MS-AZ104T00: Microsoft Azure Administrator

Lessons

- Introduction.

- Azure management options.

- Navigate the portal.

- Exercise - Work with resources.

- Exercise - Use the Azure portal.

- Azure portal dashboards.

- Exercise - Customize the dashboard.

- Access preview features.

- Summary.

After completing this module, students will be able to:

- Describe options for Azure management, including the Azure portal.

- Navigate the Azure portal.

- Create, customize, and share dashboards.

- Find and try out preview features.

Describe Microsoft Azure Cloud Shell, learn how it works, and explore basic steps for its usage.

Lessons

- Introduction.

- What is Azure Cloud Shell?

- How does Azure Cloud Shell work?

- When should you use Azure Cloud Shell?

- Knowledge check.

- Summary.

After completing this module, students will be able to:

- Describe Azure Cloud Shell and the functionality it provides.

- Determine whether Azure Cloud Shell meets the needs of your organization.

- Recognize how to use Azure Cloud Shell and persist files for multiple sessions.

Use Bash to manage IT infrastructure.

Lessons

- Introduction.

- What is Bash?

- Bash fundamentals.

- Bash commands and operators.

- Exercise - Try Bash.

- Exercise - Terminate a misbehaving process.

- Exercise - Use Bash and grep to filter CLI output.

- Knowledge check.

- Summary.

After completing this module, students will be able to:

- Learn what shells are and what Bash is.

- Learn about the syntax of Bash commands.

- Learn about important Bash commands, such as ls, cat, and ps.

- Learn how to use I/O operators to redirect input and output.

- Learn how to update a server's operating system.

- Learn how to find and terminate rogue processes.

- Learn how to use Bash to filter Azure CLI output.

Learn about the basics of PowerShell, a cross-platform command-line shell and scripting language that's built for task automation and configuration management. Learn what PowerShell is, what it's used for, and how to use it.

Lessons

- Introduction.

- What is PowerShell?

- Exercise - Run your first PowerShell commands.

- Locate commands.

- Exercise - Locate commands.

- Knowledge check.

- Summary.

After completing this module, students will be able to:

- Understand what PowerShell is and what you can use it for.

- Use commands to automate tasks.

Write JSON Azure Resource Manager templates (ARM templates) by using Visual Studio Code to deploy your infrastructure to Azure consistently and reliably.

Lessons

- Introduction.

- Explore Azure Resource Manager template structure

- Exercise - Create and deploy an Azure Resource Manager template

- Add flexibility to your Azure Resource Manager template by using parameters and outputs

- Exercise - Add parameters and outputs to your Azure Resource Manager template

Knowledge check

- Summary.

After completing this module, students will be able to:

- Implement a JSON ARM template by using Visual Studio Code.

- Declare resources and add flexibility to your template by adding resources, parameters, and outputs.

This module explains Microsoft Entra ID. You'll compare Microsoft Entra ID to Active Directory DS, learn about Microsoft Entra ID P1 and P2, and explore Microsoft Entra Domain Services for managing domain-joined devices and apps in the cloud.

Lessons

- Introduction.

- Examine Microsoft Entra ID

- Compare Microsoft Entra ID and Active Directory Domain Services

- Examine Microsoft Entra ID as a directory service for cloud apps

- Compare Microsoft Entra ID P1 and P2 plans

- Examine Microsoft Entra Domain Services

- Knowledge check.

- Summary.

After completing this module, students will be able to:

- Describe Microsoft Entra ID.

- Compare Microsoft Entra ID to Active Directory Domain Services (AD DS).

- Describe how Microsoft Entra ID is used as a directory for cloud apps.

- Describe Microsoft Entra ID P1 and P2.

- Describe Microsoft Entra Domain Services.

Access to cloud-based workloads needs to be controlled centrally by providing a definitive identity for each user and resource. You can ensure employees and vendors have just-enough access to do their job.

Lessons

- Introduction.

- Create, configure, and manage users.

- Exercise - assign licenses to users.

- Exercise - restore or remove deleted users.

- Create, configure, and manage groups.

- Exercise - add groups in Microsoft Entra ID.

- Configure and manage device registration.

- Manage licenses.

- Exercise - change group license assignments.

- Exercise - change user license assignments.

- Create custom security attributes.

- Explore automatic user creation.

- Knowledge check.

- Summary.

After completing this module, students will be able to:

- Create, configure, and manage users.

- Create, configure, and manage groups.

- Manage licenses.

- Explain custom security attributes and automatic user provisioning.

This module explains the basic infrastructure components of Microsoft Azure. You'll learn about the physical infrastructure, how resources are managed, and have a chance to create an Azure resource.

Lessons

- Introduction.

- What is Microsoft Azure.

- Get started with Azure accounts.

- Exercise - Explore the Learn sandbox.

- Describe Azure physical infrastructure.

Describe Azure management infrastructure.

- Exercise - Create an Azure resource.

- Knowledge check.

- Summary.

After completing this module, students will be able to:

- Describe Azure regions, region pairs, and sovereign regions.

- Describe Availability Zones.

- Describe Azure datacenters.

- Describe Azure resources and Resource Groups.

- Describe subscriptions.

- Describe management groups.

- Describe the hierarchy of resource groups, subscriptions, and management groups.

In this module, you learn how Azure Policy initiatives can be used to enforce organizational standards, assess compliance at scale, and manage Azure resources effectively.

Lessons

- Introduction.

- Cloud Adoption Framework for Azure.

- Azure Policy design principles.

- Azure Policy resources.

- Azure Policy definitions.

- Evaluation of resources through Azure Policy.

- Check your knowledge.

- Summary.

After completing this module, students will be able to:

- Cloud governance with Azure Policy.

- Azure Policy and its components.

Learn how to use Azure RBAC to manage access to resources in Azure.

Lessons

- Introduction

- What is Azure RBAC?

- Knowledge check - What is Azure RBAC?

- Exercise - List access using Azure RBAC and the Azure portal

- Exercise - Grant access using Azure RBAC and the Azure portal

- Exercise - View activity logs for Azure RBAC changes

- Knowledge check - Using Azure RBAC

- Summary.

After completing this module, students will be able to:

- Verify access to resources for yourself and others.

- Grant access to resources.

- View activity logs of Azure RBAC changes.

Evaluate self-service password reset to allow users in your organization to reset their passwords or unlock their accounts. Set up, configure, and test self-service password reset.

Lessons

- Introduction

- What is self-service password reset in Microsoft Entra ID?

- Implement Microsoft Entra self-service password reset

- Exercise - Set up self-service password reset

- Exercise - Customize directory branding

- Summary

After completing this module, students will be able to:

- Decide whether to implement self-service password reset.

- Implement self-service password reset to meet your requirements.

- Configure self-service password reset to customize the experience.

Learn to configure virtual networks and subnets, including IP addressing.

Lessons

- Introduction.

- Plan virtual networks

- Create subnets

- Create virtual networks

- Plan IP addressing

- Create public IP addressing

- Associate public IP addresses

- Interactive lab simulation

- Knowledge check.

- Summary.

In this module, you learn how to:

- Describe Azure virtual network features and components.

- Identify features and usage cases for subnets and subnetting.

- Identify usage cases for private and public IP addresses.

- Create a virtual network and assign IP address.

Learn how to implement network security groups and ensure network security group rules are correctly applied.

Lessons

- Introduction.

- Implement network security groups.

- Determine network security group rules.

- Determine network security group effective rules.

- Create network security group rules.

- Implement application security groups.

- Interactive lab simulation.

- Knowledge check.

- Summary.

In this module, you learn how to:

- Determine when to use network security groups.

- Create network security groups.

- Implement and evaluate network security group rules.

- Describe the function of application security groups.

Create a DNS zone for your domain name. Create DNS records to map the domain to an IP address. Test that the domain name resolves to your web server.

Lessons

- Introduction.

- What is Azure DNS?

- Configure Azure DNS to host your domain.

- Exercise - Create a DNS zone and an A record by using Azure DNS.

- Dynamically resolve resource name by using alias record.

- Exercise - Create alias records for Azure DNS.

- Summary.

In this module, you learn how to:

- Configure Azure DNS to host your domain.

Learn to configure an Azure Virtual Network peering connection and address transit and connectivity concerns.

Lessons

- Introduction.

- Determine Azure Virtual Network peering uses

- Determine gateway transit and connectivity

- Create virtual network peering

- Extend peering with user-defined routes and service chaining

- Interactive lab simulation

- Knowledge check.

- Summary.

In this module, you learn how to:

- Identify usage cases and product features of Azure Virtual Network peering.

- Configure your network to implement Azure VPN Gateway for transit connectivity.

- Extend peering by using a hub and spoke network with user-defined routes and service chaining.

Learn how to control Azure virtual network traffic by implementing custom routes.

Lessons

- Introduction.

- Identify routing capabilities of an Azure virtual network.

- Exercise - Create custom routes.

- What is an NVA?

- Exercise - Create an NVA and virtual machines.

- Exercise - Route traffic through the NVA.

- Summary.

In this module, you learn how to:

- Identify the routing capabilities of an Azure virtual network.

- Configure routing within a virtual network.

- Deploy a basic network virtual appliance.

- Configure routing to send traffic through a network virtual appliance.

This module explains what Azure Load Balancer does, how it works, and when you should choose to use Load Balancer as a solution to meet your organization's needs.

Lessons

- Introduction.

- What is Azure Load Balancer?

- How Azure Load Balancer works.

- When to use Azure Load Balancer.

- Knowledge check.

- Summary.

In this module, you learn how to:

- Learn what Azure Load Balancer is and the functionality it provides.

- Determine whether Load Balancer meets the needs of your organization.

This module explains what Azure Application Gateway does, how it works, and when you should choose to use Application Gateway as a solution to meet your organization's needs.

Lessons

- Introduction.

- What is Azure Application Gateway?

- How Azure Application Gateway works.

- When to use Azure Application Gateway.

- Knowledge check.

- Summary.

In this module, you learn how to:

- Learn what Azure Application Gateway is and the functionality it provides.

- Determine whether Application Gateway meets the needs of your organization.

Azure Network Watcher allows your organization to detect and monitor issues related to the network performance of infrastructure as a service (IaaS) resource in Microsoft Azure. This module explains what Network Watcher does, how it works, and when you should choose to use Network Watcher as a solution to meet your organization's needs.

Lessons

- Introduction.

- What is Azure Network Watcher?

- How Azure Network Watcher works.

- When to use Azure Network Watcher.

- Knowledge check.

- Summary.

In this module, you learn how to:

- Learn what Azure Network Watcher is and the functionality it provides.

- Determine whether Azure Network Watcher meets the needs of your organization.

Learn how to configure storage accounts, including replication and endpoints.

Lessons

- Introduction.

- Implement Azure Storage.

- Explore Azure Storage services.

- Determine storage account types.

- Determine replication strategies.

- Access storage.

- Secure storage endpoints.

- Knowledge check.

- Summary and resources.

In this module, you learn how to:

- Configure Azure DNS to host your domain.

- Identify features and usage cases for Azure storage accounts.

- Select between different types of Azure Storage and create storage accounts.

- Select a storage replication strategy.

- Configure secure network access to storage endpoints.

Learn how to configure Configure Azure Blob Storage, including tiers and object replication.

Lessons

- Introduction.

- Implement Azure Blob Storage.

- Create blob containers.

- Assign blob access tiers.

- Add blob lifecycle management rules.

- Determine blob object replication.

- Upload blobs.

- Determine Blob Storage pricing.

- Interactive lab simulation.

- Knowledge check.

- Summary

In this module, you learn how to:

- Understand the purpose and benefits of Azure Blob Storage.

- Create and configure Azure Blob Storage accounts.

- Manage containers and blobs within Azure Blob Storage.

- Optimize blob storage performance and scalability.

- Implement lifecycle management policies to automate data movement and deletion.

- Determine the best pricing plans for your Azure Blob Storage.

Learn how to configure common Azure Storage security features like storage access signatures.

Lessons

- Introduction

- Review Azure Storage security strategies

- Create shared access signatures

- Identify URI and SAS parameters

- Determine Azure Storage encryption

- Create customer-managed keys

- Apply Azure Storage security best practices

- Interactive lab simulation

- Knowledge check

- Summary and resources

In this module, you learn how to:

- Configure a shared access signature (SAS), including the uniform resource identifier (URI) and SAS parameters.

- Configure Azure Storage encryption.

- Implement customer-managed keys.

- Recommend opportunities to improve Azure Storage security.

Learn how to configure Azure Files and Azure File Sync.

Lessons

- Introduction.

- Compare storage for file shares and blob data.

- Manage Azure file shares.

- Create file share snapshots.

- Implement soft delete for Azure Files.

- Use Azure Storage Explorer.

- Consider Azure File Sync.

- Knowledge check.

- Summary and resources.

In this module, you learn how to:

- Identify storage for file shares versus blob data.

- Configure Azure file shares and file share snapshots.

- Identify features and use cases of Azure File Sync.

Learn about the decisions you make before creating a virtual machine, the options to create and manage the VM, and the extensions and services you use to manage your VM.

Lessons

- Introduction

- Compile a checklist for creating an Azure Virtual Machine

- Exercise - Create a VM using the Azure portal

- Describe the options available to create and manage an Azure Virtual Machine

- Manage the availability of your Azure VMs

- Back up your virtual machines

- Knowledge check

- Summary and resources.

In this module, you learn how to:

- Compile a checklist for creating a virtual machine.

- Describe the options to create and manage virtual machines.

- Describe the additional services available to administer virtual machines.

Learn how to configure virtual machine availability including vertical and horizontal scaling.

Lessons

- Introduction

- Plan for maintenance and downtime

- Create availability sets

- Review update domains and fault domains

- Review availability zones

- Compare vertical and horizontal scaling

- Implement Azure Virtual Machine Scale Sets

- Create Virtual Machine Scale Sets

- Implement autoscale

- Configure autoscale

- Knowledge check

- Summary and resources

In this module, you learn how to:

- Implement availability sets and availability zones.

- Implement update and fault domains.

- Implement Azure Virtual Machine Scale Sets.

- Autoscale virtual machines.

Learn how to configure an Azure App Service plan, including pricing and scaling.

Lessons

- Introduction

- Implement Azure App Service plans

- Determine Azure App Service plan pricing

- Scale up and scale out Azure App Service

- Configure Azure App Service autoscale

- Knowledge check

- Summary and resources

In this module, you learn how to:

- Identify features and usage cases for Azure App Service.

- Select an appropriate Azure App Service plan pricing tier.

- Scale an Azure App Service plan.

Learn how to configure and monitor Azure App Service instances, including deployment slots.

Lessons

- Introduction

- Implement Azure App Service plans

- Determine Azure App Service plan pricing

- Scale up and scale out Azure App Service

- Configure Azure App Service autoscale

- Knowledge check

- Summary and resources

In this module, you learn how to:

- Identify features and usage cases for Azure App Service.

- Create an app with Azure App Service.

- Configure deployment settings, specifically deployment slots.

- Secure your Azure App Service app.

- Configure custom domain names.

- Back-up and restore your Azure App Service app.

- Configure Azure Application Insights.

Learn how to configure Azure Container Instances including container groups.

Lessons

- Introduction

- Compare storage for file shares and blob data

- Manage Azure file shares

- Create file share snapshots

- Implement soft delete for Azure Files

- Use Azure Storage Explorer

- Deploy Azure File Sync

- Knowledge check

- Summary and resources

In this module, you learn how to:

- Identify when to use containers versus virtual machines.

- Identify the features and usage cases of Azure Container Instances.

- Implement Azure container groups.

Introduction to Azure Backup.

Lessons

- Introduction.

- What is Azure Backup?

- How Azure Backup works.

- When to use Azure Backup.

- Knowledge check.

- Summary.

In this module, you learn how to:

- Evaluate whether Azure Backup is appropriate to use for your backup needs.

- Describe how the features of Azure Backup work to provide backup solutions for your needs. 

Use Azure Backup to help protect on-premises servers, virtual machines, SQL Server, Azure file shares, and other workloads.

Lessons

- Introduction.

- Azure Backup features and scenarios.

- Back up an Azure virtual machine by using Azure Backup.

- Exercise - Back up an Azure virtual machine.

- Restore virtual machine data.

- Exercise - Restore Azure virtual machine data.

- Summary.

In this module, you learn how to:

- Identify the scenarios for which Azure Backup provides backup and restore capabilities.

- Back-up and restore an Azure virtual machine. 

Learn how to use Azure Monitor to provide insights into your Azure resource performance and operations. 

Lessons

- Introduction.

- Monitoring and Azure Monitor.

- Metrics and Logs.

- Azure Monitor Insights, visualizations, and actions.

- Knowledge check.

- Summary.

In this module, you learn how to:

- Understand the uses and importance of monitoring.

- Learn the basics of how Azure Monitor works.

- Describe the key reasons for collecting and analyzing metrics and logs.

- Consider how Azure Monitor can support your Azure resource monitoring needs.

Respond to incidents and activities in your infrastructure through alerting capabilities in Azure Monitor.

Lessons

- Introduction.

- Explore the different alert types that Azure Monitor supports

- Use metric alerts for alerts about performance issues in your Azure environment

- Exercise - Use metric alerts to alert on performance issues in your Azure environment

- Use log alerts to alert on events in your application

- Use activity log alerts to alert on events within your Azure infrastructure

- Use action groups and alert processing rules to send notifications when an alert is fired

- Exercise -Use an activity log alert and an action group to notify users about events in your Azure infrastructure

- Knowledge check.

In this module, you learn how to:

- Configure alerts on events in your Azure resources based on metrics, log events, and activity log events.

- Learn how to use action groups in response to an alert, and how to use alert processing rules to override action groups when necessary.

Use Azure Monitor logs to extract valuable information about your infrastructure from log data.

Lessons

- Introduction

- Features of Azure Monitor logs

- Create basic Azure Monitor log queries to extract information from log data

- Exercise - Create basic Azure Monitor log queries to extract information from log data

- Summary

In this module, you learn how to:

- Identify the features and capabilities of Azure Monitor logs.

- Create basic Azure Monitor log queries to extract information from log data.