A quick study guide to the Microsoft Azure exam on how to manage infrastructure in Azure.
12/08/2014 - Version 3.0 uploaded with Azure Features and additional MCQs
11/10/2014 - Version 2.0 uploaded with 5 sample questions.
11/07/2014 - Version 1.0 uploaded
Pass4sure 70-533 Microsoft Azure Infrastructure Solutions attests your professional competence and helps you achieve your career heights in the most competitive world of Information Technology. Pass4sure ensures you a definite exam success by providing you the most interactive learning experience of your academic career.
This module provides the students a high level introduction to Azure.
Lessons
•Cloud Technology Overview
•Microsoft Azure
•Azure Portals
•Managing Azure with Windows PowerShell
Azure Networking, Azure Storage, Enterprise Azure Active Directory, Daemon or Server application authentication workflow, Worker processes, Daemon, Daemon application to Web API, Azure Active Directory in old azure portal, ASM, Azure active directory and Mutl-tenant applications, Sharding, Federation, Shared singe, RBAC, Differences between AAD and AD DS, Azure AD Subscription models, Azure Domain Names, Manage Users, Groups,Co-Admin Role, Default Azure Active Directory, Adding access to another azure subscription. Contributor, Owner , Roles in Azure Subscriptions, Roles, MFA, Multi-Factor Authentication, How does MFA works, Scenarios for Azure MFA, Setting up MFA in Azure AD, Setting MFA, Azure Authenticator, Hybrid AD solutions, AD DS, Federated Trust, Domain Controller, AD, AAD Connecter, AD FS, AAD, Active Directory Password synchronization, Benefits of Active Directory, Active Directory Replication, vulnerabilities with multiple Domain Controller, Azure AD features, Synchronization with AD Connect, Write-back policies, Azure AD Health COnnect, Installing Azure AD COnnect Health,Integrating Azure AD and SaaS Applications, Benefits of using SaaS Solutions with your products, Benefits of SaaS Solutions, Azure Marketplace, DropBox Integrations with AAD, New Relic Integrations, New Relic, Dropbox, Azure AD Enterprise Application, VSTS integration for Automated Builds, Federation Overview, Claims, Single Sign On, Federated Trusts, Claim based authentications, Federated trusts, Claims Processing, Web Application Proxy, ADFS Proxy, ADFS 2.0 Proxy, How does ADFS proxy works for internal users, How does ADFS proxy works for internal users,Azure AD B2C Directory, B2C applications, Business 2 Customers application, 3rd Party Authentication, Bearer Token, OAuth, 3rd Party Identity Provider, OAuth server, Azure AD B2C Authentication & Authorization, Implementing Azure AD B2C Directory, Setting up Single Sign On with Facebook, Google, Microsoft. Linkedin, SignUP Policies, SignIN Policies, Email SignUp, SignUpSignIN PolicyID, Configuring Application with Azure Application ID,Modern Applications, Requirements for Modern Apps, API, Logic Applications, Mobile App, Web App, Function App, Go To Market, Microsoft Application Platform, App Service Plan, App Service Environment - Private Infrastructure, Why use App Service, App service Features & Capabilities, Azure App Service, Virtual Machine, Service Fabric & Cloud Services Comparison, Creating a Mobile App, Swagger UI, API Apps, API management, API APPS & API Management, Implementing API APP via Visual Studio,
Microsoft certification exams are an all-time favorite and most coveted certification Microsoft Azure Fundamentals exams of the modern IT world. Now pass your desirable AZ-900 exam with the help of Braindumps4IT exam dumps. We offer superlative AZ-900 Exam dumps in the form of PDF file and AZ-900 Azure Fundamentals Exam Engine formats. All AZ-900 Exam Questions are newest and approved by professional experts to guarantee your success. Just visit the website to get the complete package: https://www.braindumps4it.com/braindumps-AZ-900.html
Pass4sure 70-533 Microsoft Azure Infrastructure Solutions attests your professional competence and helps you achieve your career heights in the most competitive world of Information Technology. Pass4sure ensures you a definite exam success by providing you the most interactive learning experience of your academic career.
This module provides the students a high level introduction to Azure.
Lessons
•Cloud Technology Overview
•Microsoft Azure
•Azure Portals
•Managing Azure with Windows PowerShell
Azure Networking, Azure Storage, Enterprise Azure Active Directory, Daemon or Server application authentication workflow, Worker processes, Daemon, Daemon application to Web API, Azure Active Directory in old azure portal, ASM, Azure active directory and Mutl-tenant applications, Sharding, Federation, Shared singe, RBAC, Differences between AAD and AD DS, Azure AD Subscription models, Azure Domain Names, Manage Users, Groups,Co-Admin Role, Default Azure Active Directory, Adding access to another azure subscription. Contributor, Owner , Roles in Azure Subscriptions, Roles, MFA, Multi-Factor Authentication, How does MFA works, Scenarios for Azure MFA, Setting up MFA in Azure AD, Setting MFA, Azure Authenticator, Hybrid AD solutions, AD DS, Federated Trust, Domain Controller, AD, AAD Connecter, AD FS, AAD, Active Directory Password synchronization, Benefits of Active Directory, Active Directory Replication, vulnerabilities with multiple Domain Controller, Azure AD features, Synchronization with AD Connect, Write-back policies, Azure AD Health COnnect, Installing Azure AD COnnect Health,Integrating Azure AD and SaaS Applications, Benefits of using SaaS Solutions with your products, Benefits of SaaS Solutions, Azure Marketplace, DropBox Integrations with AAD, New Relic Integrations, New Relic, Dropbox, Azure AD Enterprise Application, VSTS integration for Automated Builds, Federation Overview, Claims, Single Sign On, Federated Trusts, Claim based authentications, Federated trusts, Claims Processing, Web Application Proxy, ADFS Proxy, ADFS 2.0 Proxy, How does ADFS proxy works for internal users, How does ADFS proxy works for internal users,Azure AD B2C Directory, B2C applications, Business 2 Customers application, 3rd Party Authentication, Bearer Token, OAuth, 3rd Party Identity Provider, OAuth server, Azure AD B2C Authentication & Authorization, Implementing Azure AD B2C Directory, Setting up Single Sign On with Facebook, Google, Microsoft. Linkedin, SignUP Policies, SignIN Policies, Email SignUp, SignUpSignIN PolicyID, Configuring Application with Azure Application ID,Modern Applications, Requirements for Modern Apps, API, Logic Applications, Mobile App, Web App, Function App, Go To Market, Microsoft Application Platform, App Service Plan, App Service Environment - Private Infrastructure, Why use App Service, App service Features & Capabilities, Azure App Service, Virtual Machine, Service Fabric & Cloud Services Comparison, Creating a Mobile App, Swagger UI, API Apps, API management, API APPS & API Management, Implementing API APP via Visual Studio,
Microsoft certification exams are an all-time favorite and most coveted certification Microsoft Azure Fundamentals exams of the modern IT world. Now pass your desirable AZ-900 exam with the help of Braindumps4IT exam dumps. We offer superlative AZ-900 Exam dumps in the form of PDF file and AZ-900 Azure Fundamentals Exam Engine formats. All AZ-900 Exam Questions are newest and approved by professional experts to guarantee your success. Just visit the website to get the complete package: https://www.braindumps4it.com/braindumps-AZ-900.html
Microsoft Azure Training - [13] Azure Virtual Networks-Part 7-VNet-to-VNet Co...Shawn Ismail
This is the Part 7 of the Azure Virtual Networks session. In this session I go hands on in providing a demo on how to establish an Azure VNet-to-VNet VPN connectivity. These are the same steps you would take to establish a Site-to-Site connectivity as well; the true essence of extending your data center to the cloud.
http://www.cloudranger.net
YouTube: https://www.youtube.com/c/CloudrangerNetwork
DevOps (Continuous Integrations, Continuous Delivery & Continuous deployment using Jenkins and Visual studio team services, setting up VTST build Agents, Integrating VSTS with SonarQube, NDepend,) , Complete automation of pushing code into VSTS from Visual Studio, Building Code by a Jenkin Server hosted on Azure and pushing that successful build on to Azure Web App via Release Pipeline or directly from Jenkins,VSTS Default agents, Setting up local agent from scratch, Setting up agents for code build, VSTS, Visual Studio Online Agents, Agent Pools, Hosted Agents, Hosted VS2017. Hosted Linux Agents, Setting up agent on VS Dev Test Labs, Setting up Template Parameters for Continuos Pipeline, Build Agent Creation Dynamically, Random Machine Name, Random Passwords, Dynamic Agent creation in VS Dev Test labs, Sonarcube, Code quality, Code Analysis, MSBuild, Integrate VSTS Build with NDepend, Package manager, Monolithic Architecture, Nuget, Package management, Npm js.com, Semantic versioning, Creating a nuget package, nuspec file, GitVersion Plugin, FeedURL, Chocolatey for package management, Chocolatey, chocolatey workflow,
Validate your AZ-104 Exam learning and preparation with our most updated AZ-104 dumps. Dumpspedia has experienced IT experts who gather and approve a huge range of Microsoft AZ-104 Questions Answers for Azure Administrator Associate Certification seekers. Practicing our 100% updated AZ-104 Practice Tests is a guaranteed way towards your success in Microsoft AZ-104 Exam.
https://www.dumpspedia.com/AZ-104-dumps-questions.html
By default Azure does not provide any network traffic isolation between the subnets in VNETs. This creates a unique challenge for IT network and security professionals who have multiple subnets in Azure and would like to provide segmentation within the VNETS; an architecture that is common in on premise networks, for both physical and virtual infrastructures, for mitigating various security concerns. Azure NSGs (Network Security Groups) provides solutions for such virtual network segmentations without using any additional virtual appliances.
You will learn :
1.Azure VM traffic isolation
2.Azure VNET traffic isolation
3.Azure network segmentation through traffic isolation
4.Isolated network security zones
BizTalk Server 2013 in Windows Azure IaaSBizTalk360
Biztalk Server 2013 windows azure in this session will take a look at Windows Azure IaaS and how best to leverage it with BizTalk Server 2013. This session will start with a quick IaaS primer so someone new to Azure IaaS will not miss out. Next we will take a look at how best to use BizTalk Server 2013 in Azure IaaS and the new scenarios that are now available. We will see how simple it can be to script via PowerShell the creation of a fully configured standalone BizTalk Server or even an entire isolated BizTalk Domain. Last we will take a look at some of the basics for administration and supporting your Virtual Machines running in IaaS.
Brought to you by BizTalk360
Enter The Matrix Securing Azure’s AssetsBizTalk360
This talk is mainly on the security aspects of Azure, in any context. you’ll get an overview on where security is handled, some practices and how to monitor and act accordingly to certain threats and issues. It will focus on IaaS, PaaS and SaaS. As security is an integral part of an environment, the integration aspect is not far away. Focus products include Azure and all related services.
CCI2018 - Azure Network - Security Best Practiceswalk2talk srl
Nell'era moderna del cloud computing, la tendenza è di spostare sempre più frequentemente i propri workload nel cloud pubblico e di utilizzare cloud ibridi. La sicurezza è spesso un elemento inibitore per l’utilizzo di ambienti cloud. Come è possibile strutturare la topologia di rete in presenza di ambienti cloud e renderla sicura ? Si può estendere il proprio datacenter nel cloud mantenendo un elevato livello di sicurezza della rete ? Come garantire un accesso sicuro ai servizi presenti nel cloud e con quali strumenti ? Una delle principali ragioni per utilizzare Azure per le proprie applicazioni e i propri servizi è data proprio dalla possibilità di poter usufruire di un ampio set di funzionalità e di strumenti di sicurezza integrati nella platform. In questa sessione saranno presentate le security best practices in ambito network nel mondo Azure, date da un'esperienza diretta sul campo. Affrontando scenari reali saranno riportate le linee guida e gli accorgimenti utili per utilizzare al meglio le potenzialità presenti nella piattaforma, al fine di strutturare il network in Azure rispettando tutti i principi di sicurezza.
By Francesco Molfese
Now that we have Visual Studio and our Windows Azure account let’s install Kentico CMS! So many choices – Virtual Machine, Cloud Services, Website, Kentico +. In this session we will look at the various options and how this is done.
Speaker: Thom Robbins, Chief Evangelist Kentico CMS
Introducción a Azure, comparativa con Amazon Web Services y comentarios sobre experiencias de desarrollo y uso reales. Usada en el Meetup de Software Craftsmaship CLM de Toledo.
Microsoft Azure Training - [13] Azure Virtual Networks-Part 7-VNet-to-VNet Co...Shawn Ismail
This is the Part 7 of the Azure Virtual Networks session. In this session I go hands on in providing a demo on how to establish an Azure VNet-to-VNet VPN connectivity. These are the same steps you would take to establish a Site-to-Site connectivity as well; the true essence of extending your data center to the cloud.
http://www.cloudranger.net
YouTube: https://www.youtube.com/c/CloudrangerNetwork
DevOps (Continuous Integrations, Continuous Delivery & Continuous deployment using Jenkins and Visual studio team services, setting up VTST build Agents, Integrating VSTS with SonarQube, NDepend,) , Complete automation of pushing code into VSTS from Visual Studio, Building Code by a Jenkin Server hosted on Azure and pushing that successful build on to Azure Web App via Release Pipeline or directly from Jenkins,VSTS Default agents, Setting up local agent from scratch, Setting up agents for code build, VSTS, Visual Studio Online Agents, Agent Pools, Hosted Agents, Hosted VS2017. Hosted Linux Agents, Setting up agent on VS Dev Test Labs, Setting up Template Parameters for Continuos Pipeline, Build Agent Creation Dynamically, Random Machine Name, Random Passwords, Dynamic Agent creation in VS Dev Test labs, Sonarcube, Code quality, Code Analysis, MSBuild, Integrate VSTS Build with NDepend, Package manager, Monolithic Architecture, Nuget, Package management, Npm js.com, Semantic versioning, Creating a nuget package, nuspec file, GitVersion Plugin, FeedURL, Chocolatey for package management, Chocolatey, chocolatey workflow,
Validate your AZ-104 Exam learning and preparation with our most updated AZ-104 dumps. Dumpspedia has experienced IT experts who gather and approve a huge range of Microsoft AZ-104 Questions Answers for Azure Administrator Associate Certification seekers. Practicing our 100% updated AZ-104 Practice Tests is a guaranteed way towards your success in Microsoft AZ-104 Exam.
https://www.dumpspedia.com/AZ-104-dumps-questions.html
By default Azure does not provide any network traffic isolation between the subnets in VNETs. This creates a unique challenge for IT network and security professionals who have multiple subnets in Azure and would like to provide segmentation within the VNETS; an architecture that is common in on premise networks, for both physical and virtual infrastructures, for mitigating various security concerns. Azure NSGs (Network Security Groups) provides solutions for such virtual network segmentations without using any additional virtual appliances.
You will learn :
1.Azure VM traffic isolation
2.Azure VNET traffic isolation
3.Azure network segmentation through traffic isolation
4.Isolated network security zones
BizTalk Server 2013 in Windows Azure IaaSBizTalk360
Biztalk Server 2013 windows azure in this session will take a look at Windows Azure IaaS and how best to leverage it with BizTalk Server 2013. This session will start with a quick IaaS primer so someone new to Azure IaaS will not miss out. Next we will take a look at how best to use BizTalk Server 2013 in Azure IaaS and the new scenarios that are now available. We will see how simple it can be to script via PowerShell the creation of a fully configured standalone BizTalk Server or even an entire isolated BizTalk Domain. Last we will take a look at some of the basics for administration and supporting your Virtual Machines running in IaaS.
Brought to you by BizTalk360
Enter The Matrix Securing Azure’s AssetsBizTalk360
This talk is mainly on the security aspects of Azure, in any context. you’ll get an overview on where security is handled, some practices and how to monitor and act accordingly to certain threats and issues. It will focus on IaaS, PaaS and SaaS. As security is an integral part of an environment, the integration aspect is not far away. Focus products include Azure and all related services.
CCI2018 - Azure Network - Security Best Practiceswalk2talk srl
Nell'era moderna del cloud computing, la tendenza è di spostare sempre più frequentemente i propri workload nel cloud pubblico e di utilizzare cloud ibridi. La sicurezza è spesso un elemento inibitore per l’utilizzo di ambienti cloud. Come è possibile strutturare la topologia di rete in presenza di ambienti cloud e renderla sicura ? Si può estendere il proprio datacenter nel cloud mantenendo un elevato livello di sicurezza della rete ? Come garantire un accesso sicuro ai servizi presenti nel cloud e con quali strumenti ? Una delle principali ragioni per utilizzare Azure per le proprie applicazioni e i propri servizi è data proprio dalla possibilità di poter usufruire di un ampio set di funzionalità e di strumenti di sicurezza integrati nella platform. In questa sessione saranno presentate le security best practices in ambito network nel mondo Azure, date da un'esperienza diretta sul campo. Affrontando scenari reali saranno riportate le linee guida e gli accorgimenti utili per utilizzare al meglio le potenzialità presenti nella piattaforma, al fine di strutturare il network in Azure rispettando tutti i principi di sicurezza.
By Francesco Molfese
Now that we have Visual Studio and our Windows Azure account let’s install Kentico CMS! So many choices – Virtual Machine, Cloud Services, Website, Kentico +. In this session we will look at the various options and how this is done.
Speaker: Thom Robbins, Chief Evangelist Kentico CMS
Introducción a Azure, comparativa con Amazon Web Services y comentarios sobre experiencias de desarrollo y uso reales. Usada en el Meetup de Software Craftsmaship CLM de Toledo.
Wide variety of services that cloud architectures can manage using different approaches for example Azure Active Directory Domain Services (Azure AD DS), part of Microsoft Entra, enables you to use managed domain services—such as Windows Domain Join, group policy, LDAP, and Kerberos authentication—without having to deploy, manage, or patch domain controllers.
When managed domain services are enabled for virtual machines and directory-aware applications deployed in Azure with a click of a button.
Reduce operational and maintenance costs associated with managing identity infrastructure for your virtual machines and legacy applications.
Managed domain allows legacy applications to be run in the cloud through an easier means of migrating on-premises apps to a managed domain.
Furthermore it allows streamline management of all applications from your legacy, directory-aware apps alongside your modern cloud apps with a single identity solution. It allow the achievement of highly available service with the use of Azure AD Domain Services which can includes multiple
domain controllers to provide high availability for your managed domain.
This approach will ensure business continuity and guaranteed service uptime and resilience to failures.
Laitkor Infosolution, the best azure development company in USA, provides services for Microsoft Azure Application Development Services and Custom Azure Application Development services worldwide. Experienced Developers, 24/7 Support, 100% Guaranteed satisfaction
[Mustafa Toroman, Saša Kranjac] More and more services we use every day are moving to cloud. This creates many challenges, especially if we look at things from security point of view. Taking services out of our datacenter, opens our data and services to new kind of threats but fortunately new tools are available to protect us. See from both perspectives how attackers can try to exploit our journey to cloud and how can we detect threats and stop attacks before they occur. We will show examples how Red Team attacks our Cloud and how Blue Team can detect and stop Red Team.
One of the biggest announcements at the Microsoft Ignite 2019 is Azure Arc – the hybrid and multi-cloud platform from Microsoft.
View this content to learn how Azure Arc allows enterprises to manage on-prem and cloud resources like Windows VMs, Linux Servers, Kubernetes clusters, and Azure data services by centrally organizing and governing from a single place.
The Windows Azure Platform is an internet-scale cloud services platform hosted in Microsoft data centers that provides an operating system and a set of developer services that can be used individually or together. The Azure platform can be used to build new applications to run from the cloud or enhance existing applications with cloud-based capabilities. The open and extensible nature of Azure’s architecture gives developers the choice to build web applications, applications running on connected devices, PCs, servers, or hybrid solutions offering the best of online and on-premises.
In this session, Wade Wegner will focus on two scenarios – new application development and the migration of existing applications. While walking through demos, Wade will discuss concepts such as application authentication and authorization, data synchronization between the cloud and on-premises databases, application integration, delegation of identity, and operations and management. Particular emphasis will be placed on the migration of existing internal applications to Windows Azure, securing applications through claims-based authentication and passive federation with Geneva Server, using relational databases in the cloud with SQL Azure, and the migration of data to the cloud through tools like SSIS.
The best azure interview questions & answers 2018 learn now!mia avery
Microsoft Azure is a cloud computing platform created by Microsoft which developers and IT professionals use to build, deploy and manage applications through their global network of datacentres.
We describe the deployment and use of Globus Compute for remote computation. This content is aimed at researchers who wish to compute on remote resources using a unified programming interface, as well as system administrators who will deploy and operate Globus Compute services on their research computing infrastructure.
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Globus
Large Language Models (LLMs) are currently the center of attention in the tech world, particularly for their potential to advance research. In this presentation, we'll explore a straightforward and effective method for quickly initiating inference runs on supercomputers using the vLLM tool with Globus Compute, specifically on the Polaris system at ALCF. We'll begin by briefly discussing the popularity and applications of LLMs in various fields. Following this, we will introduce the vLLM tool, and explain how it integrates with Globus Compute to efficiently manage LLM operations on Polaris. Attendees will learn the practical aspects of setting up and remotely triggering LLMs from local machines, focusing on ease of use and efficiency. This talk is ideal for researchers and practitioners looking to leverage the power of LLMs in their work, offering a clear guide to harnessing supercomputing resources for quick and effective LLM inference.
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...Juraj Vysvader
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I didn't get rich from it but it did have 63K downloads (powered possible tens of thousands of websites).
Globus Connect Server Deep Dive - GlobusWorld 2024Globus
We explore the Globus Connect Server (GCS) architecture and experiment with advanced configuration options and use cases. This content is targeted at system administrators who are familiar with GCS and currently operate—or are planning to operate—broader deployments at their institution.
Navigating the Metaverse: A Journey into Virtual Evolution"Donna Lenk
Join us for an exploration of the Metaverse's evolution, where innovation meets imagination. Discover new dimensions of virtual events, engage with thought-provoking discussions, and witness the transformative power of digital realms."
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTier1 app
Even though at surface level ‘java.lang.OutOfMemoryError’ appears as one single error; underlyingly there are 9 types of OutOfMemoryError. Each type of OutOfMemoryError has different causes, diagnosis approaches and solutions. This session equips you with the knowledge, tools, and techniques needed to troubleshoot and conquer OutOfMemoryError in all its forms, ensuring smoother, more efficient Java applications.
Enhancing Project Management Efficiency_ Leveraging AI Tools like ChatGPT.pdfJay Das
With the advent of artificial intelligence or AI tools, project management processes are undergoing a transformative shift. By using tools like ChatGPT, and Bard organizations can empower their leaders and managers to plan, execute, and monitor projects more effectively.
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...Mind IT Systems
Healthcare providers often struggle with the complexities of chronic conditions and remote patient monitoring, as each patient requires personalized care and ongoing monitoring. Off-the-shelf solutions may not meet these diverse needs, leading to inefficiencies and gaps in care. It’s here, custom healthcare software offers a tailored solution, ensuring improved care and effectiveness.
May Marketo Masterclass, London MUG May 22 2024.pdfAdele Miller
Can't make Adobe Summit in Vegas? No sweat because the EMEA Marketo Engage Champions are coming to London to share their Summit sessions, insights and more!
This is a MUG with a twist you don't want to miss.
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptxrickgrimesss22
Discover the essential features to incorporate in your Winzo clone app to boost business growth, enhance user engagement, and drive revenue. Learn how to create a compelling gaming experience that stands out in the competitive market.
Enhancing Research Orchestration Capabilities at ORNL.pdfGlobus
Cross-facility research orchestration comes with ever-changing constraints regarding the availability and suitability of various compute and data resources. In short, a flexible data and processing fabric is needed to enable the dynamic redirection of data and compute tasks throughout the lifecycle of an experiment. In this talk, we illustrate how we easily leveraged Globus services to instrument the ACE research testbed at the Oak Ridge Leadership Computing Facility with flexible data and task orchestration capabilities.
A Comprehensive Look at Generative AI in Retail App Testing.pdfkalichargn70th171
Traditional software testing methods are being challenged in retail, where customer expectations and technological advancements continually shape the landscape. Enter generative AI—a transformative subset of artificial intelligence technologies poised to revolutionize software testing.
In software engineering, the right architecture is essential for robust, scalable platforms. Wix has undergone a pivotal shift from event sourcing to a CRUD-based model for its microservices. This talk will chart the course of this pivotal journey.
Event sourcing, which records state changes as immutable events, provided robust auditing and "time travel" debugging for Wix Stores' microservices. Despite its benefits, the complexity it introduced in state management slowed development. Wix responded by adopting a simpler, unified CRUD model. This talk will explore the challenges of event sourcing and the advantages of Wix's new "CRUD on steroids" approach, which streamlines API integration and domain event management while preserving data integrity and system resilience.
Participants will gain valuable insights into Wix's strategies for ensuring atomicity in database updates and event production, as well as caching, materialization, and performance optimization techniques within a distributed system.
Join us to discover how Wix has mastered the art of balancing simplicity and extensibility, and learn how the re-adoption of the modest CRUD has turbocharged their development velocity, resilience, and scalability in a high-growth environment.
How to Position Your Globus Data Portal for Success Ten Good PracticesGlobus
Science gateways allow science and engineering communities to access shared data, software, computing services, and instruments. Science gateways have gained a lot of traction in the last twenty years, as evidenced by projects such as the Science Gateways Community Institute (SGCI) and the Center of Excellence on Science Gateways (SGX3) in the US, The Australian Research Data Commons (ARDC) and its platforms in Australia, and the projects around Virtual Research Environments in Europe. A few mature frameworks have evolved with their different strengths and foci and have been taken up by a larger community such as the Globus Data Portal, Hubzero, Tapis, and Galaxy. However, even when gateways are built on successful frameworks, they continue to face the challenges of ongoing maintenance costs and how to meet the ever-expanding needs of the community they serve with enhanced features. It is not uncommon that gateways with compelling use cases are nonetheless unable to get past the prototype phase and become a full production service, or if they do, they don't survive more than a couple of years. While there is no guaranteed pathway to success, it seems likely that for any gateway there is a need for a strong community and/or solid funding streams to create and sustain its success. With over twenty years of examples to draw from, this presentation goes into detail for ten factors common to successful and enduring gateways that effectively serve as best practices for any new or developing gateway.
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar
The European Union Agency for Law Enforcement Cooperation (Europol) has suffered an alleged data breach after a notorious threat actor claimed to have exfiltrated data from its systems. Infamous data leaker IntelBroker posted on the even more infamous BreachForums hacking forum, saying that Europol suffered a data breach this month.
The alleged breach affected Europol agencies CCSE, EC3, Europol Platform for Experts, Law Enforcement Forum, and SIRIUS. Infiltration of these entities can disrupt ongoing investigations and compromise sensitive intelligence shared among international law enforcement agencies.
However, this is neither the first nor the last activity of IntekBroker. We have compiled for you what happened in the last few days. To track such hacker activities on dark web sources like hacker forums, private Telegram channels, and other hidden platforms where cyber threats often originate, you can check SOCRadar’s Dark Web News.
Stay Informed on Threat Actors’ Activity on the Dark Web with SOCRadar!
Understanding Globus Data Transfers with NetSageGlobus
NetSage is an open privacy-aware network measurement, analysis, and visualization service designed to help end-users visualize and reason about large data transfers. NetSage traditionally has used a combination of passive measurements, including SNMP and flow data, as well as active measurements, mainly perfSONAR, to provide longitudinal network performance data visualization. It has been deployed by dozens of networks world wide, and is supported domestically by the Engagement and Performance Operations Center (EPOC), NSF #2328479. We have recently expanded the NetSage data sources to include logs for Globus data transfers, following the same privacy-preserving approach as for Flow data. Using the logs for the Texas Advanced Computing Center (TACC) as an example, this talk will walk through several different example use cases that NetSage can answer, including: Who is using Globus to share data with my institution, and what kind of performance are they able to achieve? How many transfers has Globus supported for us? Which sites are we sharing the most data with, and how is that changing over time? How is my site using Globus to move data internally, and what kind of performance do we see for those transfers? What percentage of data transfers at my institution used Globus, and how did the overall data transfer performance compare to the Globus users?
Becoming a Microsoft Specialist in Microsoft Azure Infrastructure
1. Becoming a Microsoft Specialist in
Microsoft Azure Infrastructure Solutions
70-533 IMPLEMENTING MICROSOFT AZURE INFRASTRUCTURE SOLUTIONS
Version 4 by expert.Anonymous
2. cloud service role: A cloud service role is comprised of application files and a configuration.
A cloud service can have two types of role:
web role: A web role provides a dedicated Internet Information Services (IIS) web-server used for hosting front-end web
applications.
worker role: Applications hosted within worker roles can run asynchronous, long-running or perpetual tasks independent of user
interaction or input.
cloud service components: Three components are required in order to deploy an application as a cloud service in Azure:
service definition file: The cloud service definition file (.csdef) defines the service model, including the number of roles.
service configuration file: The cloud service configuration file (.cscfg) provides configuration settings for the cloud service and
individual roles, including the number of role instances.
service package: The service package (.cspkg) contains the application code and the service definition file.
http://azure.microsoft.com/en-us/documentation/articles/cloud-services-what-is/
CONCEPTS
3. cloud service deployment: A cloud service deployment is an instance of a cloud service deployed to the Azure staging or
production environment. You can maintain deployments in both staging and production.
deployment environments: Azure offers two deployment environments for cloud services: a staging environment in which you
can test your deployment before you promote it to the production environment. The two environments are distinguished only by
the virtual IP addresses (VIPs) by which the cloud service is accessed. In the staging environment, the cloud service's globally
unique identifier (GUID) identifies it in URLs (GUID.cloudapp.net). In the production environment, the URL is based on the
friendlier DNS prefix assigned to the cloud service (for example, myservice.cloudapp.net).
swap deployments: To promote a deployment in the Azure staging environment to the production environment, you can
"swap" the deployments by switching the VIPs by which the two deployments are accessed. After the deployment, the DNS
name for the cloud service points to the deployment that had been in the staging environment.
http://azure.microsoft.com/en-us/documentation/articles/cloud-services-what-is/
CONCEPTS
4. minimal vs. verbose monitoring: Minimal monitoring, which is configured by default for a cloud service, uses performance
counters gathered from the host operating systems for role instances (virtual machines). Verbose monitoring gathers additional
metrics based on performance data within the role instances to enable closer analysis of issues that occur during application
processing. For more information, see How to Monitor Cloud Services.
Azure Diagnostics: Azure Diagnostics is the API that enables you to collect diagnostic data from applications running in
Azure. Azure Diagnostics must be enabled for cloud service roles in order for verbose monitoring to be turned on. For more
information, see Enabling Diagnostics in Azure.
scale a cloud service: A cloud service is scaled out by increasing the number of role instances (virtual machines) deployed for
a role. A cloud service is scaled in by decreasing role instances. In the Preview Management Portal, you can also scale a
linked SQL Database instance, by changing the SQL Database edition and the maximum database size, when you scale your
service roles.
Azure Service Level Agreement (SLA): The Azure Compute SLA guarantees that, when you deploy two or more role
instances for every role, access to your cloud service will be maintained at least 99.95 percent of the time. Also, detection and
corrective action will be initiated 99.9 percent of the time when a role instance's process is not running. For more information,
see Service Level Agreements.
http://azure.microsoft.com/en-us/documentation/articles/cloud-services-what-is/
CONCEPTS
5. Microsoft Azure uses certificates in three ways:
Management certificates – Stored at the subscription level, these certificates are used to enable the use of the SDK tools, the Windows
Azure Tools for Microsoft Visual Studio, or the Service Management REST API Reference. These certificates are independent of any cloud
service or deployment.
Service certificates – Stored at the cloud service level, these certificates are used by your deployed services.
SSH Keys – Stored on the Linux virtual machine, SSH keys are used to authenticate remote connections to the virtual machine.
Certificates used in Azure are x.509 v3 certificates and can be signed by another trusted certificate or they can be self-signed. A self-signed
certificate is signed by its own creator. Because of this, the certificate is not trusted by web browsers and will cause a security alert in Internet
Explorer. Users can continue, but have to bypass a security message.
Self-signed certificates are typically used in test scenarios, or when they are used as a container for public/private keys.
Azure uses certificates to identify a trust relationship: the party to be trusted has the private key.
Management certificates (.cer certificate files): the client connecting the service needs to be trusted and has the private key.
Service certificates (.pfx certificate files): the service needs to be trusted by the client connecting to the service. For example, in an SSL
secured service scenario the SSL certificate contains the private key.
http://msdn.microsoft.com/en-us/library/azure/gg981929.aspx
Manage Certificates
6. Management certificates permit client access to resources in your Azure subscription.
Management certificates are x.509 v3 certificates that only contain a public key, and are saved as a .cer file.
Windows Azure Tools for Microsoft Visual Studio use management certificates to authenticate a user to create and manage your deployments.
*Important*
- There is a limit of 100 management certificates per Windows Azure subscription.
- There is also a limit of 100 management certificates for all subscriptions under a specific service administrator’s user ID.
If the user ID for the account administrator has already been used to add 100 management certificates and there is a need for more
certificates, you can add a co-administrator to add the additional certificates. Before adding more than 100 certificates, see if you can reuse an
existing certificate. Using co-administrators adds potentially unneeded complexity to your certificate management process.
http://msdn.microsoft.com/en-us/library/azure/gg981929.aspx
Management Certificates
7. Service certificates are x.509 v3 certificates that are uploaded to Azure and stored in the hosted service in which they will be used.
Service certificates are private key (.pfx) files. Service certificates are used for both SSL and remote desktop decryption which require a
certificate with a private key.
There are three primary uses for service certificates:
Encryption – RDP password encryption.
Server – SSL provide communications security for secure web pages.
Mutual Authentication – WCF client authentication.
http://msdn.microsoft.com/en-us/library/azure/gg981929.aspx
Service Certificates
8. Virtual Network lets you provision and manage virtual private networks (VPNs) in Azure and, optionally, link the VPNs with your on-premises
IT infrastructure to create hybrid and cross-premises solutions. With Virtual Network, IT administrators can control network topology, including
configuration of DNS and IP address ranges.
Use Virtual Network to:
Create a dedicated private cloud-only virtual network
When you create a virtual network, your services and VMs within your virtual network can communicate directly and securely with each other
in the cloud. This keeps traffic securely within the virtual network, but still allows you to configure endpoint connections for the VMs and
services that require Internet communication as part of your solution.
Securely extend your data center
With Virtual Network, you can build traditional site-to-site VPNs to securely scale your datacenter capacity. Virtual Network uses industry-
standard IPSEC protocol to provide a secure connection between your corporate VPN gateway and Azure. Add as many machines as you
want behind the VPN gateway.
Enable hybrid cloud scenarios
Virtual Network gives you the flexibility to support a range of hybrid cloud scenarios. You can securely connect cloud-based applications to
any type of on-premises system such as mainframes and Unix systems.
http://msdn.microsoft.com/en-us/library/azure/dn133803.aspx
Azure Virtual Network
9. Is there a limit to the number of subnets in my virtual network?
There is no limit on the number of subnets you use within a virtual network. All the subnets must be fully contained in the virtual network
address space and should not overlap with one another.
Are there any restrictions on using IP addresses within these subnets?
We do reserve some IP addresses within each subnet. The first and last IP addresses of the subnets are reserved for protocol conformance.
We also additionally reserve a few extra IP addresses for our services.
How small and how large can virtual networks and subnets be?
The smallest subnet we support is a /29 and the largest is a /8 (using CIDR subnet definitions). We reserve some IP addresses from each
subnet.
http://msdn.microsoft.com/en-us/library/azure/dn133803.aspx
Azure Virtual Network
10. How is site-to-site different from point-to-site?
Site-to-site connections let you connect between any of the computers located on your premises to any virtual machine or role instance within
your virtual network, depending on how you choose to configure routing. It’s a great option for an always-available cross-premises connection
and is well-suited for hybrid configurations. It relies on an IPsec VPN appliance (hardware or soft appliance) to be deployed at the edge of
your network for connectivity. In order to create this type of connection, you’ll have to have the required VPN hardware and an externally
facing IPv4 IP address.
Point-to-site connections let you connect from a single computer to anything located in your virtual network. It uses the Windows VPN client.
As part of the point-to-site configuration, you install a certificate and a VPN client configuration package, which contains the settings that allow
your computer to connect to any virtual machine or role instance within the virtual network. It’s great when you want to connect to a virtual
network, but aren’t located on-premises. It’s also a good option when you don’t have access to VPN hardware or an externally facing IPv4 IP
address, both of which are required for a site-to-site connection.
Note: You can configure your virtual network to use both site-to-site and point-to-site concurrently, provided that you create your site-to-site
connection using a dynamic gateway.
http://msdn.microsoft.com/en-us/library/azure/dn133803.aspx
Azure Virtual Network
11. How is site-to-site different from point-to-site?
Site-to-site connections let you connect between any of the computers located on your premises to any virtual machine or role instance within
your virtual network, depending on how you choose to configure routing. It’s a great option for an always-available cross-premises connection
and is well-suited for hybrid configurations. It relies on an IPsec VPN appliance (hardware or soft appliance) to be deployed at the edge of
your network for connectivity. In order to create this type of connection, you’ll have to have the required VPN hardware and an externally
facing IPv4 IP address.
Point-to-site connections let you connect from a single computer to anything located in your virtual network. It uses the Windows VPN client.
As part of the point-to-site configuration, you install a certificate and a VPN client configuration package, which contains the settings that allow
your computer to connect to any virtual machine or role instance within the virtual network. It’s great when you want to connect to a virtual
network, but aren’t located on-premises. It’s also a good option when you don’t have access to VPN hardware or an externally facing IPv4 IP
address, both of which are required for a site-to-site connection.
Note: You can configure your virtual network to use both site-to-site and point-to-site concurrently, provided that you create your site-to-site
connection using a dynamic gateway.
http://msdn.microsoft.com/en-us/library/azure/dn133803.aspx
Azure Virtual Network
12. Configuring Google as an identity provider eliminates the need to create and manage authentication and identity management
mechanism. It helps the end user experience if there are familiar authentication procedures. Using ACS, it is easy to set up a
configuration that allows your application to readily consume it and offer such functionality to end users. This How-To explains
how to accomplish this task. The following diagram depicts the overall flow of configuring a relying party of ACS for use.
ACS v2 Workflow
Summary of Steps
To configure Google as an identity provider for your application complete these steps:
Step 1 – Create a Namespace
Step 2 – Configure Google as an Identity Provider
Step 3 – Configure Trust with Relying Party
Step 4 – Configure Token Transformation Rules
Step 5 – Review Endpoints Exposed by the Namespace
http://msdn.microsoft.com/en-us/library/azure/gg185976.aspx
How to: Configure Google as an Identity Provider
13. The Azure Active Directory Graph API provides programmatic access to Azure AD through REST API endpoints. Applications
can use the Graph API to perform create, read, update, and delete (CRUD) operations on directory data and objects. For
example, the Graph API supports the following common operations for a user object:
Create a new user in a directory
Get a user’s detailed properties, such as their groups
Update a user’s properties, such as their location and phone number, or change their password
Check a user’s group membership for role-based access
Disable a user’s account or delete it entirely
In addition to user objects, you can perform similar operations on other objects such as groups and applications. To call the
Graph API on a directory, the application must be registered with Azure AD and be configured to allow access to the directory.
This is normally achieved through a user or admin consent flow.
http://msdn.microsoft.com/en-us/library/azure/hh974476.aspx
Azure AD Graph API
14. An ASP.NET application that runs in an Azure Website can create the following kinds of logs:
Application tracing logs
The application creates these logs by calling methods of the System.Diagnostics.Trace class.
Web server logs
The web server creates a log entry for every HTTP request to the site.
Detailed error message logs
The web server creates an HTML page with some additional information for failed HTTP requests
(those that result in status code 400 or greater).
Failed request tracing logs
The web server creates an XML file with detailed tracing information for failed HTTP requests. The web server also provides an XSL file
to format the XML in a browser.
Logging affects site performance, so Azure gives you the ability to enable or disable each type of log as needed. For application logs, you can
specify that only logs above a certain severity level should be written. When you create a new website, by default all logging is disabled.
Logs are written to files in a LogFiles folder in the file system of your website and are accessible via FTP. Web server logs and application logs
can also be written to an Azure Storage account. You can retain a greater volume of logs in a storage account than is possible in the file
system. You're limited to a maximum of 100 megabytes of logs when you use the file system. (File system logs are only for short-term
retention. Azure deletes old log files to make room for new ones after the limit is reached.)
http://azure.microsoft.com/en-gb/documentation/articles/web-sites-dotnet-troubleshoot-visual-studio/
Diagnostics Log Overview
15. Failed request tracing logs are useful when you need to understand the details of
how IIS is handling an HTTP request, in scenarios such as URL rewriting or
authentication problems.
Azure Websites use the same failed request tracing functionality that has been
available with IIS 7.0 and later. You don't have access to the IIS settings that
configure which errors get logged, however. When you enable failed request
tracing, all errors are captured.
You can enable failed request tracing by using Visual Studio, but you can't view
them in Visual Studio. These logs are XML files. The streaming log service only
monitors files that are deemed readable in plain text mode: .txt, .html, and .log
files.
You can view failed request tracing logs in a browser directly via FTP or locally
after using an FTP tool to download them to your local computer.
http://azure.microsoft.com/en-gb/documentation/articles/web-sites-dotnet-troubleshoot-visual-studio/
Failed request tracing
16. Triggered (Scheduled/On Demand)
Whatever is written to console output and console error will go to a log file for the specific triggered webjob run. You can see it on the
WebJobs dashboard but the file itself is located under d:homedatajobstriggered{jobname}{jobrunid}.
Continuous
Whatever is written to console output and console error will go to the application logs as log entries with log level Information/Error. The first
100 log entries when the continuous WebJob starts will also show up in the continuous WebJob log file that is available on the WebJobs
dashboard.
The file itself is under d:homedatajobscontinuous{jobname}.
.NET WebJobs
If you're using .NET console application as your WebJob, you can follow the same guideline as for an ASP.NET website. Once you use the
Trace class, your traces are handled as application logs (including triggered WebJobs).
http://blog.amitapple.com/post/2014/06/azure-website-logging
Application Logs for WebJobs
17. File system
Log files will have some retention policy for each type:
Web server logs have a maximum size per log file and per sum of all log files (which is configurable in the Azure portal).
Similar for application logs, each log file can get up to 128 KB and the total size of all log files will go up to 1 MB after that old files are
removed.
Detailed error messages and FREB have a maximum amount of files (each file consists of a single error).
Blob storage
Web server logs and application logs stored in blob storage can be configured with a retention policy for deleting log files older than X days.
http://blog.amitapple.com/post/2014/06/azure-website-logging
Retention Policies
18. Deploying your website in the traditional way, whether
deploying via WebDeploy, FTP, git, CI or any other way, has
weaknesses that may or may not concern you:
After the deployment completes the website might restart
and this results in a cold start for the website, the first
request will be slower (can be significant depending on the
website).
Potentially you are deploying a "bad" version of your
website and maybe you would want to test it (in production)
before releasing it to your customers.
This is where staged deployment comes into play. Instead
of deploying directly to our production website we
create a deployment slot used for staging and we
deploy our new bits there.
Then we "warm" our site (staging slot) by making requests
to it and we can start testing our new bits verifying
everything works as expected. Once we're ready we hit the
Azure Portal's Swap button (or PowerShell/xplat cli
command) and the slots will be swapped.
http://blog.amitapple.com/post/2014/11/azure-websites-slots
Staged Deployment
One important concept to understand about deployment slots is how the
configuration works.
A deployment slot is a full Azure Website and as one it has all the same
configurations as any Azure Website. When you swap deployment slots there
are some settings you actually need to keep with the slot and not swap them.
A setting that is not swapped is referred to as a setting that is sticky to the
slot. Some of the default settings that are sticky to the slot:
Most obvious one is the url
- http://mysite-staging.azurewebsites.net/ will always point to the staging slot.
WEBSITE_HOSTNAME environment variable for the staging slot will always
be mysite-staging.azurewebsites.net and this is something we can use in our
website code to find it's currently running in the Production slot or staging
slot.
Deployment settings - if you have the deployment profile for the staging
slot, after a swap the profile would still point to the staging slot.
Deployment Slot App Settings / Configuration
19. The storage service offers two types of blobs, block blobs and page blobs. You specify the blob type when you create the blob.
Once the blob has been created, its type cannot be changed, and it can be updated only by using operations appropriate for that blob type,
i.e., writing a block or list of blocks to a block blob, and writing pages to a page blob.
All blobs reflect committed changes immediately. Each version of the blob has a unique tag, called an ETag, that you can use with access
conditions to assure you only change a specific instance of the blob.
• Block blobs include features that help you manage large files over networks.
• Block blobs let you upload large blobs efficiently.
• The maximum size for a block blob is 200 GB, and a block blob can include no more than 50,000 blocks
• Page blobs are a collection of 512-byte pages optimized for random read and write operations.
• The maximum size for a page blob is 1 TB.
http://msdn.microsoft.com/en-us/library/azure/ee691964.aspx
Understanding Block blobs and Page blobs
20. The storage service offers two types of blobs, block blobs and page blobs. You specify the blob type when you create the blob.
Once the blob has been created, its type cannot be changed, and it can be updated only by using operations appropriate for that blob type,
i.e., writing a block or list of blocks to a block blob, and writing pages to a page blob.
All blobs reflect committed changes immediately. Each version of the blob has a unique tag, called an ETag, that you can use with access
conditions to assure you only change a specific instance of the blob.
• Block blobs include features that help you manage large files over networks.
• Block blobs let you upload large blobs efficiently.
• The maximum size for a block blob is 200 GB, and a block blob can include no more than 50,000 blocks
• Page blobs are a collection of 512-byte pages optimized for random read and write operations.
• The maximum size for a page blob is 1 TB.
http://msdn.microsoft.com/en-us/library/azure/ee691964.aspx
Understanding Block blobs and Page blobs
21. Azure Blob storage is a service for storing large amounts of unstructured
data, such as text or binary data, that can be accessed from anywhere in
the world via HTTP or HTTPS. You can use Blob storage to expose data
publicly to the world, or to store application data privately.
Common uses of Blob storage include:
Serving images or documents directly to a browser
Storing files for distributed access
Streaming video and audio
Performing secure backup and disaster recovery
Storing data for analysis by an on-premises or Azure-hosted service
http://azure.microsoft.com/en-us/documentation/articles/storage-dotnet-how-to-use-blobs/
Azure Blob Storage
Storage Account: All access to Azure Storage is done through a storage account.
Container: A container provides a grouping of a set of blobs. All blobs must be in a container. An account can contain an unlimited number of
containers. A container can store an unlimited number of blobs.
Blob: A file of any type and size. There are two types of blobs that can be stored in Azure Storage: block and page blobs. Most files are block
blobs. A single block blob can be up to 200 GB in size. Page blobs, another blob type, can be up to 1 TB in size, and are more efficient when
ranges of bytes in a file are modified frequently. URL format: http://<storage account>.blob.core.windows.net/<container>/<blob>
Page blobs are mainly used for VHDs and Block blobs are used for other files such as images, media, etc.
22. Azure Files complement Azure Data Disks. A data disk can only be attached to one Azure Virtual Machine at a time.
Data disks are fixed format VHDs stored as page blobs in Azure Storage and are used by the virtual machine to store durable data.
File shares based on Azure Files can be accessed in the same way as the local disk is accessed (using native file system APIs) and can be
shared across many virtual machines. The following table compares Azure Files with Azure Data Disks.
http://msdn.microsoft.com/en-us/library/azure/dn790517.aspx
Azure Data Disks Vs Azure Files
23. Implement Websites (15-20%)
• Deploy websites
http://azure.microsoft.com/en-us/documentation/articles/web-sites-deploy/
Define deployment slots; roll back deployments, configure and deploy packages, deploy web jobs, schedule web jobs
http://azure.microsoft.com/en-us/documentation/articles/web-sites-create-web-jobs/
1 70-533 Implementing Microsoft Azure Infrastructure Solutions by expert.Anonymous
24. Implement Websites (15-20%)
• Configure websites
Configure app settings, connection strings, handlers, and virtual directories; configure certificates,
custom domains, and traffic manager; configure SSL bindings and runtime configurations;
manage websites by using Windows PowerShell and Xplat-CLI
http://azure.microsoft.com/en-us/documentation/articles/web-sites-configure/
http://azure.microsoft.com/en-us/documentation/articles/web-sites-php-create-web-sites/#PowerShell
2 70-533 Implementing Microsoft Azure Infrastructure Solutions by expert.Anonymous
25. Implement Websites (15-20%)
• Configure diagnostics, monitoring, and analytics
Retrieve diagnostics data; view streaming logs; configure endpoint monitoring, alerts,
and diagnostics; monitor website resources
http://azure.microsoft.com/en-us/documentation/articles/web-sites-monitor/
3 70-533 Implementing Microsoft Azure Infrastructure Solutions by expert.Anonymous
26. Implement Websites (15-20%)
• Configure scale and resilience
Configure auto-scale using built-in and custom schedules; configure by metric; change the size of an instance
http://azure.microsoft.com/en-us/documentation/articles/web-sites-scale/
4 70-533 Implementing Microsoft Azure Infrastructure Solutions by expert.Anonymous
27. Implement Websites (15-20%)
• Manage hosting plans
Create hosting plans; migrate websites between hosting plans; create a website within a hosting plan
http://azure.microsoft.com/en-us/documentation/articles/azure-web-sites-web-hosting-plans-in-depth-overview/
5 70-533 Implementing Microsoft Azure Infrastructure Solutions by expert.Anonymous
28. Implement Virtual Machines (15‒20%)
• Deploy workloads on Azure virtual machines (VMs)
Identify supported Microsoft workloads; deploy and connect to a Linux VM; create VMs
http://support.microsoft.com/kb/2721672
http://msdn.microsoft.com/en-us/library/azure/dn451352.aspx
http://azure.microsoft.com/en-us/documentation/articles/virtual-machines-linux-how-to-log-on/
1 70-533 Implementing Microsoft Azure Infrastructure Solutions by expert.Anonymous
29. Implement Virtual Machines (20‒25%)
• Implement images and disks
Create specialized and generalized images for Windows and Linux; copy images between
storage accounts and subscriptions; upload VHDs
http://azure.microsoft.com/blog/2014/04/14/vm-image-blog-post/
http://azure.microsoft.com/blog/2014/05/01/vm-image-powershell-how-to-blog-post/
http://azure.microsoft.com/en-us/documentation/articles/virtual-machines-create-upload-vhd-windows-server/
2 70-533 Implementing Microsoft Azure Infrastructure Solutions by expert.Anonymous
30. Implement Virtual Machines (15‒20%)
• Perform configuration management
Automate configuration management by using PowerShell Desired State Configuration and custom script extensions;
enable puppet and chef extensions
http://azure.microsoft.com/blog/2014/04/11/vm-agent-and-extensions-part-1/
http://azure.microsoft.com/blog/2014/04/15/vm-agent-and-extensions-part-2/
http://azure.microsoft.com/blog/2014/04/24/automating-vm-customization-tasks-using-custom-script-extension/
3 70-533 Implementing Microsoft Azure Infrastructure Solutions by expert.Anonymous
31. Implement Virtual Machines (15‒20%)
• Configure VM networking
Settings include reserved IP addresses, access control list (ACL), internal name resolution, DNS at the cloud service level,
load balancing endpoints, HTTP and TCP health probes, public IPs, firewall rules, direct server return, and Keep Alive
http://azure.microsoft.com/en-us/documentation/articles/virtual-machines-set-up-endpoints/
http://azure.microsoft.com/blog/2014/04/08/microsoft-azure-load-balancing-services/
4 70-533 Implementing Microsoft Azure Infrastructure Solutions by expert.Anonymous
32. Implement Virtual Machines (15‒20%)
• Configure VM resiliency
Scale up and scale down VM sizes; auto-scale; configure availability sets
http://azure.microsoft.com/en-us/documentation/articles/cloud-services-how-to-scale/#autoscale
http://azure.microsoft.com/en-us/documentation/articles/virtual-machines-manage-availability/
5 70-533 Implementing Microsoft Azure Infrastructure Solutions by expert.Anonymous
33. Implement Virtual Machines (15-20%)
• Design and implement VM storage
Configure disk caching; plan storage capacity; configure operating system disk redundancy;
configure shared storage using Azure File service; configure geo-replication; encrypt disks
http://msdn.microsoft.com/en-us/library/azure/dn790303.aspx
http://blogs.msdn.com/b/windowsazurestorage/archive/2011/09/15/introducing-geo-replication-for-windows-azure-storage.aspx
http://blogs.msdn.com/b/windowsazurestorage/archive/2014/05/12/introducing-microsoft-azure-file-service.aspx
http://blogs.msdn.com/b/windowsazurestorage/archive/2013/12/04/introducing-read-access-geo-replicated-storage-ra-grs-for-windows-azure-storage.aspx
6 70-533 Implementing Microsoft Azure Infrastructure Solutions by expert.Anonymous
34. Implement Virtual Machines (15-20%)
• Monitor VMs
Configure endpoint monitoring, alerts, and diagnostics
http://azure.microsoft.com/en-us/documentation/articles/cloud-services-how-to-monitor/
7 70-533 Implementing Microsoft Azure Infrastructure Solutions by expert.Anonymous
35. Implement Cloud Services (15-20%)
• Configure cloud services and roles
Configure instance count and size, operating system version and family, upgrade and fault domains, ACLs, reserved IPs,
and network access rules; configure local storage; configure dedicated and co-located caching, local and cloud configurations,
and local disks; configure multiple websites; configure custom domains
http://azure.microsoft.com/en-us/documentation/articles/cloud-services-how-to-configure/
http://blogs.technet.com/b/yungchou/archive/2011/05/16/window-azure-fault-domain-and-update-domain-explained-for-it-pros.aspx
http://azure.microsoft.com/en-us/documentation/articles/cloud-services-custom-domain-name/
http://msdn.microsoft.com/en-us/library/azure/hh914128.aspx
1 70-533 Implementing Microsoft Azure Infrastructure Solutions by expert.Anonymous
36. Implement Cloud Services (15-20%)
• Deploy and manage cloud services
Upgrade a deployment; VIP swap a deployment; package a deployment; modify configuration files;
perform in-place updates; perform runtime configuration changes using the portal; scale a cloud service;
create service bus namespaces and choose a tier; apply scalability targets
http://azure.microsoft.com/en-us/documentation/articles/cloud-services-how-to-configure
http://msdn.microsoft.com/en-us/library/azure/hh690931.aspx
2 70-533 Implementing Microsoft Azure Infrastructure Solutions by expert.Anonymous
37. Implement Cloud Services (15-20%)
• Monitor cloud services
Monitor service bus queues, topics, relays, and notification hubs; configure diagnostics
http://azure.microsoft.com/en-us/documentation/articles/service-bus-monitor-message-entities/
3 70-533 Implementing Microsoft Azure Infrastructure Solutions by expert.Anonymous
38. Implement Storage (15-20%)
• Implement blobs and Azure files
Read data; change data; set metadata on a container; use encryption (SSL); perform an async blob copy;
configure a Content Delivery Network (CDN); implement storage for backup and disaster recovery;
configure Azure Backup; define blob hierarchies; configure custom domains; configure the Import and Export Service
http://msdn.microsoft.com/en-us/library/azure/dd135715.aspx
http://azure.microsoft.com/en-us/documentation/articles/storage-dotnet-how-to-use-blobs/
http://azure.microsoft.com/en-us/documentation/articles/storage-import-export-service/
1 70-533 Implementing Microsoft Azure Infrastructure Solutions by expert.Anonymous
39. Implement Storage (15-20%)
• Manage access
Create and manage shared access signatures; use stored access policies; regenerate keys
http://azure.microsoft.com/en-us/documentation/articles/storage-dotnet-shared-access-signature-part-1/
http://msdn.microsoft.com/en-us/library/azure/ee393341.aspx
2 70-533 Implementing Microsoft Azure Infrastructure Solutions by expert.Anonymous
40. Implement Storage (15-20%)
• Configure diagnostics, monitoring, and analytics
Configure retention policies and logging levels; analyze logs
http://azure.microsoft.com/en-us/documentation/articles/storage-monitor-storage-account/
3 70-533 Implementing Microsoft Azure Infrastructure Solutions by expert.Anonymous
41. Implement Storage (15-20%)
• Implement SQL databases
Choose the appropriate database tier and performance level; configure point in time recovery and geo-replication;
import and export data and schema; design a scaling strategy
http://msdn.microsoft.com/en-us/library/ff803375.aspx
http://azure.microsoft.com/blog/2014/08/26/new-azure-sql-database-service-tiers-generally-available-in-september-with-
reduced-pricing-and-enhanced-sla/
4 70-533 Implementing Microsoft Azure Infrastructure Solutions by expert.Anonymous
42. Implement Storage (15-20%)
• Implement recovery services
Create a backup vault; deploy a backup agent; back up and restore data
http://azure.microsoft.com/en-us/documentation/articles/backup-configure-vault/
5 70-533 Implementing Microsoft Azure Infrastructure Solutions by expert.Anonymous
43. Implement an Azure Active Directory (15-20%)
• Integrate an Azure AD with existing directories
Implement DirSync, O365 integration, and single sign-on with on-premises Windows Server 2012 R2;
add custom domains; monitor Azure AD
http://azure.microsoft.com/en-us/documentation/articles/active-directory-whatis/
http://technet.microsoft.com/en-us/library/jj573653.aspx
1 70-533 Implementing Microsoft Azure Infrastructure Solutions by expert.Anonymous
44. Implement an Azure Active Directory (15-20%)
• Configure the Application Access Panel
Configure single sign-on with SaaS applications using federation and password based; add users and groups to
applications; revoke access to SaaS applications; configure access; federation with Facebook and Google ID
http://msandbu.wordpress.com/2014/06/23/azure-active-directory-premium-preview/
2 70-533 Implementing Microsoft Azure Infrastructure Solutions by expert.Anonymous
45. Implement an Azure Active Directory (15-20%)
• Integrate an app with Azure AD
Web apps (WS-federation); desktop apps (OAuth); graph API
http://msdn.microsoft.com/en-us/library/azure/dn151791.aspx
3 70-533 Implementing Microsoft Azure Infrastructure Solutions by expert.Anonymous
46. Implement Virtual Networks (15-20%)
• Configure a virtual network
Deploy a VM into a virtual network; deploy a cloud service into a virtual network; configure static IPs;
configure internal load balancing; design subnets
http://azure.microsoft.com/en-us/documentation/articles/create-virtual-network/
1 70-533 Implementing Microsoft Azure Infrastructure Solutions by expert.Anonymous
47. Implement Virtual Networks (15-20%)
• Modify a network configuration
Modify a subnet; import and export a network configuration
http://msdn.microsoft.com/en-us/library/azure/jj156097.aspx
2 70-533 Implementing Microsoft Azure Infrastructure Solutions by expert.Anonymous
48. Implement Virtual Networks (15-20%)
• Design and implement a multi-site or hybrid network
Choose the appropriate solution between ExpressRoute, site-to-site, and point-to-site;
choose the appropriate gateway; identify supported devices and software VPN solutions;
identify networking prerequisites; configure regional virtual networks and multi-site virtual networks
http://msdn.microsoft.com/en-us/library/azure/dn643636.aspx
http://msdn.microsoft.com/en-us/library/azure/dn133795.aspx
3 70-533 Implementing Microsoft Azure Infrastructure Solutions by expert.Anonymous
50. You manage an Azure Service Bus for your company.
You plan to enable access to the Azure Service Bus for an application named Contoso LOB.
You need to create a new shared access policy for subscriptions and queues that has the following requirements:
- Receives messages from a queue
- Deadletters a message
- Defers a message for later retrieval
- Enumerates subscriptions
- Gets subscription description
In the table below, identify the permission you need to assign to ensure that Contoso LOB is able to accomplish the above
requirements. Make only one selection in each column.
Access Level Queues Subscription
Send
Listen
Manage
01
Access Level Queues Subscription
Send
Listen
Manage
ANSWER :
http://msdn.microsoft.com/en-us/library/azure/ee924680.aspx
REFERENCES :
51. Your network includes a legacy application named LegacyApp1.
The application only runs in the Microsoft .NET 3.5 Framework on Windows Server 2008.
You plan to deploy to Azure Cloud Services. You need to ensure that LegacyApp1 will run correctly in the new environment.
What are two possible ways to achieve this goal? Each correct answer presents a complete solution.
A. Upload a VHD with Windows Server 2008 installed.
B. Deploy LegacyApp1 to a cloud service instance configured with Guest OS Family 2.
C. Deploy LegacyApp1 to a cloud service instance configured with Guest OS Family 1.
D. Deploy LegacyApp1 to a cloud service instance configured with Guest OS Family 3.
02
ANSWER :
Guest OS Family 1 and Guest OS Family 2 supports .NET 3.5 and .NET 4.0.
Guest OS Family 3 and Guest OS Family 4 supports .NET 4.0 and .NET 4.5.
http://msdn.microsoft.com/en-us/library/azure/ee924680.aspx
REFERENCES :
B and C
52. You administer a cloud service named contosoapp that has a web role and worker role.
Contosoapp requires you to perform an in-place upgrade to the service.
You need to ensure that at least six worker role instances and eight web role instances are available
when you apply upgrades to the service. You also need to ensure that updates are completed for all instances
by using the least amount of time. Which value should you use with each configuration?
To answer, drag the appropriate value to the correct configuration. Each value may be used once, more than once, or not at all.
You may need to drag the split bar between panes or scroll to view content.
03
ANSWER :
http://msdn.microsoft.com/en-us/library/azure/hh472157.aspx#proceed
REFERENCES :
53. You migrate a Windows Server .NET web application to Azure Cloud Services.
You need enable trace logging for the application.
Which two actions should you perform? Each correct answer presents part of the solution.
A. Update the service definition file.
B. Update the Azure diagnostics configuration.
C. Update the service configuration file.
D. Enable verbose monitoring.
E. Update the application web.config file.
04
ANSWER :
http://msdn.microsoft.com/en-us/library/azure/ee758711.aspx
http://msdn.microsoft.com/en-us/magazine/ff714589.aspx
REFERENCES :
A and B
54. You manage a cloud service that is running in two small instances. The cloud service hosts a help desk application.
The application utilizes a virtual network connection to synchronize data to the company's internal accounting system.
You need to reduce the amount of time required for data synchronization.
What should you do?
A. Configure the servers as large instances and re-deploy.
B. Increase the instance count to three.
C. Deploy the application to Azure Web Sites.
D. Increase the processors allocated to the instances.
05
ANSWER :
http://msdn.microsoft.com/en-us/library/azure/dn197896.aspx
REFERENCES :
A
55. You manage a cloud service that has a web application named WebRole1.
WebRole1 writes error messages to the Windows Event Log.
Users report receiving an error page with the following message:
"Event 26 has occurred. Contact your system administrator."
You need to access the WebRole1 event log.
Which three actions should you perform? Each correct answer presents part of the solution.
A. Enable verbose monitoring.
B. Update the WebRole1 web.config file.
C. Update the cloud service definition file and the service configuration file.
D. Run the Set-AzureVMDiagnosticsExtension PowerShell cmdlet.
E. Run the Enable-AzureWebsiteApplicationDiagnostic PowerShell cmdlet.
F. Create a storage account.
06
ANSWER :
http://azure.microsoft.com/en-us/documentation/articles/cloud-services-how-to-monitor/
http://msdn.microsoft.com/en-us/library/azure/ee758710.aspx
http://msdn.microsoft.com/en-us/library/azure/ee758711.aspx
REFERENCES :
A, B, and C
56. You manage an application hosted on cloud services. The development team creates a new version of
the application. The updated application has been packaged and stored in an Azure Storage account.
You have the following requirements:
- Deploy the latest version of the application to production with the least amount of downtime.
- Ensure that the updated application can be tested prior to deploying to the Production site,
- Ensure that the original version of the application can be restored until the new version is verified.
Which four steps should you perform in sequence? To answer, move the appropriate actions from the list
of actions to the answer area and arrange them in the correct order.
07
ANSWER :
http://msdn.microsoft.com/en-us/library/ff803371.aspxREFERENCES :
57. You manage a cloud service that utilizes data encryption.
You need to ensure that the certificate used to encrypt data can be accessed by the cloud service application.
What should you do?
A. Upload the certificate referenced in the application package.
B. Deploy the certificate as part of the application package.
C. Upload the certificate's public key referenced in the application package.
D. Use RDP to install the certificate.
08
ANSWER :
http://msdn.microsoft.com/en-us/library/azure/gg981929.aspx
REFERENCES :
A
58. You administer a Windows Server virtual machine (VM).
You upload the VM to Azure. You need to ensure that you are able to deploy the BGInfo and VMAccess extensions.
What should you do?
A. Select the Install the VM Agent checkbox while provisioning a VM based on your uploaded VHD.
B. Select the Enable the VM Extensions checkbox while provisioning a VM based on your uploaded VHD.
C. Install the VM Agent MSI and execute the following Power Shell commands:
$vm = Get-AzureVM -serviceName $svc -Name $name
$vm.VM.ProvisionGuestAgent = $true
Update-AzureVM -Name Sname -VM $vm.VM -ServiceName $svc
D. Install the VM Agent MSI and execute the following Power Shell commands:
$vm = Get-AzureVM -serviceName $svc -Name $name
Set-AzureVMBGInfoExtension -VM $vm.VM
Set-AzureVM Access Extension -VM $vm.VM
Update-AzureVM -Name Sname -VM $vm.VM -ServiceName $svc
09
ANSWER :
http://msdn.microsoft.com/en-us/library/azure/dn606311.aspx
REFERENCES :
A
59. You manage a cloud service that supports features hosted by two instances of an Azure virtual machine (VM).
You discover that occasional outages cause your service to fail.
You need to minimize the impact of outages to your cloud service.
Which two actions should you perform? Each correct answer presents part of the solution.
A. Deploy a third instance of the VM.
B. Configure Load Balancing on the VMs.
C. Redeploy the VMs to belong to an Affinity Group.
D. Configure the VMs to belong to an Availability Set.
10
ANSWER :
http://msdn.microsoft.com/en-us/library/hh973190.aspx
http://msdn.microsoft.com/en-us/library/azure/dn569263.aspx
REFERENCES :
C and D
60. You administer an Azure subscription with an existing cloud service named Contoso cloud service.
Contoso cloud service contains a set of related virtual machines (VMs) named
Contoso DC, Contoso SQL and ContosoWeb1.
You want to provision a new VM within Contoso cloud service. You need to use the latest gallery image to create a
new Windows Server 2012 R2 VM that has a target IOPS of 500 for any provisioned disks.
Which PowerShell command should you use?
11
ANSWER :
http://msdn.microsoft.com/en-us/library/dn495159.aspx
REFERENCES :
A