Subido por Med Naj

10979D-ENU-Companion

Anuncio
O F F I C I A L
M I C R O S O F T
L E A R N I N G
P R O D U C T
10979D
Microsoft Azure Fundamentals
Companion Content
ii
Microsoft Azure Fundamentals
Information in this document, including URL and other Internet Web site references, is subject to change
without notice. Unless otherwise noted, the example companies, organizations, products, domain names,
e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association with
any real company, organization, product, domain name, e-mail address, logo, person, place or event is
intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the
user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in
or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical,
photocopying, recording, or otherwise), or for any purpose, without the express written permission of
Microsoft Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property
rights covering subject matter in this document. Except as expressly provided in any written license
agreement from Microsoft, the furnishing of this document does not give you any license to these
patents, trademarks, copyrights, or other intellectual property.
The names of manufacturers, products, or URLs are provided for informational purposes only and
Microsoft makes no representations and warranties, either expressed, implied, or statutory, regarding
these manufacturers or the use of the products with any Microsoft technologies. The inclusion of a
manufacturer or product does not imply endorsement of Microsoft of the manufacturer or product. Links
may be provided to third party sites. Such sites are not under the control of Microsoft and Microsoft is not
responsible for the contents of any linked site or any link contained in a linked site, or any changes or
updates to such sites. Microsoft is not responsible for webcasting or any other form of transmission
received from any linked site. Microsoft is providing these links to you only as a convenience, and the
inclusion of any link does not imply endorsement of Microsoft of the site or the products contained
therein.
© 2017 Microsoft Corporation. All rights reserved.
Microsoft and the trademarks listed at https://www.microsoft.com/enus/legal/intellectualproperty/Trademarks/Usage/General.aspx are trademarks of the Microsoft group of
companies. All other trademarks are property of their respective owners
Product Number: 10979D
Released: 09/2017
MICROSOFT LICENSE TERMS
MICROSOFT INSTRUCTOR-LED COURSEWARE
These license terms are an agreement between Microsoft Corporation (or based on where you live, one of its
affiliates) and you. Please read them. They apply to your use of the content accompanying this agreement which
includes the media on which you received it, if any. These license terms also apply to Trainer Content and any
updates and supplements for the Licensed Content unless other terms accompany those items. If so, those terms
apply.
BY ACCESSING, DOWNLOADING OR USING THE LICENSED CONTENT, YOU ACCEPT THESE TERMS.
IF YOU DO NOT ACCEPT THEM, DO NOT ACCESS, DOWNLOAD OR USE THE LICENSED CONTENT.
If you comply with these license terms, you have the rights below for each license you acquire.
1.
DEFINITIONS.
a. “Authorized Learning Center” means a Microsoft IT Academy Program Member, Microsoft Learning
Competency Member, or such other entity as Microsoft may designate from time to time.
b. “Authorized Training Session” means the instructor-led training class using Microsoft Instructor-Led
Courseware conducted by a Trainer at or through an Authorized Learning Center.
c.
“Classroom Device” means one (1) dedicated, secure computer that an Authorized Learning Center owns
or controls that is located at an Authorized Learning Center’s training facilities that meets or exceeds the
hardware level specified for the particular Microsoft Instructor-Led Courseware.
d. “End User” means an individual who is (i) duly enrolled in and attending an Authorized Training Session
or Private Training Session, (ii) an employee of a MPN Member, or (iii) a Microsoft full-time employee.
e. “Licensed Content” means the content accompanying this agreement which may include the Microsoft
Instructor-Led Courseware or Trainer Content.
f.
“Microsoft Certified Trainer” or “MCT” means an individual who is (i) engaged to teach a training session
to End Users on behalf of an Authorized Learning Center or MPN Member, and (ii) currently certified as a
Microsoft Certified Trainer under the Microsoft Certification Program.
g. “Microsoft Instructor-Led Courseware” means the Microsoft-branded instructor-led training course that
educates IT professionals and developers on Microsoft technologies. A Microsoft Instructor-Led
Courseware title may be branded as MOC, Microsoft Dynamics or Microsoft Business Group courseware.
h. “Microsoft IT Academy Program Member” means an active member of the Microsoft IT Academy
Program.
i.
“Microsoft Learning Competency Member” means an active member of the Microsoft Partner Network
program in good standing that currently holds the Learning Competency status.
j.
“MOC” means the “Official Microsoft Learning Product” instructor-led courseware known as Microsoft
Official Course that educates IT professionals and developers on Microsoft technologies.
k. “MPN Member” means an active Microsoft Partner Network program member in good standing.
l.
“Personal Device” means one (1) personal computer, device, workstation or other digital electronic device
that you personally own or control that meets or exceeds the hardware level specified for the particular
Microsoft Instructor-Led Courseware.
m. “Private Training Session” means the instructor-led training classes provided by MPN Members for
corporate customers to teach a predefined learning objective using Microsoft Instructor-Led Courseware.
These classes are not advertised or promoted to the general public and class attendance is restricted to
individuals employed by or contracted by the corporate customer.
n. “Trainer” means (i) an academically accredited educator engaged by a Microsoft IT Academy Program
Member to teach an Authorized Training Session, and/or (ii) a MCT.
o. “Trainer Content” means the trainer version of the Microsoft Instructor-Led Courseware and additional
supplemental content designated solely for Trainers’ use to teach a training session using the Microsoft
Instructor-Led Courseware. Trainer Content may include Microsoft PowerPoint presentations, trainer
preparation guide, train the trainer materials, Microsoft One Note packs, classroom setup guide and Prerelease course feedback form. To clarify, Trainer Content does not include any software, virtual hard
disks or virtual machines.
2.
USE RIGHTS. The Licensed Content is licensed not sold. The Licensed Content is licensed on a one copy
per user basis, such that you must acquire a license for each individual that accesses or uses the Licensed
Content.
2.1
Below are five separate sets of use rights. Only one set of rights apply to you.
a. If you are a Microsoft IT Academy Program Member:
i. Each license acquired on behalf of yourself may only be used to review one (1) copy of the Microsoft
Instructor-Led Courseware in the form provided to you. If the Microsoft Instructor-Led Courseware is
in digital format, you may install one (1) copy on up to three (3) Personal Devices. You may not
install the Microsoft Instructor-Led Courseware on a device you do not own or control.
ii. For each license you acquire on behalf of an End User or Trainer, you may either:
1. distribute one (1) hard copy version of the Microsoft Instructor-Led Courseware to one (1) End
User who is enrolled in the Authorized Training Session, and only immediately prior to the
commencement of the Authorized Training Session that is the subject matter of the Microsoft
Instructor-Led Courseware being provided, or
2. provide one (1) End User with the unique redemption code and instructions on how they can
access one (1) digital version of the Microsoft Instructor-Led Courseware, or
3. provide one (1) Trainer with the unique redemption code and instructions on how they can
access one (1) Trainer Content,
provided you comply with the following:
iii. you will only provide access to the Licensed Content to those individuals who have acquired a valid
license to the Licensed Content,
iv. you will ensure each End User attending an Authorized Training Session has their own valid licensed
copy of the Microsoft Instructor-Led Courseware that is the subject of the Authorized Training
Session,
v. you will ensure that each End User provided with the hard-copy version of the Microsoft InstructorLed Courseware will be presented with a copy of this agreement and each End User will agree that
their use of the Microsoft Instructor-Led Courseware will be subject to the terms in this agreement
prior to providing them with the Microsoft Instructor-Led Courseware. Each individual will be required
to denote their acceptance of this agreement in a manner that is enforceable under local law prior to
their accessing the Microsoft Instructor-Led Courseware,
vi. you will ensure that each Trainer teaching an Authorized Training Session has their own valid
licensed copy of the Trainer Content that is the subject of the Authorized Training Session,
vii. you will only use qualified Trainers who have in-depth knowledge of and experience with the
Microsoft technology that is the subject of the Microsoft Instructor-Led Courseware being taught for
all your Authorized Training Sessions,
viii. you will only deliver a maximum of 15 hours of training per week for each Authorized Training
Session that uses a MOC title, and
ix. you acknowledge that Trainers that are not MCTs will not have access to all of the trainer resources
for the Microsoft Instructor-Led Courseware.
b. If you are a Microsoft Learning Competency Member:
i. Each license acquired on behalf of yourself may only be used to review one (1) copy of the Microsoft
Instructor-Led Courseware in the form provided to you. If the Microsoft Instructor-Led Courseware is
in digital format, you may install one (1) copy on up to three (3) Personal Devices. You may not
install the Microsoft Instructor-Led Courseware on a device you do not own or control.
ii. For each license you acquire on behalf of an End User or Trainer, you may either:
1. distribute one (1) hard copy version of the Microsoft Instructor-Led Courseware to one (1) End
User attending the Authorized Training Session and only immediately prior to the
commencement of the Authorized Training Session that is the subject matter of the Microsoft
Instructor-Led Courseware provided, or
2. provide one (1) End User attending the Authorized Training Session with the unique redemption
code and instructions on how they can access one (1) digital version of the Microsoft InstructorLed Courseware, or
3. you will provide one (1) Trainer with the unique redemption code and instructions on how they
can access one (1) Trainer Content,
provided you comply with the following:
iii. you will only provide access to the Licensed Content to those individuals who have acquired a valid
license to the Licensed Content,
iv. you will ensure that each End User attending an Authorized Training Session has their own valid
licensed copy of the Microsoft Instructor-Led Courseware that is the subject of the Authorized
Training Session,
v. you will ensure that each End User provided with a hard-copy version of the Microsoft Instructor-Led
Courseware will be presented with a copy of this agreement and each End User will agree that their
use of the Microsoft Instructor-Led Courseware will be subject to the terms in this agreement prior to
providing them with the Microsoft Instructor-Led Courseware. Each individual will be required to
denote their acceptance of this agreement in a manner that is enforceable under local law prior to
their accessing the Microsoft Instructor-Led Courseware,
vi. you will ensure that each Trainer teaching an Authorized Training Session has their own valid
licensed copy of the Trainer Content that is the subject of the Authorized Training Session,
vii. you will only use qualified Trainers who hold the applicable Microsoft Certification credential that is
the subject of the Microsoft Instructor-Led Courseware being taught for your Authorized Training
Sessions,
viii. you will only use qualified MCTs who also hold the applicable Microsoft Certification credential that is
the subject of the MOC title being taught for all your Authorized Training Sessions using MOC,
ix. you will only provide access to the Microsoft Instructor-Led Courseware to End Users, and
x. you will only provide access to the Trainer Content to Trainers.
c.
If you are a MPN Member:
i. Each license acquired on behalf of yourself may only be used to review one (1) copy of the Microsoft
Instructor-Led Courseware in the form provided to you. If the Microsoft Instructor-Led Courseware is
in digital format, you may install one (1) copy on up to three (3) Personal Devices. You may not
install the Microsoft Instructor-Led Courseware on a device you do not own or control.
ii. For each license you acquire on behalf of an End User or Trainer, you may either:
1. distribute one (1) hard copy version of the Microsoft Instructor-Led Courseware to one (1) End
User attending the Private Training Session, and only immediately prior to the commencement
of the Private Training Session that is the subject matter of the Microsoft Instructor-Led
Courseware being provided, or
2. provide one (1) End User who is attending the Private Training Session with the unique
redemption code and instructions on how they can access one (1) digital version of the
Microsoft Instructor-Led Courseware, or
3. you will provide one (1) Trainer who is teaching the Private Training Session with the unique
redemption code and instructions on how they can access one (1) Trainer Content,
provided you comply with the following:
iii. you will only provide access to the Licensed Content to those individuals who have acquired a valid
license to the Licensed Content,
iv. you will ensure that each End User attending an Private Training Session has their own valid licensed
copy of the Microsoft Instructor-Led Courseware that is the subject of the Private Training Session,
v. you will ensure that each End User provided with a hard copy version of the Microsoft Instructor-Led
Courseware will be presented with a copy of this agreement and each End User will agree that their
use of the Microsoft Instructor-Led Courseware will be subject to the terms in this agreement prior to
providing them with the Microsoft Instructor-Led Courseware. Each individual will be required to
denote their acceptance of this agreement in a manner that is enforceable under local law prior to
their accessing the Microsoft Instructor-Led Courseware,
vi. you will ensure that each Trainer teaching an Private Training Session has their own valid licensed
copy of the Trainer Content that is the subject of the Private Training Session,
vii. you will only use qualified Trainers who hold the applicable Microsoft Certification credential that is
the subject of the Microsoft Instructor-Led Courseware being taught for all your Private Training
Sessions,
viii. you will only use qualified MCTs who hold the applicable Microsoft Certification credential that is the
subject of the MOC title being taught for all your Private Training Sessions using MOC,
ix. you will only provide access to the Microsoft Instructor-Led Courseware to End Users, and
x. you will only provide access to the Trainer Content to Trainers.
d. If you are an End User:
For each license you acquire, you may use the Microsoft Instructor-Led Courseware solely for your
personal training use. If the Microsoft Instructor-Led Courseware is in digital format, you may access the
Microsoft Instructor-Led Courseware online using the unique redemption code provided to you by the
training provider and install and use one (1) copy of the Microsoft Instructor-Led Courseware on up to
three (3) Personal Devices. You may also print one (1) copy of the Microsoft Instructor-Led Courseware.
You may not install the Microsoft Instructor-Led Courseware on a device you do not own or control.
e. If you are a Trainer.
For each license you acquire, you may install and use one (1) copy of the Trainer Content in the
i.
form provided to you on one (1) Personal Device solely to prepare and deliver an Authorized
Training Session or Private Training Session, and install one (1) additional copy on another Personal
Device as a backup copy, which may be used only to reinstall the Trainer Content. You may not
install or use a copy of the Trainer Content on a device you do not own or control. You may also
print one (1) copy of the Trainer Content solely to prepare for and deliver an Authorized Training
Session or Private Training Session.
ii.
You may customize the written portions of the Trainer Content that are logically associated with
instruction of a training session in accordance with the most recent version of the MCT agreement.
If you elect to exercise the foregoing rights, you agree to comply with the following: (i)
customizations may only be used for teaching Authorized Training Sessions and Private Training
Sessions, and (ii) all customizations will comply with this agreement. For clarity, any use of
“customize” refers only to changing the order of slides and content, and/or not using all the slides or
content, it does not mean changing or modifying any slide or content.
2.2 Separation of Components. The Licensed Content is licensed as a single unit and you may not
separate their components and install them on different devices.
2.3 Redistribution of Licensed Content. Except as expressly provided in the use rights above, you may
not distribute any Licensed Content or any portion thereof (including any permitted modifications) to any
third parties without the express written permission of Microsoft.
2.4 Third Party Notices. The Licensed Content may include third party code tent that Microsoft, not the
third party, licenses to you under this agreement. Notices, if any, for the third party code ntent are included
for your information only.
2.5 Additional Terms. Some Licensed Content may contain components with additional terms,
conditions, and licenses regarding its use. Any non-conflicting terms in those conditions and licenses also
apply to your use of that respective component and supplements the terms described in this agreement.
3.
LICENSED CONTENT BASED ON PRE-RELEASE TECHNOLOGY. If the Licensed Content’s subject
matter is based on a pre-release version of Microsoft technology (“Pre-release”), then in addition to the
other provisions in this agreement, these terms also apply:
a. Pre-Release Licensed Content. This Licensed Content subject matter is on the Pre-release version of
the Microsoft technology. The technology may not work the way a final version of the technology will
and we may change the technology for the final version. We also may not release a final version.
Licensed Content based on the final version of the technology may not contain the same information as
the Licensed Content based on the Pre-release version. Microsoft is under no obligation to provide you
with any further content, including any Licensed Content based on the final version of the technology.
b. Feedback. If you agree to give feedback about the Licensed Content to Microsoft, either directly or
through its third party designee, you give to Microsoft without charge, the right to use, share and
commercialize your feedback in any way and for any purpose. You also give to third parties, without
charge, any patent rights needed for their products, technologies and services to use or interface with
any specific parts of a Microsoft technology, Microsoft product, or service that includes the feedback.
You will not give feedback that is subject to a license that requires Microsoft to license its technology,
technologies, or products to third parties because we include your feedback in them. These rights
survive this agreement.
c.
Pre-release Term. If you are an Microsoft IT Academy Program Member, Microsoft Learning
Competency Member, MPN Member or Trainer, you will cease using all copies of the Licensed Content on
the Pre-release technology upon (i) the date which Microsoft informs you is the end date for using the
Licensed Content on the Pre-release technology, or (ii) sixty (60) days after the commercial release of the
technology that is the subject of the Licensed Content, whichever is earliest (“Pre-release term”).
Upon expiration or termination of the Pre-release term, you will irretrievably delete and destroy all copies
of the Licensed Content in your possession or under your control.
4.
SCOPE OF LICENSE. The Licensed Content is licensed, not sold. This agreement only gives you some
rights to use the Licensed Content. Microsoft reserves all other rights. Unless applicable law gives you more
rights despite this limitation, you may use the Licensed Content only as expressly permitted in this
agreement. In doing so, you must comply with any technical limitations in the Licensed Content that only
allows you to use it in certain ways. Except as expressly permitted in this agreement, you may not:
•
access or allow any individual to access the Licensed Content if they have not acquired a valid license
for the Licensed Content,
•
alter, remove or obscure any copyright or other protective notices (including watermarks), branding
or identifications contained in the Licensed Content,
•
modify or create a derivative work of any Licensed Content,
•
publicly display, or make the Licensed Content available for others to access or use,
•
copy, print, install, sell, publish, transmit, lend, adapt, reuse, link to or post, make available or
distribute the Licensed Content to any third party,
•
work around any technical limitations in the Licensed Content, or
•
reverse engineer, decompile, remove or otherwise thwart any protections or disassemble the
Licensed Content except and only to the extent that applicable law expressly permits, despite this
limitation.
5. RESERVATION OF RIGHTS AND OWNERSHIP. Microsoft reserves all rights not expressly granted to
you in this agreement. The Licensed Content is protected by copyright and other intellectual property laws
and treaties. Microsoft or its suppliers own the title, copyright, and other intellectual property rights in the
Licensed Content.
6.
EXPORT RESTRICTIONS. The Licensed Content is subject to United States export laws and regulations.
You must comply with all domestic and international export laws and regulations that apply to the Licensed
Content. These laws include restrictions on destinations, end users and end use. For additional information,
see www.microsoft.com/exporting.
7.
SUPPORT SERVICES. Because the Licensed Content is “as is”, we may not provide support services for it.
8.
TERMINATION. Without prejudice to any other rights, Microsoft may terminate this agreement if you fail
to comply with the terms and conditions of this agreement. Upon termination of this agreement for any
reason, you will immediately stop all use of and delete and destroy all copies of the Licensed Content in
your possession or under your control.
9.
LINKS TO THIRD PARTY SITES. You may link to third party sites through the use of the Licensed
Content. The third party sites are not under the control of Microsoft, and Microsoft is not responsible for
the contents of any third party sites, any links contained in third party sites, or any changes or updates to
third party sites. Microsoft is not responsible for webcasting or any other form of transmission received
from any third party sites. Microsoft is providing these links to third party sites to you only as a
convenience, and the inclusion of any link does not imply an endorsement by Microsoft of the third party
site.
10.
ENTIRE AGREEMENT. This agreement, and any additional terms for the Trainer Content, updates and
supplements are the entire agreement for the Licensed Content, updates and supplements.
11.
APPLICABLE LAW.
a. United States. If you acquired the Licensed Content in the United States, Washington state law governs
the interpretation of this agreement and applies to claims for breach of it, regardless of conflict of laws
principles. The laws of the state where you live govern all other claims, including claims under state
consumer protection laws, unfair competition laws, and in tort.
b. Outside the United States. If you acquired the Licensed Content in any other country, the laws of that
country apply.
12.
LEGAL EFFECT. This agreement describes certain legal rights. You may have other rights under the laws
of your country. You may also have rights with respect to the party from whom you acquired the Licensed
Content. This agreement does not change your rights under the laws of your country if the laws of your
country do not permit it to do so.
13.
DISCLAIMER OF WARRANTY. THE LICENSED CONTENT IS LICENSED "AS-IS" AND "AS
AVAILABLE." YOU BEAR THE RISK OF USING IT. MICROSOFT AND ITS RESPECTIVE
AFFILIATES GIVES NO EXPRESS WARRANTIES, GUARANTEES, OR CONDITIONS. YOU MAY
HAVE ADDITIONAL CONSUMER RIGHTS UNDER YOUR LOCAL LAWS WHICH THIS AGREEMENT
CANNOT CHANGE. TO THE EXTENT PERMITTED UNDER YOUR LOCAL LAWS, MICROSOFT AND
ITS RESPECTIVE AFFILIATES EXCLUDES ANY IMPLIED WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT.
14.
LIMITATION ON AND EXCLUSION OF REMEDIES AND DAMAGES. YOU CAN RECOVER FROM
MICROSOFT, ITS RESPECTIVE AFFILIATES AND ITS SUPPLIERS ONLY DIRECT DAMAGES UP
TO US$5.00. YOU CANNOT RECOVER ANY OTHER DAMAGES, INCLUDING CONSEQUENTIAL,
LOST PROFITS, SPECIAL, INDIRECT OR INCIDENTAL DAMAGES.
This limitation applies to
o
anything related to the Licensed Content, services, content (including code) on third party Internet
sites or third-party programs; and
o
claims for breach of contract, breach of warranty, guarantee or condition, strict liability, negligence,
or other tort to the extent permitted by applicable law.
It also applies even if Microsoft knew or should have known about the possibility of the damages. The
above limitation or exclusion may not apply to you because your country may not allow the exclusion or
limitation of incidental, consequential or other damages.
Please note: As this Licensed Content is distributed in Quebec, Canada, some of the clauses in this
agreement are provided below in French.
Remarque : Ce le contenu sous licence étant distribué au Québec, Canada, certaines des clauses
dans ce contrat sont fournies ci-dessous en français.
EXONÉRATION DE GARANTIE. Le contenu sous licence visé par une licence est offert « tel quel ». Toute
utilisation de ce contenu sous licence est à votre seule risque et péril. Microsoft n’accorde aucune autre garantie
expresse. Vous pouvez bénéficier de droits additionnels en vertu du droit local sur la protection dues
consommateurs, que ce contrat ne peut modifier. La ou elles sont permises par le droit locale, les garanties
implicites de qualité marchande, d’adéquation à un usage particulier et d’absence de contrefaçon sont exclues.
LIMITATION DES DOMMAGES-INTÉRÊTS ET EXCLUSION DE RESPONSABILITÉ POUR LES
DOMMAGES. Vous pouvez obtenir de Microsoft et de ses fournisseurs une indemnisation en cas de dommages
directs uniquement à hauteur de 5,00 $ US. Vous ne pouvez prétendre à aucune indemnisation pour les autres
dommages, y compris les dommages spéciaux, indirects ou accessoires et pertes de bénéfices.
Cette limitation concerne:
• tout ce qui est relié au le contenu sous licence, aux services ou au contenu (y compris le code)
figurant sur des sites Internet tiers ou dans des programmes tiers; et.
• les réclamations au titre de violation de contrat ou de garantie, ou au titre de responsabilité
stricte, de négligence ou d’une autre faute dans la limite autorisée par la loi en vigueur.
Elle s’applique également, même si Microsoft connaissait ou devrait connaître l’éventualité d’un tel dommage. Si
votre pays n’autorise pas l’exclusion ou la limitation de responsabilité pour les dommages indirects, accessoires
ou de quelque nature que ce soit, il se peut que la limitation ou l’exclusion ci-dessus ne s’appliquera pas à votre
égard.
EFFET JURIDIQUE. Le présent contrat décrit certains droits juridiques. Vous pourriez avoir d’autres droits
prévus par les lois de votre pays. Le présent contrat ne modifie pas les droits que vous confèrent les lois de votre
pays si celles-ci ne le permettent pas.
Revised July 2013
Getting started with Microsoft Azure 1-1
Module 1
Getting started with Microsoft Azure
Contents:
Lesson 2: What is Azure?
2
Lesson 3: Managing Azure
4
Lesson 4: Subscription management, support, and billing
6
Module Review and Takeaways
9
Lab Review Questions and Answers
10
1-2 Microsoft Azure Fundamentals
Lesson 2
What is Azure?
Contents:
Question and Answers
3
Resources
3
Getting started with Microsoft Azure 1-3
Question and Answers
Question: Which of the following items did Azure Resource Manager introduce?
( ) Tags
( ) Template-based deployment
( ) Role-based access control (RBAC)
( ) An Azure Web portal
( ) Windows PowerShell-based management of Azure services
Answer:
(√) Tags
(√) Template-based deployment
(√) Role-based access control (RBAC)
( ) An Azure Web portal
( ) Windows PowerShell-based management of Azure services
Feedback:
Azure Resource Manager introduced the concept of resource groups, and made it possible for
you to tag these groups’ resources and delegate administrative access via Role-Based Access
Control (RBAC).
The Web portal and Windows PowerShell-based management were available in the Service
Management (classic) model, and they are available in both management models. However, the
portal interface has changed considerably.
Resources
Overview of Azure
Additional Reading: For more information on newly announced Azure geographies and
regions, including planned regional datacenter deployments, refer to “Azure Regions” at:
http://aka.ms/Tzcz4g
Overview of Azure services
Additional Reading: For a full list of services that are currently available in Azure, refer to
the “Popular products” section at: http://aka.ms/Qe9skc
1-4 Microsoft Azure Fundamentals
Lesson 3
Managing Azure
Contents:
Question and Answers
5
Resources
5
Getting started with Microsoft Azure 1-5
Question and Answers
Question: Which of the following are limitations of the Azure classic portal?
( ) You cannot view resources deployed by using Azure Resource Manager templates.
( ) You cannot view resources by using Service Management deployment model.
( ) You cannot delegate permissions by using RBAC.
( ) You cannot modify subscription level settings.
( ) You cannot use tagging.
Answer:
(√) You cannot view resources deployed by using Azure Resource Manager templates.
( ) You cannot view resources by using Service Management deployment model.
(√) You cannot delegate permissions by using RBAC.
( ) You cannot modify subscription level settings.
(√) You cannot use tagging.
Feedback:
In the Azure classic portal interface, you cannot use any of the features that the Azure Resource
Manager deployment model introduces, such as Azure Resource Manager resources (which are in
Azure Resource Manager template-based deployments), tagging, or RBAC. However, you can use
it to view and manage services that you deploy by using Service Management model. You also
can modify subscription-level settings by using the SETTINGS page.
Resources
Client tools
Additional Reading: To develop applications that target Azure in Visual Studio, install the
Azure SDK for .NET, from “Downloads, Get the SDKs and command-line tools you need” at:
http://aka.ms/ywmvxt
1-6 Microsoft Azure Fundamentals
Lesson 4
Subscription management, support, and billing
Contents:
Question and Answers
7
Resources
7
Getting started with Microsoft Azure 1-7
Question and Answers
Question: You are a Service Administrator of an Azure subscription. What method do we recommend for
delegating the ability to manage some of your subscription’s resources to another user?
( ) Configure the user as the Account Administrator
( ) Configure the user as the Service Administrator
( ) Configure the user as a Co-Administrator
( ) Configure the user as the Owner of the subscription by using RBAC
( ) Configure the user as the Owner of the resources by using RBAC
Answer:
( ) Configure the user as the Account Administrator
( ) Configure the user as the Service Administrator
( ) Configure the user as a Co-Administrator
( ) Configure the user as the Owner of the subscription by using RBAC
(√) Configure the user as the Owner of the resources by using RBAC
Feedback:
You should use RBAC to configure the user as the Owner of the resources. This complies with the
principle of least privilege and is the most secure solution.
Configuring the user as the Account Administrator would not have the desired outcome, because
the Account Administrator does not have privileges to manage subscription services. You cannot
configure the user as the Service Administrator, because there can be only one Service
Administrator. Lastly, while configuring the user as Co-Administrator would allow that user to
manage any resources in the subscription, we do not recommend this as it is excessive.
Resources
Accounts, subscriptions, administrative roles, and RBAC
Additional Reading: You can access the Azure Account Center from the Microsoft website
at: http://aka.ms/Cbnltm
Azure billing and support options
Additional Reading: For more information about the Pay-As-You-Go plan, including
usage quotas, refer to “Pay-As-You-Go” at: http://aka.ms/Gote79
Additional Reading: For more information, refer to “Get Started with Azure in Open
Licensing” at: http://aka.ms/Kem08f
Additional Reading: For more information, refer to “Licensing Azure for the Enterprise” at:
http://aka.ms/Voag7x
Additional Reading: For more information about Microsoft Azure FAQs, refer to
https://aka.ms/emtve7
Additional Reading: For more information about Microsoft Azure pricing, refer to
https://aka.ms/qoc6im
1-8 Microsoft Azure Fundamentals
Additional Reading: For more information about members’ benefits, refer to “Member
Offers” at: http://aka.ms/Nse6tf
Additional Reading: For more information about support plans, refer to “Azure Support
For Customers” at: http://aka.ms/cqf65f
Azure pricing
Additional Reading: For more information, refer to “Azure pricing” at: http://aka.ms/Svvfpj
Getting started with Microsoft Azure 1-9
Module Review and Takeaways
Review Question
Question: What are the three categories of cloud services?
Answer: Cloud services generally fall into one of the following three categories:
•
Software as a service (SaaS)
•
Platform as a service (PaaS)
•
Infrastructure as a service (IaaS)
1-10 Microsoft Azure Fundamentals
Lab Review Questions and Answers
Lab: Using the Azure portals
Question and Answers
Question: The lab showed you how you use different methods to view charges of services and resources
in your subscription. Which method allows you to download an Excel spreadsheet that contains billing
data?
Answer: Account Portal
Feedback: Account Portal. While you can view billing and usage data in the Azure portal, the
Azure classic portal, and the Account Portal, only the Account Portal provides the option to
download an Excel spreadsheet that contains billing data.
Microsoft Azure management tools 2-1
Module 2
Microsoft Azure management tools
Contents:
Lesson 1: What is Azure PowerShell?
2
Lesson 2: Azure SDK and Azure CLI
5
Module Review and Takeaways
7
Lab Review Questions and Answers
8
2-2 Microsoft Azure Fundamentals
Lesson 1
What is Azure PowerShell?
Contents:
Question and Answers
3
Resources
3
Microsoft Azure management tools 2-3
Question and Answers
Question: Which cmdlet should you use if you want to authenticate to your subscription and manage
Azure Resource Manager resources?
( ) Select-AzureRmSubscription
( ) Add-AzureAccount
( ) Add-AzureRmAccount
( ) Select-AzureSubscription
( ) Get-AzureRmContext
Answer:
( ) Select-AzureRmSubscription
( ) Add-AzureAccount
(√) Add-AzureRmAccount
( ) Select-AzureSubscription
( ) Get-AzureRmContext
Feedback:
The Add-AzureRmAccount cmdlet prompts you for credentials to authenticate to your Azure
subscription, providing you with the ability to manage its Azure Resource Manager resources. The
Add-AzureAccount cmdlet behaves in a similar manner but provides access to Service
Management services. You can use the Select-AzureRmSubscription and SelectAzureSubscription cmdlets to select the target subscription you want to manage after you
authenticate. You can use the Get-AzureRmContext cmdlet to identify your current context but
not to trigger authentication.
Resources
Introduction to Windows PowerShell
Additional Reading: For more information, refer to “PowerShell Tools for Visual Studio
2017” at https://aka.ms/iz4i9p.
Additional Reading: For more information, refer to Visual Studio Code:
http://aka.ms/Frdda1
Introduction to Azure PowerShell
Additional Reading: For more information, refer to “Downloads” at https://aka.ms/wiu6qp.
Additional Reading: For more information, refer to “Windows Management Framework
5.1” at https://aka.ms/n4hlto.
Additional Reading: For more information, refer to PackageManagement PowerShell
Modules Preview: http://aka.ms/Onym5y
Additional Reading: For more information, refer to “Azure/azure-powershell” at
http://aka.ms/Vep7fj.
2-4 Microsoft Azure Fundamentals
Managing Azure subscriptions by using Azure PowerShell
Additional Reading: The expiration time for an Azure AD authentication token depends
on several factors. For more information, refer to “Configurable token lifetimes in Azure Active
Directory (Public Preview)” at https://aka.ms/k2mtil.
Microsoft Azure management tools 2-5
Lesson 2
Azure SDK and Azure CLI
Contents:
Question and Answers
6
Resources
6
2-6 Microsoft Azure Fundamentals
Question and Answers
Question: You have successfully authenticated and connected to your Azure subscription in an Azure CLI
1.0 session. You currently manage Azure Resource Manager resources. Which Azure CLI command should
you run if you want to manage Azure classic resources?
( ) azure config mode arm
( ) azure config mode asm
( ) azure login
( ) azure account list
( ) azure account set
Answer:
( ) azure config mode arm
(√) azure config mode asm
( ) azure login
( ) azure account list
( ) azure account set
Feedback:
You should use the azure config mode asm command. This allows you to switch from the Azure
Resource Manager mode to the classic mode. You use the first command, azure config mode
arm, to switch back to the Azure Resource Manager mode. You use azure login to authenticate.
You use the last two commands, azure account list and azure account set, to list and set the
target Azure subscription, which is already configured per the question.
Alternatively, you could use Azure CLI 2.0, if you installed it on your computer. Another option is
to use Azure Cloud Shell, which is accessible directly from the Azure portal.
Resources
What is the Azure SDK?
Additional Reading: For more information, refer to Downloads: http://aka.ms/Nc0773
Additional Reading: For more information, refer to What is the Azure SDK for .NET?:
http://aka.ms/Rixh0i
Introduction to the Azure CLI
Additional Reading: For more information about installing Azure CLI 1.0, refer to
“Microsoft Azure Xplat-CLI for Windows, Mac and Linux” at https://aka.ms/q3asut.
Additional Reading: For more information about installing Azure CLI 2.0, refer to “Install
Azure CLI 2.0” at https://aka.ms/ultvco.
Microsoft Azure management tools 2-7
Module Review and Takeaways
Review Question
Question: Which method would you choose to automate the management of your Azure environment?
Answer: The most common answers will likely include Azure PowerShell or the Azure CLI. The
answers will likely depend on the students’ level of familiarity with Windows PowerShell and
Linux shell scripting.
2-8 Microsoft Azure Fundamentals
Lab Review Questions and Answers
Lab: Using Microsoft Azure management tools
Question and Answers
Question: What must you do in order to use Azure CLI to manage classic resources?
Answer: To manage classic resources, you must install Azure CLI 1.0. Azure CLI 2.0 only supports
the Azure Resource Manager deployment model.
Virtual machines in Microsoft Azure 3-1
Module 3
Virtual machines in Microsoft Azure
Contents:
Lesson 1: Creating and configuring VMs
2
Lesson 2: Configuring disks
4
Module Review and Takeaways
6
Lab Review Questions and Answers
7
3-2 Microsoft Azure Fundamentals
Lesson 1
Creating and configuring VMs
Contents:
Question and Answers
3
Resources
3
Virtual machines in Microsoft Azure 3-3
Question and Answers
Question: What is the maximum number of fault domains in an availability set consisting of Azure VMs
that were deployed by using the Azure Resource Manager deployment model?
( )2
( )3
( )5
( ) 20
( ) 50
Answer:
( )2
(√) 3
( )5
( ) 20
( ) 50
Feedback:
Azure Resource Manager assigns up to three fault domains to an availability set consisting of
Azure VMs.
Resources
Creating a VM from an Azure Resource Manager template
Additional Reading: For more information, refer to Azure Quickstart Templates:
http://aka.ms/Qgh9jn
Additional Reading: For more information, refer to Create a Windows virtual machine with
a Resource Manager template: http://aka.ms/Bt1gf6
Configuring an operating system by using VM extensions
Additional Reading: For more information, refer to “Virtual machine extensions and
features for Windows” at http://aka.ms/B8t3pl and “Virtual machine extensions and features for
Linux” at https://aka.ms/qb84ta.
Connecting to a VM
Additional Reading: You can connect to an Azure Linux VM via Remote Desktop by using
functionality that the xrdp open source RDP server provides. To accomplish this, you must install
xrdp on the target Linux VM. For more information, refer to “Using Remote Desktop to connect
to a Microsoft Azure Linux VM” at https://aka.ms/i32wgz.
3-4 Microsoft Azure Fundamentals
Lesson 2
Configuring disks
Contents:
Question and Answers
5
Resources
5
Virtual machines in Microsoft Azure 3-5
Question and Answers
Question: You have a Microsoft Azure VM that runs Windows Server 2016 with a single data disk with a
size of 4 TB. You need to create a 7-TB file system volume. What should you do?
( ) Attach one disk. Create a Storage Spaces–based volume with the simple layout.
( ) Increase the size of the data disk.
( ) Attach one disk. Convert data disks to dynamic disks and create a stripe.
( ) Attach one disk. Create a Storage Spaces–based volume with the parity layout.
( ) Convert the data disk to Premium Storage and increase the size of the disk.
Answer:
(√) Attach one disk. Create a Storage Spaces–based volume with the simple layout.
( ) Increase the size of the data disk.
( ) Attach one disk. Convert data disks to dynamic disks and create a stripe.
( ) Attach one disk. Create a Storage Spaces–based volume with the parity layout.
( ) Convert the data disk to Premium Storage and increase the size of the disk.
Feedback:
To accomplish this objective, you should create a two-disk Storage Spaces–based volume with
the simple layout. This will yield usable space of 8 TB. 4 TB is the maximum size of page blobs, so
you cannot increase the disk size. Striping by using dynamic disks was deprecated in Windows
Server 2012. Parity layout requires at least three disks. Premium Storage is subject to the same
size limitations as standard storage, so the maximum size of the disk is 4 TB.
Resources
Azure VMs disk mobility
Additional Reading: Azure REST API is beyond the scope of this course. If you want to
explore this topic further, refer to “Snapshot Blob” at https://aka.ms/dupgph.
Configuring storage in Windows and Linux VMs
Additional Reading: For more information regarding LVM, refer to “Configure LVM on a
Linux VM in Azure” at https://aka.ms/d44xh4. For more information regarding mdadm, refer to
“Configure Software RAID on Linux” at https://aka.ms/n8yavz.
3-6 Microsoft Azure Fundamentals
Module Review and Takeaways
Review Questions
Question: How does your organization use virtualization? Did you implement any public or private cloud
solutions with your virtualization solution?
Answer: Answers might vary, but most students will probably already have virtualization
deployed. Also, some students might have deployed private cloud solutions by using systems
such as Microsoft System Center 2012.
Question: Based on what you learned in this module, for what purpose would you choose Azure VM
deployment?
Answer: Answers might vary, but will likely include implementations that must accommodate
dynamically changing demand (such as a customer-facing website that must quickly adjust to
fluctuations in its workload) or that involve temporary setup (frequently required by proof-ofconcept or development projects).
Virtual machines in Microsoft Azure 3-7
Lab Review Questions and Answers
Lab: Creating a VM in Azure
Question and Answers
Question: What type of connection can you establish to the VM in Azure by default?
Answer: You can establish a RDP connection to Windows-based VMs and a Secure Shell (SSH)
connection to Linux-based VMs.
Web Apps and cloud services 4-1
Module 4
Web Apps and cloud services
Contents:
Lesson 1: Creating and configuring web apps
2
Lesson 2: Deploying and monitoring web apps
4
Lesson 3: Creating and deploying PaaS cloud services
6
Module Review and Takeaways
8
Lab Review Questions and Answers
9
4-2 Microsoft Azure Fundamentals
Lesson 1
Creating and configuring web apps
Contents:
Question and Answers
3
Resources
3
Web Apps and cloud services 4-3
Question and Answers
Question: You work as a developer for your organization, and your manager wants you to list the major
benefits of using Azure App Service. What would you tell him?
Answer: Some of the most important benefits of Azure App Service include:
•
Rapid deployment of web and mobile apps.
•
Native support for staged deployments.
•
Support for most common development platforms.
Resources
Creating and maintaining web apps
Additional Reading: For App Service Plan Pricing Details, refer to “App Service pricing” at
http://aka.ms/Nmhpka.
Configuring and scaling web apps
Additional Reading: For more information about scaling web apps, refer to “Scale up an
app in Azure” at http://aka.ms/Peyuez.
4-4 Microsoft Azure Fundamentals
Lesson 2
Deploying and monitoring web apps
Contents:
Question and Answers
5
Resources
5
Web Apps and cloud services 4-5
Question and Answers
Question: What are the benefits of deployment slots, and how can you move your web app between
different slots?
Answer: You can create deployments slots for production and development. You can validate
the status of your web app in the staging deployment slot and swap it into production after the
validation is complete. Furthermore, if it turns out that the newly deployed version of the web
app is not functioning properly, you have the flexibility to perform an instant rollback.
Resources
Options for creating and publishing web app content
Additional Reading: To download the MSDeploy.exe tool, refer to “Web Deploy 3.6” at
http://aka.ms/D8g047.
Publishing a web app from Visual Studio
Additional Reading: For information on how to use Visual Studio to publish ASP.NET
websites on the Deploy an ASP.NET web app to Azure App Service by using Visual Studio
webpage, refer to “Create an ASP.NET web app in Azure” at http://aka.ms/C4mv1m.
Performing staged deployments
Additional Reading: For more information on the configuration steps for a Git repository
in Visual Studio Team Services, refer to “Continuous Delivery for Cloud Services in Azure” at
http://aka.ms/A1pvoq.
4-6 Microsoft Azure Fundamentals
Lesson 3
Creating and deploying PaaS cloud services
Contents:
Question and Answers
7
Web Apps and cloud services 4-7
Question and Answers
Question: What scenarios do you consider to be most suitable for deployment of web apps in Azure?
Answer: Answers might vary based on the students’ organizational requirements and current
infrastructure.
4-8 Microsoft Azure Fundamentals
Module Review and Takeaways
Best Practices
The Web Apps feature of Azure App Service is the primary choice for the majority of web apps for a
number of reasons:
•
Both deployment and website management are integrated into the Azure platform.
•
You can scale your sites rapidly to handle high-volume traffic.
•
Web apps have the built-in support for load balancing.
•
You can move your existing web apps to Azure quickly and easily with an online migration tool.
•
You can use an open-source app from the Azure Marketplace or create a new site by using the
framework and tools of your choice.
Note that, in some situations, you might need a higher level of control over your web apps. For example,
you might require the ability to connect remotely to your server or to configure server startup tasks. In
such cases, Azure Cloud Services might be a better option. However, if such an application requires
significant modifications to run as an Azure cloud service, you might want to consider using an Azure
virtual machine to host it.
Review Question
Question: From a management standpoint, what is the key difference between using a web app and an
Azure virtual machine with the IIS server role installed to host your web apps?
Answer: Azure web apps provide a fully managed PaaS, whereas the Azure virtual machine does
not.
Web Apps and cloud services 4-9
Lab Review Questions and Answers
Lab: Web Apps and cloud services
Question and Answers
Question: In the lab, you created an Azure cloud service. Which two files did you require to create the
cloud service?
Answer: The two files required were the service package file (.cspkg) and the service
configuration file (.cscfg).
Creating and configuring virtual networks 5-1
Module 5
Creating and configuring virtual networks
Contents:
Lesson 1: Getting started with virtual networks
2
Lesson 2: Configuring Azure networking
4
Lesson 3: Getting started with Azure Load Balancer
6
Module Review and Takeaways
8
Lab Review Questions and Answers
9
5-2 Microsoft Azure Fundamentals
Lesson 1
Getting started with virtual networks
Contents:
Question and Answers
3
Creating and configuring virtual networks 5-3
Question and Answers
Question: Which of the following Azure services support direct connectivity to an Azure virtual network?
( ) Azure SQL Database
( ) Azure Active Directory
( ) Azure Virtual Machines
( ) Azure PaaS Cloud Services
( ) Web Apps
Answer:
( ) Azure SQL Database
( ) Azure Active Directory
(√) Azure Virtual Machines
(√) Azure PaaS Cloud Services
(√) Web Apps
Feedback:
Azure virtual machines are automatically placed on a virtual network during their deployment.
You also have the option to connect web and worker roles of an Azure PaaS cloud service directly
to a virtual network. In the case of Azure Web apps, you can connect them via a point-to-site
VPN. Azure SQL databases and Azure Active Directory tenants are not virtual network-aware.
5-4 Microsoft Azure Fundamentals
Lesson 2
Configuring Azure networking
Contents:
Question and Answers
5
Creating and configuring virtual networks 5-5
Question and Answers
Question: What is the smallest subnet that you can implement in an Azure virtual network?
( ) /24
( ) /26
( ) /29
( ) /30
( ) /31
Answer:
( ) /24
( ) /26
(√) /29
( ) /30
( ) /31
Feedback:
There are five IP addresses on each subnet that Azure platform reserves for its internal use. The
smallest subnet you can implement is /29.
5-6 Microsoft Azure Fundamentals
Lesson 3
Getting started with Azure Load Balancer
Contents:
Question and Answers
7
Creating and configuring virtual networks 5-7
Question and Answers
Question: Is it mandatory to set up a custom Domain Name System (DNS) on your Azure virtual network?
Answer: No, it is not. If you do not set up the DNS, your network will use the Azure build in
name resolution.
5-8 Microsoft Azure Fundamentals
Module Review and Takeaways
Review Question
Question: If you decide to implement some of your services on the Azure platform, would you need to
create Azure virtual networks?
Answer: The answers might vary, but in general:
•
•
•
•
You must create virtual networks when deploying Azure VMs.
Virtual networks are optional when deploying Azure PaaS Cloud Services.
The Web Apps feature of Azure App Service supports integration with the Azure virtual
networks to facilitate direct connectivity to Azure VMs.
Services such as Azure SQL Database or Azure Active Directory do not connect directly to
virtual networks.
Creating and configuring virtual networks 5-9
Lab Review Questions and Answers
Lab: Create and configure virtual networks
Question and Answers
Question: Can you move virtual machines that you created in the lab to a different virtual network?
Answer: No. You would have to redeploy these virtual machines.
You can easily move Azure virtual machines between subnets on the same virtual network. You
cannot move virtual machines between virtual networks. Doing so requires redeployment.
Question: Will you be able to successfully ping the two virtual machines on the virtual network?
Answer: No, which is the reason that in the lab, the test involved using the Remote Desktop
Protocol.
Ping functionality relies on the Internet Control Message protocol (ICMP), which by default is
blocked by Windows Firewall on each of the two Azure virtual machines.
Cloud storage 6-1
Module 6
Cloud storage
Contents:
Lesson 1: Understanding cloud storage
2
Lesson 2: Create and manage storage
4
Module Review and Takeaways
6
Lab Review Questions and Answers
7
6-2 Microsoft Azure Fundamentals
Lesson 1
Understanding cloud storage
Contents:
Question and Answers
3
Resources
3
Cloud storage 6-3
Question and Answers
Question: What type of Azure Storage would you use for storing virtual disk files for Azure virtual
machines (VMs)?
( ) Page blobs
( ) Block blobs
( ) Table storage
( ) Append blobs
( ) File storage
Answer:
(√) Page blobs
( ) Block blobs
( ) Table storage
( ) Append blobs
( ) File storage
Feedback:
The only possibility for virtual disk file storage of Azure VMs is page blobs. This type of storage is
optimized for random access.
Resources
Overview of Azure Storage
Additional Reading: For more information, refer to “Azure subscription and service limits,
quotas, and constraints” at http://aka.ms/O5vvrr.
6-4 Microsoft Azure Fundamentals
Lesson 2
Create and manage storage
Contents:
Question and Answers
5
Resources
5
Cloud storage 6-5
Question and Answers
Question: You need to create a Premium Storage account. Which of the following storage options can
you use in this case?
( ) Locally redundant storage
( ) Zone-redundant storage
( ) Geo-redundant storage
( ) Read-access geo-redundant storage
( ) Blob storage account type
Answer:
(√) Locally redundant storage
( ) Zone-redundant storage
( ) Geo-redundant storage
( ) Read-access geo-redundant storage
( ) Blob storage account type
Feedback:
Locally redundant storage is the only replication type supported by Microsoft Azure Premium
Storage accounts. In addition, Premium Storage must use the general-purpose storage account,
because the Blob storage account supports only block and append blobs.
Resources
Creating and managing Azure Storage non-programmatically
Reference Links: For more information, refer to Azure Web Storage Explorer:
http://aka.ms/M09rms
Additional Reading: For more information, refer to Azure Storage Client Tools at
http://aka.ms/R3aaz8.
Reference Links: For more information, refer to Use the Microsoft Azure Import/Export
Service to Transfer Data to Blob Storage at http://aka.ms/Fskpq4.
Creating and managing storage programmatically
Additional Reading: For more information, refer to “Get started with Azure Blob storage
using .NET” at http://aka.ms/c7n9ho.
Creating and managing tables programmatically
Additional Reading: For more information, refer to “Get started with Azure Table storage
using .NET” at http://aka.ms/Gcjemy.
6-6 Microsoft Azure Fundamentals
Module Review and Takeaways
Best Practices
By following the best practices for using Azure Storage, you can minimize its cost. The four factors that
will influence your costs are:
•
Amount of storage used (with Standard storage) or provisioned (with Premium Storage). Consider
using Standard storage disks for volumes hosting the operating system and carefully estimate the
optimum size of Premium Storage disks.
•
Replication options. Geo-redundant storage accounts are more expensive than locally redundant
storage. One way to reduce costs is to create multiple storage accounts with replication settings
configured individually according to the resiliency requirements of their content.
•
Number of storage transactions. Transactions are defined as operations (such as create, read, or write)
across all Azure Storage types including blobs, tables, queues, and files. One way to minimize these
charges is to ensure that VMs rely on temporary disks for hostingnon-persistent content (such as their
paging files). This cost is not applicable to Premium Storage accounts.
•
Egress data from the Azure region hosting the storage account. To minimize these charges, you
should consider grouping interdependent services together in the same region.
Note: For more information, refer to Azure Blobs Storage Pricing at http://aka.ms/Lfqijq.
Review Question
Question: If you want to store installation image files that will be accessed via the SMB protocol by
multiple Azure VMs, which type of storage should you choose?
Answer: You should choose Azure File storage.
Feedback: Only Azure File storage supports access via the SMB protocol.
Tools
The following is a list of the tools that this module references:
•
Azure Portal
•
Microsoft Visual Studio
•
Microsoft Azure Storage Explorer
•
Azure Web Storage Explorer
•
AzCopy.exe
•
Microsoft Azure Import/Export service
Cloud storage 6-7
Lab Review Questions and Answers
Lab: Configure Azure Storage
Question and Answers
Question: Can you convert a Standard storage account to a Premium Storage account?
Answer: No, this is not possible.
Feedback: If your intention is to change performance of a data disk from Standard to Premium
or from Premium to Standard, then you must detach the disk from its VM, copy its content to an
Azure storage account that has the desired performance setting, and then attach its copy to the
VM.
Question: Is it possible to upload a file to an Azure Storage blob by using the Azure portal?
Answer: Yes, you can upload files to an Azure storage blobs by using the Azure portal.
Feedback: You can also use one of several Azure Storage tools, such as Azure Web Storage
Explorer, for this purpose.
Microsoft Azure Databases 7-1
Module 7
Microsoft Azure Databases
Contents:
Lesson 1: Understanding options for relational database deployments
2
Lesson 2: Creating and connecting to Azure SQL databases
4
Module Review and Takeaways
6
Lab Review Questions and Answers
7
7-2 Microsoft Azure Fundamentals
Lesson 1
Understanding options for relational database
deployments
Contents:
Question and Answers
3
Resources
3
Microsoft Azure Databases 7-3
Question and Answers
Question: Which of the following features increase resiliency of Azure SQL database?
( ) Point In Time Restore
( ) Sharding
( ) Elastic Database pools
( ) Geo-Replication
( ) Geo-Restore
Answer:
(√) Point In Time Restore
( ) Sharding
( ) Elastic Database pools
(√) Geo-Replication
(√) Geo-Restore
Resources
Compare SQL database with SQL Server in a virtual machine
Additional Reading: For a comprehensive list of features that SQL databases support, refer
to: http://aka.ms/N7d08a
Additional Reading: For a comprehensive list of differences of Transact-SQL related
functionality between SQL Server and Azure SQL Database, refer to: Azure SQL Database
Transact-SQL differences: http://aka.ms/Ps3svp
Additional Reading: For information about identifying and resolving databasecompatibility issues by using SQL Server Database Migration Wizard, refer to:
http://aka.ms/Qmu1ip
Please note that the SQL Server 2016 Upgrade Advisor includes most of the SQL Database
Migration Wizard features and additionally, it extends that functionality by adding support for
migration of Full-Text search functionality.
7-4 Microsoft Azure Fundamentals
Lesson 2
Creating and connecting to Azure SQL databases
Contents:
Question and Answers
5
Microsoft Azure Databases 7-5
Question and Answers
Question: How will your organization use Azure SQL Database?
Answer: Answers will vary but might include:
•
To store data for Azure web apps, PaaS cloud services, and applications running in Azure IaaS
virtual machines.
•
To store data for Azure mobile apps.
•
To migrate databases from a SQL Server instance hosted in an Azure virtual machine.
•
To migrate data from SQL Server on-premises.
7-6 Microsoft Azure Fundamentals
Module Review and Takeaways
Review Question
Question: What should you consider when choosing between on-premises SQL Server, SQL Server on an
Azure virtual machine, and Azure SQL Database?
Answer: You should consider the following factors:
1.
Data storage policy compliance. Some organizations, geopolitical regions, and industries
have strict requirements for data storage, which might determine where and how data can
be stored.
2.
Required functionality. SQL Server supports some functionality that is not available in Azure
SQL Database.
3.
Additional relational database–related services. SQL Server includes not only the database
engine but also additional services such as the SQL Server Agent, SQL Server Integration
Services, SQL Server Reporting Services, SQL Server Analysis Services, and SQL Server Master
Data Services. If you require the capabilities of these services, SQL Server might be a better
choice.
4.
Maintenance and manageability. In general, Azure SQL Database requires considerably less
maintenance overhead than a SQL Server instance (on-premises or on an Azure virtual
machine).
Additional Reading: For more information regarding data storage policy compliance, refer
to the Azure Trust Center: http://aka.ms/Rhwnfd
Microsoft Azure Databases 7-7
Lab Review Questions and Answers
Lab: Creating a SQL Database in Azure
Question and Answers
Question: In the lab, you connected to an Azure SQL database by using SQL Server Management Studio.
What configuration change must you make first in the Azure portal before successfully establishing the
connection?
Answer: You must configure a SQL Server firewall rule to allow incoming connections from the IP
address range containing the public IP address of your lab computer.
Question: What authentication method do you have to use when connecting to Azure SQL Database?
Answer: You must use SQL Server authentication or Azure Active Directory–based
authentication. Windows authentication is not supported when connecting to Azure SQL
Database.
Creating and managing Azure AD 8-1
Module 8
Creating and managing Azure AD
Contents:
Lesson 1: Overview of Azure AD
2
Lesson 2: Manage Azure AD authentication
4
Module Review and Takeaways
6
Lab Review Questions and Answers
7
8-2 Microsoft Azure Fundamentals
Lesson 1
Overview of Azure AD
Contents:
Question and Answers
3
Resources
3
Creating and managing Azure AD 8-3
Question and Answers
Question: Which of the following are characteristics of Azure AD?
( ) Multi-tenant
( ) Contains organizational units
( ) Uses LDAP for directory lookups
( ) Supports Group Policy
( ) Offers native support for Multi-Factor Authentication
Answer:
(√) Multi-tenant
( ) Contains organizational units
( ) Uses LDAP for directory lookups
( ) Supports Group Policy
(√) Offers native support for Multi-Factor Authentication
Feedback:
Unlike AD DS, Azure AD is multi-tenant by design. It does not support organizational units. It
relies on Internet-friendly protocols for directory lookups (Graph API over HTTPS) rather than
Lightweight Directory Access Protocols (LDAP). It does not support Group Policies for
management of its domain-joined devices; you can use an MDM solution, such as Microsoft
Intune, instead. It offers native support for MFA.
Resources
Additional Reading: For more information regarding configuring Web App Azure AD
authentication, refer to “How to configure your App Service application to use Azure Active
Directory login” at: http://aka.ms/L27lid
8-4 Microsoft Azure Fundamentals
Lesson 2
Manage Azure AD authentication
Contents:
Question and Answers
5
Resources
5
Creating and managing Azure AD 8-5
Question and Answers
Question: How will your organization use Azure AD?
Answer: Answers will vary, but might include:
•
To secure access to Azure-based services.
•
To delegate management of Azure-based services.
•
To enhance authentication security by leveraging Multi-Factor Authentication.
•
To provide SSO functionality for access to SaaS applications.
Feedback: As an identity and access management solution, Azure AD provides a range of
features that integrate with other cloud and on-premises services. Leveraging Azure AD to
authenticate Azure web apps, Azure PaaS cloud services, and web applications running in Azure
virtual machines is easy.
Similarly, you can delegate management of Azure AD resources that are accessible via the Azure
Portal by using Role-Based Access Control (RBAC). You can also use Azure AD accounts when
designating co-administrators of a subscription.
Azure AD offers additional authentication enhancements, including Multi-Factor Authentication
and SSO for access to SaaS applications or cloud-based Web applications, including the Azure
portal. In addition, directory synchronization with AD DS makes it possible to sign in to cloudbased applications by using on-premises credentials.
For example, an organization that deploys a web app for sales personnel to Azure can use Azure
AD to authenticate user requests to the app and can choose to implement Multi-Factor
Authentication when sales personnel access the app via a browser or a mobile device.
Resources
Multi-Factor Authentication
Additional Reading: For more information regarding modern authentication, refer to
“Office 2013 modern authentication public preview announced” at https://aka.ms/m37pjz.
Additional Reading: For more information about Azure Multi-Factor Authentication, refer
to “What is Azure Multi-Factor Authentication?” at: http://aka.ms/Ddsfo9
SSO via Access Panel
Additional Reading: To view all currently available commercial Azure AD applications, go
to the Azure Marketplace at http://aka.ms/Htfnef and click Azure Active Directory apps.
8-6 Microsoft Azure Fundamentals
Module Review and Takeaways
Review Question
Question: What are some benefits of using Azure AD as an identity provider?
Answer: The benefits include:
1.
Scalability and availability, without additional infrastructure.
2.
Centralized identity management.
3.
Single sign-on to SaaS applications.
4.
Increased security of the authentication process by leveraging Multi-Factor Authentication.
5.
Integration with Office 365 and Microsoft Intune.
Tools
Azure AD Connect is the primary tool for performing directory synchronization.
Creating and managing Azure AD 8-7
Lab Review Questions and Answers
Lab: Create and manage Azure Active Directory tenants
Question and Answers
Question: What role should you assign to a user account in the Azure AD directory instance to enable the
user to fully manage all of its objects?
Answer: You should assign the Global Administrator role to the user account.
Feedback: The Global Administrator role grants full control of the Azure AD tenant where this
role exists. Note that this role does not grant any access rights to Azure subscription resources.
Descargar