MS-AZ104T00: Microsoft Azure Administrator

Describe Microsoft Azure Cloud Shell, learn how it works, and explore basic steps for its usage.

Lessons

- Introduction.

- What is Azure Cloud Shell?

- How does Azure Cloud Shell work?

- When should you use Azure Cloud Shell?

- Knowledge check.

- Summary.

After completing this module, students will be able to:

- Describe Azure Cloud Shell and the functionality it provides.

- Determine whether Azure Cloud Shell meets the needs of your organization.

- Recognize how to use Azure Cloud Shell and persist files for multiple sessions.

Use Bash to manage IT infrastructure.

Lessons

- Introduction.

- What is Bash?

- Bash fundamentals.

- Bash commands and operators.

- Exercise - Try Bash.

- Exercise - Terminate a misbehaving process.

- Exercise - Use Bash and grep to filter CLI output.

- Knowledge check.

- Summary.

After completing this module, students will be able to:

- Learn what shells are and what Bash is.

- Learn about the syntax of Bash commands.

- Learn about important Bash commands, such as ls, cat, and ps.

- Learn how to use I/O operators to redirect input and output.

- Learn how to update a server's operating system.

- Learn how to find and terminate rogue processes.

- Learn how to use Bash to filter Azure CLI output.

Learn about the basics of PowerShell, a cross-platform command-line shell and scripting language that's built for task automation and configuration management. Learn what PowerShell is, what it's used for, and how to use it.

Lessons

- Introduction.

- What is PowerShell?

- Exercise - Run your first PowerShell commands.

- Locate commands.

- Exercise - Locate commands.

- Knowledge check.

- Summary.

After completing this module, students will be able to:

- Understand what PowerShell is and what you can use it for.

- Use commands to automate tasks.

This module explains Microsoft Entra ID. You'll compare Microsoft Entra ID to Active Directory DS, learn about Microsoft Entra ID P1 and P2, and explore Microsoft Entra Domain Services for managing domain-joined devices and apps in the cloud.

Lessons

- Introduction.

- Examine Microsoft Entra ID.

- Compare Microsoft Entra ID and Active Directory Domain Services.

- Examine Microsoft Entra ID as a directory service for cloud apps.

- Compare Microsoft Entra ID P1 and P2 plans.

- Examine Microsoft Entra Domain Services.

- Knowledge check.

- Summary.

After completing this module, students will be able to:

- Describe Microsoft Entra ID.

- Compare Microsoft Entra ID to Active Directory Domain Services (AD DS).

- Describe how Microsoft Entra ID is used as a directory for cloud apps.

- Describe Microsoft Entra ID P1 and P2.

- Describe Microsoft Entra Domain Services.

Learn how to configure user and group accounts.

Lessons

- Introduction.

- Create user accounts.

- Manage user accounts.

- Create bulk user accounts.

- Create group accounts.

- Create administrative units.

- Interactive lab simulation.

- Knowledge check.

- Summary.

After completing this module, students will be able to:

- Configure users accounts and user account properties.

- Create new user accounts.

- Import bulk user accounts with a template.

- Configure group accounts and assignment types.

Learn how to configure Azure subscriptions, including how to obtain a subscription, implement cost management, and apply Azure resource tags.

Lessons

- Introduction.

- Identify Azure regions.

- Implement Azure subscriptions.

- Obtain an Azure subscription.

- Identify Azure subscription usage.

- Implement Microsoft Cost Management.

- Apply resource tagging.

- Apply cost savings.

- Knowledge check.

- Summary.

After completing this module, students will be able to:

- Determine the correct region to locate Azure services.

- Review features and use cases for Azure subscriptions.

- Obtain an Azure subscription.

- Understand billing and features for different Azure subscriptions.

- Use Microsoft Cost Management for cost analysis.

- Discover when to use Azure resource tagging.

- Identify ways to reduce costs.

Learn how to configure Azure Policy to implement compliance requirements.

Lessons

- Introduction.

- Create management groups.

- Implement Azure policies.

- Create Azure policies.

- Create policy definitions.

- Create an initiative definition.

- Scope the initiative definition.

- Determine compliance.

- Interactive lab simulation.

- Knowledge check.

- Summary.

After completing this module, students will be able to:

- Create management groups to target policies and spending budgets.

- Implement Azure Policy with policy and initiative definitions.

- Scope Azure policies and determine compliance.

In this module, you'll learn to manage users and groups in Microsoft Entra ID.

Lessons

- Introduction.

- What is Microsoft Entra ID?

- Create and manage users.

- Create and manage groups.

- Use roles to control resource access.

- Connect Active Directory to Microsoft Entra ID with Microsoft Entra Connect.

- Summary.

After completing this module, students will be able to:

- Learn the difference between Microsoft Entra ID and Windows Server Active Directory.

- Understand tenants, subscriptions, and users.

- Create a new Microsoft Entra ID.

- Add users and groups to a Microsoft Entra ID.

- Manage roles in a Microsoft Entra ID.

- Learn how to create a hybrid identity solution with Microsoft Entra Connect.

Learn how to use Azure RBAC to manage access to resources in Azure.

Lessons

- Introduction

- What is Azure RBAC?

- Knowledge check - What is Azure RBAC?

- Exercise - List access using Azure RBAC and the Azure portal

- Exercise - Grant access using Azure RBAC and the Azure portal

- Exercise - View activity logs for Azure RBAC changes

- Knowledge check - Using Azure RBAC

- Summary.

After completing this module, students will be able to:

- Verify access to resources for yourself and others.

- Grant access to resources.

- View activity logs of Azure RBAC changes.

Evaluate self-service password reset to allow users in your organization to reset their passwords or unlock their accounts. Set up, configure, and test self-service password reset.

Lessons

- Introduction

- What is self-service password reset in Microsoft Entra ID?

- Implement Microsoft Entra self-service password reset

- Exercise - Set up self-service password reset

- Exercise - Customize directory branding

- Summary

After completing this module, students will be able to:

- Decide whether to implement self-service password reset.

- Implement self-service password reset to meet your requirements.

- Configure self-service password reset to customize the experience.

Learn to configure virtual networks and subnets, including IP addressing.

Learning objectives

- Introduction.

- Plan virtual networks

- Create subnets

- Create virtual networks

- Plan IP addressing

- Create public IP addressing

- Associate public IP addresses

- Interactive lab simulation

- Knowledge check.

- Summary.

In this module, you learn how to:

Describe Azure virtual network features and components.

- Identify features and usage cases for subnets and subnetting.

- Identify usage cases for private and public IP addresses.

- Create a virtual network and assign IP address.

Learn how to implement network security groups and ensure network security group rules are correctly applied.

Learning objectives

- Introduction.

- Implement network security groups.

- Determine network security group rules.

- Determine network security group effective rules.

- Create network security group rules.

- Implement application security groups.

- Interactive lab simulation.

- Knowledge check.

- Summary.

In this module, you learn how to:

- Determine when to use network security groups.

- Create network security groups.

- Implement and evaluate network security group rules.

- Describe the function of application security groups.

Learn to configure an Azure Virtual Network peering connection and address transit and connectivity concerns.

Learning objectives

- Introduction.

- Determine Azure Virtual Network peering uses

- Determine gateway transit and connectivity

- Create virtual network peering

- Extend peering with user-defined routes and service chaining

- Interactive lab simulation

- Knowledge check.

- Summary.

In this module, you learn how to:

Identify usage cases and product features of Azure Virtual Network peering.

- Configure your network to implement Azure VPN Gateway for transit connectivity.

- Extend peering by using a hub and spoke network with user-defined routes and service chaining.

Learn how to configure an internal or public load balancer.

Learning objectives

- Introduction.

- Determine Azure Load Balancer uses

- Implement a public load balancer

- Implement an internal load balancer

- Determine load balancer SKUs

- Create back-end pools

- Create health probes

- Create load balancer rules

- Interactive lab simulation

- Knowledge check.

- Summary.

In this module, you learn how to:

- Identify features and usage cases for Azure Load Balancer.

- Implement public and internal Azure load balancers.

- Compare features of load balancer SKUs and configuration differences.

- Configure back-end pools, load-balancing rules, session persistence, and health probes.

Learn how to configure Azure Application Gateway.

Learning objectives

- Introduction.

- Implement Azure Application Gateway

- Determine Azure Application Gateway routing

- Configure Azure Application Gateway components

- Knowledge check.

- Summary.

In this module, you learn how to:

- Identify features and usage cases for Azure Application Gateway.

- Implement an Azure application gateway, including selecting a routing method.

- Configure gateway components, such as listeners, health probes, and routing rules.

A good Azure IP addressing schema provides flexibility, room for growth, and integration with on-premises networks. The schema ensures that communication works for deployed resources minimizes public exposure of systems and gives the organization flexibility in its network. If not properly designed, systems might not be able to communicate, and more work is required to remediate the issue.

Lessons

- Introduction.

- Network IP addressing and integration.

- Public and private IP addressing in Azure.

- Plan IP addressing for your networks.

- Exercise - Design and implement IP addressing for Azure virtual networks.

- Summary.

In this module, you learn how to:

- Identify the private IP addressing capabilities of Azure virtual networks.

- Identify the public IP addressing capabilities of Azure.

- Identify the requirements for IP addressing when integrating with on-premises networks.

Use virtual network peering to enable communication across virtual networks in a way that's secure and cost-effective.

Lessons

- Introduction

- Connect services by using virtual network peering

- Exercise - Prepare virtual networks for peering by using Azure CLI commands

- Exercise - Configure virtual network peering connections by using Azure CLI commands

- Exercise - Verify virtual network peering by using SSH between Azure virtual machines

- Summary

In this module, you learn how to:

- Identify use cases for virtual network peering.

- Identify the features and limitations of virtual network peering.

- Configure peering connections between virtual networks.

Create a DNS zone for your domain name. Create DNS records to map the domain to an IP address. Test that the domain name resolves to your web server.

Lessons

- Introduction

- What is Azure DNS?

- Configure Azure DNS to host your domain

- Exercise - Create a DNS zone and an A record by using Azure DNS

- Dynamically resolve resource name by using alias record

- Exercise - Create alias records for Azure DNS

- Summary

In this module, you learn how to:

- Configure Azure DNS to host your domain.

Learn how to control Azure virtual network traffic by implementing custom routes.

Lessons

- Introduction

- Identify routing capabilities of an Azure virtual network

- Exercise - Create custom routes

- What is an NVA?

- Exercise - Create an NVA and virtual machines

- Exercise - Route traffic through the NVA

- Summary

In this module, you learn how to:

- Identify the routing capabilities of an Azure virtual network.

- Configure routing within a virtual network.

- Deploy a basic network virtual appliance.

- Configure routing to send traffic through a network virtual appliance.

Discuss the different load balancers in Azure and how to choose the right Azure load balancer solution to meet your requirements.

Lessons

- Introduction

- Azure Load Balancer features and capabilities

- Configure a public load balancer

- Exercise - Configure a public load balancer

- Internal load balancer

- Summary

In this module, you learn how to:

- Identify the features and capabilities of Azure Load Balancer.

- Deploy and configure an Azure Load Balancer.

Learn how to configure storage accounts, including replication and endpoints.

Lessons

- Introduction

- Implement Azure Storage

- Explore Azure Storage services

- Determine storage account types

- Determine replication strategies

- Access storage

- Secure storage endpoints

- Knowledge check

- Summary and resources

In this module, you learn how to:

- Identify features and usage cases for Azure storage accounts.

- Select between different types of Azure Storage and create storage accounts.

- Select a storage replication strategy.

- Configure secure network access to storage endpoints.

Learn how to Configure Azure Blob Storage, including tiers and object replication.

Lessons

- Introduction

- Implement Azure Blob Storage

- Create blob containers

- Assign blob access tiers

- Add blob lifecycle management rules

- Determine blob object replication

- Upload blobs

- Determine Blob Storage pricing

- Interactive lab simulation

- Knowledge check

- Summary and resources

In this module, you learn how to:

- Understand the purpose and benefits of Azure Blob Storage.

- Create and configure Azure Blob Storage accounts.

- Manage containers and blobs within Azure Blob Storage.

- Optimize blob storage performance and scalability.

- Implement lifecycle management policies to automate data movement and deletion.

- Determine the best pricing plans for your Azure Blob Storage.

Learn how to configure common Azure Storage security features like storage access signatures.

Lessons

- Introduction

- Review Azure Storage security strategies

- Create shared access signatures

- Identify URI and SAS parameters

- Determine Azure Storage encryption

- Create customer-managed keys

- Apply Azure Storage security best practices

- Interactive lab simulation

- Knowledge check

- Summary and resources

In this module, you learn how to:

- Configure a shared access signature (SAS), including the uniform resource identifier (URI) and SAS parameters.

- Configure Azure Storage encryption.

- Implement customer-managed keys.

- Recommend opportunities to improve Azure Storage security.

Learn how to configure Azure Files and Azure File Sync.

Lessons

- Introduction

- Compare storage for file shares and blob data

- Manage Azure file shares

- Create file share snapshots

- Implement soft delete for Azure Files

- Use Azure Storage Explorer

- Deploy Azure File Sync

- Knowledge check

- Summary and resources

In this module, you learn how to:

- Identify storage for file shares versus blob data.

- Configure Azure file shares and file share snapshots.

- Identify features and use cases of Azure File Sync.

- Identify Azure File Sync components and configuration steps.

Create an Azure Storage account with the correct options for your business needs.

Lessons

- Introduction

- Decide how many storage accounts you need

- Choose your account settings

- Choose an account creation tool

- Exercise - Create a storage account using the Azure portal

- Knowledge check - Create a storage account

- Summary

In this module, you learn how to:

- Decide how many storage accounts you need for your project

- Determine the appropriate settings for each storage account

- Create a storage account using the Azure portal

Azure Storage Explorer allows you to quickly view all the storage services under your account. You can browse through, read, and edit data stored in those services through a user-friendly graphical interface.

Lessons

- Introduction

- Connect Azure Storage Explorer to a storage account

- Exercise - Connect Azure Storage Explorer to a storage account

- Connect Azure Storage Explorer to Azure Data Lake Storage

- Exercise - Connect Azure Storage Explorer to Azure Data Lake Storage

- Summary

In this module, you learn how to:

- Describe the features of Azure Storage Explorer.

- Install Storage Explorer.

- Use Storage Explorer to connect to Azure Storage services and manipulate stored data.

Learn how to configure virtual machines including sizing, storage, and connections.

Lessons

- Introduction

- Connect Azure Storage Explorer to a storage account

- Exercise - Connect Azure Storage Explorer to a storage account

- Connect Azure Storage Explorer to Azure Data Lake Storage

- Exercise - Connect Azure Storage Explorer to Azure Data Lake Storage

- Summary

In this module, you learn how to:

- Determine the responsibilities of cloud service providers and customers in a cloud computing environment.

- Identify the key considerations and factors involved in planning for virtual machines. Considerations include workload requirements, resource allocation, and secure access.

- Configure virtual machine storage and virtual machine sizing.

- Create a virtual machine in the Azure portal.

- Practice deploying an Azure virtual machine and verify the configuration.

Learn how to configure virtual machine availability including vertical and horizontal scaling.

Lessons

- Introduction

- Plan for maintenance and downtime

- Create availability sets

- Review update domains and fault domains

- Review availability zones

- Compare vertical and horizontal scaling

- Implement Azure Virtual Machine Scale Sets

- Create Virtual Machine Scale Sets

- Implement autoscale

- Configure autoscale

- Interactive lab simulation

- Knowledge check

- Summary and resources

In this module, you learn how to:

- Implement availability sets and availability zones.

- Implement update and fault domains.

- Implement Azure Virtual Machine Scale Sets.

- Autoscale virtual machines.

Learn how to configure an Azure App Service plan, including pricing and scaling.

Lessons

- Introduction

- Implement Azure App Service plans

- Determine Azure App Service plan pricing

- Scale up and scale out Azure App Service

- Configure Azure App Service autoscale

- Knowledge check

- Summary and resources

In this module, you learn how to:

- Identify features and usage cases for Azure App Service.

- Select an appropriate Azure App Service plan pricing tier.

- Scale an Azure App Service plan.

Learn how to configure and monitor Azure App Service instances, including deployment slots.

Lessons

- Introduction

- Implement Azure App Service

- Create an app with App Service

- Explore continuous integration and deployment

- Create deployment slots

- Add deployment slots

- Secure your App Service app

- Create custom domain names

- Back-up and restore your App Service app

- Use Azure Application Insights

- Interactive lab simulation

- Knowledge check

- Summary and resources

In this module, you learn how to:

- Identify features and usage cases for Azure App Service.

- Create an app with Azure App Service.

- Configure deployment settings, specifically deployment slots.

- Secure your Azure App Service app.

- Configure custom domain names.

- Back-up and restore your Azure App Service app.

- Configure Azure Application Insights.

Learn how to configure Azure Container Instances including container groups.

Lessons 

- Introduction

- Compare containers to virtual machines

- Review Azure Container Instances

- Implement container groups

- Review Azure Container Apps

- Interactive lab simulation

- Knowledge check

- Summary and resources

In this module, you learn how to:

- Identify when to use containers versus virtual machines.

- Identify the features and usage cases of Azure Container Instances.

- Implement Azure container groups.

Learn how to use the cross-platform Azure CLI to create, start, stop, and perform other management tasks related to virtual machines in Azure.

Lessons 

- What is the Azure CLI?

- Exercise - Create a virtual machine

- Exercise - Test your new virtual machine

- Exercise - Explore other VM images

- Exercise - Sizing VMs properly

- Exercise - Query system and runtime information about the VM

- Exercise - Start and stop your VM with the Azure CLI

- Exercise - Install software on your VM

- Summary and cleanup

In this module, you learn how to:

- Create a virtual machine with the Azure CLI.

- Resize virtual machines with the Azure CLI.

- Perform basic management tasks using the Azure CLI.

- Connect to a running VM with SSH and the Azure CLI.

Azure virtual machines (VMs) enable you to create dedicated compute resources in minutes that can be used just like a physical desktop or server machine.

Lessons

- Introduction

- Create a Windows virtual machine in Azure

- Exercise - Create a Windows virtual machine

- Use RDP to connect to Windows Azure virtual machines

- Exercise - Connect to a Windows virtual machine using RDP

- Configure Azure virtual machine network settings

- Summary

In this module, you learn how to:

- Create a Windows virtual machine using the Azure portal.

- Connect to a running Windows virtual machine using Remote Desktop.

- Install software and change the network configuration on a VM using the Azure portal.

Azure App Service enables you to build and host web applications in the programming language of your choice without managing infrastructure. Learn how to create a website through the hosted web app platform in Azure App Service.

Lessons

- Introduction

- Create a web app in the Azure portal

- Exercise - Create a web app in the Azure portal

- Prepare the web application code

- Exercise - Write code to implement a web application

- Deploy code to App Service

- Exercise - Deploy your code to App Service

- Summary

In this module, you learn how to:

- Use the Azure portal to create an Azure App Service web app.

- Use developer tools to create the code for a starter web application.

- Deploy your code to Azure App Service.

Lessons

- Introduction.

- What is Azure Backup?

- How Azure Backup works

- When to use Azure Backup

- Knowledge check.

In this module, you learn how to:

- Evaluate whether Azure Backup is appropriate to use for your backup needs.

- Describe how the features of Azure Backup work to provide backup solutions for your needs.

Learn how to configure Azure Monitor, including querying the Azure Monitor activity log.

Learning objectives

- Introduction.

- Describe Azure Monitor key capabilities.

- Describe Azure Monitor components.

- Define metrics and logs.

- Identify monitoring data and tiers.

- Describe activity log events.

- Query the activity log.

- Interactive lab simulation.

- Knowledge check.

In this module, you learn how to:

- Identify the features and usage cases for Azure Monitor.

- Configure and interpret metrics and logs.

- Identify the Azure Monitor components and data types.

- Configure the Azure Monitor activity log.

You will learn how to configure Log Analytics including structuring queries.

Learning objectives

- Introduction.

- Determine Log Analytics uses.

- Create a Log Analytics workspace.

- Create Kusto (KQL) queries.

- Structure Log Analytics queries.

- Knowledge check.

After completing this module, you will be able to:

- Identify the features and usage cases for Log Analytics.

- Create a Log Analytics workspace.

- Structure a Log Analytics query and review results.

You learn how to configure Network Watcher and troubleshoot common networking problems.

Learning objectives

- Introduction.

- Describe Azure Network Watcher features.

- Review IP flow verify diagnostics.

- Review next hop diagnostics.

- Visualize the network topology.

- Knowledge check.

After completing this module, you'll be able to:

- Identify the features and usage cases for Azure Network Watcher.

- Configure diagnostic capabilities like IP Flow Verify, Next Hop, and Network Topology.

Respond to incidents and activities in your infrastructure through alerting capabilities in Azure Monitor.

Learning objectives

- Introduction.

- Explore the different alert types that Azure Monitor supports

- Use metric alerts for alerts about performance issues in your Azure environment

- Exercise - Use metric alerts to alert on performance issues in your Azure environment

- Use log alerts to alert on events in your application

- Use activity log alerts to alert on events within your Azure infrastructure

- Use action groups and alert processing rules to send notifications when an alert is fired

- Exercise -Use an activity log alert and an action group to notify users about events in your Azure infrastructure

- Knowledge check.

In this module, you learn how to:

- Configure alerts on events in your Azure resources based on metrics, log events, and activity log events.

- Learn how to use action groups in response to an alert, and how to use alert processing rules to override action groups when necessary.

Use Azure Monitor logs to extract valuable information about your infrastructure from log data.

Lessons

- Introduction

- Features of Azure Monitor logs

- Create basic Azure Monitor log queries to extract information from log data

- Exercise - Create basic Azure Monitor log queries to extract information from log data

- Summary

In this module, you learn how to:

- Identify the features and capabilities of Azure Monitor logs.

- Create basic Azure Monitor log queries to extract information from log data.

Learn how to monitor your Azure VMs by using Azure Monitor to collect and analyze VM host and client metrics and logs.

Lessons

- Introduction

- Monitoring for Azure VMs

- Monitor VM host data

- Use Metrics Explorer to view detailed host metrics

- Collect client performance counters by using VM insights

- Collect VM client event logs

- Summary

In this module, you learn how to:

- Understand which monitoring data you need to collect from your VM.

- Enable and view recommended alerts and diagnostics.

- Use Azure Monitor to collect and analyze VM host metrics data.

- Use Azure Monitor Agent to collect VM client performance metrics and event logs.