Azure
Public, Private and Hybrid Cloud
Q: True or False: Azure is a public cloud, and has no private cloud offerings
Ans: False
Q: If you wanted to simply use Azure as an extension of your own data center, not primarily hosting anything there but using it for extra storage or taking advantage of some services, what hosting model is that called?
Ans: Hybrid
Q: What is the concept of Availability?
Ans:
Availability - what percentage of time does a system respond properly to requests, expressed as a percentage over time
Q: What is the concept of being able to get your applications and data running in another environment quickly?
Ans:
Disaster Recovery - the ability to recover from a big failure within an acceptable period of time, with an acceptable amount of data lost
Q: Which of the following is a good example of a Hybrid cloud?
Ans:
Hybrid Cloud - A mixture between your own private networks and servers, and using the public cloud for some things. Typically used to take advantage of the unlimited, inexpensive growth benefits of the public cloud
Q: What is the concept of paired regions?
Ans:
Paired regions are usually in the same geo (not always) but are the most logical place to store backups because they have a high speed connection and Azure staggers the service updates to those regions
Networking Service
Q: What service does Azure provide as an optional upgrade to protect against DDoS attacks?
Ans:
Azure DDoS Protection Standard
Q: ____________ allows you to use your own domain names for your internal, private Azure virtual machines.
Ans:
Azure DNS private zones provide a simple, reliable, secure DNS service to manage and resolve names in a virtual network without the need to create and manage a custom DNS solution. Use your own domain names and get name resolution for virtual machines within and between virtual networks. Additionally, configure zone names with a split-horizon view to allow a private and a public DNS zone to share the same name
Q: How do you control the traffic flowing between two subnets on the same virtual network?
Ans:
A network security group (NSG) contains a list of Access Control List (ACL) rules that allow or deny network traffic to subnets, NICs, or both. NSGs can be associated with either subnets or individual NICs connected to a subnet. When an NSG is associated with a subnet, the ACL rules apply to all the VMs in that subnet. Traffic to an individual NIC can be restricted by associating an NSG directly to a NIC
Q: Why should you divide your application into multiple subnets as opposed to having all your web, application and database servers running on the same subnet?
Ans:
For security purposes, you should not allow 'port 80' web traffic to reach certain servers, and you do that by having separate NSG rules on each subnet.
Q: _______________ is a service that offers a Windows 10 or Windows 11 virtual machine that runs in the cloud for use as your workstation.
Ans:
Azure Virtual Desktop is a desktop and app virtualization service that runs on the cloud.
Q: Application Gateway contains what additional optional security feature over a regular Load Balancer?
Ans:
Application Gateways also comes with an optional Web Application Firewall (or WAF) as a security benefit
Q: What is a DDoS attack?
Ans:
Distributed Denial of Service attacks (DDoS) -a type of attack that originates from the Internet that attempts to overwhelm a network with millions of packets of bad traffic that aims to prevent legitimate traffic from getting through
Q:Which TWO ways can be used to connect virtual network subnets in two different regions?
Ans:
Virtual networks can be connect by either peering, or with installing network gateway devices on each.
Q: A virtual network must be in the same region as the resources attached to it.
Ans:
Yes, you can only attach a virtual machine to a virtual network in the same region as it.
Q: __________ allows your private virtual network to access Azure services such as Storage, Cosmos DB, and SQL Database privately, allowing you to disable public access.
Ans:
A private endpoint is a network interface that uses a private IP address from your virtual network. This network interface connects you privately and securely to a service that's powered by Azure Private Link. By enabling a private endpoint, you're bringing the service into your virtual network
Q: Which Azure networking solution supports the highest-speed connection between your corporate office and an Azure region near you?
Ans:
Express Route is a direct, private connection from your data center into Azure.
Azure Governance
Q: Your organization has implemented an Azure Policy that restricts the type of Virtual Machine instances you can use. How can you create a VM that is blocked by the policy?
Ans:
You cannot perform a task that violates policy, so you have to remove the policy in order to perform the task
Q: Which of the following scenarios would Azure Policy be a recommended method for enforcement?
Ans:
Azure Policy can add restrictions on storage account SKUs, virtual machine instance types, and rules relating to tagging of resources and groups. It cannot prompt a user to ask them if they are sure
Q: True or false: you can create your own policies if built-in Azure Policy is not sufficient to your needs
Ans:
True, you can create custom policies using JSON
Azure Cost
Q: Which Azure website tool is available for you to estimate the future costs of your Azure products and services by adding products to a shopping basket and helping you calculate the costs?
Ans:
Azure Pricing Calculator lets you attempt to calculate your future bill based on resources you select and your estimates of usage
Q: True or false: Azure charges for bandwidth used <b>inbound</b> to Azure
Ans:
Ingress bandwidth is free. You pay for egress (outbound).
Q: What effect does setting a budget have on a subscription?
Ans:
Budgets in Cost Management help you plan for and drive organizational accountability. They help you inform others about their spending to proactively manage costs, and to monitor how spending progresses over time. You can configure alerts based on your actual cost or forecasted cost to ensure that your spend is within your organizational spend limit. When the budget thresholds you've created are exceeded, only notifications are triggered. None of your resources are affected and your consumption isn't stopped. You can use budgets to compare and track spending as you analyze costs
Q: What makes estimating the cost of an unmanaged storage account difficult?
Ans:
There is a cost for egress (bandwidth out) and it's hard to estimate how many bytes will be counted leaving an Azure network
Q: In Azure, resource tags are ________ that can be associated with each resource.
Ans:
Tags are metadata elements that you apply to your Azure resources. They're key-value pairs that help you identify resources based on settings that are relevant to your organization. If you want to track the deployment environment for your resources, add a key named Environment. To identify the resources deployed to production, give them a value of Production. Fully formed, the key-value pair becomes. Environment = Production.
Azure core products
Q: What hardware device is required to exist or be installed on your company network in order to set up a site-to-site VPN?
Ans:
A VPN Gateway needs to be configured to connect to Azure for a private network to be established
Q: What benefit does a Content Delivery Network (CDN) provide its users?
Ans:
Content Delivery Network - allows you to improve performance by removing the burden of serving static, unchanging files from the main server to a network of servers around the globe; a CDN can reduce traffic to a server by 50% or more, which means you can serve more users or serve the same users faster; SaaS
Q: What types of resources are defined as <br>compute resources</br>?
Ans:
Compute Services - a category of services in Azure that provides CPU cycles for rent. Virtual Machines are only one type of compute resource. The Marketplace contains many types of resources, not just compute
Q: How does the use of availability zones improve the availability of your application?
Ans:
Azure availability zones are physically and logically separated datacenters with their own independent power source, network, and cooling. Connected with an extremely low-latency network, they become a building block to delivering high availability applications
Q: What is the best criteria to decide what resources go into the same resource group?
Ans:
A resource group is a container that holds related resources for an Azure solution. The resource group can include all the resources for the solution, or only those resources that you want to manage as a group. You decide how you want to allocate resources to resource groups based on what makes the most sense for your organization. Generally, add resources that share the same lifecycle to the same resource group so you can easily deploy, update, and delete them as a group
Q: What is the most number of virtual machines that can me managed under a single Virtual Machine Scale Set?
Ans:
Up to 1000 virtual machines can be managed under a single VMSS
Q: What types of files can a Content Delivery Network speed up the delivery of?
Ans:
Q: What Azure resource allows you to evenly split traffic coming in and direct it to several identical virtual machines to do the work and respond to the request?
Ans:
This is the core feature of either a Load Balancer or Application Gateway
Q: What Azure product allows you to auto-scale virtual machines from 1 to 1000 instances, and also provides load balancing services built in?
Ans:
Virtual Machine Scale Sets - these are a set of identical virtual machines (from 1 to 1000 instances) that are designed to auto-scale up and down based on user demand; IaaS
Azure Identity Service
Q: What is the advantage of "password less authentication" over "password plus multi-factor authentication"?
Ans:
Password less authentication provides a higher level of convenience over the password/MFA style of authentication. Security is similar between them
Q: Which feature of Azure AD allows you to restrict access to a resource based on the geographical location of the user?
Ans
Conditional Access allows administrators to create rules around who is and is not allowed access to a resource, based on a number of available signals
Q: How do you invite a person who is not an employee of your company to use one of your applications protected by Azure Active Directory?
Ans:
With Azure AD B2B collaboration, you can invite anyone to collaborate with your organization using their own work, school, or social account.
Q: What is Azure's preferred Identity/authentication service?
Ans:
Azure Active Directory (Azure AD) - Microsoft’s preferred Identity as a Service solution
Q: TRUE OR FALSE: Through Azure Active Directory one can control access to an application but not the resources of the application.
Ans:
Azure AD can control the access of both the apps and the app resources.
Q: How does Multi-Factor Authentication make a system more secure?
Ans:
Multi-Factor Authentication (MFA) - the concept of having something additional to a password" that is required to log in; passwords are find-able or guessable; but having your mobile phone on you to receive a phone call, text or run an app to get a code is harder for an unknown hacker to get
Q: Which Azure service can be enabled to enable Multi-Factor Authentication for administrators but not require it for regular users?
Ans:
Privileged Identity Management can be used to ensure privileged users have to jump through additional verification because of their role.
Q: What software is used to synchronize your on premises AD with your Azure AD?
Ans:
AD Connect is used to synchronize your corporate AD with Azure AD
Q: TRUE OR FALSE: Azure Tenant is a dedicated and trusted instance of Azure Active Directory that's automatically created when your organization signs up for a Microsoft cloud service subscription.
Ans:
Yes, Azure Tenant is a dedicated and trusted instance of Azure AD that's automatically created when your organization signs up for a Microsoft cloud service subscription.
Q: Why is a user id and password sometimes not enough to prove someone is who they say they are?
Ans:
The truth is that someone can find a way to get a user id and password, even guess it, and that can be used by another person. For more information on other ways to prove self-identification such as Multi-Factor Authentication:
Q: Select the way(s) to increase the security of a traditional user id and password system?
Ans:
Q: Select all features part of Azure AD?
Ans:
Q:In what way does Multi-Factor Authentication increase the security of a user account?
Ans:
MFA requires that the user have access to their mobile phone for using SMS or an app
Q: What services does Azure Active Directory Domain Services (AD DS) provide?
Ans:
Azure Active Directory Domain Services (Azure AD DS) provides managed domain services such as domain join, group policy, lightweight directory access protocol (LDAP), and Kerberos/NTLM authentication. You use these domain services without the need to deploy, manage, and patch domain controllers (DCs) in the cloud
Q: Which of the following is the primary benefit of single-sign on (SSO)?
Ans:
It might be that single sign-on reduces helpdesk costs and development costs (but that's not guaranteed I guess). The main benefit is for the users not having to know multiple passwords for work applications, and being able to manage all application passwords from a single master source.
Q: Which of the following is an example of password less authentication? Choose all that apply.
Ans
Q: Which feature of Azure Active Directory will require users to have their mobile phone in order to be able to log in?
Ans:
Multi-Factor Authentication (MFA) - the concept of having something additional to a “password” that is required to log in; passwords are find-able or guessable; but having your mobile phone on you to receive a phone call, text or run an app to get a code is harder for an unknown hacker to get
Q: An IT administrator has the requirement to control access to a specific app resource using multi-factor authentication. What Azure service satisfies this requirement?
Ans:
You can use Azure AD to control access to your apps and your app resources, based on your business requirements. In addition, you can use Azure AD to require multi-factor authentication when accessing important organizational resources.
Q:What is Single Sign-On?
Ans:
Single Sign-On - the ability to use the same user id and password to log into every application that your company has; enabled by Azure AD
Azure Subscription
Q: What Azure tool gives you the ability to manage multiple subscriptions into nested hierarchies?
Ans:
Management Groups - a hierarchy of subscriptions; can have many subscriptions, and group them, and put those groups into other groups
Q: What would be a good reason to have multiple Azure subscriptions?
Ans:
Having multiple subscriptions can technically be done for any reason, but it only makes sense if you have to separate billing directly, or have actual clients logging into the Portal to manage their resources.
Q: Each person has their own user id and password to log into Azure. But how many subscriptions can a single account be associated with?
Ans:
There is not a limit to the number of subscriptions a single user can be included on.
Q: True or false: You cannot have more than one Azure subscription per company
Ans
You can have multiple subscriptions, as a way to separate out resources between billing units, business groups, or for any reason you wish
Q: What is an Azure Subscription?
Ans:
Subscription is the level at which things get billed. Multiple users can be associated with a subscription at various permission levels
Monitoring
Q: Which tool within Azure is comprised of : Azure Status, Service Health and Resource Health?
Ans:
Azure Service Health - lets you know about any Azure-related service issues including region-wide downtime
Q: Which feature within Azure alerts you to service issues that happen in Azure itself, not specifically related to your own resources?
Ans:
Azure Service Health - lets you know about any Azure-related service issues including region-wide downtime
Q: True or false: Azure Monitor allows you to monitor activity logs from Azure Active Directory.
Ans:
You can route Azure Active Directory (Azure AD) activity logs to several endpoints for long term retention and data insights. Using this feature, you can send Azure AD activity logs to Azure Monitor logs to enable rich visualizations, monitoring and alerting on the connected data
Q: If you wanted to get an alert every time a new virtual machine is created, where could you create that?
Ans:
The best place to track events at the resource level is Azure Monitor
Q: Besides Azure Service Health, where else can you find out any issues that affect the Azure global network that affect you?
Ans:
Each Virtual Machine has a Resource Health blade
Q: What type of container is used to collect log and metric data from various Azure Resources?
Ans:
Log Analytics Workspace is required to collect logs and metrics
Q: Which feature within Azure collects all of the logs from various resources into a central dashboard, where you can run queries, view graphs, and create alerts on certain events?
Ans:
Azure Monitor - a centralized dashboard that collects all the logs, metrics and events from your resource
Core Azure components
Q: True or false: A resource group must be in the same region as the resources inside of it.
Ans:
No, a resource group does not have to be in the same region as the resources inside of it. A resource group is a logical grouping, not a physical one.
Q: The term ______________ is used to describe a relationship between two regions within the same geographic region for disaster recovery purposes.
Ans:
Azure pairs each region with another region, to provide additional high-availability options for customers. You're not restricted to storing your backups in other regions, but if you choose to do so in the region paired to your main region you'll get some benefits.
Q: Which ways does the Azure Resource Manager model provide to deploy resources?
Ans:
All of those ways can be used to deploy or manage resources using ARM
Q: What are Azure Availability Zones?
Ans:
Availability Zones - Unique physical locations within an Azure region, made up of one or more datacenters; there is a minimum of three zones in each region; you can manually place your resources in an availability zone for highest availability
Q: The term ______________ represents a physically separate location within a region. It could be a data center or a group of closely connected data centers.
Ans:
Azure availability zones are physically separate locations within each Azure region that are tolerant to local failures. Failures can range from software and hardware failures to events such as earthquakes, floods, and fires. Tolerance to failures is achieved because of redundancy and logical isolation of Azure services. To ensure resiliency, a minimum of three separate availability zones are present in all availability zone-enabled regions.
Storage System
Q: Which storage access tier is the MOST EXPENSIVE to store files per GB?
Ans:
Premium storage tier is around $0.15/GB at the current time, well above the $0.02/GB of the hot tier
Q: __________ is a command-line utility that you can use to copy blobs or files to or from a storage account
Ans:
AzCopy is a command-line utility that you can use to copy blobs or files to or from a storage account
Q: What software, using an intuitive interface, can be downloaded for Windows, macOS or Linux that helps you manage your Azure cloud storage resources from your desktop?
Ans:Azure Storage Explorer can help you upload, download, and manage Azure Storage blobs, files, queues, and tables, as well as Azure Data Lake Storage entities and Azure managed disks. Configure storage permissions and access controls, tiers, and rules.
Q: What is the most common and recommended type of storage account?
Ans:
General purpose v2 is the standard storage account type for blobs, file shares, queues, and tables. Recommended for most scenarios using Azure Storage
Q: Which type of Azure storage supports the Server Message Block (SMB) protocol and the Network File System (NFS) protocol for accessing files?
Ans:Azure Files offers two industry-standard file system protocols for mounting Azure file shares: the Server Message Block (SMB) protocol and the Network File System (NFS) protocol, allowing you to pick the protocol that is the best fit for your workload.
Q: Geo-redundant storage (GRS) stores how many copies of your file?
Ans:Geo-redundant storage (GRS) copies your data synchronously three times within a single physical location in the primary region using LRS. It then copies your data asynchronously to a single physical location in the secondary region. Within the secondary region, your data is copied synchronously three times using LRS
Q: Of the following types of data, which type is best suited for the archive storage tier?
Ans:The Archive tier is an offline tier for storing data that is rarely accessed. The Archive access tier has the lowest storage cost, but higher data retrieval costs and latency compared to the Hot and Cool tiers
Q: Which storage access tier is the LEAST EXPENSIVE to store files per GB?
Ans:
Archive storage tier is around $0.002/GB at the current time, well below the $0.02/GB of the hot tierQ: Which Azure storage migration option involves Microsoft shipping you a hard drive for you to copy your files to, after which you ship the hard disk back to them for them to upload to your account?
Ans:Use Data Box family of products such as Data Box, Data Box Disk, and Data Box Heavy to move large amounts of data to Azure when you’re limited by time, network availability, or costs.
Azure Management Tools
Q: _______________ allows you to manage Windows and Linux machines running on-premises or in other cloud providers, as if they were Azure VMs.
Ans:Azure Arc-enabled servers lets you manage Windows and Linux physical servers and virtual machines hosted outside of Azure, on your corporate network, or other cloud provider. This management experience is designed to be consistent with how you manage native Azure virtual machines, using standard Azure constructs such as Azure Policy and applying tags
Q: Can you give someone else access to your Azure subscription without giving them your user name and password?
Ans:Yes, anyone can create their own Azure account and you can give them access to your subscription with granular control as to permissions
Q: What feature within Azure will make recommendations to you about reducing cost on your account?
Ans:Azure Advisor analyzes your account usage and makes recommendations for you based on its set rules
Q: What is the basic way of protecting an Azure Virtual Network subnet?
Ans:
Network Security Group (NSG) - a fairly basic set of rules that you can apply to both inbound traffic and outbound traffic that lets you specify what sources, destinations, and ports are allowed to travel through from outside the virtual network to inside the virtual network
Q: What is the MAIN management tool used for managing Azure resources with a graphical user interface?
Ans:Azure Portal is the website used to manage your resources in Azure
Q: What is the benefit of using Powershell over CLI
Ans:There is no benefit, only a matter of personal choice
Q: True or false: Azure Cloud Shell allows access to the Bash and PowerShell consoles in the Azure Portal
Q: Which free Azure security service checks all traffic travelling over a subnet against a set of rules before allowing it in, or out.
Q: What is the benefit of using a command line tool like PowerShell or CLI as opposed to the Azure portal?
Q: True or False: Azure has the responsibility to manage the hardware in the Infrastructure as a Service model
Q: Outlook 365 is what type of hosting model?
Q: Why are Azure App Services considered Platform as a Service?
Q: Which of the following cloud computing models requires the highest level of involvement in maintaining the operating system and file system by the customer?
Q: Who is responsible for the security of the physical servers in an Azure data center?
Q: Which of the following elements is considered part of the <b>perimeter</b> layer of security?
Q: Which Azure service is the recommended Identity-as-a-Service offering inside Azure?
Q: Windows servers use 'remote desktop protocol' (RDP) in order for administrators to get access to manage the server. Linux servers use SSH. What is the recommendation for ensuring the security of these protocols?
Q: One of the three core principles of the Zero Trust model of security is:
Q: Which Azure service is meant to be a security dashboard that contains all the security and threat protection in one place?
Q: Who is responsible for the security of your Azure Storage account access keys?
Q: What is the name of Azure's hosted SQL database service?
Q: What does it mean that security is a <b>shared model<b> in Azure?
Q: ____________ is the strategy of layering multiple security defenses on top of each other to provide stronger protection than any single defensive mechanism alone.
Q: Which of the following Azure features is most likely to deliver the most immediate savings when it comes to reducing Azure costs?
Q: What type of documents does the Microsoft Service Trust Portal provide?
Q: Where can you go to see what standards Microsoft is in compliance with?
Q: True or false: You can run a containerized application on a virtual machine.
Q: When deploying a virtual machine into an availability set, how does Azure treat that VM differently?
Q _______________ are isolated (single-tenant) environments where you can deploy one or more Azure App Services on your own virtual network.
Q: True or false: You can create a virtual machine without attaching it to a virtual network.
Q: Paying per GB for an unmanaged storage account is an example of what type of cloud pricing model?
Q: How many minutes per month downtime is 99.99% availability?
Q: What is the core problem that you need to solve in order to have a high-availability application?
Q: What two advantages does cloud computing elasticity give to you
Q:The speed of an Azure Event Hub is determined by the number of Throughput units you reserve for it. You can set between 1 and 20 throughput units for the Event Hub. How fast does 1 throughput unit represent for data coming in to an Event Hub?
Ans:
1 MB per second or 1000 events per second (whichever comes first)
Q:Which of the following statements describes the type of data that can be retrieved using Microsoft Graph?
Ans:
Microsoft Graph is the gateway to data and intelligence in Microsoft 365. It provides a unified programmability model that you can use to access the tremendous amount of data in Microsoft 365, Windows 10, and Enterprise Mobility + Security. Microsoft Graph exposes REST APIs and client libraries to access data on the following Microsoft cloud services: (A) Microsoft 365 core services: Bookings, Calendar, Delve, Excel, Microsoft 365 compliance eDiscovery, Microsoft Search, OneDrive, OneNote, Outlook/Exchange, People (Outlook contacts), Planner, SharePoint, Teams, To Do, Workplace Analytics. (B) Enterprise Mobility and Security services: Advanced Threat Analytics, Advanced Threat Protection, Azure Active Directory, Identity Manager, and Intune. (C) Windows 10 services: activities, devices, notifications, Universal Print. (D) Dynamics 365 Business Central.
Q:Which ASP.NET language is cross-platform and can run on both Windows and Linux Web Apps?
Ans:
ASP.NET Core is a cross-platform version of ASP.NET. Ruby and Python are only natively supported on Linux. ASP.NET 4 is only supported on Windows
Q:Why would someone prefer a Consumption-based pricing model as opposed to a Time-based pricing model?
Ans:
Consumption-Based Model - paying for something based on how much you used, as opposed to paying for something no matter if you use it or not.
Non relational data management
Q: Generally speaking, regardless of which region, which is the lowest cost redundancy option for Blob Storage?
Q:When deploying an Azure Storage account, and you choose Locally Redundant Storage (LRS), how many copies of your data does Azure keep?
Q:Which operating systems can mount an external drive using Azure File Share?
Q:When deploying an Azure Storage account, and you choose Zone Redundant Storage (ZRS), how many copies of your data does Azure keep?
Ans: 3
Azure Storage always stores multiple copies of your data so that it is protected from planned and unplanned events, including transient hardware failures, network or
power outages, and massive natural disasters. Redundancy ensures that your storage account meets its availability and durability targets even in the face of failures.
Zone-redundant storage (ZRS) copies your data synchronously across three Azure availability zones in the primary region. For applications requiring high availability,
Microsoft recommends using ZRS in the primary region, and also replicating to a secondary region.
Q:All Azure data resources (Cosmos DB, SQL Database, Redis Cache, etc) must belong to one and only one.... ?
Ans: Each resource can exist in only one resource group. However, you can move a resource from one resource group to another group. The resources inside the resource group do not have to exist in the same region as the resource group.
Q:When deploying an Azure Storage account, and you choose Geo Redundant Storage (GRS), how many copies of your data does Azure keep?
Ans: 6
Azure Storage always stores multiple copies of your data so that it is protected from planned and unplanned events, including transient hardware failures, network or power outages, and massive natural disasters. Redundancy ensures that your storage account meets its availability and durability targets even in the face of failures. Geo-redundant storage (GRS) copies your data synchronously three times within a single physical location in the primary region using LRS. It then copies your data asynchronously to a single physical location in the secondary region. Within the secondary region, your data is copied synchronously three times using LRS.
Azure App Service
Q:You have an Azure App Service, with a WebJob. The WebJob is supposed to run continuously, but sometimes stops running as the App Service is unloaded when there are not enough incoming visitors. What can you do to ensure the App Service is never unloaded?
Q:What type of App Service log files store the web server logs?
Q:What is an App Service Plan?
Ans:
In App Service (Web Apps, API Apps, or Mobile Apps), an app always runs in an App Service plan. In addition, Azure Functions also has the option of running in an App Service plan. An App Service plan defines a set of compute resources for a web app to run. These compute resources are analogous to the server farm in conventional web hosting. One or more apps can be configured to run on the same computing resources (or in the same App Service plan)
Q:You have an App Service with several instances. You notice the setting ARR Affinity is enabled on the General Settings page. What does ARR Affinity do when enabled?
Q:Azure App Service has options to scale up and scale out. What does scaling out an app do?
Q:What is the Azure CLI command to do live streaming of application log files?
Q:Once you enable App Service Logging in the Azure Portal, how long does Azure keep it on?
Q:Azure App Service has options to scale up and scale out. What does scaling up an app do?
Q:You have five applications installed on a single App Service Plan. Each application has two deployment slots - production and staging. You have scaled the plan out to three instances. How many VMs are running to support this?
Q:What is the URL for the Azure App Service Kudu companion app?
Q:You have a Python app running in an Azure App Service, and need to insure that it is running on Python 3.8. Where in the Azure Portal do you set the Python version for an App Service?
Q:Your Azure Web App is currently throwing a 500 server error when viewed. You'd like to see more detail on the error. In order to accomplish this, what app setting do you need to set, and to what value?
Q:What is the REST API command for uploading a ZIP file into an Azure App Service using the Kudu SCM endpoint?
Q:You have one application installed in an App Service Plan Standard S1 Tier. You have manually scaled it out to two instances. This application also has one WebJob running in the background to support it. How many VMs are running to support this?
Q:What is the engine behind Azure App Service source control based deployment, and other deployment methods like ZIP file upload?
Q:You have created a web app called TestWebApp in the West US region. Sometime after creating it, you decide you'd rather this web app run in the East US region. How do you move a Web App to a new region?
Q: What is the Azure CLI command to download application log files to the local disk?
Ans:
az webapp log download allows you to download the logs to your local disk.
Q: For Windows App Services, where can you choose to have logging saved to?
Ans:
To route messages to log files, Azure Web apps use the Web server (IIS process). Because Windows-based Web apps are a well-established Azure service, and messaging for ASP.NET apps is tightly integrated with the underlying IIS service, Windows apps benefit from a rich logging infrastructure. For other apps, logging options may be limited by the development platform, even when running on a Windows app service
Q: For Linux App Services, where can you choose to have logging saved to?
Ans:
To route messages to log files, Azure Web apps use the Web server (IIS process). Because Windows-based Web apps are a well-established Azure service, and messaging for ASP.NET apps is tightly integrated with the underlying IIS service, Windows apps benefit from a rich logging infrastructure. For other apps, logging options may be limited by the development platform, even when running on a Windows app service. The logging functionality available to Linux-based scripted apps, such as Node, is determined by the Docker image used for the app's container. Basic logging, using redirections to STDERR or STDOUT, uses the Docker logs. Richer logging functionality is dependent on the underlying image, such as whether this is running PHP, Perl, Ruby, and so on. To download equivalent Web application logging as provided by IIS for Windows apps, may require connecting to your container using SSH.
Azure Function
Q:Your function uses the following code. You want to add a message to the log when the function starts late. What code belongs in the missing line? [FunctionName("TimerTriggerCSharp")] public static void Run([TimerTrigger("0 */5 * * * *")]TimerInfo myTimer, ILogger log) { >>>>> LINE MISSING HERE <<<<< { log.LogInformation("Timer is running late!"); } log.LogInformation($"C# Timer trigger function executed at: {DateTime.Now}");}
Q:You have a Timer Trigger Function that uses "0 5 * * * *" as it's timer setting. How often will the function run?
Q:How many triggers can an Azure Function have?
Q: What Azure Functions library do you need to implement in order for Functions to be able to call other Functions?
Q: True or false: you can create an Azure Function to run whenever a new email comes into Outlook using it's own native Trigger integration with email
Q: Which of the following is a negative consequence of running Azure Functions in the Consumption service plan?
Q:Which library allows you to develop and test Azure Functions locally before deploying into Azure?
Q:Azure Functions store their configuration settings in which file?
Ans:
The function.json file defines the function's trigger, bindings, and other configuration settings. Every function has one and only one trigger. The runtime uses this config file to determine the events to monitor and how to pass data into and return data from a function execution
Q: Which feature of Azure functions allow you to use a runtime not currently supported natively by Azure?
Ans:
Every Functions app is executed by a language-specific handler. While Azure Functions features many language handlers by default, there are cases where you may want to use other languages or runtimes. Custom handlers are lightweight web servers that receive events from the Functions host. Any language that supports HTTP primitives can implement a custom handler.
Q:How many input bindings is an Azure Function allowed to have?
Ans:
You can mix and match different bindings to suit your needs. Bindings are optional and a function might have one or multiple input and/or output bindings.
Q:You have a new project coming up and the development team would like to use Go as the programming language. At least some of the new project needs to be handled by Azure Functions. Go is not a native language supported by Functions. What is a feature of Azure Functions that you can use to implement Go code?
Ans:
Every Functions app is executed by a language-specific handler. While Azure Functions features many language handlers by default, there are cases where you may want to use other languages or runtimes. Custom handlers are lightweight web servers that receive events from the Functions host. Any language that supports HTTP primitives can implement a custom handler
Q:For Azure Functions, what are the possible values for the direction property in the function.json file?
Ans:
All triggers and bindings have a direction property in the function.json file. For triggers, the direction is always in. Input and output bindings use in and out. Some bindings support a special direction inout. If you use inout, only the Advanced editor is available via the Integrate tab in the portal.
Q: You have a Timer Trigger Function that uses "0 */5 * * * *" as it's timer setting. How often will the function run?
Ans:
CRON uses a "{second} {minute} {hour} {day} {month} {day-of-week}" format for expressions. The first "0" means that it runs when the second equals 0. The second "*/5" means every 5th minute of every hour, of every day
Q:You have a Timer Trigger Function that uses "0 15,30,45 0 * * *" as it's timer setting. How often will the function run?
Ans:
CRON uses a "{second} {minute} {hour} {day} {month} {day-of-week}" format for expressions. The first "0" means that it runs when the second equals 0.
The second "15,30,45" means when the minutes equal 15, 30 and 45. The third "0" means at midnight. So the answer is at 12:15, 12:30, and 12:45 every day
Q: Which Durable Functions application pattern would you use for an Azure Function that only needs to run whenever an external API returns a status change?
Ans:
The monitor pattern refers to a flexible, recurring process in a workflow. An example is polling until specific conditions are met. You can use a regular timer trigger to address a basic scenario, such as a periodic cleanup job, but its interval is static and managing instance lifetimes becomes complex. You can use Durable Functions to create flexible recurrence intervals, manage task lifetimes, and create multiple monitor processes from a single orchestration. An example of the monitor pattern is to reverse the earlier async HTTP API scenario. Instead of exposing an endpoint for an external client to monitor a long-running operation, the long-running monitor consumes an external endpoint, and then waits for a state change
ARM Template
Q:If you want to use nested ARM templates - have one ARM template include the contents of another template in it's deployment, what resource type do you use?
Ans:
To deploy complex solutions, you can break your Azure Resource Manager template (ARM template) into many related templates, and then deploy them together through a main template. The related templates can be separate files or template syntax that is embedded within the main template. To link a template, add a deployments resource to your main template. In the templateLink property, specify the URI of the template to include
Q:Which Azure technology allows you to implement infrastructure as code?
Ans:
As infrastructure has become part of the iterative process, the division between operations and development has disappeared. Teams need to manage infrastructure and application code through a unified process. To implement infrastructure as code for your Azure solutions, use Azure Resource Manager templates (ARM templates). The template is a JavaScript Object Notation (JSON) file that defines the infrastructure and configuration for your project. The template uses declarative syntax, which lets you state what you intend to deploy without having to write the sequence of programming commands to create it. In the template, you specify the resources to deploy and the properties for those resources
Q:When you download an ARM Template from the Portal, just before confirming a deployment, what is the one file that is not downloaded to your computer?
Ans:
Both a parameters and template json files are downloaded. But Docker YAML file not downloaded
Q:ARM templates are said to have a declarative syntax. Why is a declarative syntax better than a programmatic approach?
Ans:
ARM templates allow you to create and deploy an entire Azure infrastructure declaratively. For example, you can deploy not only virtual machines,
but also the network infrastructure, storage systems, and any other resources you may need
Q:You need to modify an ARM template. You would like the location of the Azure resources to be in the same region as the resource group itself. Which ARM template function meets the criteria?
Ans:
[resourceGroup().location] is the best answer because it accesses the resource group, and looks at the location parameter. The other answers do not do that. We don't
know if the location is passed in as a parameter, and the requirement said the resource group location
Cosmos DB
Q:When creating a Cosmos DB account, you indicate which consistency level you would like to follow: Strong, Bounded Staleness, Session, Consistent Prefix and Eventual. How can a developer force Strong consistency on a query when the database itself is Eventual consistency?
Ans:
QueryRequestOptions.ConsistencyLevel Property gets or sets the consistency level required for the request in the Azure Cosmos DB service. This is a request level property, and doesn't affect the database settings
Q:What is the concept of strong consistency with Cosmos DB?
Ans:
Strong consistency is that, across the world, readers are guaranteed to always get the most recent committed version of an item. A client will never see a partially committed item.
Q:What does the Change Feed do when configured in Azure Cosmos DB?
Ans:
Change feed in Azure Cosmos DB is a persistent record of changes to a container in the order they occur. Change feed support in Azure Cosmos DB works by listening to an Azure Cosmos container for any changes. It then outputs the sorted list of documents that were changed in the order in which they were modified. The persisted changes can be processed asynchronously and incrementally, and the output can be distributed across one or more consumers for parallel processing.
Q:Which types of database changes does the CosmosDB change feed track?
Ans:
Today, you see all inserts and updates in the change feed. You can't filter the change feed for a specific type of operation. One possible alternative, is to add a "soft marker" on the item for updates and filter based on that when processing items in the change feed. Currently change feed doesn't log deletes. Similar to the previous example, you can add a soft marker on the items that are being deleted. For example, you can add an attribute in the item called "deleted" and set it to "true" and set a TTL on the item, so that it can be automatically deleted. You can read the change feed as far back as the origin of your container but if an item is deleted, it will be removed from the change feed
Q: Which CosmosDB API format works best with document (JSON) data?
Ans:
Core (SQL) API stores data in JSON document format. Cassandra API stores data in column-oriented schema. Gremlin API allows users to make graph queries and stores data as edges and vertices. MongoDB API also uses documents but is BSON format, which is a binary format and not text-based
Q:What is the maximum storage capacity of a Cosmos DB container?
Ans:
Cosmos DB can store an unlimited amount of data. There is no specific limit.
Container Registry
Q:What does the CLI command 'az acr build --registry $ACR_NAME --image helloacrtasks:v1 .' do?
Ans:
ACR Tasks is a suite of features within Azure Container Registry that provides streamlined and efficient Docker container image builds in Azure. az acr build
is an ACR Task which queues a quick build, providing streaming logs for an Azure Container Registry.
Q: What does the Azure Container Registry endpoint look like?
Ans:
azurecr.io is the general domain name for ACR, and myprivateacr.azurecr.io points to your own private registry (where myprivateacr is the name of your unique registry)
Q:Your Azure Container Registry is getting quite big. You have to find a way to reduce the size of it by removing unused images. You decided to delete any untagged images after 30 days. Which Azure CLI command is used automatically removed untagged images? Fill in the blank. az acr config ________ update --registry myregistry --status enabled --days 30 --type UntaggedManifests
Ans:
Azure Container Registry gives you the option to set a retention policy for stored image manifests that don't have any associated tags (untagged manifests). When a retention policy is enabled, untagged manifests in the registry are automatically deleted after a number of days you set. This feature prevents the registry from filling up with artifacts that aren't needed and helps you save on storage costs. The retention keyword sets the retention policy.
Q:You have a docker image in your local repository that you'd like to share to the Azure Container Register. Your local respository image is named myimage, and your ACR is named myacr.azurecr.io. What is the command to get the image from your local into ACR?
Ans:
Use docker image push to share your images to the Docker Hub registry or to a self-hosted one. You pass the URL of your ACR which is in the format youruniquename.azurecr.io, plus the image name
: docker push myacr.azurecr.io/myimage
Q:You have an Azure Container Registry named 'contoso.azurecr.io'. There are several departments in your company that need to push images to the registry, and you want to keep them organized. You decide to use respository namespaces to separate out 'sales', 'marketing', 'technology' and 'customerservice'. How do you pull down the container image for the 'website' project located in the marketing namespace?
Ans:
Service Bus Queue is enterprise-grade message queue.
Q: If your Azure solution relies on third-party public images, some risks are added to your process. Microsoft recommends keeping a private copy of public images and deploying from there, instead of deploying directly from public image locations like DockerHub. Which CLI command is able to copy a public image into Azure Container Registry?
Ans:
As a recommended one-time step, import base images and other public content to your Azure container registry. The az acr import command in the Azure CLI supports
image import from public registries such as Docker Hub and Microsoft Container Registry and from other private container registries
Q: Which of the following Azure CLI commands is considered part of the ACR Tasks set?
Ans:
ACR Tasks is a suite of features within Azure Container Registry that provides streamlined and efficient Docker container image builds in Azure. az acr build is an ACR Task which queues a quick build, providing streaming logs for an Azure Container Registry.
Azure Radis Cache
Q:Which type of data can most benefit from being stored in a caching system like Azure Redis Cache?
Ans:
Data that is static benefits most from being cached, because you can use the cache to retrieve the data instead of having to go back to the original data source every time. Data that is written and never read does not need to be cached since caching only benefits reading. Data that is only ever used once by a session does not need to be cached as well since the first time the data is read, you have to go to the original source. So if you never need it a second time, you don't need to cache it. And data that is always changing (like a stock price) cannot be cached since you always have to go back to the original source to retrieve the latest.
Q:You are a developer for Acme Inc. You have implemented Redis as a caching service and it's going great. You are running on a premium plan, and using the top 120 GB of memory cache. You'd like to increase the memory limit to 500 GB, but Redis does not support that. How can you get more memory when using Azure Redis?
Ans:
Redis Cluster supports up to 10 shards to create 1.2 TB of memory.
Q:What is it that makes a caching system like Redis Cache faster than a traditional data store like Azure SQL Database?
Ans:
Redis Cache uses memory (RAM) to store your information which allows it almost instant retrieval. As a result, there is an upper limit to the amount of data a single Redis node can store, and then you must cluster nodes to go above it.
Q:What can you do to ensure your Azure Redis Cache removes keys proactively instead of waiting until memory is full?
Ans:
Setting an expiration value for keys allows the system to keep the cache size smaller for you, and you never need to worry about reaching maximum cache size.
Azure Container Instances
Q:What is the Azure CLI command to create an Azure Container Instance? Fill in the blank. az _______ _______ --resource-group myResourceGroup --name mycontainer --image mcr.microsoft.com/azuredocs/aci-helloworld --dns-name-label aci-demo --ports 80
Ans:
az container create will create a new container instance.
Q:What is the Azure CLI command to delete an Azure Container Instance? Fill in the blank. az ______ _______ --resource-group myResourceGroup --name mycontainer
Ans:
azure container delete will delete a running container instance.
Q: You have an Azure Container Instance with the DNS label "mycontainer". What is the public Fully-Qualified Domain Name (FQDN) for that instance?
Ans:
Azure Container Instances enables exposing your container groups directly to the internet with an IP address and a fully qualified domain name (FQDN). When you create a container instance, you can specify a custom DNS name label so your application is reachable at customlabel.azureregion.azurecontainer.io.
Authorization
Q:How can you create a shared access signature and modify the expiry date and time after it's already been created?
Ans:
A shared access signature (SAS) provides secure delegated access to resources in your storage account. With a SAS, you have granular control over how a client can access your data. A stored access policy is defined on a resource container, which can be a blob container, table, queue, or file share. The stored access policy can be used to manage constraints for one or more service shared access signatures. When you associate a service SAS with a stored access policy, the SAS inherits the constraints-the start time, expiry time, and permissions-defined for the stored access policy. You can modify the stored access policy at any time after the SAS has been created
Non-relational DB
Q:You've created a Cosmos DB account named Account1. Inside, you create one database named Db1, and one container named Container1. The data you are storing is document data using the Core (SQL) API. You have a new requirement to add a graph database using the Gremlin API. Can you create another database named Db2 inside Account1 for the graph data?
Ans:
The API determines the type of account to create. Azure Cosmos DB provides five APIs: Core (SQL) and MongoDB for document data, Gremlin for graph data, Azure Table, and Cassandra. Currently, you must create a separate account for each API.
Q:Which CosmosDB API format works best with key-value data?
Ans:
Table API stores data in key/value format. Gremlin API allows users to make graph queries and stores data as edges and vertices. Cassandra API stores data in column-oriented schema. MongoDB API stores data in a document structure, via BSON format.
Q: Which Azure service allows you to extend Azure File Shares from the cloud to on-premises by creating a local cache of the files?
Ans:
Azure File Sync service allows you to keep a local copy of files that are stored in the Azure File Shares in the cloud. While some users may opt to keep a full copy of their data locally, Azure File Sync additionally has the ability to transform Windows Server into a quick cache of your Azure file share. You can use any protocol that's available on Windows Server to access your data locally, including SMB, NFS, and FTPS. You can have as many caches as you need across the world
Q: Which CosmosDB API format works best with graph data?
Ans:
Gremlin API allows users to make graph queries and stores data as edges and vertices. Cassandra API stores data in column-oriented schema. Core (SQL) API stores data in document format. Table API stores data in key/value format.
Virtual Machines
Q:What advantage does the Compute-Optimized (Fsv2) instance family have over the General Purpose (Dsv4) instance family?
Ans:
The best advantage of the F-series VMs is that they provide faster performance per virtual CPU than the D-series. The machine hardware is designed for CPU performance. Pricing is actually comparable.
Q:What advantage does a Spot VM provide over a regularly-provisioned VM?
Ans:
Using Azure Spot Virtual Machines allows you to take advantage of our unused capacity at a significant cost savings. At any point in time when Azure needs the capacity back, the Azure infrastructure will evict Azure Spot Virtual Machines. Therefore, Azure Spot Virtual Machines are great for workloads that can handle interruptions like batch processing jobs, dev/test environments, large compute workloads, and more.
Q: What does the PowerShell command 'Get-AzVMImageSku -Location "EastUS" -PublisherName "MicrosoftWindowsServer" -Offer "WindowsServer"' return?
Ans:
A list of publicly available Windows Server OS images in the EastUS region. There could be dozens of Windows VM images available to you. I get 62 when I run this command myself.
Q:When a Virtual Machine named VM1 is deployed to a virtual network named Vnet1, and a subnet named Subnet1, which private IP address is it given?
Ans:
A virtual machine (VM) is automatically assigned a private IP address from a range that you specify, based on the subnet in which the VM is deployed. The VM retains the address until the VM is deleted. Azure dynamically assigns the next available private IP address from the subnet you create a VM in. If you want a specific IP address from the subnet assigned to the VM, assign a static IP address.
Q:What is the major downside/risk to using Spot VMs compared to regularly-provisioned VMs?
Ans
VMs can be evicted based on capacity or the max price you set. When creating an Azure Spot Virtual Machine, you can set the eviction policy to Deallocate (default) or Delete. As well, pricing is variable. Even though there is no SLA (for obvious reasons), this is not the major risk to using spot instances. Your account is limited to the number of any instance type you have per region, and so the limit on spot instances is not different than that. They should cost less than regular VMs though
Azure Redit Cache
Q:Which Azure Architecture pattern is specifically designed to increase application performance by using a cache service?
Ans:
The name gives it away. Cache-Aside pattern is designed to load data on demand into a cache from a data store. This can improve performance and also helps to maintain consistency between data held in the cache and data in the underlying data store.
Containers
Q:A Kubernetes cluster is dividend into which two components?
Ans:
A Kubernetes cluster is divided into two components:
1. Control plane: provides the core Kubernetes services and orchestration of application workloads.
2. Nodes: run your application workloads.
Q:Under which menu item of the Azure Portal can you find the logs for a container instance?
Ans:
Viewing the logs for a container instance is helpful when troubleshooting issues with your container or the application it runs. To view the container's logs, under Settings, select Containers, then Logs. You should see the HTTP GET request generated when you viewed the application in your browser.
Q:Which file format is the standard for documenting the configuration of Docker containers and is used by Docker Compose to create the image?
Ans:
Docker containers use YAML files for configuration settings.
Q:What type of compute is Azure Container Instances considered to be?
Ans:
Azure Container Instances are on-demand containers in a managed, serverless Azure environment. Azure Container Instances is a solution for any scenario that can operate in isolated containers, without orchestration. Run event-driven applications, quickly deploy from your container development pipelines, and run data processing and build jobs
Q :Which Azure service provides the ability to store and manage your private Docker container images?
Ans:
You can send your container images to Azure Container Registry (ACR) to store them before deployment
Q:Which Azure CLI command will create a container image of your code and automatically deploy to Azure Container Registry?
Ans:
az acr build is a ACR Task. ACR Tasks is a suite of features within Azure Container Registry that provides streamlined and efficient Docker container image builds in Azure. Because ACR tasks use docker build to build your images, no changes to your Dockerfiles are required to start using ACR Tasks immediately
Q: What container image formats does Azure Container Registry support?
Ans:
The following Docker container image formats are supported: Docker images, OCI images, OCI artifacts, Helm charts
API Management
Q:Your company uses Azure API Management as the public front-end to its APIs, to control access. You'd like to implement certificate authentication to ensure that only authorized clients are calling the API. In which policy section do you add the <authentication-certificate> policy?
Ans:
Authentication is an inbound policy. Requests that fail to authenticate do not have the requests passed on to the API backend at all.
Q:Using which channels can you create an API Management instance?
Q:What security feature exists for API apps that will either allow or prevent applications running from other domains (external web sites) from calling the API?
Q: The API Management Gateway includes a powerful feature called Policies. What is the main function of policies?
Ans:
Policies allow you to modify the inbound request as well as the outbound results without modifying the API code itself.
Azure Storage
Q:What feature of Azure Blob Storage, if enabled, allows you to retrieve files that have previously been deleted within a time period?
Q:What Azure command line tool for Windows and Linux is designed to copy data to and from a Blob storage account, across containers, and across storage accounts?
Q:Which feature of Azure Storage Account allows you to restore one or more containers to an earlier state?
Q:You have a Lifecycle Storage policy that moves blobs from hot storage to cool storage if they have not been modified in 30 days. You realize that there is a frequently accessed file that is in cool storage due to this policy, and you'd like to save money by moving it back to hot storage. So you manually move this file back to hot storage.Will this solve your problem?
Ans:
Moving the blob from cool to hot does not modify it's modification date, and so it will be moved back to cool storage the next time lifecycle management runs.
You need to either modify the rule to be based on last access date, or modify the file when moving it back so that the modification date is updated
Q:What option do you have to grant someone access to a single container in your Azure storage account without having to give them your storage account keys?
Ans:
Storage accounts are access by keys. Using SAS will let them have very granular access without exposing any other part of your storage account.
Q: When writing code that connects to an Azure Storage account, you set the Retry option mode to Exponential. What does Exponential mode do?
Ans:
Exponential = Retry attempts will delay based on a backoff strategy, where each attempt will increase the duration that it waits before retrying. Fixed = Retry attempts happen at fixed intervals; each delay is a consistent duration
Web App Container
Q:Why should a developer choose to deploy a container to a Web App for Containers instead of Azure Kubernetes Service?
Azure AD
Q: Which of the following two-factor authentication verification methods are available in Azure AD?
Q: Your company has several applications running on Azure App Services - App1, App2, App3 and App4. Each application is configured to use a system-managed identity to access resources. Your applications all store their secrets in a KeyVault named KV1. You are finding it difficult to manage the permissions for all these applications, and would like to move to a single managed identity for all applications instead of each application having their own. What action do you take to implement that?
Ans:
Managed identities eliminate the need for developers to manage credentials. Managed identities provide an identity for applications to use when connecting to resources that support Azure Active Directory (Azure AD) authentication. Applications may use the managed identity to obtain Azure AD tokens. For example, an application may use a managed identity to access resources like Azure Key Vault where developers can store credentials in a secure manner or to access storage accounts.
You cannot configure multiple applications to use the same system-assigned identity. You must use a user-assigned identity for this purpose
Azure key vault
Q:What effect does adding a Key Vault Reference to your app using Configuration Explorer have?
Q:What is the recommended way within Azure to store secrets such as private cryptographic keys?
Q:You are a developer for Acme Inc. You are deploying an Azure App Service, and would like to store the application secrets in Azure Key Vault. You would not like to store any user id/passwords at all inside your application. Using what method can you assign the application the permission to read the secrets from the vault, without having to store any type of authentication credentials in code?
Ans:
Azure Key Vault is a service that provides centralized secrets management, with full control over access policies and audit history. In order to read secrets from Key Vault, you need to have a vault created and give your app permission to access it. You must create a managed identity and assign it permissions to read the vault, or you can use a user-assigned identity.
Message Solution
Q:You are a developer for Acme Inc. Your company's flagship application is the Wind Monitoring software that Wind Energy farms use to monitor their equipment. At the end of each day, the Wind Collector sends a message that contains all of the days statistics in JSON format which needs to be read, processed, and posted to the database. Which Azure Service is best for processing this type of data?
Q: You are a developer for Acme Inc. Your application uses a Service Bus Queue to receive messages from an outside app, and your have a number of applications processing those messages. You have recently been told that the business is seeing a problem of some messages in an unusal circumstance being processed twice. When you debug the problem, it's a message that was successfully processed by the job but then the program fails before the queue could be updated to delete the message. Your boss wants you to fix the problem such that it might be better if a message was missed than if a message was processed twice. What do you do to ensure messages do not get processed twice, even if sometimes they don't get processed?
Ans:
At-most-once delivery is designed for this
Azure Monitor
Q: You would like to receive an email every time a new Azure Container Registry is created. Which of the following steps would accomplish that goal?
Ans:
Azure Monitor can do this natively. You can create an Alert in Azure Monitor, based on the Create or Update Container Registry signal
Q:Which feature within Azure collects all of the logs from various resources into a central dashboard, where you can run queries, view graphs, and create alerts on certain events?
Ans:
Azure Monitor - a centralized dashboard that collects all the logs, metrics and events from your resources
Q: What type of storage container is specifically used to collect log and metric data from various Azure Resources so that it can be analyzed in Azure Monitor?
Ans:
Log Analytics Workspace is required to collect logs and metrics
Q: What type of container is used to collect log and metric data from
various Azure Resources?
Ans:
Log Analytics Workspace is required to collect logs and metrics
Comments
Post a Comment