Course 1 – Introduction to Microsoft Azure Cloud Services

Module 4: Microsoft Azure Storage & Networking Services

MICROSOFT AZURE FUNDAMENTALS AZ-900 EXAM PREP SPECIALIZATION

Complete Coursera Study Guide

Enroll in Coursera Microsoft Azure AZ-900

Last updated:

TABLE OF CONTENT

INTRODUCTION – Microsoft Azure Storage & Networking Services

This week, you will explore various storage options available in Azure Storage services and learn about the scenarios where each option is most appropriate. As you progress through the individual units in this module, you will delve into Azure Blob Storage, Azure Disk Storage, Azure Files, and Blob access tiers.

Additionally, you will examine several core networking resources in Azure. You will learn about Azure Virtual Network, which allows you to configure a customized network environment tailored to your company’s needs. Furthermore, you will discover how to use Azure VPN Gateway and Azure ExpressRoute to create secure communication tunnels between your company’s different locations.

Learning Objectives

  • Describe Azure Blob Storage, Azure Disk Storage
  • Understand the benefit of Azure Files
  • Describe Azure Blob access tiers
  • Describe the core networking resources that are available in Azure
  • Describe the benefits and usage of Virtual Network, VPN Gateway, and ExpressRoute
  • Describe the benefits and usage of Azure Blob Storage, Azure Disk Storage, Azure Files, Azure Blob access tiers

KNOWLEDGE CHECK 1

1. True or False?

Azure storage is used by both Infrastructure as a Service (IaaS) virtual machines, and Platform as a Service (PaaS) cloud services.

  • True (CORRECT)
  • False

Correct: You can use Azure Storage on its own. For example, you can use it as a file share. Developers also often use it as a repository for working data. These repositories can be used by websites, mobile apps, desktop applications, and many other types of custom solutions. Azure Storage is also used by Infrastructure as a Service (IaaS) virtual machines, and Platform as a Service (PaaS) cloud services.

2. Azure Blob Storage is Microsoft’s object storage solution for the cloud. Is the following statement on Azure Blob storage true or false?

Azure Blob Storage is ideal for streaming video and audio.

  • True (CORRECT)
  • False

Correct: Blob Storage is ideal for serving images or documents directly to a browser, storing files for distributed access, and streaming media. 

3. True or False?

Azure Files are accessible via the industry standard Server Message Block (SMB) protocol.

  • False
  • True (CORRECT)

Correct: Azure Files offers fully managed file shares in the cloud that are accessible via the industry standard Server Message Block (SMB) protocol. Azure file shares can be mounted concurrently by cloud or on-premises deployments of Windows, Linux, and macOS.

4. True or False?

Azure files can be accessed from anywhere in the world using a URL that points to the file.

  • True (CORRECT)
  • False

Correct: One thing that distinguishes Azure Files from files on a corporate file share is that you can access the files from anywhere in the world using a URL that points to the file.

5. True or False?

Shared Access Signature (SAS) tokens allow access to a private asset for a specific amount of time.

  • True (CORRECT)
  • False

Correct: You can also use Shared Access Signature (SAS) tokens to allow access to a private asset for a specific amount of time.

6. Azure storage offers different access tiers for blob and file storage. This allows you to store object data in the most cost-effective manner. What do you think is the most cost-effective tier to optimize storage for data that is infrequently accessed and stored for at least 30 days?

  • Cool storage tier (CORRECT)
  • Hot storage tier
  • Archive storage tier

Correct: Cool storage tier is optimized for data that is infrequently accessed and stored for at least 30 days, like invoices for your customers.

KNOWLEDGE CHECK 2

1. Azure virtual networks enable you to link resources together in your on-premises environment and within your Azure subscription. In effect, you can create a network that spans both your local and cloud environments. There are three mechanisms for you to achieve this connectivity.

Which of the following is not a valid mechanism?

  • Site-to-site Virtual Private Networks 
  • Azure ExpressRoute 
  • Point-to-site Virtual Private Networks 
  • Service endpoints (CORRECT)

Correct: You use service endpoints to connect to other Azure resource types, such as Azure SQL databases and storage accounts. This approach enables you to link multiple Azure resources to virtual networks, thereby improving security and providing optimal routing between resources.

2. True or false?

A VM in Azure can connect out to the Internet by default.

  • True (CORRECT)
  • False

Correct: A VM in Azure can connect out to the Internet by default.

3. Azure virtual networks enable you to filter traffic between subnets. Which of the following are valid filtering approaches?

Select all options that apply.

  • Border Gateway Protocol
  • Network security groups (CORRECT)
  • Network virtual appliances (CORRECT)

Correct: That’s correct. A network security group is an Azure resource that can contain multiple inbound and outbound security rules. You can define these rules to allow or block traffic, based on factors such as source and destination IP address, port, and protocol.

Correct: A network virtual appliance is a specialized VM that can be compared to a hardened network appliance. A network virtual appliance carries out a particular network function, such as running a firewall or performing Wide Area Network (WAN) optimization.

4. When you create an Azure virtual network, you configure a number of settings such as multiple subnets, distributed denial of service (DDoS) protection, and service endpoints. Which of the following fields must be completed as part of the setup?

Select all options that apply.

  • Subscription (CORRECT)
  • Name (CORRECT)
  • Resource Group (CORRECT)
  • DDoS Protection

Correct: All resources must be associated with a valid subscription.

Correct: You must provide a name for the virtual network.

Correct: All resources must be associated with a resource group. 

5. Policy-based VPN gateways specify statically the IP address of packets that should be encrypted through each tunnel. This type of device evaluates every data packet against those sets of IP addresses to choose the tunnel where that packet is going to be sent through.

Which of the following are key features of policy-based VPN gateways in Azure?

Select all options that apply.

  • Support for IKEv2.
  • Dynamic routing protocols.
  • Compatibility with legacy on-premises VPN devices. (CORRECT)
  • Use of static routing. (CORRECT)

Correct: Policy-based VPNs must be used in specific scenarios that require them, such as for compatibility with legacy on-premises VPN devices.

Correct: Combinations of address prefixes from both networks control how traffic is encrypted and decrypted through the VPN tunnel. The source and destination of the tunneled networks are declared in the policy and don’t need to be declared in routing tables.

6. Which of the following are supported ExpressRoute models that you can use to connect your on-premises network to the Microsoft cloud?

Select all options that apply.

  • Any-to-any connection (CORRECT)
  • Site-to-site connection
  • Cloud Exchange colocation (CORRECT)
  • Point-to-point Ethernet connection (CORRECT)

Correct: With any-to-any connectivity you can integrate your wide area network (WAN) with Microsoft Azure by providing connections to your offices and datacenters. 

Correct: Co-located providers can normally offer both Layer 2 and Layer 3 connections between your infrastructure, which might be located in the colocation facility, and the Microsoft cloud. 

Correct: Point-to-point connections provide Layer 2 and Layer 3 connectivity between your on-premises site and Microsoft Azure. You can connect your offices or datacenters to Azure by using the point-to-point links. 

TEST PREP

1. True or false?

Archive storage tier stores data online.

  • True
  • False (CORRECT)

Correct: Archive storage stores data offline and offers the lowest storage costs but also the highest data rehydrate and access costs.

2. Azure storage offers different access tiers for blob and file storage. This allows you to store object data in the most cost-effective manner. What do you think is the most cost-effective tier to optimize storage for data that is frequently accessed, such as images from your website, and stored for at least 30 days?

  • Hot storage tier (CORRECT)
  • Archive storage tier
  • Cool storage tier

Correct: Hot storage tier is optimized for storing data that is accessed frequently, like images for your website.

3. True or false?

Network security groups contain security rules that enable you to filter the type of network traffic that can flow in and out of virtual network subnets and network interfaces.

  • True (CORRECT)
  • False

Correct: Network security groups have security rules that enable you to filter the type of network traffic that can flow in and out of virtual network subnets and network interfaces. You create the network security group separately, and then associate it with the virtual network.

4. A VPN gateway is a type of Virtual Network Gateway. To connect on-premises data centers to Azure virtual networks you need to configure…

  • site-to-site connection. (CORRECT)
  • network-to-network connection
  • point-to-site connection.

Correct: You connect on-premises data centers to Azure virtual networks through a site-to-site connection.

5. True or False? 

All Azure subscriptions connect from on-premises to Azure using Azure Express Route.

  • True
  • False (CORRECT)

Correct: Azure ExpressRoute lets you seamlessly extend your on-premises networks into the Microsoft cloud. This connection between your organization and Azure is dedicated and private. Establishing an ExpressRoute connection enables you to connect to Microsoft cloud services like Azure, Office 365, and Dynamics 365. Security is enhanced, connections are more reliable, latency is minimal, and throughput is greatly increased.

6. Which of the following resources are required before you can deploy a VPN gateway between Azure and on-premises resources?

Select all options that apply.

  • Point-to-site connection
  • Virtual network. (CORRECT)
  • Public IP address. (CORRECT)
  • Virtual network gateway (CORRECT)

Correct: You must deploy an Azure virtual network with enough address space for the additional subnet that you’ll need for the VPN gateway. The address space for this virtual network must not overlap with the on-premises network that you’ll be connecting to.

Correct: You must create a Basic-SKU dynamic public IP address if using a non-zone-aware gateway. This address provides a public-routable IP address as the target for your on-premises VPN device. 

Correct: You must create the virtual network gateway to route traffic between the virtual network and the on-premises data center or other virtual networks.

7. Which of the following statements do you think are true of Azure Blob Storage?

You might have to make an educated guess! Select all the options that apply.

  • It can store files for distributed access.  (CORRECT)
  • It is good for streaming audio and video. (CORRECT)
  • It can be used for backup and restore, disaster recovery, and archiving. (CORRECT)
  • It can add storage capacity indefinitely for Virtual Machines. 

Correct: Blob storage is ideal for storing files for distributed access.

Correct: Blob storage is also good for streaming audio and video.

Correct: You can store data for backup and restore, disaster recovery, and archiving.

8. Which of the following situations are suitable for using Azure Files?

Check all that apply.

  • On-premises applications that use file shares (CORRECT)
  • Store configuration files on a file share. (CORRECT)
  • Write data to a file share, and process or analyze the data later. (CORRECT)
  • Storing data for analysis by an on-premises or Azure-hosted service.

Correct: Azure Files makes it easier to migrate those applications that share data to Azure.

Correct: Configuration files can be stored on a file share and accessed from multiple VM. Tools and utilities used by multiple developers in a group can be stored on a file share, ensuring that everybody can find them and that they use the same version.

Correct: This is typically done with diagnostic logs, metrics, and crash dumps.

9. Which of the following are capabilities of Azure virtual networks?

Select all that apply.

  • Internet communications (CORRECT)
  • Connect virtual networks (CORRECT)
  • Communication with on-premises resources (CORRECT)
  • Dedicated private connectivity to Azure that doesn’t travel over the internet 

Correct: Internet communications is a capability of Azure virtual networks.

Correct: Azure virtual networks gives you the capability of connecting virtual networks. 

Correct: The ability to communicate with on-premises resources is a capability of Azure virtual networks. 

10. Which of the following are benefits of ExpressRoute? 

Check all that apply.

  • Redundant connectivity (CORRECT)
  • Encrypted network communication
  • Dynamic routing (CORRECT)
  • Access to Microsoft cloud services (CORRECT)

Correct: ExpressRoute provides built-in redundancy in every peering location for higher reliability.

Correct: Express Route provides dynamic routing between your network and Microsoft via BGP.

Correct Express Route provides connectivity to Microsoft cloud services across all regions in the geopolitical region.

CONCLUSION – Microsoft Azure Storage & Networking Services

In conclusion, this week’s module has provided a comprehensive overview of the various storage options available in Azure Storage services, including Azure Blob Storage, Azure Disk Storage, Azure Files, and Blob access tiers, along with their appropriate use cases.

Additionally, you have gained insights into key networking resources in Azure, such as Azure Virtual Network, which allows for the creation of customized network environments, and Azure VPN Gateway and Azure ExpressRoute, which enable secure communication tunnels between different company locations. With this knowledge, you are now well-equipped to make informed decisions about storage and networking solutions in Azure, enhancing your ability to meet your organization’s needs effectively.

Previous Module
Weekly Breakdown

Quiztudy Top Courses

Popular in Coursera

Liking our content? Then, don’t forget to ad us to your BOOKMARKS so you can find us easily!

Expanded Thumbnail Promo1

Mood Zone for Studying & Relaxing