Download the AI & Machine Learning For Dummies PRO App: iOS - Android Our AI and Machine Learning For Dummies PRO App can help you Ace the following AI and Machine Learning certifications:
AZ-900: Microsoft Azure Fundamentals – Top 100 Questions and Answers Dumps
Amazon’s AWS and Microsoft’s Azure are the big boys of the cloud computing world, even though AWS is much bigger than Azure.
Revenue from Microsoft Azure grew 72% from 2018 from $7.56 billion to $13 billion. Azure contributed to almost 10.5% of Microsoft’s total revenue in 2019. It has also been noted that the US defense chose Azure in its tactical operations. The last quarter earnings of 2019 grew by 64%.
The exam is intended for candidates who are just beginning to work with cloud-based solutions and services or are new to Azure. Candidates should be familiar with the general technology concepts, including concepts of networking, storage, compute, application support, and application development. Azure Fundamentals can be used to prepare for other Azure role-based or specialty certifications, but it is not a prerequisite for any of them.
Software as a service (SaaS) allows users to connect to and use cloud-based apps over the internet. Common examples are email, calendar, and office tools, such as Microsoft Office 365.
Question 2:You have an on-premises application that processes incoming Simple Message Submission Service (SMSS) queue messages and records the data to a log file. You migrate this application to an Azure function app. What kind of cloud service would this be considered?
Serverless computing is the abstraction of servers, infrastructure, and operating systems. When you build serverless apps, you don’t need to provision and manage any servers, so you don’t have to worry about infrastructure. Serverless computing is driven by the reaction to events and triggers happening in near-real time in the cloud.
C. Prices for individual resources and services are provided so you can predict how much you will spend in a given billing period based on your expected usage.
D. The ability to do things more efficiently or at a lower cost per unit when operating at a larger scale.
Answer 3:
D
Notes 3:
Cloud providers such as Microsoft, Google, and Amazon are large businesses that leverage the benefits of economies of scale and then pass the savings on to their customers.
Question 5: Which of the following Azure solutions allows you to geographically cache and distribute high-bandwidth content, such as streaming videos, to users in different parts of the world?
A. Content Delivery Network (CDN)
B. Load Balancer
C. Application Gateway
D. Virtual Network Gateway
Answer 5:
A
Notes 5:
Azure Content Delivery Network (CDN) offers developers a global solution for rapidly delivering high-bandwidth content to users by caching their content at strategically placed physical nodes around the world. Azure CDN can also accelerate dynamic content, which cannot be cached, by leveraging various network optimizations using CDN POPs.
Question 6:You are beginning to extend your on-premises data center into Azure. You have created a new Azure subscription and resource group called RG-One. You deploy two virtual machines into RG-One with the intent of promoting these to Active Directory domain controllers. What kind of cloud service would this be considered?
Infrastructure as a service (IaaS) is an instant computing infrastructure, provisioned and managed over the internet. Deploying virtual machines into an Azure subscription would be considered an IaaS service.
Question 7:Select the concept that is defined as ensuring that servers are available if a single data center goes offline.
A. Scalability
B. Fault tolerance
C. Elasticity
D. Agility
Answer 7:
B
Notes 7:
Fault tolerance is the property that enables a system to continue operating properly in the event of the failure of one or more of its components. In Azure, it refers to ensuring that a portion of the production systems are available online (via a failover cluster, available set, or available zone) if a subset of the system components (or an entire data center) goes offline.
Question 8:In regards to comparing Public Cloud and Private Cloud, which of these best describe the characteristics of a Public Cloud?
A. No-upfront costs
B. More control over the security
C. Less reliability
D. Less maintenance
Answer 8:
A and D
Notes 8
The public cloud provides a pay-as-you-go pricing model which can lead to lower costs than those in private cloud solutions where capital expenditures are high.
The public cloud provides agility to provision and de-provision resources quickly with far less maintenance than that of private cloud solutions.
Question 9:Which of the following are considered capital expenditures (CapEx)?
A. Storage area network
B. Cloud-based virtual machine
C. Office 365 licenses
D. Hyper-V host server
Answer 9:
A and D
Notes 9:
Storage costs are typically considered CapEx and include storage hardware components and the cost of supporting them. Depending on the application and level of fault tolerance, centralized storage can be expensive.
Server costs are considered CapEx and include all server hardware components and the cost of supporting them. When purchasing servers, make sure to design for fault tolerance and redundancy (e.g., server clustering, redundant power supplies, and uninterruptible power supplies). When a server needs to be replaced or added to a data center, you need to pay for the computer. This can affect your immediate cash flow because you must pay for the server up front.
Question 10:You are in the process of migrating your existing on-premises SQL databases to Azure. You will migrate them to Azure SQL databases, as opposed to deploying SQL database servers in Azure. What kind of cloud service would this be considered?
A. Software-as-a-Service (SaaS)
B. Platform-as-a-Service (PaaS)
C. Serverless
D. Infrastructure-as-a-Service (IaaS)
Answer 10:
B
Notes 10:
Platform as a service (PaaS) is a complete development and deployment environment in the cloud with resources that enable you to deliver everything from simple cloud-based apps to sophisticated, cloud-enabled enterprise applications. An Azure SQL instance would be considered a PaaS service.
Question 11: Which of the following statements are true for IaaS cloud services?
A. The client is responsible for purchasing all Operating System (OS) host licensing.
B. Services can be scaled automatically to support system load.
C. The client has complete control over the host operating system.
D. The client is responsible for all guest OS and application updates.
Answer 11:
B and D
Notes 11:
IaaS host services are scaled automatically to combat increased system load and scaled back during periods of inactivity.
The cloud service provider performs all underlying hardware, OS, and middleware updates. The client performs all guest OS and application updates.
Question 12: Which of the following tools can be used to manage Azure resources on a Google Chromebook?
A. Azure portal
B. PowerShell
C. Azure Cloud Shell
D. Azure CLI
Answer 12:
A and C
Notes 12:
You can run the Azure portal on all modern desktop, tablet devices, and browsers.
Azure Cloud Shell is an interactive, browser-accessible shell for managing Azure resources. It provides the flexibility of choosing the shell experience that best suits the way you work. Linux users can opt for a Bash experience, while Windows users can opt for PowerShell.
Question 13:Which Azure service can provide big data analysis for machine learning?
A. Azure App Service
B. Azure WebJobs
C. Application Insights
D. Azure Databricks
Answer 13:
D
Notes 13:
Azure Databricks is an Apache Spark-based analytics platform optimized for the Microsoft Azure cloud services platform. Databricks enables collaboration between data scientists, data engineers, and business analysts.
Question 14:You need to create an Azure storage solution that will store messages created by an Azure web role. The messages will then be processed by an Azure worker role. What type of storage solution should you create?
A. A Queue service in a storage account
B. A virtual machine data disk
C. A File service in a storage account
D. A Blob service in a storage account
Answer 14:
A
Notes 14:
Azure Queue storage is a service for storing large numbers of messages that can be accessed from anywhere in the world via authenticated calls using HTTP or HTTPS.
Question 15:You have an on-premises application that sends email notifications automatically based on a rule. You plan to migrate the application to Azure. You need to recommend a computing solution for the application that should minimize costs by incurring charges only when it is executed.
Which Azure solution is best for this type of application?
A. Logic App
B. A web app
C. Service Bus App
D. IaaS web server in Azure
Answer 15:
A
Notes 15:
Azure Logic Apps is a cloud service that helps you automate and orchestrate tasks, business processes, and workflows when you need to integrate apps, data, systems, and services across enterprises or organizations. Logic Apps simplifies how you design and build scalable solutions for app integration, data integration, system integration, enterprise application integration (EAI), and business-to-business (B2B) communication, whether in the cloud, on-premises, or both.
For example, here are just a few workloads you can automate with logic apps:Process and route orders across on-premises systems and cloud services.
Send email notifications with Office 365 when events happen in various systems, apps, and services.
Move uploaded files from an SFTP or FTP server to Azure Storage.
Monitor tweets for a specific subject, analyze the sentiment, and create alerts or tasks for items that need review.
For new logic apps that run in the public or “global” Azure Logic Apps service, you pay only for what you use. These logic apps use a consumption-based plan and pricing model.
Question 16: You are the Systems Administrator for a local university. You are deploying several sets of systems that will be used for research and development teams. Each set of systems will be uniform in nature, containing the same number and type of Azure resources.
What should you recommend to automate the creation of these Azure resources?
A. Azure Resource Manager templates
B. Multiple Azure subscriptions
C. Management groups
D. Virtual machine scale sets
Answer 16:
A
Notes 16:
An Azure Resource Manager template is the framework by which resources are created. They can be used to define and automate the creation of similar resources.
Question 17:You are deploying a pair of Azure virtual machines. You want to ensure that the application will remain available in the event of a complete data center failure. What Azure technology will help most in this task?
A. Locally redundant storage
B. Zone Redundant Storage
C. Availability zone
D. Availability set
Answer 17:
C
Notes 17:
An Availability zone consists of two or more virtual machines in different physical locations within an Azure region. This configuration ensures that only a subset of the virtual machines in an availability zone will be affected in the event of hardware failure, OS update, or a complete data center outage. This configuration offers 99.99% SLA.
Question 18: Which of the following database solutions has the ability to add data concurrently from multiple regions simultaneously?
A. SQL managed instances
B. Cosmos DB
C. SQL Data Warehouses
D. Azure SQL Databases
Answer 18:
B
Notes 18:
Azure Cosmos DB is Microsoft’s globally distributed, multi-model database service. Cosmos DB elastically and independently scales throughput and storage across any number of Azure regions worldwide.
Question 19: Which Azure service can host your web apps without you having to manage underlying infrastructure?
A. Azure App Service
B. Azure WebJobs
C. Azure Databricks
D. Application Insights
Answer 19:
A
Notes 19:
Azure App Service enables you to build and host web apps, mobile back-ends, and RESTful APIs in the programming language of your choice without managing infrastructure.
Question 20: Which of the following components can be used to load balance traffic to web applications, such as Azure App Service web apps using layer 7 of the OSI model?
A. Virtual Network
B. Virtual Network Gateway
C. Route table
D. Load Balancer
E. Application Gateway
Answer 20:
E
Notes 20:
Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications. Traditional load balancers operate at the transport layer (OSI layer 4 — TCP and UDP) and route traffic based on source IP address and port to a destination IP address and port.
Question 21: Which Azure service can help you collect, analyze, and act on telemetry from your cloud and on-premises environments?
A. Azure App Service
B. Azure Monitor
C. Azure Analyzer
D. Azure WebJobs
Answer 21:
B
Notes 21:
Azure Monitor is a service that can help you understand how your applications are performing and proactively identify issues affecting them and the resources they depend on.
Question 23: Which Azure service should you use to correlate metrics and logs from multiple resources into a centralized repository? A. Azure Event Grid
B. Azure Event Hubs
C. Azure SQL Data Warehouse
D. Azure Monitor
Answer 23:
D
Notes 23:
Log data collected by Azure Monitor (formerly Azure Log Analytics) is stored in a Log Analytics workspace, which is based on Azure Data Explorer. It collects telemetry from a variety of sources and uses the Kusto query language used by Data Explorer to retrieve and analyze data.
Question 24: You are the Azure Administrator for Radio Gaga, LTD. You have a resource group named RG-RG and need to ensure no other administrators can create virtual networks in this resource group. What can you implement to accomplish this?
A. Access Control (IAM)
B. Azure policy
C. Locks
D. Properties
Answer 24:
B
Notes 24:
Azure Policy is a service in Azure used to create, assign, and manage policies. These policies enforce different rules and effects over your resources, so those resources stay compliant with your corporate standards and service level agreements.
For example, you can have the policy to allow only a certain SKU size of virtual machines in your environment. Once this policy is implemented, new and existing resources are evaluated for compliance. With the right type of policy, existing resources can be brought into compliance.
Question 25: Which of the following is the organization that defines standards used by the United States government?
A. NIST
B. ITIL
C. GDPR
D. ISO
Answer 25:
A
Notes 25:
The National Institute of Standards and Technology (NIST) promotes and maintains measurement standards and guidance to help organizations assess risk. It defines the standards that are used by the United States government as well as the US Department of Defense (DoD).
Question 26: You have an Azure virtual network named VNet in a resource group named Bob-RG. You assign an Azure policy specifying virtual networks are not an allowed resource type in Bob-RG. What happens to VNet once this policy is applied?
A. VNet is moved to a new resource group.
B. Bob-RG is deleted automatically
C. VNet continues to function normally, but no new subnets can be added.
D. VNet is deleted automatically.
Answer 26:
C
Notes 26:
Azure policies that determine the allowed types of resources can only prevent non-compliant resources from being created. Existing non-compliant resources are not affected. However, the policy is flagged as non-compliant so that the administrator can determine action (if any).
Question 27: Which Azure tool allows you to view which user turned off a specific virtual machine during the last 14 days?
A. Azure Event Hubs
B. Azure Activity Log
C. Azure Service Health
D. Azure Monitor
Answer 27:
B
Notes 27:
The Azure Activity Log is a subscription log that provides insight into subscription-level events that have occurred in Azure. This includes a range of data, from Azure Resource Manager operational data to updates on Service Health events. Events such as starting and stopping of virtual machines can be found here.
A collaboration between Microsoft and Adobe brings you a more simplified and consistent experience for PDF documents that have been classified and, optionally, protected. This collaboration provides support for Adobe Acrobat native integration with Microsoft Information Protection solutions, such as Azure Information Protection.
Question 29: Which of the following is true regarding HDInsight?
A. It is an on-demand analytics job service that simplifies big data. Instead of deploying, configuring, and tuning hardware, you write queries to transform your data and extract valuable insights.
B. It is a managed relational cloud database service.
C. It is a cloud-based service that is a limitless analytics service that brings together enterprise data warehousing and Big Data analytics.
D. It is an open-source framework for the distributed processing and analysis of big datasets in clusters.
Answer 29:
D
Notes 29:
Azure HDInsight is a managed, full-spectrum, open-source analytics service for enterprises. HDInsight is a cloud service that makes it easy, fast, and cost-effective to process massive amounts of data. HDInsight also supports a broad range of scenarios, like extract, transform, and load (ETL); data warehousing; machine learning; and IoT.
Learn about important Azure product updates, roadmap, and announcements here
Questions 31: Azure virtual machines can be moved between which of the following Azure resources?
A. Subscriptions
B. Regions
C. Availability Sets
D. Resource Groups
E. Availability Zones
Answer 31:
A, B, D, E
Notes 31:
Azure virtual machines can be moved between subscriptions with either Azure PowerShell or the Azure portal. Using Azure Site Recovery, you can migrate Azure VMs to other regions. Azure virtual machines can be moved between resource groups with either Azure PowerShell or the Azure portal. Using Azure Site Recovery, you can migrate Azure VMs to other Availability Zones.
II- Azure Pricing and Support
Question 32: Which Azure support plans can open support cases?
Question 33: For any Single Instance virtual machine using premium SSD or Ultra Disk for all Operating System Disks and Data Disks, what is the SLA guarantee for virtual machine connectivity?
Question 34: Which of the following Azure services is a cloud-based service that leverages massively parallel processing (MPP) to quickly run complex queries across petabytes of data in a relational database?
A. Azure SQL database
B. Azure HDInsight
C. Azure SQL Data Warehouse (Azure Synapse )
D. Azure Data Lake Analytics
Answer 34:
C
Notes 34:
Azure SQL Data Warehouse (Azure Synapse ) is a cloud-based service that leverages massively parallel processing (MPP) to quickly run complex queries across petabytes of data in a relational database.
Question 35: You have an Azure subscription that contains the following unused resources:
Name
Type
Configuration
nic0
Network Interface
10.0.0.6
pip1
Public IP
Static
lb1
Load Balancer
Standard, 5 rules configured
VNet2
Virtual Network
10.1.0.0/16
VM3
Virtual Machine
Stopped (Deallocated)
Based on this information, which of the following unused resources should you remove to lower cost?
A. lb1
B. VNet2
C. pip1
D. nic0
E. VM3
Answer 35:
A and C
Notes 35:
The pricing for Standard Load Balancer is based on the number of rules configured (load balancer rules and NAT rules) and data processed. However, there is no hourly charge for the Standard Load Balancer itself when no rules are configured. Since this load balancer contains rules, it should be removed to save money.
In ARM deployment model, there is no charge for dynamic public IP addresses when the associated virtual machine is “stopped-deallocated”. However, you’re charged for a static public IP address irrespective of the associated resource (unless it is part of the first five static ones in the region). This resource should be removed.
Users are able to login to the service, log in to the Access Panel, access applications on the Access Panel and reset passwords. IT administrators are able to create, read, write and delete entries in the directory or provision or de-provision users to applications in the directory.
No SLA is provided for the Free tier of Azure Active Directory.
Question 38: Which of the following Azure support plans offer Severity “A” and “B” cases to be opened?
Question 39:This question requires that you evaluate the underlined text to determine if it is correct. When you are implementing a software as a service (SaaS) solution, you are responsible for configuring high availability. Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.
Question 40:You have an on-premises network that contains several servers. You plan to migrate all the servers to Azure. You need to recommend a solution to ensure that some of the servers are available if a single Azure data center goes offline for an extended period. What should you include in the recommendation?
Question 41: This question requires that you evaluate the underlined text to determine if it is correct. When planning to migrate a public website to Azure, you must plan to pay monthly usage costs. Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.
A. No change is needed
B. Deploy a VPN
C. pay to transfer all the website data to Azure
D. reduce the number of connections to the website
Question 42: You have an on-premises network that contains 100 servers. You need to recommend a solution that provides additional resources to your users. The solution must minimize capital and operational expenditure costs. What should you include in the recommendation?
Question 43: Which Azure offering refers to a set of development, testing, and automation tools?
A. Azure Cognitive Services
B. Azure Boards
C. Azure DevOps
D. GitHub
Answer 43:
C
Notes: Azure DevOps Services provides development collaboration tools, including high-performance pipelines, free private Git repositories, configurable Kanban boards, and extensive automated and continuous testing capabilities.
Question 44: Which of the following are available in the Azure Marketplace?
A. Virtual machine images
B. SaaS applications
C. Solution templates
D. Sample application code
Answer 44:
A B C
Notes: Virtual machine images are available in the Azure Marketplace. Images are available for Windows and Linux. Stock operating system images, as well as custom images with pre-installed applications, are also available.
SaaS applications make up the majority of the Azure Marketplace. One click allows you to install and use many popular applications — such as Office365, Salesforce, Zoom, and others — seamlessly with your Azure subscription.
Solution templates allow you to deploy entire IaaS solutions with a simple click. Examples include complete SharePoint farms as well as SQL Always Available clusters.
Question 45: Which of the following regulates data privacy in the European Union (EU)?
A. ITIL
B. GDPR
C. ISO
D. NIST
Answer 45:
B
Notes: The General Data Protection Regulation (EU) 2016/679 (“GDPR”) is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA). It also addresses the export of personal data outside the EU and EEA areas. The GDPR aims primarily to give control to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
Question 46: You currently have two Azure Pay-As-You-Go subscriptions. You would like to transfer billing ownership of the subscriptions to another account while moving the subscriptions into the other accounts Azure AD tenant. How can you accomplish this?
A. Open a support ticket by contacting Microsoft Azure Support
B. In the Azure Portal, under Azure Subscriptions click Change Directory
C. Using Azure CLI, run the az account merge command
D. In the Azure Portal, under Cost Management + Billing under Azure Subscriptions
Answer 46:
Notes: It is here that we can transfer billing ownership by clicking on the context menu for the subscription. We then select “Transfer billing ownership” and as part of the process, we can provide the email associated with the other account, and can also choose to move the subscription into the Azure AD tenant of the other account. This will move the subscription into the default Azure AD tenant of the destination account.
Notes: A support request can only be opened via the Azure Portal.
Question 48: You attempt to create several managed disks in your Azure environment. In the Portal, you receive a message that you must increase your Azure subscription limits. What should you do to increase the limits?
A. Modify an Azure policy.
B. Use Azure PowerShell to create the new managed disks.
Question 49: A company wants to build a new voting kiosk for sales to governments around the world. Which IoT technologies should the company choose to ensure the highest degree of security?
A. IoT Hub
B. IoT Central
C. Azure Sphere
D. Azure IoT
Answer 49:
C
Notes: Azure Sphere provides the highest degree of security to ensure the device has not been tampered with.
Question 50: This question requires that you evaluate the underlined text to determine if it is correct. When you are implementing a software as a service (SaaS) solution, you are responsible for configuring high availability. Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.
A. No change is needed.
B. defining scalability rules
C. installing the SaaS solution
D. configuring the SaaS solution
Answer 50:
D
Notes: configuring the SaaS solution
Question 51: A company wants to quickly manage its individual IoT devices by using a web-based user interface. Which IoT technology should it choose?
A. IoT Hub
B. IoT Central
C. Azure Sphere
D. Azure IoT
Answer: B – IoT Central quickly creates a web-based management portal to enable reporting and communication with IoT devices.
Question 52: You want to send messages from the IoT device to the cloud and vice versa. Which IoT technology can send and receive messages?
A. IoT Hub
B. IoT Central
C. Azure Sphere
D. Azure IoT
Answer: A – An IoT hub communicates to IoT devices by sending and receiving messages.
In Azure, every VM – regardless if Linux or Windows – gets a temporary disk assigned automatically. This temporary disk is located on the physical server (the hypervisor) where the Azure VM is hosted and is non-persistent. Disks used by the operating system or additionally added data disks are persistent disks and stored in Azure Storage.
Azure VM’s can be moved from its current host to new host at any time due to maintenance, hardware failures or other reasons. In such an event, the data from the temporary storage will not preserve or moved to the new host. Apart from the hardware failures, there are many other reasons data from the temporary disk will be lost:
Resizing of the VM
Restarting of the VM
Moving from one host to another
Updating/upgrading of host
Really, the temporary disk should never be used for data that has to be persistent. To avoid misconfiguration, the disk also has the drive label “Temporary Storage” and includes a text file “DATALOSS_WARNING_README.txt”. Read more here…
It depends on the virtual machine type we talk about. Some Azure virtual machines include a Windows operating system license in their price (some even include a SQL Server). Some do not, however, there is an “Azure Hybrid Use Benefit” in certain Microsoft licensing programs, where basically the customer can use its previously acquired software licenses on Azure virtual machines (“bring you own license”). Also, there are Azure virtual machines available with different Linux distributions (both commercial and community), Windows Server license is obviously not included in these. Continue reading here
Hello. Yes They charge you for the disk usage too. So its Disk, Network, License (if Windows Server Instance) and Processor/RAM that are taken into consideration
(more)
Why don’t I see the N-Series (vga enabled) VMs in my Azure vm sizes list (I have Bizspark subscription)?
It has nothing to do with BizSpark. N series VMs are generally available since 1 December, 2016 (Azure N-Series: General availability on December 1 ), but only in select Azure datacenter regions. Please consult the Azure Products by Region | Microsoft Azure website for regional availability.
(more)
What is a data disk in Azure VM?
What are things to look out for when choosing a location for your Microsoft Azure VM?
The argument in placing a cloud vm would be performance. Performance in the cloud world means cost. The better performance you need the more its going to cost you. But the other side of that is the faster you can solve the problem you are trying to solve. The business problem to evaluate in placement of a VM is loosley these two things: Does increasing the performance of the application provide the overall answers required faster? Are there things you can do to your application that will allow it to better take advantage of cloud capabilities…
Please review Azure Monitor, the built-in monitoring service in Azure. Azure Monitor provides metrics and logs for many services in Azure including VMs. A quick overview : Product documentation: Get started with Azure Monitor Note: As of today (Apr ‘17) Cloud Services metrics are served using an older telemetry pipeline but that is the process of being migrated to Azure Monitor pipeline. You will soon be able to consume Cloud Service metrics via Azure Monitor, the same way you can for Azure VMs, Web Apps or Azure SQL DBs.
Azure Backup introduces a reinforcement expansion to the Azure VM specialist that is running on the VM. This expansion backs up the whole VM. You can back up explicit records and organizers on the Azure VM by running the MARS operator.
Make sure you have VMs in Availability set. Before selecting a VM collect below inputs either from Application or from Performance monitoring team 1. Maximum IOPS required. 2. Maximum size of DB in next 2 years at least. Based on these inputs select the VM size and required storage tier – Standard or Premium. For high performance, you can perform disk stripping if you require more than 5000 IOPS. Also you can configure Backup to URL.
(more)
Could I connect to a Linux Azure VM using SSH and private IP through Putty?
Absolutely. You can check your VM’s public IP address on the Azure Portal and SSH into it with the SSH client of your choice. A private IP allows Azure VMs to communicate with other resources in a virtual network or an on-premises network through a VPN or ExpressRoute. So you can SSH into an Azure VM using the private IP from the same virtual network or via VPN / ExpressRoute.
Azure portal ( Microsoft Azure ) now has a feature called Cloud Shell. This basically gets you a command line interface, in the browser, where you can make an authenticated access to Azure resources, including your virtual machines. Both Bash and PowerShell are available, and you can also save your frequently used scripts, etc for later re-use. More details here: Azure Cloud Shell – Browser-Based Command Line | Microsoft Azure
How to resize a Linux VM with the Azure CLI – Azure Linux Virtual Machines az vm resize –resource-group mygroup –name mytestvm –size Standard_D4s_v3 This call would trigger instance restart in the background if needed.
This document indicates how a Linux VM password can be reset Reset Linux VM password and SSH key from the CLI. There is also an option in the Azure portal (https://portal.azure.com). Go to the details of the virtual machine you wish to reset the password for and look for “reset password” at the bottom left:
Depending on what OS you are using lets say Linux. You could use properJavaRDP you will need a Java VM installed. I’ve used this with success the screen refresh was not great tho.
Select Diagnostics settings from the Azure UI blade.
Under the Overview tab: Pick a Storage account: Select your storage account so that the metrics stats can be stored. Click on ‘Enable guest level monitoring‘ and wait for the process to complete.
If I change the size of my Azure VM while running a script, will that stop the execution of the script? (Currently using a Linux VM).
Changing the size of an Azure VM (scaling up or down) is only possible with a reboot. That will most definitely stop the execution of your script.
(more)
How do I make an Azure VM snapshot?
1. On the Azure portal, select Create a resource. 2. Search for and select Snapshot. 3. In the Snapshot window, select Create. 4. Enter a Name for the snapshot. 5. Select an existing Resource group or enter the name of a new one. 6. Select an Azure datacenter Location.
(more)
On the Azure portal, select Create a resource.
Search for and select Snapshot.
In the Snapshot window, select Create. …
Enter a Name for the snapshot.
Select an existing Resource group or enter the name of a new one.
Select an Azure datacenter Location.
Can we restrict a developer (on Microsoft Azure VM) to not upload a source code on any website or email?
You can restrict a developer from uploading a source code on any website by following the below steps: 1. Go to the desired VM instance in the Azure portal 2. Select “Access control (IAM)” option from the left pane 3. Select Role Assignment option under +Add option 4. Now, you will be able to assign any one of the available pre-defined roles to a user 5. Give contributor level access to the respective developer, now he will not be able to access/upload a file to the website
The region prices are related to pricing conditions in particular region. In details it is about tenancy of physical area, prices of the hardware from vendors, the cost of man-hours in a particular region for IT specialists and other Azure datacenter workers, and so on. Unfortunately, I can’t find any reference for that information, I’m talking here personally as the person who works with Azure every day and have a contact with Microsoft teams.
(more)
Can we spin up a Windows Azure VM programmatically from a php page? We can assume that we have valid Microsoft Credentials.
The REST Management API is the one you want to go for. Authentication is certificate based. You’ll have to upload a management certificate using the Windows Azure portal in able for your PHP application to authenticate. A good starting point on how to use the Windows Azure REST APIs for management can be found here How to use Windows Azure service management APIs (PHP). Like Rahul suggested, once you have that up-and-running use the Operations on Virtual Machines API set to manipulate your Virtual Machine deployments.
(more)
How do you reduce the size of my Azure VM disk?
Hi, Below are some points that would be beneficial for you. 1. Pick the best possible disk size. 2. Compress the panel size in the VM. 3. Export the managed disk to a VHD. 4. Compress the exported VHD. 5. Make another new managed disk from the VHD. 6. Make another VM from the new recently created disk. 7. Alternatively, clean up all the old resources. Hope it helps.
(more)
Your company wants to use Azure to manage all of their IoT devices. They are going to create the infrastructure themselves, but need a backend in Azure to manage the flow of data, and to ensure security as well as ease of deployment of new devices. Which Azure product or solution would be suitable?
Azure IoT Hub is a solution for providing managed services for large IoT projects. It provides secure and reliable communication from devices to the Azure backend. Azure IoT Central is a SaaS solution that provides both managed connections and security as well as the dashboards and applications to use the data. Event Grid is used to connect many Azure services. IoT Hub
Your company has a new Azure virtual network that needs to be secured. What is the best way to only allow specific kinds of outside traffic into this network?
Use an Azure Firewall attached to the virtual network.
Azure Firewall blocks any incoming or outgoing traffic that isn’t specifically allowed on a network. A Network Security Group manages the traffic to specific services, Azure DDoS Protection Service protects against attacks and a load balancer distributes traffic to specific VMs. Azure Firewall FAQ
How is authorization different from authentication?
Authentication is the process of proving that you are who you say you are. Authorization is the act of granting an authenticated party permission to do something.
Authentication is the process of proving that you are who you say you are. It’s sometimes shortened to AuthN. The Microsoft identity platform uses the OpenID Connect protocol for handling authentication. Authorization is the act of granting an authenticated party permission to do something. It specifies what data you’re allowed to access and what you can do with that data. Authorization is sometimes shortened to AuthZ. The Microsoft identity platform uses the OAuth 2.0 protocol for handling authorization. Reference: Authentication vs. authorization
Which minimum costing support plan provides access to general guidance with architecture support?
The Developer support plan provides access to technical support via email in business hours and is the most-effective. The Standard and
You are looking to build and host your website on Azure without needing to manage the underlying infrastructure. Which type of Cloud service should you choose?
Platform as a service (PaaS) is a complete development and deployment environment in the cloud, with resources that enable you to deliver everything from simple cloud-based apps to sophisticated, cloud-enabled enterprise applications, all without you having to manage any of the underlying infrastructure or services. Reference: What is PaaS? Platform as a Service
You are beginning to extend your on-premises data center into Azure. You have created a new Azure subscription and resource group called RG-One. You deploy two virtual machines into RG-One with the intent of promoting these to Active Directory domain controllers. What kind of cloud service would this be considered?
Infrastructure as a service (IaaS) is the use of on-demand computing infrastructure which is provisioned and managed over the internet. Deploying virtual machines into an Azure subscription would be considered an IaaS service. Reference: What is IaaS? Infrastructure as a Service
Define the concept of “dynamic elasticity.”
Dynamic elasticity is defined as a cloud service that both quickly scales up and also back down in order to serve your changing workload patterns for the lowest cost.
Which Azure service can host your web apps without you having to manage underlying infrastructure?
Azure App Service enables you to build and host web apps, mobile back-ends, and RESTful APIs in the programming language of your choice without managing infrastructure. Azure App Service documentation – Azure App Service
Which Azure service can you use to make sure your virtual machines are running smoothly and without problems?
Azure Monitor collects and analyzes telemetry data from your virtual machines to provide your with alerts and recommendations for how they are running. Azure Monitor overview – Azure Monitor
Which Azure DevOps tool would you use to share applications and code libraries?
Azure Artifacts is a service in Azure DevOps, which can host code libraries and applications for you to share internally or externally. Azure Boards is for project managers. Azure Repos holds your source code. Azure Test Plans is used to create manual and automatic test scenarios for your application. Azure Pipelines is the process that builds and deploys your application. Azure DevOps Services
What are the main components of an Azure VPN Gateway setup?
The VPN Gateway must be attached to an Azure Virtual Network.
An on-premises network with a complimentary gateway that can accept the encrypted data.
A secure connection, called a tunnel, which encrypts the traffic sent through it.
An Azure VPN Gateway consists of a Virtual Network, a secure connection called a tunnel, and an on-premises network and gateway. A storage account, a backend pool of VMs and a Load Balancer are not needed. About Azure VPN Gateway
Your company has a large amount of documents that are both sensitive and important to a large number of people. How would you secure these documents so you can still share them, but track where they are?
Use Azure Information Protection – Azure Information Protection (AIP) is a cloud-based solution that helps your organization to classify and protect its documents and emails by applying labels. What is Azure Information Protection?
Which Azure solution would you implement to embed a watermark into Office documents that contain social security numbers?
Azure Information Protection (sometimes referred to as AIP) is a cloud-based solution that helps an organization classify and, optionally, protect its documents and emails by applying labels. Labels can be applied automatically by administrators who define rules and conditions, manually by users, or a combination where users are given recommendations. Azure Active Directory. This includes access to resources in Azure AD, Azure resources, and other Microsoft Online Services, like Office 365 or Microsoft Intune. What is Azure Information Protection? – AIP
What are region pairs?
A region that is linked with another region in the same geography) – Azure has the concept of region pairs, these are two or more regions that are at least 300 miles apart within a single Geography. This enables the ability to replicate certain resources such as virtual machine storage across the geography providing protection against such events as natural disasters or civil unrest. Ensure business continuity & disaster recovery using Azure Paired Regions
Which Azure tool allows you to view which user turned off a specific virtual machine during the last 14 days?
The correct answer is the Azure Activity Log – it is a logging service that provides insight into subscription-level events that have occurred in Azure. This includes a range of data, from Azure Resource Manager operational data to updates on Service Health events. Events such as starting and stopping of virtual machines can be found here. Overview of Azure platform logs – Azure Monitor
What does Azure Information Protection do?
Provides the ability to securely share sensitive data – Azure Information Protection helps control and secure information (including emails and documents) that is shared outside of your organization. Azure information protection
Which of the following can be used to manage governance across multiple Azure subscriptions?
A. Azure initiatives
B. Management groups
C. Resource groups
B
Which of the following is a logical unit of Azure services that links to an Azure account?
A. Azure subscription
B. Management group
C. Resource group
D. Public cloud
A
Which of the following features does not apply to resource groups?
A. Resources can be in only one resource group.
B. Role-based access control can be applied to the resource group.
C. Resource groups can be nested.
C
Which of the following statements is a valid statement about an Azure subscription?
A. Using Azure doesn’t require a subscription.
B. An Azure subscription is a logical unit of Azure services.
B
You need to process messages from a queue, parse them by using some existing imperative logic written in Java, and then send them to a third-party API. Which serverless option should you choose?
Azure Functions: Azure Functions is the correct choice because you can use existing Java code with minimal modification.
You want to orchestrate a workflow by using APIs from several well-known services. Which is the best option for this scenario?
Azure Logic Apps: Azure Logic Apps makes it easy to create a workflow across well-known services with less effort than writing code and manually orchestrating all the steps yourself.
Your team has limited experience with writing custom code, but it sees tremendous value in automating several important business processes. Which of the following options is your team’s best option?
Azure Logic Apps is best suited for users who are more comfortable in a visual environment that allows them to automate their business processes. Logic Apps is the best option in this scenario.
You need to predict future behavior based on previous actions. Which product option should you select as a candidate?
A. Azure Machine Learning
B. Azure Bot Service
C. Azure Cognitive Services
Answer: A. Azure Machine Learning enables you to build models to predict the likelihood of a future result. It should not be eliminated as a candidate.
You need to create a human-computer interface that uses natural language to answer customer questions. Which product option should you select as a candidate?
A. Azure Machine Learning
B. Azure Cognitive Services
C. Azure Bot Service
Answer: Azure Bot Service creates virtual agent solutions that utilize natural language. It should not be eliminated as a candidate.
You need to identify the content of product images to automatically create alt tags for images formatted properly. Which product option is the best candidate?
A. Azure Machine Learning
B. Azure Cognitive Services
C. Azure Bot Service
Answer: Azure Cognitive Services includes Vision services that can identify the content of an image. Azure Cognitive Services is the best candidate.
Your development team is interested in writing Graph-based applications that take advantage of the Gremlin API. Which option would be ideal for that scenario?
A. Azure Cosmos DB
B. Azure SQL Database
C. Azure Databricks
D. Azure Database for PostgreSQL
Answer: Azure Cosmos DB supports SQL, MongoDB, Cassandra, Tables, and Gremlin APIs.
CompanyA uses the LAMP stack for several of its websites. Which option would be ideal for migration?
A. Azure Cosmos DB
B. Azure Database for MySQL C. Azure Database for PostgreSQL
B:Answer: Azure Database for MySQL is the logical choice for existing LAMP stack applications.
CompanyA has millions of log entries that it wants to analyze. Which option would be ideal for analysis?
A. Azure Cosmos DB B. Azure SQL Database C. Azure Database for PostgreSQL D. Azure Synapse Analytics
D: Azure Synapse Analytics is the logical choice for analyzing large volumes of data.
Which of the following options can you use to link virtual networks?
A. Network address translation B. Multi-chassis link aggregation C. Dynamic Host Configuration Protocol D. Virtual network peering
D: Answer: Virtual network peering can be used to link virtual networks.
Which of the following options isn’t a benefit of ExpressRoute?
A. Redundant connectivity B. Consistent network throughput C. Encrypted network communication
D. Access to Microsoft cloud services
C: Answer: ExpressRoute does provide private connectivity, but it isn’t encrypted.
Wow, what a difference a couple of days and a different set of questions makes. I took the exam Monday and fell just short of passing (659), and I retook it today and scored 850! The questions on the first attempt were definitely harder, and I could tell from the first few questions I was going to have a rough time.
Today was totally different and I felt like I was getting all the “gimme” questions first and was able to coast through most questions confidently. I flagged exactly half the questions for review and at the end I had 20 minutes leftover after I was done reviewing. Total day and night difference between the two attempts.
For preparation I used:
– Microsoft Learn
– A Cloud Guru AZ-900 course + practice exam
– Tutorials Dojo practice exam
– and of course, John Savill’s YT channel
I bought the TD practice exams because of all the suggestions here, and I can attest they were well worth the price. This morning before the exam I went through all the TD section-based exams and took each one until I scored 90% on every section. I don’t always condone preparing for the exam on the day of but it was certainly a nice confidence booster to help me get mentally prepared.
Pleased to have passed this first time with a score of 775!
For any looking to sit this, I’ve had around 3 years of experience proving 2nd line technical support for an Azure environment. I used the following to prep for this exam:
Scotty Duffy’s Udemy Course – this was a bit of a waste of time and money in my eyes, nowhere near detailed enough. There are some reviews from people saying they passed the exam using this course alone with no experience using Azure but I really do not believe that.
Tim Warner’s YouTube series – this was great bearing in mind it was free. Way more worth the time than Scott’s, I wish I’d have started here.
Tutorials Dojo Practise Exams – I’d only recommend using these exams to test your knowledge and build some confidence, the questions in the exam were more difficult but the format and nature of these give you a good idea of what to expect.
Hope this advice helps some of you – onto the AZ-104!
Step 3) Watch this cram video which will cement in the concepts
Study Material
Use tutorials dojo practice tests and do them until you reach 90+% Passing on average, Every question you get wrong make sure to read the explanation as to why you are wrong.
“Lift and shift” is a strategy for migrating a workload to the cloud without redesigning the application or making code changes. Also called rehosting. For more information, see Azure migration center.
Cloud optimized is a strategy for migrating to the cloud by refactoring an application to take advantage of cloud-native features and capabilities.
App Service. A managed service for hosting web apps, mobile app back ends, RESTful APIs, or automated business processes.
Azure Kubernetes Service (AKS). A managed Kubernetes service for running containerized applications.
Batch. A managed service for running large-scale parallel and high-performance computing (HPC) applications
Container Instances. The fastest and simplest way to run a container in Azure, without having to provision any virtual machines and without having to adopt a higher-level service.
Service Fabric. A distributed systems platform that can run in many environments, including Azure or on premises.
Virtual machines. Deploy and manage VMs inside an Azure virtual network.
Infrastructure-as-a-Service (IaaS) lets you provision individual VMs along with the associated networking and storage components. Then you deploy whatever software and applications you want onto those VMs. This model is the closest to a traditional on-premises environment, except that Microsoft manages the infrastructure. You still manage the individual VMs.
Platform-as-a-Service (PaaS) provides a managed hosting environment, where you can deploy your application without needing to manage VMs or networking resources. Azure App Service is a PaaS service.
Functions-as-a-Service (FaaS) goes even further in removing the need to worry about the hosting environment. In a FaaS model, you simply deploy your code and the service automatically runs it. Azure Functions are a FaaS service.
There is a spectrum from IaaS to pure PaaS. For example, Azure VMs can autoscale by using virtual machine scale sets. This automatic scaling capability isn’t strictly PaaS, but it’s the type of management feature found in PaaS services.
Azure Data Store:
Use the following flowchart to select a candidate data store.
Which of the following choices isn’t a cloud computing category: NAAS, PAAS, SAAS, IAAS, DAAS? – Networking-as-a-Service (NaaS)
To be honest seems like decent set of changes. In addition to reshuffling existing titles and task #s of several items, there is a redistribution of weight across objectives and removing of following sections:
3.1 Describe core solutions available in Azure
5.3 Describe privacy and compliance resources
6.2 Describe Azure Service Level Agreements (SLAs)
I passed Azure Fundamentals AZ900 Certification Testimonials
AZ-900 Passed today. Score of 835.
Achievement Celebration
Path I took:
Microsoft Learn course
John Savill Study Cram
SkillCertPro Practice Tests (were decent for what they were).
I found this somewhat simple and completed within 15 minutes. I do have some experience with Azure but don’t work in it every day. As always, John Savill’s knowledge was a great watch and the MS Learn course was quite good content wise. Exam was not hard but there were some gotcha questions around resource locks, SLAs, ExpressRoute and storage accounts.
Happy to answer any questions.
Passed AZ-900, SC-900, AI-900, and DP-900 within 6 weeks!
Achievement Celebration
What an exciting journey. I think AZ-900 is the hardest probably because it is my first Microsoft certification. Afterwards, the others are fair enough. AI-900 is the easiest.
I generally used Microsoft Virtual Training Day, Cloud Ready Skills, Measureup and John Savill’s videos. Having built a fundamental knowledge of the Cloud, I am planning to do AWS CCP next. Wish me luck!
Passed Azure Fundamentals
Learning Material
Hi all,
I passed my Azure fundamentals exam a couple of days ago, with a score of 900/1000. Been meaning to take the exam for a few months but I kept putting it off for various reasons. The exam was a lot easier than I thought and easier than the official Microsoft practice exams.
Study materials;
A Cloud Guru AZ-900 fundamentals course with practice exams
Literally just passed the exam an hour or so ago 🙂 Not full points but whatever, ~900 is enough.
Have 0 experience with any of it, actually just did it for fun because of the discounts on virtual training days and I thought why not, certification looks good.
Spent half of the virtual day course not listening but you have to log in for the exam discount. Around 4h or so in total watching John Savills content and some of the MS resource sites.
Exam questions were often not directly related to all the stuff talked in the courses so some kinda surprised me. Also I only spent like 25min in total going through them twice, much faster than I thought it was gonna be.
Savills content is gold though, a neat summary of the MS product system. MS resource sites are beneficial to go through as well.
Really doubt any of my future employers will actually take notice or care that much given I won’t go into the sysadmin industry but certification is certification right? And it was free 🙂
Now I just need to figure out how to actually get a pdf of the certificate/badge lol
I’m interested if Microsoft actually gives away discounts for the actual admin courses or if they just restrict it to fundamentals to promote their products? Did anyone do the admin exams with discounts?
Azure Certification Path 2022-2023
Popular: Az900 –> AZ104 –> AZ305 or AZ400 or AZ500 or AI900
Here’s a Microsoft certification for you, whether or not you’re thinking about what Microsoft Azure is and where to start, or where you should go next in your cloud job. There are around 16 Azure cloud assertions open. Here is an overview of current Microsoft Azure assertions.
Nuts and bolts Level Certifications
Microsoft Certified: Azure Fundamentals
Microsoft Certified: Azure Data Fundamentals
Microsoft Certified: Azure AI Fundamentals
Accomplished Level Certifications
Microsoft Certified: Azure Administrator Associate
Microsoft Certified: Azure Developer Associate
Microsoft Certified: Azure Database Administrator Associate
Microsoft Certified: Azure Security Engineer Associate
Microsoft Certified: Azure Data Scientist Associate
Microsoft Certified: Azure Data Engineer Associate
Microsoft Certified: Azure AI Engineer Associate
Microsoft Certified: Azure Stack Hub Operator Associate
Expert Level Certifications
Microsoft Certified: Azure Solutions Architect Expert
Microsoft Certified: DevOps Engineer Expert
Specialty Certifications
Microsoft Certified: Azure IoT Developer Specialty
Microsoft Certified: Azure for SAP Workloads Specialty
Microsoft Certified: Azure Virtual Desktop Specialty
There are also two other Microsoft assertions that are Azure-related. While we won’t cautiously depict them in this post, dependent upon your master way and limit, they might justify researching.
For security engineers responsible for peril the leaders, checking, and response, the Microsoft Certified: Security Operations Analyst Associate confirmation is required. It requires completing the SC-200 appraisal.
Test SC-300 is required for the Microsoft Certified: Identity and Access Administrator Associate, which is for heads who use Azure AD to manage IAM.
What mightbe prudent for you to do first?
In particular, you should make certain with regards to what a Microsoft Azure confirmation is and isn’t. Is simply clear? Phenomenal! Then, at that point, we ought to explore three circumstances that can assist you with picking where to start.
“I’m new to development. I’m essentially uninformed in regards to this ‘cloud’ that is quite serious.”
You can sort out some way to cloud in the event that you’re the kind of person who counts “Microsoft Word” as a specific capacity on your resume. On the off chance that you’re just beginning started, a section level certification will outfit you with the language and understanding you’ll need to all the more promptly analyze your ensuing stages. The AZ-900 Azure Fundamentals accreditation is your first stop on the Azure road.
The cloud might be alarming, yet the capacities you’ll get as you seek after this accreditation will help you with understanding it in a way that even an all out beginner can understand — especially if you have the right getting ready. (Look at me as a hotshot, yet I think our Azure Fundamentals getting ready is astonishing.)
“I have a fundamental cognizance of the cloud.”
Perhaps you’ve worked in the IT field beforehand. Perhaps you’ve attempted various things with AWS, GCP, or Azure. Do you accept you’re ready to make a dive? Press the brakes. Start with the Azure Fundamentals affirmation, if you haven’t at this point. In the best circumstance, you’ll see it to be a breeze. Regardless, paying little heed to how far you advance in Azure, this accreditation will give the establishment to future accomplishment. The accompanying crosspiece on the ladder (Azure Administrator Associate) can be an inconvenient one to ascend. Before dealing with it, you’ll need all of the Fundamentals data notwithstanding a huge load of Azure included knowledge.
Here are different Azure Certifications (Microsoft Certified)
AZ-900
For beginners, this is the best Microsoft Azure accreditation. It’s an unprecedented spot to start on the off chance that you’re new to appropriated processing or Microsoft Azure. This one would be Azure 101 if test names appeared to be okay and acceptable.
Test AZ-900: Microsoft Azure Fundamentals ($99 USD) is required.
There are no fundamentals.
For whom this is for?
In a general sense, everyone. Non-particular individuals with a cloud-related calling, similarly as new or cheerful designers or IT experts, could benefit from acknowledging what the cloud is and isn’t. Any person who needs to comprehend the Microsoft Azure environment should have the data expected to complete this evaluation.
Fundamentals DP-900 Microsoft Certified
For inescapable data focused cloud subject matter experts, this is a significant beginning advance assertion.
Test DP-900: Microsoft Azure Data Fundamentals ($99 USD) is required.
There are no fundamentals.
For whom this is for?
This helper is for informational collection draftsmen and data base administrators who are essentially starting with cloud data.
AI Fundamentals AI-900 Microsoft Certified
This Microsoft Azure affirmation exhibits that you appreciate the fundamentals of man-made mental ability (AI) and AI (ML) in Azure for amateurs with both particular and non-specific establishments.
Test AI-900: Microsoft Azure AI Fundamentals ($99 USD) is required.
There are no basics.
For whom this is for?
Reproduced insight Engineers, Data Scientists, Developers, and Solutions Architects with a working data on AL and ML, similarly as Azure organizations related with them. This affirmation, like the others in the Azure Fundamentals series, is normal for those with both specific and non-particular establishments. That proposes data science and PC programming experience aren’t required, but Microsoft recommends making them program data or experience.
Administrator Associate AZ-104 is a Microsoft attestation.
For the IT swarm, this is the rudiments of Azure organization. This takes you from a fundamental perception of the cloud to having the alternative to perform cloud tasks (and get repaid to do them).
Test AZ-104: Microsoft Azure Administrator ($165 USD) is required.
For whom this is for?
This affirmation is for IT specialists and administrators who screen cloud assets and resources and direct cloud system. This test is (mistakenly) seen as an entry level test, yet you’ll need to know an immense heap of anticipated that information should pass and do whatever it takes not to have your AZ denied.
Good day r/Azure! I've been getting to know azure lately and am running into some pain points (ok I'm dying inside). We have Lighthouse and have around 130 Sentinel customers. I see that I can distribute hunting queries to all of our workspaces from my dev workspace with Workspace Manager, but it looks like I can't package up hunts and send them out, or redistribute the TI that I've uploaded. My google foo is pulling up lots of other people asking similar multi-tenant management related questions, but they tend to be the posts with 0 replies lol. I've tried setting up a Logic App watch for new TI and add it to the workspaces, but permissions seem to be getting in the way. I can ingest and parse it, but can't create the TI objects on the customer's workspaces due to permissions. I've tried both with my account and with an enterprise app/ app registration that had the contributor rights. Looking over our abandoned logic monitor apps, it looks like the guy before me was also dying inside, creating a TI ingestion logic app in each client's resource group - That doesn't look much more fun than logging into each of the 130 workspaces and doing everything manually. Generally my needs are: Create Hunts with assigned queries Run the queries across all 130 workspaces Get the results Replicate TI from our workspace to the others, or ingest a big JSON file and distribute it to the other workspaces Is the normal lighthouse contributor level of permissions not going to cut it for this? It's strange that I can go in and do this manually with my permissions one at a time, but automation methods just can't hack it. What do you guys generally recommend in this scenario? If I have to manually do something with each customer, I will do so as a last resort and just make whatever-that-is part of future onboardings (we literally have ~20 more coming) submitted by /u/Sand-Eagle [link] [comments]
Hey all, I wanted to move my database away from azure cosmos db for postgresql which is citus + postgres underneath. Our database is a 5 node cluster (1 coordinator + 4 worker nodes). Each worker node has about 600 Gb of data with the total data size coming to be about 2 TB. I have talked to other managed providers of citus + postgresql. It seems that the only way to migrate off without downtime is by enabling logical replication. This option is currently not supported via azure. I was wondering if anyone has been able to migrate away from cosmos db postgresql . If yes, how did you do it ? submitted by /u/tucosaurus [link] [comments]
If I have a Cloud only user, say `john@contoso.com` and I have another user in ADDS (before Entra Connect Sync), say `john@contoso.com`. Will these two identities get merged to become one and show up as single user inside the Entra of will there be 2 identities, after connect sync ? submitted by /u/azure-only [link] [comments]
I have task automation to create inbound anti span But maybe it just support c# and PowerShell I have search but still not found any infor usefull Is there anyone in here have do that before Pls give me the guide Thanks submitted by /u/Fit_Grocery_6538 [link] [comments]
We have an azure storage account with a private endpoint and no public access. We’re trying to get power automate to connect to it using a service principle. I read that a new feature allows access to azure resources when using a managed id or SP, but I don’t understand if this is just for the dataverse stuff. Anyone try anything like this? submitted by /u/Dizzy_Twist80 [link] [comments]
I am trying to learn how to set up site to site (home network to Azure). I am following this article. https://learn.microsoft.com/en-us/azure/vpn-gateway/tutorial-site-to-site-portal#VPNDevice Currently I have a Frontier router (NVG468MQ). Do I need a VPN device or OpenVPN would work as well? Also, would I be able to test site to site connection (with all the prerequisites from the article) for under $200? There is this pricing calculator, I am trying to get feedback if anyone has setup and know the rough cost from personal experience. Just need to test the connections. https://azure.microsoft.com/en-us/pricing Thanks TT submitted by /u/DazzlingYoghurt8920 [link] [comments]
We've got an Azure pipeline set up using a self-hosted agent. It's all working great except that right now we're authenticating using a Personal Access Token (PAT) and it's going to time out after 90 days (I see now I can set it to last 1 year, but the question remains). I'd rather set something up where the agent continues to work until we tell it not to (if the machine on which the agent was running was stolen or something, I guess). There is a page "Self-hosted agent authentication options" which is great, since the pipeline is hosted on the Azure cloud I'm assuming I've got Azure DevOps Services and not Azure DevOps Server (right?) so my authentication options are Service Principal (SP) or Device code flow (Microsoft Entra ID). There is a page for "Register an agent using a Service Principal" which says I need to create a Service Principal. That takes me to "Use service principals" which says I need to choose between creating an application service principal and a managed identity and starts talking about application objects and I'm not familiar enough with the Microsoft authentication ecosystem to know how to proceed. Likewise, there is a page for "Register an agent using device code flow". I guess there I just create a dummy user, grant it Azure administrative rights, and use that? So basically there are a bunch of choices and no hints as to why you would select one over another. I'm with a relatively small company and we're in the process of switching from Google/Slack to Microsoft so we don't have any Microsoft gurus just yet. Is sticking with the PAT my best choice, and just write a note somewhere so that a year from now when all the self-hosted agents stop working, we know why? Or are one of these other options easy enough to implement that it's a better path forward? submitted by /u/Betty-Crokker [link] [comments]
Why would they not a way to easily filter by MFA disabled status? I was looking forward to the new updating MFA portal hoping they would bring this to the Microsoft entra admin center but still nothing. Only statuses are All, enabled and enforced. Why not disabled! submitted by /u/byteme4188 [link] [comments]
Today I Learned (TIL) You learn something new every day; what did you learn today? Submit interesting and specific facts about something that you just found out here.
Reddit Science This community is a place to share and discuss new scientific research. Read about the latest advances in astronomy, biology, medicine, physics, social science, and more. Find and submit new publications and popular science coverage of current research.
What do you think of the list? What would you add? LeBron James scores 40,000 career points Mondo Duplantis smashes Olympic pole vault records Spain’s historic Euro 2024 victory, featuring - - Lamine Yamal’s stunning debut Rafael Nadal bids farewell to tennis with an emotional retirement Novak Djokovic finally captures Olympic gold in Paris Caitlin Clark and Angel Reese redefine women’s basketball and its impact Record-breaking Super Bowl LVIII captivates millions The AFC Asian Cup and AFCON showcase football’s global influence Simone Biles makes a triumphant Olympic comeback with record-breaking performances Steph Curry delivers an unforgettable Olympic final performance submitted by /u/bakenzo [link] [comments]