Day 20: Review Day 1

Reviewing about

• IaaS, PaaS, Saas
• Public, Private and Hybrid Cloud
• Scope of Azure Support Plans
• Basic
• Developer: Trial and non-production
• Standard: Production workload environments
• Professional Direct: Business-critical dependence
• Premier: Substansial dependence across multiple products
• Geographies, Availability Zones, Region Pairs, SLAs, etc.
• Azure day-to-day management and interaction:
• Azure portal (GUI)
• Azure PowerShell and Azure CLI: command line and automation based interactions
• Azure Cloud Shell: web based CLI
• Azure Mobile App: monitoring and managing resources from your mobile devices
• Azure Compute:
• App Service. A managed service for hosting web apps, mobile app back ends, RESTful APIs, or automated business processes.
• Azure Kubernetes Service (AKS). A managed Kubernetes service for running containerized applications.
• Batch. A managed service for running large-scale parallel and high-performance computing (HPC) applications
• Container Instances. The fastest and simplest way to run a container in Azure, without having to provision any virtual machines and without having to adopt a higher-level service.
• Functions. A managed FaaS service.
• Service Fabric. A distributed systems platform that can run in many environments, including Azure or on premises.
• Virtual machines. Deploy and deploy and manage VMs inside an Azure virtual network.
• Azure Data Storage:
• Structured Data: Azure SQL Database
• Semi-Structure Data: Azure Cosmo Database
• Unstructured: Azure Blob Storage
• Azure Data Lake Structure: Analytics on data usage and prepare reports
• Azure Files: SMB Sharing
• Azure Queue storage is a service for storing large numbers of messages that can be accessed from anywhere in the world.
• Storage Tiers (Hot: frequently, Cool: infrequently and at least 30 days, Archive infrequently and at least 180 days)
• Azure Networking
• Azure Region
• Azure Load Balancer (vm)
• Azure Application Gateway
• Azure Traffic Manager (end points)

Day 19: Microsoft Module Predict costs and optimize spending for Azure

Knowledge check:

1. Which tab of the Azure pricing calculator will you use to put together your estimate?

• Estimate
• Products

This tab has all the Azure services listed and is where you'll add or remove services to get your estimate.

2. True or false: You can share your estimate through an Excel spreadsheet or through a URL.

• True

Clicking Export at the bottom of the estimate will export an Excel spreadsheet that you can share, or you can click Share to get a URL link that you can share with your team.

• False

3. Azure Advisor provides recommendations for _________.

• Costs only
• High availability, security, performance, and cost

Azure Advisor provides recommendations on high availability, security, performance, and cost.

• High availability, performance, and cost

4. Azure Cost Management allows you to _________.

• See historical breakdowns of what services you are spending your money on.

Cost Management analyzes where you are historically spending your money and can track it against budgets you have set.

• See estimates of what your services might cost if you make a change.

5. Which one of these is not a cost-saving solution?

• Deallocate virtual machines during off hours.
• Use Azure Reserved Virtual Machine Instances.
• Load balance your virtual machines for incoming messages.

Load balancing is used for performance optimization not cost savings.

• Right-size underutilized virtual machines.

6. True or false: PaaS is generally less expensive than IaaS.

• True

IaaS requires Azure to dedicate resources while PaaS give Azure more flexibility in how services are delivered. This means Azure can fill and operate hardware efficiently and therefore offer PaaS services at a savings over IaaS.

• False

7. True or false: If you already have Windows Server licenses, you have to pay for them again on Azure.

• True
• False

Under certain circumstances, you can utilize the hybrid benefit for Windows Server and pay only the Linux rate.

8. True or false: Azure has money-saving options for test and development servers.

• True

The Azure Enterprise Dev/Test and Azure Pay-As-You-Go Dev/Test benefits give you several discounts, most notably for Windows workloads, eliminating license charges and billing you only at the Linux rate for virtual machines. This also applies to SQL Server and any other Microsoft software that is covered under a Visual Studio subscription.

• False

9. Which one of the following systems is used to determine Azure costs for each billing period?

• The Azure website
• Number of created virtual machines
• The Azure pricing calculator
• Usage meters

Correct. Azure is billed according to your consumption based on monthly usage meters.

10. Which of the following factors affects costs?

• Global infrastructure
• Location

The location you place your resources will vary the price for the resource.

• Availability zone

11. Complete the following sentence. As an Azure customer, Azure Reservations offer discounted prices if you _________

• Make upfront commitments on compute capacity

Azure Reservations offer discounted prices on certain Azure products and resources. To get a discount, you reserve products and resources through an upfront commitment. You can then either prepay or pay monthly for one or three years of usage of certain Azure resources.

• Provision many resources
• Have a free account
• Set Spending Limits

Last module on Microsoft Learn. Starting tomorrow will be revision days

Day 18: Microsoft Module 900 XP Control and organize Azure resources with Azure Resource Manager

Knowledge check:

1. Tags can be applied to any type of resource on Azure

• True
• False

Not all resources support tags, so you will want to confirm that your resource type supports them.

2. Tags applied at a resource group level are propagated to resources within the resource group.

• True
• False

Tags are not inherited. You need to apply tags to every supported resource that you need tagged.

3. Which of the following is not a feature of resource groups?

• Resources can be in only one resource group.
• Resources can be moved from one resource group to another resource group.
• Resource groups can be nested.
• Role-based access control can be applied to the resource group.

4. Which of the following might be a good usage of tags?

• Using tags to associate a cost center with resources for internal chargeback
• Using tags in conjunction with Azure Automation to schedule maintenance windows
• Using tags to store environment and department association
• All of the above are good ways to use tags

5. Which of the following would be the most efficient way to ensure a naming convention was followed across your subscription?

• Send out an email with the details of your naming conventions and hope it is followed
• Create a policy with your naming requirements and assign it to the scope of your subscription
• Give all other users except for yourself read-only access to the subscription. Have all requests to create resources sent to you so you can review the names being assigned to resources, and then create them.

6. Which of the following would be good to put a resource lock on?

• An ExpressRoute circuit with connectivity back to your on-premises network
• A non-production virtual machine used to test occasional application builds
• A storage account used to temporarily store images processed in a development environment

Day 17: Microsoft Module Apply and monitor infrastructure standards with Azure Policy

Important points:

• Azure Policy is a default allow and explicit deny system. It focuses on resource properties during deployment and for already existing resources. While RBAC focuses on user actions at different scopes. RBAC is explicit allow and default deny system.
• The Microsoft privacy statement explains what personal data Microsoft processes, how Microsoft processes it, and for what purposes.
• Trust Center is a website resource containing information and details about how Microsoft implements and supports security, privacy, compliance, and transparency in all Microsoft cloud products and services.
• The Service Trust Portal (STP) hosts the Compliance Manager service, and is the Microsoft public site for publishing audit reports and other compliance-related information relevant to Microsoft’s cloud services.
• Compliance Manager is a workflow-based risk assessment dashboard within the Trust Portal that enables you to track, assign, and verify your organization's regulatory compliance activities related to Microsoft professional services and Microsoft cloud services such as Office 365, Dynamics 365, and Azure.

Knowledge check:

1. True or false: You can download published audit reports and other compliance-related information related to Microsoft’s cloud service from the Service Trust Portal

• True

You can download published audit reports and other compliance-related information related to Microsoft’s cloud service from the Service Trust Portal.

• False

2. Which Azure service allows you to configure fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs?

• Locks
• Policy
• Initiatives
• Role-based Access Control

Role-based access control (RBAC) provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs. RBAC is provided at no additional cost to all Azure subscriber.

3. Which Azure service allows you to create, assign, and, manage policies to enforce different rules and effects over your resources and stay compliant with your corporate standards and service-level agreements (SLAs)?

• Azure Policy

Azure Policy is a service in Azure that you use to create, assign, and, manage policies. These policies enforce different rules and effects over your resources, so those resources stay compliant with your corporate standards and service-level agreements (SLAs).

• Azure Blueprints
• Azure Security Center
• Role-based Access Control

4. Which of the following services provides up-to-date status information about the health of Azure services?

• Compliance Manager
• Azure Monitor
• Service Trust Portal
• Azure Service Health

Azure Service Health is the correct answer, because it provides you with a global view of the health of Azure services. With Azure Status, a component of Azure Service Health, you can get up-to-the-minute information on service availability.

5. Where can you obtain details about the personal data Microsoft processes, how Microsoft processes it, and for what purposes?

• Microsoft Privacy Statement

You can obtain the details about how Microsoft uses personal data in the Microsoft Privacy Statement.

• Compliance Manager
• Azure Service Health
• Trust Center

Day 16: Microsoft Module Security, responsibility, and trust in Azure

Read this module carefully and slowly since most of them are quite important and compact, I cannot summarize them here.

Knowledge check:

1. Cloud security is a shared responsibility between you and your cloud provider. Which category of cloud services requires the greatest security effort on your part?

• Infrastructure as a service (IaaS)

At this level, the cloud provider provides physical security to compute resources. However, it's your responsibility to patch and secure your operating systems and software, as well as configure your network to be secure.

• Platform as a service (PaaS)
• Software as a service (SaaS)

2. Which of these options helps you most easily disable an account when an employee leaves your company?

• Enforce multi-factor authentication (MFA)
• Monitor sign-on attempts
• Use single sign-on (SSO)

SSO centralizes user identity, so you can disable an inactive account in a single step.

3. Which of these approaches is the strongest way to protect sensitive customer data?

• Encrypt data as it sits in your database
• Encrypt data as it travels over the network
• Encrypt data both as it sits in your database and as it travels over the network

Encrypting your data at all times, both as it sits in your database and as it travels over the network, minimizes the opportunity for an attacker to access your data in plain text.

4. There has been an attack on your public-facing website, and the application's resources have been overwhelmed and exhausted, and are now unavailable to users. What service should you use to prevent this type of attack?

• DDoS protection

DDoS protection is the correct answer, because it will help prevent DDoS attacks.

• Azure Firewall
• Network Security Group
• Application Gateway

5. You want to store certificates in Azure to centrally manage them for your services. Which Azure service should you use?

• AIP
• Azure AD
• Azure Key Vault

Azure Key Vault is the correct answer, because it is a centralized cloud service for storing application secrets, referred to as a secret store.

• Azure ATP

Thats all about the security for today.

Day 15: Microsoft Module Core Cloud Services - Azure networking options

Important points:

• Azure Load Balancer distributes traffic within the same region to make your services more highly available and resilient. Traffic Manager works at the DNS level, and directs the client to a preferred endpoint. This endpoint can be to the region that's closest to your user.
• Load Balancer and Traffic Manager both help make your services more resilient, but in slightly different ways. When Load Balancer detects an unresponsive VM, it directs traffic to other VMs in the pool. Traffic Manager monitors the health of your endpoints.When Traffic Manager finds an unresponsive endpoint, it directs traffic to the next closest endpoint that is responsive.

Knowledge check:

1. What is an Azure region?

• One or more Azure data centers within a specific geographical location.

Azure regions help you deliver your apps and services closest to your users. West US and North Europe are examples.

• A way of breaking networks into smaller networks.
• Firewall rules which define the flow of traffic in and out of Azure.

2. Which of the following is true about virtual networks?

• You configure virtual networks through software.

Software enables you to treat a virtual network just like your own network. Azure maintains the physical hardware for you.

• A virtual network accepts network traffic on all ports. You configure the firewall through virtual machines.
• Virtual networks are always reachable from the internet.

3. Which is true about Azure Load Balancer?

• You must use Azure Load Balancer if you want to distribute traffic among your virtual machines running in Azure.
• Azure Load Balancer works with internet-facing traffic only.
• Azure Load Balancer distributes traffic among similar systems, making your services more highly available.

If one system is unavailable, Azure Load Balancer stops sending traffic to it. It then directs traffic to one of the responsive servers.

4. What is network latency?

• The amount of data that can fit on the connection.
• The distance data must travel to reach its destination.
• The time it takes for data to travel over the network.

Latency measures the time it takes for data to reach its destination. Latency is typically measured in milliseconds.

5. How does Azure Traffic Manager reduce latency?

• It chooses only the fastest networks between endpoints.
• It chooses the endpoint that's closest to the user's DNS server.

Choosing the server that's closest to the user is a good way to reduce latency.

• It caches content, similar to how content delivery networks work.

Day 14: Microsoft Module Core Cloud Services - Azure data storage options

What I learned today on this module,

Here are some of the important benefits of Azure data storage:

• Automated backup and recovery: mitigates the risk of losing your data if there is any unforeseen failure or interruption.
• Replication across the globe: copies your data to protect it against any planned or unplanned events, such as scheduled maintenance or hardware failures. You can choose to replicate your data at multiple locations across the globe.
• Support for data analytics: supports performing analytics on your data consumption.
• Encryption capabilities: data is encrypted to make it highly secure; you also have tight control over who can access the data.
• Multiple data types: Azure can store almost any type of data you need. It can handle video files, text files, and even large binary files like virtual hard disks. It also has many options for your relational and NoSQL data.
• Data storage in virtual disks: Azure also has the capability of storing up to 32 TB of data in its virtual disks. This capability is significant when you're storing heavy data such as videos and simulations.
• Storage tiers: storage tiers to prioritize access to data based on frequently used versus rarely used information.

There are three primary types of data that Azure Storage is designed to hold.

1. Structured data : SQL
2. Semi-structured data : NoSQL
3. Unstructured data : JPG, PDF, JSON, etc. 

Knowledge check:

1. Suppose you work at a startup with limited funding. Why might you prefer Azure data storage over an on-premises solution?

• To ensure you run on a specific brand of hardware, which will let you form a marketing partnership with that hardware vendor.
• The Azure pay-as-you-go billing model lets you avoid buying expensive hardware.

There are no large, up-front capital expenditures (CapEx) with Azure. You pay monthly for only the services you use (OpEx).

• To get exact control over the location of your data store.

2. Which of the following situations would yield the most benefits from relocating an on-premises data store to Azure?

• Unpredictable storage demand that increases and decreases multiple times throughout the year.

Azure data storage is flexible. You can quickly and easily add or remove capacity. You can increase performance to handle spikes in load or decrease performance to reduce costs. In all cases, you pay for only what you use.

• Long-term, steady growth in storage demand.
• Consistent, unchanging storage demand.

3. A newly released mobile app using Azure data storage has just been mentioned by a celebrity on social media, seeing a huge spike in user volume. To meet the unexpected new user demand, what feature of pay-as-you-go storage will be most beneficial?

• The ability to provision and deploy new infrastructure quickly

As the user demand increases, the agility to deploy new servers or services as needed can help scale to meet the increased user load.

• The ability to predict the service costs in advance
• The ability to meet compliance requirements for data storage

Day 13: Microsoft Module Core Cloud Services - Azure compute options

Four Azure Compute options,

• Virtual machines (IaaS) -> Greatest control and flexibility
• Containers
• Azure App Service (Paas)
• Serverless computing -> Lowet Control

Knowledge check:

1. Suppose you have an existing application running locally on your own server. You need additional capacity but prefer to move to Azure instead of buying upgraded on-premises hardware. Which compute option would likely give you the quickest route to getting your application running in Azure?

• Serverless computing
• Containers
• Virtual machines

You have full control over the VM setup, so you can configure it to match your on-premises server. This control will allow your existing application to run on the Azure VM with little or no change.

1. Imagine that you work on a photo-sharing application that runs on millions of mobile devices. Demand is unpredictable because you see a spike in usage whenever a locally or nationally significant event occurs. Which Azure compute resource is the best match for this workload?

• Serverless computing

The photo-sharing app is event driven and needs to handle unpredictable demand. Serverless computing is a good fit for this situation because it is event-based and can scale instantly to process spikes in traffic. It should also be a cost-effective choice because you will pay for compute time only when processing user data.

• Containers
• Virtual machines

1. The compute options give you different levels of control over the configuration of the environment in which your application runs. Which of the following lists the compute options in order of your control from "most control" to "least control"?

• Serverless computing, containers, virtual machines
• Containers, serverless computing, virtual machines
• Virtual machines, containers, serverless computing

Virtual machines give you full control over the environment. Containers give you limited control. Serverless computing does not allow you to do any infrastructure configuration.

Thats all for today.

Day 12: Microsoft Module Core Cloud Services - Manage services with the Azure portal

Knowledge check:

1. An Azure dashboard is stored as which type of file?

• XML
• JSON

Azure dashboards are stored as JSON files, which allow them to be uploaded and downloaded to share with other members of the Azure directory.

• PNG

2. Azure Advisor provides advice on which of these topics:

• Creating an Azure account
• Best practices and security for your services

Azure Advisor is a free service built into Azure that provides recommendations on high availability, security, performance, and cost.

• Using the Azure portal effectively

3. True or false: Azure Cloud Shell is an interactive, browser-accessible shell for managing Azure resources?

• True

Azure Cloud Shell is an interactive shell for managing Azure resources. You can control and administer all of your Azure resources in the current subscription through a command-line interface built right into the portal.

• False

1 out of 3 questions is incorrect. Please correct question 2.

Day 11: Microsoft Module Core Cloud Services - Introduction to Azure and Azure architecture and service guarantees

There are 3 exercises need to be done in this module.

Important points:

• Azure Advisor and Azure Cost Management are two services that help you optimize cloud spend. You can use these services to identify where you're using more than you need, and then scale back to the capacity you're actually using.

Knowledge check:

1. What is Azure?

• Microsoft's cloud computing platform, which provides compute power, storage, and services over the Internet using a pay-as-you-go pricing model.

Azure provides raw compute power and storage, as well as services to help you explore new software paradigms such as intelligent bots and mixed reality.

• A single data center located in Redmond, Washington.
• A hosting environment specifically for virtual machines

2. Which of the following is an example of an Azure application platform?

• Azure App Service

Azure App Service is an HTTP-based service that enables you to build and host many types of web-based solutions without managing infrastructure.

• Azure Load Balancer
• Azure Table Storage
• Azure Cache for Redis

3. When should you scale out your deployment?

• When your application or service requires a more powerful CPU or more memory to run faster.
• When you need additional virtual machines to speed up your application.

Scaling out means adding additional systems, such as virtual machines. For example, you might create many virtual machines configured in the same way and use a load balancer to distribute work across them.

• When you're using excess capacity that you don't need.

Knowledge check:

1. Deploying an app can be done directly to what level of physical granularity?

• Region

Correct. Azure organizes infrastructure around regions, which include multiple datacenters. You can pick the region you want resources deployed into. You can't select a specific datacenter or location within a datacenter.

• Datacenter
• Server rack

2. To use Azure datacenters that are made available with power, cooling, and networking capabilities independent from other datacenters in a region, choose a region that supports _________?

• Geography distribution
• Service-Level Agreements (SLAs)
• Availability Zones

Availability Zones are datacenters set up to be an isolation boundary from others in the region, with their own power, cooling, and networking. If one zone in a region goes down, other Availability Zones in the region continue to work.

3. Application availability refers to what?

• The service level agreement of the associated resource.
• Application support for an availability zone.
• The overall time that a system is functional and working.

Correct. The time that a system is working is referred to as the application availability.

That's for today.

Day 10: Microsoft Module: Cloud Concepts - Principles of cloud computing and Module Sign up for Azure

Yesterday, I finished with modules from dicoding. Today, I will start learn from Microsoft modules. This module is similar to dicosing module 1. Hence, I do not put any important points here. 

Knowledge check:

1. Which term from the list below would be viewed as benefits of using cloud services?

• Unpredictable costs
• Elasticity
• Local reach only

2. Suppose you have two types of applications: legacy applications that require specialized mainframe hardware and newer applications that can run on commodity hardware. Which cloud deployment model would be best for you?

• Public cloud
• Private cloud
• Hybrid cloud

3. You're developing an application and want to focus on building, testing, and deploying. You don't want to worry about managing the underlying hardware or software. Which cloud service type is best for you?

• Infrastructure as a Service (IaaS)
• Platform as a Service (PaaS)
• Software as a Service (SaaS)

I study module Sign up for Azure, but not yet registered for Azure. I will register it when needed in the future, I heard that in this Learn platform we can access Azure on the exercise modules straight away.

Knowledge check:

1. Which of the following is true about an Azure subscription?

• Using Azure does not require a subscription
• An Azure subscription is a logical unit of Azure services
• You can't have more than one subscription

2. Your billing is based on your usage of Azure resources and is invoiced ______________

• Annually
• Monthly
• Daily

3. When you create an Azure resource like a virtual machine, you select the ______________ it belongs to.

• Billing account
• Billing profile
• Azure subscription

4. Which Azure support plan is best for business-critical workloads?

• Azure Developer
• Azure Professional Direct
• Azure Standard

That is for today.

Day 9: Quizes from dicoding

Today, I skip the hands on exercise. I will make the summary for the quizes.

1. Hybrid cloud is a combination of private and public cloud. It is possible to run legacy applications together with new application in the cloud.
2. We scale out when we need additional VMs to increase the speed of our applications.
3. Azure Blob Storage is storage services for unstructured data that can store and manage thousands of files at the same time.
4. Imagine you have photo sharing application that has thousands of users. Users cannot be predicted since it can increate at any time on every new local or national events. In this case, serverless computing is the based to be used.
5. Virtual machines, containers, serverless computing are from higher control and flexibility to lower ones.
6. Microsoft Privacy Statement gives the detail of personal data that is processed by Microsoft, how they process and what for.
7. Latency is time to transfer data over the network.
8. Azure Resource Locks is used to make sure that resources are not accidentally deleted or modified.
9. Azure Application Gateway is load balancing from Azure that works on  application layer (OSI layer 7) for HTTP application.
10. Azure key vault is service to store certificates centrally in Azure.
11. Load balancer is not solution to reduce cost.
12. The ability to provide and deploy new infrastructure will be important when we host an application that can have sudden increase of users.
13. DDoS Protection is the solution to DDoS attack.
14. Example of Resource Lock usage is for production database.
15. Azure subscription is logical place to attach Azure services to the Azure accounts.

Day 8: Module 11 and 12 from dicoding

Module 11 is about managing resources in Azure. The important points are tagging, Azure policy, RBAC and Resource Locks (avoid accidentally delete resources).

Knowledge check: Resource Group cannot be nested.

Module 12 is all about pricing and how to save cost. I will allocate 1 day special to learn about costing later.

Knowledge check: Cost calculation in Azure based on resources, services and location. But number of subscription will not affect the cost calculation.

Day 7: Review day

Re read and review module 1-10 from dicoding.

Day 6: Module 9 and 10 from dicoding

In module 9, the important points are

• Azure Security Centre, monitor the security of the system by Detect, Assess, Diagnose, Stabilize, and Close.
• Azure Active Directory (Support SSO and Role Base Access Control)
• Encryption including database encryption
• Securing Network using Azure Firewall, Azure Application Gateway and Network Virtual Appliances
• Azure Information Protection (AIP) is cloud base solution to help securing files by categorizing the files using labels.
• Azure Advanced Threat Protection (ATP) consist of Azure ATP portal, Azure ATP Sensor and Azure ATP Cloud Service

Knowledge check:

1. SSO helps in centrally activate or disable accounts easily and faster.

While in module 10,

• Azure Policy
• Azure Blueprint can be used to implement and adhere to policies in our organization.
• Azure Compliance Manager based on 
• Microsoft Privacy Statement
• Microsoft Trust Center
• Service Trust Portal
• Compliance Manager
• Azure Monitor & Service Health

Knowledge check:

1. Azure Policy is used to define, implement and managing the standar usages of resources in our environment.

Day 5: Module 7 and 8 from dicoding

Today, module 7 is talking about Azure Storage.

Important points:
a. The advantage of using Azure Storage:

• Automatic backup and recovery
• Replication all over the world
• Support for data analytics (Azure Data Lake Storage)
• Support for encryption and data control (Azure File like SMB on cloud, Azure Queue and Azure Storage Service Encryption (SSE))
• Support for many data types including relational data (Azure SQL), NoSQL (Azure Cosmos DB) and images (Azure Blob Storage)
• Store into virtual disc
• Storage tiers. Priority to access data stored:
• Hot storage for frequently accessed data
• Cold storage for last accessed is more than 30 days
• Archive storage for last accessed is more than 180 days

b. Data types that can be stored in Azure

1. Structured data like Relational data
2. Semi structured data like NoSQL
3. Non structured data like images, pdf 

c. Azure storage is better than on premise in term of

• Cost effective
• Reliability
• Type of storage (need more type of servers for on premise solution)
• Agility (flexibility caused by technology changed)

Knowledge check

1. With pay-as-you-go we do need to invest on the software and hardware.

While in Module 8:

Important points:

• Azure region is one or more data centre in a specific geographical sites. For example, East Us, West US, and Southeast Asia.
• Virtual network is an logaically isolated network in Azure.
• Network Security Group is like firewall.
• Load balancer is distributing traffic equally between resources in a system. It will help for high availability and high resiliency (disasters or temporary spike on our resources).
• Azure Application Gateway is a load balancer for web, It is utilize Azure Load Balancer in TCP level. It can
• Cookie affinity, stored cookie in the same backend server.
• SSL termination. Application Gateway can manage your SSL and forward the unencrypted connection to the backend server to avoid encryption overhead. It also support end-to-end encryptions.
• Web application firewall. 
• URL rule-based routes.
• Rewrite HTTP headers. Add or remove indormation from http headers.
• Content Delivery Network, distributing contents to the users efficiently.
• Azure Traffic Manager, forward the request to the nearest resources based on the latency. Different from Azure Load Balancer. Azure Load Balancer is detecting the unresponsive VM then route to other responsive VM, while Azure Traffic Manager is detecting unresponsive endpoint and route to the nearest responsive end point.

Knowledge check:

1. Load Balancer will route to the active VM to maintain high availability.

Day 4: Module 5 and 6 from dicoding

Today, I continue to module 5 and 6.

Module 5:
Important points:

• Azure Portal. GUI to interact with Azure.
• Azure PowerShell and Azure Command-Line Interface (CLI). Interact with Azure through command line.
• Azure Cloud Shell. Web based CLI .
• Azure Mobile App. Mobile app

Knowledge check:

• Dashboard configs will be stored as JSON.

Module 6:
Important points:

• 4 types of  Azure Compute:

• Virtual machines
• Containers
• Azure App Service. Azure App Service is Platform as a Service (PaaS).
• Serverless Computing

Knowledge check:

• You have full control on VM as if the server is on premise. You can create the same configuration as servers on premise.

Day 3: Module 3 and 4 from dicoding

Today, I continue to study from dicoding module 3.

Important points:

• Region adalah sebuah wilayah geografis yang terdiri dari satu atau beberapa data center yang berdekatan dan saling terhubung dalam koneksi dengan latensi rendah.
• Availability Zones adalah data center yang terpisah secara fisik di dalam region Azure.
• Availability zones terdiri dari satu atau beberapa data center, di mana ada minimal tiga zone dalam satu region. Namun, ada kemungkinan terjadi bencana alam yang cukup besar yang dapat menyebabkan kerusakan yang cukup besar untuk mempengaruhi bahkan dua data center. Untuk itulah Azure membuat region pairs.

Knowledge check:

• Ketahanan atau resiliency adalah kemampuan sistem untuk pulih dari kegagalan dan terus berfungsi.

Module 4:

Important points:

• Azure AD adalah penyedia identitas modern yang mendukung banyak protokol autentikasi untuk mengamankan aplikasi dan layanan di cloud.

Knowledge check:

• Tagihan (Billing) setiap bulan untuk setiap langganan Azure berdasarkan penggunaan.

Day 2: Module 1 and 2 from dicoding

On the second day, I would start study from the dicoding materials. I have study this material before but re-study to pick up and refresh the knowledge in these chapters.

Important points:

• Module 1: capex vs opex, capex is traditional way to have servers on site while opex is renting cloud solutions.
• Module 1: public cloud, private cloud and hybrid. Differences are mostly on the security, scalability, cost and flexibility.
• Module 1: type of cloud services: IaaS, PaaS and SaaS. Differences in complexity and flexibility.
• Module 2: Categories of services in Azure: Compute, Networking, Storage, Mobile, Database, Web, Internet of Things, Big Data, Artificial Intelligence, DevOps.
• Module 2: 

Knowledge check:

1. Software as a Service (SaaS) -> Cloud provider is fully responsible for the services and infrastructure.
2. Azure Load Balancer  is used to balance the incoming and outgoing connections to the applications or other endpoint services.

Day 1: Pledge and Preparation Day

This story started last month when I got the scholarship from dicoding  I finished the class and then received the exam voucher. Thank you dicoding.

I was waiting for some free time for the test. The workload from my office was high at that moment and as usual in early days of the year, familly matters were keeping me busy as well. The dicoding team keeps remind me to register for the test. Hence, I decide to do the test on 7 of February 2020.

In order to prepare for the test, I will learn from dicoding materials and Microsoft Learn materials. In addition, I will record my study journey in a blog.

Dicoding Materials : https://www.dicoding.com/academies/144
Microsoft Materials : https://docs.microsoft.com/en-us/learn/paths/azure-fundamentals/

First day, what I have done are

1. Register for the exam.
2. Setup the blog
3. Search the material in Microsoft Learn

Thats it for today and see you tomorrow.