Microsoft Azure Fundamentals; Essential knowledge to prepare for the AZ900 Microsoft Azure Fundamentals Exam. Section 2

The core solutions and management tools on Azure (part 3) and general security and network security features (part 4) are described. Follow the following links to complete the learning path for Azure Fundamentals part 3 and part 4.

https://docs.microsoft.com/en-us/learn/paths/az-900-describe-core-solutions-management-tools-azure/
https://docs.microsoft.com/en-us/learn/paths/az-900-describe-general-security-network-security-features/

Copyright from knnindia

Artificial Intelligence

There are two fundamental approaches to AI:

• Deep learning system; that’s modeled on the neural network of the human mind, enabling it to discover, learn, and grow through experience.
• Machine Learning; a data science technique that uses existing data to train a model, test it, and then apply the model to new data to forecast future behaviors, outcomes, and trends. Forecasts or predictions can make apps and devices smarter.

Azure AI Product options

Copyright from .NET & AZURE COMMUNITY

A comprehensive set of tools that help organizations build better solutions are created by Microsoft.

DevOps

DevOps — Development & Operations — is a new approach that helps technical teams as they work toward common goals. It aims to shorten the systems development life cycle and provide continuous delivery with high software quality. DevOps is a set of practices that combines software development (Dev) and IT operations (Ops).

There are tools to enable source-code management, continuous integration and continuous delivery (CI/CD), and automating the creation of testing environments which are offered by Microsoft.

Implementing Azure DevOps

Copyright from .NET & AZURE COMMUNITY — FORTE DIGITAL

Azure DevOps Product options

Azure DevOps Services;
- Azure Boards
- Azure Repos
Azure Pipelines
- Azure Test Plans
- Azure Artifacts

Azure GitHub /GitHub Actions
- GitHub Project Boards
- GitHub Repos
- GitHub Actions
- GitHub Workflow Artifacts

Azure DevTest Labs
enables an automated means of managing the process of building, setting up, and tearing down virtual machines (VMs) that contain builds of your software projects. ie. Test environments.

Monitoring Health, Performance, and Usage

Gaining visibility into the health and performance of the application-hosting environment across all of the cloud’s layers of services is challenging.

There are three primary Azure monitoring offerings, each of which is aimed at a specific use case and provides a various set of tools, services, programmatic APIs, and more.

Azure Advisor provides recommendations on high availability, security, performance, operational excellence, and reduce cost. The cost recommendations in the following areas: 1.Reducing costs by eliminating unprovisioned Azure ExpressRoute circuits. 2.Buy reserved instances to save money over pay-as-you-go. 3.Right-size or shutdown underutilized virtual machines.

Azure Monitor is a platform for collecting, analyzing, visualizing as well as maximizing performance, availability.
Taking action based on the metric and logging data from usage of your web applications.

Azure Service Health provides the health of the Azure services, regions, and resources you rely on. There are several event types that can be monitored by Azure Service Health.

Planned maintenance events can affect your availability. Service issues are problems in Azure, such as outages, that affect you right now. Health advisories are issues that require you to act to avoid service interruption, so Health advisories are announced far in advance to allow you to plan.

Managing the Azure Services

A variety of tools and services to manage your cloud environment is offered by Microsoft. There are two categories of management tools at a high level. Code-based tools more for operations that you need to perform multiple times, and visual tools.

• Azure PowerShell (code-based); Azure PowerShell is a shell where you can execute commands called cmdlets (pronounced command-lets).
• The Azure CLI (code-based); The Azure CLI command-line interface is an executable program where you can execute commands in Bash.
• Azure Resource Manager templates (code-based); by ARM templates, you can describe the resources you want to use in a declarative JSON format.
• The Azure Portal (visual); A web-based user interface, you can access virtually every feature of Azure.

Azure Serverless Technologies

Serverless computing enables developers to build applications faster by eliminating the need for them to manage infrastructure. Azure provides two implementations of Serverless.

Azure Functions; run small amounts of code known as serverless functions in your favorite language. Runs in response to an event. An example of an event might be an HTTP request.

Azure Logic App; can execute logic triggered by Azure services without writing any code. The service helps you automate and orchestrate tasks, business processes, and workflows when you need to integrate apps, data, systems, and services across enterprises or organizations.

You can mix and match services when you are building an orchestration, calling functions from logic apps and calling logic apps from functions.

Azure Internet of Things Services

Smart devices are equipped with the kinds of sensors that can connect to the internet and then send their sensor readings to a specific endpoint in Azure via a message. The aggregated data can be converted into reports and alerts. IoT enables devices to gather and then relay information for data analysis. There are many services that can assist and operate end-to-end solutions for IoT on Azure.

Azure IoT Hub is a managed, highly secure, and reliable service that’s hosted in the cloud. Azure IoT Hub acts as a central message hub for bi-directional communication between your IoT application and the devices it manages.

Azure IoT Central builds on top of IoT Hub by adding a dashboard that allows you to connect, monitor, and manage your IoT devices. It provides to watch the overall performance across all devices in aggregate, and you can set up alerts that send notifications when a specific device needs maintenance.

Azure Sphere creates a highly secure IoT solution for customers that encompasses everything from the hardware and operating system on the device to the secure method of sending messages from the device to the message hub. After validating the authenticity and authenticity of the device by the Azure Sphere system, the device can interact with other Azure IoT services by sending telemetry and error information.

Protect Against Security Threats on Azure

Azure Security Centre is a monitoring service that provides visibility of your security posture across all of your services, both on Azure and on-premises. The term security posture refers to cybersecurity policies and controls, as well as how well you can predict, prevent, and respond to security threats.
Azure Security Centre is available in Free and Standard Tier.

Azure Sentinel provides detect and respond to security threats. Azure Sentinel aggregates security data from many different sources and provides additional capabilities for threat detection and response. Such as:

• Collect data across all users, devices, applications, and infrastructure, both on-premises and from multiple clouds.
• Detect previously undetected threats
• Investigate threats with artificial intelligence
• Respond to incidents rapidly

Azure Key Vault centralized cloud service for storing and managing your application’s secrets. Helps you to protect cryptographic keys and other secrets used by cloud apps and services.

Secure Network Connectivity on Azure

Azure Firewall is a cloud-based network security service that protects your Azure Virtual Network resources. Azure Firewall provides many features, including:

-Built-in high availability.
- Unrestricted cloud scalability.
- Inbound and outbound filtering rules.
- Inbound Destination Network Address Translation (DNAT) support.
- Azure Monitor logging.

In general, Azure Firewall create, enforce, and log application and
network connectivity policies across subscriptions and virtual networks, In addition, uses a static public IP address for your virtual network resources allowing outside firewalls to identify traffic originating from your virtual network.

Protect from DDoS attacks by using Azure DDoS Protection

Distributed Denial of Service attack is a malicious attack that making the application slow or unresponsive to legitimate users by disrupting normal traffic by flooding a website with large amounts of fake traffic.

Two tiers of DDoS Protection are offered by Azure.

1. The basic service tier is automatically enabled for free as part of your Azure subscription.
2. The standard service tier enables additional mitigation capabilities that are tuned specifically to Azure Virtual Network resources.

An Azure virtual network enables virtual machines and other compute resources to securely communicate with each other

A network security group (NSG) It is possible to filter network traffic to and from Azure resources within a virtual network by NSG.

Microsoft Azure Fundamentals; Essential knowledge to prepare for the AZ900 Microsoft Azure…