, web hook, SMS, Logic Apps, or even
an Azure Automation Runbook."
\Application Security Groups (ASGs) - ANS-IP address ranges can also be specified using
_____. ASGs allow NSG rules to be defined for groups of VMs without needing to allocate
the VMs into separate subnets.
, \Async Blob Copy Service - ANS-You can also use the _____ to copy files between storage
accounts or from outside publicly accessible locations to your Azure storage account.
\Authoritative - ANS-Azure DNS provides an _____ DNS service for hosting Internet-facing
domains.
\Azure AD Identity Protection - ANS-"_____ enables administrators to configuration Azure
AD tenant-wide policies for multi-factor authentication, sign-in risk, and user risk."
\Azure AD Join - ANS-"_____ enables administrators to manage device identity
independently of users. For example, dynamic security groups can be created based on
device attributes and then conditional access policies could be applied to those groups."
\Azure AD Premium P1 or Azure AD Premium P2 licenses - ANS-"Many advanced features
of Azure AD require _____. When considering Azure AD features, administrators need to be
aware of the licensing boundaries."
\Azure Availability Zones - ANS-_____ provide high availability at the data center level.
Azure Availability Sets provide high availability within a data center.
\Azure Backup - ANS-"_____ can be used to protect files and folders, applications, and IaaS
virtual machines. This cloud-based data protection service helps organizations by providing
offsite backups of on-premises servers and protection of VM workloads they have already
moved to the cloud."
\Azure CDN - ANS-_____ can be used to improve web site performance by caching static
data close to the end users. Blob storage can be used as a CDN origin.
\Azure CLI - ANS-DNS zone files are a standard format used to transfer DNS records
between DNS systems. DNS zone files can only be imported into or exported from Azure
DNS by using the _____.
\Azure Diagnostics Agent - ANS-"The _____ can be enabled on Windows and Linux virtual
machines to capture diagnostic, performance, logs and boot diagnostic data."
\Azure Load Balancer (ALB) - ANS-"_____ is a fully-managed, high performance
load-balancing service for TCP and UDP traffic. It operates at the transport layer (OSI Layer
4). Unlike App Gateway, it does not have visibility into application-level traffic."
\Azure Log Analytics - ANS-_____ can consolidate machine data from on-premises and
cloud-based workloads and this data is indexed and categorized for quick searching. Data
can be collected from both Windows and Linux machines.
\Azure Management Groups - ANS-_____ can be used to control policy and RBAC for
multiple subscriptions. _____ enable organizational alignment for your Azure subscriptions
through custom hierarchies and groupings.
\Azure Monitor - ANS-"_____ is a single-pane of glass for accessing Azure metrics, tenant
and resource diagnostic logs, Log Analytics, service health, and alerts."
\Azure Policy - ANS-"______ is a service that lets you create, manage, and apply policy to
Azure resources at a subscription, resource group, or resource level. Policies enforce
different rules over your Azure resources, so those resources remain compliant with your
organization's standards."
\Azure Resource Manager templates - ANS-"You can create resources from the portal,
PowerShell, the CLI tools, and _____. You should understand when to use which tool and
how to configure the resources during provisioning and after provisioning."
\Azure Storage - ANS-"_____ can be managed through several tools directly from Microsoft:
the Azure portal, PowerShell, CLI, Storage Explorer, and AzCopy. It's important to know
when to use each tool."
\Azure Storage Accounts - ANS-"_____ provide 4 separate services: blobs, tables, queues
and files. Understand the usage scenarios of each service."
Summary
- ANS-"A resource group template is a JSON file that allows you to declaratively describe a
set of resources. These resources can then be added to a new or existing resource group.
For example, a template can contain the configuration necessary to create two API App
instances, a Mobile App instance, and a Document DB instance."
\ - ANS-"An ExpressRoute connection provides connectivity between an on-premises
network and Azure virtual network, using a dedicated connection from a connectivity
provider."
\ - ANS-A VPN gateway can be shared by peered VNets. The peering connections must
enable the settings to Use Remote Gateway (on the peering towards the gateway) and Allow
Gateway Transit (on the peering from the gateway).
\"blobs - ANS-tables, queues, and files",Azure storage accounts provide 4 separate services:
_____. Understand the usage scenarios of each service.
\"general purpose v1 - ANS-general purpose v2 and blob storage",There are 3 kinds of
storage account: _____. The availability of features varies between storage account kinds.
\"Owner - ANS-Contributor, and Reader","Role-based access control (RBAC) allows you to
grant users, groups, and service principals access to Azure resources at the subscription,
resource group, or resource scopes with RBAC inheritance. The three core roles are _____."
\"Standard HDD - ANS-Standard SSD, Premium SSD, Ultimate SSD (in preview)",VM
storage comes in _____. Understanding which tier to choose for capacity and performance
planning is important.
\A single Network - ANS-"By default, peered VNets appear and perform as _____. There is
an option to limit connectivity, in which case NSG rules must be used to define the permitted
connections."
\Access to Storage Accounts - ANS-"_____ can be controlled using several techniques.
Among them are: storage account name and key, shared access signature (SAS), SAS with
access policy, and using the storage firewall and virtual network service endpoints. Access
to blob storage can also be controlled using the public access level of the blob container."
\AD Tenants - ANS-Multiple Azure _____ can be created and managed through Azure. This
includes creating new directories and deleting existing directories.
\ALB Load-Balancing - ANS-"An _____ configuration comprises frontend IP configuration,
backend pool, health probes, and load-balancing rule."
\Alerts - ANS-"You can configure _____ based on metric alerts (captured from Azure
Diagnostics) to Activity Log alerts that can notify by email, voice, web hook, SMS, Logic
Apps, or even an Azure Automation Runbook."
\Alerts - ANS-"You can configure _____ based on metric alerts (captured from Azure
Metrics) to Activity Log alerts that can notify by email, web hook, SMS, Logic Apps, or even
an Azure Automation Runbook."
\Application Security Groups (ASGs) - ANS-IP address ranges can also be specified using
_____. ASGs allow NSG rules to be defined for groups of VMs without needing to allocate
the VMs into separate subnets.
, \Async Blob Copy Service - ANS-You can also use the _____ to copy files between storage
accounts or from outside publicly accessible locations to your Azure storage account.
\Authoritative - ANS-Azure DNS provides an _____ DNS service for hosting Internet-facing
domains.
\Azure AD Identity Protection - ANS-"_____ enables administrators to configuration Azure
AD tenant-wide policies for multi-factor authentication, sign-in risk, and user risk."
\Azure AD Join - ANS-"_____ enables administrators to manage device identity
independently of users. For example, dynamic security groups can be created based on
device attributes and then conditional access policies could be applied to those groups."
\Azure AD Premium P1 or Azure AD Premium P2 licenses - ANS-"Many advanced features
of Azure AD require _____. When considering Azure AD features, administrators need to be
aware of the licensing boundaries."
\Azure Availability Zones - ANS-_____ provide high availability at the data center level.
Azure Availability Sets provide high availability within a data center.
\Azure Backup - ANS-"_____ can be used to protect files and folders, applications, and IaaS
virtual machines. This cloud-based data protection service helps organizations by providing
offsite backups of on-premises servers and protection of VM workloads they have already
moved to the cloud."
\Azure CDN - ANS-_____ can be used to improve web site performance by caching static
data close to the end users. Blob storage can be used as a CDN origin.
\Azure CLI - ANS-DNS zone files are a standard format used to transfer DNS records
between DNS systems. DNS zone files can only be imported into or exported from Azure
DNS by using the _____.
\Azure Diagnostics Agent - ANS-"The _____ can be enabled on Windows and Linux virtual
machines to capture diagnostic, performance, logs and boot diagnostic data."
\Azure Load Balancer (ALB) - ANS-"_____ is a fully-managed, high performance
load-balancing service for TCP and UDP traffic. It operates at the transport layer (OSI Layer
4). Unlike App Gateway, it does not have visibility into application-level traffic."
\Azure Log Analytics - ANS-_____ can consolidate machine data from on-premises and
cloud-based workloads and this data is indexed and categorized for quick searching. Data
can be collected from both Windows and Linux machines.
\Azure Management Groups - ANS-_____ can be used to control policy and RBAC for
multiple subscriptions. _____ enable organizational alignment for your Azure subscriptions
through custom hierarchies and groupings.
\Azure Monitor - ANS-"_____ is a single-pane of glass for accessing Azure metrics, tenant
and resource diagnostic logs, Log Analytics, service health, and alerts."
\Azure Policy - ANS-"______ is a service that lets you create, manage, and apply policy to
Azure resources at a subscription, resource group, or resource level. Policies enforce
different rules over your Azure resources, so those resources remain compliant with your
organization's standards."
\Azure Resource Manager templates - ANS-"You can create resources from the portal,
PowerShell, the CLI tools, and _____. You should understand when to use which tool and
how to configure the resources during provisioning and after provisioning."
\Azure Storage - ANS-"_____ can be managed through several tools directly from Microsoft:
the Azure portal, PowerShell, CLI, Storage Explorer, and AzCopy. It's important to know
when to use each tool."
\Azure Storage Accounts - ANS-"_____ provide 4 separate services: blobs, tables, queues
and files. Understand the usage scenarios of each service."
