Learning Objective:
In this module, you will learn about the administrative tools and components that make up an Azure subscription as well as the different available types of subscriptions. You will also learn about the various services provided by Azure. You will be introduced to Azure Resource
Manager and how resources are organized into resource groups. Topics:
• Introduction to Cloud Computing
• Overview of Microsoft Azure
• Microsoft Azure Services
• Azure Subscriptions
• Management Groups
• Azure Resource Manager
• Azure Portal and PowerShell
• Azure Resource Manager Policies
• Azure Policy Definition Structure
• Resource Management Locks
• Organizing Azure Resources
Hands-On:
1. Create an Azure account
2. Manage subscriptions, billing, and policies
3. Configure Management Groups
4. Use Portal and PowerShell to deploy and manage resources on Azure
5. Create Azure policies
Azure Virtual Networks and Network Security
Learning Objective:In this module, you will be introduced to Azure virtual networking concepts and how do you create and configure them. You will also learn how system routes, routing tables, and routing algorithms are used. This module also introduces you to Azure DNS basics and Network Security Groups (NSGs). You will also learn how to implement NSGs considering service endpoints and policies.
Topics:
Introduction to Azure Virtual Networks IP Addresses — Public and Private Classless Inter-domain Routing (CIDR) Subnets
Network Interface Cards (NICs) Network Security Groups (NSGs) Network Security Group Rules Virtual Network Service Endpoints Service Endpoint Policies
Azure Load Balancer
Azure DNS
• Azure Firewall
Azure Bastion Service
Hands-On:
Create and Configure Virtual Networks
• Setup Network Security Groups (NSGs)
• Restrict Network Access to Resources with Service Endpoints Implement Azure DNS
Configure Azure Firewall
Deploy Azure Bastion Service
Overview o1 Azure Virtual Machines
Learning Objective:In this module, you will be introduced to Azure VMs, their supporting OS, sizing and pricing. You will also learn how to create and configure Windows and Linux VMs in Azure. This module also teaches you how to create custom VMs in Azure. You will also learn how VMs can be extended through custom scripts and Desired State Configuration.
Topics:
• Azure Virtual Machines Azure Resource Manager VM
• Introduction to ARM Templates
• Create a Custom Image of Azure VM
• Create a Managed Image of a Generalized VM Create an Image from VM Snapshots
Creating a Linux Virtual Machine
• Virtual Machine Extensions
Configuration Management using PowerShell DSC Run Custom Scripts using Custom Script Extension
• Azure Kubernetes Service (AKS)
• Azure Container Instances (ACI)
• App Service
App Service Plans
Hands-On:
Create Windows VMs in the Azure Portal Create Windows VMs with Azure PowerShell
• Create VMs using ARM Templates
Deploy custom server images
Configure Azure Kubernetes Service (AKS) Create a Web App Service
Overview of Azure Storage Services
Learning Objective: In this module, you will learn about storage accounts — Standard and Premium — as well as storage endpoints. You will also learn about data replication and work with Azure Storage Explorer to manage storage data. You will discover how a shared access signature (SAS) are used to provide delegated access to resources. You will also explore and understand disks and storage – Azure Blob Storage, Azure Files, and structured storage types like Table and Queue storage.
Topics:
Azure Storage
• Azure Storage Replication Azure Storage Explorer
Attach or Detach an External Storage Account Shared Access Signatures (SAS)
• Attach a Storage Account using SAS Azure Blob Storage
Azure File Storage Azure Queue Storage Azure Table Storage
Hands-On:
• Create Azure Storage accounts
• Manage storage using Azure Storage Explorer Copy data by using AZCopy
• Secure storage using SAS
Implement Blobs and Files storages Implement Table storage
Secure and Manage Azure Storage
Learning Objective: In this module, you will learn how to use Azure backup as a data protection solution and work with Azure File Sync. This module also teaches you how to use Azure CDN and how to transfer data to and from cloud using Import/Export service and Data Box.
Topics:
Azure Backup
Why Use Azure Backup?
• Files and Folder Backup Application Backup Azure File Share
Azure File Sync
• Content Delivery Network (CDN)
• How CDN Works?
Azure Import/Export Service Azure Data Box
Hands-On:
• Implement Azure Backup service Create an Azure File Share Implement Azure File Sync
Store and access data using Azure CDN service Transfer data using Azure Import/Export service
Configure Virtual Machines for High Availability
Learning Objective:In this module, you will learn about the two main configuration areas for VMs: Networking and Storage. You will learn how to keep your VMs highly available sets and how to use scale sets to increase/decrease the number of VMs. This module also covers backing up and restoring VMs.
Topics:
Azure Virtual Machine Storage Azure Virtual Machine Availability
• Fault and Update Domains
• Azure Load Balancer
Automatic Scaling of Azure VMs
• VM Scale Sets
• Azure VM Backup
• Azure VM Monitoring with Azure Diagnostics Extension Azure Advisor
Hands-On:
Attach a Managed Data Disk to a Windows VM Initialize a New Data Disk
• Configure Azure Load Balancer
• Create a VM Scale Set Implement Backup and Restore
Enable Diagnostic Extension to Monitor Metrics and Logs
Network Traffic Distribution and Connectivity
Learning Objective:This module covers three ways in which traffic is distributed in a virtual network:
Azure Load Balancer, Azure Traffic Manager and Azure Application Gateway. This module also deals with two specific types of inter-site connectivity: VNet-to-VNet connections and VNet Peering. You will learn when to choose which connectivity method, and how to implement and configure that method.
Topics:
Azure Traffic Manager Azure Application Gateway
Azure Virtual Network Routing Azure Virtual Network Connectivity
• Azure VPN Gateway BGP with VPN Gateway Virtual Network Peering
Hands-On:
Implement Azure Traffic Manager Configure Virtual Network Gateways Configure BGP with Azure VPN Gateway Implement Virtual Network Peering
Integrate On-premises Network with Azure Virtual Network
Learning Objective:In this module, you will learn how to integrate on-premises network with Azure Virtual Network. You will implement Point-to-Site VPN Connections and ExpressRoute to connect your virtual networks. You will also learn important skills around troubleshooting common network issues with the help of Azure Network Watcher tool.
Topics:
• Azure Inter-site VPN Connectivity Methods Site-to-Site VPN Gateway Connection
Point-to-Site VPN Gateway Connection
VNet-to-VNet Connections Azure ExpressRoute Azure Virtual WAN
Azure Network Watcher
Resource Troubleshooting in Azure Network Watcher
Hands-On:
Create and Configure Point-to-Site Connection Configure Vnet-to-Vnet Connection
• Configure Azure ExpressRoute Configure Azure Virtual WAN
• Implement Network Watcher
Monitoring and Access Management for Cloud Resources
Learning Objective: In this module, you will learn about Azure Monitor and its many capabilities to ensure your Azure architecture is working correctly. You will also learn about Log Analytics tool that provides a way for you to analyze and query all types of connected data. This module also focuses on the basics of Role-Based Access Control as it applies to users and groups.
Topics:
Overview of Role Based Access Control Azure Monitor
Log Analytics
• Azure Activity Log Alerts in Azure Monitor Custom roles in Azure
Provide access to Azure resources by assigning roles
• Manage multiple directories
Hands-On:
Manage Access using RBAC
Grant Access for a Group using RBAC
• Configure Activity Log Alerts
• Create a custom role
Manage Azure Active Directory (AD)
Learning Objective: In this module, you will be introduced to the Azure Active Directory and the basics of implementing Azure AD objects. These objects include domains and tenants, users and groups, roles, and devices. In each lesson, you will practice how to configure these objects through the portal and with Azure PowerShell.
Topics:
• Identity Access Management Azure Active Directory
Multi-Factor Authentication Self-Service Password Reset Azure AD Identity Protection
• Azure AD Conditional Access Azure AD Domains and Tenants Azure AD Domain Services Azure AD join
• Azure AD Single Sign-On Manage Azure AD Objects
Hands-On:
Configure Self-Service Password Reset
• Implement Azure AD Identity Protection
Configure Domains and Tenants, Users and Groups Enable Azure AD Domain Services
Implementing and Managing Hybrid Identities
Learning Objective: In this module, you will learn how to integrate Active Directory with your existing infrastructure. You will learn about different authentication options such as Single Sign-on and Pass- through authentication. You will also learn how to configure Azure AD Application Proxy. This module also focuses on MFA and its working. Lastly, you will learn how to use conditional access policies.
Topics:
Hybrid Identity
Password Hash Synchronization (PHS) Pass-through Authentication (PTA)
• Federated Authentication
Azure AD Seamless Single Sign-On (SSO)
Azure AD Application Proxy
• Password Writeback
Hands-On:
Implement Password Hash Synchronization and Pass-through Authentication Implement App Proxy and Password Writeback
Configure user accounts for Multi-Factor Authentication
What are the system requirements for this Microsoft Azure AZ-104 course?
Hardware Requirements:
• Memory — Minimum 8 GB RAM
• Processor — Intel Core i3 CPU @2.00 GHz or later
• Storage —250 GB HDD/SDD or later
2. Software Requirements:
• Operating System — Windows 7 or above, Ubuntu 14 or later
• Visual Studio 2017 community edition (Include Azure packages)
• Windows PowerShell 4.0 or later (Install Azure Module)
• Microsoft Azure SDK for .NET v2.9 (prefer latest)
How will I execute the practicals?
You will be executing all the practical on free tier Azure account, which we will be creating during our class.