Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AZ-104 > Monitor and back up Azure resources > Flashcards

Monitor and back up Azure resources Flashcards

1
Q

What is Azure Security Center?

A

Azure Security Center is a service that manages the security of your infrastructure from a centralized location. Use Security Center to monitor the security of your workloads, whether they’re on-premises or in the cloud.

Security Center creates an agent on each supported virtual machine as it’s created. It then automatically starts collecting data from the machine. You use Security Center to reduce the complexity of configuring security in this way.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is Azure Application Insights?

A

You use Azure Application Insights to monitor and manage the performance of your applications. Application Insights automatically gathers information related to performance, errors, and exceptions in applications. You also use Application Insights to diagnose what has caused the problems that affect an application. The following example shows a detailed breakdown of an exception and what caused it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is Azure Monitor?

A

Azure Monitor is the service for collecting, combining, and analyzing data from different sources.
Azure Monitor is the service for collecting, combining, and analyzing data from different sources.

All the application log data that Application Insights collects is stored in a workspace that Azure Monitor can access. You’ll then have a central location to monitor and analyze the health and performance of all your applications

Through the Log Analytics feature in Azure Monitor, you analyze data by querying logs from your workspaces

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is Azure Sentinel?

A

You use Azure Sentinel to collect data on the devices, users, infrastructure, and applications across your enterprise. Built-in threat intelligence for detection and investigation can help reduce false positives. Use Sentinel to proactively hunt for threats and anomalies, and respond by using orchestration and automation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Notebooks

A

Notebooks are playbooks that can consist of investigation or hunting steps that you reuse or share with others. Use Azure Notebooks for Azure Sentinel to develop and run your notebooks. For example, you might use the Guided hunting - Office365-Exploring notebook to hunt for anomalous activities in Office 365 across your enterprise.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

JIT

just-in-time (JIT) virtual machine access.

A

JIT is a feature that blocks persistent access to virtual machines. Your virtual machines are only accessed based on audited access that you configure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Playbooks

A

Playbooks are automated procedures that you run against alerts. You configure a playbook in the Playbooks pane of the Azure Security Center menu. You create a playbook by configuring a logic app

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Criteria for assessing Azure Sentinel

A

You use Azure Sentinel if:

You want a detailed overview of your organization, potentially across multiple clouds and on-premises locations.
You want to avoid reliance on complex and disparate tools.
You want to use enterprise-grade AI, built by experts, to identify and handle threats across your organization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Integration with Azure Security Center

A

Azure Security Center collects data from resources such as virtual machines by using the Log Analytics Agent. The agent gathers security-related information from resources like virtual machines, and puts it into a workspace that you can use for analysis. Information such as operating system logs and running processes are copied to the workspace, along with any crash dump files. Your workspace consists of multiple tables, each of which stores data from a specific source.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

KUSTO

A

Queries for logs are written in the Kusto query language (KQL). A KQL query might look like this:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Basic metrics for Azure VMs

A

Azure can collect these metrics by default for hosted VMs without requiring you to install more software. To capture the boot diagnostics, you need to create and associate a storage account. You associate the storage account at the time you create your VM. Or, for an existing VM, you associate one later

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Get more metrics

A

the Azure Diagnostics extension and the Log Analytics agent. Both tools are available for Windows and Linux.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Configure the Azure Diagnostics extension

A

If you need to capture more detailed performance metrics, or you need them in near real time, install the Azure Diagnostics extension. After it’s installed, you can configure it to capture what you need

The Azure Diagnostics extension allows you to collect real-time performance metrics from the guest operating system, along with log events, and store the results in an Azure storage account

az vm boot-diagnostics enable command. In PowerShell, you use the Set-AzVMBootDiagnostic command.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

AZ-104 (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions