Overview This course teaches IT Professionals: Manage their Azure subscriptions, including access, policies, and compliance, as well as how to track and estimate service usage and related costs.
Description
Overview
This course teaches IT Professionals:
Manage their Azure subscriptions, including access, policies, and compliance, as well as how to track and estimate service usage and related costs.
_
How cloud resources are managed in Azure through user and group ents
Learn how to grant appropriate access to Azure AD users, groups, and services through Role-based access control (RBAC).
Discover the core monitoring tools and capabilities provided by Azure, including Azure Alerts and Activity Log.
_
Introduced to Log Analytics as a broad data analytics solution and use this service to query and analyze operational data.
Learn about the Azure Resource Manager deployment model, and how to work with resources, resource groups and ARM templates.
implement Azure storage solutions for a variety of scenarios.
Learn about the different storage accounts and services as well as basic data replication concepts and available replication schemes. Students are also introduced to Storage Explorer as a convenient way to work with Azure storage data.
Learn the types of storage and how to work with managed and custom disks.
Azure blob storage is how Azure stores unstructured data in the cloud, and students learn how to work with blobs and blob containers.
Learn how to use Azure Files to work with file shares that are accessed via the Server Message Block (SMB) protocol.
In addition to blob storage, the course covers Table and Queue storage as storage options for structured data.
Learn how to secure and manage storage using Shared Access Signatures (SAS) and Azure Backup, using Recovery Services Vault. Next, students learn how to use Azure File Sync to centralize an organization’s file Shares in Azure Files. Content Delivery
Network (CDN) is used to store cached content on a distributed network of servers that are close to end users. Students learn how to optimize content delivery with Azure CDN, as well as how to transfer large amounts of data using the Azure
_
Import/Export service.
Learn how to monitor Azure storage by configuring metrics and alerts and using the Activity Log. Students learn how to analyze usage trends, trace requests, and diagnose issues with a storage account.
_
How to create and manage virtual machines as part of an Infrastructure as a Service (IaaS) computing infrastructure.
Learn how to assess their on-premises environment for virtual machine readiness in preparation for moving resources to the cloud, including sizing, pricing, and design considerations.
Learn how to create and deploy virtual machines in Azure, using the Azure portal, PowerShell, and ARM templates. The course includes instruction on deploying custom images and Linux virtual machines.
Learn how to configure the networking and storage components of virtual machines.
_
Deploying highly available virtual machines is critical in the light of planned and unplanned events, and students learn how to use availability sets to ensure that virtual machine resources are available during downtime.
_
Learn how to use extensions and Desired State Configuration (DSC) for post deployment automation and configuration tasks.
Learn how to perform virtual machine backups, and to use Azure’s monitoring capabilities to collect, view, and analyze virtual machine diagnostic and log data.
_
Configure and manage Azure virtual networks (VNets).
The benefits of moving an infrastructure to the cloud, removing the need to maintain expensive datacenters are an appealing proposition for many small and medium-sized companies. Regardless, once resources are moved to Azure, they require the same
networking functionality as an on-premises deployment, and this course deals with the basic network configuration tasks.
_
The basis of IP addressing, with specific emphasis on how public and private IP addressing works in the cloud.
Learn how to configure network routing and how to implement Azure DNS.
Securing the network infrastructure is of key importance and students learn how to use Network Security Groups (NSGs) to limit network traffic to resources in a virtual network, by creating security rules that allow or deny inbound or outbound traffic.
Learn how to use NSG logging to diagnose and troubleshoot network connectivity problems.
Different connectivity scenarios for Azure virtual networks and students learn how to connect virtual networks with VNet-to-VNet VPN gateways and virtual network peering.
Use Azure Active Directory (AD) to provide employees and customers with a multi-tenant cloud-based directory and identity management system.
Learn the differences between Azure AD and Active Directory Domain Services (AD DS), as well the differences in functionality offered by the different editions of Azure AD.
Learn how to configure self-service password reset, or to use the option of password writeback to reset user passwords regardless of their location. Students are then introduced to Azure AD Identity Protection and learn how they can use it to protect their
organizations from compromised accounts, identity attacks, and configuration issues.
Learn how to integrate Azure AD with the many Software as a Service (SaaS) applications that are used, in order to secure user access to those applications.
Concepts of Azure domains and tenants, and users and groups are explained and students learn how to work with the various Azure AD objects. Students are introduced to Azure role-based access control to be able to provide a more granular access based on the
principle of least privilege. An administrator, or user, can do exactly the task they need to accomplish; no more, no less.
Learn how to work with Azure joined devices and Hybrid AD joined devices, enabling their users to be productive wherever and whenever – but ensuring that corporate assets are protected and that devices meet security and compliance standards.
Learn how to use Azure AD Connect to integrate their on-premises directories with Azure AD, providing a common identity for their users of Office 365, Azure, and SaaS applications integrated with Azure AD.
Learn how to use Azure AD Application Proxy to be able to provide their users with remote access to web application that are published on-premises, such as SharePoint sites, Outlook Web Access, or any other line of business (LOB) applications the
organization has.
Prerequisites
Successful Cloud Administrators start this role with experience on operating systems, virtualization, cloud infrastructure, storage structures, and networking.
Related Certifications
Microsoft Certified: Azure Administrator Associate
Who should attend
This course is for Azure Administrators. Azure Administrators manage the cloud services that span storage, networking, and compute cloud capabilities, with a deep understanding of each service across the full IT lifecycle. They take end-user requests for
new cloud applications and make recommendations on services to use for optimal performance and scale, as well as provision, size, monitor and adjust as appropriate. This role requires communicating and coordinating with vendors. Azure Administrators use
the Azure Portal and as they become more proficient they use PowerShell and the Command Line Interface.
At Course Completion
After completing this course, students will be able to:
Manage Azure subscriptions and billing, and implement Azure policies.
Implement access management with Azure users, groups, and role-based access control.
Use Azure Monitor to configure Azure alerts and review the Azure Activity Log.
Query and analyze Log Analytics data.
Deploy resources with ARM templates and organize Azure resources.
Optimize your use of Azure tools like the Azure portal, Azure PowerShell, Cloud Shell and the Azure CLI.
Create Azure storage accounts for different data replication, pricing, and content scenarios.
Implement virtual machine storage, blob storage, Azure files, and structured storage.
Secure and manage storage with shared access keys, Azure backup, and Azure File Sync.
Store and access data using Azure Content Delivery Network, and the Import and Export service.
Monitor Azure storage with metrics and alerts, and the Activity Log.
Explain virtual machine usage cases, storage options, pricing, operating systems, networking capabilities, and general planning considerations.
Create Windows virtual machines in the Azure Portal, with Azure PowerShell, or using ARM Templates.
Deploy custom server images and Linux virtual machines.
Configure virtual machine networking and storage options.
Implement virtual machine high availability, scalability, and custom scripts extensions.
Backup, restore, and monitor virtual machines.
Understand virtual networking components, IP addressing, and network routing options.
Implement Azure DNS domains, zones, record types, and resolution methods.
Configure network security groups, service endpoints, logging, and network troubleshooting.
Implement site connectivity schemas including VNet-to-VNet connections and virtual network peering.
Implement Azure Active Directory, Self-Service Password Reset, Azure AD Identity Protection, and integrated SaaS applications.
Configure domains and tenants, users and groups, roles, and devices.
Implement and manage Azure Active Directory integration options and Azure AD Application Proxy.
Course Outline
AZ-100T01: Manage Subscription and Resources
_
Module 1: Managing Azure Subscriptions
In this module, you’ll learn about the components that make up an Azure subscription and how management groups are used to organize subscriptions into containers to allow you to control organizational governance and policy management across subscriptions.
As well as learning about the different available types of subscription, you’ll see how to apply tags to your Azure resources to logically organize them by categories.
_
Lessons
Overview of Azure Subscriptions
Billing
Azure Policy
_
Module 2: Access Management for Cloud Resources
In this module you will learn the basics of role-based access control as it applies to users and groups. Focus on the administrator role and how it used in Azure.
_
Lessons
Azure Users and Groups
Role-based Access Control
_
Module 3: Monitoring and Diagnostics
In this module, you learn about the Azure Monitor and the many capabilities to ensure your Azure architecture is working correctly. Monitoring skills are explained in this first course and then demonstrated in the following courses. The two main elements
explained in this module are Azure Alerts and Azure Activity Log.
_
Lessons
Exploring Monitoring Capabilities in Azure
Azure Alerts
Azure Activity Log
_
Module 4: Log Analytics
In this module, you will focus on Log Analytics. Log Analytics provides a way for you to collect, analyze, and query all types of connected data. It is a very powerful tool.
_
Lessons
Introduction to Log Analytics
Querying and Analyzing Log Analytics Data
_
Module 5: Azure Resource Manager
In this module, you will learn about how resources are organized into resource groups and how ARM templates are used to deploy those resources. This module introduces the concepts and then they are applied in the other courses.
_
Lessons
ARM templates
Resource Groups
_
Module 6: Azure Tips, Tricks, and Tools
This module is provided to help you get the most from your administrative tools. This include the Azure Portal, Cloud Shell, Azure CLI, Azure PowerShell, and Resource Explorer.
_
Lessons
Azure Portal
Azure Tools and Environment
Course AZ-100T02: Implementing and Managing Storage
_
Module 1: Overview of Azure Storage
In this module, you’ll learn about storage accounts – Standard and Premium – as well as storage endpoints and how to configure custom domain accounts. You’ll have an opportunity to practice creating and managing storage accounts. The module also covers
data replication and provides a comparison of the different available replication schemes. You’ll be introduced to Azure Storage Explorer, a utility that lets you easily work with and manipulate Azure Storage data.
_
Lessons
Azure storage accounts
Data replication
Azure Storage Explorer
_
Module 2: Storage Services
In this module, you’ll learn about the disks component of Azure Storage as it relates to virtual machines. Disks are how virtual machines store their VHD files. You will learn about the types of disks and storage and how Azure simplifies IaaS disk
management by creating and managing the storage accounts associated with the virtual machine disks. You will also learn about how Azure blob storage stores unstructured data in the cloud as objects, or blobs (BLOB = binary large object). And you’ll explore
Azure Files, which offers fully managed file shares in the cloud that are accessible via the Server Message Block (SMB) protocol. The other file storage options covered in the module are Tables and Queues for structured storage.
_
Lessons
Virtual machine storage
Blob storage
Azure files
Structured storage
_
Module 3: Securing and Managing Storage
In this module, discover how a shared access signature (SAS) can be used to provide delegated access to resources in storage accounts, allowing clients access to those resources with sharing the storage account keys. You’ll also learn how to use Azure
backup as a cloud-based solution for an existing on-premises or off-site backup and data protection solution. This module also covers Azure File Sync as a way to centralize an organization’s file shares in Azure Files, and using Windows Server to cache the
Azure file share locally, thus enabling scenarios such as “lift and shift,” backup and disaster recovery, and file archiving.
_
Lessons
Shared access keys
Azure backup
Azure File Sync
_
Module 4: Storing and Accessing Data
In this module, you’ll learn about using a content delivery network (CDN) to deliver cached content that is stored on a distributed network of edge servers closer to end-users. You’ll also learn how to transfer large amount of data to and from the cloud
using the Azure Import/Export service.
_
Lessons
Azure Content Delivery Network
Import and Export service
_
Module 5: Monitoring Storage
In this module, you will learn techniques for monitoring the health of Azure storage. With metrics and alerts you can check a variety of performance metrics and send notifications to your system administrator team. With the Activity Log you can search and
query for specific events, even across subscriptions
_
Lessons
Metrics and Alerts
Activity Log
Course AZ-100T03: Deploying and Managing Virtual Machines
_
Module 1: Overview of Azure Machines
In this module, you’ll will be introduced to Azure virtual machines. What are virtual machines and what operating systems are supported? How can you determine if your existing virtual machines can be supported in Azure? What pricing and sizing options are
available?
_
Lessons
Azure Virtual Machines Overview
Planning Considerations
_
Module 2: Creating Virtual Machines
In this module, you will learn how to create and configure Windows virtual machines. You will practice in the Azure portal, in Azure PowerShell, and with ARM templates.
_
Lessons
Overview of the Virtual Machine Creation Overview
Creating Virtual Machines in the Azure Portal
Creating Virtual Machines (PowerShell)
Creating Virtual Machines using ARM Templates
_
Module 3: Deploying Virtual Machine Images
In this module, you will learn how to create custom virtual machines in Azure. For example, deploying a server image that is in your on-premises datacenter. You will also learn how to create and connect to Linux virtual machines.
_
Lessons
Deploying Custom Images
Deploying Linux Virtual Machines
_
Module 4: Configuring Virtual Machines
In this module, you will learn about the two main configuration areas for virtual machines: networking and storage. In the networking lesson, we will cover IP addressing, network interfaces, and network security groups. In the storage lesson, we will cover
virtual machine disks, managed disks, attaching/detaching disks, and uploading disks.
_
Lessons
Overview of Virtual Machine Configuration
Virtual Machine Networking
Virtual Machine Storage
_
Module 5: Configuring Availability and Extensibility
In this module, you will learn how to keep your virtual machines highly available with update and fault domains, and availability sets. You will also learn how to use scale sets to increase and decrease the number of the virtual machines as the workload
changes. Lastly, virtual machines can be extended through custom scripts and Desired State Configuration.
_
Lessons
Virtual Machine Availability
Virtual Machine Scalability
Applying Virtual Machine Extensions
_
Module 6: Managing and Monitoring Virtual MachinesI
In this module, you will learn the very important tasks of backing up your virtual machines and monitoring their overall health. You will practice backing up and restoring virtual machines. You will learn about monitoring, diagnostics, and Azure Advisor.
_
Lessons
Backup and Restore
Monitoring Virtual Machines
AZ-100T04: Configuring and Managing Virtual Networks
_
Module 1: Azure Virtual Networks
In this module, you’ll will be introduced to Azure virtual networks. What are virtual networks and how are they organized? How do you create and configure virtual networks with templates, PowerShell, CLI, or the Azure portal? What is the difference between
public, private, static, and dynamic IP addressing? How are system routes, routing tables, and routing algorithms used?
_
Lessons
Introducing Virtual Networks
Creating Azure Virtual Networks
Review of IP Addressing
Network Routing
_
Module 2: Azure DNSI
In this module, you will learn about DNS basics and specifically implementing Azure DNS. In the DNS Basics lesson you will review DNS domains, zones, record types, and resolution methods. In the Azure DNS lesson, we will cover delegation, metrics, alerts,
and DNS hosting schemes.
_
Lessons
Azure DNS Basics
Implementing Azure DNS
_
Module 3: Securing Virtual Network Resources
In this module, you will learn primarily about Network Security Groups (NSGs) including NSG rules and NSG scenarios. You will also learn how to implement NSGs considering service endpoints, logging, troubleshooting, and other network traffic.
_
Lessons
Introduction to Network Security Groups
Implementing Network Security Groups and Service Endpoints
_
Module 4: Connecting Virtual Networks
In this module, you will learn about two specific types of intersite connectivity: VNet-to-VNet connections and VNet Peering. In both cases, you will learn when to choose which connectivity method, and how to implement and configure the method.
_
Lessons
Intersite Connectivity (VNet-to-VNet Connections)
Virtual Network Peering
AZ-100T05: Manage Identities
_
Module 1: Managing Azure Active Directory
In this module, you’ll will be introduced to Azure Active Directory. What is Azure Active Directory and how is it different from Active Directory Domain Services? What is Self-Service Password Reset and how is it configured? How can Azure AD Identity
protection improve your security posture. How do you integrate SaaS applications with Azure AD?
_
Lessons
Azure Active Directory Overview
Self-Service Password Reset
Azure AD Identity Protection
Integrating SaaS Applications with Azure AD
_
Module 2: Managing Azure Active Directory Objects
In this module, you will learn the basics of implementing Azure AD objects. These objects include domains and tenants, users and groups, roles, and devices. In each lesson you will practice how to configure these objects through the portal and with Azure
PowerShell. The Azure roles lesson will be your introduction to role-based access control.
_
Lessons
Azure Domains and Tenants
Azure Users and Groups
Azure Roles
Managing Devices
_
Module 3: Implementing and Managing Hybrid Identities
In this module, you will learn how to integrate Active Directory with your existing infrastructure. You will learn about different authentication options like AD Connect, Single Sign On, and Pass-through authentication. You will also learn how to configure
Azure AD Application Proxy and how it is used.
_
Lessons
Azure Active Directory Integration Options
Azure AD Application Proxy
