I have been learning from your videos for the past 2 months, slowly getting ready for my AZ-900 exam in 2 weeks. I only wish you would update certain videos to accommodate the changes to the AZ-900 that occurred this year. Still, these videos are excellent and relevant. Thanks Adam !!
I firstly watch all videos of adam, then study on the document that my company provided, then solve as much practice questions as possible. Planning to get certified on August
You are simply a superb teacher. If I get a mentor like you then learning new things will never feel boring. Really appreciate your efforts and Thank you so much for such a great content.
@@HUTTB0LE yes , Adam has covered everything but you have to go through some practice test, for that there are 6 practice tests in one udemy course, you can go through that and that will help you alot
Thank you so much Adam for making these difficult-to-grasp concepts very easy to understand and interesting to learn. There are no words for your teaching skills. You are awesome. Thanks a lot Adam !
NSG allow/block specific port not service. NSG can't be used as Application(service) firewall. For example, if i decided to use ssh on port 2224, NSG rule that block 22 port can't prevent my attempt to connect to host via ssh.
I know this is probably just for example purposes but was there any reason you placed your logic service in the same subnet as the web subnet? I'm thinking you could have had Web Subnet => Logic Subnet => DB Subnet as that seems more in-line with your security architecture when you used ASG.
Thanks Adam for the great tutorial demo. However, in your demo topology about Network security group, you applying the NSG to the subnet seems easy to misleading that NSG is to apply to subnet. However, it should be apply to servers directly
@Adam in 04:05 --While adding inbound security rule in our NSG, we have source, SPR, destination, DPR, protocol and action. In protocol field we have 4 options ie,(Any, TCP, UDP and ICMP). So my question is, Is this possible to select more than one option (in protocol field)? for example protocol: TCP amd ICMP. Or its only one option at a time?
I have a question about how NSG works. So if I were to create a rule to allow RDP with a priority of 100, and another rule to block RDP with a priority of 101, would RDP be allowed in this case?
Hi Adam, thanks for the great content. I just have one question... in 1:05 you say that all traffic comming from the internet would be allowd... but I think there the "implicit" deny rule. Therefore, traffic must be explicitly permitted...
Great question. Notice that you said you have a 'default rule', that means you also have a NSG. In this example, I have shown a diagram with no NSGs. In that case all ports are exposed to the internet/intranet. In Azure your can create resources without NSG if you want, but by default templates include NSG so most people don't even realize that. I used this as an example as to why NSGs are so important for us.
The NSG is an own resource correct? So after creating how do you link specific resources to the group and are rules for one nsg then applied to all resources linked or can they be customized for each resource?
Great question Daniel. Inside of the NSG resource there are panels which allow you to associate NSG to either specific Network Interfaces of Virtual Machines or to entire Subnet. Lot's of info on this can be found here if you are interested: docs.microsoft.com/en-us/azure/virtual-network/manage-network-security-group?WT.mc_id=AZ-MVP-5003556
@@AdamMarczakYT Thanks for your quick reply Adam. Your videos are amazing and very helpful for beginners like me. Highly appreciate it! I really hope you will do an additional more advanced/ more detailed series with more practical examples in the future Keep up the great work! BR stay healthy and enjoy your evening
So if you have port 80 or 22 or any port for SSH , https or RDP. I can scan it using public ip via Nmap. Find vulnerability and i would attack your web server first and escalate to root privilege then move laterally to the data base and extract any files using Steganography.
I didn't understand how to configure subnets within Network Security Groups, how would I attach inbound or outbound rules for the whole subnet range of IP addresses?
Rules are affecting those that the NSG is attached to. If NSG is attached to Network Interface it will only affect that NIC. You need to attach NSG to an entire subnet for the rules to affect entire subnet.
thanku for this beautiful video, just a small doubt, can we give different OS to different instances in same VMSS?? is this possible using ARM template?
Very KISS (Keep In Short Simple) I got clarity about NSG & ASG. Can I know which software or thing you are using the presentation? It gives me a very clear understanding.
If you have 100 VMs but you want to expose only 50 via NSG you would need to create many rules for them based on static IPs or ranges. It's easier to group those 50 in ASG and add that ASG in NSG.
Check the website :) marczak.io/az-900 the agenda is always there with a list of episodes. All remaining episodes should be released in the next 2 months.
@@AdamMarczakYT Ah I see now (i think), it states virtual network. when you are coming from a legacy backgroud 'virtual network' can mean few different things. so sorry to sound pedantic, i like to keep 'cloud' terminology in a 'cloud bucket' and avoid to mix the two.
I have been learning from your videos for the past 2 months, slowly getting ready for my AZ-900 exam in 2 weeks. I only wish you would update certain videos to accommodate the changes to the AZ-900 that occurred this year. Still, these videos are excellent and relevant. Thanks Adam !!
what were the videos that needed to be changed?
I firstly watch all videos of adam, then study on the document that my company provided, then solve as much practice questions as possible.
Planning to get certified on August
@@yakupoztuna5845 How did it go?
You are simply a superb teacher. If I get a mentor like you then learning new things will never feel boring. Really appreciate your efforts and Thank you so much for such a great content.
So nice of you, thanks
Hey Adam, thanks for putting this content together and making it available for free
My pleasure!
I can't agree more with others. It takes a lot to be a good instructor. You have it in you! Keep making awesome educational videos.
Thanks Adam. You really tend to break concepts down extremely concisely. -your Biblical son, Seth.
I rarely comment on UA-cam video, but Adam's AZ-900 catalog is amazing. Thank you so much!
Thanks for this series, I have just cleared my AZ900 Azure fundamental exam yesterday, thanks alot sir🙏🏻✌🏻✌🏻
Thank you and congrats, keep up the good work :)
Hi @Krishna. I know the AZ900 updated their test recently. Did you find that Adam covered everything you need to know for the test?
@@HUTTB0LE yes , Adam has covered everything but you have to go through some practice test, for that there are 6 practice tests in one udemy course, you can go through that and that will help you alot
@@krishnaawasthi2120 , Can you post the udemy link once ?
Thank you so much Adam for making these difficult-to-grasp concepts very easy to understand and interesting to learn. There are no words for your teaching skills. You are awesome. Thanks a lot Adam !
Część Adam,
Thank you for being a fantastic teacher!
NSGs and ASGs overlap, to me, but you've cleared that up.
Dziękuję,
Daniel
Superb, simple and effective - Great Adam, Many thanks.
Glad you liked it!
Brilliant , Very clearly explained with example ... Thanks for the effort.
Glad it was helpful!
Happy to see another one ...waiting for it ...Thanks Adam ... You Rock!
More to come!
Great video as ususal. Amazing resource.
Thanks again!
Your Cartoons are really great understanding Adam.. Hats off !!
Thank you so much 😀
Brilliant. I wish this was around when I started learning Azure.
You and me both, I wish I started earlier! Thanks!
Your videos and practice tests are the best! Thanks Adam.
You are great narrator Adam ... brilliant class
Cheers!
I appreciate you for making these videos for us!! Very Helpful
Another crisp one! ❤️
More to come! :) thanks!
Congratulations for the amazing job! your explanations are great!
Thanks Adam your videos explanation very simple to understand and its really helpful
NSG allow/block specific port not service. NSG can't be used as Application(service) firewall. For example, if i decided to use ssh on port 2224, NSG rule that block 22 port can't prevent my attempt to connect to host via ssh.
Thank You , Simple explanation and its very useful .
You are welcome
You are the best Adam! Thank you
Thank you for this amazing video and nice explanation!
Perfect Explanation Adam
Glad you think so!
Very Good Explanation.. Good Job mate
Thank you! 👍
Hi Adam, thanks. I'm getting this certification
Hi, Thanks for the great content. Is there no procedure to maintain application security groups in Azure?
It's easy to understand your explanation
Sizzling! Thanks Adam!
Any time! Thanks for watching :)
Thank you Adam❤️
Your videos are really helpful
My pleasure! Always glad to hear that!
Great one and great explained
Glad you liked it!
Bro you are super ! Keep going
Very helpful! I understand the difference now, Thank You!!
Hi Adam, great explanation, excellent visualization, thank you!
I know this is probably just for example purposes but was there any reason you placed your logic service in the same subnet as the web subnet? I'm thinking you could have had Web Subnet => Logic Subnet => DB Subnet as that seems more in-line with your security architecture when you used ASG.
You are correct, this is just for simplicity sake. 😀
Dziękuję za kurs! Czy mógłby Pan podpowiedzieć czym się różnią certyfikaty MS-900 i AZ-900?
MS- skupia sie na Microsoft 365, czyli uslugi office, power platform, etc. AZ- na Azure.
Thanks Adam for the great tutorial demo. However, in your demo topology about Network security group, you applying the NSG to the subnet seems easy to misleading that NSG is to apply to subnet. However, it should be apply to servers directly
@Adam in 04:05 --While adding inbound security rule in our NSG, we have source, SPR, destination, DPR, protocol and action. In protocol field we have 4 options ie,(Any, TCP, UDP and ICMP). So my question is, Is this possible to select more than one option (in protocol field)? for example protocol: TCP amd ICMP. Or its only one option at a time?
One at the time, that's why they added option Any to allow for all of them.
Very good explanation 👍
Thank you Adam!
My pleasure!
Excellent video
Thank you very much!
😇😇😇Um ehrlich zu sein, du bist der Beste aller Zeiten. Wenn Sie auch Azure 104 (kurs) machen, wäre es besser
Amazing explanation
Glad you think so!
great video. thank you!
Very easy to understand thanks
You are welcome
I have a question about how NSG works. So if I were to create a rule to allow RDP with a priority of 100, and another rule to block RDP with a priority of 101, would RDP be allowed in this case?
Hi Adam.
Your Video's are really good. It will be great if you can make videos for other Microsoft certifications( SC-400,SC-300 and SC-200).
your content is really helpful
Hi Adam, thanks for the great content. I just have one question... in 1:05 you say that all traffic comming from the internet would be allowd... but I think there the "implicit" deny rule. Therefore, traffic must be explicitly permitted...
Great question. Notice that you said you have a 'default rule', that means you also have a NSG. In this example, I have shown a diagram with no NSGs. In that case all ports are exposed to the internet/intranet. In Azure your can create resources without NSG if you want, but by default templates include NSG so most people don't even realize that. I used this as an example as to why NSGs are so important for us.
@@AdamMarczakYT thanks !
Hey Adam, you should create playlist for 104 and 305. nice content thanks
Very well done.
Thank you kindly!
The NSG is an own resource correct? So after creating how do you link specific resources to the group and are rules for one nsg then applied to all resources linked or can they be customized for each resource?
Great question Daniel. Inside of the NSG resource there are panels which allow you to associate NSG to either specific Network Interfaces of Virtual Machines or to entire Subnet.
Lot's of info on this can be found here if you are interested: docs.microsoft.com/en-us/azure/virtual-network/manage-network-security-group?WT.mc_id=AZ-MVP-5003556
@@AdamMarczakYT Thanks for your quick reply Adam. Your videos are amazing and very helpful for beginners like me. Highly appreciate it!
I really hope you will do an additional more advanced/ more detailed series with more practical examples in the future
Keep up the great work!
BR stay healthy and enjoy your evening
Thanks Daniel, likewise stay safe :) Thanks for stopping by!
From which source you create these kind of animation?
Thank you so much for an useful video
Thanks Adam for the superb videos , really one stop shop for fundamental certifications.
If you have any architect level course , do share with us.
Nicely done.
Thank you! Cheers!
Thanks Adam. Another good one! These are great. Heads up: There's a spelling mistake on the practice test answer for #1 "Serurity"
Darn it! Thanks Pete, I ran this through grammarly, maybe I'm just getting blind this days :)
So if you have port 80 or 22 or any port for SSH , https or RDP. I can scan it using public ip via Nmap. Find vulnerability and i would attack your web server first and escalate to root privilege then move laterally to the data base and extract any files using Steganography.
"Find vulnerability" - that's the tricky part. Azure Services are always up to date with latest security patches.
Please make a playlist for AZ-104. You're the only one that will put an end to the ambiguity in azure 😅
I didn't understand how to configure subnets within Network Security Groups, how would I attach inbound or outbound rules for the whole subnet range of IP addresses?
Rules are affecting those that the NSG is attached to. If NSG is attached to Network Interface it will only affect that NIC. You need to attach NSG to an entire subnet for the rules to affect entire subnet.
Awesome, thank you!
Thank you, Adam!
Thanks
Network Security group is not located in Azure Virtual Network, right?
Nope, it's a separate resource which can be associated with a subnet or network interface
Can we associate nsg to a vitrual network subnet and vitrual network and to a network interface?
NSG can be associated with specific network interface or entire subnet.
thanku for this beautiful video,
just a small doubt,
can we give different OS to different instances in same VMSS??
is this possible using ARM template?
VMSS = identical VMs, if you change OS they are no longer identical, so no. Thanks for watching! :)
So security rules act as a firewall.
Like a very simple one, yes. It's not inspecting the traffic but just filtering it. So partially yes.
you the best💓👌
Thanks!
Very KISS (Keep In Short Simple) I got clarity about NSG & ASG.
Can I know which software or thing you are using the presentation?
It gives me a very clear understanding.
Thank you :) I just use powerpoint only, no extra tools.
Associate NSG to virtual network is possible?
Either VNet subnet or network interface.
You mention the reduced maintenance requirement of ASG's, can you, or anyone else expand on the maintenance reduction?
I also have the same question
If you have 100 VMs but you want to expose only 50 via NSG you would need to create many rules for them based on static IPs or ranges. It's easier to group those 50 in ASG and add that ASG in NSG.
Great stuff like always. How many episodes left to do in AZ-900 ?
Check the website :) marczak.io/az-900 the agenda is always there with a list of episodes. All remaining episodes should be released in the next 2 months.
Thank you
Hi Adam, how many hours is the total length of 39 episodes?
7hours
Subbed! Nice 1
Thanks for the sub! Welcome aboard!
Thanks!
You bet!
Hmm. sorry but where is the ‘vnet’
It's on the screen :) white border, title is underneath
@@AdamMarczakYT Ah I see now (i think), it states virtual network. when you are coming from a legacy backgroud 'virtual network' can mean few different things. so sorry to sound pedantic, i like to keep 'cloud' terminology in a 'cloud bucket' and avoid to mix the two.
Like DJ Khaled, "ANOTHER ONE".
😂 thanks!
Thanks !
Thanks!