Teoria AZ-900
Teoria AZ-900
Teoria AZ-900
Today, organizations can sign up for a service from a Demand and growth can be unpredictable and
cloud provider to get up and running. This enables them can outpace expectation, which is a challenge for
to begin selling or providing services to their customers the CapEx model as shown in the following graph.
more quickly, without the need for significant upfront
costs
2. Cost and efficiency - Hybrid cloud models allow an Hybrid cloud scenarios can be useful when
organization to leverage some of the benefits of organizations have some information that
cost, efficiency, and scale that are available with a cannot be put in a public cloud, possibly for
public cloud model. legal reasons. For example, you may have
medical data that cannot be exposed publicly.
3. Control - Organizations retain management control
in private clouds.
There is a shared responsibility model for ensuring cloud workloads are run
securely and in a well-managed way. Depending on the service you are using,
the cloud provider is responsible for some aspects of the workload, leaving the
customer responsible for the remaining aspects of the workload.
• Understand core Azure architectural components
• Understand core Azure services and products
• Understand Azure solutions
• Understand Azure management tools
Regions
Each region is paired with another within the same geography (such as
US, Europe, or Asia). This approach allows for the replication of resources
and helps reduce the likelihood of interruptions due to events such as
natural disasters, power outages, or physical network outages.
Geographies
Examples of Azure services for virtual machines Examples of Azure services for containers
include: include:
Networking on Azure allows you to connect cloud and on-premises infrastructure and services.
Azure Virtual Network enables resources such as Azure VMs to securely communicate
with each other, the internet, and on-premises networks.
Azure Load Balancer provides scale for your applications and high availability for your
services
A VPN gateway sends encrypted traffic between an Azure Virtual Network and an on-
premises location over the public internet.
Azure Application Gateway is a web traffic load balancer and the connection through
which users connect to your application.
A content delivery network (CDN) is a distributed network of servers that get content to
users in their local region to minimize latency.
Azure Data Services
Azure Storage is a service that you can use to store Azure database services are fully-managed PaaS
files, messages, tables, and other types of database services that free up valuable time you’d
information. otherwise spend managing your database
Big data refers to large volumes of data that become increasingly hard to make sense of, or
consequently make decisions about. Some big data and analytic services in Azure include:
Azure SQL Data Warehouse leverages massively parallel processing (MPP) to run complex
queries quickly across petabytes of data.
Azure HDInsight makes it easier, faster, and more cost-effective to process massive
amounts of data and runs popular open-source frameworks such as Spark, Hadoop and
Storm.
Azure Data Lake Analytics simplifies big data. Instead of deploying, configuring, and
tuning hardware, you write queries to transform your data and extract valuable insights.
Azure Databricks is a Spark based analytics platform optimized for Azure and provides
one-click setup, streamlined workflows, and an interactive workspaces that enable
collaboration between data scientists, data engineers, and business analysts.
Internet of Things
The ability for devices to gather and then relay information for data
analysis is referred to as the Internet of Things (IoT)
Artificial Intelligence (AI), in the context of cloud computing, is based around a broad
range of services, the core of which is machine learning. Machine learning is a data
science technique that allows computers to use existing data to forecast future
behaviours, outcomes, and trends.
Cognitive services are a collection of domain-specific pre-trained AI models that can be customized
with your data. They are categorized broadly into vision, speech, language, and search.
Vision makes it Speech services can Language services can Harness the power of a Knowledge services
possible for apps and convert spoken understand the web-scale, ad-free create rich knowledge
services to accurately language into text, or meaning of search engine. Find resources that
identify and analyse produce natural- unstructured text or information across integrate into apps
content within images sounding speech from recognize the speaker’s billions of web pages, and services.
and videos. text using standard (or intent. images, videos, and
customizable) voice news search results.
fonts.
Serverless Computing
Serverless computing is a cloud-hosted execution environment that runs your code but abstracts
the underlying hosting environment.
Azure Functions are ideal when you're only concerned with the code running your
service and not the underlying platform or infrastructure and commonly used when you
need to perform work in response to an event.
Azure Logic Apps help you automate and orchestrate tasks, business processes, and
workflows when you need to integrate apps, data, systems, and services across
enterprises or organizations.
Azure Event Grid allows you to easily build applications with event-based architectures.
It's a fully-managed, intelligent event routing service that uses a publish-subscribe
model for uniform event consumption.
• Understand how to secure network connectivity.
• Understand core Azure identity services.
• Understand security tools and features.
• Understand Azure governance methodologies.
• Understand monitoring and reporting in Azure.
• Understand privacy, compliance, and data
protection standards in Azure.
Azure Security Center
• Authentication
• Single sign-on (SSO)
• Multi-Factor Authentication
• Application management
• Business to business (B2B) identity services
• Business-to-Customer (B2C) identity services
Advanced Protection Services
Microsoft Azure Information Protection helps Azure Advanced Threat Protection identifies,
organizations classify and protect intellectual detects, and helps you investigate threats,
property by applying labels, this can be: compromised identities, and malicious insider
actions. It consists of the following components:
• Automatically by administrators who
define rules and conditions • Azure ATP portal - Monitor and respond to
• Manually by users suspicious activity
• A combination of the two, where users are • Azure ATP sensor: which are installed directly
given recommendations on your domain controllers.
Azure Key Vault is a centralized service that you use for storing application secrets. It helps
control application secrets by keeping them in a single, central location and providing secure
access, permissions control, and access logging.
Network Protection
Network Security Groups filter network traffic to Azure Firewall is a fully stateful firewall as a service with
and from Azure resources in an Azure virtual built-in high availability and unrestricted cloud
network. They can contain multiple inbound and scalability. Features include inbound and outbound
outbound security rules that filter traffic to and filtering rules and advanced Monitor logging
from resources by source and destination IP
address, port, and protocol.
Usage Scenarios:
Role-based access control (RBAC) provides Examples of when you might use RBAC include when
fine-grained access management for Azure you want to:
resources.
• Allow one user to manage VMs in a subscription,
Grants users the rights they need to perform and another user to manage virtual networks.
their jobs and is provided at no additional cost
to all Azure subscribers • Allow a database administrator (DBA) group to
manage Microsoft SQL Server databases in a
subscription.
• Delete. Authorized users can still read and modify a resource, but
they can't delete the resource.
Azure Monitor maximizes the availability and Azure Monitor integrates with other Azure services to
performance of applications by delivering a provide robust monitoring capabilities. These can be
comprehensive solution for collecting, categorised as:
analyzing, and acting on telemetry from cloud
and on-premises environments. Analyze. Use Azure Monitor for containers and virtual
machines, and Application Insights for applications.
As soon as you create an Azure subscription and
start adding resources, Azure Monitor starts Respond. Proactively respond to critical conditions
collecting data. identified using Azure Alerts, or Auto-scale using
Azure Monitor metrics.
Microsoft provides the most comprehensive Microsoft Privacy Statement explains what personal
set of compliance offerings (including data Microsoft processes, how Microsoft processes
certifications and attestations) of any cloud it, and for what purposes.
service provider.
This applies to the interactions Microsoft has with
You can view all the Microsoft compliance users and Microsoft products such as Microsoft
offerings at Microsoft Compliance Center - services, websites, apps, software, servers, and
Compliance Offerings. devices.
Trust Center is a website resource containing The Service Trust Portal is the Microsoft public site for
information and details about how Microsoft publishing audit reports and other compliance-related
implements and supports security, privacy, information related to Microsoft’s cloud services.
compliance, and transparency in all our cloud
products and services. It also hosts the Compliance Manager service, and
allows you to:
An Azure subscription provides you with You can use Azure subscriptions to define boundaries
authenticated and authorized access to Azure around Azure products, services, and resources. This
products and services. It is a logical unit that includes:
links to an Azure account.
• Billing boundary which determines how an Azure
Azure offers free and paid subscription options account is billed for using Azure.
to suit different needs and requirements. An
account can have one subscription or multiple • Access control boundary which applies access
subscriptions that have different billing models, management policies at the subscription level.
and to which you apply different access-
management policies.
Management Groups
• Free access to billing and subscription support • Developer for trial and nonproduction
• Azure products and services documentation environments
• Online self-help documentation
• Community support forums • Standard for production environments
Microsoft offer previews of Azure features for Review a list of preview features that are available for
evaluation purposes, these include: evaluation at Azure Preview Features
• Private Preview. An Azure feature is available to To preview a feature, select the Try it button for the
certain Azure customers for evaluation applicable feature
purposes
Portal Preview features:
• Public Preview. An Azure feature is available to • Access preview features that are specific to the
all Azure customers for evaluation purposes Azure Portal from the Portal Preview Features
page.
Azure Fundamentals