Download ECSA102 BLOB BCA 2026 CORE CONCEPT LEARNING SCRIPT and more Exams Nursing in PDF only on Docsity!
ECSA102 BLOB BCA 2026 CORE CONCEPT
LEARNING SCRIPT
◉ Powershell - Command to create a new virtual network and store it as a variable $NewVnet. Answer: $NewVnet = New- AzVirtualNetwork - Name - ResourceGroupName
- Location - AddressPrefix "10.20.0.0/16" ◉ Powershell - Get-Command . Answer: this cmdlet searches the database for a command that matches your search keyword ◉ what is a subnet?. Answer: A logical division of your network (Vnet) A Vnet can have many subnets Subnets cannot have the same or overlapping CIDR blocks if they exist in the same Vnet ◉ Powershell - Command to add a subnet to your virtual network and make it a variable $NewSubnet. Answer: $NewSubnet = Add- AzVirtualNetworkSubnetconfig - Name - VirtualNetwork $NewVnet - AddressPrefix 10.20.30.0/24 -
◉ Portal - How to attach a NIC to a VM. Answer: VM > Networking > Attach Network Interface You cannot attach a NIC to a VM while its running, it must be stopped A VM can have an IP from subnet 1 going to one NIC and an IP from subnet 2 going to another NIC ◉ Private IP addresses are used for communication ___________ the Azure Vnet.. Answer: within
- a private IP address will also be used with communication from the vnet to an on prem network ◉ Public IP addresses are used for communication with the __________. Answer: internet ◉ A private IP address can be associated with 3 devices. Answer: VM Internal Load Balancer Application Gateway Dynamic and static supported ◉ A public IP address can be associated with 4 devices. Answer: VM Load Balancer VPN Gateway - no static option
◉ Powershell - Get-AzNetworkInterface | select Name. Answer: Shows you as list of all the network interface cards in your subscription the piped portion selects just the Name of the NICs and lists only those names ◉ Powershell - Get-AzNetworkInterface - Name - ResourceGroupName . Answer: gives you networking information about a specific NIC ◉ Powershell - $nic.IpConfigurations - what is the .Configurations part called?. Answer: an attribute ◉ Powershell - Commands to set a specific NIC's IP address to static. Answer: $nic = Get-AzNetworkInterface - Name - ResourceGroup Tech_IT $nic.IpConfigurations.PrivateIpAllocationMethod - "static" Set-AzNetworkInterface - NetworkInterface $nic ◉ Powershell - #. Answer: comment out ◉ Service Endpoints. Answer: Azure VMs can interact with Azure Paas Services like SQL and Storage accounts as if they are apart of the same Virtual Network rather than using the public internet
- Restrict an azure service so it only accepts traffic from specific Vnets or subnets
- keep traffic off of the public internet
- optimal routing Common services - Storage, SQL DB, Cosmos, Key Vault ◉ Portal - How to set a service endpoint between a Vnet and a Storage account?. Answer: Portal > Virtual Networks > Subnet > select subnet > select Microsoft.Storage from drop down > save Portal > Storage Accounts > storage account > Firewalls and virtual networks > select network ◉ When you create an Azure subscription an __ __ _____ is created for you.. Answer: An Azure AD domain Initial domain name is domainname.onmicrosoft.com until verified ◉ What do you need to verify a custom domain name?. Answer: TXT record or MX record ◉ Azure DNS. Answer: Cloud based DNS service
- host and manage DNS domains
- translates domains names to IP addresses
what two records are automatically created when you create a PRIVATE DNS zone. Answer: Portal > search for "DNS Zones" > add > Name of the zone is usually the name of your company > create NS record and SOA record ◉ Portal - DNS - How to create a custom A record for your public DNS zone. Answer: Portal - DNS Zones - select zone - record set - ok ◉ Powershell - Command to see DNS zone information. Answer: Get- AzDnsZone ◉ Azure DNS - Record Types - PTR. Answer: Pointer Reverse DNS lookups Give ip, resolves to a name ◉ Portal - Azure DNS - Make 2 Vnets share one DNS Private zone. Answer: Portal > Private DNS Zones > add > name is usually the name of your internal DNS > create Click on Private DNS zone you created > Virtual network links > add 2 links total, 1 for each Vnet ◉ Azure DNS - What record(s) is automatically created when you create a private DNS zone?. Answer: SOA
◉ Network Security Groups. Answer: Acts like a firewall at the NIC or Subnet level allows or denies traffic inbound or outbound to NICs or subnets uses security rules ◉ Portal - Create a NSG then assign it to a network interface or subnet. Answer: Portal > Network Security Groups > Add > create Select NSG > Network Interfaces or Subnets ◉ Each NSG rule includes what components (5). Answer: Priority (the lower the number the higher the prio) Source Destination Port Protocol (TCP, UDP, ICMP or any) Action (Allow or deny) ◉ NSG - Default rules (5). Answer: Allow vnet to vnet inbound and outbound allow azure LB inbound deny all other inbound traffic
◉ Vnet peering - Gateway Transit. Answer: a feature of vnet peering used to allow a VPN connection to another Vnet or an on prem network through a VPN gateway or express gateway
- only works with vnet peering allow gateway transit is placed on one vnet use remote gatewats is placed on the other vnets that are peered to the allow gateway transit vnet ◉ In a peered virtual network with 4 Vnets, how many gateways do you need?. Answer: just one thanks to gateway transit if the Vnets were not peered, they would each need their own gateway ◉ a feature of vnet peering is _______ _________. Answer: gateway transit vnets that are peered can share one gateway that connects to a VPN gateway or express route ◉ Transitivity. Answer: if a trusts b and b trusts c, then c trusts a. ◉ vnet peering is ___ transitive. Answer: its non transitive just because vnet 1 trusts vnet 2 and vnet 2 trusts vnet 3, it doesn't mean vnet 3 trusts vnet 1, the peering needs to be individually made to all of them
◉ Vnet peering - gateway transit - whats the hub and whats the spoke?. Answer: hub = vnet with allow gateway transit spoke = vnet with use remote gateway ◉ VPN Gateway. Answer: a virtual network gateway attached to your Vnet Allows a Vnet to communicate to an on prem network, other Vnets and allow remote users to connect to azure all traffic is encrypted with IPsec/Internet Key Exchange networks can be different regions or different subscriptions VPN Gateway is in a special subnet called the gateway subnet ◉ VPN Gateways - Portal - How to set up a gateway subnet - how to set up a virtual network gateway. Answer: Portal - Virtual Networks
- select Vnet - subnets - add gateway subnet
- this creates the special subnet the VPN gateway will reside in Portal - Virtual Network Gateways - add - same region as vnet
- route based = dynamically finds subnets
- policy based = static
50mbps to 10 gbps ◉ system routes. Answer: a route Azure automatically creates to make networking work inside a Vnet, Azure's built in routing logic Applied at the subnet level Used to direct network traffic
- VM to VM inside a vnet
- vnet to vnet (vnet peering)
- traffic to the inernet
- traffic to VPN gateway or express route gateway ◉ System Routes - Portal - Create a route table - Create a User Defined Route. Answer: Specifies the next hop in the route manually
- overrides system routes (the automatic ones) Portal - Route Tables - add Select route table - routes - add ◉ System Routes - Each route table can be associated to _____ subnets but __ subnet(s) can be associated to a single route table.. Answer: multiple one
◉ Azure Load Balancer. Answer: Distributes inbound traffic to backend resources like web servers Ensures application hosted on your data center are HA
- uses health probes to identify whether the web servers are healthy or not
- Public LBs or Internal LBs ◉ Azure Load Balancers - Public LB. Answer: Distributes traffic from the internet to your back end resources like web servers on your Vnet Maps public IP address and port number of the incoming traffic to the private IP address and port number of a VM (backend) ◉ Azure Load Balancers - Internal LB. Answer: Distributes traffic from within your Vnet or on prem to your vnet ex. VMs communicating in one subnet in your Vnet to Azure SQL DB servers on a different subnet in the same Vnet
- can be used for Multi tier applications that aren't internet facing
- express route, site to site VPN connections ◉ Azure Load Balancer - Load Balancer SKUs - Basic. Answer: - free
- legacy, for learning
- open by default
- LB rules --session persistence (session stickiness) (used for ecommurce) --if the traffic from device A is distributed to VM2 with session persistence enabled, that device will always get VM2 only ◉ Azure Load Balancers - Back end pool. Answer: --contains IPs of NICs connected to the LB belonging to VMs, NICs or VM Scale sets the backend pool are your resource devices your LB is distributing traffic to ex. VMs or NICs ◉ Azure Load Balancer - Health Probe - Protocol: HTTP - if the instance is healthy it will respond with an _____ _____. Answer: HTP 200 any other code number, the probe will fail and the instance will be considered not healthy, the LB will stop distributing traffic to that instance ◉ Azure Load Balancing - what 3 things do you need to configure before you can configure LB rules?. Answer: Frontend IP configuration Backend pools Health probes
◉ The LB uses the _-_____ hash to map traffic to available servers. Answer: 5-tuple hash source IP source port destination IP destination port protocol type ◉ Azure Traffic manager. Answer: DNS based traffic routing service
- uses DNS responses to direct clients to the best endpoint Works on the Global level Layers 7 Route users to the closest and healthiest region can be used with external, non azure endpoints conducts health checks automatic endpoint failover if a region goes down, HA ◉ Azure Load Balancers - what layers in OSI is the LB?. Answer: Layers 4 ◉ Azure Traffic Manager - routing methods - Priority. Answer: You establish a primary endpoint (East US), traffic will be directed to the primary at all times
default weight is 1 using the same weight on all endpoints means traffic will be distributed evenly among all of them the higher the weight the higher the priority ex. maybe you want to gradually increase traffic to a specific endpoint over time ◉ Portal - configure Azure Traffic Manager. Answer: Portal - Traffic Manager Profiles - add
- Traffic Manager Profile name must be unique globally Portal - Traffic Manager Profiles - select profile - endpoints - add your endpoints (app services, web servers etc) ◉ Azure Storage - 3 uses. Answer: Storage for VMs
- disks and file shares Storage for unstructured data
- blobs and data lakes (Hadoop) Storage for structured data
- tables, Cosmos DB and Azure SQL DB ◉ Azure Storage - Blobs. Answer: Object storage
massive amounts of unstructured data (images, videos, back ups, log files, documents, app data) Containers are flat, no real folders 3 types
- block blobs
- append blobs
- page blobs 3 lifecycle tiers
- hot (frequently accessed)
- cool (infrequently accessed)
- cold (rarely accessed)
- archive (long term, slow access) ◉ Azure Storage - Blob storage - 3 level structure. Answer: Azure storage acc (top level resources) > Container (like a folder) > Blob (the actual file) ◉ Azure Storage - Blobs - 3 lifecycle tiers. Answer: - hot (frequently accessed, cheapest to access)
- cool (infrequently accessed)
- archive (long term, slow access-may take several hours, expensive to access)