Pass Microsoft Certified: Azure Solutions Architect Expert Certification Exams in First Attempt Easily

Microsoft Certified: Azure Solutions Architect Expert Certification Practice Test Questions, Microsoft Certified: Azure Solutions Architect Expert Exam Practice Test Questions

Want to prepare by using Microsoft Certified: Azure Solutions Architect Expert certification exam practice test questions efficiently. 100% actual Microsoft Certified: Azure Solutions Architect Expert practice test questions and answers, study guide and training course from Exam-Labs provide a complete solution to pass. Microsoft Certified: Azure Solutions Architect Expert exam practice test questions and answers in VCE Format make it convenient to experience the actual test before you take the real exam. Pass with Microsoft Certified: Azure Solutions Architect Expert certification practice test questions and answers with Exam-Labs VCE files.

Design for cost optimization

7. *NEW* Reservations and Hybrid Benefit

Now, let's talk about a few of the specifics you should look into when it comes to reducing your ongoing costs. So you know that the cloud computing environment is a very flexible way of creating and destroying resources on demand and scaling. But something that is relatively surprising to some people is that you can actually reserve your instances in Azure and pay for them one year or three years in advance and save significant money. These are called reserved instances. So you might have a server farm that contains at least 20 web servers at any one time, and you're not going to reduce that to ten or to five anytime soon. You know with 100% certainty that for at least the next year you're going to need those 20 Web servers. Well, you can save significant money by reserving those servers. So this is for predictable workloads, not for workloads that are scaling, bursty, or that only occur at certain hours of the day or certain days of the month. If you have 24/7 workloads, you can get reserved instances that will save you money. The other thing about reserved reservations in general is that they are not just for examples. Other types of reservations are possible, such as Cosmos, DB, SQL Database reservations, storage reservations, and so on.

So you should look into whether any of the services you use but can't seem to get rid of can save you money based on reservations. Now, a reservation is a one- or three-year commitment to Azure, and if you do that, you can save 50% or 70% off compared to paying by the hour or by the gigabyte. So reservations are definitely something to look into if you've got a baseline of resources that you're never going to be able to go below. Now, somewhat related to that is something called a hybrid benefit. So if you have an enterprise relationship with Microsoft and it includes some Windows operating system licences or some SQL Server licenses, you can basically use those licences that you've been granted in the cloud. So instead of using them for your on-premises servers, you indicate that these are hybrid licenses. and that is an additional set of savings. And so we saw that if we were to go into the pricing calculator, we could do that math and see the types of savings. We're talking about switching over quickly. We can look at two virtual machines that are DHS that we saw before, which are $1190 per month. If I move it to a reservation, that $1190 goes down to $920, which is a 40% discount. And if I'm willing to commit for three years, it goes into the $780 range, which is another type of discount. And then if I say I'm going to reuse my operating system license, I go all the way. So, from $1189 per month to $248 because I'm making a reservation and reusing my Windows licences from my premises.

8. *NEW* Licensing and Server Size

Now I should probably reinforce this point specifically about hybrid benefits, but there are other licencing choices that you can make. Many pieces of software have developer licences that are different than production licenses. And so making absolutely sure that you have developer edition licences for your development servers is going to save you money. So don't pay for production server licences when you don't need to, and also don't pay for licences such as those for the Windows operating system or Linux when you are already covered by your existing business agreement with the vendor. So if your business agreement with Microsoft includes Windows Server licences for a certain quantity, you better make sure that you're using those licences instead of just having them sit there unallocated and then just blindly paying for a new licence in the cloud. So hybrid benefits are a great thing to make sure you can take advantage of if you have these licences provided elsewhere; you also don't want to be unlicensed. So don't claim that you are using hybrid benefits when you don't have such an agreement, and be accurate when it comes to reporting these things. Now, if you look at what I said, the hybrid benefit is the Windows and SQL Server that have the Bring Your Own License offer. Things like SQL Server have a development edition, so don't waste a standard edition licence or worse on a development version of SQL Server. So keep an eye out for that. Now, while we're talking about this, I'm also going to talk about making sure that your servers are running at the right size. Apart from the Azure Advisor, which will basically tell you when things are idle, there is an opportunity for you to go down a size as long as the service level agreement and other factors can fit within your use. So, for instance, if you're running a four-CPU server, but again the CPU utilisation doesn't get anywhere close to 10% or 20%, then maybe you can get away with only a two-CPU server, and that's generally half the price. The same is true for Azure SQL Database or any kind of other database product within Azure. You are also looking at pricing for premium users within Azure Active Directory. And if your users don't require those premium services, then you're paying six or $9 a month per user for services that you're not using. The same is true for the provisions around networking load balancers versus premium load balancers. You're basically paying for extra things that you're not using, like web application firewalls that aren't configured, et cetera. So anything you can reduce the size of not only reduces the cost, but it also effectively reduces waste within your environment, electricity usage, and other environmental concerns. For instance, I showed you there were over 300 different virtual machine sizes within Microsoft Azure, and you might not even be familiar with all of the options available. So if you're using a larger server simply because it has more memory and more RAM, but you don't really need the CPU on that, then there are memory-optimized instances as opposed to our computer-optimized instances. So make sure you're running on the right-side server.

Design a solution for logging and monitoring

1. Group Resources Using Tags

So in this section of the course, we're going to be talking about designing, auditing, and monitoring strategies. In terms of technology, this is yet another strategic move. One thing you have to understand about auditing and monitoring is that things get a lot easier if you have a good organisational structure for your resources. So if you can imagine having an Azure subscription with 1,000 different resources in it, everything from databases and virtual machines to network cards and everything in between, how do you organise all that? so that you can do reporting, billing, alerts, get them to the right person, handle permissions in the right way, and all that stuff. There are a few ways to organise resources within Azure. One of the underutilised methods is called tagging. Basically, within the Azure Portal or within PowerShell's CLI, you can assign tags to resources. If we switch over to the Azure Portal, we can demonstrate this. Now this is a resource group, and even a resource group can have tags. So if you want to have some type of metadata that is specific to this project or specific to your company, you can add it as a tag. You can also go into the resource level, and you can see that the overview screen has access to add and change tags. There's even a separate settings panel for tags. Now I'll give you an example of how tags can be used. Now one of them could be—let's say you have an internal billing system and every project has a particular code attached to it. So you can assign the billing codes to your resources. And that's one way you'll basically track what the costs are and how they're associated with projects internally. Okay, we can save that. Another way you can do that is by having some other type of metadata, and I could put my name against it so I could say this resource was created by Scott. Now, of course, you can go into access control and go back in time and see who's responsible party.But having a person accompany the employee who can be contacted about any particular resource that's giving trouble might be very beneficial. You can also talk about various environments. I know in many environments we have dev, test, staging, multiple levels of those things, and production. And so, certainly, tagging things by environment is beneficial for billing as well as other purposes, such as understanding the disruption of, say, rebooting a resource and who it affects. So these are all examples of custom-created metadata. Now, Azure didn't give this to me. I created these and assigned values to them. But what good is that? Right? Let's go back to the homepage. I'm going to go into the subscription settings here and pick my subscription and go into cost analysis for my subscription. Now, right now this is a test account, and it's not accumulating very much in cost, but I could certainly break out my costs based on those tags. So if I said add a filter and I picked a tag, then which tag am I going to filter on? It could be the billing code. It could be the environment. Let's say I want to see all of those. Okay, so now the graph has been updated. I haven't accumulated any costs per these environments, but if I did, I would be able to see the cost of various projects broken out by colour. Okay? Even these graphs, which are broken out here, we can change them. Instead of seeing cost by service, we can see cost by billing code, and it will break out. That okay. So the graphs and the reports can all be modified to filter based on tag. So tagging is one method of organizing your resources specifically for billing, but also for auditing and other purposes. Now you can also organize your resources into resource groups. If you've taken any of my courses on this, is it 300 or other courses, then you will see that we're constantly creating resource groups. Every time we create a resource, you have to create a resource group. And so if you're intelligent and strategic about which resource groups you create and how you organize resources, then that's one way it's going to make your life easier. Again, in terms of the billing, in terms of who's getting alerts, the security, and things like that. Finally, at the top level, you can actually break out resources into different subscriptions. Again, if we go back to an organization that might be so disparate, that has different offices, different departments, people don’t necessarily have to be forced to talk to each other in order to create resources, then you might want to break out into multiple subscriptions. And even within Azure settings, you can open up VNET, peering, and other things. So resources within subscriptions can talk to each other with the right settings. But it's another way of organizing resources in a way that they don't interfere with each other. The billing becomes clear, and again, all the settings that you make are separated. Now the next thing that we need to talk about is Azure policy. So once you have your tagging policy setup, we can go into Azure policy. We can basically set that as a rule so that no one will be able to create resources without assigning tags or forcing some type of default tagging onto your resources. And if we switch back to Azure Portal and go into all services and type policy, we can see that Azure policy is here, and we can basically go and choose what kind of policies we want. We go by definitions. For instance, we want to find a tagging policy. I'm going to enter the word tag. And we can see that there are some enforcing tag and its value on a resource or on a resource group is an option and applying a tag is an option. So let's say we want to enforce a tag on all resources. Now I go into here, we can see there's Jason that basically says based on the if a tag name is not present then it will deny the creation. If somebody's trying to create resources without giving them a particular tag, it'll basically just fail. Okay, so we can basically go into the assign section for this entire subscription. We want to choose a subscription page. You go, I want all the resource groups in there. You can assign this to a specific resource group, and you're going to enforce a tag and its value. I want the tag to be "environment" and I want the value, the default value, to be "devastating." It will basically deny the creation of the resource if this tag is not present. Okay, that's an example of creating a policy. So if I say assign, then from this point forward, the tag and the value have to exist. Now if we change this to say the tag must exist, we can also do that, and that would be sort of a slightly different rule. But assigning a tag and its value as a default is certainly something you can do with an Azure policy, and that's another use of tags. And that's one way you can enforce your corporate policy through technology. And as we saw earlier in this video, you can go into the billing and the reports and basically break things out by tag or break things up by resource group. And that's how you're going to be able to assign costs. That $500 goes to this team and $200 goes to that team based on the resources all having tags and the tags indicating who's responsible for them.

2. Introduction to Azure Monitor

All right, so let's talk about resource diagnostics. Now, resource diagnostics can really be broken into two distinct components. One is the collecting of these diagnostics, and the other is going to be the querying and the gaining of insights from them. Now, just briefly, I'm going to show you a tool called Azure Monitor. See, it's represented by this speedometer-type icon, and I put this on my menu. If you don't have it, go to AzureAll Services and begin typing Monitor. And it should come up very easily as a link. So Azure Monitor is effectively the central location where so many of your Azure resources can send their metrics and logs. And then you can analyse those metrics and logs in one place. So it's sort of like a way to build dashboards for you to monitor your resources. Now, in order for this to be useful, you have to actually have resources that are creating logs and metrics and pushing them into something called a Log Analytics Workspace.

So Log Analytics Workspace is the storage for the log files that get queried by Azure Monitor. Now, as we're in Azure Monitor, what I'm going to point out is under Insights, you can see the various resources that Monitor is designed to work with. This is constantly being improved. This was rolled out a couple of years ago, and they've been adding resources ever since. We can see that it can work with Azure App Services. And so if you have App Services, you can basically add these applications to your Log Analytics Workspace and be able to query their performance from here. Virtual Machines, storage accounts, and all container services, as well as AKS networks, So any virtual nerves you have are now in preview mode for SQL Database, which is clearly not covered by the exam. Cosmos DB can be tracked here. Key Vaults. Azure cache for Redis. Now we can see I'm going to expand this a little bit, or can I? Azure. data explorer clusters. These are in preview. log analytics workspaces That's a preview screen as well. Azure Stack service bus and all the available insights in an insights hub. Okay, so a lot of these previous things you don't have to worry about for the exam. But in this section of the course, we're going to go through these resources one by one, learn how to enable these insights, and then finally get into how to query the insights from these resources using Azure Monitor.

3. Monitoring App Services with Application Insights

You. Perhaps you recall that when you create an Azure App service, you get to the monitoring tab and have the Enable Application Insights option. Now, when I do my demos, I usually turn it off because I'm not really debugging these applications, I'm just demoing stuff. But application insights are what feed into the Azure Monitor. And so I'm going to say yes this time to creating this web app. And it's going to, in this particular case, create me a brand new Application Insights container to store these insights. And because my app is in central, this container will be in central, but I can choose another container if that's my wish. So I can say "review and create." Now, just for interest's sake, I'm going to create a brand new Razor app here. Welcome to my web app. Thanks. and test it real asks. and test And I'm going to deploy that into this app service in Azure that I just created. All right? So that published to Azure. Now what we want to do is remember that we turned on Application Insights. So if we go back into the app service and we scroll down, we can see Application Insights under Settings. It is enabled. We have not yet added any instrumentation to the app, as we would in.NET or these other languages. You could actually push the things into the log. So if you have accounts, internal performance metrics, or some type of thing that you would like to query on within Azure Monitor, then we could obviously add that to our code. There's a way of changing our code to push stuff into the lock. So let's say we don't have that intention. Okay, so this is going into our Application Insights. All right, let's go down into monitoring. Now we've got, obviously, alerts and metrics that we can choose from. Metrics now refer to things like your memory and CPU. Let's open up here. We can see CPU time, data in, and data out. So the networking stuff, garbage collection, the types of errors that people are receiving So any kind of successful view of the web page should add to this metric, right? And I'm summing them up. So it's just going to go higher and higher. So metrics are pretty straightforward in terms of the performance of your app. The alerts is you can actually create yourself an alert. So let's say you want to have an alert when the CPU metric exceeds 50%. That might be something that you're interested in: creating a scaling environment or just letting yourself know that the application might be slower for some users, et cetera. So you can set up alerts for yourself here. Now the part that is going to be interesting—and we'll talk about it in another video, in a couple of videos from now—is running queries, actual, written crystal queries in the app service log s from now—iIf we go under Diagnostic Settings now, this is currently in preview mode, but this is kind of separate from what we're just talking about with application insights that go into Azure Monitor and logs. You can see a diagnostic setting that pulls out antivirus scans and Web logs. So some of these logs in the Application Services that we saw are file audit logs, audit logs, and IPsec. So these are very specific logs that can get stored at a destination, and then you can download them. So let's create a diagnostic setting. So I'm going to give this a name-calling app service. You can see there are four current destinations. It used to be three. And now they've added this partner solution so we can push these diagnostics into log analytics to be three. As we can query from Azure Monitor, we can put this in a storage account.

Now that it's in a storage account, we can access it so that we can go to the same storage location programmatically and our applications can access it programmatically. Event Hub is basically a real-time platform where you can move an event, which happens to be a page read or error message, that goes through the Event Hub and can be ingested into another solution. So maybe you've got a database or an Azure function or some other listener who is interested in receiving these events. Okay? And as you saw, we've got this sort of partner solution option for potential partner integrations. And if you click on the link, you can see that right now you've got Apache Kafka, you've got Data Dog, and you've got Elastic. And so these are three external partners who work with Microsoft to ingest these log files from your applications. So we're not going to enable this right this second. Aside from the log stuff metrics, we can also extract other metrics. But we have Application Insights running, and that should allow us to get access to some of these things from Azure Monitor. So we will do that. Now the last thing I'll mention is that Application Insights for App Services has its own section. I'm not going to cover it here. I'll clear up the video about that. But besides Azure Monitor, we can use Application Insights to get very specific data and graphic information about the running of our app services. And this is something that's available for apps but is not available for virtual machines or other resources outside of being inside of Azure Monitor. So that's one of the benefits of app services: application insights. I'll create a video on that. But you can see that Application Insights grabs your data from applications and allows you to view it from within Azure Monitor. And application insights are their own thing as well.

4. Monitoring Virtual Machines

Now, next up, we're going to talk about monitoring virtual machines. So if you go under Azure Monitor and you look at the Virtual Machines tab, it could be a little bit confusing at first. You go in here and it says, "Zero, no results." But there is this tab metaphor that says, "I do have one virtual machine on this account running that does not have Azure Monitor or any kind of diagnostics being extracted." So it's under the "Not Monitored" tab. Now, you might also see under Monitored thatthere is out of date agents, essentially. And so you have to upgrade. This is an interesting situation, but if you have an old enough virtual machine, sometimes you do have to upgrade your agents. and so upgrading is required. I'm going to flip out of AzureMonitor, go into the Virtual Machine. So I have this virtual machine called MyMinorand right on the Overview screen; if I look at monitoring, I can see there are activities going on with the CPU and network, etc., but I can get visibility with various things, including Insights. So if I go down under Monitoring, we'll see an Insightstab, and in order for this to work with an Azuremantra, we do want to enable Insights on this. Okay, so if I do click this enable button, what is it doing? Is it going to do a deployment to deploy Insights to this resource group? And of course, this virtual machine needs to be modified in order for its monitoring to be sent to Application Insights. So let's wait for that deployment to happen. So now we can see that Insights is installed and we're starting to get some information. This happens to be a map, which is going to show me the server, various ports, et cetera. Interesting view. We can also get to see the performance of the CPU and the network, et cetera. Now notice there's a banner at the top that says, "We have released a new version of Azure Monitor." Please upgrade. So this is an interesting thing because we just enabled Azure Monitor three minutes ago, and it's already asking us to upgrade. Let's go back to Azure. Monitor under "virtual machines." And we can see here that this machine has moved from "Not Monitored" to "Unmonitored," and it says "Upgrade Available." and there's a link to why. So obviously, enabling Monitor enables one version, but it's not the latest version. So we can obviously upgrade it from here, or we could have upgraded it from that previous screen. I don't mind doing the upgrade. I want to get the latest in terms of Microsoft's technology for Azure Monitor and alert capabilities. So I'll do that upgrade. All right, so that is now upgraded. We can refresh the screen anyway. I'm pretty sure it's upgraded. Oh. Guest VM. Health is not enabled. Okay, let's go into here and see again—Azure Monitor is here. We do have the ability to examine various machine properties, as well as VM properties. Remember, we're going to talk in a second about going into Azure Monitor and running queries. And so now we can see these are the kinds of log events that have been tracked in terms of performance: the machines' heartbeat, stuff from insights itself, etherbound connections, processes that are running so we can get these insights when we run the query. Also, I guess one thing to look at is the concept of workbooks, which are predefined reports, right? So I can go into this performance workbook that Microsoft has created, and obviously it's got various reports on it waiting for me. You can customise this, create your own workbook, and we saw that there's a gallery of workbooks, so again, other people are going to create public templates, your own templates, et cetera. Yeah, basically this is the monitoring for virtual machines that you get from Azure Monitor.

5. Monitoring Storage Accounts

Now we're in the storage account section of Azure Monitor, and we can see a selection of our storage accounts. Not all of them have been autoselected, but most of them have. And at a glance we can see over the past 4 hours how many transactions each storage account has had, the frequency of those transactions, latency metrics, server latency, end-to-end latency, and authorization errors. We can also view capacity metrics, which is obviously important. If we've got five petabytes in our storage account, then we can see how close we are to that. And, of course, none of these are that close. Now, going into any of these storage accounts and clicking on it will take you into the Insights tab of the storage account itself. And so, scrolling down, we can see this as our storage account. There is insight. Tab. Now notice that there's no enabling or disabling when you create a storage account in Azure. It is going to be tracked in terms of Azure Monitor metrics. and so there's no turning it on or off. You can customise the screen, and you can look at different workloads just like Azure VMs. But basically, Insights is one of the services provided by a storage account. Now we can see this overview screen for storage account failures, performance, and availability. Now you might think, as for your storage account, why would there be failures? Well, it could be as simple as someone trying to access a file that they don't have authorised access to, in which case it's an authorization error. For instance, we can look at the various success and failure options and start to track, okay, why is it failing? Oh, it's failing because Get Blob is the problem. Perhaps the Blob does not exist, or something along those lines. So we can sort of, if we're interested, track this down this.We can look at performance metrics, of course; availability and storage accounts do have a service level agreement. And so you would expect a storage health over.Again, this is over a four-hour period with no known downtimes. But maybe if you did have a downtime, Microsoft would reimburse you for that over a 30-day period. So searching comes pretty naturally. You're just going to have that stuff there. It's not to turn on or off. You don't get a selection. Like I said, you can go into the workbooks and see some customised templates for workbooks if you're interested in these things, or customise them and save them, share them, etcetera. So Azure's mantra for storage accounts is, as you can see, pretty straightforward.

6. Azure Monitor Alerts and Metrics

So here we are in the metrics section of Azure Mantra. What we're going to do is look at the different ways that you can now run reports and create dashboards based on all of that data. So assuming you've set up some of your app services, virtual machines, storage accounts, et cetera, to pull data into a log, analytics workspace, Now we can look at how to get that data and do something with it. One of the ways we can do that is by setting up metrics and setting up alerts. Now, metrics is basically a visual dashboard or a diagram. The first thing you have to do is select what is called a scope. Now, a more important thing to understand is that this metrics tab has a very difficult time, or at least it's not even allowed to have too many different resources on the same chart. So even if I picked one of these resources and I picked a storage account, for instance, the rest of it automatically gets greyed out, and it'll actually tell me that storage accounts do not have this multi-selection for metrics. So I can't graph two or three storage accounts at once. It kind of makes sense because if you're trying to graph, say, CPU utilization, I guess it would have to average it and not put them both on there or something like that, even App Services. So if I unselect all and I say "App Services," that would filter it down. And if I choose one app service, again, everything will be greyed out and it will say that app services are not one of the ones that allow multiple metrics to be graphed. So I'm going to choose the app service that we created earlier in this section and say "Apply." Now that the app service has been chosen, we have this app service, Metrics, and we can sort of see the various things in here. We saw this earlier with the 200 errors of the 400 errors. 200 is a success, right? So we should see that in this 1037 range, I had 20 successful views of the web page, and I haven't had any since. If I want to be all cool about it, I can hit refresh six, seven, or 8910 times and let's see that get reflected in our metrics. Now if we go back to the metricschart, I can actually change the time range. So instead of it being a 24 hour range, I can go down to 4 hours, and instead of having a 15-minute granularity, I can say I want a 1-minute granularity. I then hit apply. And we can see that over the last 4 hours, these HTTP requests just sort of really spiked in the last minute. So that was me hitting the refresh button. Of course, HTTP is more than just a single page request. It would be all the CSS or JavaScript or anything else that was behind the scenes. So I refreshed it quite a bit, and we saw a significant increase here. So we can see on a graph the activity on our website. Now, one of the interesting things is that if we like this chart, which is a useful chart to us, we can pin it to our Azure Portal dashboard. And so every time we log in to Azure and go into the dashboard, this chart can be one of the charts shown to us. So we can basically build our own view when we log into Azure. Now, let's say that we want to make an alert based on this. So based on the amount of traffic that's coming in during this particular 1 minute timespan, it's something that I need to be notified of when it reaches a certain level. So when I say new alert rule, we can see it's already scoped on that individual resource, and we need to build some type of logic. So whenever this HTTP statistic changes, let's say I want to say when it is greater than when it got up to 80, but that doesn't seem very high. Let's say whenever it hits 500, I want to be sent an email. So this is $500; it's going to be evaluated every 1 minute, and I just want to know that over a five-minute period. So 500 views to my website over a five-minute period were evaluated every minute. Now you'll notice there's a cost to this, so it's ten cents per alert. So I'll set that up, and then I can set myself up as an email recipient. I can say "add an action group," "create an action group," call this email me." And what I want to happen is I want to send an email to my email address at whatever.com, and that will basically send an alert when this notification is hit. Now, each resource that you graph is going to have its own metrics that it can track. So we're tracking, in this particular case, the app service. We have this selection with its HTTP errors, data in, and data CPU. If we change our scope, let's say we want to track the virtual machine instead. And I'm going to say that, and I'm going to select this virtual machine as the scope. Then the virtual machine becomes the track, and it becomes different. So you'll notice that I'm not seeing Http to xxas being an option, but I do have Data In,Data Out, disc read, OS queues, et cetera, various options. You can see my server in the last 4hours has become active at 50% CPU utilization. So basically, I can do the same thing. I can set up an alert if I wanted to monitor this and see that situation. In this particular case, I'm going to want to know when it does drop because that would probably be something that's not good in this particular server's case. So using metrics can show you some interesting graphs, and then you can set up alerts either on their own or directly from this alert button. This can then SMS, text, email, and perform other actions on your behalf. Action groups can begin with jobs, functions, logic, apps, and so on.

So when looking for preparing, you need Microsoft Certified: Azure Solutions Architect Expert certification practice test questions and answers, study guide and complete training course to study. Open in Avanset VCE Player & study in real exam environment. However, Microsoft Certified: Azure Solutions Architect Expert exam practice test questions in VCE format are updated and checked by experts so that you can download Microsoft Certified: Azure Solutions Architect Expert certification exam practice test questions and answers files in VCE format.