Az900 Prep:

NB:
The Standard, Professional Direct, and Premier support plans have technical support
for engineers via email and phone.

Azure customers with an Azure Enterprise Agreement (EA), Microsoft Customer

Agreement (MCA), or Microsoft Partner Agreement (MPA) can use Azure Cost
Management.
Cost management is the process of effectively planning and controlling costs
involved in your business. Cost management tasks are normally performed by finance,
management, and app teams. Azure Cost Management + Billing helps organizations plan
with cost in mind. It also helps to analyze costs effectively and take action
Explanation
Explanation/Reference:

Explanation:
The Basic support plan does not have any technical support for engineers.
The Developer support plan has only technical support for engineers via email.
The Standard, Professional Direct, and Premier support plans have technical support
for engineers via email and phone.

NB The Premier support plan provides customer specific architectural support such
as design reviews, performance tuning, configuration and implementation
assistance delivered by Microsoft Azure technical specialists.

Explanation:
Azure Repos is a set of version control tools that you can use to manage your code.
Incorrect Answers:
B: Azure DevTest Labs creates labs consisting of pre-configured bases or Azure
Resource Manager templates. These have all the necessary tools and software
that you can use to create environments.
D: Azure Cosmos DB is Microsoft's globally distributed, multi-model database
service.

Azure Site Recovery helps ensure business continuity by keeping business apps and
workloads running during outages. Site Recovery replicates workloads running
on physical and virtual machines (VMs) from a primary site to a secondary location.

Availability Zones is a high-availability offering that protects your applications

and data from datacenter failures. Availability Zones are unique physical locations
within an Azure region.

Azure has two DDoS service offerings that provide protection from network attacks:
DDoS Protection Basic and DDoS Protection Standard.
DDoS Basic protection is integrated into the Azure platform by default and at no
extra cost.
You have the option of paying for DDoS Standard. It has several advantages over the
basic service, including logging, alerting, and telemetry. DDoS Standard can
generate reports that contain details of attempted attacks as required in this
question.

Azure Key Vault is used to store secrets for server application.

Explanation:
All information stored in the Key Vault is encrypted.
Azure Key Vault can be used to Securely store and tightly control access to tokens,
passwords, certificates, API keys, and other secrets.
Secrets and keys are safeguarded by Azure, using industry-standard algorithms, key
lengths, and hardware security modules (HSMs). The HSMs used are Federal
Information Processing Standards (FIPS) 140-2 Level 2 validated.
Access to a key vault requires proper authentication and authorization before a
caller (user or application) can get access. Authentication establishes the
identity of
the caller, while authorization determines the operations that they are allowed to
perform.

A network security group works like a firewall. You can attach a network security
group to a virtual network and/or individual subnets within the virtual network.
You
can also attach a network security group to a network interface assigned to a
virtual machine. You can use multiple network security groups within a virtual
network
https://www.gratisexam.com/
885CB989129A5F974833949052CFB2F2
Explanation
Explanation/Reference:
Explanation:
to restrict traffic between resources such as virtual machines and subnets.
You can filter network traffic to and from Azure resources in an Azure virtual
network with a network security group. A network security group contains security
rules
that allow or deny inbound network traffic to, or outbound network traffic from,
several types of Azure resources.

As an administrator, you may need to lock a subscription, resource group, or

resource to prevent other users in your organization from accidentally deleting or
modifying critical resources. You can set the lock level to CanNotDelete or
ReadOnly. In the portal, the locks are called Delete and Read-only respectively.
CanNotDelete means authorized users can still read and modify a resource, but they
can't delete the resource.
ReadOnly means authorized users can read a resource, but they can't delete or
update the resource. Applying this lock is similar to restricting all authorized
users to the permissions granted by the Reader role.

Azure Germany is available to eligible customers and partners globally who intend
to do business in the EU/EFTA, including the United Kingdom.
Azure Germany offers a separate instance of Microsoft Azure services from within
German datacenters. The datacenters are in two locations, Frankfurt/Main and
Magdeburg. This placement ensures that customer data remains in Germany and that
the datacenters connect to each other through a private network. All
customer data is exclusively stored in those datacenters. A designated German
company--the German data trustee--controls access to customer data and the

any user or enterprise that requires its data to reside in Germany

Azure Firewall is a managed, cloud-based network security service that protects

your Azure Virtual Network resources. It's a fully stateful firewall as a service
with
built-in high availability and unrestricted cloud scalability.
https://www.gratisexam.com/
885CB989129A5F974833949052CFB2F2
B. No
Explanation
Explanation/Reference:
Explanation:
In this question, we need to add a rule to Azure Firewall to allow the connection
to the virtual machine on port 80 (HTTP).

Azure Traffic Manager is a DNS-based load balancing solution. It is not used to

ensure that a virtual machine named VM1 is accessible from the Internet over
A. Yes
B. No
HTTP.

In this question, we need to add a rule to a network security group or Azure

Firewall to allow the connection to the virtual machine on port 80 (HTTP). TCP:8080

Azure Government is a cloud environment specifically built to meet compliance and

security requirements for US government. This mission-critical cloud delivers
breakthrough innovation to U.S. government customers and their partners. Azure
Government applies to government at any level — from state and local
Explanation:
governments to federal agencies including Department of Defense agencies.
The key difference between Microsoft Azure and Microsoft Azure Government is that
Azure Government is a sovereign cloud. It's a physically separated instance of
Azure, dedicated to U.S. government workloads only. It's built exclusively for
government agencies and their solution providers.
US govt entity n contractor

Azure policies can be used to define requirements for resource properties during
deployment and for already existing resources. Azure Policy controls properties
such as the types or locations of resources.
Azure Policy is a service in Azure that you use to create, assign, and manage
policies. These policies enforce different rules and effects over your resources,
so
those resources stay compliant with your corporate standards and service level
agreements. Azure Policy meets this need by evaluating your resources for
noncompliance
with
assigned
policies.
All
data
stored
by
Azure
Policy
is
encrypted
at
rest.
For example, you can have a policy to allow only a certain SKU size of virtual
machines in your environment. Once this policy is implemented, new and existing
resources are evaluated for compliance. With the right type of policy, existing
resources can be brought into compliance.
https://www.gratisexam.com/
885CB989129A5F974833949052CFB2F2
Explanation/Reference:
Explanation:

The tool you would use to sync the accounts is Azure AD Connect. The Azure Active
Directory Connect synchronization services (Azure AD Connect sync) is a
main component of Azure AD Connect. It takes care of all the operations that are
related to synchronize identity data between your on-premises environment and
Azure AD

Explanation:
You can restrict traffic to multiple virtual networks in multiple subscriptions
with a single Azure firewall. (filtering) service provides network traffic
filtering across multiple Azure subscriptions and virtual networks

Azure policies can be used to define requirements for resource properties during
deployment and for already existing resources. Azure Policy controls properties
such as the types or locations of resources.
Azure Policy is a service in Azure that you use to create, assign, and manage
policies. These policies enforce different rules and effects over your resources,
so
those resources stay compliant with your corporate standards and service level
agreements.
In this question, we would create a Azure policy assigned to the resource group
that denies the creation of virtual machines in the resource group.
You could place a read-only lock on the resource group. However, that would prevent
the creation of any resources in the resource group, not virtual machines only.
Therefore, an Azure Policy is a better solution.

Azure Information Protection can encrypt documents and emails.

Azure Information Protection is a cloud-based solution that helps an organization
to classify and optionally, protect its documents and emails by applying labels.
Labels can be applied automatically by administrators who define rules and
conditions, manually by users, or a combination where users are given
recommendations.
The protection technology uses Azure Rights Management (often abbreviated to Azure
RMS). This technology is integrated with other Microsoft cloud services and
https://www.gratisexam.com/
885CB989129A5F974833949052CFB2F2
Explanation
Explanation/Reference:
Explanation:
applications, such as Office 365 and Azure Active Directory.

You would use the Azure Activity Log, not Azure Monitor to view which user turned
off a specific virtual machine during the last 14 days.
Activity logs are kept for 90 days. You can query for any range of dates, as long
as the starting date isn't more than 90 days in the past.
In this question, we would create a filter to display shutdown operations on the
virtual machine in the last 14 days.
Microsoft Compliance Manager (Preview) is a free workflow-based risk assessment
tool that lets you track, assign, and verify regulatory compliance activities
related to Microsoft cloud services. Azure Cloud Shell, on the other hand, is an
interactive, authenticated, browser-accessible shell for managing Azure resources.

pub IP add influence cost but net interfaces / user acc.Azure AD groups doen't
charge

MS Life-Cycle policy - 12 months

Explanation:
You can open support cases in the following plans: Premier, Professional Direct,
Standard, and Developer only.
You cannot open support cases in the Basic support plan.

Explanation:
The Basic support plan is free so is therefore the cheapest. The Developer support
plan is the cheapest paid-for support plan. The order of support plans in terms
of cost ranging from the cheapest to most expensive is: Basic, Developer, Standard,
Professional Direct, Premier.
basic: phone
dev: email only
others: phone n email

SLA for VM Guarantee Uptime:

The SLA for Virtual Machines states:
For all Virtual Machines that have two or more instances deployed across two or
more Availability Zones in the same Azure region, we guarantee you will have
Virtual Machine Connectivity to at least one instance at least 99.99% of the time.
For all Virtual Machines that have two or more instances deployed in the same
Availability Set or in the same Dedicated Host Group, we guarantee you will have
Virtual Machine Connectivity to at least one instance at least 99.95% of the time.
For any Single Instance Virtual Machine using Premium SSD or Ultra Disk for all
Operating System Disks and Data Disks, we guarantee you will have Virtual
Machine Connectivity of at least 99.9%.

Public Preview means that the service is in public beta and can be tried out by
anyone with an Azure subscription. Services in public preview are often offered at
a
discount price.
Explanation:
Public previews are excluded from SLAs and in some cases, no support is offered.
Incorrect Answers:
B: Services in private preview are available only to selected people who has signed
up to the private preview program.
C: Services in development are not available to the public.
D: Services provided under an Enterprise Agreement (EA) subscription are available
only to the subscription owner.

Sections
1. Understand Cloud Concepts
2. Understand Core Azure Services
3. Understand Security, Privacy, Compliance and Trust
4. Understand Azure Pricing and Support
When you are implementing a Software as a Service (SaaS) solution, you are
responsible for configuring the SaaS solution. Everything else is managed by the
cloud provider.
SaaS requires the least amount of management. The cloud provider is responsible for
managing everything, and the end user just uses the software.
Software as a service (SaaS) allows users to connect to and use cloud-based apps
over the Internet. Common examples are email, calendaring and office tools
(such as Microsoft Office 365).
SaaS provides a complete software solution which you purchase on a pay-as-you-go
basis from a cloud service provider. You rent the use of an app for your
organization and your users connect to it over the Internet, usually with a web
browser. All of the underlying infrastructure, middleware, app software and app
data
are located in the service provider’s data center. The service provider manages the
hardware and software and with the appropriate service agreement, will ensure
Explanation:
the availability and the security of the app and your data as well.

Fault tolerance is the ability of a system to continue to function in the event of

a failure of some of its components.
In this question, you could have servers that are replicated across datacenters.
Availability zones expand the level of control you have to maintain the
availability of the applications and data on your VMs. Availability Zones are
unique physical
locations within an Azure region. Each zone is made up of one or more datacenters
equipped with independent power, cooling, and networking. To ensure
resiliency, there are a minimum of three separate zones in all enabled regions. The
physical separation of Availability Zones within a region protects applications
and data from datacenter failures.
With Availability Zones, Azure offers industry best 99.99% VM uptime SLA. By
architecting your solutions to use replicated VMs in zones, you can protect your
applications and data from the loss of a datacenter. If one zone is compromised,
then replicated apps and data are instantly available in another zone.

Azure App Service and Azure SQL databases are examples of Azure PaaS solutions.
Therefore, this solution does meet the goal. Cosmos DB

IaaS: VM, Az Storage

Elasticity in this case is the ability to provide additional compute resource when
needed and reduce the compute resource when not needed to reduce costs.
Autoscaling is an example of elasticity.
Elastic computing is the ability to quickly expand or decrease computer processing,
memory and storage resources to meet changing demands without worrying
about capacity planning and engineering for peak usage. Typically controlled by
system monitoring tools, elastic computing matches the amount of resources

allocated to the amount of resources actually needed without disrupting operations.

With cloud elasticity, a company avoids paying for unused capacity or idle

Infrastructure as a service (IaaS) is an instant computing infrastructure,

provisioned and managed over the internet. The IaaS service provider manages the
infrastructure, while you purchase, install, configure, and manage your own
software
Incorrect Answers:
A: Software as a service (SaaS) allows users to connect to and use cloud-based apps
over the Internet. Common examples are email, calendaring, and office tools.
In this scenario, you need to run your own apps, and therefore require an
infrastructure.
B:
Platform as a service (PaaS) is a complete development and deployment environment
in the cloud. PaaS includes infrastructure—servers, storage, and networking
—but also middleware, development tools, business intelligence (BI) services,
database management systems, and more. PaaS is designed to support the
complete web application lifecycle: building, testing, deploying, managing, and
updating.
resources and doesn’t have to worry about investing in the purchase or maintenance
of additional resources and equipment.

The public cloud is a shared entity whereby multiple corporations each use a
portion of the resources in the cloud. The hardware resources (servers,
infrastructure
etc.) are managed by the cloud provider. Multiple companies create resources such
as virtual machines and virtual networks on the hardware resources.

Azure virtual machine scale sets let you create and manage a group of load balanced
VMs. The number of VM instances can automatically increase or decrease in
response to demand or a defined schedule. Scale sets provide high availability to
your applications, and allow you to centrally manage, configure, and update many
Virtual machines in a scale set can be deployed across multiple update domains and
fault domains to maximize availability and resilience to outages due to data
center outages, and planned or unplanned maintenance events.

Availability zones expand the level of control you have to maintain the
availability of the applications and data on your VMs. An Availability Zone is a
physically
separate zone, within an Azure region. There are three Availability Zones per
supported Azure region.
Each Availability Zone has a distinct power source, network, and cooling. By
architecting your solutions to use replicated VMs in zones, you can protect your
apps
and data from the loss of a datacenter. If one zone is compromised, then replicated
apps and data are instantly available in another zone.

One of the major changes that you will face when you move from on-premises cloud to
the public cloud is the switch from capital expenditure (buying hardware) to
operating expenditure (paying for service as you use it). This switch also requires
more careful management of your costs. The benefit of the cloud is that you can
fundamentally and positively affect the cost of a service you use by merely
shutting down or resizing it when it's not needed.

Explanation:
Azure virtual machines run on Hyper-V physical servers. The physical servers are
owned and managed by Microsoft. As an Azure customer, you have no access
to the physical servers. Microsoft manage the replacement of failed server
hardware and the security of the physical servers so you don’t need to.
DevTest Labs creates labs consisting of pre-configured bases or Azure Resource
Manager templates.
By using DevTest Labs, you can test the latest versions of your applications by
doing the following tasks:
Quickly provision Windows and Linux environments by using reusable templates and
artifacts.
Easily integrate your deployment pipeline with DevTest Labs to provision on-demand
environments.
Scale up your load testing by provisioning multiple test agents and create pre-
provisioned environments for training and demos.

An Azure region contains one or more data centers that are connected by using a
low-latency network.

Explanation:
A region is a set of data centres deployed within a latency-defined perimeter and
connected through a dedicated regional low-latency network.
Microsoft Azure currently has 55 regions worldwide.
Regions are divided into Availability Zones. Availability Zones are physically
separate locations within an Azure region. Each Availability Zone is made up of one
or
more datacenters equipped with independent power, cooling, and networking.

Azure automatically routes traffic between subnets in a virtual network.

Therefore, all virtual machines in a virtual network can connect to the other
virtual machines
in the same virtual network. Even if the virtual machines are on separate subnets
within the virtual network, they can still communicate with each other.
To ensure that a virtual machine cannot connect to the other virtual machines, the
virtual machine must be deployed to a separate virtual network.
Explanation/Reference:
Explanation:

A resource group is a logical container for Azure resources. Resource groups make
the management of Azure resources easier.
With a resource group, you can allow a user to manage all resources in the resource
group, such as virtual machines, websites, and subnets. The permissions you
apply to the resource group apply to all resources contained in the resource group.
Explanation:

Azure DevTest Labs

Explanation:
DevTest Labs creates labs consisting of pre-configured bases or Azure Resource
Manager templates.
By using DevTest Labs, you can test the latest versions of your applications by
doing the following tasks:
Quickly provision Windows and Linux environments by using reusable templates and
artifacts.
Easily integrate your deployment pipeline with DevTest Labs to provision on-demand
environments.
Scale up your load testing by provisioning multiple test agents and create pre-
provisioned environments for training and demos.

Azure Data Warehouse (now known as Azure Synapse Analytics) is a PaaS offering from
Microsoft. As with all PaaS services from Microsoft, SQL Data
Warehouse offers an availability SLA of 99.9%. Microsoft can offer 99.9%
availability because it has high availability features built into the platform.

For Windows the Azure CLI is installed via an MSI, which gives you access to the
CLI through the Windows Command Prompt (CMD) or PowerShell.

Availability zones expand the level of control you have to maintain the
availability of the applications and data on your VMs. An Availability Zone is a
physically
separate zone, within an Azure region. There are three Availability Zones per
supported Azure region.
Each Availability Zone has a distinct power source, network, and cooling. By
architecting your solutions to use replicated VMs in zones, you can protect your
apps
and data from the loss of a datacenter. If one zone is compromised, then replicated
apps and data are instantly available in another zone.

In the Azure virtual machines page in the Azure portal, there is a named
Maintenance Status. This column will display service issues that could affect your
virtual
machine. A service failure is rare but host server maintenance that could affect
your virtual machines is more common.
Azure periodically updates its platform to improve the reliability, performance,
and security of the host infrastructure for virtual machines. The purpose of these
updates ranges from patching software components in the hosting environment to
upgrading networking components or decommissioning hardware.

A PowerShell script is a file that contains PowerShell cmdlets and code. A

PowerShell script needs to be run in PowerShell.
PowerShell can now be installed on Linux. However, the question states that the
computer has Azure CLI tools, not PowerShell installed. Therefore, this solution
does not meet the goal.

A PowerShell script is a file that contains PowerShell cmdlets and code. A

PowerShell script needs to be run in PowerShell.
With the Azure Cloud Shell, you can run PowerShell cmdlets and scripts in a Web
browser. You log in to the Azure Portal and select the Azure Cloud Shell option.
This will open a PowerShell session in the Web browser. The Azure Cloud Shell has
the necessary Azure PowerShell module installed.
Note: to run a PowerShell script in the Azure Cloud Shell, you need to change to
the directory where the PowerShell script is stored

Az firewall:
You need to limit the amount of inbound traffic to all the Azure virtual networks.

To implement a solution that enables the client computers on your on-premises

network to communicate to the Azure virtual machines, you need to configure a
VPN (Virtual Private Network) to connect the on-premises network to the Azure
virtual network.
The Azure VPN device is known as a Virtual Network Gateway. The virtual network
gateway needs to be located in a dedicated subnet in the Azure virtual network.
This dedicated subnet is known as a gateway subnet and must be named
‘GatewaySubnet’.
Note: a virtual network (answer D) is also required. However, as we already have
virtual machines deployed in a Azure, we can assume that the virtual network is
already in place.
Virtual Net Gateway and Gateway subnet

Explanation:
With Azure Cloud Shell, you can create virtual machines using Bash or PowerShell.
Azure Cloud Shell is an interactive, authenticated, browser-accessible shell for
managing Azure resources. It provides the flexibility of choosing the shell
experience
that best suits the way you work, either Bash or PowerShell.

az create -RG1 lacation EastUS not sure

Networks in Azure are known as virtual networks. A virtual network can have
multiple IP address spaces and multiple subnets. Azure automatically routes
traffic
between different subnets within a virtual network.
The question states that FinServer must be on a separate network segment. The only
way to separate FinServer from the other servers in networking terms is to
place the server in a different virtual network to the other servers

Azure Files is Microsoft's easy-to-use cloud file system. Azure file shares can be
seamlessly used in Windows and Windows Server.
To use an Azure file share with Windows, you must either mount it, which means
assigning it a drive letter or mount point path, or access it via its UNC path.
Unlike other SMB shares you may have interacted with, such as those hosted on a
Windows Server, Linux Samba server, or NAS device, Azure file shares do not
currently support Kerberos authentication with your Active Directory (AD) or Azure
Active Directory (AAD) identity, although this is a feature we are working on.
Instead, you must access your Azure file share with the storage account key for the
storage account containing your Azure file share. A storage account key is an
administrator key for a storage account, including administrator permissions to all
files and folders within the file share you're accessing, and for all file shares
and

Azure Logic Apps is a cloud service that helps you schedule, automate, and
orchestrate tasks, business processes, and workflows when you need to integrate
apps, data, systems, and services across enterprises or organizations. Logic Apps
simplifies how you design and build scalable solutions for app integration, data
integration, system integration, enterprise application integration (EAI), and
business-to-business (B2B) communication, whether in the cloud, on premises, or
both.

A content delivery network (CDN) is a distributed network of servers that can

efficiently deliver web content to users. CDNs store cached content on edge servers
in
point-of-presence (POP) locations that are close to end users, to minimize latency.
Azure Content Delivery Network (CDN) offers developers a global solution for
rapidly delivering high-bandwidth content to users by caching their content at
strategically placed physical nodes across the world. Azure CDN can also accelerate
dynamic content, which cannot be cached, by leveraging various network
optimizations using CDN POPs. For example, route optimization to bypass Border
Gateway Protocol (BGP).
The benefits of using Azure CDN to deliver web site assets include:
Better performance and improved user experience for end users, especially when
using applications in which multiple round-trips are required to load content.
Large scaling to better handle instantaneous high loads, such as the start of a
product launch event.
Distribution of user requests and serving of content directly from edge servers so
that less traffic is sent to the origin server.

Azure storage offers different access tiers: hot, cool and archive.
The archive access tier has the lowest storage cost. But it has higher data
retrieval costs compared to the hot and cool tiers. Data in the archive tier can
take
several hours to retrieve.
While a blob is in archive storage, the blob data is offline and can't be read,
overwritten, or modified. To read or download a blob in archive, you must first
rehydrate
it to an online tier.
Example usage scenarios for the archive access tier include:
Long-term backup, secondary backup, and archival datasets
Original (raw) data that must be preserved, even after it has been processed into
final usable form.
Compliance and archival data that needs to be stored for a long time and is hardly
ever accessed.

az vm create --resource-group RG1 --name VM1 --image UbuntuLTS --generate-ssh-keys

The command can be run in the Azure Cloud Shell. Although this question says you
select PowerShell rather than Bash, the Az commands will work in PowerShell.

The Azure Cloud Shell is a free interactive shell. It has common Azure tools
preinstalled and configured to use with your account.
To open the Cloud Shell, just select Try it from the upper right corner of a code
block. You can also launch Cloud Shell in a separate browser tab by going to
https://
shell.azure.com/bash.

Solution: From a computer that runs Windows 10, install Azure CLI. From a command
prompt, sign in to Azure and then run the command.

The command can be run from PowerShell or the command prompt if you have the Azure
CLI installed.

The command can be run in the Azure Cloud Shell.

The Azure Cloud Shell is a free interactive shell. It has common Azure tools
preinstalled and configured to use with your account.
To open the Cloud Shell, just select Try it from the upper right corner of a code
block. You can also launch Cloud Shell in a separate browser tab by going to
https://
shell.azure.com/bash.

You can use Azure Resource Manager templates to automate the creation of the Azure
resources. Deploying resource through templates is known as
‘Infrastructure as code’.
To implement infrastructure as code for your Azure solutions, use Azure Resource
Manager templates. The template is a JavaScript Object Notation (JSON) file
that defines the infrastructure and configuration for your project. The template
uses declarative syntax, which lets you state what you intend to deploy without
having
to write the sequence of programming commands to create it. In the template, you
specify the resources to deploy and the properties for those resources.

Azure Event Hubs is a big data streaming platform and event ingestion service. It
can receive and process millions of events per second. Data sent to an event hub
can be transformed and stored by using any real-time analytics provider or
batching/storage adapters.
Azure Event Hubs can be used to ingest, buffer, store, and process your stream in
real time to get actionable insights. Event Hubs uses a partitioned consumer
model, enabling multiple applications to process the stream concurrently and
letting you control the speed of processing.
Azure Event Hubs can be used to capture your data in near-real time in an Azure
Blob storage or Azure Data Lake Storage for long-term retention or micro-batch
processing.

PowerApps lets you quickly build business applications with little or no code. It
is not used to create Azure virtual machines. Ththe goal.
PowerApps Portals allow organizations to create websites which can be shared with
users external to their organization either aprovider of their choice like
LinkedIn, Microsoft Account, other commercial login providers.

The Azure portal is a web-based, unified console that provides an alternative to

command-line tools. With the Azure portal, you can manage your Azure subscription
using a graphical user interface. You can build, manage, and monitor everything
from simple web apps to complex cloud deployments. Create custom dashboards
for an organized view of resources. Configure accessibility options for an optimal
experience.
Being web-based, the Azure portal can be run on a browser from a tablet that runs
the Android operating system.

Azure Databricks is an Apache Spark-based analytics platform. The platform

consists of several components including ‘MLib’. Mlib is a Machine Learning
library
consisting of common learning algorithms and utilities, including classification,
regression, clustering, collaborative filtering, dimensionality reduction, as well
as underlying optimization primitives.