web app is routed through an Azure Application Gateway instance

 In the Azure Application Gateway's HTTP setting,

* enable the Use for App Service setting.

* set the value of the override backend path option to kaushik**.net

transaction logs asynchronously

 what is the purpose of the change feed ?

The purpose of the change feed is to provide transaction logs of all the changes that occur to the blobs and the blob metadata in your storage account.

The change feed provides ordered, guaranteed, durable, immutable, read-only log of these changes. Client  applications can read these logs at any time, either in streaming or in batch mode.

The change feed enables you to build efficient and scalable solutions that process change events that occur in your Blob Storage account at a low cost.

Azure Function triggered from the blob upload

 Azure Storage events allow applications to react to events.

Common Blob storage event scenarios include image or video processing, search indexing or any file-oriented workflow.

Events are pushed using Azure Event Grid to subscribers such as Azure functions, Azure Logic apps or even to your own http listener.

what is Azure Event hub is used for ?

 Azure Event Hub is used for telemetry & distributed data streaming.

This service provides a single solution that enables rapid data retrieval for real-time processing as well as repeated replay of stored raw data.

It can capture the streaming data into a file for processing and analysis.

It has the following characteristics.

low latency.

capable of receiving and processing millions of events per second.

at least once delivery.

steps for integration accounts with azure logic apps and enterprise integration pack ?

 1. Create an integration account in the azure portal 

you can define custom metadata for artifacts in integration accounts and get that metadata during runtime for your logic app to use.

For example, you can provide metadata for artifacts such as partners , agreements, schemas & maps

- all store metadata using key-value pairs.

2. link the logic app to the integration account

A logic app thats linked to the integration account and artifact metadata you want to use.

3. Add partners, schemas, certificates, maps & agreements.

4. Create a custom connector for the logic app.

which secure function is used by Function app ?

 User claims 

Azure AD uses JSON based tokens ( JWTs ) that contain claims.

How a web app delegated sign-in to Azure AD and obtains a token ?

User authentication happens via the browser. The OpenID protocol uses standard HTTP protocol messages.

how to use the Integration Service Environment in Azure ?

 we can access to Vnet from Azure Logic Apps by using Integration service environments ( ISEs ).

( scenario, when to use it , sometimes your logic apps and integration accounts need access to secured resources , such as virtual machines ( VMs ) and other systems or services, that are inside an Azure virtual network.

To setup this access, you can create an ISE , where you can run your logic apps and create your integration accounts.

reference 

https://docs.microsoft.com/en-us/azure/logic-apps/connect-virtual-network-vnet-isolated-environment-overview

advanced linux operations

1)  a_prefixes.csv | grep ,dev, | egrep ^100 | grep /2 | sed 's/,.*//' >  a_prefix.txt

2)  for I in $(cat b_prefixes.txt); do  grep -s $I a_prefix.txt || echo $I ; done > delete_prefix.txt | wc -l

3)  for I in $(cat b_prefixes.txt); do  grep -s $I a_prefix.txt && echo $I ; done > delete_prefixes.txt

4)  od -c b_prefixes.txt

5) grep -q 100.**.**.0/22 b_prefixes.txt

6) for I in $(cat b_prefixes.txt); do  grep -q $I a_prefix.txt || echo $I ; done > delete_prefixes.txt

examples of powershell & azure

 >  connection 

Connect-AzAccount

>  Get info 

Get-AzVirtualNetwork

> assign to a variable 

$vnet_list = Get-AzVirtualNetwork

> test

$vnet_list

>  create an empty variable

$prefix_list=new-object collections.arraylist

>  test

$prefix_list

$prefix_list.count

$vnet_list[0]

$vnet_list[0].AddressSpace

>  filter specific ipaddress

$prefix_list_10=$prefix_list | where-object{$_ -like "10.*/2*"}

>  test 

$prefix_list_100

$prefix_list_100.count

> write to file 

$prefix_list_10 | out-file cloud_prefixes.txt -encoding ascii

python official docs

Hacker rank

Sanfoundry

how to patch the VMSS ?

 step1 

Connect-AzAccount

step2

$Credential = Get-Credential Connect-AzAccount -Credential $Credential

step3

$Credential = Get-Credential Connect-AzAccount -Credential $Credential -Tenant 'xxxx-xxxx-xxxx-xxxx' -ServicePrincipal

step4

https://github.com/microsoft/OMS-Agent-for-Linux/blob/master/tools/OMIcheck/omi_check.sh

check the version 

and 

upgrade the version

https://github.com/microsoft/OMS-Agent-for-Linux/blob/master/tools/OMIcheck/omi_upgrade.sh

how to connect to the VMSS and upgrade the version ?

$VmssList = Get-AzVmss

# Change the filter to get whatever VMSS you are interested in

$Vmss = $VmssList | Where-Object {$_.Name -like "aks-agentpool-000000000*"}

# This will return a LIST of VMs in the VMSS

$VmssVmList = @(Get-AzVmssVm -ResourceGroupName $Vmss.ResourceGroupName -VMScaleSetName $Vmss.Name)

# Iterate through the list, change the index 0 to 1,2,3 depending on the count

Invoke-AzVmssVMRunCommand `

-ResourceGroupName $Vmss.ResourceGroupName -VMScaleSetName $Vmss.Name `

-CommandId "RunShellScript" -ScriptPath omi_check.sh -InstanceId $VmssVmList[0].InstanceId

Invoke-AzVmssVMRunCommand `

-ResourceGroupName $Vmss.ResourceGroupName -VMScaleSetName $Vmss.Name `

-CommandId "RunShellScript" -ScriptPath omi_upgrade.sh -InstanceId $VmssVmList[0].InstanceId

Invoke-AzVmssVMRunCommand `

-ResourceGroupName $Vmss.ResourceGroupName -VMScaleSetName $Vmss.Name `

-CommandId "RunShellScript" -ScriptPath omi_check.sh -InstanceId $VmssVmList[0].InstanceId

fastapi

 Reference:

 https://github.com/nofoobar/fastapi-course/tree/main/backend

#main.py from fastapi import FastAPI from core.config import settings app = FastAPI(title=settings.PROJECT_NAME,version=settings.PROJECT_VERSION) @app.get("/") def hello_api(): return {"msg":"Hello API"}

Now, let's understand what we did, We are creating an instance of FastAPI and initializing it with a title and a project version. Now, we can reference the 'app' as a fastapi class object and use it to create routes.

• @app.get('/') is called a decorator. A decorator is used to provide extra functionality to a function. 

• get here is called a verb. There are HTTP verbs that determine the functionality allowed for a request. In this case, get means "A user may connect to this home route to retrieve some information."

More on HTTP verbs:
GET:  Requests using GET should only retrieve data.

POST: The POST method is used to submit an entity to the specified resource, e.g. submitting a form.

PUT: The PUT method is used to update a database table record.

DELETE: The DELETE method deletes the specified resource.

Okay back to our project. Notice that we are importing something from a config file from a folder named core.

├─.gitignore └─backend/ ├─core/ │ └─config.py ├─main.py └─requirements.txt

We will store our project settings and configurations inside of this file named config.py.

#config.py class Settings: PROJECT_NAME:str = "Job Board" PROJECT_VERSION: str = "1.0.0" settings = Settings()

how to create python virtual environment ?

 https://uoa-eresearch.github.io/eresearch-cookbook/recipe/2014/11/26/python-virtual-env/

pip install virtualenv

virtualenv mypython

source mypython/bin/activate

Django project

 Project = Several applications + configuration information 

Note:

The Django applications can be plugged into other projects .ie these are reusable.

( pluggable django applications ).

withour existing django project there is no chance of existing django application. before creating any application first we required to create project.

How to create Django project ?

django-admin

django-admin startproject firstproject

__init__.py:

It is a blank python script. Because of this special file name, Django treated this folder as python package.

Note: If any folder contains __init__.py file then only that folder is treated as python package. 

settings.py:

In this file  we have to specify all our project settings and configuration like installed applications, middleware configurations, database configurations etc.

urls.py:

Here we have to store all our url-patterns of our project.

For every view (web page) we have to define separate url-patterns. End user can use url-patterns to access our webpages.

wsgi.py:

wsgi ---> Web Server Gateway Interface

we can use this file while deploying our application in production on online server.

manage.py

The most commonly used python script is manage.py 

It is a command line utility to interact with Django project in various ways like to run development server, run tests , create migration etc.

How to Run Django Development Server ?

features of django framework

 Django was invented to meet fast moving newsroom deadlines, while satisfying the tough requirements of experienced web developers.

1) Fast 

2) Fully loaded 

3) Security

4) Scalability 

5) Versatile 

https://docs.djangoproject.com/en/2.1/intro/overview/

Install django 

python --version

pip install django

pip install django==1.11.9

python3 -m django --version

Django Project vs  Django Application 

A Django project is a collection of application and configurations which forms a full web application.

E.g: Bank Project 

A Django application is responsible to perform a particular task in our entire web application 

E.g: loan app, registration app, polling app etc.

Django

 Django is a free and open source web framework.

It is written in python.

It follows the Model-view-template ( MVT ) ARCHITECTURAL pattern.

It is maintained by the Django software foundation.

It is used by several top websites like youtube , google, dropbox, yahoo maps, mozilla, instagram, washington times, Nasa and many more.

https://www.shuup.com/blog/25-of-the-most-popular-python-and-django-websites/

Django was created in 2003 as an internal project at lowrence journal world news paper for their web development.

The original author of Django framework are: Adrian Holovaty , Simon Willison.

After testing this framework with heavy traffics, developers released for the public as open source framework on july 21st 2005.

The django was named in the memory of guitarist django reinhardt.

reference : djangoproject.com

Web application ( py)

 The applications which will provide services over the web are called web applications.

Eg: gmail.com, facebook.com

Every web application contains 2 main components.

1. Front-End

2. Back-End

1) Front-End

It represents what user is seeing on the website.

We can develop Front-End content by using the following technologies.

HTML, JS, CSS, JQuery and Bootstrap.

JQUERY AND BOOTSTRAP are advanced front-end technologies, which are developed by using HTML,JS,CSS, JQUERY and BOOTSTRAP.

2) Back End

It is the technology used to decide what to show to the end user on the front-end 

ie Backend is responsible to generate required response to the end user , which is displayed by the front-end.

Backend has 3 important components.

1. The language like Java, Python etc 

2. The framework like Django, Pyramid, Flask etc 

3. The database like SQLite, Oracle , MySQL etc.

For the Backend Language python is the best choice because of the following reasons: Simple and easy to learn , libraries and concise code.

How to setup the Azure machine learning visual studio code extension for your machine learning workflows ?

 https://docs.microsoft.com/en-us/azure/machine-learning/how-to-setup-vs-code

Machine learning models

 Machine learning models based on python, R can be created using Azure. There are two tools to implement Azure  Machine Learning.

Azure ML SDK in a compute instance:  It enables you to create, train and deploy models in a fully integrated environment.

Azure ML SDK on Visual Studio:  It enables you to create ML models using visual studio by installing the azure machine learning extension in the visual studio.

How to transfer the data from one db to another using azure datafactory ( ADF ) ?

 Steps:

1) Create Azure Datafactory 

2)  Create Linked service 

3) Add the dataset to the linked service.

az cosmosdb list-connection-strings --name <> --resource-group ..

az datafactory linked-service create --resource-group <> --factory-name <> --properties "@MongoDBAPILinkedService.json" --name TigerLinkedSource

@MongoDBAPILinkedService.json

{
    "type": "CosmosDbMongoDbApi",
    "typeProperties": {
        "connectionString": "mongodb://**********:primarypassword@*****************.documents.azure.com:10255/?ssl=true&replicaSet=globaldb",
        "database": "tiger-db"
    }
}
step3:
adding the dataset
// source dataset az datafactory dataset create --resource-group <> --factory-name  <> --dataset-name OutputDataset --properties "@MongoDBAPIDatasetSource.json"{
    "linkedServiceName": {
      "referenceName": "TigerLinkedSource",
      "type": "LinkedServiceReference"
    },
    "annotations": [],
    "type": "CosmosDbMongoDbApiCollection",
    "schema": [],
    "typeProperties": {
      "collection": "tiger"
    }
  }
Please do the above process for the sink.
Create a pipeline in between the source and sink & trigger/run the pipeline using azure cli.
az datafactory pipeline create --resource-group <> --factory-name <> --name Pipeline --pipeline "@Pipeline.json"
Pipeline.json
{
    "activities": [
        {
            "name": "CopyFromSourceToSink",
            "type": "Copy",
            "dependsOn": [],
            "policy": {
                "timeout": "7.00:00:00",
                "retry": 0,
                "retryIntervalInSeconds": 30,
                "secureOutput": false,
                "secureInput": false
            },
            "userProperties": [],
            "typeProperties": {
                "source": {
                    "type": "CosmosDbMongoDbApiSource",
                     "batchSize":100
                 },
                "sink": {
                    "type": "CosmosDbMongoDbApiSink",
                    "writeBatchTimeout": "00:30:00",
                    "writeBehavior": "insert"
                },
                "enableStaging": false
            },
            "inputs": [
                {
                    "referenceName": "InputDataset",
                    "type": "DatasetReference"
                }
            ],
            "outputs": [
                {
                    "referenceName": "OutputDataset",
                    "type": "DatasetReference"
                }
            ]
        }
    ]
}
trigger/run the pipeline using this azure cli command.
az datafactory pipeline create-run --resource-group <> --factory-name <> --name Pipeline

how to measure the trained model ?

 Azure ML uses model evaluation for the measurement of the trained model accurancy.

For classification models,  the evaluate model module provides the following five metrics:

1. Accurancy 

2. precision

3. Recall

4. F1 score

5. Area under curve ( AUC ).

AZURE ML DESGINER

 two data sources for the import data modules in the Azure ML Designer.

datastore and URL via http.

what is recall metric ?

 Recall metrics define how many positive cases that model predicted are actually predicted right . We can calculate this metric using the following formula 

        TP/( TP + FN )

confusion matrix of the model

 what is the expression for model precision value calculation ?

formula :    TP/(TP + FP )

EXPRESSION :  577 / ( 577 + 245 ).

Azure ML studio home screen ?

 Three main authoring tools:

 1. Notebooks.

 2. Designer.

 3. Automated ML 

what Microsoft Bot Framework supports ?

 supports two models of bot integration with agent engagement platforms like customer support service.

These two models are Bot as agent and Bot as proxy.

Bot as agent model integrates bot on the same level as live agents. The bot is engaged in interactions the same way as customer support personnel. 

Handoff  protocol regulates bot's disengagement and a transfer of user's communication to a live person.

This is the most straight forward model to implement.

Bot as proxy model integrates bot as the primary filter before the user interacts with a live's agent.

Bot's logic decides when to transfer a conversation and where to route it. This model is more complicated to implement.

list the APIs for Azure Speech Service

 Two API's 

1. Text-to-Speech

2. Speech-to-Text

this also includes the speech recognition and speech synthesis.

what are the elements of language model training ?

 Elements:

1. Entities.

2. Utterances.

3. Intents.

we can achieve this by using the Azure cognitive service LUIS portal.

Entity is the word or phrase that is the focus of the utterances, as the word 'light'  in the utterance "Turn the lights on".

Intent is the action or task thats the user wants to execute. It reflects in utterances as a goal or purpose.

we can define intent as "Turn On" in the utterance "Turn the lights on".

Utterance is the user's input that your model needs to intrepret, like "Turn the lights on"  or "Turn on the lights".

what is residual?

 The residual histogram presents the frequency of residual value distribution.

Residual is the difference between predicted and actual values.

It represents the amount of error in the model.

If we have a good model, we should expect that the most of the errors are small. They will cluster around 0  on the Residual histogram.

servicemesh ( istio ) benefits

 1. used to crack the sidecar pattern.

2. o11y.

3. security

4. new version.

Eight fallacies of the distrubuted systems

 what is fallacies means ?

Fallacies means Misconceptions.

1. The network is reliable.

2. Latency is zero.

3.Bandwidth is infinite.

4. The network is secure.

5. Topology does not change.

6. There is one administrator.

7. Transport cost is zero.

8. Network is homogeneous.

where to use the Netflix OSS ?

 The netflix OSS is used mainly for the Java and Springboot programming frameworks.

this is a very heavy application management.

what is polygolt in the microservice architecture ?

 The polyglot microservices allow developers to pick a programming language of their choice in order to build products in more efficient ways

Inclusiveness directs AI solution

 6 principles of responsible AI solution

Fairness

Reliability

Safety

Privacy & Security

Transparency

Inclusiveness & Accountability

The principles of Inclusiveness directs AI solutions to provide their benefits to everybody with out any barriers and limitations.

Microsoft defines the three inclusive design principles:

1. Recognize exclusion

2. solve for one, extend to many.

3. learn from diversity.

Azure Cognitive Service

 Azure Cognitive services can you use to build the Natural language processing solutions:

NLP is one of the key elements for AI , it includes four services,

1. Text Analytics : helps analyze text documents , detect documents language, extract keyphrases , determine entities and provide sentimental analysis.

2. Translator text : helps translate between 60+ languages.

3. speech helps recognize and synthesis speech , recognify and identify speakers , translate live or recorded speech.

4. LUIS : helps to understand voice or text commands.

how to control the size of the knowledge base ?

 KNOWLEDGE BASE FOR QnA service:

The size of the indexes.

Cognitive search pricing tier limits and QnA Maker limits.

size depends on these two services.

AI agents

 common conversational AI agents.

> Azure Bot Service.

speech synthesis

 The telephone voice menus functionality is a good example of a speech synthesis service.

live speech transltion

 how to identify the services of the live speech translation ?

live speech translation involving the following sequence of the services during the real-time audio 

stream ---> speech-to-text  --------> speech correction -----> Machine translation -----> text to speech

Text Anaytics

 what are the services provided by text analytics ?

Text analytics is a part of the Natural Language processing,

it includes the following services:

1. sentimental analysis 

2. key phrase detection

3. entity detection

4. language detection

speech recognition service

Speech recognition is a part of speech service.

It uses different models, 

Two common models:

Essential : Acoustic model and language model.

Acoustic model - helps convert audio into phonemes.

Language model - helps to match phonemes with words.

Form Recognizer service

 Three key fields that form recognizer service  extracts from the common receipts.

Form recognizer service is one of the Azure computer vision solutions additional to computer vision service, custom vision service and face service.

Form recognize service uses pre-build receipt models to extract such information from receipts : date of transaction, time of transaction, merchant information , taxes paid and receipt total.

the service also recognizes all the texts and returns it.

computer vision cognitive services

 Read the text in the image.

Detects objects.

Identifies landmarks.

categorize image.

Notes:

Computer vision service is one of the main areas of AI. It belongs to the group of Azure computer vision solutions such as computer vision service, custom vision service, face service and form recognizer.

computer vision service with images. This service brings sense to the image pixels by using them as feature as ML models.

These predefined models help categorize and classify images. detect and recognize objects, tag and identify them.

computer vision can read a text in images in 25 languages and recognize landmarks.

what is mean by semantic segmentation ?

 When the application process images,  it uses semantic segmentation to classify pixels that belong to the particular object ( in our case, flooded areas ) and highlights them.

Image classification model

 You use your camera to capture a picture of the product. An application identifies this product  utilizing image classification model and submits it for a search.

The image classification model helps to classify images based on their content.

Four typical steps of data transformation for model training

 After we ingest the data,. we need to do a data preparation or transformation before supplying it for model training.

There are four typical steps for data transformation such as Feature selection,

Finding and removing data outliers.

Impute missing values and Normalize.

How to train and test your model ?

 Need to split the data into two sets:

The first is for the model training.

and the second is for model testing.

Note: just in case if we are using the automated machine learning, it does it for us automatically as a part of the data preparation and the model training.

what is meant by clustering model ?

 The clustering is a machine learning form that groups items based on common properties.

The most common clustering algorithm is k-means clustering.

what is meant by classification prediction ?

 It is like, answer the binary yes or no question. you can achieve this by creating a classification model based on the data from the historical reviews.

what are the algarithms that is used for the  classification model using ML ?

all algorithms in the ML classification family include the word "class" in their names like

1) Two-class logistic regression 

2) multi-class logistic regression

or

3) multiclass decision forest 

extra info for the algorithms:

similar example for the regression : 

regression algorithm family have the word regression in their names without the class, like linear regression or decision forest regression

and there is only one algorithm called the k-means clustering is a clustering algorithm.

principles of responsible AI

 fairness

reliability

safety 

privacy

security 

transparency

inclusiveness

accountability

Fairness:

The principle of fairness directs AI solutions to treat everybody fairly. Independently from gender, race or any bias.

Accountability:

The principle of accountability directs AI solutions to follow governance and organizational norms.

what is semantic segmentation ?

 Semantic segmentation is an advanced machine learning technique in which individual pixels in the image are classified according to the object to which they belong.

how to build the personal virtual assistant ?

 Azure Bot service serves as data input for virtual assistant.

how to extend the capabilities of your Bot ?

Using Bot Framework skills, you can easily extend the capabilities of your Bot. Skills are like standalone bots that focus on a specific function like calendar to do, point of interest etc.

In the virtual assistant design, Bot Framework dispatches actions to skills.

Chat Bot

 Components of Chat Bot

To create a Web Chat Bot:

you need just two components: knowledge base and Bot service.

knowledge base: 

we can create a knowledge base from website information or FAQ documents, etc.

usually knowledge base is a list of question and answer pairs.

Bot service provides an interface to interact with a knowledge base from different channels.

entities, features and capabilities

 four types of entities that you can create during the authoring of LUIS application.

During an authoring phase for a LUIS application. we need to create intents, entities and train a model. There are four types of entities that we can create:

Machine-learned 

list

RegEx

pattern.

Main features and capabilities of  Azure Machine learning 

Azure machine learning  is the foundation for AI , it includes the four features and capabilities.

Automated Machine learning : automated creation of ML models based on your data; does not require any data science experience.

azure machine learning designer : a graphical interaface for no code creation of the ML solution.

data and compute management : cloud based tools for cloud professionals.

pipelines : visual designer for creating ML tasks workflow.

Custom vision model

 If you create a cognitive service to train and publish the custom vision model, you can provide a cognitive service endpoint and cognitive service key to the developers for access to the model.

But if you use the custom vision portal or create a custom vision resource within cognitive service, you will have two separate resources for training and publishing a model. In this case, you need to provide the four pieces of information to the developers:

ProjectID 

Model name

Prediction key

Prediction endpoint

what API does the application use to scan the document ?

 READ api :

is part of computer vision services. It helps to read 'text' within predominantly document images. READ api is an sychronous service specially designed for the heavy on text images  or documents with a lot of distortions.

It produces a result that includes: page information for each page including page size and orientation;

information about each line on the page and information  about each word in each line including bounding box of each word as indication of the word position in the image.

what are the compute resources used in azure machine learning studio ?

compute instances

compute clusters 

inference clusters

attached compute.

what are the benefits of the object detection model ?

object detection is the form of ML that helps to recognize objects on the images. Each recognizable object will be putting in the bounding box with the class name and probability score.

what is featurization ?

 Data pre-processing that involves various techniques like me scaling, normalization or feature engineering etc calls.

what is confusion matrix ?

 The confusion matrix provides a tabulated view of predicted and actual values for each class.

eg:  if we are predicting the classification for 10 classes , our confusion matrix will have 10 x 10 size.

what is feature selection ?

 Feature selection helps us to narrow down the features that are important  for our label prediction and discard all the features that dont play or play a minimal role in a label prediction . As a result  our training model and prediction will be more efficient.

what are the elements of the Artifical Intelligence ?

 Five key elements of the Artifical Intelligence:

Machine learning: The foundation of AI SYSTEMS.

Anomaly detection : Tools and services for identification of the unusual  activities.

computer vision : tools and services for understanding and recognizing objects in images, videos , faces and texts.

Natural language processing : tools and services for language understanding : text,  speech, text analysis, and translation.

conversational AI : tools and services for intelligent conversation.

what are the six principles of responsible AI ?

Fairness, Reliability and safety, transparency , inclusiveness, accountabillity.

==================================================================

how to predict numeric prediction ?

we can achieve this by creating a regression model based on the historical data of the things from previous quarters.

there are two types of machine learning :

1) supervised machine learning.

there are two parts of supervised machine learning :  a) regression b) classification modelling types.

( this is the right one for the above ).

2) unsupervised machine learning.

only clustering model is related to the unsupervised machine learning.

convert the time into human readable format

 

Data topics

Identify how data is defined and stored 

Identify characteristics of relational and non-relational data.

Describe and differentiate data workloads.

Describe and  differentiate batch and streaming data.

Identify how data is defined and stored 

Why do we need to understand data classification ?

Topic 2 : Describe and differentiate data workloads 

what is the security benefit in using aliases instead of literal paths for redirection ?

 They map to a list of destination URLs  and can protect from redirection attacks.

what do you mean by session and session ID

 A session is a mechanism for the server to identify and distinguish a particular user from all other current users.

A session ID is a 128-bit random number generated by the web application the first time a user visits a Rails-based web site.

where can we use the OpenPhish ?

 A service against which your application can check destination URLs before performing a redirect.

what is the difference between session fixation and session hijacking ?

 session hijacking :  is when the attacker acquires the session ID from a user's authenticated session.

session fixation: is when the attacker acquires a valid session ID by visiting the target web application first, and then attempts to get a user to initiate an authenticated session with the same session ID.

How SQL injection attack works ?

 Allowing an attacker to manipulate the SQL query string sent to the database.

SQL injection attack is performed by manipulating SQL query parameters to retrieve confidential data or execute commands from the underlying database without proper authorization.

recommendation for caching policy in the disks ?

 data disk containing the logs :  None 

Note: Do not enable caching on disks hosting the log file. Important: Stop the SQL server service when changing the cache settings for an Azure VM disk

data disk containing the data : ReadOnly

Note: Enable read caching on the disks hosting the data files and TempDB data files.

what do you mean Database dynamic data masking ?

 SQL Database dynamic data masking limits sensitive data exposure by masking it to non-privileged users.

what is the use of Virtual Network Service Endpoints ?

 Virtual Network service endpoints extend your virtual network private address space and the identify of your VNET to the Azure services, over a direct connection. Endpoints allow you to secure your critical Azure service resources to only your virtual networks.

Traffic from your VNET to the Azure Service always remains on the Microsoft Azure Backbone network.

How to identify issues about the underlying Azure services ?

 Azure Service Health is the service that should be used.

How to retain the logs from windows system ?

 Log Analytics to get event data from virtual machines.

The Log Analytics workspace can also retain data indefinitely.

Log Analytics can collect events from the windows event logs or linux syslog and performance counters that you specify for longer term analysis and reporting, and take action when a particular condition is detected.

what is the solution to host their existing SQL Server Integration Services (SSIS) packages ? ( migrate their on-premises Microsoft SQL servers to Azure).

 Azure Data Factory for hosting the packages.

Architecture of SSIS on Azure:

what is the difference b/w SSIS ON prem and SSIS on Azure ?

The most significant difference is the separation of storage from runtime. Azure Data Factory hosts the runtime engine for SSIS packages on Azure.

The runtime engine is called the Azure-SSIS Integration Runtime ( Azure-SSIS IR ).

what do you mean by federation with Azure AD ?

 Federation is a collection of domains that have established trust. The level of trust may vary, but typically includes authentication and almost always includes authorization.

A typical federation might include a number of organizations that have established trust for shared access to a set of resources.

you can federate your on-prem environment with Azure AD and use this federation for authentication and authorization.

This sign-in method ensures that all user authentication occurs on-premises. This method allows administrators to implement more rigorous levels of access control.

Federation with AD FS and  PingFederate is available.

what provides the security features in Azure Active Directory ?

 Azure Active Directory protection provides all the security features for your Azure Active Directory entities.

Identity protection is a tool that allows organizations to accomplish three key tasks:

1) Automate the detection and remediation of identity based risks.

2) Investigate risks using data in the portal.

3) Export risk detection data to third party utilities for further analysis.

Identity protection uses the learning Microsoft has acquired from their position in organizations with Azure AD, the consumer space with Microsoft Accounts, and in gaming with Xbox to protect your users. Microsoft analyses 6.5 trillion signals per day to identify and protect customers from threats.

The signals generated by and fed to identity protection can be further fed into tools like conditional access to make access decisions or fed back to a security information and event management  ( SIEM ) tool for further investigations based on your organisations enforced policies.

what do you mean by smart detection ?

 Smart Detection in Application Insights.

Smart Detection automatically warns you of potential performance problems and failure anomalies in your web application. It performs proactively analysis of the telemetry that your app sends to Application Insights.

If there is a sudden rise in failure rates or abnormal patterns in client or server performance, you get an alert. This feature needs no configuration. It operates if your application sends enough telemetry.

How to setup Azure Site Recovery agents ?

 First and foremost need to install the Azure Site Recovery agent on each node.

How to download and install the provider ?

For migrating Hyper-V VMs,  Azure Migrate: Server Migration installs software providers ( Microsoft  Azure Site Recovery provider and Microsoft Azure Recovery Service Agent) on Hyper-V Hosts or cluster nodes.

Note: Azure Migrate appliance is not used for Hyper-V migration.

How to setup the Azure Migrate ?

 Plan to assess and migrate the virtual machines by using the Azure Migrate service.

One Azure Migrate Appliance support up to 5,000 Hyper-V VMs.

Overview of Azure Migrate:

1) Azure Migrate: Server Assessment uses a lightweight Azure Migrate Appliance.

The appliance performs VM discovery and sends VM metadata and performance data to Azure Migrate.

The appliance can be setup in a number of ways.

Set up on a Hyper-V VM using a downloaded Hyper-V VHD. This is the method.

Set up on a Hyper-V VM or physical machine with a powershell installer script. This method should be used if you can't set up a VM using the VHD, or if you're in Azure Government.

what is the primary use case of BACPAC ?

 A BACPAC is a Windows file with a .bacpac extension that encapsulates a database's schema and data. The primary use case for a BACPAC is to move a database from one server to another or to migrate a database from a local server to the cloud - and archiving an existing database in an open format.

A BACPAC on the other hand, is focused on capturing schema and data supporting two main operations:

1) Export : The user can export the schema and the data of a database to a BACPAC.

2) Import: The user can import the schema and the data into a new database in the host server.

https://docs.microsoft.com/en-us/sql/relational-databases/data-tier-applications/data-tier-applications?view=sql-server-ver15#bacpac

what is vCore-based Azure SQL Database ?

 When you have existing Microsoft Licenses with Software Assurance, they can opt for a hybrid model in which they can benefit from huge discounts.

Azure Hybrid Benefit:

In the provisioned computer tier of the vCore-based purchasing model, you can exchange your existing licenses for discounted rates on SQL  Database using the Azure Hybrid Benefit for SQL Server. This Azure Benefit allows you to use your on-premises SQL Server Licenses to save up to 30% on Azure SQL Database using on-premises SQL Server licenses with Software Assurance.

How to prevent the throttle limit ?

 You can protect the number of calls to the API by using rate limit ( throttling ).

What is Azure Site Recovery service ?

 The Azure Site Recovery service to ensure that you can failover your application to a secondary site.

In which Azure Service we have alerts feature ?

 This is a feature of Azure Monitor.

( Responding to critical situations : In addition to allowing you to interactively analyze monitoring data, an effective monitoring solution must be able to proactively respond to critical conditions identified in the data that it collects ).

How to see the calls being made between the different application components ?

 Feature : Composite Application Map

This feature is part of the Application Insights tool.

You can see the full application topology across multiple levels of related application components.

( The app map finds components by following dependency calls made between servers with the Application Insights SDK installed ).

How to protect the web application ?

 (Web application firewall for Azure Application Gateway)

Azure Application Gateway offers a web application firewall that provides centralized protection of your web applications from common exploits and vulnerabilities. Web applications are increasingly targeted by malicious attacks that exploit commonly known vulnerabilities.

SQL injection and cross-site scripting are among the most common attacks.

Rehydrate blob data from the archive tier

 Reference

https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-rehydration?tabs=azure-portal

New Relic (NR) overview

 It provides a digital intelligence solution delivers end-to-end visibility.

APM ------> Detailed performance metrics for your application.

( APPLICATION PERFORMANCE MONITORING ).

WHAT IS APM ?

gives you visibility into how your application is performing. 

down to specific lines of code to see how each service is connected and get the info you need to resolve problems fast.

New Relic Infrastructure

Underlying your digital experience is your infrastructure.

Whether its on-prem , hybrid , cloud or container environments, these services support all the other layers of your technology stack, as these environments become more dynamic and complex, keeping track of infrastructure.

In relation to the health of the rest of the stack has become even more important.

what it provides ?

1) It provides real-time health metrics correlated to change events so you can identify and fix problems faster.

2) Inventory-wide visibility can help surface configuration issues and security vulnerabilities.

New Relic Browser:

1) its also critical to get visibility into the frontend the Real User Data.

2) it shows you the reality of your users experience from how long a page load takes to understanding which errors occured.

3) it is designed to give you visibility into the impact of frontend performance on the customers experience.

4) it will gives you full code visibility for your web applications at every point in the delivery chain.

New Relic mobile :

Yet once an app hits the real world, developers often lose visibility into its performance.

1) lets you see whats happening in your native mobile apps with code-level 

2) visibility into 

a) networks 

b) third-party services 

c) crash diagnostics 

d) http errors 

e) deployment trends.

New Relic Synthetics

As software gets more complex, it becomes more difficult to make sure that critical application workflows are available to customers at all times.

1) it is an easy-to-use way to  make sure your website is up and critical services and customer-facing transactions are available and working properly across  different geographical and platforms.

2) it lets you proactively find issues with you website and mobile backend services by simulating user behavior to help you validate availability, functionality and performance of your application.

New Relic Insights :

which is designed to let you analyze data sent to New Relic across your entire application stack.

1) it makes it fast and easy to create queries that answer key questions about application performance and customer experience.

Azure Data Lake Gen2 Storage Account

 This store will need to store documents. These documents can be accessed by end users. You should be able to provide access to the documents to users via Access Control Lists.

Messaging services

 Application needs to listen and process events that are emitted from other Azure Services.

we can use the Azure Event Grid  ( messaging service ).

provide on-premises storage that has built-in replication to azure.

 Azure StorSimple replicated to Azure Blob Storage.

Add SQL managed instance to a failover group

 How to configure ? 

For two managed instances to participate in a failover group, there must be either expressroute or a gateway configured between the virtual networks of the two managed instances to allow network communication.

https://docs.microsoft.com/en-us/azure/azure-sql/managed-instance/failover-group-add-instance-tutorial?tabs=azure-portal#4---create-a-primary-gateway

storage accounts will generate storage ATP alerts

 Storage Threat Detection is available for the Blob Service.

how to identify underutilized resources ?

 Advisor helps you optimize and reduce your overall Azure Spend by identifying idle and underutilized resources. You can get cost recommendations from the cost tab on the advisor dashboard.

What is IntegrationRuntime in Data Factory ?

 The Integration Runtime ( IR ) is the compute infrastructure used by Azure Data Factory to provide data integration capabilities across different network environments. Azure SSIS  integration Runtime ( IR ) in Azure Data Factory ( ADF ) supports running SSIS  packages.

S

What are the plan available in Azure Functions ?

 When you create a function app in Azure, you must choose a hosting plan for your app.

There are three basic hosting plan available for Azure Functions:

Consumption plan

Premium Plan 

Dedicated ( App Service Plan )

For the Consumption plan, you dont have to pay for idle VMs or reserve capacity in advance Connect to private endpoints with Azure Functions.

We can also integrate with the existing resources and it could be databases, file storage, message queues or event streams or Rest APIs