Training Hours – 40 hours
Course Contents
Day 1
Implement and Monitor an Azure Infrastructure (50-55%)
Implement cloud infrastructure monitoring
1. monitor security
2. monitor performance
· configure diagnostic settings on resources
· create a performance baseline for resources
· monitor for unused resources
· monitor performance capacity
· visualize diagnostics data using Azure Monitor
3. Monitor health and availability
· monitor networking
· monitor service health
4. Monitor cost
· monitor spend
· report on spend
5. Configure advanced logging
· Implement and configure Azure Monitor insights, including App Insights, Networks, Containers
· Configure a Log Analytics workspace
6. Configure logging for workloads
· Initiate automated responses by using Action Group
7. Configure and manage advanced alerts
· Collect alerts and metrics across multiple subscriptions
· View Alerts in Azure Monitor logs
· NOT: create Log Analytics query
Implement storage accounts
1. select storage account options based on a use case
2. configure Azure Files and blob storage
3. configure network access to the storage account
4. implement Shared Access Signatures and access policies
5. implement Azure AD authentication for storage
6. manage access keys
7. implement Azure storage replication
8. implement Azure storage account failover
Implement VMs for Windows and Linux
1. Configure High Availability
2. Configure storage for VMs
3. Select virtual machine size
4. Implement Azure Dedicated Hosts
5. Deploy and configure scale sets
6. Configure Azure Disk Encryption
Automate deployment and configuration of resources
1.Save a deployment as an Azure Resource Manager template
2.Modify Azure Resource Manager template
3. Evaluate location of new resources
4. Configure a virtual disk template
5. Deploy from a template
6.Manage a template library
7.Create and execute an automation runbook
Implement virtual networking
1. Implement VNet to VNet connections
2. Implement VNet peering
Implement Azure Active Directory
1. Add custom domains
2. Configure Azure AD Identity Protection
3. Implement self-service password reset
4. Implement Conditional Access including MFA
5. Configure user accounts for MFA
6. Configure fraud alerts
7. Configure bypass options
8. Configure Trusted IPs
9. Configure verification methods
10. Implement and manage guest accounts
11. Manage multiple directories
Implement and manage hybrid identities
1. Install and configure Azure AD Connect
2. Identity synchronization options
3. Configure and manage password sync and password writeback
4. Configure single sign-on
5. Use Azure AD Connect Health
Day 2
Implement Management and Security Solutions (25-30%)
Manage workloads in Azure
1. Migrate workloads using Azure Migrate
· Assess infrastructure
· Select a migration method
· Prepare the on-premises for migration
· Recommend target infrastructure
2. implement Azure Backup for VMs
3. implement disaster recovery
4. Implement Azure Update Management
Implement load balancing and network security
· Implement Azure Load Balancer
· Implement an application gateway
· Implement a Web Application Firewall
· Implement Azure Firewall
· Implement the Azure Front Door Service
· Implement Azure Traffic Manager
· Implement Network Security Groups and Application Security Groups
· Implement Bastion
Implement and manage Azure governance solutions
· Create and manage hierarchical structure that contains management groups, subscriptions and resource groups
· Assign RBAC roles
· Create a custom RBAC role
· Configure access to Azure resources by assigning roles
· Configure management access to Azure
· Interpret effective permissions
· Set up and perform an access review
· Implement and configure an Azure Policy
· Implement and configure an Azure Blueprint
Manage security for applications
· Implement and configure KeyVault
· Implement and configure Azure AD Managed Identities
· Register and manage applications in Azure AD
Day 3
Implement Solutions for Apps (10-15%)
Implement an application infrastructure
· Create and configure Azure App Service
· Create an App Service Web App for Containers
· Create and configure an App Service plan
· Configure an App Service
· Configure networking for an App Service
· Create and manage deployment slots
· Implement Logic Apps
· Implement Azure Functions
Implement container-based applications
· Create a container image
· Configure Azure Kubernetes Service
· Publish and automate image deployment to the Azure Container Registry
· Publish a solution on an Azure Container Instance
· NOT: Service Fabric
Day 4
Implement and Manage Data Platforms (10-15%)
Implement NoSQL databases
· Configure storage account tables
· Select appropriate CosmosDB APIs
· Set up replicas in CosmosDB
Implement Azure SQL databases
· Configure Azure SQL database settings
· Implement Azure SQL Database managed instances
· Configure HA for an Azure SQL database
· Publish an Azure SQL database
· Modify Azure Resource Manager template
· Configure Location of new VMs
· Configure VHD template
· Deploy from template
· Save a deployment as an Azure Resource Manager template
· Deploy Windows and Linux VMs
Create connectivity between virtual networks
· Create and configure Vnet peering
· Create and configure Vnet to Vnet connections
· Verify virtual network connectivity
· Create virtual network gateway
Implement and manage virtual networking
· Configure private IP addressing
· Configure public IP addresses
· Create and configure network routes
· Create and configure network interface
· Create and configure subnets
· Create and configure virtual network
· Create and configure Network Security Groups and Application Security Groups
Manage Azure Active Directory
· Add custom domains
· Configure Azure AD Identity Protection
· Configure Azure AD Join
· Configure self-service password reset
· Implement conditional access policies
· Manage multiple directories
· Perform an access review
Implement and manage hybrid identities
· Install and configure Azure AD Connect
· Configure federation
· Configure single sign-on
· Manage and troubleshoot Azure AD Connect
· Troubleshoot password sync and writeback
Implement solutions that use virtual machines (VM)
· Provision VMs
· Create Azure Resource Manager templates
· Configure Azure Disk Encryption for VMs
· Implement Azure Backup for VMs
Day 5
Implement workloads and security (25-30%)
Migrate servers to Azure
· Migrate servers using Azure Migrate
Configure serverless computing
· Create and manage objects
· Manage a Logic App Resource
· Manage Azure Function app settings
· Manage Event Grid
· Manage Service Bus
Implement application load balancing
· Configure application gateway
· Configure Azure Front Door service
· Configure Azure Traffic Manager
Integrate on premises network with Azure virtual network
· Create and configure Azure VPN Gateway
· Create and configure site to site VPN
· Configure Express Route
· Configure Virtual WAN
· Verify on premises connectivity
· Troubleshoot on premises connectivity with Azure
Implement multi factor authentication
· Configure user accounts for MFA
· Configure fraud alerts
· Configure bypass options
· Configure Trusted IPs
· Configure verification methods
Manage role-based access control
· Create a custom role
· Configure access to Azure resources by assigning roles
· Configure management access to Azure
· Troubleshoot RBAC
· Implement Azure Policies
· Assign RBAC Roles
Day 6
Create and deploy apps (5-10%)
Create web apps by using PaaS
· Create an Azure app service Web App
· Create documentation for the API
· Create an App Service Web App for Containers
· Create an App Service background task by using WebJobs
· Enable diagnostics logging
Design and develop apps that run in containers
· Configure diagnostic settings on resources
· Create a container image by using a Dockerfile
· Create an Azure Kubernetes Service
· Publish an image to the Azure Container Registry
· Implement an application that runs on an Azure Container Instance
· Manage container settings by using code
Day 7
Implement authentication and secure data (5-10%)
Implement authentication
· Implement authentication by using certificates, forms-based authentication, tokens, or Windows-integrated authentication
· Implement multi-factor authentication by using Azure AD
· Implement OAuth2 authentication·implement Managed Identities for Azure resources Service Principal authentication
Implement secure data solutions
· Encrypt and decrypt data at rest and in transit
· Encrypt data with Always Encrypted
· Implement Azure Confidential Compute
· Implement SSL/TLS communications
· Create, read, update, and delete keys, secrets, and certificates by using the Key Vault API
Day 8
Develop for the cloud and for Azure storage (15-20%)
Configure a message-based integration architecture
· Configure an app or service to send emails
· Configure Event Grid
· Configure the Azure Relay service
· Create and configure a Notification Hub
· Create and configure an Event Hub
· Create and configure a Service Bus
Develop for autoscaling
· Implement auto scaling rules and patterns (schedule, operational/system metrics)
· Implement code that addresses singleton application instances
· Implement code that addresses transient state
Develop solutions that use Cosmos DB storage
· Create, read, update, and delete data by using appropriate APIs
· Implement partitioning schemes
· Set the appropriate consistency level for operations
Develop solutions that use a relational database
· Provision and configure relational databases
· Configure elastic pools for Azure SQL Database
· Implement Azure SQL Database managed instances
· Create, read, update, and delete data tables by using code