Kaarten: AZ-305 Designing Microsoft Azure Infrastructure Solutions Flash Cards | Quizlet

A management framework that enables users to deploy, manage, and organize Azure resources through a unified API. It acts as Azure's control plane, helping manage resources using templates and policies.

Azure Resource Manager (ARM)

A private, isolated network in Azure allows secure communication among resources, the internet, and on-premises networks.

Azure Virtual Network (VNet)

A cloud-based service for identity and access management that ensures secure access to resources, applications, and services within an organization.

Microsoft Entra ID

A Layer 4 (TCP/UDP) load balancer that distributes incoming network traffic across multiple servers to ensure high availability and reliability of applications.

Azure Load Balancer

A Layer 7 (HTTP/HTTPS) load balancer designed for web applications. It includes advanced features like SSL termination, URL-based routing, and a Web Application Firewall (WAF).

Azure Application Gateway

A cloud computing model that offers virtualized resources online, allowing users to manage virtual machines, storage, and networking without handling the hardware.

Infrastructure as a Service (IaaS)

A cloud computing model that provides hardware and software tools, such as operating systems and databases, over the internet, allowing developers to focus on coding while the cloud provider manages the infrastructure.

Platform as a Service (PaaS)

Data is organized in a predictable and standardized format, typically stored in relational databases, making it easy to search, query, and analyze due to its consistency.

Structured Data

Data that does not follow a predefined format or structure makes it more difficult to process and analyze. Examples include text files, images, videos, emails, and social media posts.

Unstructured Data

An IT architecture that allows for workload portability, orchestration, and management across multiple environments, including on-premises data centers, private clouds, and public clouds.

Hybrid Cloud

A formal agreement between a service provider and a customer that outlines the expected level of service, including uptime, performance, and support.

Service Level Agreement (SLA)

A service in Azure that provides information about the health and availability of resources in the cloud, helping identify and resolve issues in real-time.

Azure Resource Health

A set of guidelines, best practices, and tools provided by Microsoft to help organizations successfully adopt Azure cloud services and migrate their workloads to the cloud.

Microsoft Cloud Adoption Framework

The integration of multiple cloud computing services from various providers within a single architecture allows organizations to utilize different clouds for specific workloads or to ensure redundancy.

Multicloud

A service in Microsoft Entra ID that enables just-in-time privileged access to Azure resources and provides a time-limited role assignment with full auditing and reporting capabilities.

Privileged Identity Management (PIM)

A monitoring service that collects and analyzes numerical data from resources and services in Azure to track performance and health.

Azure Monitor Metrics

A platform log in Azure Monitor that provides data about the operations performed on resources in a subscription, such as resource creation, deletion, and configuration changes.

Azure Activity Log

A feature that prevents accidental deletion or modification of critical Azure resources by applying a lock at the resource, resource group, or subscription level.

Azure Resource Locks

A feature in Azure Key Vault that allows you to define permissions for accessing and managing keys, secrets, and certificates within the vault.

Azure Key Vault Access Policies

A set of rules within Microsoft Entra that control access to resources based on user identity, device status, location, or other contextual factors.

Microsoft Entra Conditional Access Policies

A service that enables businesses to customize and control how customers sign up, sign-in, and manage their profiles when using Azure applications.

Azure Active Directory B2C

A system that controls access to Azure resources by assigning roles to users, groups, or applications.

Azure Role-Based Access Control (RBAC)

A service that helps safeguard cryptographic keys and secrets used by cloud applications and services, offering secure management of certificates, secrets, and keys.

Azure Key Vault

A feature of Azure Monitor that enables the creation of automated alerts based on metrics, logs, or activity to manage the health and security of Azure resources proactively.

Azure Monitoring Alerts

A fully managed relational database service based on SQL Server that provides high availability, scalability, and security.

Azure SQL Database

A globally distributed, multi-model database service that supports document, key-value, graph, and column-family data models.

Azure Cosmos DB

A massively scalable object storage solution for storing unstructured data such as text, images, video, and backups.

Azure Blob Storage

A highly scalable data lake solution built on Azure Blob Storage, optimized for big data analytics and processing.

Azure Data Lake Storage

A NoSQL key-value store designed for storing large amounts of structured, non-relational data.

Azure Table Storage

An analytics service that merges enterprise data warehousing with big data analytics, integrating relational data for enhanced analysis and business intelligence.

Azure Synapse Analytics

An Azure Blob Storage Access Tiers online storage option for Azure for infrequently accessed or modified data, requiring a minimum storage duration of 30 days. It features lower storage costs but higher access costs than the hot tier.

Cool Tier

An Azure Blob Storage Access Tiers online storage option intended for rarely accessed or modified data that requires quick retrieval. Data must be stored for at least 90 days. It has lower storage costs than the cool tier but higher access costs.

Cold Tier

A feature that automates the movement of data between different Azure Blob Storage access tiers, based on rules like last access time or data age.

Azure Blob Storage Lifecycle Management

A disaster recovery solution that replicates workloads running on physical and virtual machines to Azure for backup and recovery.

Azure Site Recovery

A service that helps secure your Azure virtual machine disks with encryption to protect data at rest.

Azure Disk Encryption

A compute tier in Azure SQL Database designed for high scalability and performance, supporting large, high-demand applications.

Azure SQL Hyperscale Tier

An Apache Spark-based analytics platform optimized for big data and AI workloads, providing collaborative notebooks and automated scaling.

Azure Databricks

A distributed analytics service built on top of Azure Data Lake Store enables the running of massively parallel data processing jobs.

Azure Data Lake Analytics

A fully managed cloud service for big data processing that supports popular frameworks like Hadoop, Spark, and Hive.

Azure HDInsight

A high-throughput data streaming platform designed to ingest massive amounts of data, such as IoT telemetry, logs, or event streams.

Azure Event Hubs

Tools provided by Azure to assist with moving databases, data warehouses, and other storage systems to the cloud with minimal downtime.

Azure Data Migration Services

Azure storage redundancy options that copy data across multiple availability zones within a region.

ZRS (Zone-redundant storage)

Azure storage redundancy options that copy data three times within a single Azure region.

LRS (Locally redundant storage)

A secure connection between an on-premises network and Azure via a VPN gateway to extend the on-premises network to the cloud.

Azure Site-to-Site VPN

A private, dedicated, high-throughput connection between an on-premises network and Azure, bypassing the public internet.

Azure ExpressRoute

A fully managed backup service that provides data protection for Azure VMs, databases, on-premises machines, and other Azure resources.

Azure Backup

A service used to manage backup and disaster recovery operations in Azure. It stores recovery points and configurations for Azure-based backups and disaster recovery setups.

Azure Recovery Services Vault

The process of replicating Azure virtual machines or on-premises VMs to a different region or availability zone for disaster recovery.

Replication

Physical data center locations within a region, each with independent power, cooling, and networking, are designed to provide fault tolerance and high availability for Azure resources.

Azure Availability Zones

A feature of Azure SQL Database that allows for the replication of databases across multiple Azure regions to enable high availability and disaster recovery.

Geo-Replication

A fully managed SQL Server instance in Azure with high availability, built-in disaster recovery features, and near-complete compatibility with on-premises SQL Server.

SQL Managed Instance

An Azure Blob Storage that offers redundancy options that replicate data to a secondary region for disaster recovery.

GRS (Geo-Redundant Storage)

A service that allows for the automatic scaling of identical virtual machines to meet demand and ensure availability during failure scenarios.

Azure Virtual Machine Scale Sets (VMSS)

JSON-based templates that define and automate the deployment of Azure resources.

Azure Resource Manager (ARM) Templates

A set of tools for automating the building, testing, and deployment of applications, ensuring fast recovery and rollback if necessary.

Azure DevOps

Serverless computing that runs code in response to events without needing to manage servers.

Azure Functions

Serverless workflow automation solution that integrates various services.

Azure Logic Apps

Managed Kubernetes solution for orchestrating containerized applications.

Azure Kubernetes Service (AKS)

Quick, serverless solution for running containers.

Azure Container Instances (ACI)

Managed service to run large-scale parallel and high-performance computing (HPC) applications.

Azure Batch

Reliable, highly scalable messaging service for decoupled applications.

Azure Service Bus

Event-based messaging for building reactive, event-driven systems.

Azure Event Grid

Simple, highly available queue-based messaging system in Azure.

Azure Queue Storage

A fully managed, in-memory data store for caching frequently accessed data to improve performance.

Azure Cache for Redis

Service for managing, securing, and analyzing APIs.

Azure API Management (APIM)

Global caching and delivery of static content to end-users.

Azure CDN (Content Delivery Network)

Centralized configuration management for applications, providing easy access to settings and secrets.

Azure App Configuration

GitHub's CI/CD platform to automate workflows, including deployments to Azure.

GitHub Actions

A delivery model for software where third-party providers host applications accessible over the internet. This model removes organizations' need to manage or maintain their software infrastructure.

Software as a Service (SaaS)

Applications built specifically for the cloud, taking advantage of cloud environments' scalability, flexibility, and resilience. These applications often use microservices, containers, and orchestration tools like Kubernetes.

Cloud-Native Applications

These are specifically designed in Azure to manage multiple databases with varying loads. They enable these databases to share resources in a cost-effective manner, ensuring dynamic scalability and a high SLA of 99.99% uptime.

Elastic Pool with Azure SQL databases

Refers to a system's ability to manage increasing workloads and its potential to be expanded to support that growth. In the context of cloud computing, it specifically involves the capability to adjust resources—such as computing power and storage—upward or downward as necessary.

Scalability

A service used to send encrypted traffic between Azure VNets and on-premises networks, such as via VPN connections.

Azure VPN Gateway

A service that enables service providers to manage Azure resources for customers using a single pane of glass while maintaining access control.

Azure Lighthouse

A managed, cloud-based network security service that protects Azure Virtual Network resources from unauthorized access or threats.

Azure Firewall

A top-level resource that includes security and operational settings for Azure Firewall.

Firewall Policy

A fully managed service that enables secure and seamless RDP and SSH access to virtual machines without exposing them to the public internet.

Azure Bastion

It is a feature that connects two VNets in Azure, allowing resources to communicate securely and with low latency.

Virtual Network Peering

A feature within Azure Synapse Analytics that allows for the orchestration of data workflows, enabling ETL (Extract, Transform, Load) processes.

Azure Synapse Pipelines

A fully managed service that enables bi-directional communication between IoT devices and the cloud.

Azure IoT Hub

A secure and easy way to share data across organizations or departments, enabling collaboration without data duplication.

Azure Data Share

A domain-specific language (DSL) for declaratively deploying Azure resources offers a simpler syntax than ARM templates.

Bicep

An Azure identity used by applications or services to access resources with specific permissions.

Service Principal

A managed Docker container registry for storing and managing container images in Azure.

Azure Container Registry (ACR)

An automated script or process in Azure Automation for managing and maintaining resources.

Runbook

Collects telemetry from Azure Storage accounts, providing detailed metrics like transaction counts, latency, and capacity to optimize performance and identify bottlenecks.

Storage Insights

Monitors network performance and health by collecting telemetry from Azure resources like Network Security Groups, Virtual Networks, and Application Gateways, offering end-to-end visibility into network traffic and connectivity.

Network Insights

Monitors containerized applications by collecting metrics (e.g., CPU and memory usage), logs, and deployment statuses, helping to manage Kubernetes clusters and other container environments.

Container Insights

Provides in-depth monitoring for virtual machines by collecting performance data (e.g., CPU, memory, disk I/O) and health metrics, enabling analysis and diagnostics.

VM Insights

A comprehensive security management and threat protection solution for Azure, hybrid, and multi-cloud environments. It provides security posture management, workload protection, and compliance monitoring.

Microsoft Defender for Cloud

A unified security management system that provides advanced threat protection across Azure services, helping secure resources and manage compliance.

Azure Security Center

A service in Azure that allows for querying and analyzing Azure resource inventory across multiple subscriptions and regions.

Azure Resource Graph

A service in Azure that allows for querying and analyzing Azure resource inventory across multiple subscriptions and regions.

Azure Management Groups

A service that allows for the definition and deployment of environment templates, including policies, resource groups, and role-based access control settings.

Azure Blueprints

A feature that allows you to add metadata to Azure resources, such as owner, cost center, and environment, for better resource management and governance.

Azure Tagging

A suite of FinOps tools that assists organizations in analyzing, monitoring, and optimizing their Microsoft Cloud costs.

Microsoft Cost Management

A service that provides personalized best practices and recommendations to help optimize your Azure resources for cost, security, performance, and reliability.

Azure Advisor

You can effectively manage your accounts, invoices, and payments in this section.

Microsoft Billing

A resource allocation model for Cosmos DB where throughput is provisioned on a per-container or per-database basis to scale data storage and performance.

Azure Cosmos DB Provisioned Throughput

A real-time analytics service designed to handle streaming data from various sources like IoT devices, logs, and social media feeds.

Azure Stream Analytics