📞
Contrxl
External Links
Theoretical Learning
Theoretical Learning
  • 🏡Home
  • 📰News & Information
  • Systems Administration
    • ⌨️Cisco
      • Networking Basics
        • Communication in a Connected World
        • Network Components, Types and Connections
        • Wireless and Mobile Networks
        • Home Networking Technologies
        • Communication Protocols
        • Network Media
        • The Access Layer
        • The Internet Protocol
        • IPv4 and Network Segmentation
    • 🎓Learning Links
    • 💻Microsoft
      • AZ-900
        • 1. Cloud Concepts
          • 1.1 Describe Cloud Computing
            • 1.1.1 Introduction - Cloud Computing
            • 1.1.2 What is Cloud Computing?
            • 1.1.3 The Shared Responsibility Model
            • 1.1.4 Define Cloud Models
            • 1.1.5 Define the Consumption based Model
            • 1.1.6 Summary - Cloud Computing
          • 1.2 Describe the Benefits of Cloud Services
            • 1.2.1 Introduction - Cloud Services
            • 1.2.2 Benefits of High Availability and Scalability
            • 1.2.3 Benefits of Reliability and Predictability
            • 1.2.4 Benefits of Security and Governance
            • 1.2.5 Manageability in the Cloud
            • 1.2.6 Summary - Cloud Services
          • 1.3 Describe Cloud Service Types
            • 1.3.1 Introduction - Cloud Service Types
            • 1.3.2 Describe Infrastructure as a Service
            • 1.3.3 Describe Platform as a Service
            • 1.3.4 Describe Software as a Service
            • 1.3.5 Summary - Cloud Service Types
        • 2. Architecture
          • 2.1 Core Architectural Components
            • 2.1.1 Introduction - Core Architectural Components
            • 2.1.2 What is Microsoft Azure
            • 2.1.3 Get Started with Azure Accounts
            • 2.1.4 Explore the Learn Sandbox
            • 2.1.5 Describe Azure Physical Infrastructure
            • 2.1.6 Describe Azure Management Infrastructure
            • 2.1.7 Create an Azure Resource
            • 2.1.8 Summary
          • 2.2 Compute and Networking
            • 2.2.1 Introduction - Compute and Networking
            • 2.2.2 Describe Azure VMs
            • 2.2.3 Create an Azure VM
            • 2.2.4 Describe Azure Virtual Desktop
            • 2.2.5 Describe Azure Containers
            • 2.2.6 Describe Azure Functions
            • 2.2.7 Describe Application Hosting Options
            • 2.2.8 Describe Azure Virtual Networking
            • 2.2.9 Configure Network Access
            • 2.2.10 Describe Azure VPNs
            • 2.2.11 Describe Azure ExpressRoute
            • 2.2.12 Describe Azure DNS
            • 2.2.13 Summary - Compute and Networking
          • 2.3 Azure Storage Services
            • 2.3.1 Introduction - Storage Services
            • 2.3.2 Describe Azure Storage Accounts
            • 2.3.3 Describe Azure Storage Redundancy
            • 2.3.4 Describe Azure Storage Services
            • 2.3.5 Create a Storage Blob
            • 2.3.6 Identify Azure Data Migration Options
            • 2.3.7 Identify Azure File Movement Options
            • 2.3.8 Summary - Storage Services
        • 3. Management and Governance
          • 3.1 Cost Management
            • 3.1.1 Introduction - Cost Management
            • 3.1.2 Describe Factors that can Affect Costs in Azure
            • 3.1.3 Compare Pricing and TCO Calculators
            • 3.1.4 Estimate Workload Costs
            • 3.1.5 Compare Workload Costs with TCO
            • 3.1.6 Describe the Microsoft Cost Management Tool
            • 3.1.7 Describe the Purpose of Tags
            • 3.1.8 Summary - Cost Management
          • 3.2 Governance and Compliance
            • 3.2.1 Introduction - Compliance and Governance
            • 3.2.2 Describe the Purpose of Microsoft Purview
            • 3.2.3 Describe the Purpose of Azure Policy
            • 3.2.4 Describe the Purpose of Resource Locks
            • 3.2.5 Configure a Resource Lock
            • 3.2.6 Describe the Purpose of the Service Trust Portal
            • 3.2.7 Summary - Compliance and Governance
          • 3.3 Tools for Managing Azure Resources
            • 3.3.1 Introduction - Tools for Managing Azure Resources
            • 3.3.2 Describe Tools for Interacting with Azure
            • 3.3.3 Describe the Purpose of Azure Arc
            • 3.3.4 Describe ARM and Azure ARM Templates
            • 3.3.5 Summary - Tools for Managing Azure Resources
          • 3.4 Monitoring Tools
            • 3.4.1 Introduction - Monitoring Tools
            • 3.4.2 Describe the Purpose of Azure Advisor
            • 3.4.3 Describe Azure Service Health
            • 3.4.4 Describe Azure Monitor
    • 📘Microsoft Portal Links
  • Cybersecurity
    • ❓Anonymity Tools
    • 💡OSINT
      • IP & Domain OSINT
      • Email & Username OSINT
      • Vulnerability OSINT
    • 📚Projects
      • ‼️A Simulation Study of DDoS
  • 🦈Hacking
    • ☁️Cloud Attack Vectors
      • Credential Harvesting
      • Privilege Escalation
      • Account Takeover
      • Metadata Service Attacks
      • Misconfigured Cloud Assets
      • Resource Exhaustion and DoS
      • Cloud Malware Injection Attacks
      • Side-Channel Attacks
    • Maintaining Persistence
      • Reverse and Bind Shells
      • Command and Control (C2) Utilities
      • Scheduled Jobs, Tasks and Custom Daemons
    • 💻Network-Based Vulnerabilities
      • Windows Name Resolution and SMB
      • DNS Cache Poisoning
      • SNMP
      • SMTP
      • FTP
      • Pass-the-Hash
      • Kerberos and LDAP-Based Attacks
      • On-Path
      • Route Manipulation
      • DoS and DDoS
      • NAC Bypass
      • VLAN Hopping
      • DHCP Starvation/Rogue DHCP Server
    • Pivoting
      • Post-Exploitation Scanning
      • Legitimate Utilities and LotL
      • Privilege Escalation
    • Specialised System Vulnerabilities
      • Mobile Devices
      • Internet of Things Devices
      • Virtual Machines
      • Containerised Workloads
    • ⚒️Tools
      • Burp Suite
        • Repeater
        • Intruder
        • Other Modules
      • GoPhish
      • Hydra
      • John the Ripper
      • Metasploit
        • Exploitation
        • Meterpreter
      • NMAP
      • Wireshark
    • 🖥️TryHackMe
      • Complete Beginner
        • 1. Complete Beginner Intro
        • 2. Linux Fundamentals
        • 3. Introductory Networking
        • 3.1 Network Exploitation Basics
        • 4. OWASP Top 10 Exploits
        • 5. Upload Vulnerabilities
        • 5.1 An Example Methodology
        • 6. Cryptography - Hashing
        • 7. Cryptography - Encryption
        • 8. Active Directory Basics
        • 9. What the Shell?
        • 10. Linux Privesc
        • 11. More Linux Privesc
      • Jr Penetration Tester
        • Walking an Application
        • Content Discovery
        • Subdomain Enumeration
        • Authentication Bypass
        • IDOR
        • File Inclusion
        • SSRF
        • XSS (Cross-site Scripting)
        • Command Injection
        • SQL Injection
        • Passive Reconnaissance
        • Active Reconnaissance
        • Protocols and Servers
        • Protocol and Server Attacks
        • Vulnerabilities
        • Exploiting Vulnerabilities
        • Linux Privilege Escalation
        • Windows Privilege Escalation
      • CompTIA Pentest+
        • Planning and Scoping
          • Pentesting Fundamentals
          • Red Team Engagements
          • Governance and Regulation
        • Tools and Code Analysis
          • Metasploit: Introduction
          • Wireshark: The Basics
          • Burp Suite: The Basics
          • Hydra
          • Python Basics
        • Attacks and Exploits
          • Phishing
          • Windows Local Persistence
          • Breaching Active Directory
          • Lateral Movement & Pivoting
    • Web Application Vulnerabilities
      • The HTTP Protocol
      • Business Logic Flaws
      • Injection-Based Vulnerabilities
      • Authentication-Based Vulnerabilities
      • Authorisation-Based Vulnerabilities
      • Cross-Site Scripting (XSS)
      • Cross-Site Request Forgery (CSRF/XSRF) and Server-Side Request Forgery (SSRF)
      • Clickjacking
      • Security Misconfigurations
      • File Inclusion Vulnerabilities
      • Insecure Coding Practices
    • Wireless Vulnerabilities
      • Rogue Access Point/Evil Twin
      • Disassociation/Deauthentication
      • Preferred Network List Attack
      • Wireless Signal Jamming
      • War Driving
      • Initialization Vector (IV) and Insecure Wireless Protocol
      • KARMA
      • Fragmentation Attacks
      • Credential Harvesting
      • Bluejacking and Bluesnarfing
      • RFID Attacks
Powered by GitBook
On this page
  • Benefits of Azure Storage
  • Azure Blobs
  • Accessing Blob Storage
  • Blob Storage Tiers
  • Azure Files
  • Azure Files Benefits
  • Azure Queues
  • Azure Disks
  • Azure Tables
  1. Systems Administration
  2. Microsoft
  3. AZ-900
  4. 2. Architecture
  5. 2.3 Azure Storage Services

2.3.4 Describe Azure Storage Services

Description of Azure storage services.

  • Azure Blobs: massively scalable store for text and binary data. Also supports big data analysis via Data Lake Storage Gen2.

  • Azure Files: managed file shares for cloud or on-prem deployments.

  • Azure Queues: messaging store for reliable messaging between application components.

  • Azure Disks: block level storage volumes for Azure VMs.

  • Azure Tables: NoSQL table option for structured, non-relational data.

Benefits of Azure Storage

  • Durable and highly available: data is safe even if transient hardware failures occur. You can opt to replicate data across datacenters or geographical regions.

  • Secure: all data is encrypted, you have fine-grained control over who has access.

  • Scalable: designed to be massively scalable.

  • Managed: Azure handles hardware maintenance, updates, and critical issues.

  • Accessible: accessible from anywhere in the world over HTTP or HTTPS. Client libraries are in a multitude of languages: .NET, Java, Node.js, Python, PHP, Ruby, Go and others. Azure storage supports Azure CLI or Azure PowerShell.

Azure Blobs

Unstructured data storage for text or binary data. Can manage thousands of simultaneous uploads, massive amounts of video data, and can be reached from anywhere with an internet connection. Blobs aren't limited to file formats, they can contain data from IoT devices or custom data from an app. Blob storage is ideal for:

  • Serving images or documents to a browser

  • Storing files for distributed access

  • Streaming video and audio

  • Storing data for backup and restore, disaster recovery and archiving

  • Storing data for analysis by an on-prem or Azure-hosted service

Accessing Blob Storage

Can be accessed from anywhere in the world via HTTPS or HTTP. Can be accessed via URLs, the Azure Storage REST API, Azure PowerShell, Azure CLI or an Azure Storage Client library.

Blob Storage Tiers

Data stored can grow exponentially. To manage this, data should be organized based on attributes like frequency of access and planned retention period. Azure Storage offers different access tiers for your storage, helping you to store objective data in the most cost-effective way. The tiers include:

  • Hot Access Tier: optimized for storing data that is accessed frequently (images on a website)

  • Cool Access Tier: optimized for data that is infrequently accessed and stored for at least 30 days (invoices for customers)

  • Cold Access Tier: optimized for data that is infrequently accessed and stored for at least 90 days

  • Archive Access Tier: for data rarely accessed and stored for at least 180 days, with flexible latency requirements (long term backups)

The following considerations apply to these:

  • Hot and cool tiers are set at account level. Cold and archive tiers aren't available at account level.

  • Hot, cool, cold and archive tiers can be set at blob level, during or after upload.

  • Data in cool and cold tiers can tolerate slightly lower availability. For cool and cold data has a lower SLA and higher access costs.

  • Archive storage stores data offline and offers the lowest storage costs.

Azure Files

Azure File storage offers fully managed shared that can be accessed via SMB or NFS. Azure Files shares can be mounted concurrently by cloud or on-prem deployments. SMB Azure File shares can be accessed from Windows, Linux or macOS. NFS shares are accessible from from Linux or macOS.

Azure Files Benefits

  • Shared Access: supports SMB and NFS, meaning you can replace on-prem shares with Azure file shares without worrying about app compatibility.

  • Fully Managed: Azure file shares can be created without needing to manage hardware or an OS.

  • Scripting and Tooling: PowerShell cmdlets and Azure CLI can be used to create, mount and manage Azure file shares. These can be created using Azure Portal and Azure Storage Explorer.

  • Resiliency: Built to be always available.

  • Familiar Programmability: Apps running in Azure can access data via file system I/O APIs.

Azure Queues

Used for storing large number of messages. Can store as many messages as your account has room for. Each message can be up to 64KB in size. Queues are commonly used to create a backlog of work. This can be combined with Azure Functions to take an action when a message is received, for example, perform a specific action when a customer uploads a form.

Azure Disks

Block-level storage volumes managed by Azure for use with Azure VMs. Conceptually, they are teh same as a physical disk.

Azure Tables

Store large amounts of structured data. Accept authenticated calls from inside and outside teh Azure cloud. Ideal for structured, non-relational data.

💻