SYSTEMS ADMINISTRATOR
➽As a Systems Administrator you are working in your Company.You work for a company named DSR.com.Your role of Systems Administrator at DSR.com includes the management of the company’s private and public clouds.The private clouds are hosted in a data center at the company’s headquarters.A physical server named DS-SQL1 runs Windows Server 2012 and SQL Server 2012.DS-SQL1 is hosted in the datacenter.You have an application that runs in Azure Cloud Services.The cloud service consists of two A1 virtual machine instances.The application copies data to a SQL Server database hosted on DS-SQL1.Users complain that the application runs slowly when it is copying data to DS-SQL1.You want to reduce the time it takes the application to copy data to DS-SQL1.
➧INSTANCE A3, CORES 4, RAM 7.00 GB, TEMPORARY STORAGE 1,000 GB, PRICE ₹21.16/hour
🔼Deploy the application as two A3 instances.
➽As a Systems Administrator you are working in your Company.You work for a company named DSR.com includes the management of the company’s private and public clouds.The private clouds are hosted in a data center at the company’s headquarters.The private clouds are hosted on Windows Server 2012 R2 Hyper-V servers managed by System Center Virtual Machine Manager 2012 R2 (VMM).You want to implement Microsoft Azure Site Recovery to use Azure as a backup site for the datacenter.You create a site recovery vault and select the “Between an on-premises Hyper-V site and Microsoft Azure” option.
➧You have Azure subscription,Azure powerShell and An application that can be configured to use Key Vault.
➬If you start an Azure powerShell session and sign in to your Azure Account.
connect-AzureRmAccount
➬In the pop-up browser window,enter your Azure account user name and password.
If you have multiple subscriptions and want to specify a specific one to use for Azure Key Vault.
Get-AzureRmSubscription
➢To specify the subscription to use.
Set-AzureRmContext -SubscriptionId <subscription ID>
➬We will create a new resource group named ContosoResourceDivision.
New-AzureRmResourceGroup –Name 'ContosoResourceDivision' –Location 'East US'
➣New-AzureRmKeyVault
[-Name] <String>
[-ResourceGroupName] <String>
[-Location] <String>
[-EnabledForDeployment]
[-EnabledForTemplateDeployment]
[-EnabledForDiskEncryption]
[-EnableSoftDelete]
[-EnablePurgeProtection]
[-Sku <SkuName>]
[-Tag <Hashtable>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
➣Resource group name,Key vault name, and Geographic location.All three are cmdlet mandatory.
⤵Vault name of ContosoKeyVault.
⤵Resource group name of ContosoResourceDivision.
⤵The location of East US.
➬New-AzureRmKeyVault -Name 'ContosoKeyVault' -ResourceGroupName'ContosoResourceDivision' -Location 'East US'
➣Vault Name: ContosoKeyVault
➣Vault URI: https://contosokeyvault.vault.Azureadministrator.net/
🔼Generate a vault key.
➽As a Systems Administrator you are working in your Company.You work for a company named DSR.com includes the management of the company’s private and public clouds.The company has an Azure Storage account.The storage account has a container that contains 100 large files stored as blobs.You need to provide a customer with access to one of the files.The customer will need to access the file for a few days within the next month.
➧You can use a stored access policy to change the start time,expiry time or permissions for a signature or to revoke it after it has been issued.
➣Storage resources support stored access policies:-
1)Blob containers.
2)File shares.
3)Queues.
4)Tables.
➣To create or modify a stored access policy,call the Set ACL operation for the resource.
a)Set Container ACL.
b)Set Queue ACL.
c)Set Table ACL.
d)Set Share ACL.
➽As a Systems Administrator you are working in your Company.You work for a company named DSR.com includes the management of the company’s private and public clouds.The company has datacenters in Los Angeles and New York.The company has a Microsoft Azure subscription.You are configuring the two datacenters as geo-clustered sites for site resiliency.
a)Set Container ACL.
b)Set Queue ACL.
c)Set Table ACL.
d)Set Share ACL.
➬<?xml version="1.0" encoding="utf-8"?>
<SignedIdentifiers>
<SignedIdentifier>
<Id>unique-64-char-value</Id>
<AccessPolicy>
<Start>start-time</Start>
<Expiry>expiry-time</Expiry>
<Permission>abbreviated-permission-list</Permission>
</AccessPolicy>
</SignedIdentifier>
</SignedIdentifiers>
➣If your existing policy grants read and write permissions to a resource,you can modify it to grant only read permissions for all future requests.
In this case,the signed identifier of the new policy,as specified by the ID field,would be identical to the signed identifier of the policy you are replacing.
➣To revoke a stored access policy,you can either delete it or rename it by changing the signed identifier.
➣To remove a single access policy,call the resource's Set ACL operation,passing in the set of signed identifiers that you wish to maintain on the container.
➫You can also manage the stored access policies for your storage accounts from within the Azure portal.
Shared access signatures (SAS) enable restricted access to entities within a storage account.A stored access policy provides additional control over service-level SAS on the server side.You can use a stored access policy to change the start time,expiry time or permissions for a signature or to revoke it after it has been issued.
🔼⤵Create a stored access policy on the container that specifies the start and end dates that the file should be available for.
⤵Create and provide the customer with an SAS (Shared Access Signature) based on a stored access policy.
⤵Delete the stored access policy when the customer has finished with the file.
➽As a Systems Administrator you are working in your Company.You work for a company named DSR.com includes the management of the company’s private and public clouds.The company has datacenters in Los Angeles and New York.The company has a Microsoft Azure subscription.You are configuring the two datacenters as geo-clustered sites for site resiliency.
You need to recommend an Azure storage redundancy option.
You have the following data storage requirements:
•Data must be stored on multiple nodes.
•Data must be stored on nodes in separate geographic locations.
•Data can be read from the secondary location as well as from the primary location.
➧If your primary endpoint for the Blob service is azureadministrator.blogspot.com,then your secondary endpoint is azureadministrator-secondary.blobspot.com.The access keys for your storage account are the same for both the primary and secondary endpoints.
➢RA-GRS replicates your data to another data center in a secondary region, and also provides you with the option to read from the secondary region.With RA-GRS,you can read from the secondary region regardless of whether Microsoft initiates a failover from the primary to secondary region.
➢Geo-redundant storage (GRS) is designed to provide at least 99.99999999999999% durability of objects over a given year by replicating your data to a secondary region that is hundreds of miles away from the primary region.Read-access geo-redundant storage (RA-GRS) is based on GRS.
🔼Read-only geo-redundant storage.
⤵When you create a storage account,you can also select one of the following replication options:-
Geo-redundant storage.
Zone-redundant storage.
Locally redundant storage.