AZ-101: Azure Administrator, Integration and Security Course Outline
This course teaches IT professionals:
How to discover, assess, plan and implement a migration of on-premises resources and infrastructure to Azure. Students will learn how to use Azure Migrate to perform the discovery and assessment phase that is critical to a successful migration. Students will also learn how to use Azure Site Recovery for performing the actual migration of workloads to Azure. The course focuses primarily on using ASR on a Hyper-V infrastructure to prepare and complete the migration process. In addition, students learn about other scenarios, such as migration of VMware vSphere Hypervisor virtual machines and System Center VMM Hyper-V machines.
How to manage and maintain the infrastructure for the core web apps and services that developers build and deploy. Students will learn how Azure App Service is used as a Platform as a Service (PaaS) offering for deploying cloud apps for web and mobile environments. Students will learn how to use App Service Environments (ASE) to host a dedicated environment for securing and running App Service apps at scale. Students will also learn how to use deployment slots as staging environments for web apps, that can then be swapped into production when needed. This course also teaches students how to scale up and scale out to meet and adjust for demand, and how bandwidth for web traffic can be optimized using Application Gateways and Content Delivery Networks (CDN). Lastly, the course provides students with an overview of serverless computing solutions, including Azure Functions, Event Grid, Service Bus, and Logic Apps.
How to implement and configure different Azure networking traffic distribution mechanisms, including Azure Load Balancer, Azure Traffic Manager, and Azure Application Gateway. Students will also learn how to implement site connectivity for multiple scenarios including cross-premises and hybrid configurations, as well as extending on-premises networks into the Microsoft cloud over a dedicated private connection, using Azure ExpressRoute. Lastly, students will learn how to use Network Watcher to monitor and troubleshoot Azure virtual networks. They will also learn how to troubleshoot and remediate common errors in Azure Application Gateway and Azure Load Balancer.
To understand the challenges that organizations face in keeping modern IT environments secure, as the more distributed environments that are part of a cloud-first or hybrid world have rapidly created new security challenges for IT. The course focuses on three key areas in the defense against attackers who target security vulnerabilities, resulting particularly from credential theft and compromised identities: Role-Based Access Control (RBAC), Multi-Factor Authentication (MFA), and Azure Active Directory Privileged Identity Management (PIM). Students learn to implement two-step verification to secure the sign-in process, as well has how to use advanced features like trusted IPs and Fraud Alerts with MFA to customize their identity access strategy. Using Privileged Identity Management, students learn how to apply just the right amount of access rights for just the right amount of time to the various administrative roles as well as to resources.
Successful Azure Administrators start this role with experience on operating systems, virtualization, cloud infrastructure, storage structures, and networking.
Microsoft Certified: Azure Administrator Associate
Who Should Attend
This course is for Azure Administrators. Azure Administrators manage the cloud services that span storage, networking, and compute cloud capabilities, with a deep understanding of each service across the full IT lifecycle. They take end-user requests for new cloud applications and make recommendations on services to use for optimal performance and scale, as well as provision, size, monitor and adjust as appropriate. This role requires communicating and coordinating with vendors. Azure Administrators use the Azure Portal and as they become more proficient they use PowerShell and the Command Line Interface.
At Course Completion
After completing this course, students will be able to:
Use Azure Migrate to discover and assess on-premises virtual machine migration to Azure.
Use Azure Site Recovery to migrate Hyper-V infrastructures to Azure.
Review migration strategies for VMWare and System Center VMM virtual machines.
Implement use cases and configuration options for Azure App Services and App Service Environments.
Manage and secure web apps with backup, restore, snapshot, and cloning.
Optimize your web app performance with Scale Up, Scale Out, Autoscale, and Grow out strategies.
Deploy serverless computing features like Azure Functions, Event Grid, and Service Bus.
Implement and configure Azure Load Balancer, Azure Traffic Manager, and Azure Application Gateway.
Implement and configure Site-to-Site VPN connections and ExpressRoute.
Implement and configure Network Watcher and troubleshooting common network issues.
Use Azure RBAC to grant a granular level of access based on an administrator痴 assigned tasks.
Use Azure Multi-Factor Authentication to configure a strong authentication for users at sign-in.
User Azure AD Privileged Identity Management to configure access rights based on just-in-time administration.
AZ-101T01: Migrate Servers to Azure
Module 1: Managing Azure Active Directory
In this module, you will be introduced to Azure migration projects and specifically Azure Migrate. Azure Migrate will be your tool of choice for automated server discovery and workload sizing. You will step through the process of using Azure Migrate to create a project, create a collector, assess machine readiness, and estimate cost.
Overview of Cloud Migration
Azure Migrate: The Process
Module 2: Azure Site Recovery
In this module, you will be introduced to Azure Site Recovery (ASR). ASR will be your primary tool for migrating workloads to Azure. You will learn which scenarios are most appropriate for ASR and the features that the product provides. You will also learn how to use the ASR deployment planner to ensure your infrastructure is ready for migration. Lastly, you will walk through the process of implementing ASR on a Hyper-V infrastructure.
Overview of ASR
Preparing the Infrastructure
Completing the Migration Process
Module 3: Additional Migration Scenarios
In this module, you will complete your study of Azure migration by looking at two different migration scenarios. In the first scenario you will see how to migrate VMware vSphere Hypervisor virtual machines to Azure using ASR. In the second video series we will migrate System Center VMM Hyper-V machines.
System Center VMM Migration: Video Walkthrough
AZ-101T2: Implementing and Managing Application Services
Module 1: Introducing the Azure App Service Platform
In this module, you will be introduced to the Azure App Services Platform. You will learn about app service plans, web app hosting options, app service scenarios and how to monitor apps. You will also learn about how to isolate apps with App Service Environments.
Introducing Azure App Service
App Service Environments
Module 2: Managing and Securing Web Apps
In this module, you will learn how to deploy your app with minimal downtime. You will also learn how to backup, restore, snapshot, and clone your app. Lastly, you will implement security features like authentication options and authentication providers.
Deploying Web Apps
Managing Web Apps
App Service Security
Module 3: Scaling and Performance
In this module, you will learn how to ensure your app performs under various workloads. You will learn how to scale up and scale out your app. You will learn how to automatically scale your app and to grow out the app through geo-distribution. Lastly you will learn how CDN provides a way to optimize bandwidth and web traffic.
Scale Up and Scale Out
Autoscale and Grow out
Optimizing Bandwidth and Web Traffic
Module 4: Deploying Serverless Computing Solutions
In the module, you will learn what serverless computing is and what it provides. You will implement three serverless computing solutions: Azure Functions, Event Grid, and Service Bus. Azure Functions provide small pieces of code, or "functions," that run in the cloud. Event Grid is a service for managing routing of all events from any source to any destination. Service Bus multi-tenant cloud messaging service that sends information between applications and services.
Serverless Computing Concepts
Managing Azure Functions
Managing Event Grid
Managing Service Bus
Managing Logic App
AZ-101T03: Implement Advanced Virtual Networking
Module 1: Distributing Network Traffic
In this module, you will learn about three ways to distribute network traffic: Azure Load Balancer, Azure Traffic Manager, and Azure Application Gateway. The Azure Load Balancer delivers high availability and network performance to your applications. The Azure Traffic Manager allows you to control the distribution of user traffic to your service endpoints. The Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications.
Overview of Network Traffic Distribution Options
Azure Load Balancer
Azure Traffic Manager
Azure Application Gateway
Module 2: Site Connectivity
In this module, you will learn and implement two ways to connect your virtual networks: Site-to-Site VPN Connections and ExpressRoute. Site-to-Site VPN connections provide secure tunneling for cross-premises and hybrid configurations. ExpressRoute extends your on-premises networks into the Microsoft cloud over a dedicated private connection facilitated by a connectivity provider.
Site-to-Site VPN Connections
Module 3: Monitoring and Troubleshooting Network Connectivity
In this module, you will learn important skills around troubleshooting virtual network connectivity. The primary tool discussed is Azure Network Watcher. Azure Network Watcher provides IP flow verification, VPN diagnostics, NSG views and flows, and next hop analysis.
Introducing Network Watcher
Implementing Network Watcher
Network Troubleshooting Examples
AZ-101T04: Secure Identities
Module 1: Introduction to Identity Protection in Azure
In this module, you値l learn about Role-Based Access Control as the foundation to organizing and managing an organization痴 administrative access based on the principle of least privilege. You will also review Azure Active Directory concepts, as well as gaining insight into the threat landscape and security risks that are exposed to IT organizations through breach of privileged access.
Role-Based Access Control
Azure Active Directory (Refresher)
Protecting Privileged Access in the Environment
Module 2: Using Multi-Factor Authentication for Secure Access
In this module, you値l learn about securing the sign-in process through Multi-Factor Authentication (MFA). You値l learn how MFA works and the differences in implementation between on-premises and cloud scenarios. You値l also learn about using conditional access policies to provide more fine-grained control over apps and resources in your environment.
Introducing Multi-Factor Authentication
Module 3: Azure AD Privileged Identity Management
In this module, you値l learn how to use Azure Privileged Identity Management (PIM) to enable just-in-time administration and control the number of users who can perform privileged operations. You値l also learn about the different directory roles available as well as newer functionality that includes PIM being expanded to role assignments at the resource level.
Getting Started with PIM
PIM Security Wizard
PIM for Directory Roles
PIM for Role Resources
View outline in Word