Unit 1

1. Explain the architecture of cloud computing.

 Cloud computing architecture refers to the components and subcomponents

required for cloud computing. These components typically consist of a front end
(client or user side), back end (cloud provider platform), a network (Internet or
intranet), and a cloud-based delivery model. Components can include servers, data
storage, virtualization software, and various services.

2. Discuss about cloud computing services.

 Cloud services are often categorized into three basic types:

o Infrastructure as a Service (IaaS): Provides virtualized computing resources
over the internet.
o Platform as a Service (PaaS): Offers hardware and software tools over the
internet, typically for application development.
o Software as a Service (SaaS): Delivers software applications over the
internet, available on a subscription basis.

3. What are the different types of cloud computing models? Discuss advantages and
disadvantages of all cloud computing models.

 Public Cloud: Services provided over the public internet and available to anyone.
o Advantages: Cost-effective and scalable.
o Disadvantages: Less control over data and security.
 Private Cloud: Dedicated for use by a single organization.
o Advantages: Greater control and security.
o Disadvantages: More expensive and requires IT expertise.
 Hybrid Cloud: Combines public and private clouds.
o Advantages: Flexibility and scalability.
o Disadvantages: Can be complex to implement.

4. Write in short about consumption-based models in cloud computing.

 Consumption-based models refer to the pricing model where customers are charged
based on the resources they use. This model provides flexibility and cost-efficiency,
as users only pay for what they consume, making it ideal for businesses with
fluctuating workloads.

5. List out all the cloud computing principles.

 On-demand self-service
 Broad network access
 Resource pooling
 Rapid elasticity
 Measured service
6. Explain the components of cloud computing.

 Key components include:

o Client devices: Devices that request cloud services.
o Data center: A facility used to house computer systems and associated
components.
o Distributed servers: Servers spread across multiple locations to ensure
failover and redundancy.
o Virtualization software: Software that allows for creating virtual instances of
physical hardware.

7. What are the types of Cloud Computing Services?

 As discussed earlier, these are IaaS, PaaS, and SaaS.

8. Explain about Cloud Computing Architecture and its Components.

 This is similar to what was detailed in question 1, focusing on the front end, back end,
network, and cloud services.

9. List out benefits of Cloud computing and describe each of them.

 Cost Efficiency: Reduces the cost of managing and maintaining IT systems.

 Scalability: Easier and more cost-effective to scale up or down as needed.
 Accessibility: Accessible from anywhere with internet connectivity.
 Disaster Recovery: Enhances data safety through robust backup and recovery
protocols.

10. What are the main advantages of cloud computing?

 The main advantages include cost savings, scalability, performance, and reliability.

11. Describe the consumption-based model.

 The consumption-based model is a pricing strategy where customers pay according

to the amount of resources they consume rather than paying a flat fee. This model is
characteristic of cloud services, offering flexibility and scalability, as it aligns
operational costs directly with usage levels, thereby optimizing expenditure.

12. What are the types of cloud model?

 This question seems to revisit the types of cloud computing models, which include:
o Public Cloud
o Private Cloud
o Hybrid Cloud
o Community Cloud: Shared between organizations with common concerns.
13. Define the differences between Infrastructure as a Service (IaaS), 14. Platform as a
Service (PaaS), and Software as a Service (SaaS).

 IaaS: Provides fundamental computing resources like virtual servers, networks,

storage, and operating systems on demand.
o Example: Amazon EC2.
 PaaS: Offers a platform allowing customers to develop, run, and manage applications
without dealing with the complexity of building and maintaining the infrastructure.
o Example: Google App Engine.
 SaaS: Delivers software applications over the internet, accessible from a web browser
without the need for installations or maintenance.
o Example: Microsoft Office 365.

15. Describe public, private, community, and hybrid clouds with their advantages and
disadvantages.

 Public Cloud:
o Advantages: Cost efficiency, no maintenance, near-unlimited scalability.
o Disadvantages: Lesser control, potential security concerns.
 Private Cloud:
o Advantages: Greater control, improved security, customization.
o Disadvantages: Higher cost, requires more IT expertise.
 Community Cloud:
o Advantages: Cost-effective for like-minded organizations, tailored to specific
group requirements.
o Disadvantages: Limited scalability, shared control.
 Hybrid Cloud:
o Advantages: Flexibility, scalability, cost-effectiveness of the public cloud
while retaining the security of critical assets in a private cloud.
o Disadvantages: Complexity in deployment, potentially higher costs due to
integration and management of different architectures.

16. Explain the shared responsibility model.

 The shared responsibility model in cloud computing delineates the security

obligations of the cloud provider and the customer to ensure accountability. The
provider is typically responsible for the security "of" the cloud (infrastructure,
physical and hardware security), while the customer is responsible for security "in"
the cloud (data, applications, access management).

17. Describe in short High Availability.

 High Availability (HA) refers to a system or component that is continuously

operational for a desirably long length of time. Availability can be achieved through
redundancy, fault tolerance, and failover solutions ensuring operational continuity
despite system failures.
18. Describe scalability and types of Scalabilities.

 Scalability is the capability of a system to handle a growing amount of work or its

potential to accommodate growth. Types include:
o Vertical scalability (scaling up): Adding resources to increase the capacity of
an existing server.
o Horizontal scalability (scaling out): Adding more servers to distribute the
load and increase throughput.

19. Differentiate between regions and Availability Zones.

 Regions: Geographic locations around the world where cloud services are hosted.
Each region consists of multiple isolated locations known as Availability Zones.
 Availability Zones: Physically separate data centers within a region that are
engineered to be isolated from failures in other Availability Zones, providing
redundancy and reducing latency.

Unit 2

20. What is Serverless Computing? List an example of a serverless computing service in

Azure.

 Serverless Computing allows developers to build applications without managing

underlying infrastructure. The cloud provider manages the setup, capacity planning,
and server management. Azure automatically scales the application, billing only for
the resources the application uses during execution.
o Example in Azure: Azure Functions, which allows users to run code triggered
by events without provisioning or managing servers.

21. What is an Azure Subscription? Mention types of Subscriptions.

 An Azure Subscription acts as a logical container used to manage resources in

Azure. It helps organize access and billing for cloud services.
o Types of Subscriptions:
 Free: Offers limited resources for learning, testing, and prototyping.
 Pay-As-You-Go: Billed based on actual usage, suitable for businesses.
 Enterprise Agreement (EA): For large organizations, offering volume
licensing with flexible billing.

22. Management Groups, Resource Groups, and Resources in Azure.

 Management Groups: These are containers that help manage access, policy, and
compliance across multiple Azure subscriptions.
 Resource Groups: A container that holds related resources for an Azure solution.
The resource group can include all the resources for the solution, or only those
resources that are managed together.
 Resources: Instances of services that you create, like virtual machines, storage, or
SQL databases.
23. What is Azure Blob Storage used for?

 Azure Blob Storage is used for storing large amounts of unstructured data, such as
text or binary data, that can be accessed from anywhere in the world via http or https.
Typical uses include serving images or documents directly to a browser, storing files
for distributed access, streaming video and audio, and storing data for backup and
restore, disaster recovery, and archiving.

24. What is the difference between Azure Blob Storage and Azure File Storage?

 Azure Blob Storage is optimized for storing massive amounts of unstructured data,
such as text or binary data.
 Azure File Storage offers fully managed file shares in the cloud that are accessible
via the industry standard SMB protocol. It is ideal for lift-and-shift scenarios for
legacy applications that rely on file shares.

25. What are Azure containers?

 Azure Containers are a lightweight, virtualized, portable, software-defined

environment that abstracts applications from the underlying hardware. Azure
Container Service (ACS) allows you to deploy containers at scale using popular
orchestrators like Kubernetes, DC/OS, or Docker Swarm.

26. What is Azure App Service?

 Azure App Service is a fully managed web hosting service for building web apps,
mobile back ends, and RESTful APIs. It supports multiple programming languages,
such as .NET, .NET Core, Java, Ruby, Node.js, PHP, or Python. Services are auto-
scaling with high availability.

27. Explain about LRS, GRS, ZRS and RA-GRS with appropriate figures.

 LRS (Locally Redundant Storage): Stores three copies of data within a single data
center.
 GRS (Geo-Redundant Storage): Replicates data to a secondary region that is
hundreds of miles away from the primary region.
 ZRS (Zone Redundant Storage): Spreads data across multiple availability zones
within the same region.
 RA-GRS (Read-Access Geo-Redundant Storage): Provides read-only access to the
data in the secondary location as well as geo-replication.

28. What is Azure Virtual Networking?

 Azure Virtual Network (VNet) enables many types of Azure resources, such as
Azure Virtual Machines (VM), to securely communicate with each other, the internet,
and on-premises networks. VNet is similar to a traditional network that you'd operate
in your own data center but brings additional benefits of Azure's infrastructure such as
scalability, availability, and isolation.
29. What is Azure SQL Database?

 Azure SQL Database is a fully managed platform as a service (PaaS) database

engine that handles most of the database management functions like upgrading,
patching, backups, and monitoring without user involvement.

30. Explain about SQL Database elastic pool and SQL Managed Instance Pool.

 SQL Database Elastic Pool is a shared resource model that allows multiple SQL
databases to share a set of resources at a set price. This model is cost-effective for
organizations with multiple databases that have varying and unpredictable usage
demands.
 SQL Managed Instance Pool provides high-performance, durable storage for
instances where compute and storage resources are isolated from each other, allowing
for highly scalable performance and reliable storage.

31. List and Explain various Redundancy/Replication options available in Azure

Storage Service.

 Locally Redundant Storage (LRS): Stores three copies of your data within a single
data center.
 Zone-Redundant Storage (ZRS): Stores three copies across two to three facilities,
either within the same region or across two regions.
 Geo-Redundant Storage (GRS): Replicates your data to a secondary region far from
the primary region.
 Read-Access Geo-Redundant Storage (RA-GRS): Same as GRS, but provides read
access to the data in the secondary location.

32. List out most common use cases of Azure Functions.

 Event-driven processing: Respond to database changes, process IoT streams,

manage message queues and event hubs.
 Web applications: Serve as backend for web applications.
 RESTful APIs and microservices: Build APIs and microservices that scale
automatically.
 Scheduled tasks: Run cleanup or batch jobs on a schedule.

33. Describe Azure Active Directory and its various features including RBAC, MFA,
and SSO.

 Azure Active Directory (Azure AD) is Microsoft's multi-tenant, cloud-based

directory, and identity management service.
o Role-Based Access Control (RBAC): Provides fine-grained access
management to Azure resources.
o Multi-Factor Authentication (MFA): Adds a layer of security for your
Azure services by requiring two or more verification methods.
o Single Sign-On (SSO): Enables users to remember only one ID and password
to access multiple applications.
34. Write a brief note on Authentication and Authorization.

 Authentication is the process of verifying who a user is, typically through credentials
like usernames and passwords.
 Authorization is the process of verifying what they have access to. This involves
checking user permissions and roles against the security policies defined.

35. Explain briefly about SSO and Multifactor Authentication.

 Single Sign-On (SSO) allows users to log in once and access multiple related but
independent software systems without re-authenticating.
 Multifactor Authentication (MFA) enhances security by requiring multiple forms of
verification from independent categories of credentials to validate the user’s identity
for a login or other transaction.

36. Describe Azure Authentication methods.

 Azure supports various authentication methods, including:

o Azure AD Connect with Password Hash Synchronization or Pass-through
Authentication
o OAuth 2.0
o OpenID Connect
o SAML 2.0
o Multi-factor Authentication (MFA)

37. What is Single Sign-On?

 Referenced in question 35, SSO is a session and user authentication service that
permits a user to use one set of login credentials (e.g., name and password) to access
multiple applications.

38. What is Multi-Factor Authentication?

 Also detailed in question 35, MFA is a security system that requires more than one
method of authentication from independent categories of credentials to verify the
user's identity for a login or other transaction.

39. What is RBAC?

 Role-Based Access Control (RBAC) is a method of regulating access to computer or

network resources based on the roles of individual users within an enterprise. RBAC
ensures that only authorized users have access to certain resources based on their role.

40. How does RBAC work?

 In RBAC, access decisions are based on an individual's roles and responsibilities

within the organization or work environment. Roles are assigned permissions that
determine access levels and actions that can be performed.
41. How does Azure AD provide single sign-on (SSO) capabilities?

 Azure AD integrates with applications via federation using standard protocols such as
SAML 2.0, OpenID Connect, and OAuth 2.0 to provide SSO capabilities. This allows
users to authenticate once and access all their applications.

42. What is multi-factor authentication (MFA) and its importance in Azure?

 As described, MFA adds additional layers of security by requiring more than one
method of verification. In Azure, it's crucial to protect data and applications from
unauthorized access, especially in public and hybrid cloud environments.

43. What is Azure AD? Explain different editions of Azure AD.

 Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity and access
management service.
o Free edition offers user and group management, on-premises directory
synchronization, basic reports, and single sign-on across Azure, Microsoft
365, and many popular SaaS apps.

Office 365 apps edition is included with Office 365 subscriptions, providing enhanced
features. - Premium P1 edition includes advanced protection for enterprise environments
with features such as Dynamic Groups, Conditional Access, and Password Protection. -
Premium P2 edition offers all P1 capabilities plus Identity Protection and Privileged Identity
Management.

44. Explain the concept of Azure B2B and B2C.

 Azure B2B (Business-to-Business) enables collaboration by allowing organizations

to share their applications and services with guest users from any other organization
while maintaining control over corporate data.
 Azure B2C (Business-to-Consumer) is an identity management service that enables
you to connect to any customer who chooses to use their existing social, enterprise, or
local account identities to get access to your applications.

45. Define Azure Zero trust model.

 The Azure Zero Trust model is a security strategy that assumes breach and verifies
each request as though it originates from an open network. Regardless of where the
request originates or what resource it accesses, the Zero Trust model teaches "never
trust, always verify."

46. Explain defence in depth.

 Defence in depth is a security strategy that employs a series of defensive mechanisms

to protect the integrity of the information. If one mechanism fails, another steps up
immediately to thwart an attack. Azure implements this by layering security measures
at data, application, network, and perimeter layers.
47. What is the difference between Azure Firewall and NSG?

 Azure Firewall is a managed, cloud-based network security service that protects your
Azure Virtual Network resources. It's a fully stateful firewall as a service with built-in
high availability and unrestricted cloud scalability.
 Network Security Group (NSG) filters network traffic to and from Azure resources
within an Azure virtual network. An NSG contains a list of security rules that allow or
deny network traffic based on source and destination IP address, port, and protocol.

48. What is the Azure Pricing Calculator, and how can it assist in estimating costs?

 The Azure Pricing Calculator helps users estimate the costs of Azure products and
services. Users can configure and estimate the costs for Azure services based on their
specific use cases and configurations.

49. What is Azure cost management? Explain its features and functionalities.

 Azure Cost Management is a suite of tools that help organizations manage cloud
spend and optimize resource utilization. Key features include budgeting, cost analysis,
and cost allocation, which help track, allocate, and potentially reduce spend across
Azure and other cloud environments.

50. Describe Azure's deprecation policies and their impact on services and users.

 Azure periodically retires or deprecates features, services, or certain capabilities in

favor of newer alternatives. Deprecation policies generally provide advance notice,
detailed migration guidance, and time frames, allowing users to plan migrations to
newer services or versions without disruption.

51. Describe the different Azure subscription options available.

 In addition to the subscription types mentioned earlier (Free, Pay-As-You-Go,

Enterprise Agreement), there is also:
o Developer: Designed for testing and development, not for production.
o Managed Service Provider (MSP): Enables MSPs to manage customer
environments.

52. Describe About Pricing calculator and TCO Calculator.

 Azure Pricing Calculator: Helps estimate the cost of Azure products based on usage.
 Total Cost of Ownership (TCO) Calculator: Helps estimate the cost savings of
moving to Azure compared to on-premises infrastructure.

53. What are cost management factors in Azure?

 Key factors include resource size and type, location, reserved instances, and resource
usage patterns. Effective cost management also involves right-sizing resources,
choosing the correct pricing model, and applying cost-saving policies.
54. Explain Azure support options.

 Azure offers several support plans:

o Basic: Includes support for billing and subscription management issues.
o Developer: Provides access to technical support for non-production
environments.
o Standard: Offers faster response times and access to support for production
workloads.
o Professional Direct: Delivers fastest response times with proactive guidance.

55. What is Cost Management Capabilities in Azure and Describe about Budget Alerts,
Credit Alerts and Department Spending Quota Alerts.

 Azure Cost Management is a suite of tools that help monitor, manage, and optimize
the costs of Azure services. Key features include:
o Budget Alerts: Notify users when spending approaches or exceeds predefined
thresholds.
o Credit Alerts: Inform users about the consumption of their Azure credits.
o Department Spending Quota Alerts: Enable organizations to set spending
limits for different departments or teams to control costs effectively.

56. What are the Factors that affect cost in Azure?

 Several factors can affect costs in Azure, including:

o Resource types: Different services and resources have different pricing
models.
o Usage volume: More usage typically leads to higher costs.
o Region: Prices can vary between Azure regions due to local market dynamics.
o Reserved instances: Committing to certain resources for a longer period can
reduce costs.
o Outbound data transfers: Data moving out of Azure data centers incurs
costs.

57. What is the Purpose of Azure Advisor.

 Azure Advisor is a personalized cloud consultant that helps you follow best practices
to optimize your Azure deployments. It provides recommendations in four key areas:
high availability, security, performance, and cost to improve the effectiveness and
efficiency of your applications.

58. Describe Service Lifecycles in Cloud Computing.

 Service Lifecycles in cloud computing involve the phases through which cloud
services pass, from initial development and deployment to maintenance and eventual
decommissioning or upgrading. This includes managing updates, scaling,
performance optimization, and ensuring security compliance.
59. Define Azure Service Level Agreements (SLAs) and explain their significance for
businesses.

 Azure Service Level Agreements (SLAs) document the performance standards

Azure commits to, such as uptime and connectivity. SLAs are significant for
businesses as they provide assurance on service reliability and performance, which are
critical for planning and operational consistency in cloud environments.

60. What are the deployment models in Azure?

 Azure supports several deployment models, including:

o Resource Manager: Modern deployment model that provides a more secure
and scalable deployment mechanism.
o Classic: Older model which is less flexible and not as feature-rich as the
Resource Manager.

61. What are Azure Virtual Machines (VMs), and how are they used in Azure?

 Azure Virtual Machines (VMs) are on-demand, scalable computing resources that
offer virtualized hardware including CPUs, memory, and storage. They are commonly
used to run applications and workloads, host websites, and store data, providing
flexibility in computing power and configuration.

62. Explain IaaS, PaaS, and SaaS models in cloud computing and their characteristics.

 Infrastructure as a Service (IaaS): This model provides virtualized physical

computing resources over the Internet. Users can manage operating systems, storage,
and deployed applications while the cloud provider handles the physical
infrastructure. Characteristics include flexibility, cost-effectiveness, and scalability.
 Platform as a Service (PaaS): Offers a framework for developers that they can build
upon and use to create customized applications. All servers, storage, and networking
can be managed by the enterprise or a third-party provider while the developers can
maintain management of the applications. Characteristics include built-in scalability
of deployed software, more agile development cycles, and no need to manage the
underlying infrastructure.
 Software as a Service (SaaS): Delivers software applications over the Internet, which
are usually accessed by users through a web browser. All underlying infrastructure,
middleware, app software, and app data are managed by the service provider.
Characteristics include accessibility, compatibility, and operational management.

63. Explain the concepts of authentication and authorization in the context of Microsoft
Azure cloud services.

 Authentication verifies the identity of a user or service, asking "Who are you?"
Azure uses various authentication methods such as passwords, biometrics, and
security tokens. Azure Active Directory (AD) is a critical component in handling
authentication.
 Authorization occurs after authentication, determining what permissions an
authenticated user has. It asks, "What can you do?" This is managed in Azure through
 mechanisms like role-based access control (RBAC), where users are granted access to
resources based on their roles.

64. What are the benefits of using Azure AD?

 Centralized Identity Management: Simplifies managing users and permissions.

 Single Sign-On (SSO): Users can access multiple applications with one set of
credentials.
 Multi-Factor Authentication: Enhances security by requiring multiple forms of
verification.
 Integration: Works with Microsoft and third-party cloud services.
 Conditional Access: Security policies can be enforced based on conditions.

65. Explain the concept of cloud computing and its key characteristics.

 Cloud computing involves delivering different types of services over the Internet.
Key characteristics include:
o On-demand self-service: Users can provision resources as needed without
human intervention.
o Broad network access: Services are available over the network and accessed
through standard mechanisms that promote use by heterogeneous client
platforms.
o Resource pooling: The provider’s computing resources are pooled to serve
multiple consumers using a multi-tenant model.
o Rapid elasticity: Capabilities can be elastically provisioned and released to
scale rapidly outward and inward commensurate with demand.
o Measured service: Cloud systems automatically control and optimize
resource use by leveraging a metering capability.

66. Write down the difference between Availability Zone (AZ) and Availability Set (AS).

 Availability Zone (AZ): A high-availability offering that protects your applications

and data from datacenter failures. AZs are unique physical locations within a region,
each with one or more datacenters equipped with independent power, cooling, and
networking.
 Availability Set (AS): A logical grouping of VMs within a datacenter that
automatically distributes VMs across multiple fault domains and update domains.
This distribution helps protect your applications from network, storage, power, and
hardware failures.

67. Explain Azure Service Level Agreements (SLAs).

 Azure SLAs document the commitments of service quality and availability that
Azure guarantees to its customers. These include specific metrics and associated
downtime thresholds that Azure commits to achieving. If these commitments are not
met, customers may be eligible for credits towards a portion of their monthly service
fees.
68. What is azure cost management? Explain its features and functionalities.

 Azure Cost Management helps organizations manage cloud spending by tracking

resource usage and expenditures. Key features include:
o Cost Analysis: To analyze and break down where and how resources are
being consumed.
o Budgets: Set and manage budgets to control organizational spending.
o Recommendations: Identify underutilized resources to optimize spending.
o Alerts: Set up alerts for when spending exceeds or is projected to exceed
budget amounts.

69. Explain Availability Set in Azure?

 An Availability Set is an Azure feature that ensures VMs are distributed across
multiple isolated hardware nodes in a cluster. This provides redundancy and
availability, ensuring that if one piece of hardware or one physical location fails, only
a subset of VMs is impacted and the overall application remains available.

70. What are the differences between Azure Load Balancer and Traffic Manager?

 Azure Load Balancer: Operates at layer 4 (Transport Layer) and distributes inbound
traffic among healthy service instances in cloud services or virtual machines within a
virtual network. It provides high availability and network performance to your
applications.

 Azure Traffic Manager: Operates at DNS layer and directs client requests to the most
appropriate service endpoint based on a traffic-routing method and the health of the
endpoints. It is used for routing user traffic to globally distributed, Internet-facing
applications to achieve optimal performance and availability.

71. Explain the use of both Pricing calculator and TCO Calculator.

 Azure Pricing Calculator: Helps users estimate the cost of Azure products and
services. Users can select the resources they need, configure their settings, and the
calculator will provide an estimated monthly cost. This tool is essential for budget
planning and cost management.
 Total Cost of Ownership (TCO) Calculator: Helps users estimate the cost savings
of migrating to Azure compared to on-premises infrastructure. It considers various
factors such as hardware, software, labor, and operational costs. The TCO Calculator
provides a detailed report that includes a cost-benefit analysis for moving to Azure.
72. What is the Purpose of Azure Advisor?

 Azure Advisor is a personalized cloud consultancy service that provides best practice
recommendations tailored to your Azure deployments. It helps optimize your Azure
resources for cost, performance, reliability, operational excellence, and security.
Azure Advisor scans your resource usage and configurations, then provides actionable
guidance to help you effectively optimize and secure your deployments.

73. Describe the Concept of Defense in Depth with Illustration.

 Defense in Depth is a layered security approach that uses multiple security measures
to protect the information and IT operations of an organization. This strategy can be
visualized as concentric circles around a core, where the core represents critical data
and assets, and each circle represents a different layer of security measures, such as:
o Perimeter: Firewalls, network intrusion detection systems.
o Network: Network segmentation, secure protocols.
o Endpoint: Antivirus software, patch management.
o Application: Application security testing, anti-exploit technologies.
o Data: Encryption, data loss prevention technologies.
o User: Multi-factor authentication, security awareness training.

74. Explain Shared Responsibility Model in Azure.

 In Azure's Shared Responsibility Model, the responsibility for security and

compliance is shared between Microsoft and the customer. The division of
responsibility varies based on the service model:
o IaaS (Infrastructure as a Service): Customers are responsible for the
security of their data, endpoints, applications, and network traffic. Microsoft is
responsible for the physical hosts and network.
o PaaS (Platform as a Service): Microsoft takes on more responsibility,
including operating systems and network controls, while customers handle
their applications and data.
o SaaS (Software as a Service): Microsoft is responsible for securing the
infrastructure and applications, while customers manage their user accounts
and data.

75. What are the advantages of choosing cloud computing?

 Cost Efficiency: Reduces or eliminates capital expenditure on hardware and software.

 Scalability: Easily scales resources up or down based on demand.
 Accessibility: Provides access to applications and data from anywhere in the world.
 Disaster Recovery: Ensures data is backed up and can be recovered in a disaster
scenario.
 Innovation: Allows businesses to test and deploy new applications quickly without
significant upfront investment.
76. What are the Factors that affect cost in Azure?

 Resource Types: Different types of resources (e.g., compute, storage, network) have
different pricing.
 Service Tier: Higher service tiers often come with higher costs.
 Instance Size: Larger instances generally cost more.
 Region: Prices may vary depending on the Azure region due to operational costs.
 Reserved Instances: Pre-purchasing resources for a longer-term often results in
discounts.
 Outbound Data Transfers: Data leaving Azure data centers can incur costs.

77. What are the advantages of using a resource group in Azure?

 Organizational Clarity: Resource groups allow you to manage and organize related
resources for an application or project together.
 Lifecycle Management: Simplifies the management of resource lifecycles as
resources in a group can be deployed, updated, and deleted together.
 Access Control: Facilitates the assignment of permissions at the resource group level,
allowing more granular access control within Azure environments.

78. Write down the difference between VPN Gateway and Express Route.

 VPN Gateway: Provides a secure connection over the internet to Azure networks. It's
generally used for point-to-site (P2S) or site-to-site (S2S) connections and is cost-
effective but might offer slower speeds and higher latencies compared to dedicated
connectivity.
 ExpressRoute: Provides a dedicated private connection to Azure data centers from
on-premises networks. It offers more reliability, faster speeds, lower latencies, and
higher security than VPN Gateway, but at a higher cost.

79. What does Azure AD do?

 Azure AD (Azure Active Directory) is Microsoft's multi-tenant, cloud-based

directory and identity management service. It provides identity and access
management solutions, enabling:
o Single Sign-On (SSO) across Azure, Microsoft 365, and thousands of other
SaaS applications.
o Multi-factor Authentication for enhanced security.
o Application access management and security monitoring to ensure data
protection.
80. What are the differences between Azure Active Directory (Azure AD) and on-
premise Active Directory Domain Service (ADDS)?

 Azure AD:
o Is a cloud-based identity service providing SSO, MFA, and application
integration.
o Primarily designed to support web-based services that use REST APIs for
authentication.
 Active Directory Domain Services (ADDS):
o Is an on-premises directory service that supports a broad range of directory-
based identity-related services.
o Uses traditional protocols like LDAP and Kerberos for authentication and
directory services.

81. What is the use of Azure Management Group?

 Azure Management Groups provide a level of scope above subscriptions. They

allow you to efficiently manage access, policies, and compliance across multiple
Azure subscriptions. Management groups are helpful for organizations with multiple
subscriptions, enabling them to manage governance controls and policies at scale. By
organizing subscriptions into containers called management groups, you can apply
your governance conditions once and have them inherit down to all subscriptions in
the management group.

82. Explain the different types of subscription options available in Azure.

 Free Subscription: Provides limited free services for 12 months to explore Azure.
 Pay-As-You-Go Subscription: Ideal for individuals or companies looking to pay
only for what they use without upfront commitments.
 Enterprise Agreement (EA) Subscription: Best for large organizations that can
commit to a minimum spend over three years to receive discounted rates.
 Student Subscription: Offers certain services for free to students who meet
Microsoft's eligibility requirements.

83. What are the differences between different cloud models?

 Public Cloud: Services are provided over the public Internet and are available to
anyone who wants to purchase them. The cloud resources (like servers and storage)
are owned and operated by a third-party cloud service provider and delivered over the
Internet.
 Private Cloud: The cloud infrastructure is used exclusively by one business or
organization. The private cloud can be physically located at the organization’s on-site
datacenter, or it can be hosted by a third-party service provider. But in a private cloud,
services and infrastructure are always maintained on a private network.
 Hybrid Cloud: Combines public and private clouds, bound together by technology
that allows data and applications to be shared between them. By allowing data and
applications to move between private and public clouds, a hybrid cloud gives your
business greater flexibility, more deployment options, and helps optimize your
existing infrastructure, security, and compliance.
84. What are the differences between Network Security Group (NSG), Application
Security Group (ASG), and Azure Firewall?

 Network Security Group (NSG): An NSG is a networking filter (firewall)

containing a list of security rules that allow or deny network traffic to resources
connected to Azure Virtual Networks (VNet). NSGs can be associated with subnets or
individual virtual machine instances within that subnet.
 Application Security Group (ASG): ASGs are used within a Network Security
Group to apply a network security policy on virtual machines. They let you configure
network security as a natural extension of an application’s structure, by grouping
virtual machines and defining network security policies based on those groups.
 Azure Firewall: A managed, cloud-based network security service that protects your
Azure Virtual Network resources. It's a fully stateful firewall as a service with built-in
high availability and unrestricted cloud scalability.

85. What are the differences between Bicep and JSON Template?

 Bicep: Bicep is a domain-specific language (DSL) for deploying Azure resources

declaratively. It aims to drastically simplify the authoring experience with a cleaner
syntax, improved type safety, and better support for modularity and code re-use.
Bicep is essentially an abstraction over ARM templates and is transpiled to standard
ARM Template JSON files.
 JSON Template (ARM Template): ARM templates are JSON files that define the
infrastructure and configuration for your project. They use declarative syntax to let
you state "what" you intend to deploy without having to write the sequence of
programming commands to create it. The JSON format can be verbose and complex,
which is what Bicep aims to simplify.

86. Write down the difference between VPN Gateway and Express Route.

 This question seems to be a repeat of question 78, highlighting the differences

between VPN Gateway (public Internet connectivity for secure, encrypted
connections) and ExpressRoute (private connectivity for more reliable and faster
connections).

87. Explain the advantages of Azure Resource Manager (ARM) templates.

 Azure Resource Manager (ARM) templates provide a powerful way to deploy and
manage Azure resources. Advantages include:
o Declarative Syntax: Allows you to state "what" you want to deploy without
having to write the sequence of programming commands to create it.
o Idempotency: The same template can be deployed many times to create
identical development, test, and production environments.
o Modularity: You can break down your solution into reusable, manageable
pieces by using linked templates.
o Orchestration: Handles and automates the order of resource deployment.
88. What are the benefits of the Azure Resource Manager?

 Azure Resource Manager offers several benefits:

o Consistent Management Layer: ARM provides a consistent management
layer to perform tasks through Azure PowerShell, Azure CLI, Azure portal,
REST API, and client SDKs.
o Template-Based Deployment: Supports template-based deployment which
helps in deploying complex environments according to a defined
configuration.
o Role-Based Access Control: Integrates with Azure's RBAC feature, allowing
fine-grained access management of Azure resources.
o Dependency Management: Automatically handles dependencies between
resources so they are deployed in the correct order.

89. Define cloud computing.

 Cloud computing is the delivery of computing services—including servers, storage,

databases, networking, software, analytics, and intelligence—over the Internet ("the
cloud") to offer faster innovation, flexible resources, and economies of scale. Users
typically pay only for cloud services they use, helping lower operating costs, run
infrastructure more efficiently, and scale as their business needs change.

90. What are the main advantages of SaaS?

 Advantages of Software as a Service (SaaS) include:

o Cost-effective: Reduces the cost of software ownership by eliminating the
need for technical staff to manage and upgrade software and hardware.
o Scalability: Offers high scalability with the integration of other cloud
services.
o Accessibility: Accessible from any device with an internet connection and a
web browser.
o Automatic Updates: Providers manage updates and upgrades, ensuring that
the SaaS applications are equipped with the latest features without user
intervention.

91. What is Azure Virtual Machine?

 Azure Virtual Machine (VM) is an on-demand, scalable computing resource offered

by Microsoft Azure. Essentially, it is a server in the cloud on which you have the OS
level control. You can use Azure VMs to deploy a wide range of computing solutions
in an agile way, such as development and test environments, applications, and
extensions to your data center.
92. What can you do with Azure App Services?

 Azure App Services enables you to build and host web apps, mobile back ends, and
RESTful APIs in the programming language of your choice without managing
infrastructure. It offers auto-scaling and high availability, supports both Windows and
Linux, and enables automated deployments from GitHub, Azure DevOps, or any Git
repo. Key capabilities include:
o Hosting web applications.
o Running background tasks using WebJobs.
o Integrating with other Azure services to extend functionality.

93. What is Azure Active Directory (AAD)?

 Azure Active Directory (AAD) is Microsoft's multi-tenant, cloud-based directory

and identity management service that combines core directory services, application
access management, and identity protection into a single solution. AAD is used to
give employees and customers single sign-on (SSO) and multi-factor authentication
(MFA) access to external and internal applications.

94. Explain the concept of a hybrid cloud and its advantages.

 Hybrid Cloud is a computing environment that combines a public cloud and a private
cloud by allowing data and applications to be shared between them. Advantages
include:
o Flexibility: Businesses can scale their on-premises infrastructure up to the
public cloud to handle excess capacity.
o Agility: The ability to rapidly change and adapt computing resources to meet
business demands.
o Cost-effectiveness: Allows businesses to store protected or sensitive data on a
private cloud, while taking advantage of the computational power of the public
cloud for less sensitive tasks.
o Compliance: Keeps sensitive data in-house under business control while
benefiting from cloud technology.

95. What is Azure Storage and how is it used in cloud computing?

 Azure Storage is a Microsoft-managed service providing cloud storage that is highly

available, secure, durable, scalable, and redundant. It includes Azure Blob Storage for
REST-based object storage of unstructured data, File Storage for SMB-based file
shares, Queue Storage for messaging, and Table Storage for NoSQL data. Azure
Storage is used for a variety of functions, including:
o Serving images or documents directly to a browser.
o Storing files for distributed access.
o Streaming video and audio.
o Performing secure and durable storage for backup, disaster recovery, and
archival.
96. What is identity and access management (IAM) in Azure?

 Identity and Access Management (IAM) in Azure refers to the set of capabilities
provided by Azure Active Directory (Azure AD) that helps secure and manage
identities and their access to applications and resources. It encompasses a broad array
of functionalities, including:
o User and group management.
o Role-based access control (RBAC).
o Single sign-on (SSO).
o Multi-factor authentication (MFA).
o Identity protection and conditional access policies.

97. What are the key advantages of using public cloud services?

 Key advantages of using public cloud services include:

o Cost Efficiency: Reduces or eliminates the capital expenditure of buying
hardware and software.
o Global Scale: The ability to scale elastically, delivering the right amount of IT
resources, such as more or less computing power, storage, and bandwidth,
right when they are needed, and from the right geographic location.
o Performance: Large cloud services run on a worldwide network of secure
datacenters which are regularly upgraded to the latest generation of fast and
efficient computing hardware.
o Speed and Agility: Resources can be provisioned in minutes, providing
businesses the flexibility to scale up as computing needs increase and to scale
down as demands decrease.
o Productivity: On-site datacenters typically require a lot of “racking and
stacking”—hardware setup, software patching, and other time-consuming IT
management chores. Cloud services remove the need for many of these tasks,
so IT teams can spend time on achieving more important business goals.

98. How does Azure Kubernetes Service (AKS) facilitate container orchestration?

 Azure Kubernetes Service (AKS) simplifies deploying, managing, and operating

Kubernetes clusters in Azure. It automates various complex Kubernetes management
tasks, including:
o Automated Upgrades: Automatically updates and upgrades Kubernetes
clusters to the latest version, helping to manage the lifecycle of containers
effectively.
o Scale Operations: Enables automatic scaling of applications based on their
resource usage or manual scaling to adjust to changes in demand.
o Health Monitoring: Integrates with Azure Monitor for containers to provide
visibility into the performance of container workloads, monitoring the health
and performance of Kubernetes environments.
o Network Configuration: Manages complex networking features like
integrating with Azure Virtual Network, providing advanced networking
features, configuring ingress, and network policies.
99. Explain the role of Azure SQL Database in cloud-based applications.

 Azure SQL Database is a fully managed relational database service that offers SQL
Server engine compatibility. It supports cloud-based applications by providing:
o High Availability: Built-in high availability with no additional configuration.
o Scalability: Offers dynamic scalability without downtime, allowing
performance levels to be adjusted without disruption.
o Security Features: Includes advanced security features like threat detection,
always encrypted data, and data masking to protect critical data.
o Automated Backups: Provides automatic backups and point-in-time restore
capabilities, ensuring data durability and compliance.

100. What is cloud computing? State any two real-time applications of cloud computing.

 Cloud computing refers to the on-demand availability of computer system resources,

particularly data storage and computing power, without direct active management by
the user. It enables companies to consume a compute resource, such as a virtual
machine, storage, or an application, as a utility—just like electricity—rather than
having to build and maintain computing infrastructures in-house.
o Real-time Applications:
 E-commerce: Cloud platforms host e-commerce services that handle
millions of transactions per day, scale during high traffic, and provide
data analytics tools to understand customer behavior.
 Healthcare: Cloud computing is used for telemedicine services, real-
time patient monitoring systems, and securely storing and analyzing
vast amounts of medical data.

101. What is Azure Resource Group?

 An Azure Resource Group is a container that holds related resources for an Azure
solution. The resource group can include all the resources for the solution, or only
those resources that are managed together. Resource groups make it easier to manage
and organize resources within a subscription, control access to assets based on group
membership, and track billing by viewing the aggregated costs of resources within a
group.

102. What is Azure Storage? Explain in short Azure Blob Storage.

 Azure Storage offers highly scalable, secure, durable, and performance-efficient

storage services in Azure. It includes services such as Azure Blobs (object storage),
Azure Files (file storage), Azure Queues (messaging), and Azure Tables (NoSQL
key-value store).
o Azure Blob Storage: This service stores massive amounts of unstructured
object data, such as text and binary data, which can be accessed from
anywhere in the world via HTTP or HTTPS. Common uses include serving
images or documents directly to a browser, storing files for distributed access,
and backing up data.
103. State any three differences between Public Cloud and Private Cloud.

 Public Cloud:
o Shared infrastructure: Resources are shared among multiple organizations.
o Lower cost: Typically offers a pay-as-you-go model that minimizes IT costs.
o Less control: Managed by third-party providers, offering less control over data
and security.
 Private Cloud:
o Exclusive infrastructure: Dedicated solely to one organization.
o Higher cost: Requires significant capital and operational expenditure.
o More control: Offers organizations full control over their environments,
including security and compliance.

104. What is Authentication and Authorization?

 Authentication verifies a user’s identity to confirm that they are who they claim to
be. This can be achieved through various means such as passwords, biometric scans,
or security tokens.
 Authorization occurs after authentication and involves granting the authenticated
user permission to access different resources or perform specific operations. It is
about determining whether a user has the right to perform an action or access data.

105. Explain different Azure Authentication methods.

 Azure supports several authentication methods to secure resources:

o Azure Active Directory (Azure AD): Provides identity services that enable
single sign-on, multi-factor authentication, and conditional access.
o OAuth 2.0 and OpenID Connect: For modern authentication needs, enabling
applications to authenticate and authorize users.
o Shared Access Signature (SAS): Grants limited access to Azure Storage
resources without exposing your account key.
o Managed Identities: Automatically manages credentials for accessing Azure
services, simplifying the security management of Azure resources.

106. Explain Shared Responsibility Model in Azure.

 The Shared Responsibility Model in Azure delineates the security obligations

between Microsoft and the user. The division of responsibilities varies depending on
the service type:
o Infrastructure as a Service (IaaS): Customers manage the operating system,
applications, and network configuration; Azure handles physical security,
server hardware, and network infrastructure.
o Platform as a Service (PaaS): Microsoft manages the operating systems,
physical infrastructure, network control; customers manage the applications
and data.
o Software as a Service (SaaS): Microsoft ensures the security of the
application and infrastructure, while customers manage their user data and
user access.
107. Compare IaaS, PaaS, and SaaS.

 Infrastructure as a Service (IaaS) provides the most flexible cloud computing

model and gives users direct access to servers and storage, but they must manage
these resources themselves.
 Platform as a Service (PaaS) abstracts and simplifies the management of hardware
and operating systems, allowing users to focus on the deployment and management of
applications.
 Software as a Service (SaaS) provides a complete product that is run and managed
by the service provider. In a SaaS model, users don’t worry about maintaining the
service or managing the infrastructure.

108. Explain Redundancy Options in Azure Storage with neat diagrams.

 Azure Storage provides several redundancy options to ensure data durability and high
availability across different scenarios:
o Locally Redundant Storage (LRS): Stores three copies of your data within a
single region.
o Zone-Redundant Storage (ZRS): Spreads your data across three Azure
availability zones in the same region.
o Geo-Redundant Storage (GRS): Replicates your data to a secondary region,
far from the primary region.
o Geo-Zone-Redundant Storage (GZRS): Combines the approaches of GRS
and ZRS, providing both cross-zone and cross-region replication.
o (Note: Detailed diagrams are not displayable in text format but typically show
data replicated across different physical locations or zones.)

109. Explain Cloud Computing Architecture with a neat diagram.

 Cloud Computing Architecture typically consists of two main components: the

front end and the back end. They are connected through a network, usually the
internet. The front end is the side the user interacts with, and the back end is the
"cloud" section of the system.
o Front End: Includes the user’s computer or computer network and the
application required to access the cloud computing system.
o Back End: Consists of various computers, servers, and data storage systems
that create the "cloud" of computing services.
o (Note: Diagrams typically illustrate the user-facing applications and the
backend cloud resources, showing the flow of data and interactions between
them.)
110. What are the advantages of choosing cloud computing?

 Scalability: Quickly adjust resources to meet fluctuating and unpredictable business

needs.
 Cost Efficiency: Reduces the high costs of hardware, facilities, utilities, and other
aspects of operations.
 Performance: Large cloud providers regularly upgrade their networks with the latest
generation of efficient computing hardware.
 Speed: Most cloud services provide self-service and on-demand resources, vastly
reducing the time it takes to provision resources.
 Security: Many cloud providers offer a set of policies, technologies, and controls that
strengthen your security posture overall, helping protect data, apps, and infrastructure
from potential threats.

111. Provide an example scenario where a hybrid cloud would be advantageous.

 Example Scenario: A financial services company needs to retain sensitive customer

data within their on-premises infrastructure for compliance reasons but wants to
leverage the cloud for scalable computing resources and advanced analytics
capabilities. By using a hybrid cloud, they can keep sensitive data on-premises while
utilizing cloud resources for processing non-sensitive data and running analytics at
scale.

112. Explain the role of Azure Resource Manager (ARM) in managing Azure resources.

 Azure Resource Manager (ARM) is the deployment and management service for
Azure. It provides a management layer that enables you to create, update, and delete
resources in your Azure account. ARM organizes resources into containers called
"resource groups" and allows you to deploy and manage resources in a group
together. It also provides features such as:
o Template-based Deployment: Use JSON templates for deployment that can
be versioned and reused.
o Dependency Management: Automatically handles interdependencies
between resources during operations.
o Access Control: Integrates with Azure Active Directory to control who can
manage resources.

113. Describe the primary advantages of using Azure SQL Database over traditional
databases.

 Managed Service: Azure SQL Database is a fully managed database service, which
means Microsoft takes care of patching, backing up, monitoring, and scaling the
database.
 Built-in High Availability: Comes with built-in high availability options, ensuring
that your database is always up and running without the need for manual
configuration.
 Scalability: Offers dynamic scalability with virtually no downtime, allowing you to
scale your database's compute and storage resources based on demand.
 Advanced Security Features: Provides advanced security capabilities like threat
detection, data masking, and encryption at rest and in transit.
114. How does Azure App Services support continuous delivery for applications?

 Azure App Services supports continuous delivery through integration with Azure
DevOps, GitHub, and other CI/CD tools. This integration enables automated build,
test, and deployment processes, allowing developers to:
o Push code updates to a repository that automatically triggers a workflow to
deploy changes to the live application environment.
o Manage development stages through deployment slots, enabling staging,
testing, and production environments within the same app service.
o Implement blue-green deployments to minimize downtime and risk by shifting
traffic between two identical environments with different versions.

115. Explain the significance of Azure Active Directory in cloud security

 Azure Active Directory (Azure AD) is crucial for cloud security as it provides
identity services that underpin many of Azure’s security features:
o Single Sign-On (SSO) allows users to log in once and access multiple
resources, reducing the likelihood of password fatigue and the resulting
security risks.
o Multi-Factor Authentication (MFA) adds a layer of security, requiring users
to provide multiple forms of verification to prove their identity.
o Conditional Access Policies can enforce policies based on user, location,
device state, and application sensitivity, ensuring secure and compliant access
to resources.
o Identity Protection uses AI to detect anomalies and suspicious actions related
to user identities, offering automated responses to detected issues.

116. Compare and contrast Azure Blob Storage and Azure File Storage.

 Azure Blob Storage is designed for storing massive amounts of unstructured data,
such as text or binary data. It is highly scalable and commonly used for serving
images, documents, or media to browsers, storing files for backup, and big data
analytics.
 Azure File Storage provides managed file shares that can be accessed via the SMB
protocol. It is optimized for corporate file-sharing scenarios, legacy applications that
rely on file share infrastructures, and lifting and shifting applications to the cloud that
require file shares.
117. Explain the concept of "vendor lock-in" and its implications in cloud services.

 Vendor lock-in occurs when customers become dependent on a single cloud

provider’s technologies and services, making it difficult to switch providers without
substantial costs, legal complications, and technical incompatibilities. The
implications include:
o Reduced Flexibility: Dependence on a provider’s specific technologies and
pricing structures.
o Compliance and Security Risks: If a provider does not comply with industry
standards or fails to provide adequate security, clients might be unable to
easily move their services to another provider.
o Cost Implications: Transitioning to a new provider can be costly due to the
need to redesign applications, retrain staff, or convert data into new formats.

118. Compare and contrast Azure Security Center and Azure Sentinel.

 Azure Security Center is a unified infrastructure security management system that

strengthens the security posture of your data centers, providing advanced threat
protection across your hybrid workloads in the cloud, whether they're in Azure or not,
as well as on-premises.
 Azure Sentinel is a cloud-native SIEM (Security Information and Event
Management) and SOAR (Security Orchestration, Automated Response) solution. It
provides intelligent security analytics and threat intelligence across the enterprise,
offering a single solution for alert detection, threat visibility, proactive hunting, and
threat response.

119. Provide a detailed overview of the components involved in a typical IaaS

architecture.

 A typical IaaS architecture includes:

o Virtual Machines: Host operating systems and applications.
o Virtual Network: Provides an isolated network environment that includes
subnets, IP addresses, network gateways, and security settings.
o Storage Accounts: Offer scalable cloud storage for large amounts of data and
are accessible from anywhere in the world.
o Load Balancers: Distribute incoming network traffic across multiple virtual
machines to ensure no single server becomes a bottleneck.
o VPN Gateway: Establishes secure, cross-premises connectivity.
o Management Tools: Azure portal, Azure PowerShell, and Azure CLI for
managing and configuring infrastructure.
120. Discuss the challenges and considerations in implementing Azure Active Directory
for identity and access management.

 Challenges and considerations in implementing Azure AD include:

o Integration: Integrating Azure AD with existing on-premises identity
solutions like Active Directory can be complex, requiring synchronization and
management of identities between cloud and on-premises environments.
o Compliance: Ensuring that Azure AD implementations comply with
regulatory requirements and standards.
o Complexity: Configuring and managing various features like SSO, MFA,
conditional access, and identity protection requires deep knowledge of both
the platform and security best practices.
o User Training and Support: Users may need training and ongoing support to
adapt to new authentication procedures and tools.

121. Explore the integration possibilities of Azure Logic Apps with other Azure services.

 Azure Logic Apps can integrate with various Azure services to automate workflows
and business processes. Integration possibilities include:
o Azure Functions: Call custom code and services to execute specific tasks.
o Azure Service Bus: Connect to messaging services to ensure messages are
delivered and processed reliably.
o Azure Event Grid: Respond to events generated by Azure services in real-
time.
o Azure API Management: Incorporate APIs managed by Azure API
Management into workflows.
o Office 365 Services: Automate tasks with Office 365 services such as
Outlook, SharePoint, and OneDrive.

122. Explain Scalability and types of Scalabilities.

 Scalability refers to the ability of a system to handle a growing amount of work by

adding resources. There are two main types:
o Vertical Scalability (Scaling Up): Involves adding more resources (e.g.,
CPU, RAM) to existing machines.
o Horizontal Scalability (Scaling Out): Involves adding more machines to a
system, such as adding more servers to a distributed software application.

123. Explain architecture of cloud computing?

 The architecture of cloud computing typically involves:

o Front-end Platform: The user's side, which can be accessed via a web
browser or application.
o Back-end Platform: Consists of servers, storage, and various services that
provide cloud computing resources.
o Cloud-based Delivery: Various services are delivered over the internet,
including IaaS, PaaS, and SaaS.
o Network: Internet connectivity that enables communication between front-end
and back-end platforms.
124. Explain On-premises cloud challenges?

 Challenges of on-premises (private) cloud include:

o High Initial Investment: Significant upfront costs for hardware and
infrastructure.
o Maintenance and Upgrades: Ongoing responsibility for hardware
maintenance, upgrades, and troubleshooting.
o Scalability Limitations: Physical constraints limit the quick scalability that is
often necessary for rapidly growing applications.
o IT Expertise: Requires a high level of IT expertise to manage and secure the
infrastructure effectively.

125. Describe in High Availability?

 High Availability (HA) refers to systems or components that are continuously

operational for a long duration. Achieving high availability involves:
o Redundancy: Deploying multiple instances of the same system to ensure
continuous operation even if one fails.
o Failover Mechanisms: Automatic switching to a redundant or standby system
upon the failure of the currently active application or component.
o Load Balancing: Distributing workloads across multiple systems to prevent
any single point of failure.

126. What is the difference between Azure Blob Storage and Azure File Storage?

 Azure Blob Storage: Designed for handling unstructured data such as text and binary
content. It's optimized for storing massive amounts of data and is accessible via
HTTP/HTTPS. Common use cases include storing documents, media files, backups,
and large data objects for analytics.
 Azure File Storage: Provides managed file shares that can be accessed using the
standard Server Message Block (SMB) protocol. It's ideal for lift-and-shift scenarios
that require migration of legacy applications to the cloud which depend on file system
APIs and typical file system semantics.

127. Discuss the advantages and disadvantages of cloud computing models.

 Public Cloud:
o Advantages: Cost efficiency, scalability, no maintenance required by the user.
o Disadvantages: Potential latency, less control over data security, and privacy.
 Private Cloud:
o Advantages: Enhanced security and control, dedicated resources.
o Disadvantages: Higher cost, resource limitations, ongoing maintenance and
infrastructure management.
 Hybrid Cloud:
o Advantages: Flexibility, scalability, security for sensitive workloads, and the
cost-effectiveness of public cloud for less sensitive operations.
o Disadvantages: Can become complex to manage, especially in terms of
security and compliance across multiple platforms.
128. Explain LRS, ZRS?

 Locally Redundant Storage (LRS): Stores three copies of data within a single
datacenter. It offers low-cost data redundancy that protects against server rack and
device failures.
 Zone-Redundant Storage (ZRS): Spreads your data across three Azure availability
zones in the same region, protecting your data against local failures such as natural
disasters or hardware faults.

129. Explain GRS and G-ZRS?

 Geo-Redundant Storage (GRS): Automatically replicates your data to a secondary

geographic location far from the primary region. GRS is used for scenarios requiring
geographic redundancy to protect against regional outages.
 Geo-Zone-Redundant Storage (G-ZRS): Combines the features of GRS and ZRS
by replicating data across three availability zones in the primary region and to a
secondary region. It provides maximum redundancy and availability.

130. Compulsory Any One

 If this refers to selecting any one of the topics for a detailed discussion, it might be
helpful to choose a topic based on specific interests or requirements, such as detailed
exploration of advanced cloud architecture or deep dives into specific Azure services.

131. Explain Azure resources Group, Resource Manager and Resources?

 Azure Resource Group: A container that holds related resources for an Azure
solution. Resource groups allow you to manage and administer logical groups of
resources collectively.
 Azure Resource Manager: The service and framework in Azure used to manage and
deploy resources. It acts as the management layer, allowing you to create, update, and
delete resources within your Azure account.
 Resources: These are individual instances of services that you create in Azure, like
virtual machines, storage accounts, or SQL databases.

132. Explain Difference between Azure SQL Server and Azure Cosmos DB?

 Azure SQL Database: A relational database as a service (DBaaS) based on the latest
stable version of Microsoft SQL Server Database Engine. It offers a fully managed
SQL database that ensures SQL compatibility, built-in high availability, and a
predictable performance with scaling options.
 Azure Cosmos DB: A globally distributed, multi-model database service designed for
high availability, multi-region distribution, and horizontal scale. It supports schema-
less data, which means you can store data with varied and evolving structures.
133. What is the difference between IaaS, PaaS, and SaaS?

 Already detailed in a previous response, this highlights the differences in cloud

service models concerning the management and control level provided to the user
across Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software
as a Service (SaaS).

134. What is the main advantage of SaaS?

 The main advantage of Software as a Service (SaaS) is its simplicity and

convenience. It eliminates the need for organizations to install, manage, and run
applications on their computers or in their data centers. This reduces the cost of
hardware acquisition, provisioning, maintenance, software licensing, installation, and
support.

135. What is Azure Blob Storage used for?

 Azure Blob Storage is used for storing large amounts of unstructured data, such as
text or binary data, that can be accessed from anywhere in the world over HTTP or
HTTPS. Common uses include serving images or documents directly to a browser,
storing files for distributed access, streaming video and audio, and storing data for
backup, disaster recovery, and archiving.

136. What is Azure Functions primarily used for?

 Azure Functions is a serverless compute service that enables you to run event-
triggered code without having to explicitly provision or manage infrastructure. It is
primarily used for tasks like automating routine jobs, integrating systems, and
building event-driven architectures.

137. What type of database service is Azure SQL Database?

 Azure SQL Database is a relational database as a service (DBaaS) in the Microsoft

Azure cloud. It provides managed SQL Server instances, ensuring automatic patching,
backups, high availability, and scalable performance.

138. Explain the difference between Azure Blob Storage and Azure Files.

 As previously detailed, Azure Blob Storage is optimal for storing unstructured data
such as documents and media files, whereas Azure Files provides managed file
shares accessible via the SMB protocol ideal for lift and shift of legacy applications
that depend on file system interfaces.

139. What is Azure Functions and how does it relate to serverless computing?

 Azure Functions is a key component of Azure's serverless computing offerings,

allowing users to execute code in response to triggers without managing
infrastructure. It supports multiple programming languages and integrates with
various Azure services, facilitating complex workflows.
140. What are the key differences between Infrastructure as a Service (IaaS), Platform
as a Service (PaaS), and Software as a Service (SaaS) in the context of Azure cloud
computing?

 IaaS: Provides virtualized computing resources over the Internet.

 PaaS: Delivers hardware and software tools over the internet, typically for application
development.
 SaaS: Provides a complete software solution that you purchase on a pay-as-you-go
basis from a cloud service provider.

141. What are the key features and benefits of Azure App Services, and how does it
simplify the deployment and management of web applications?

 Azure App Services is a fully managed platform for building, deploying, and scaling
web apps. Key features and benefits include:
o Integrated development environments (IDE) support and automatic
deployments from GitHub, Azure DevOps, allowing for continuous
integration and deployment pipelines.
o Global scale with high availability: Scale up or out manually or automatically.
Host your apps anywhere in Microsoft's global datacenter infrastructure.
o Built-in security and compliance: Offers secure and compliant app hosting
with ISO, SOC, and PCI compliance.
o Multiple languages and frameworks: Supports .NET, .NET Core, Java,
Ruby, Node.js, PHP, or Python.
o Managed services: Azure handles all the infrastructure, security, and
maintenance, allowing developers to focus on the application itself.

142. Explain Platform-as-a-Service (PaaS) and its benefits?

 Platform-as-a-Service (PaaS) provides hardware and software tools available over

the internet, enabling developers to focus on creating software without having to
worry about operating systems, software updates, storage, or infrastructure. PaaS
solutions offer scalable environments that developers can use to build, test, and
deploy applications. Benefits include:
o Reduced coding time: PaaS offers pre-coded application components built
into the platform, such as workflow, directory services, security features, and
search.
o Development framework: PaaS provides a framework that developers can
build upon to develop or customize applications.
o Cost-effectiveness: As with other cloud services, you pay only for what you
use. PaaS can significantly reduce costs compared to the alternative of
purchasing and managing separate software licenses and underlying hardware.
o Multiple programming language support: Allows developers to choose
from various programming languages for their application development.
143. What is Software-as-a-Service (SaaS) and how does it work?

 Software-as-a-Service (SaaS) is a software distribution model in which applications

are hosted by a third-party provider and made available to customers over the internet.
SaaS works on a subscription basis without requiring internal hardware or the high
upfront costs of installation and licensing. The SaaS provider manages the
infrastructure, middleware, app software, and app data. This setup allows users to log
in and use the application from any compatible device over the internet with an
interface typically accessed through a web browser.