MS Azure Infrastructure and Deployment
Mapped to the Microsoft Azure Infrastructure and Deployment exam (AZ100)
This course teaches IT Professionals:
- Manage their Azure subscriptions, including access, policies, and compliance, as well as how to track and estimate service usage and related costs.
- How cloud resources are managed in Azure through user and group ents
- Learn how to grant appropriate access to Azure AD users, groups, and services through Role-based access control (RBAC).
- Discover the core monitoring tools and capabilities provided by Azure, including Azure Alerts and Activity Log.
- Introduced to Log Analytics as a broad data analytics solution and use this service to query and analyze operational data.
- Learn about the Azure Resource Manager deployment model, and how to work with resources, resource groups and ARM templates.
- implement Azure storage solutions for a variety of scenarios.
- Learn about the different storage accounts and services as well as basic data replication concepts and available replication schemes. Students are also introduced to Storage Explorer as a convenient way to work with Azure storage data.
- Learn the types of storage and how to work with managed and custom disks.
- Azure blob storage is how Azure stores unstructured data in the cloud, and students learn how to work with blobs and blob containers.
- Learn how to use Azure Files to work with file shares that are accessed via the
Server Message Block (SMB) protocol.
- In addition to blob storage, the course covers Table and Queue storage as storage options for structured data.
- Learn how to secure and manage storage using Shared Access Signatures
(SAS) and Azure Backup, using Recovery Services Vault. Next, students learn how to use Azure File Sync to centralize an organization’s file Shares in Azure
Files. Content Delivery Network (CDN) is used to store cached content on a distributed network of servers that are close to end users. Students learn how to optimize content delivery with Azure CDN, as well as how to transfer large amounts of data using the Azure Import/Export service.
- Learn how to monitor Azure storage by configuring metrics and alerts and using the Activity Log. Students learn how to analyze usage trends, trace requests, and diagnose issues with a storage account.
- How to create and manage virtual machines as part of an Infrastructure as a Service (IaaS) computing infrastructure.
- Learn how to assess their on-premises environment for virtual machine readiness in preparation for moving resources to the cloud, including sizing, pricing, and design considerations.
- Learn how to create and deploy virtual machines in Azure, using the Azure portal, PowerShell, and ARM templates. The course includes instruction on deploying custom images and Linux virtual machines.
- Learn how to configure the networking and storage components of virtual machines.
- Deploying highly available virtual machines is critical in the light of planned and unplanned events, and students learn how to use availability sets to ensure that virtual machine resources are available during downtime.
- Learn how to use extensions and Desired State Configuration (DSC) for post deployment automation and configuration tasks.
- Learn how to perform virtual machine backups, and to use Azure’s monitoring capabilities to collect, view, and analyze virtual machine diagnostic and log data.
- Configure and manage Azure virtual networks (VNets).
- The benefits of moving an infrastructure to the cloud, removing the need to maintain expensive datacenters are an appealing proposition for many small and medium-sized companies. Regardless, once resources are moved to Azure, they require the same networking functionality as an on-premises deployment, and this course deals with the basic network configuration tasks.
- The basis of IP addressing, with specific emphasis on how public and private IP addressing works in the cloud.
- Learn how to configure network routing and how to implement Azure DNS.
- Securing the network infrastructure is of key importance and students learn how to use Network Security Groups (NSGs) to limit network traffic to resources in a virtual network, by creating security rules that allow or deny inbound or outbound traffic.
- Learn how to use NSG logging to diagnose and troubleshoot network connectivity problems.
- Different connectivity scenarios for Azure virtual networks and students learn how to connect virtual networks with VNet-to-VNet VPN gateways and virtual network peering.
- Use Azure Active Directory (AD) to provide employees and customers with a multi-tenant cloud-based directory and identity management system.
- Learn the differences between Azure AD and Active Directory Domain
Services (AD DS), as well the differences in functionality offered by the different editions of Azure AD.
- Learn how to configure self-service password reset, or to use the option of password writeback to reset user passwords regardless of their location. Students are then introduced to Azure AD Identity Protection and learn how they can use it to protect their organizations from compromised accounts, identity attacks, and configuration issues.
- Learn how to integrate Azure AD with the many Software as a Service (SaaS) applications that are used, in order to secure user access to those applications.
- Concepts of Azure domains and tenants, and users and groups are explained and students learn how to work with the various Azure AD objects. Students are introduced to Azure role-based access control to be able to provide a more granular access based on the principle of least privilege. An administrator, or user, can do exactly the task they need to accomplish; no more, no less.
- Learn how to work with Azure joined devices and Hybrid AD joined devices, enabling their users to be productive wherever and whenever – but ensuring that corporate assets are protected and that devices meet security and compliance standards.
- Learn how to use Azure AD Connect to integrate their on-premises directories with Azure AD, providing a common identity for their users of Office 365,
Azure, and SaaS applications integrated with Azure AD.
- Learn how to use Azure AD Application Proxy to be able to provide their users with remote access to web application that are published on-premises, such a SharePoint sites, Outlook Web Access, or any other line of business (LOB) applications the organization has.
What You'll Learn
- Manage Azure subscriptions and billing, and implement Azure policies.
- Implement access management with Azure users, groups, and role-based access control.
- Use Azure Monitor to configure Azure alerts and review the Azure Activity Log.
- Query and analyze Log Analytics data.
- Deploy resources with ARM templates and organize Azure resources.
- Optimize your use of Azure tools like the Azure portal, Azure PowerShell,
Cloud Shell and the Azure CLI.
- Create Azure storage accounts for different data replication, pricing, and content scenarios.
- Implement virtual machine storage, blob storage, Azure files, and structured storage.
- Secure and manage storage with shared access keys, Azure backup, and Azure File Sync.
- Store and access data using Azure Content Delivery Network, and the Import and Export service.
- Monitor Azure storage with metrics and alerts, and the Activity Log.
- Explain virtual machine usage cases, storage options, pricing, operating systems, networking capabilities, and general planning considerations.
- Create Windows virtual machines in the Azure Portal, with Azure PowerShell, or using ARM Templates.
- Deploy custom server images and Linux virtual machines.
- Configure virtual machine networking and storage options.
- Implement virtual machine high availability, scalability, and custom scripts extensions.
- Backup, restore, and monitor virtual machines.
- Understand virtual networking components, IP addressing, and network routing options.
- Implement Azure DNS domains, zones, record types, and resolution methods.
- Configure network security groups, service endpoints, logging, and network troubleshooting.
- Implement site connectivity schemas including VNet-to-VNet connections and virtual network peering.
- Implement Azure Active Directory, Self-Service Password Reset, Azure AD
Identity Protection, and integrated SaaS applications.
- Configure domains and tenants, users and groups, roles, and devices.
- Implement and manage Azure Active Directory integration options and Azure AD Application Proxy.
Who Needs to Attend
This course is for Azure Administrators. Azure Administrators manage the cloud services that span storage, networking, and compute cloud capabilities, with a deep understanding of each service across the full IT lifecycle. They take end-user requests for new cloud applications and make recommendations on services to use for optimal performance and scale, as well as provision, size, monitor and adjust as appropriate. This role requires communicating and coordinating with vendors.
Azure Administrators use the Azure Portal and as they become more proficient they use PowerShell and the Command Line Interface.
Successful Cloud Administrators start this role with experience on operating systems, virtualization, cloud infrastructure, storage structures, and networking.