Overview

This course teaches IT Professionals how to manage their Azure subscriptions, secure identities, administer the infrastructure, configure virtual networking, connect Azure and on-premises sites, manage network traffic, implement storage solutions, create and scale virtual machines, implement web apps and containers, back up and share data, and monitor your solution.

Audience Profile

This course is for Azure Administrators. The Azure Administrator implements, manages, and monitors identity, governance, storage, compute, and virtual networks in a cloud environment. The Azure Administrator will provision, size, monitor, and adjust resources as appropriate. Successful Azure Administrators start this role with experience in virtualization, networking, identity, and storage.

Syllabus

Describe Microsoft Azure Cloud Shell, learn how it works, and explore basic steps for its usage.

Learning Objectives
  • Describe Azure Cloud Shell and the functionality it provides.
  • Determine whether Azure Cloud Shell meets the needs of your organization.
  • Recognize how to use Azure Cloud Shell and persist files for multiple sessions.

Learn about the basics of PowerShell, a cross-platform command-line shell and scripting language that's built for task automation and configuration management. Learn what PowerShell is, what it's used for, and how to use it.

Learning Objectives
  • Understand what PowerShell is and what you can use it for.
  • Use commands to automate tasks.

Write JSON Azure Resource Manager templates (ARM templates) by using Visual Studio Code to deploy your infrastructure to Azure consistently and reliably.

Learning Objectives
  • Implement a JSON ARM template by using Visual Studio Code.
  • Declare resources and add flexibility to your template by adding resources, parameters, and outputs.

This module explains Microsoft Entra ID. You'll compare Microsoft Entra ID to Active Directory DS, learn about Microsoft Entra ID P1 and P2, and explore Microsoft Entra Domain Services for managing domain-joined devices and apps in the cloud.

Learning Objectives
  • Describe Microsoft Entra ID.
  • Compare Microsoft Entra ID to Active Directory Domain Services (AD DS).
  • Describe how Microsoft Entra ID is used as a directory for cloud apps.
  • Describe Microsoft Entra ID P1 and P2.
  • Describe Microsoft Entra Domain Services.

Access to cloud-based workloads needs to be controlled centrally by providing a definitive identity for each user and resource. You can ensure employees and vendors have just-enough access to do their job.

Learning Objectives
  • Create, configure, and manage users
  • Create, configure, and manage groups
  • Manage licenses
  • Explain custom security attributes and automatic user provisioning

This module explains the basic infrastructure components of Microsoft Azure. You'll learn about the physical infrastructure, how resources are managed, and have a chance to create an Azure resource.

Learning Objectives
  • Describe Azure regions, region pairs, and sovereign regions
  • Describe Availability Zones
  • Describe Azure datacenters
  • Describe Azure resources and Resource Groups
  • Describe subscriptions
  • Describe management groups
  • Describe the hierarchy of resource groups, subscriptions, and management groups

In this module, you learn how Azure Policy initiatives can be used to enforce organizational standards, assess compliance at scale, and manage Azure resources effectively.

Learning Objectives
  • Cloud governance with Azure Policy
  • Azure Policy and its components

Learn how to use Azure RBAC to manage access to resources in Azure.

Learning Objectives
  • Verify access to resources for yourself and others.
  • Grant access to resources.
  • View activity logs of Azure RBAC changes.

Evaluate self-service password reset to allow users in your organization to reset their passwords or unlock their accounts. Set up, configure, and test self-service password reset.

Learning Objectives
  • Decide whether to implement self-service password reset.
  • Implement self-service password reset to meet your requirements.
  • Configure self-service password reset to customize the experience.

Learn to configure virtual networks and subnets, including IP addressing.

Learning Objectives
  • Describe Azure virtual network features and components.
  • Identify features and usage cases for subnets and subnetting.
  • Identify usage cases for private and public IP addresses.
  • Create a virtual network and assign IP address.

Learn how to implement network security groups, and ensure network security group rules are correctly applied.

Learning Objectives
  • Determine when to use network security groups.
  • Create network security groups.
  • Implement and evaluate network security group rules.
  • Describe the function of application security groups.

Create a DNS zone for your domain name. Create DNS records to map the domain to an IP address. Test that the domain name resolves to your web server.

Learning Objectives
  • Configure Azure DNS to host your domain.

Learn to configure an Azure Virtual Network peering connection and address transit and connectivity concerns.

Learning Objectives
  • Identify usage cases and product features of Azure Virtual Network peering.
  • Configure your network to implement Azure VPN Gateway for transit connectivity.
  • Extend peering by using a hub and spoke network with user-defined routes and service chaining.

Learn how to control Azure virtual network traffic by implementing custom routes.

Learning Objectives
  • Identify the routing capabilities of an Azure virtual network.
  • Configure routing within a virtual network.
  • Deploy a basic network virtual appliance.
  • Configure routing to send traffic through a network virtual appliance.

This module explains what Azure Load Balancer does, how it works, and when you should choose to use Load Balancer as a solution to meet your organization's needs.

Learning Objectives
  • Learn what Azure Load Balancer is and the functionality it provides.
  • Determine whether Load Balancer meets the needs of your organization.

This module explains what Azure Application Gateway does, how it works, and when you should choose to use Application Gateway as a solution to meet your organization's needs.

Learning Objectives
  • Learn what Azure Application Gateway is and the functionality it provides.
  • Determine whether Application Gateway meets the needs of your organization.

Azure Network Watcher allows your organization to detect and monitor issues related to the network performance of infrastructure as a service (IaaS) resources in Microsoft Azure. This module explains what Network Watcher does, how it works, and when you should choose to use Network Watcher as a solution to meet your organization's needs.

Learning Objectives
  • Learn what Azure Network Watcher is and the functionality it provides.
  • Determine whether Azure Network Watcher meets the needs of your organization.

Learn how to configure storage accounts, including replication and endpoints.

Learning Objectives
  • Identify features and usage cases for Azure storage accounts.
  • Select between different types of Azure Storage and create storage accounts.
  • Select a storage replication strategy.
  • Configure secure network access to storage endpoints.

Learn how to configure Azure Blob Storage, including tiers and object replication.

Learning Objectives
  • Understand the purpose and benefits of Azure Blob Storage.
  • Create and configure Azure Blob Storage accounts.
  • Manage containers and blobs within Azure Blob Storage.
  • Optimize blob storage performance and scalability.
  • Implement lifecycle management policies to automate data movement and deletion.
  • Determine the best pricing plans for your Azure Blob Storage.

Learn how to configure common Azure Storage security features like storage access signatures.

Learning Objectives
  • Configure a shared access signature (SAS), including the uniform resource identifier (URI) and SAS parameters.
  • Configure Azure Storage encryption.
  • Implement customer-managed keys.
  • Recommend opportunities to improve Azure Storage security.

Learn how to configure Azure Files and Azure File Sync.

Learning Objectives
  • Identify storage for file shares versus blob data.
  • Configure Azure file shares and file share snapshots.
  • Identify features and use cases of Azure File Sync.

Learn about the decisions you make before creating a virtual machine, the options to create and manage the VM, and the extensions and services you use to manage your VM.

Learning Objectives
  • Compile a checklist for creating a virtual machine.
  • Describe the options to create and manage virtual machines.
  • Describe the additional services available to administer virtual machines.

Learn how to configure virtual machine availability including vertical and horizontal scaling.

Learning Objectives
  • Implement availability sets and availability zones.
  • Implement update and fault domains.
  • Autoscale virtual machines.

Learn how to configure an Azure App Service plan, including pricing and scaling.

Learning Objectives
  • Identify features and usage cases for Azure App Service.
  • Select an appropriate Azure App Service plan pricing tier.
  • Scale an Azure App Service plan.

Learn how to configure and monitor Azure App Service instances, including deployment slots.

Learning Objectives
  • Identify features and usage cases for Azure App Service.
  • Create an app with Azure App Service.
  • Configure deployment settings, specifically deployment slots.
  • Secure your Azure App Service app.
  • Configure custom domain names.
  • Back up and restore your Azure App Service app.
  • Configure Azure Application Insights.

Learn how to configure Azure Container Instances including container groups.

Learning Objectives
  • Identify when to use containers versus virtual machines.
  • Identify the features and usage cases of Azure Container Instances.
  • Implement Azure container groups.