In this Azure series, I am going to share the most frequently asked interview question for freshers and experienced professionals up to 2,3,4,5,6,7,8,9,10 + years. Azure Developers, Azure Administrator, Azure Cloud engineer are few of the most hottest job profiles in today’s cloud era, hence if you are planning to make a career as an Azure engineer, then it is one of the must to go articles. In these set of questions, the focus would be real time scenario based questions, Microsoft Azure interview questions for freshers, Microsoft azure interview questions for experienced professionals, interview questions for cloud engineers and cloud developers, and interview questions for azure data architects. I have also covered the real time and real world scenarios based Azure interview questions and answers in this preparation guide.
- 0.1 Q1. Assume that you are working as the Azure developer in the project team of Azurelib.com. You have been asked to share the reason why you want to deploy the newly developed application on the Azure app service. What would be your argument to support this?
- 0.2 Q2. Assume that you are working as an Azure engineer at Azurelib.com. You have to take a decision whether to use the Logic App or Azure function, how would you decide.
- 0.3 Q3. Assume that you are working as a cloud engineer at Azurelib.com. You have been asked to develop an Azure function for certain requirements. This function possibly generates some exceptions, throw some errors. What you will do to analyze it properly.
- 0.4 Q4. Assume that you are working for Azurelib.com as azure developer and your organization is moving to cloud from on premise location. As a part of this activity you may need to move data which could be further used by the data science team to run analytics. Which Azure storage solution would you prefer for this situation and why?
- 0.5 Q5. Assume that you are a Azure DevOps engineer and working for XYZ organization. Organization is starting a new project which belongs to financial domain and tagged as confidential project. You have to choose DevOps solution from the Azure platform which one you will choose and why?
- 0.6 Q6. Assume that you work as Azure Administrator for Azurelib.com. You have been asked to set the default password for all the new users added to the Active Directory. Can you set the default password for the first time user in azure ad?
- 0.7 Q7. Assume that you are working as a Azure Cloud engineer for Azurelib.com. Your application is storing the data with the cloud as your blob storage. Application is generating some reports which need to be accessible to third-party applications. However, you want this has to be accessible only for the next 7 days. After that, it should automatically not be allowed access to these reports. How could you solve this problem?
- 0.8 Q8. Assume that you are working as the cloud lead engineer at Azurelib.com, You have been asked to review the Azure function written by one of the team members. How would you do the code review with cost optimization in mind?
- 0.9 Q9. What is azure data factory used for ?
- 0.10 Q10. What are the main components of the azure data factory ?
- 0.11 Q.11 What is Azure DevOps?
- 0.12 Q12. What is Azure Git?
- 0.13 Q13. What is azure Pipelines?
- 0.14 Q14. What are the different ways to connect to a project in Azure DevOps?
- 0.15 Q15. What is the Azure active directory?
- 0.16 Q16. What do you mean by the guest user in azure ad
- 0.17 Q17. What is multi-factor authentication in the azure active directory?
- 0.18 Q18. What is Azure Integration Runtime ?
- 0.19 Q19. What is Azure Data Lake Analytics?
- 0.20 Q20. What are the features of the Azure data lake analytics?
- 0.21 Q21. What do you mean by Encryption at rest in Azure?
- 0.22 Q22. What is Client-side encryption in Azure storage?
- 0.23 Q23. What is Azure Cloud?
- 0.24 Q24. What is cloud computing?
- 0.25 Q25. What do you mean by Scalability in the Azure cloud?
- 0.26 Q26. What do you mean by Elasticity in the Azure?
- 0.27 Q27. Why Azure is called as low cost option for the application owner.
- 0.28 Q28. What is the Geo distribution in Azure cloud?
- 0.29 Q29. What could be one of the major disadvantage of Azure cloud?
- 0.30 Q29. What is the compute service in Azure? Give some examples.
- 0.31 Q30. What is Azure Virtual Machines :
- 0.32 Q31. What do you mean by Azure Virtual Machine Scale Set?
- 0.33 Q32. What is the Azure App Service? Explain.
- 0.34 Q33. What is the Azure Function?
- 0.35 Q34. What do you mean by Azure Subscription?
- 0.36 Q35. What would you create multiple subscriptions in a Azure account?
- 0.37 Q36. What Is Azure Resource Manager?
- 0.38 Q37. What do you mean by Azure resource groups?
- 0.39 Q38. What are the advantages of the Resource Group in Azure?
- 0.40 Q39. What is the advantages of Resource Manager?
- 0.41 Q40. What is the Region in Azure?
- 0.42 Q41. What is the Region Pairs in Azure cloud Platform?
- 0.43 Q42. What is the Advantages of region pairs in Azure?
- 0.44 Q43. What is an availability zone?
- 0.45 Q44. What is Infrastructure as a Service (IaaS) model in Azure?
- 0.46 Q45. What is Platform as a Service (PaaS) model in Azure?
- 0.47 Q46. What is Software as a Service (SaaS) model in Azure?
- 0.48 Q47. What are the benefits of the IaaS model in Azure?
- 0.49 Q48. What are the benefits of Azure PaaS service model?
- 0.50 Q49. What are the benefits of Azure SaaS service Model?
- 0.51 Q50. What is serverless computing in Azure?
- 0.52 Q51. What are public, private, and hybrid clouds?
- 0.53 Q52. What is Azure Internet of Things (IoT) service?
- 0.54 Q53. What is Azure Data Service?
- 0.55 Q54. What is Azure Storage Service?
- 0.56 Q55. What is the Azure DevOps offering?
- 0.57 Q56. What is Azure Network Services?
- 0.58 Q57. What is Azure App Service?
- 0.59 Q58. What are the different ways to connect to Azure Resources?
- 0.60 Q59. What is Azure CLI?
- 0.61 Q60. What is Azure Mobile App all about?
- 0.62 Features of the Azure mobile app
- 0.63 Q61. What is Azure Portal used for?
- 0.64 Azure Portal
- 0.65 Q62. What is Azure Key Vault?
- 0.66 Q63. What are the features of Azure Key Vault?
- 0.67 Q64. What is Azure Key Vault Encryption?
- 0.68 Q65. What is Azure Key Vault Monitoring
- 0.69 Q66. What is Microsoft Azure Sentinel?
- 0.70 Q67. What is Microsoft Azure Sentinel cloud native SIEM?
- 0.71 Q68. Why we should use Azure Sentinel?
- 0.72 Q69. What is Azure monitor?
- 0.73 Q70. What Do you mean by metrics in Azure Monitor?
- 0.74 Q71. What is Azure Monitor Logs?
- 0.75 Q72. What are the different types of data collected by Azure Monitor?
- 0.76 Q73. What is Azure application Insights?
- 0.77 Q74. What is the Difference between Azure Monitor and Application Insights?
- 0.78 Q75. What is Azure Application Gateway ?
- 1 Final Thoughts
I would support Azure app service usage due to the following reasons:
- It supports a large of programming languages ranging from JAVA to .NET to python. You can schedule the batch job written in the scripting language as well.
- It supports both Windows and Linux based applications.
- As Microsoft Azure manages the infrastructure hence you don’t need to worry about infrastructure management.
- Scaling up and down is a common feature with most cloud services. Hence you can leverage that as well here.
- Dedicated tools in Visual Studio and Visual Studio Code streamline the work of creating, deploying, and debugging.
Q2. Assume that you are working as an Azure engineer at Azurelib.com. You have to take a decision whether to use the Logic App or Azure function, how would you decide.
There are certain parameters that needed to be taken into consideration while making any decision. For example, you should start with checking all the different data sources and applications with which this proposed workflow has to interact with. If you feel there are different sources like Service Bus, Office 365 services such as Outlook, Excel, and SharePoint, Enterprise systems such as SAP and IBM MQ, or maybe file shares such as FTP and SFTP. In case your workflow needs connectors for any kind of these systems then probably logic app would be the prudent choice because of the rich number of connectors available.
Q3. Assume that you are working as a cloud engineer at Azurelib.com. You have been asked to develop an Azure function for certain requirements. This function possibly generates some exceptions, throw some errors. What you will do to analyze it properly.
We can do a couple of things here. First of all, you have to use application insights to get the logs for the function execution. In your function, you will be going to log all the important steps so that you can probably get to know up to what point that function has been executed. You also do proper exception handling and send meaningful information so that when somebody analyses the failure of the execution, he will get to know the proper reason.
Q4. Assume that you are working for Azurelib.com as azure developer and your organization is moving to cloud from on premise location. As a part of this activity you may need to move data which could be further used by the data science team to run analytics. Which Azure storage solution would you prefer for this situation and why?
I will use Azure data lake storage Gen 2 (ADLS) as the storage solution. ADLS provides the highly scalable and performance optimized support for the big data analytics hence it would be the right choice here.
Q5. Assume that you are a Azure DevOps engineer and working for XYZ organization. Organization is starting a new project which belongs to financial domain and tagged as confidential project. You have to choose DevOps solution from the Azure platform which one you will choose and why?
I will choose Azure DevOps server in this particular scenario instead of the Azure DevOps services. Reason is Azure DevOps server is on-premises offering by the Microsoft Azure. Hence the data of the project will remains inside the organization network itself, as this is the confidential project hence better to keep everything within the on-premises network.
Q6. Assume that you work as Azure Administrator for Azurelib.com. You have been asked to set the default password for all the new users added to the Active Directory. Can you set the default password for the first time user in azure ad?
Yes, you can set the default login password for the user.
Q7. Assume that you are working as a Azure Cloud engineer for Azurelib.com. Your application is storing the data with the cloud as your blob storage. Application is generating some reports which need to be accessible to third-party applications. However, you want this has to be accessible only for the next 7 days. After that, it should automatically not be allowed access to these reports. How could you solve this problem?
Application is generating the data into the Azure blob storage. We have SAS token available with azure storage solution. We can create a SAS token for these reports where we can mention the time duration of the next 7 days for this token. Share this SAS token with other applications so that they can use the token to get the reports. After the 7 days, this token automatically gets expires and will not allow to access anyone after the seven days.
Q8. Assume that you are working as the cloud lead engineer at Azurelib.com, You have been asked to review the Azure function written by one of the team members. How would you do the code review with cost optimization in mind?
In the Azure function, the cost is mainly occurred because of two factors. The first is Memory it takes for a single execution run. The second is the total execution time it takes. Azure function cost is based on these two factors only. Hence when u review the Az function just check for those two factors from cost optimization perspective.
Q9. What is azure data factory used for ?
Azure Data factory is the data orchestration service provided by the Microsoft Azure cloud. ADF is used for following use cases mainly :
- Data migration from one data source to other
- On Premise to cloud data migration
- ETL purpose
- Automated the data flow.
There is huge data laid out there and when you want to move the data from one location to another in automated way within the cloud or from on-premises to the azure cloud azure data factory is the best service we have available.
Q10. What are the main components of the azure data factory ?
These are the main components of the the azure data factory:
Q.11 What is Azure DevOps?
Azure DevOps services is the service by Microsoft Azure which helps the organization to fast pace and plan, develop, manage, monitor and deploy the project more effectively and efficiently. It brings developers, managers and contributors on common platform to complete the projects. It produces the service over the cloud using the azure DevOps service and on on-premise location using the azure DevOps server.
It does mainly consist of list of individual services and client can chooses any one of them as per their need. List of services are as as:
- Azure Repos
- Azure Pipelines
- Azure Boards.
- Azure Test Plans
- Azure Artifacts
Figure1: Azure DevOps Architecture reference Microsoft Official Documentation
Q12. What is Azure Git?
Azure Git is nothing but the same most popular standard Git, source version control. It is distributed version control system for example when you work on your local copy, which in itself is entire repository. Once you done with your changes you commit the changes locally and then merge your repo with the Git server i.e. master repository.
Q13. What is azure Pipelines?
Azure pipeline is one of the most important services among the Azure DevOps, it provides the continuous integration and continuous delivery of the code by build and deploy the code In the desired environment. It can work for any project irrespective of the technology and type of the project.
Q14. What are the different ways to connect to a project in Azure DevOps?
We can connect to Azure DevOps project by using the following ways:
- Access the azure DevOps through web portal
- Integrating with Visual Studio or Team Explorer
- Eclipse/Team Explorer Everywhere Integration
- Android Studio with the Azure DevOps Services Plug-in for Android Studio
- IntelliJ with the Azure DevOps Services Plug-in for IntelliJ
- Visual Studio Code
Q15. What is the Azure active directory?
Azure Active Directory (Azure AD) is basically an identity and access management service provided the Microsoft Azure. It is the extension of the Microsoft active directory. It helps users, employees to seamlessly access the various resources as per their role with just one sign-on. It can be integrated with a huge number of external services and resources like SaaS applications and other Microsoft products like Office 365, Dynamics 365, etc.
Q16. What do you mean by the guest user in azure ad
In an organization sometimes you want a few external organization users to collaborate with your applications and servers to perform certain operations. In those cases to authenticate those users and provide B2B collaboration guest user is used. You can invite the external/third party user by creating the Guest user for them. Once your works get done, you can remove the same.
Q17. What is multi-factor authentication in the azure active directory?
Multi-factor authentication is two-step verification process. First is something you know (like a password or key) and second is something you possess (like OTP or biometric authentication such as a fingerprint). These two step verification has become the new norm and has strengthened the user account immensely.
Q18. What is Azure Integration Runtime ?
As the name suggested azure integration runtime is the runtime which is managed by the azure itself. Azure IR represents the infrastructure which is installed, configured, managed and maintained by the azure itself. Now as the infrastructure is managed by the azure it can’t be used to connect to your on premise data sources. Whenever you create the data factory account and create any linked services you will get one IR by default and this is called AutoResolveIntegrationRuntime.
When you create the azure data factory you mentioned the region along with it. This region specifies where the meta data of the azure data factory would be saved. This is irrespective of the which data source and from which region you are accessing.
For example if you have created the adf account in the US East and you have data source in US West region, then still it is completely ok and data transfer would be possible.
Q19. What is Azure Data Lake Analytics?
Azure data lake analytics service provides the capabilities to do analytics over big data. It is as simple as firing the query over the data. There is no need to do any side work like deploying, configuring or hardware management. It is a scalable service to handle the job seamlessly over the massive data storage. Here focus would be on running the query directly on the existing data without provisioning the compute resources.
Q20. What are the features of the Azure data lake analytics?
Main features of Azure data lake analytics are as follows:
1. Cost effective: You don’t have to provision any hardware, license or any agreement. Its pay per use model with pay per job request. You can run any size of workload from terabytes to petabytes of data.
2. Support multiple data sources: You can run Azure data lake storage Gen1, azure sql db, azure synapse. Best performance can be obtained on ADLS.
3. Includes U-SQL query language similar to SQL to execute over the massive amount of big data.
4. It creates the visualization of job like below, which can help you to analyze, debug and optimize your job.
Q21. What do you mean by Encryption at rest in Azure?
Azure Storage encryption helps in protecting client’s data to meet client’s organizational security and compliance commitments. Azure Storage automatically encrypts all before storing it into the storage account and it decrypts it prior to retrieval. The encryption, decryption, and key management processes are transparent to users. Key for encryption and decryption can be chosen by the client.
Q22. What is Client-side encryption in Azure storage?
Azure provides the storage client libraries. It has methods for encrypting and decrypting the data. Clients can use these libraries to encrypt the data before sending to azure hence the data which is getting transferred over the network would be secure only.
Q23. What is Azure Cloud?
Azure cloud is the cloud platform developed, maintained and owned by Microsoft. It has more than 200 products and cloud service to offer based on the customer needes. It provides solution from variety of services like storage, computing , networking, analytics, Iot, VR and adding many more. You can use Azure to build, deploy, run and manage your application and data in most effective and economical manner irrespective of the size and volume.
Q24. What is cloud computing?
Cloud computing can be defined as delivering the computing or storage service over the internet. If you have ever used the google drive or the drop box, you must have already using the cloud storage services. Here it called as cloud storage because the information is neither stored on your machine. mobile or server. It is stored over the internet. That’s why it is termed as cloud storage.
Q25. What do you mean by Scalability in the Azure cloud?
In cloud platform the biggest advantage is their scalability. It allows the user to scale up or down resources ( for example increase / decrease the hardware allocated to machine like RAM, processor of hard drive) as per the need. It also allows the user to scale in or out as well ( for example increase / decrease the number of machine allocated ) as per the requirements. Hence you can think of Scalability is of two types as follows:
1. Horizontal Scalability
2. Vertical Scalability
Horizontal Scalability : When you add same kind of more machines to support your work load it is called as horizontal scaling. Like increase the number of machine from 2 to 4. It is also called as Scaling out. When you decrease the number of machine then it is called as Scaling in.
Vertical Scalability: When you increase the size of the internal resources of the machine for example RAM, cpu i.e. called as Vertical scaling. When you increase the size of Ram from 2GB to 4 GB it is called as Scaling up. When you decrease the size it is called as Scaling down.
Q26. What do you mean by Elasticity in the Azure?
It is somewhat like scalability only, however it allows the application to auto scale based on the load and other parameters. It ensures that the application will have always right amount of resources available to it.
Q27. Why Azure is called as low cost option for the application owner.
As in cloud we get resources and services on rental or pay as you go model. Hence we need to pay very minimal cost and that too only for the period of utilization. Therefore it has low capex. Moreover the various cloud provider like Microsoft Azure , AWS, GCP all has very competitive pricing model.
Q28. What is the Geo distribution in Azure cloud?
Cloud providers like Microsoft Azure has their datacenter available across the word, and divided in terms of Regions. User can choose the region based upon their application user proximity. For example if end customers belong to East US, then it make sense for the organization to deploy the application in East US region itself. This will enhance the user experience due to low latency.
Q29. What could be one of the major disadvantage of Azure cloud?
· Security : As everything in the cloud works over the internet, this could have raised the risk of unauthorized access to data and resources. However cloud providers committed to provide the various encryption and secure network but still there are few cases of security breach.
· Dependency on Internet : In case of natural calamity within specific area or any disruption of internet, until and unless internet is up, there is no other way to continue work.
Q29. What is the compute service in Azure? Give some examples.
‘Compute service’ means a service which provides the some computational functionality. For example when you started learning about the computer, you must have learned three basic parts of the computer , CPU – Hard disk – Monitor. Here CPU is your central processing unit. CPU provides computer power to do calculations and processing.
So when you say you need compute service, that’s means you want some computational power. All the cloud providers provide the various computational and storage services. Microsoft provides the compute service as follows :
· Azure Virtual Machines
· Azure Container Instances
· Azure App Service
· Azure Functions (or serverless computing)
Q30. What is Azure Virtual Machines :
It is also popularly called as Azure VM, you can think it of as renting a machine in the cloud. VM is simulation of the physical computer or laptop in your home or office. It provides the virtual RAM, disk and processor. You can create the VM using the azure portal or the Azure power shell / bash shell. It comes under the IaaS as it gives flexibility and control over hardware, software as per customer need. You can install software on it as per your requirement.
Q31. What do you mean by Azure Virtual Machine Scale Set?
It is kind of azure service which provides the set of identical virtual machines to manage and deploy your workload. VM scale set ensures that all the machines have same configuration as you defined, hence auto scaling here could be termed as true autoscaling.
Q32. What is the Azure App Service? Explain.
Azure application service is the PasS service which provide the managed environment of your choice to build and deploy any web / mobile application. You can think it of as the virtual box with all the hardware -software installed. User has to just connect to it , for quickly building and deploying the application.
Q33. What is the Azure Function?
Azure Function popularly called as the server less computing. However you must be thinking, in the real world every computation need server then why it is called as the server less computing. Azure functions just takes your function definition to execute it. You provide the input to the function and then its azure responsibility to allocate the compute resources for executing the functions. Customer has to pay only for the duration the function executed. At the same time it is highly scalable and can dynamically handle the number of request at scale.
Q34. What do you mean by Azure Subscription?
You must have a subscription to take advantage of Azure’s cloud-based services. It acts as a single Azure resource billing unit in which a subscription is paid for services used in Azure. A single account is connected to an Azure subscription, the one that was used to establish the subscription and is used for billing purposes. Resources can be provided as examples of the various Azure products and services inside the subscription.
A subscription gives you authenticated and registered access to products and services from Azure. It also facilitates the availability of services for you. An Azure subscription is a logical Azure service unit that links to an Azure account that is an Azure Active Directory (Azure AD) identity or a directory that is trusted by Azure AD
Q35. What would you create multiple subscriptions in a Azure account?
· Billing boundary: This form of subscription defines how to charge an Azure account for using Azure. For various types of billing conditions, you can build several subscriptions. For each subscription, Azure produces different billing reports and invoices so that you can organize and handle costs.
· Access control boundary: At the subscription level, Azure implements access management policies, and you can create different subscriptions to represent various organizational structures. An example is that you have different divisions within a company, to which you apply separate Azure subscription policies. This billing model helps you to monitor and control access to the services that unique subscriptions provide users with.
- Environments: You can choose to build subscriptions to set up different environments for creation and testing, protection, or to isolate data for compliance purposes when managing your resources. This design is especially useful since regulation of resource access exists at the subscription stage.
- Organizational structures: Subscriptions can be generated to represent various organizational structures. For instance, while giving the IT department a wide range, you might restrict a team to lower-cost resources. Inside could subscription, this design help you to monitor and control access to the services that users have.
- Billing: For billing purposes, you may want to build additional subscriptions as well. You may want to build subscriptions to control and monitor costs based on your needs, since costs are first aggregated at the subscription stage.
- Subscription Limits: Subscriptions are subject to certain challenging restrictions. The maximum number of Azure ExpressRoute circuits per subscription, for instance, is 10. When you build subscriptions on your account, certain limits should be considered.
Q36. What Is Azure Resource Manager?
Azure Resource Manager (ARM) is an Azure service that you can use as a code paradigm to control and deploy assets using an infrastructure. It allows you to use a number of features to provide, change, and uninstall services, including access controls, tags, and locks.
There is some unique terminology you should be aware of when using Azure Resource Manager. Words that are most common include:
Resource: an asset that is manageable. it include Virtual machines (VMs), virtual networks, databases, mobile applications, and storage accounts for subscriber. Tags, subscriptions, resource classes, or management groups can also refer to resources.
Resource group: A container that contains an Azure solution’s associated resources. There are resources in the resource community that you want to handle as a group. Based on what makes the most sense for your company, you determine which resources belong in a resource category.
Resource provider: an individual Azure service in which you can generate resources. For example Microsoft Disk or Microsoft Compute,
Declarative syntax : syntax that allows you to say “Here is what I intend to create” without having to write the programming command sequence in order to create it. An example of declarative syntax is the template Resource Manager. In the code, you describe the infrastructure properties to deploy to Azure. See Description of template deployment.
Q37. What do you mean by Azure resource groups?
A fundamental feature of the Azure platform is resource groups. For resources deployed on Azure, a resource category is a logical container. In an Azure subscription, these tools are everything you make, such as VMs, instances of Azure Application Gateway, and instances of Azure Cosmos DB. All resources must be in a group of resources, and only a member of a single group of resources may be a resource.
Most resources may be shared between resource groups with those programs that have unique restrictions or conditions to be transported. Resource classes are not nest able. You need a resource category for it to be put in before any resource can be provisioned.
Q38. What are the advantages of the Resource Group in Azure?
To help manage and coordinate your Azure resources, resource groups exist. You can provide the resources you build in Azure with order and structure by putting resources of similar use, form, or location in a resource category. The aspect you are most interested in here is logical grouping, because there is a lot of disorder among our properties.
If you uninstall a resource group, all the resources it contains will be removed as well. In non-production environments, grouping resources by life cycle may be useful, where you might try an experiment and then dispose of it. To eliminate a collection of resources all at once, resource groups make it simple.
Resource groups also provide space for the implementation of RBAC (Role-Based Access Control) permissions. You can ease management and restrict access by adding RBAC permissions to a resource group to allow only what are required.
Q39. What is the advantages of Resource Manager?
- Manage the infrastructure, rather than scripts, by declarative templates.
- Deploy, handle, and monitor all the resources as a group for your solution, rather than personally managing these resources.
- Throughout the implementation lifecycle, redeploy your solution and have faith that your assets are deployed in a consistent state.
- Define the resource dependencies such that they are deployed in the correct order.
- Apply access control to all services since RBAC is built natively into the platform for management.
- Apply resource tags to logically organize all of your subscription services.
- Clarify the billing of your company by viewing expenses for a community of services sharing the same tag.
Q40. What is the Region in Azure?
A region is a geographical area on the planet containing at least one, but probably many, surrounding datacenters and networked with a low-latency network. To ensure that workloads are properly managed, Azure intelligently assigns and monitors the resources within each area.
Azure allows customers the ability to deploy software where they need to, with more global regions than any other cloud provider. In 52 regions around the world, Azure is generally accessible, with plans announced for 6 additional regions.
West America, Canada Central, West Europe, Australia East, and Japan West are a few examples of regions. As of June 2020, here’s a view of all the regions available.
In comparison to every other cloud provider, Azure has more global regions. These regions give you the ability to get applications closer to your customers, no matter where they are. Better scalability and redundancy are given by global regions. For your equipment, they even retain data residency.
Q41. What is the Region Pairs in Azure cloud Platform?
Using one or more datacenters, availability zones are created. Within a single area, there are at least three areas. A major catastrophe may potentially cause an outage significant enough to impact even two datacenters. That’s why Azure produces pairs of regions as well.
- Within the same geography, each Azure region pairs with another region, making a regional pair together.
- Azure serializes updates to the platform such that only one area at a time is updated.
- There are direct ties in a pair of Azure regions that offer additional advantages to using them together.
- If practicable, each Azure Region in a pair is often located more than 300 miles apart.
- West US paired with East US, South-East Asia paired with East Asia are examples of area pairs.
Q42. What is the Advantages of region pairs in Azure?
- If an extensive Azure outage occurs, one region out of every pair is prioritized to make sure at least one is restored as quickly as possible for applications hosted in that region pair.
- Planned Azure updates are rolled out to paired regions one region at a time to minimize downtime and risk of application outage.
- Data continues to reside for tax and law enforcement purposes within the same geography as the pair (except for Brazil South).
Q43. What is an availability zone?
Availability zones within the Azure area are physically different datacenters. Each zone of availability consists of one or more datacenters with independent control, cooling, and networking equipment. To be an isolation boundary, an availability zone is set up. The other continues to work if one zone goes down. Via high-speed, private fiber-optic networks, availability zones are connected.
Through co-locating your computing, storage, networking, and data resources within a zone and replicating them in other regions, you can use availability zones to run mission-critical applications and incorporate high availability into your application architecture. Keep in mind that duplicating your services and moving data between zones could cost you.
Availability zones are mostly for databases like VMs, managed disks, load balancers, and SQL. Azure programs promoting zones of availability fall into two categories:
- Zonal Services: The resource is pinned to a particular zone (for example, VMs, managed disks, IP addresses).
- Zone-redundant services: Automated replication of the platform across zones (for example, zone-redundant storage, SQL Database).
Q22. What are the types of cloud Service Models?
- Infrastructure as a Service (IaaS)
- Platform as a Service (PaaS)
- Software as a Service (SaaS)
Q44. What is Infrastructure as a Service (IaaS) model in Azure?
The cloud service model of IaaS is the closest to physical server management; the infrastructure will be held up-to-date by a cloud provider, but the maintenance of the operating system and network configuration is up to you as the cloud tenant.
Often known as hardware as a facility, IaaS is (HaaS). It is an internet-managed computing infrastructure. The primary benefit of using IaaS is that it allows users to minimize the expense and complexity of buying and maintaining physical servers.
For example, Azure virtual machines are fully operating virtual machines running in Microsoft data canters. The fast deployment of new computing devices is a benefit of this cloud service model. It is considerably quicker to set up a new virtual machine than to purchase, mount, and configure a physical server.
Q45. What is Platform as a Service (PaaS) model in Azure?
A managed hosting environment is this model of cloud service. The virtual machines and networking services are operated by the cloud provider, and the cloud tenant deploys their applications into the managed hosting environment.
The PaaS cloud computing platform is designed to create, test, operate, and manage applications for the programmer. For example Azure App Services offers a controlled hosting environment in which developers can upload their web apps without having to worry about the specifications for physical hardware and software.
Q46. What is Software as a Service (SaaS) model in Azure?
Also known as “on-demand tech” is SaaS. It is a program in which the apps are hosted by a provider of cloud services. With the support of an Internet connection and a web browser, users can access these programs.
The cloud provider handles all facets of the application environment in this cloud service model, such as virtual machines, networking services, storage of data, and applications. The cloud tenant only needs to provide the application managed by the cloud provider with their data.
For example, Microsoft Office 365, for instance, offers a completely operating version of Microsoft Office that runs on the cloud. Creating your content is what you need to do, because Office 365 takes care of everything else.
Q47. What are the benefits of the IaaS model in Azure?
- Consumption-based model
In an Operating Expenditure (OpEx) model, companies pay only for what they use and maintain.
To deploy, use, and obtain the benefits of a public cloud, no deep technical skills are needed. Organizations should make use of the cloud provider’s skills and experience to ensure that workloads are healthy, stable, and highly accessible.
- Cloud benefits
To ensure that workloads are made safe and highly accessible, companies should use the cloud provider’s skills and expertise.
IaaS is the most versatile cloud service because you have control over the configuration and management of your application’s running hardware.
- Increased Performance, Decreased CapEx
Increased efficiency is among the more well-known advantages of IaaS. With IaaS, the IaaS cloud service provider of your choosing provides and maintains the infrastructure. A cloud provider usually has an infrastructure set-up that is more stable, redundant, and robust than what would be feasible and financially practical in an office setting. This means that the upfront costs associated with buying, maintaining and running hardware can be saved by your business, minimizing the total capital expenditure (CapEx) for your IT spending.
- Agility or versatility
Applications can be easily made available and, whenever desired, deprovisioned.
- Administration /Management
The model of shared responsibility applies; the customer manages and maintains the services they have delivered, and the cloud provider manages the cloud infrastructure and maintains it.
Q48. What are the benefits of Azure PaaS service model?
- No CapEx
Users should not have any up-front expenditure.
PaaS is more agile than IaaS, and servers for running applications do not need to be configured by users.
- Consumption-based model
Users pay and work under an OpEx model only for what they use.
To deploy, use, and obtain the benefits of PaaS, no profound technical skills are needed.
- Cloud benefits
To ensure that their workloads are made stable and highly accessible, users can take advantage of the cloud provider’s skills and expertise. Furthermore, users can gain access to more cutting-edge resources for growth. They can then apply these tools throughout the lifecycle of an application.
Users should concentrate only on application development, since all platform maintenance is done by the cloud provider. Working with distributed teams as services is easier because the platform can be accessed over the Internet. You can make the platform more easily available globally.
Q49. What are the benefits of Azure SaaS service Model?
- No CapEx
Users should not have any up-front expenses.
Users can quickly and conveniently provide workers with access to the latest technologies.
- Pay-as-you-go pricing model
On a subscription model, users pay for the software they use, usually weekly or annually, regardless of how often they use the software.
To deploy, use, and obtain the benefits of SaaS, no profound technical skills are needed.
From anywhere, users can access the same application data.
Q50. What is serverless computing in Azure?
Serverless computing, like PaaS, helps developers to create applications quicker by removing the need to handle infrastructure for them. The cloud service provider automatically provisions, scales, and manages the infrastructure needed to run the code with serverless applications. Serverless architectures are highly scalable and event-driven, utilizing resources only when there is a specific function or event or trigger occurs.
Q51. What are public, private, and hybrid clouds?
For cloud computing, there are three deployment models: public cloud, private cloud, and hybrid cloud. There are various aspects to each deployment model that you should consider when you switch to the cloud.
|Public cloud||Services are delivered over the public internet and are open to anyone who wishes to buy them. Cloud services are owned and managed by a third-party cloud service provider, such as servers and storage, and distributed over the internet.|
|Private cloud||A private cloud consists of technological tools used only by users of one company or organization. A private cloud can be physically hosted at the on-site (on-site) data center of your enterprise, or a third-party service provider can host it.|
|Hybrid cloud||A hybrid cloud is a computing system that blends a public cloud and a private cloud by allowing the sharing of information and applications between them.|
Q52. What is Azure Internet of Things (IoT) service?
Without reinventing the wheel, Azure IoT provides the company with platforms and software that can help you create IoT solutions. The IoT Central (SaaS) of Azure provides pre-configured solutions, while “Azure IoT solution accelerators” provide more flexibility for your company to create a custom solution. The Azure IoT Centre, which supports Azure IoT Central and Azure IoT solution accelerators, is the main platform (PaaS).
Q53. What is Azure Data Service?
Cloud information is processed and handled by Azure data services. A number of data resources are included in Microsoft Azure: Azure Storage, Azure SQL Database, Azure DocumentDB, Azure StorSimple, and Azure Redis Cache.
Q54. What is Azure Storage Service?
The data storage service offered by Microsoft Azure provides stable and flexible cloud storage for both structured and unstructured data. Your data protection experts will ensure stable integration of your on-premise data with cloud data using Azure Storage.
Multiple storage options like blob, queue, disk, and NoSQL are provided by Azure Storage. Without affecting the production environment, you can store any size of data, from a small size blob to a large file, as per your business requirement.
Q55. What is the Azure DevOps offering?
By offering an alternative to the self-managed CI/CD servers and open source DevOps tools, Azure DevOps automates the software delivery process and boosts your software creation. With its fast and reliable tools, Microsoft Azure DevOps technology will help you with hassle-free delivery. It is an extensible framework that can extend the current tools and IDEs and provide hundreds of marketplace integrations.
Q56. What is Azure Network Services?
Azure Network Services applies to those services that function within Azure and between Azure and on-site infrastructure networking operations. These include Azure Virtual Network, Azure ExpressRoute, DNS supported by Azure, Azure Traffic Manager and Azure Network Content Delivery (CDN).
Q57. What is Azure App Service?
Azure App Service is an HTTP-based service for hosting web applications, REST APIs, and mobile back ends. You can develop in your favorite language, be it .NET, .NET Core, Java, Ruby, Node.js, PHP, or Python. Applications run and scale with ease on both Windows and Linux-based environments.
Q58. What are the different ways to connect to Azure Resources?
Four ways to access the Microsoft Azure Resources for your day to day administrations are as follows:
1. Azure Portal
2. Azure Power Shell
3. Azure CLI
4. Azure Mobile App
Q59. What is Azure CLI?
CLI very quick and easy way to create and manage azure resources. The nice thing is you can run it from Azure Cloud Shell or you can install it locally on your Windows, Mac or Linux computer. Nice thing is, these are simple to read commands based on the task at hand. So for example,
az group create --name azurelib-resource-group-name --location eastus
I could do something like a group, create dash dash name and give it a resource group name like ‘ azurelib-resource-group-name ‘ dash location with ‘eastus’, and that would create a new resource group in that location.
Q60. What is Azure Mobile App all about?
We have the mobile app. This came out again available for iPhone or Android, and this gives you a nice visual of machines running. You know, this is great more for if you just want to check the status on a machine, check if it powered on, perhaps you got an alert, come in and you want to check what’s going on with that machine.
This is a great way to get some quick information. Obviously, you are doing on a mobile phone. You’re not going to get the huge UI that you’ve got with Azure Portal. So this is just for like small tasks and things that you might want to do on the go.
Features of the Azure mobile app
- You basically can download it from the Apple or Android store.
- You can monitor Azure resources with it.
- You can take corrective action with it.
- You can run commands.
Q61. What is Azure Portal used for?
We’ve got the Azure portal. That’s the user interface that you’ll use most of the time as this is one of the most popular and easy way to connect to the Azure resources. It is accessible by using this website url : https://portal.azure.com
This is probably the main place you’re going to go to look around the environment. It gives you that nice visual. There’s a lot of power and having a graphical user interface. If you want to see all of your resources filtering resources, look at dashboards, look at monitoring events, all those things. This is the central place. And, you know, Microsoft have done an absolutely fantastic job with the portal and it continues to be updated. I will say that as you look through videos, documentations, things change very, very frequently. You’ll see different icons change from time to time. Everything is still there. They just make a lot of incremental improvements all the time. So, you know, by the time you sort of get to the portal, don’t be surprised if a few things change, you know, one week to the next, you know, that’s perfectly normal.
Q62. What is Azure Key Vault?
Azure Key Vault is the service provided by Microsoft Azure to store and access the secrets, certificate, token, keys and any configuration value which you want to store securely and accessed by only authenticated users, application and service. Main idea is to remove the hard coded storing of these secrets and keys in application code. For example let’s say I have an ecommerce web application and I wanted to pull all the previous order details. In this case I have to connect my application database to retrieve the data. Hence these database connection details like database server endpoints, username and password. To avoid storing this sensitive information in the code, I can keep it in the Azure Key Vault and whenever I need it, can be retrieved from the key vault.https://azurelib.com/explained-azure-key-vault-with-practical-example/
Q63. What are the features of Azure Key Vault?
- It solves the problem of Key storage, certificate storage management and secret management. It provides the secure way to store the information and defined the fine grained access control on it.
- Az key vault provides the centralized storage solution for the secret management. All the secrets can be managed from one dashboard.
- Azure key vault can store the key in the software-protected or hardware protected by hardware security module (HSMs) mechanism.
- Azure key vault provides the mechanism to monitor the usage of the key vault. You can monitor who has access the keys with detailed log analysis.
- In the case of Public CA, it can take care of renewal of certificates on its own.
- Highly scalable solution.
Q64. What is Azure Key Vault Encryption?
Azure provides the transport layer security by ensuring any data flow from azure key vault to client must be encrypted. When a user hits the key vault URI to get the key information, the response from the URI is encrypted while in transit. Besides this, when you store your key and secrets in a key vault all of them has been encrypted first and then stored. This is how it provides security at rest.
Azure key vault stores the secrets and key with such a strong encryption that even Microsoft itself won’t be able to see your key and secrets in any way.
Q65. What is Azure Key Vault Monitoring
Azure key vault provides an extensive logging mechanism. You can monitor all the attempts failed/successful attempting to retrieve the keys. It also monitors all unauthorized access to the key vault and logs the event.
Once we enable the logging for the azure key vault all the logging events can be saved in the azure storage which can further be analyzed using the proper analytical queries.
Q66. What is Microsoft Azure Sentinel?
In organization cloud infrastructure there is always risk for threat, virus and other unauthorized or malicious activities. This can be spread out across the cloud infrastructures, on premises infrastructure, devices and may also include other cloud (in case you have multi cloud architecture). This will also various cloud integration services as well. Hence there is need to have a central system which can help us to take care of all these threats detection and should be capable enough to respond to it in defined automated way.
Q67. What is Microsoft Azure Sentinel cloud native SIEM?
Azure sentinel is SIEM solutions (Security Information Event Management). It uses the advance AI and machine learning algorithms to analyze the logs and tries to detect any threat posed for the system. Azure Sentinel is basically comprises of the four important steps depicted by below diagram:
- Collect: Azure sentinel collect the data and information from across all the system, devices, services, application, on-premises servers and cloud. Various systems generates huge amount log information that could be key for security professionals to identify any threat or anomalies.
- Detect: Once the data get collected, azure sentinel try to analyze and detect the threats using the Microsoft security intelligence using AI.
- Investigate: Azure sentinel then investigate all the threats detected, and using the AI technology detect at large scale whether these will be important for organization or not.
- Respond: It will define the response mechanism for the threat detected. It could be series of workflow which need to be initiated when any specific kind of threat gets detected.
Q68. Why we should use Azure Sentinel?
In a large infrastructure it is not possible to analyze each and every system and services to identify any threats. We need a system at scale which can help us to analyze all resources and services from security stand point from one place. Azure sentinel provide you the global solution to analyze any security threat in your entire landscape. It may be include all your resources, endpoints, applications, devices and other cloud infrastructure. Using the collect feature, azure sentinel provides the connector that can bring in the logs from any kind of system and services in one place.
Q69. What is Azure monitor?
Azure monitor is one of big powerful service of the Azure platform. This service is available across the board for many azure services and resources. Azure monitor is combined end to end solution for ingesting, managing, monitoring and analyzing your log data and application.
Azure Monitor uses fundamentally two types of the data as follows:
Q70. What Do you mean by metrics in Azure Monitor?
Metrics is the lightweight numerical data from the monitored resources (azure resources, services), which is collected in some specific interval and get stores in the time series database. It is basically used to gather the information about the monitored resources. For example in case of Azure VM it could RAM utilization, CPU utilization or etc.
Q71. What is Azure Monitor Logs?
It collects the data in the organized form which is used for analysis. It gathers the data from the various sources like platform logs from Azure services, log and performance data from VM agents, and usage and performance data from applications. All of these data can be combined inside a single workspace called as Log Analytics Workspace. Kusto Query Language (KQL) can be used to quickly analyzing millions of records.
Q72. What are the different types of data collected by Azure Monitor?
Azure Monitor collects data from variety of source which can be categorized in these tiers as follows:
- Application monitoring data : It is monitoring data about your application. It could be your web application or some other client server application. Application need not be deployed within the Azure. There are agents available which can be installed to pull the performance log and application log data from the application deployed on on-premises server or on other cloud servers like AWS or GCP.
- Guest OS monitoring data: Data belongs to operating system on which your application is running. Azure monitor agents can pull the performance data from the underlying OS irrespective of whether is it azure managed or on-premises server.
- Azure resource monitoring data: As the name suggest it is data about the azure resources. Example could be virtual machine, or any other IaaS or PaaS service.
- Azure subscription monitoring data: Data related to the your azure subscription operation and management.
- Azure tenant monitoring data: It is data related to Tenant level. For example Azure Active directory.
Q73. What is Azure application Insights?
Azure application insights is a part of Azure monitor service. It is one of the powerful tools which can help to diagnose, monitor and analyze your application. It can help in identifying anomalies and monitoring the performances of applications deployed anywhere irrespective of their technology. Azure application insights can monitor the application deployed on Azure as well as it can monitor the application which is deployed on on-premises or any other cloud provider platforms like AWS or GCP. It can also integrate mobile apps to send the telemetry data and analyze it as per business need.
Q74. What is the Difference between Azure Monitor and Application Insights?
|Azure Monitor||Azure Application Insights|
|Azure monitor is end to end logging solution. Application Insights is one of the feature service of azure monitor itself.||Azure application Insights is Application Performance Management (APM) service for collecting and monitoring the application log data.|
|Azure monitor can collect the data from variety of the sources like application, guest OS azure resources and tenants.||Azure Application Insights is meant for collection the application data only.|
Q75. What is Azure Application Gateway ?
Azure Application gateway is web traffic load balancer which can distribute the incoming web request and helps you to manage your web application traffic efficiently. It works at 7th layer of OSI model i.e. at application layer and can distribute the workload on incoming request url pattern.
Microsoft Azure Official Documentation Link
In this blog, I have tried to assemble up a couple of Azure interview questions and answers. This is one of the very important guides for freshers and experienced professional Azure cloud engineer, developers, and leads. In this list of interview preparation guide, my main focus was to cover all the question which is frequently and mostly asked on Azure developers role.
Hope you have liked this Interview preparation guide and will help you to crack the Azure interview. You can also go through my various interview preparation guide for Azure data factory, Azure data bricks, Azure Functions, Azure logic app, and many more.
Please share your suggestions and feedback and you can ask your question and update this guide based on your interview experience.
Deepak Goyal is certified Azure Cloud Solution Architect. He is having around decade and half experience in designing, developing and managing enterprise cloud solutions. He is also Big data certified professional and passionate cloud advocate.