Objectives
- Identify the features and uses of Azure Active Directory.
- Define the main Azure Active Directory components such as identity, account, and tenant.
- Compare Azure Active Directory to Azure Directory Domain Services.
- Identify features of Azure Active Directory editions.
- Identify features and usage cases for Azure AD Join.
- Identify features and usage cases for Self-Service Password Reset. Determine the correct region to locate Azure services.
- Configure users accounts and user account properties.
- Create new user accounts.
- Import bulk user accounts with a template.
- Configure group accounts and assignment types.
- Determine the correct region to locate Azure services.
- Identify features and usage cases for Azure subscriptions.
- Identify how to obtain an Azure subscription.
- Understand billing and features for different Azure subscriptions.
- Use the Cost Management product for cost analysis.
- Determine when to use resource tagging.
- Identify ways to reduce costs.
- Create management groups to target policies and spend budgets.
- Implement Azure policy with policy and initiative definitions.
- Scope Azure policies and determine compliance.
- Identify the features and usage cases for role-based access control.
- List and create role definitions.
- Create role assignments.
- Identify the differences between Azure role-based access control and Azure Active Directory roles.
- Manage access to subscriptions using role-based access control.
- Review the built-in Azure role-based access control roles.
- Manage resources with the Azure portal.
- Manage resources with Azure Cloud Shell.
- Manage resources with Azure PowerShell.
- Manage resources with Azure CLI.
- Identify the features and usage cases for Azure Resource Manager.
- Describe each Azure Resource Manager component and its usage.
- Organize your Azure resources with resource groups.
- Apply Azure Resource Manager locks.
- Move Azure resources between groups, subscriptions, and regions.
- Remove resources and resource groups.
- Apply and track resource limits.
- List the advantages of Azure templates.
- Identify the Azure template schema components.
- Specify Azure template parameters.
- Locate and use Azure Quickstart Templates.
- Describe virtual network features and components.
- Identify features and usage cases for subnets and subnetting.
- Identify usage cases for private and public IP addresses.
- Create and determine which resources require public IP addresses.
- Create and determine which resources require private IP addresses.
- Create virtual networks.
- Determine when to use network security groups.
- Implement network security group rules.
- Evaluate network security group effective rules.
- Identify features and usage cases for domains, custom domains, and private zones.
- Verify custom domain names using DNS records.
- Implement DNS zones, DNS delegation, and DNS record sets.
- Identify usage cases and product features of virtual network peering.
- Configure gateway transit, connectivity, and service chaining.
- Identify features and usage cases for VPN gateways.
- Implement high availability scenarios.
- Configure site-to-site VPN connections using a VPN gateway.
- Identify features and usage cases for ExpressRoute.
- Coexist site-to-site and ExpressRoute networks.
- Identify features and usage cases for virtual WAN.
- Implement system routes and user-defined routes.
- Configure a custom route.
- Implement service endpoints.
- Identify features and usage cases for private links and endpoint services.
- Identify features and usage cases for Azure load balancer.
- Implement public and internal Azure load balancers.
- Configure load balancer SKUs, backend pools, session persistence, and health probes.
- Identify features and usage cases for Azure Application Gateway.
- Implement Azure Application Gateway, including selecting a routing method.
- Configure gateway features such as routing rules.
- Identify features and usage cases for Azure storage accounts.
- Select between different types of storage and storage accounts.
- Select a storage replication strategy.
- Configure network access to storage accounts.
- Secure storage endpoints.
- Identify features and usage cases for Azure Blob storage.
- Configure Blob storage and Blob access tiers.
- Configure Blob lifecycle management rules.
- Configure Blob object replication.
- Upload and price Blob storage.
- Configure shared access signatures including URI and SAS parameters.
- Configure storage service encryption.
- Implement customer-managed keys.
- Recommend opportunities to improve storage security.
- Identify when to use Azure files versus Azure Blobs.
- Configure Azure file shares and file share snapshots.
- Identify features and usage cases of Azure File Sync.
- Identify File Sync components and configuration steps.
- Configure and use Storage Explorer.
- Configure the Import and Export Service.
- Configure and use AZCopy.
- Create a virtual machine planning checklist.
- Determine virtual machine locations and pricing models.
- Determine the correct virtual machine size.
- Configure virtual machine storage.
- Implement availability sets and availability zones.
- Implement update and fault domains.
- Implement virtual machine scale sets.
- Autoscale virtual machines.
- Identify features and usage cases for virtual machine extensions.
- Identify features and usage cases for custom script extensions.
- Identify features and usage cases for desired state configuration.
- Identify features and usage cases of the Azure App Service.
- Select an appropriate Azure App Service plan pricing tier.
- Scale the App Service Plan.
- Scale out the App Service Plan.
- Identify features and usage cases for the Azure App Service.
- Create an App Service.
- Configure deployment settings, specifically deployment slots.
- Secure the App Service.
- Configure custom domain names.
- Backup the App Service.
- Configure Application Insights.
- Identify when to use containers versus virtual machines.
- Identify the features and usage cases of Azure Container Instances.
- Implement Azure Container Groups.
- Identify AKS components including pods, clusters, and nodes.
- Configure network connections for AKS.
- Configure storage options for AKS.
- Implement security options for AKS.
- Scale AKS including adding Azure Container Instances.
- Identify the features and usage cases for Log Analytics.
- Create a Log Analytics workspace.
- Structure a Log Analytics query and review results.
- Identify the features and usage cases for Azure Network Watcher.
- Configure diagnostic capabilities like IP Flow Verify, Next Hop, and Network Topology.
- Identify features and usage cases for Azure Backup.
- Configure Recovery Services Vault backup options.
- Implement on-premises file and folder backup.
- Configure the Microsoft Azure Recovery Services Agent.
- Identify features and usage cases for different Azure backup methods.
- Configure virtual machine snapshots and backup options.
- Implement virtual machine backup and restore, including soft delete.
- Compare the Azure Backup (MARS) agent to the Azure Backup Server (MABS).
- Perform site-to-site recovery by using Azure Site Recovery.
- Identify the features and usage cases for Azure Monitor.
- Configure and interpret metrics and logs.
- Identify the Azure Monitor components and data types.
- Configure the Activity Log.
- Configure Azure Monitor alerts.
- Create alert rules and action groups.