Featured Post

Friday, April 10, 2020

Prepration notes for Microsoft Azure 900(AZ-900).



I am sharing these notes which I have created during preparation of AZ-900. These notes are not fully organized as I have created it for myself but then I thought it can help someone. 

Here you can find all the topics and small description and some questions from previous AZ-900 exams.
 High Availability (HA)
The ability of the application to continue running in a healthy state, without significant downtime. By "healthy state," we mean the application is responsive, and users can connect to the application and interact with it.

Scalability
Increase or decrease the resources and services used based on the demand or workload at any given time. Vertical Scaling (aka "scaling up) - add more resources to existing servers. Horizontal Scaling (aka "scaling out) - add more servers.

Vertical Scaling (aka "scaling up")
The process of adding resources to increase the power of an existing server (e.g. adding a faster CPU, additional CPUs, more memory).

Horizontal Scaling (aka "scaling out")
The process of adding more servers that function together as one unit (e.g. adding more servers).

Elasticity
Automatically add or remove resources based on demand.

Cloud Agility
Cloud agility is the ability to rapidly change an IT infrastructure in order to adapt to the evolving needs of the business (e.g. if your service peaks one month, you can scale to demand and pay a larger bill for the month. If the following month the demand drops, you can reduce the used resources and be charged less).

Fault Tolerance
Redundancy is often built into cloud services architecture so if one component fails, a backup component takes its place. This is referred to as fault tolerance and it ensures that your customers aren't impacted when an unexpected accident occurs.

Disaster Recovery
The ability to recover from rare but major incidents: non-transient, wide-scale failures, such as service disruption that affects an entire region. Disaster recovery includes data backup and archiving, and may include manual intervention, such as restoring a database from backup.
Disaster recovery is the process of restoring application functionality in the wake of a catastrophic loss.

Hybrid Cloud is correct because a hybrid cloud is a computing environment that combines a public cloud and a private cloud by allowing data and applications to be shared between them.
  • Lower costs—no need to purchase hardware or software, and you pay only for the service you use.
  • No maintenance—your service provider provides the maintenance.
  • Near-unlimited scalability—on-demand resources are available to meet your business needs.
  • High reliability—a vast network of servers ensures against failure.

Private Cloud is defined as computing services offered either over the Internet or a private internal network and only to selected users instead of the general public.
Also called an internal or corporate cloud, private cloud computing gives businesses many of the benefits of a public cloud - including self-service, scalability, and elasticity - with the additional control and customization available from dedicated resources over a computing infrastructure hosted on-premises. In addition, private clouds deliver a higher level of security and privacy through both company firewalls and internal hosting to ensure operations and sensitive data are not accessible to third-party providers. One drawback is that the company’s IT department is held responsible for the cost and accountability of managing the private cloud.
A private cloud consists of computing resources used exclusively by one business or organization. The private cloud can be physically located at your organization’s on-site datacentre, or it can be hosted by a third-party service provider. But in a private cloud, the services and infrastructure are always maintained on a private network and the hardware and software are dedicated solely to your organization. In this way, a private cloud can make it easier for an organization to customize its resources to meet specific IT requirements. Private clouds are often used by government agencies, financial institutions, any other mid- to large-size organizations with business-critical operations seeking enhanced control over their environment.

Advantages of a private clouds:
More flexibility—your organization can customize its cloud environment to meet specific business needs.
Improved security—resources are not shared with others, so higher levels of control and security are possible.
High scalability—private clouds still afford the scalability and efficiency of a public cloud.
Q A company is planning on using Microsoft Azure Cloud for hosting resources. Which of the following is a key advantage of hosting resources in the Azure private cloud?
Ans. Different departments in your organization can have segmentation of resources defined in Azure.

Public Cloud are the most common way of deploying cloud computing. The cloud resources (like servers and storage) are owned and operated by a third-party cloud service provider and delivered over the Internet. Microsoft Azure is an example of a public cloud.
An organization that hosts its infrastructure in a public cloud can decommission its data center.
IAAS

Regions
·        54 regions. 140 countries
·        All regions are not available to all users. So are reserved for US and China.

Availability Zones
Regions can have multiple availability zones. These are data centre buildings in regions. One region can be good one region can be down. So, availability zones give us flexibility to distributes our service to multiple data centres for maximum availability.

Availability Zones - Unique physical locations within an Azure region, made up of one or more datacentres. there is a minimum of three zones in each region. you can manually place your resources in an availability zone for highest availability.
An Availability Set is a logical grouping capability for isolating VM resources from each other when they're deployed. Azure makes sure that the VMs you place within an Availability Set run across multiple physical servers, compute racks, storage units, and network switches.

Resource groups
Resource Groups - a folder structure in Azure in which you organize resources like databases, virtual machines, virtual networks, or almost any resource.
Resource groups can have security elements we can restrict the user using resource groups.
Management groups à Subscriptions à Resource groups à Resources
Resource groups have no costs associated with them.

Azure resource manager
Azure Resource Manager (ARM) - this is the common resource deployment model that underlies all resource creation or modification. no matter whether you use the portal, powershell or the SDK, the Azure Resource Manager takes those commands and executes them.
Azure Resource Manager is the deployment and management service for Azure. It provides a management layer that enables you to create, update, and delete resources in your Azure subscription. You use management features, like access control, locks, and tags, to secure and organize your resources after deployment.

The benefits of using Resource Manager include:
Manage your infrastructure through declarative templates rather than scripts.
Deploy, manage, and monitor all the resources for your solution as a group, rather than handling these resources individually.
Redeploy your solution throughout the development lifecycle and have confidence your resources are deployed in a consistent state.

Define the dependencies between resources so they're deployed in the correct order.
Apply access control to all services in your resource group because Role-Based Access Control (RBAC) is natively integrated into the management platform.

Q A company needs to deploy several Virtual Machines (VMs).
Each of these Virtual Machines (VMs) will have the same set of permissions.
To minimize the administrative overhead, in which method would you deploy the Azure Virtual Machines?
Ans. Azure resource manager


Azure compute services
Compute Services - a category of services in Azure that provides CPU cycles for rent. Virtual Machines are only one type of compute resource. The Marketplace contains many types of resources, not just compute.

Virtual machine
So, the virtual machine computer model that's infrastructure as a service allows you to have control.
The reason why it's called a virtual machine is because Microsoft has software called a hypervisor that runs on top of their machines and it makes you feel like you have control of an entire machine.
But what in fact it's a machine that's been divided among you and other customers.

Q A company has a set of resources deployed to Azure. They want to make use of the Azure Advisor tool. Would the Azure Advisor tool give recommendations on how to reduce the cost of running Azure Virtual Machines?
Ans. Yes
Q When the virtual machine demovm is stopped, you will still incur costs for the storage attached to the Virtual Machine.
Ans. Yes

Q Could the virtual machine be used to encrypt all traffic from the virtual machine itself to a host on the Internet?
ANS. Yes, you can install roles such as the Remote Access Server for VPN to ensure traffic is encrypted when it flows out of the server.

Virtual machine Scale Sets
The next type of computers is called a scale set and so, if you have, we talked about availability and how you need to have duplicate versions of things. if you've got multiple virtual machines you might want to consider putting them into a scale set. This gives you that elasticity in terms of being able to add and subtract virtual machines from that set.
Elasticity - the ability of a system to automatically grow when maximum capacity is reached, and automatically shrink to minimize waste

App Service
Basically, you're going to package up your code you're going to go into your development tool which might be visual studio but doesn't have to be create your application hit the publish button.
That's going to create a zip file containing our application as well as your app app configure web config files which contain the configuration elements and then that's going to get uploaded into Azure and Azure is going to be able to run that as a web service just based on that.
You don't have to provision virtual machines. You don't have to manage the scaling to that degree.
You can have app services you can create multiple instances and again load balancing would be provided for you. And if the service was to fail it would automatically heal itself et cetera.

Q A company wants to deploy an Artificial Intelligence solution in Microsoft Azure.
The development team wants to have a solution in place that can be used to build, test, and deploy predictive analytics solutions.
Which of the following solutions would satisfy this purpose?
Ans. Azure Machine Learning Studio

Functions
And the last type of computer we'll talk about for now are called Azure functions sometimes called the server list model which means that with an Azure function and a consumption configuration you absolutely.
  • have no control over what servers are running.
  • And even with functions you can code your applications within the browser so you don't even need a development tool although you could use one.
But Microsoft provides you a manager a tester test harness even within that. Functions are small.
They're meant to perform small pieces of work.
If you set that up with a consumption model, then you get a million executions for free.
And so, it's a lot cheaper model but obviously the farther away you go from virtual machines it is almost a new paradigm in terms of the development style the next type of course service that we'll talk about.



Containers
containers are a modern type of deployment style for code. So you take your code, you package it up, you take everything that, that code needs to run into a single container, and then you can deploy that container to your testing environment, to your staging environment, and eventually to your production environment.
Now, Azure container instances are what Microsoft claims is the quickest way to get a container created.

Now the thing about container instances, is they don't have a lot of built in scaling capabilities.


The Azure Kubernetes service is the container service, but it does have those abilities to be elastic, to scale, to scale up, and scale down.
The fully managed Azure Kubernetes Service (AKS) makes deploying and managing containerized applications easy. It offers serverless Kubernetes, an integrated continuous integration and continuous delivery (CI/CD) experience, and enterprise-grade security and governance. Unite your development and operations teams on a single platform to rapidly build, deliver, and scale applications with confidence.
Azure Kubernetes comes under the “Infrastructure as a service” category.

Microsoft Office 365, is the correct answer because Software as a service (SaaS) is a software distribution model in which a third-party provider hosts applications and makes them available to customers over the Internet. SaaS is one of three main categories of cloud computing, alongside infrastructure as a service (IaaS) and platform as a service (PaaS). Office 365  is SaaS, which provides an online version of MS Office Suite (Office Web Apps) along with SharePoint Server, Exchange Server and Lync Server. Windows Azure is both IaaS and PaaS, which makes the Windows Server operating system and other features available as services.

Networking
Virtual Network
Within Azure the virtual machines are connected via virtual networks. This is done entirely by software so you are not actually talking about routers and network hubs as you would in your own environment, but it is virtually those things.

Q A company is planning on setting up a solution in Azure. The solution would have the following key requirement:
- Provide an isolated environment for hosting of Virtual Machines.
Which of the following would be best suited for this requirement?
Ans. Azure Virtual Network
Q A company is planning on setting up a solution in Microsoft Azure.
The solution would have the following key requirement:
- Provide a cloud service that helps to transform data and provide valuable insights on the data itself
Which of the following would be best suited for this requirement?
Ans: Azure data lake analytics

Load Balancer
A load balancer is a network device that distributes traffic according to some algorithm between multiple servers.
So if you have multiple virtual machines, and you want each of them, let's say you have two of them, and you want them to split the traffic 50/50, you're going to need to put a load balancer in front of that in order for traffic to be evenly divided.

VPN Gateway
VPN is called a virtual private network. And if you wanted your, let's say you wanted your virtual machines running on a virtual network, but you do not want them to be accessible by the public, you only want them accessible from your own company, you're going to have to set up a private network between your company and Azure.
So, the opposite of a VPN is the internet. VPN gateway sits on both sides of this private network.
A VPN gateway is a specific type of virtual network gateway that is used to send encrypted traffic between an Azure virtual network and an on-premises location over the public Internet. You can also use a VPN gateway to send encrypted traffic between Azure virtual networks over the Microsoft network. Each virtual network can have only one VPN gateway. However, you can create multiple connections to the same VPN gateway. When you create multiple connections to the same VPN gateway, all VPN tunnels share the available gateway bandwidth.

Application Gateway
Application gateway is a more sophisticated type of load balancer. an application gateway can actually understand the traffic, it is aware of URLs for instance, and you can say, well, if this comes in for this URL, I want this server to handle it, or this group of servers to handle it.
And if the traffic comes to this URL, I want another group of servers to handle it.

Q A company has a VPN device that will be used as Site-to-Site connection from Microsoft Azure to their on-premise location.

Which of the following would be used to represent the VPN device?
Ans. Local network gateway - A Site-to-Site VPN gateway connection is used to connect your on-premises network to an Azure virtual network over an IPsec/IKE (IKEv1 or IKEv2) VPN tunnel. This type of connection requires a VPN device located on-premises that has an externally facing public IP address assigned to it.

Q A company needs to connect their on-premise data center to an Azure Virtual Network using a Site-to-Site connection.
Which of the following would you create as part of this implementation?
Ans. Virtual Network Gateway because with a VPN gateway is a specific type of virtual network gateway that is used to send encrypted traffic between an Azure virtual network and an on-premises location over the public Internet. You can also use a VPN gateway to send encrypted traffic between Azure virtual networks over the Microsoft network. Each virtual network can have only one VPN gateway. However, you can create multiple connections to the same VPN gateway. When you create multiple connections to the same VPN gateway, all VPN tunnels share the available gateway bandwidth.

Content delivery Network
CDN basically a server to keep static file and reduce the number of requests to main server and to increase the performance of the application.
Provide an efficient way to distribute web content to users across the world.

Storage services
Azure Storage - Blob, file, table & queue
Managed disc
Backup and recovery storage account used for storing backup or archiving.
The data disks (VM) are stored in the Blob service of Azure storage accounts.

Q You plan to create an Azure virtual machine.
You need to identify which storage service must be used to store the data disks of the virtual machine.
Ans. Blobs

Databases
Cosmos DB – globally available highly responsive. This is called No SQL storages. You are not storing things in traditional SQL server.
Azure SQL database – relational database. It’s an PaaS service
SQL Server Database Engine and patched OS with 99.99% availability
Azure database for MySQL  - open source
Azure Database for PostgeSQL – open source
Azure database migration service
Azure Synapse Analytics is a limitless analytics service that brings together enterprise data warehousing and Big Data analytics. It gives you the freedom to query data on your terms, using either serverless on-demand or provisioned resources—at scale. Azure Synapse brings these two worlds together with a unified experience to ingest, prepare, manage, and serve data for immediate BI and machine learning needs.
Azure Data Lake is a highly scalable public cloud service that allows developers, scientists, business professionals and other Microsoft customers to gain insight from large, complex data sets. As with most data lake offerings, the service is composed of two parts: data storage and data analytics.
Big data and data analytics
Big Data - a set of open source (Apache Hadoop) products that can do analysis on millions and billions of rows of data; current tools like SQL Server are not good for this scale.
SQL data warehouse – data storage

Q. Provide a data store that can be used to store and perform analytics on petabytes of data?
Azure SQL Data Warehouse because it is a cloud-based enterprise data warehouse that leverages massively parallel processing (MPP) to quickly run complex queries across petabytes of data. Use SQL Data Warehouse as a key component of a big data solution. Import big data into SQL Data Warehouse with simple PolyBase T-SQL queries, and then use the power of MPP to run high-performance analytics. As you integrate and analyze, the data warehouse will become the single version of truth your business can count on for insights.

HDInsight  -  Hadoop most of the services are inside this.
Azure HDInsight is a managed, full-spectrum, open-source analytics service in the cloud for enterprises. You can use open-source frameworks such as Hadoop, Apache Spark, Apache Hive, LLAP, Apache Kafka, Apache Storm, R, and more.
Q HDInsight Provide a cloud service that makes it easy, fast, and cost-effective to analyse massive amounts of data.
Data lake analytics – can store data and analytics runs over it.

Azure Databricks
You can access Azure SQL Data Warehouse (SQL DW) from Azure Databricks using the SQL Data Warehouse connector (referred to as the SQL DW connector), a data source implementation for Apache Spark that uses Azure Blob storage, and PolyBase in SQL DW to transfer large volumes of data efficiently between an Azure Databricks cluster and a SQL DW instance.

Q A company is planning on setting up a solution in Azure. The solution would have the following key requirement:
Gives the ability to host a big data analysis service for machine learning
Which of the following would be best suited for this requirement?
Ans. Azure Databricks

Artificial Intelligence
Azure machine learning service – These are under their cognitive services model the machine learning service be like vision API, speech API things like that language service that convert speech into text. Translate text from one language to another, Recognize faces in the picture, speak text in extremely realistic way, Create text from audio.

Q A company needs to store 2TB of data that will be infrequently used.
The data needs to be accessed via PowerBI.
Choose 2 of the following options the company should consider as cost-effective data storage solutions to fulfill this need.
Ans. Azure Data lake, Azure synapse analytics

Azure Market Place – We have different options from different companies to choose for creating and deploying our apps in azure.
All third-party virtual machine and other offers are shown here.

Internet of things (IOT)
IOT fundaments
An IoT device is not a standard computing device but connects to a network to report data on a regular basis. A web server, a personal computer, or a mobile app is not an IoT device.
IOT hub – let’s say to save step counter you can use IOT hub then you support millions of records per second.

IoT Central
Q A company wants to implement an IoT solution service available in Microsoft Azure.
Which of the following would meet the below requirement?
Provides a fully managed SaaS (software-as-a-service) solution that makes it easy to connect, monitor and manage IoT assets at scale”.
Ans. IoT central
Q A company wants to implement an IoT solution using the service available in Azure.
Which of the following would meet the below requirement?
"Used to analyse data on End user devices”
Ans. IoT Edge
Q A company wants to implement an IoT solution using the service available in Azure.
Which of the following would meet the below requirement?
“Helps provide a powerful data exploration and telemetry tools to help you refine operational analysis”
Ans. Azure Time Series Insights

Serverless
Azure functions
Logic apps - Tie these functions together using a logic app.
Q A company is planning on setting up a solution in Azure. The solution would have the following key requirement:
- Provides a platform for creating workflows
Which of the following would be best suited for this requirement?
Ans. Azure Logic Apps
App grid
Event grid

Azure tools to manage management services
Azure Cloud Shell is an interactive, authenticated, browser-accessible shell for managing Azure resources. It provides the flexibility of choosing the shell experience that best suits the way you work, either Bash or PowerShell.
Azure CLI
Azure CLI is a cross-platform command line tool, that is used to manage and administrate Microsoft Azure.
It doesn’t replace PowerShell but provides an alternative to using managing Azure from the command line.
You can continue using PowerShell, the APIs and the Azure Portal just like before.
Azure CLI provides some tangible benefits over these, especially over PowerShell in that it’s very nimble and can be quickly installed on almost any platform.
PowerShell is its own language, different than CLI

Azure Cloud Shell is correct because the Azure Cloud Shell is an interactive, authenticated, browser-accessible shell for managing Azure resources. It provides the flexibility of choosing the shell experience that best suits the way you work, either Bash or PowerShell.
Tool for android devices.

Q An IT administrator for a company has been given a powershell script.
This PowerShell script will be used to create several Virtual Machines in Azure.
You have to provide a machine to the IT administrator for running the powershell script.
You decide to provide a ChromeOS based machine and use Azure Cloud Shell.
Would this solution fit the requirement?
Ans. Yes because Azure Cloud Shell is an interactive, authenticated, browser-accessible shell for managing Azure resources. It provides the flexibility of choosing the shell experience that best suits the way you work, either Bash or PowerShell, accessible via Chrome.

Azure PowerShell is basically an extension of Windows PowerShell. It lets Windows PowerShell users control Azure's robust functionality. From the command line, Azure PowerShell programmers use preset scripts called cmdlets to perform complex tasks like provisioning virtual machines (VMs) or creating cloud services.

Azure CLI provides a command line and scripting environment for creating and managing Azure resources. The Azure CLI is available for macOS, Linux, and Windows operating systems.
Azure portal (Azure adviser to save some cost)
Also have tool Azure adviser which gives us recommendation to lower cost and improve performance.

Understand Security, Privacy Compliance, and Trust
Azure firewall - the purpose of a firewall is to analyse traffic that is being directed to it and then either reject traffic that doesn't follow the permitted pattern or allow traffic through that does.

So, the purpose of the Azure firewall is to basically block invalid attacks. Now, they could be attempted hacks which are obvious.
Azure firewall is a managed, cloud – based network security service that protects your azure virtual network resources. It’s fully stateful firewall as a service with build in high availability and unrestricted cloud scalability.
We can use to limit amount of inbound traffic.

Q You have an Azure environment that contains 10 virtual networks and 100 virtual machines.
You need to limit the amount of inbound traffic to all the Azure virtual networks.
What should you create?
Ans. Firewall

Azure DDoS (Distributed Denial of Service Attack) protection
Distributed Denial of Service attacks (DDoS) -a type of attack that originates from the Internet that attempts to overwhelm a network with millions of packets of bad traffic that aims to prevent legitimate traffic from getting through.

Q What two types of DDoS protection services does Azure provide? Select two.
Ans. Azure DDos Protection Basic is free, while you can upgrade to Standard for a fee.

Azure active directory is the Azure solution for identity and access management.
Azure AD Identity Protection because Identity this is a tool that allows organizations to accomplish three key tasks:
·        Automate the detection and remediation of identity-based risks.
·        Investigate risks using data in the portal.
·        Export risk detection data to third-party utilities for further analysis.
·        Password synchronization will not work in stage mode.

Q You have two Azure Active Directory (Azure AD) tenants named contoso.com and fabrikam.com.
You have a Microsoft account that you use to sign in to both tenants.
You need to configure the default sign-in tenant for the Azure portal.
What should you do?
Ans. From Azure portal change the directory

Network security group
Now, the network security group is a series of rules that you can apply that allow inbound traffic based on certain rules or prevent outbound traffic based on certain rules.
Inbound NSG rules protect a destination IP address and port. But that is not possible to set up rules when you are having number of web servers and VM’s so for that Azure has introduced Application security group concept.

Network Security Group (NSG) - a fairly basic set of rules that you can apply to both inbound traffic and outbound traffic that lets you specify what sources, destinations and ports are allowed to travel through from outside the virtual network to inside the virtual network
Network Security Groups are used to restrict Inbound and Outbound traffic. It can’t be used to encrypt traffic.

Q A company is planning on deploying a web server and database server as shown in the architecture diagram below.
You have to ensure that traffic restrictions are in place so that the database server can only communicate with the web server.
Which of the following would you recommend for implementing these restrictions?
Ans. Network security groups(NSGs)

User Defined Routes(UDR)
A user defined route allows you to specify the exact path that some traffic needs to travel over your network. For e.g Firewall where you want to route every call to your VM’s to firewall first.
Another use case of this would be if you want traffic to travel over your corporate network to get to the internet. So, if you want to route all calls to your VM’s via your corporate network you do with help UDR.
Force traffic through a firewall or over a corporate network.

Choose an Appropriate Azure security solution
·        All virtual network subnet should use NSG. It’s a strong lock on windows and doors that you don’t use.
·        DDos – as needed or after attacked.
·        Application gateway with WAF (firewall).
·        Security through layers – you should have security in layers. So that if one layer fails other layer come into action.
Subnets is part of network security. Separate servers into distinct subnets by role.

Azure Identity services
Authentication is as user proving who they are – user id and password
Authorization is ensuring that a user is permitted to perform an action.
You can have same access to all users that is admin access it is most simple solution.

Azure active Directory
·        Microsoft guarantees at least 99.9% availability of the Azure Active Directory Basic and Premium services. The services are considered available in the following scenarios:
·        No SLA is provided for the Free tier of Azure Active Directory.
·        Azure Active Directory is a completely managed service. You don’t need to provision any infrastructure to implement Azure Active Directory.
·        You can assign multiple licences for a user in Azure Active Directory.
Following has no impact on cost
·        When you look at the pricing for Azure Active Directory, you can create 5,00,000 objects as part of the free version. These objects include both users and groups.
·        There is no price for network interfaces, so this would not help reduce the cost.

Identity as service (IdaaS)
Now, Azure Active Directory, which is abbreviated as Azure AD, is Microsoft's Identity as a Service solution. So, you're basically, by Microsoft's providing this as a service to you, and they will take over the authentication aspects of your applications.
So, you basically have them log into the user ID and password of the user, validate that, and let you go back to your application and let you know that that's okay. It is Microsoft preferred solution.
Here we have group, group users pre-defined roles and user defined roles and manage permission for users.
Azure AD also provides concept of single sign on. So, in this concept user can use same credentials in multiple applications. It’s centralization of identity.
Microsoft active directory and Azure AD are not exactly same.
Azure AD is specific software that is written for Azure. We can perform Synchronization from corporate directory to Azure AD. So, if user change credentials or new user has been added it will be added in Azure AD by Synchronization.
Azure AD is defined for internet technologies and web protocols. There's a lot of things that, like in corporate AD there's a technology called LDAP, which is a Light Directory Protocol. LDAP is not supported in Azure AD. So there some things which are not supported in Azure AD because of TCP, and HTTP and those protocols.

Azure multifactor authentication
So, in this their username and password as two factors. The third factor can be your phone in which we can contact and verify. We can verify using SMS message.

Security tools and features
Most of the applications has many secrets. The modern way to save the secret in Azure is Azure key vault.
Azure Key Vault - the modern way to store cryptographic keys, signed certificates and secrets in Azure. You can store certificates in the Azure Key vault service.

Economies of Scale
Economies of scale is the ability to do things more efficiently or at a lower-cost per unit when operating at a larger scale (e.g. the ability to acquire hardware at a lower cost than if a single user or smaller business were purchasing it, cloud providers can also make deals with local governments and utilities to get tax savings, lower pricing on power, cooling, and high-speed network connectivity between sites).

Capital Expenditure (CapEx)
CapEx is the spending of money on physical infrastructure up front, and then deducting that expense from your tax bill over time. CapEx is an upfront cost, which has a value that reduces over time.

Operational Expenditure (OpEx)
OpEx is spending money on services or products now and being billed for them now. You can deduct this expense from your tax bill in the same year. There is no upfront cost, you pay for a service or product as you use it.
Azure Security
Physical security
If you're using that computer is in a secure location, it's inside your house, it's inside your office, the doors lock, people aren't just walking up into an into your computer randomly, right, you have Windows screens saver that locks your computer after so many minutes, et cetera. Also, there is physical security of the servers. Like floor and building authentication cards.
Digital security

For Traditional IT when you are running server on your machine you are responsible for physical security of the servers, network and any virtualization.
For Infrastructure as service when you are using azure VMS. You are sharing responsibilities with the cloud provider.
They are handling operating system server, network security or any kind of virtualization. In VM’s you can install any of the application like SQL. it’s your responsibility to handle servers and software’s.
In Platform as a service Azure is responsible for most of the services.

Role-Based Access Control (RBAC)
Role-Based Access Control is what Azure uses to control access to the Azure environment itself. So, they recommend using the same.
We have talked earlier on Layered approach for security. Here is the list of number of layers.
Let take an example of SQL database. So, in this you can implement virtual network endpoint. So that it accessible only to specified IP addresses. And you can also use this azure storage.
If you have web applications, you might put something in front of that web application such as firewall and load balancer.
And if you have api system API management system will act as security layer for API. We can also compute layers.

In Network You can arrange yourself with virtual networks and sub nets.
The concept of perimeter is typically firewalls and that Distributed Denial of Service, service that Azure offers.
Identity & access – we can use Azure AD
Physical layer – building security.
So those are the different layers. And if you can, you know, handle the security in each layer, it makes it a lot tougher for hackers and near dwells to try to access your environment.
Azure does provide a dashboard called Azure Security Center. So as your security center is unified security management, and Advanced Threat Protection,
This is one of the features of Azure Security Centre. In this there is free option and paid option as well.
So as your security center, sort of like the dashboard that analyses your applications, your networks and makes recommendations for that.
Security recommendations provided by security centre

Azure Key Vault
it's a central repository for all your secret secrets, all your certificates and your signing keys. Okay, so if you have an SSL certificate, you can store this within your Key Vault. If you have a API key that a third party vendor has given to you, you can store it there as well. If you have your public private key that you use for signing things, you can have them inside this Key Vault as well. If you are not having access it will be hidden to them.
The trend is to remove secrets from app config and web config and everywhere and add it in key vault so that it will be shown only to person who has access for that.

Azure information protection (AIP)
It is used to protect your documents inside your organization. So, you can decide if document is accessible to all employees or only to managers. You can stop printing of documents or to send them as email.

Azure advance threat protection (ATP)
Advance threat protect is used to monitor the activities of user and if there is any unusual activity is happening in account stop it there. Here we can use MFA. Also, we can send an email to user for this activity.

Q A company wants to make use of Microsoft Azure to deploy various business solutions.
They want to ensure that suspicious attacks and threats to resources within their Microsoft Azure account are prevented.
Which of the following helps prevent such attacks by using built-in sensors in Azure?
Ans. Azure advance threat protection

Azure Advanced Threat Protection because Azure Advanced Threat Protection (ATP) is a cloud-based security solution that leverages your on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization. Azure ATP enables SecOp analysts and security professionals struggling to detect advanced attacks in hybrid environments to:
·        Monitor users, entity behavior, and activities with learning-based analytics
·        Protect user identities and credentials stored in Active Directory
·        Identify and investigate suspicious user activities and advanced attacks throughout the kill chain
·        Provide clear incident information on a simple timeline for fast triage
The term Azure governance covers all your company's policies and procedures that you might have to ensure that your account is kept secure.

Azure policy
In this you can create rules across all the Azure resources or subscriptions.
Azure Policy can add restrictions on storage account SKUs, virtual machine instance types, and rules relating to tagging of resources and groups. It cannot prompt a user to ask them if they are sure.

 If You assign an Azure policy specifying that virtual networks are not allowed resource type in RG1. VNET1 is deleted automatically.
True, you can create custom policies using JSON

Built in policies
You can create policies like which version of SQL is required, allowed storage accounts and allowed regions in which resources can be created, which VM” S can be created. Because some VM’s are very costly. And you can use not allowed resource types.

Policy Initiatives
It’s basically set of policy that are group together. Every resource and resource group must have these five tags.

Tags
Resource Group (RG) will not inherit the same tags because you apply tags to your Azure resources giving metadata to logically organize them into a taxonomy. Each tag consists of a name and a value pair. For example, you can apply the name "Environment" and the value "Production" to all the resources in production.
You can use tagging requirement for billing.

Permissions:
Resources within the Resource Group (RG) also inherit the same permissions.

Role-based Access control (RBAC)
So here either you can user pre-defined roles or you can create your custom roles. In which you can mention which roles access to which resource group. User can have more than one role.
It is not recommended to apply permission to specific user.

Build in Roles in Azure
Reader – read access they can not modify.
Contributor – Allows to create and update resources.
Owner – contributor + allow to assign permission to other users.

Azure Locks
We can use to prevent accidental operations. We have two type of locks.
·        Read only
·        Cannot delete

We can select a resource and add a lock to resource. So before deleting we must lock first.
Using RBAC, you can restrict who has access to locks. So, you can set user can delete the resource but he cannot delete the locks.

Azure adviser & security assistance
This gives you recommendation to improve your security. It runs after few hours and analyse your account. There is security tab also which will give you security warnings.

Azure blueprints
The purpose of Azure Blueprints is that you can create a subscription template that has some roles, some policies, some pre-defined elements to it, and then you can use that template to create other subscriptions.

Azure monitor
Azure monitor gathers events from all sources and add them into log files or count them as metrics. So, if anyone logged into system it will be logged.
Metrics will be something like CPU utilization. Any action in Azure (application, operation system, azure resources, Azure subscription, Azure tenant) has been logged and shown in Azure monitor. And you can get data from the azure monitor using all shown in right in below image.
Azure monitor is centralized collector of logs and metrics across not only your applications but across all of Azure. You can run analysis and alters on some actions.
The company needs to have a solution that will always allow them to know the health of their VMs so they can implement alerts and redundancy. – Azure monitor

Azure Service health
Here are general azure service-related issues are listed. So, if there is issue all azure users will be affected. So, this is not your application specific issue.

Compliance
compliance is a general term that basically means there are standards and rules, either outside of your company, or dictated by your company that you need to follow.

GDPR
GDPR is new set of rules designed to give EU citizens more control over their personal data.
ISO – International standard of Standardization

ISO 9001 – is quality management
ISO 20000 is for service management

NIST Cyber security framework (CSF)
The NIST is the National Institute of Standards and Technology. that's a government entity in the United States.

Azure Government
A dedicated public cloud for federal and state agencies in the United States.

Microsoft security
Azure Trustcenter
Azure Trustcenter is a portal where all azure policies are listed. It has all the polices listed for different regions.

Microsoft Trust Center because within this resource, you can take advantage of more than 90 compliance certifications, including over 50 specific to global regions and countries, such as the US, the European Union, Germany, Japan, the United Kingdom, India, and China.
And, get more than 35 compliance offerings specific to the needs of key industries, including health, government, finance, education, manufacturing, and media. Your emerging compliance needs are covered, too: Microsoft engages globally with governments, regulators, standards bodies, and non-governmental organizations.

Q What type of documents does the Microsoft Service Trust Portal provide?
Ans. A list of standards that Microsoft follows, pen test results, security assessments, white papers, FAQs, and other documents that can be used to show Microsoft's compliance efforts.

Compliance Manager
This tool is provided by Microsoft to review our policies based on compliance. For that you need certain permissions.
Here you can check how well you are compliance.

Azure Government Services
Azure has its own US government portal, which is separate from the public portal.
So, the URL for this portal.azure.us
It is specifically for US government agencies, whether it's federal level, state level, or even local agencies, it's on a separate network. These are isolated data centres separated from public cloud. These must follow certain standards for government services.

Azure Germany services
There is separate system in Germany as well. Data remain in Germany and data centre remain in EU Germany.

Azure China
Microsoft does have data centres in China, and you can deploy virtual machines and other resources into China, but it's not connected to the Azure Global Portal.
So, you have to have a separate account, that's going to be a separate login, the data is isolated, it's not on the same network, it's going to remain in China.

Azure pricing and support

Azure Subscription
The Azure subscription is sort of a fundamental billing unit within Microsoft Azure. Same use can have access to multiple subscriptions. You can choose the subscription and resource.
You can also create multiple subscriptions.

Management groups
Now, this is a way of creating a hierarchy of subscriptions to organize them into a group and then to be able to roll that up into a higher group and roll that up ultimately into a top-level group
So, in this way you can have many different subscriptions.
So, you can create policies, you can have reports up to that level, makes some things a lot easier to manage
by being able to group things in this hierarchical manner.

Q A company has multiple Microsoft Azure subscriptions.
They want to merge the subscriptions into one.
Do they need to contact Microsoft to merge the subscriptions?
Ans. No

Purchase from Microsoft
·        Pay as you go
We must pay end of the month whatever I have used. I can set some restrictions.
 
·        Enterprise Agreement
We can negotiate the cost in this if you are big enough company you can choose this option.

Purchase from a Microsoft Partner
Microsoft cloud solution provider (CSP)
So, they are providing you custom package for you which have support infrastructure and many other features.

Azure free account
For learning you can use azure free account. 200$ balance is given for one month. Some services are free for 12 months (VM’s)
·        Some services are always free.
·        The Azure Free Account gives access to all services in Azure. This is also mentioned in the FAQ section for the Azure Free Account.
·        After a duration of 30 days or if the 200 USD credit gets over, then you have to convert your Free subscription to a Pay-As-You-Go subscription.

Factors affecting the cost
Different services are billed based on different factors.

Free Services
Resource groups,
Virtual network (up to 50),
load balancer(basic),
azure active directory,
Network security groups,
free tier web apps

Pay per usage (consumption model)
So even cheapest virtual machine is $20 per month.
But for azure function 1 million executions are free. And for next 1 million we have to pay $0.20.

Consumption-Based Model - paying for something based on how much you used, as opposed to paying for something no matter if you use it or not.

Pay per usage services
·        Functions
·        Logic apps
·        Storage (Pay per GB)
·        Outbound bandwidth
·        Cognitive service api

Pay for time (per second)
If you going to use VM or CPU we can use pay for time model. Per second billing means billing stops when the VM is stopped.
But you have to pay for storage event VM is stopped.

Stability in pricing
Pay a fixed price per month for computing power or storage capacity whether you use it or not.
Discounts for 1-year or 3-year commitment in VM (reserved instances)

Reserved instances
If you give commitment for 2 years, then cost can be low for VM’s.
Azure Reservation because they help you save money by committing to one-year or three-years plans for virtual machines, Azure Blob storage or Azure Data Lake Storage Gen2, SQL Database compute capacity, Azure Cosmos DB throughput, or other Azure resources. Committing allows you to get a discount on the resources you use. Reservations can significantly reduce your resource costs up to 72% on pay-as-you-go prices. Reservations provide a billing discount and don't affect the runtime state of your resources.
Economies of Scale - the more you buy something, the cheaper it is per unit to buy
Multi-tenant or isolated environment.

Pay for bandwidth
First 5 GB is free - outbound.
5GB > - outbound chargeable.
Inbound data is free

Bandwidth costs
To extract data from azure it is costly as outbound bandwidth is costly.
Zone 1 US & Europe
Zone 2 Asia
Zone 3 Brazil
DE Zone 1 – Germany

Pricing calculator
We have link where we can select country. But it is hard getting 100% accurate cost. You can select your resources and it will give you estimated cost. We can save them export them.
For dev servers we have to pay less.

Total cost of ownership (TCO) calculator
The cost of the server is more than the cost of the hardware. So, you can’t compare only the cost of the hardware. There are many other things are required. Electricity, cooling, Internet connectivity, rack space, Setup labor, Maintenance labor and backup.

Best practices for minimizing Azure costs
Azure adviser cost tab can give you recommendation. Auto shutdown of dev/QA resources.

Utilize cool/archive storage where possible
If we are saving backup and not often used files in storage it can moved to archive it will save 90% of cost.
Hot - Optimized for storing data that is accessed frequently.
Cool - Optimized for storing data that is infrequently accessed and stored for at least 30 days.
Archive - Optimized for storing data that is rarely accessed and stored for at least 180 days with flexible latency requirements (on the order of hours).
When you look at the pricing for Azure BLOB storage, there is a selector for the region. The cost depends on the region the BLOB is located in.
The cost of Azure storage depends on several factors, and one of them includes the number of read and write operations. Total cost of block blob storage depends upon volume of data stored per month.
Configure alters when billing exceeds an expected level
You can set daily and weekly alerts for cost. You can set various custom alters to manage cost.

Auto scaling resources
So, using this resource can grow on demand and can shrink if demand decreases. Downsize when resources are over-provisioned. Ensure every resource has owner (tags)

Azure cost management
Free tool for analysing your historical spending’s. You can have reports automatically send to you. Tacking against budgets, schedule reports. So basically, it will provide you reports and graphs.
Azure Advisor - a tool that will analyse your use of Azure and make you specific recommendations based on your usage across availability, security, performance and cost categories.

Support Plans
Basic support
Self-help support, Documentation, Azure advisor recommendations, Service Health dashboard and Health API.

Developer support
Business hour access to support engineers via email, unlimited contacts / cases, Sev – C Non business critical, one day response time (< 8 hours), general architectural guidance, $29 / month

Standard Support
24 X 7 access to support engineers by phone and email, Unlimited contacts / cases, Sev C support( < 8 hours), Sev B (4 < hours) and sav A(< 1 hour), general architectural guidance, $100 / month

Professional direct support
24 X 7 access to support engineers by phone and email, Unlimited contacts / cases, Sev C support( < 8 hours), Sev B (4 < hours) and sav A(< 1 hour), general architectural guidance on best practices, onboarding and consultation, Delivery manager, $1000 / month

Premier support
24 X 7 access to support engineers by phone and email, Unlimited contacts / cases, Sev C support( < 8 hours), Sev B (4 < hours) and sav A(< 1 hour, < 15 min), specific architectural support such as design reviews, performance tuning, etc , Technical account manager, including service reviews, reporting, on demand training, contact us.
You can get this from help and support. From same menu you open a support ticket.
How to contact support email, phone

Knowledge center
Here you can see most frequently asked questions.

Azure service level agreements (SLA)
You can check on link provided in Azure. So, this is promise for services and if they fail to do that they will give you money guarantee.

Composite SLAs
Multiple SLAs covering
Q A company wants to host an application on a set of Virtual Machines.
The application must be made available 99.99% of the time.
In order to comply with the SLA requirement, what is the minimum number of Virtual Machines required to ensure 99.99% up time to host the application?
Ans. 2

Introducing Redundancy
Assuming that storage account has fully replicated in another region and can fallback to reading from second location. Storage account SLA becomes higher. And total SLA also increased.

Service lifecycle in Azure
Microsoft Azure services normally follow the below life cycle:
- 1st they are deployed in private preview
- 2nd they are released in public preview
- finally, they are finally released to general availability
Preview features are for testing and not for production. If you find problem and you can report. We are not sure preview features will go to production always.
Public preview & private preview for using private preview you have fill form and they will get back to you.

Q A company wants to try out a couple of Microsoft Azure services which are available in public preview.
Is it true that services in public preview can only be used via the Azure CLI interface?
Ans. No

private preview is only available to certain Azure customers for evaluation purposes. The public preview is available to all Azure customers. ... Azure features that have been successfully evaluated and tested will typically be released to customers as part of the generally available product integrated into Azure.
Q Are Azure services in public preview available to all customers?
Ans. Yes

General Availability
When it is available for all after preview and testing. This is go live event.
Anyone can use a GA service. It is fully supported and can be used for production.
Q For tax optimization, which type of expense is preferable?
Operating Expenditure is thought to be preferable because you can fully deduct expenses when they are incurred.
Q Which of the following elements is considered part of the "perimeter" layer of security?
Ans. Firewall is part of the perimeter security.
Q How many regions does Azure have in Brazil?
There is only 1 region in Brazil. It is paired with a region in the United States.
Q A company wants to migrate their current on-premise servers to the cloud utilizing Microsoft Azure.
They require that their servers are running even in the event that a single Data Center goes down.
Which of the following terms best refers to the concept that needs to be implemented to fulfill this requirement?
Ans. Fault tolerance
Q A (fill in the blank) cloud is a computing environment that combines a public cloud and a private cloud by allowing data and applications to be shared between them.
Ans. Hybrid
Q A company is planning on setting up a Pay-as-You-Go subscription within Microsoft Azure.
Would the company have access to the MSDN support forums?
Ans. Yes

Q A company is planning on using an Azure App Service to host their set of web applications with basic plan which support plan will they have.
Ans. The company has the Basic tier service plan.  
Q Does Microsoft automatically provide professional technical support services with the Basic support plan?
Ans. NO

Q A company is planning on migrating their public web site to Microsoft Azure.
Which of the following should the company consider when it comes to hosting their public web site within Microsoft Azure?
Ans: They would need to consider paying a monthly cost for their solution of choice.

Q A company has several resources hosted within Microsoft Azure.
They want to push all the events from various resources into a centralized repository so that the events can be correlated later.
Which of the following services would you use for this requirement?

Ans: Azure Log Analytics because The Azure Log Analytics agent, previously referred to as the Microsoft Monitoring Agent (MMA) or OMS Linux agent, was developed for comprehensive management across on-premises machines, computers monitored by System Center Operations Manager, and virtual machines in any cloud to push logs to a centralized repository for analysis. The Windows and Linux agents attach to an Azure Monitor and store collected log data from different sources in your Log Analytics workspace, as well as any unique logs or metrics as defined in a monitoring solution.

Q This Virtual Machine (VM) was created with the standard settings.
An application is installed on demovm. It now needs to be ensured that the application can be accessed over the Internet via HTTP using a prioritised security rule.
You make modifications to the Azure firewall.
Would this solution fit the requirement?
Ans: No
Explanation
NO, because only “Security Groups” have priority rules to allow inbound and outbound traffic and this CANNOT be done via “Azure Firewall”.

Why would I use an Azure file share versus Azure Blob storage for my data?
Azure Files and Azure Blob storage both offer ways to store large amounts of data in the cloud, but they are useful for slightly different purposes.
Azure Blob storage is useful for massive-scale, cloud-native applications that need to store unstructured data. To maximize performance and scale, Azure Blob storage is a simpler storage abstraction than a true file system. You can access Azure Blob storage only through REST-based client libraries (or directly through the REST-based protocol).
Azure Files is specifically a file system. Azure Files has all the file abstracts that you know and love from years of working with on-premises operating systems. Like Azure Blob storage, Azure Files offers a REST interface and REST-based client libraries. Unlike Azure Blob storage, Azure Files offers SMB access to Azure file shares. By using SMB, you can mount an Azure file share directly on Windows, Linux, or macOS, either on-premises or in cloud VMs, without writing any code or attaching any special drivers to the file system. You also can cache Azure file shares on on-premises file servers by using Azure File Sync for quick access, close to where the data is used.
·        Azure Free Account allows the hosting of up to 10 production resources for free. 


·        For Windows the Azure CLI is installed via an MSI, which gives you access to the CLI through the Windows Command Prompt (CMD) or PowerShell.
·        CLI can be used using command prompt & PowerShell in windows machines.


·        When you create a storage account in Azure, the default replication that is chosen is RA-GRS  and therefore storage accounts automatically replicate data to another region.

Azure AI Bot Service - digital online assistant that provides speech support.
 


·        Azure Traffic Manager is a DNS-based traffic load balancer that enables you to distribute traffic optimally to services across global Azure regions, while providing high availability and responsiveness.

Azure Cost Management
A tool to get current cost incurred on resources.

Total cost ownership
This is used to realize the costs when you move your current infrastructure to Azure.
Azure Dev test lab
- Provide a service that could be used to quickly provision development and test environments.
- Minimize waste on resources with the help of quotas and policies.
Event Grid

- Be able to collect events from multiple sources and then relay them to an application.
Q A company needs to store 2TB of data that will be infrequently used.
The data needs to be accessed via PowerBI.
Choose 2 of the following options the company should consider as cost-effective data storage solutions to fulfil this need.
Ans.

Service bus because Microsoft Azure Service Bus is a fully managed enterprise integration message broker. Service Bus can decouple applications and services. Service Bus offers a reliable and secure platform for asynchronous transfer of data and state.

Q Your company is planning on hosting resources in Azure. Is it possible for outside users to have access to resources in Azure?
Ans. Yes, since Azure has other capabilities in place that can allow other users to access Azure-based resources. For example, Azure has the feature of Azure AD Business to Business collaboration where the users don’t have to be defined in Azure.

  • The Microsoft documentation mentions the following on Azure B2B
  •  For SAAS we can only configure the software.

Q A company wants to start using Microsoft Azure. They want to make use of availability zones within Azure.
Which of the following is associated with the concept of availability zones within Microsoft Azure?
Ans. Data center failure


Q You attempt to create several managed Microsoft SQL Server instances in an Azure environment and receive a message that you must increase your Azure Subscription Limits.
What should you do to increase the limits?
Ans. Create a new support request
If you want to raise the limit or quota above the default limit you have to raise a ticket.
Q You have an Azure subscription named Subscription1 that contains an Azure Log Analytics workspace named Workspace1.
You need to view the error events from a table named Event.
Which query should you run in Workspace1?
Ans. Search in table Event: search in (Event) "error"| take 100
Q You have an Azure Active Directory (Azure AD) tenant named contosocloud.onmicrosoft.com.
Your company has a public DNS zone for contoso.com.
You add contoso.com as a custom domain name to Azure AD.
You need to ensure that Azure can verify the domain name.
Which type of DNS record should you create?
Ans. TXT
After you add your custom domain name to Azure AD, you must return to your domain register and add the Azure AD DNS information from your copied TXT file.
Q Store1 contains a file share named Data. Data contains 5,000 files.
 You need to synchronize the files in Data to an on-premises server named Server1.
Which three actions should you perform?
Ans. Install the Azure file sync agent on server1, register server1, Create a sync group
 Q You have an Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.
You hire a temporary vendor. The vendor uses a Microsoft account that has a sign-in of user1@outlook.com.
You need to ensure that the vendor can authenticate to the tenant by using user1@outlook.com.
What should you do
Ans. From Windows PowerShell, run the New-AzureADUser Cmdlet and specify the “-user pinrciple name”
Since you have hired a temporary vendor, you would give him only temporary access and therefore we create a new Azure Active Directory user using the “New-AzureADUser” cmdlet as shown below and pass the parameter “UserPrincipalName user1@outlook.com
Q You plan to automate the deployment of a virtual machine scale set that uses the Windows Server 2016 Datacenter image.
You need to ensure that when the scale set virtual machines are provisioned, they have web server components installed.
Which two actions should you perform?
Ans. Create a new virtual machine scale set in Azure portal. Modify the extension profile section of the Azure resource manager template.
Q You have an Azure subscription named Subscription1.
You deploy a Linux virtual machine named VM1 to Subscription1.
You need to monitor the metrics and the logs of VM1.
What should you use?
Ans. You can use extensions to configure diagnostics on your VMs to collect additional metric data.
Q You plan to back up an Azure virtual machine named VM1.

You discover that the Backup Pre-Check status displays a statu*s of Warning.

What is a possible cause of the Warning status?
Ans. VM1 does not have the latest version of webappagent.exe
Q You have an Azure virtual machine named VM1. VM1 was deployed by using a custom Azure Resource Manager template named ARM1.json.
You receive a notification that VM1 will be affected by maintenance.
You need to move VM1 to a different host immediately.
Solution: From the Redeploy blade, you click Redeploy. Does this meet the goal?
Ans. Yes
Q You have a public load balancer that balances ports 80 and 443 across three virtual machines.
You need to direct all the Remote Desktop Protocol (RDP) connections to VM3 only.
What should you configure?
Ans. An inbound NAT rule
Option A is CORRECT since, with Load Balancer, you can create an inbound NAT rule to port forward traffic from a specific port of a specific frontend IP address to a specific port of a specific backend instance inside the virtual network. This is also accomplished by the same hash-based distribution as load balancing. Common scenarios for this capability are Remote Desktop Protocol (RDP) or Secure Shell (SSH) sessions to individual VM instances inside the Azure Virtual Network.
Q You plan to use the Azure Import/Export service to copy files to a storage account.
Which two files should you create before you prepare the drives for the import job?
Ans. A drive set CSV file & dataset csv file.
"If Your Azure trial account expired last week. You are now unable to create additional Azure Active Directory (Azure AD) user accounts."

Posted by at 2 comments:
Labels:
Subscribe to: Comments (Atom)