Last Hour Study Notes| AZ-900 Exam (Updated Sept 2020)
Earning a Microsoft Azure certification is an impressive credential. It’s a great addition to your resume and can help you stand out amongst other candidates. You need to prepare well before exam. Because at exam time, everybody do small mistakes which lead to miss some questions. You need to brush up important concepts before entering the exam hall or being ready for Pearson VUE.
Here are last hour notes for AZ-900 to study / Memorise.
1. Azure 24/7 access to technical support by email and phone to
Customer Support Plans:
Basic Support Plan- NA
Developer Support Plan- Available during business hours by email only.
Standard Support Plan — Unlimited
Professional Direct Support Plan — Unlimited
Enterprise Support Plans:
Premiere Support Plan- Unlimited
Azure Subscription:
An Azure subscription is linked to a single account, the one that was used to create the subscription and is used for billing purposes.
Azure management groups help you organize your resources and subscriptions.
2. Azure CLI, PowerShell & Azure Portal
Azure CLI
Azure CLI is a cross-platform command-line program that connects to Azure and executes administrative commands on Azure resources. Cross-platform means that it can be run on Windows, Linux, or macOS.
PowerShell
Azure PowerShell is a module that you add to Windows PowerShell or PowerShell Core that enables you to connect to your Azure subscription and manage resources.
Azure Portal
The Azure portal is a website that you can access with a web browser, by going to the URL https://portal.azure.com. From here, you can interact manually with all the Azure services. The portal is a web-based administration site that lets you interact with all of your subscriptions and resources you have created.
3. Region, Availability Zone & Availability Sets
Region (e.g. North Europe, West Europe, Germany North, Germany West Central)
A region is a geographical area on the planet containing at least one, but potentially multiple datacenters that are nearby and networked together with a low-latency network.
Availability Zone
Availability Zones are physically separate datacenters within an Azure region. Each Availability Zone is made up of one or more datacenters equipped with independent power, cooling, and networking.
Availability Sets
Availability Sets comprise of update and fault domains. Update Domain: When a maintenance event occurs, the update is sequenced through update domains. Fault Domain: Fault domains provide for the physical separation of a workload across different hardware in the datacenter.
4. Core Solutions and Management Tools
Azure Sphere
Comprehensive IoT security solution — including hardware, OS and cloud components — to actively protect your devices, your business and your customers
Azure Cognitive Services
A comprehensive family of AI services and cognitive APIs to help you build intelligent apps
Azure Databricks
Fast, easy and collaborative Apache SparkTM based analytics service
Azure Bot Service
A managed service purpose-built for bot development
Azure HDInsight
With Azure HDInsight, easily run Apache Hadoop, Spark, Kafka and other popular open source frameworks at global scale.
HDInsight supports the latest open source projects from the Apache Hadoop and Spark ecosystems.
You can use HDInsight to connect to Azure Log Analytics and monitor all your clusters from a single interface.
GitHub in Azure
Leverage GitHub Actions for Azure to easily create code-to-cloud workflows for various Azure scenarios. With GitHub Actions for Azure you can create and set up workflows in your repository to build, test, package, release and deploy to Azure.
Azure Secure Score : The Secure score is calculated based on the ratio between your healthy resources and your total resources. If the number of healthy resources is equal to the total number of resources, you get the highest Secure Score value possible for a recommendation, which can go up to 50.
Azure Sentinel
Azure Sentinel provides intelligent security analytics across your enterprise. The data for this analysis is stored in an Azure Monitor Log Analytics workspace. Azure Sentinel is billed based on the volume of data ingested for analysis in Azure Sentinel and stored in the Azure Monitor Log Analytics workspace.
5. Azure Resource Manager
Azure Resource Manager — Azure Resource Manager is the deployment and management service for Azure. It provides a management layer that enables you to create, update, and delete resources in your Azure account. You use management features, like access control, locks, and tags, to secure and organize your resources after deployment.
Azure Resource Lock- Resource Manager Locks provide a way for administrators to lock down Azure resources to prevent deletion or changing of a resource. These locks sit outside of the Role Based Access Controls (RBAC) hierarchy and, when applied, will place restrictions on the resource for all users.
Azure DevOps
DevOps brings together people, processes, and technology, automating software delivery to provide continuous value to your users.
DevOps automates and speeds software delivery. It makes your process and your products more reliable.
Azure DevOps provides integration with popular open source and third-party tools and services — across the entire DevOps workflow. Use the tools and languages you know. Spend less time integrating and more time delivering higher-quality software, faster.
Virtual network peering
Virtual network peering enables you to seamlessly connect networks in Azure Virtual Network. The virtual networks appear as one for connectivity purposes. The traffic between virtual machines uses the Microsoft backbone infrastructure. Like traffic between virtual machines in the same network, traffic is routed through Microsoft’s private network only.
Azure ExpressRoute
ExpressRoute lets you extend your on-premises networks into the Microsoft cloud over a private connection facilitated by a connectivity provider. With ExpressRoute, you can establish connections to Microsoft cloud services, such as Microsoft Azure and Office 365.
Connectivity can be from an any-to-any (IP VPN) network, a point-to-point Ethernet network, or a virtual cross-connection through a connectivity provider at a co-location facility. ExpressRoute connections do not go over the public Internet. This allows ExpressRoute connections to offer more reliability, faster speeds, consistent latencies, and higher security than typical connections over the Internet
Comparison (Virtual Network Point-to-site,Virtual Network Site-to-site, ExpressRoute)
Virtual Network Point-to-site: A point-to-site VPN also allows you to create a secure connection from your Windows-based computer to your virtual network without having to deploy any special software. We provide you with VPN policies that you can download into your computer and use Windows’ built in VPN client. You can securely connect to the virtual network just the way you use VPN clients to connect to your company’s corporate network. Since we use standard Secure Sockets Tunneling Protocol (SSTP), you will be able to securely connect to Azure from anywhere. This capability enables you to quickly setup connectivity to Azure for prototyping, development, testing and simulation purposes. You can use the same setup and configuration to work with some site-to-site connectivity options.
Virtual Network Site-to-site: A site-to-site VPN allows you to create a secure connection between your on-premises site and your virtual network. We use industry standard IPsec VPN in Azure. So we are interoperable with most VPN devices. You can refer to a list of known compatible devices and sample configurations in the Azure website. You can use this service to connect up to 10 on-premises sites and virtual networks to each other securely. Once a site-to-site VPN is setup you have IP level connectivity between your premises and virtual networks in Azure. This enables you to build truly hybrid applications in Azure. Use this service in cases where your cross-premises connectivity throughput is nominal (~ 100 Mbps).
ExpressRoute: ExpressRoute lets you create private connections between Azure datacenters and infrastructure that’s on your premises or in a co-location environment. ExpressRoute connections do not go over the public Internet, and offer more reliability, faster speeds, lower latencies and higher security than typical connections over the Internet. With ExpressRoute, you can establish connections to Azure at an ExpressRoute location (Exchange Provider facility) or directly connect to Azure from your existing WAN network (such as a MPLS VPN) provided by a network service provider.
6. SLA
The Service Level Agreement (SLA) describes Microsoft’s commitments for uptime and connectivity.
7. Hybrid Cloud
A hybrid cloud is a computing environment that combines a public cloud and a private cloud by allowing data and applications to be shared between them
8. Azure Network Support Groups (NSG)
Azure Network security groups(NSG) are used to filter network traffic to and from Azure resources in an Azure virtual network. A network security group contains security rules that allow or deny inbound network traffic to, or outbound network traffic from, several types of Azure resources. For each rule, you can specify source and destination, port, and protocol.
9. Azure Advisor
Azure Advisor is a personalized cloud consultant that helps you follow best practices to optimize your Azure deployments. It analyzes your resource configuration and usage telemetry and then recommends solutions that can help you improve the cost effectiveness, performance, Reliability (formerly called High availability), and security of your Azure resources.
With Advisor, you can:
- Get proactive, actionable, and personalized best practices recommendations.
- Improve the performance, security, and reliability of your resources, as you identify opportunities to reduce your overall Azure spend.
- Get recommendations with proposed actions inline.
10. Azure Policy
Azure Policy helps to enforce organizational standards and to assess compliance at-scale. Through its compliance dashboard, it provides an aggregated view to evaluate the overall state of the environment, with the ability to drill-down to the per-resource, per-policy granularity. It also helps to bring your resources to compliance through bulk remediation for existing resources and automatic remediation for new resources.
11. Azure Firewall
Azure Firewall is a managed, cloud-based network security service that protects your Azure Virtual Network resources. It’s a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability.
12. Azure Key Vault
Azure Key Vault is a tool for securely storing and accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, or certificates. A vault is a logical group of secrets.
13. Azure Information Protection (AIP)
Azure Information Protection (AIP) is a cloud-based solution that enables organizations to classify and protect documents and emails by applying labels. Labels can be applied: Automatically by administrators using rules and conditions. Manually by users.
14. Authentication
Authentication is the process of establishing the identity of a person or service looking to access a resource.
15. Azure Monitor & Azure Service Health
Azure Monitor
Azure Monitor maximizes the availability and performance of your applications by delivering a comprehensive solution for collecting, analyzing, and acting on telemetry from your cloud and on-premises environments. It helps you understand how your applications are performing and proactively identifies issues affecting them and the resources they depend on.
Azure Service Health
Azure Service Health is a suite of experiences that provide personalized guidance and support when issues with Azure services affect you. It can notify you, help you understand the impact of issues, and keep you updated as the issue is resolved. Azure Service Health can also help you prepare for planned maintenance and changes that could affect the availability of your resources.
16. Azure Private & Public Preview
Private Preview
This means that an Azure feature is available to specific Azure customers for evaluation purposes. This is typically by invite only and issued directly by the product team responsible for the feature or service.
Public Preview
This means that an Azure feature is available to all Azure customers for evaluation purposes.
17. Azure Site Recovery
Azure Site Recovery helps ensure business continuity by keeping business apps and workloads running during outages. Site Recovery replicates workloads running on physical and virtual machines (VMs) from a primary site to a secondary location. When an outage occurs at your primary site, you fail over to secondary location, and access apps from there. After the primary location is running again, you can fail back to it.
18. Azure Backup service
The Azure Backup service provides simple, secure, and cost-effective solutions to back up your data and recover it from the Microsoft Azure cloud.
Azure Backup key benefits
- Offload on-premises backup: Azure Backup offers a simple solution for backing up your on-premises resources to the cloud. Get short and long-term backup without the need to deploy complex on-premises backup solutions.
- Back up Azure IaaS VMs: Azure Backup provides independent and isolated backups to guard against accidental destruction of original data. Backups are stored in a Recovery Services vault with built-in management of recovery points. Configuration and scalability are simple, backups are optimized, and you can easily restore as needed.
- Scale easily — Azure Backup uses the underlying power and unlimited scale of the Azure cloud to deliver high-availability with no maintenance or monitoring overhead.
- Get unlimited data transfer: Azure Backup doesn’t limit the amount of inbound or outbound data you transfer, or charge for the data that is transferred.
Outbound data refers to data transferred from a Recovery Services vault during a restore operation.
If you perform an offline initial backup using the Azure Import/Export service to import large amounts of data, there’s a cost associated with inbound data.
- Keep data secure: Azure Backup provides solutions for securing data in transit and at rest.
- Centralized monitoring and management: Azure Backup provides built in monitoring and alerting capabilities in a Recovery Services vault. These capabilities are available without any additional management infrastructure. You can also increase the scale of your monitoring and reporting by using Azure Monitor.
- Get app-consistent backups: An application-consistent backup means a recovery point has all required data to restore the backup copy. Azure Backup provides application-consistent backups, which ensure additional fixes aren’t required to restore the data. Restoring application-consistent data reduces the restoration time, allowing you to quickly return to a running state.
- Retain short and long-term data: You can use Recovery Services vaults for short-term and long-term data retention.
- Automatic storage management — Hybrid environments often require heterogeneous storage — some on-premises and some in the cloud. With Azure Backup, there’s no cost for using on-premises storage devices. Azure Backup automatically allocates and manages backup storage, and it uses a pay-as-you-use model. So you only pay for the storage you consume.
- Multiple storage options — Azure Backup offers two types of replication to keep your storage/data highly available.
Locally redundant storage (LRS) replicates your data three times (it creates three copies of your data) in a storage scale unit in a datacenter. All copies of the data exist within the same region. LRS is a low-cost option for protecting your data from local hardware failures.
Geo-redundant storage (GRS) is the default and recommended replication option. GRS replicates your data to a secondary region (hundreds of miles away from the primary location of the source data). GRS costs more than LRS, but GRS provides a higher level of durability for your data, even if there’s a regional outage.
