Exam Ref AZ-104 Microsoft Azure Administrator Certification and Beyond - Second Edition

Book description

Navigate Microsoft Azure cloud services like storage, security, networking, and compute cloud capabilities with ease and pass the AZ-104 exam while developing skills for daily use

Key Features

  • Get to grips with AZ-104 exam topics like infrastructure and applications to help with Azure administration
  • Experience Azure through practical labs based on real-world administrative tasks
  • Learn practical management tips from experienced professionals

Book Description

Exam Ref AZ-104 Microsoft Azure Administrator Certification and Beyond covers all the exam objectives and will help you to earn the Microsoft Azure Administrator certification with ease. Whether you’re studying to pass the AZ-104 exam or just want hands-on experience in administering Azure, this AZ-104 study guide will help you to achieve your objectives.

This book covers the latest Azure features and capabilities around configuring, managing, and securing Azure resources. Adhering to Microsoft's AZ-104 exam syllabus, this guide is divided into five modules. The first module will show you how to manage Azure identities and governance. You'll find out how to configure Azure subscription policies at the Azure subscription level and use Azure policies for resource groups. After that, the book covers techniques related to implementing and managing storage in Azure, enabling you to create and manage Azure Storage, including File and Blob storage. In the second module, you’ll learn how to deploy and manage Azure compute resources. The third and fourth modules will teach you about configuring and managing virtual networks and monitoring and backing up Azure resources. Finally, you'll work through mock tests, with answers provided, to prepare for this exam.

By the end of this book, you'll have the skills needed to pass the AZ-104 exam and be able to expertly manage Azure.

What you will learn

  • Manage Azure Active Directory users and groups along with role-based access control (RBAC)
  • Discover how to handle subscriptions and implement governance
  • Implement and manage storage solutions
  • Modify and deploy Azure Resource Manager templates
  • Create and configure containers and Microsoft Azure app services
  • Implement, manage, and secure virtual networks
  • Find out how to monitor resources via Azure Monitor
  • Implement backup and recovery solutions

Who this book is for

This book is for cloud administrators, engineers, and architects looking to understand Azure better and gain a firm grasp on administrative functions or anyone preparing to take the Microsoft Azure Administrator (AZ-104) exam. A basic understanding of the Azure platform is needed, but astute readers can comfortably learn all the concepts without having worked on the platform before by following all examples in the book.

Table of contents

  1. Exam Ref AZ-104 Microsoft Azure Administrator Certification and Beyond Second Edition
  2. Contributors
  3. About the authors
  4. About the reviewer
  5. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
    4. Download the color images
    5. Conventions used
    6. Get in touch
    7. Share Your Thoughts
  6. Part 1: Managing Azure Identities and Governance
  7. Chapter 1: Managing Azure Active Directory Objects
    1. Technical requirements
    2. Creating Azure AD users and groups
      1. Creating users in Azure AD
      2. Creating groups in Azure AD
    3. Creating Azure AD AUs
    4. Managing user and group properties
    5. Managing device settings
    6. Performing bulk updates
    7. Managing guest accounts
    8. Configuring Azure AD join
    9. Configuring SSPR
    10. Summary
  8. Chapter 2: Managing Role-Based Access Control
    1. Technical requirements
    2. Creating a custom RBAC role
      1. Creating a custom role
    3. Providing access to resources by assigning the custom RBAC role
      1. Confirming the role assignment steps
    4. Interpreting access assignments
    5. Summary
  9. Chapter 3: Creating and Managing Governance
    1. Technical requirements
    2. Understanding Azure policies
      1. How does Azure Policy work?
      2. Azure Policy versus RBAC
      3. Working with Azure Policy
      4. Further reading
    3. Applying and managing tags on resources
      1. Tagging strategy
      2. Applying a resource tag
      3. Further reading
    4. Summary
  10. Chapter 4: Managing Governance and Costs
    1. Technical requirements
    2. Managing resource groups
      1. Deploying a resource group
      2. Listing resource groups
      3. Deleting a resource group
      4. PowerShell scripts
      5. Further reading
    3. Configuring resource locks
      1. Permissions required for creating or deleting locks
      2. Adding a resource lock
      3. PowerShell scripts
      4. ARM templates
      5. Further reading
    4. Managing subscriptions
      1. Relationship between Azure AD and subscriptions
      2. Why do we have multiple subscriptions in an environment?
      3. Further reading
    5. Managing costs
      1. Cost Management
      2. Budgets
      3. Cost alerts
      4. Advisor recommendations
      5. Reservations
      6. Further reading
    6. Configuring management groups
      1. Creating a management group
      2. Further reading
    7. Summary
  11. Chapter 5: Practice Labs – Managing Azure Identities and Governance
    1. Technical requirements
    2. Managing Azure AD objects
      1. Lab scenario one
    3. Managing RBAC
      1. Lab scenario two
      2. Lab scenario three
  12. Part 2: Implementing and Managing Storage
  13. Chapter 6: Understanding and Managing Storage
    1. Technical requirements
    2. Understanding Azure storage accounts
      1. Types of storage accounts
      2. Storage access tiers
      3. Azure disk storage
      4. Redundancy
      5. Further reading
    3. Creating and configuring storage accounts
      1. Creating a storage account
      2. PowerShell scripts
      3. Further reading
    4. Using Azure Import/Export
      1. Importing into an Azure job
      2. Exporting from an Azure job
      3. Further reading
    5. Installing and using Azure Storage Explorer
      1. Installation
    6. Configuring Azure Files and Azure Blob storage
      1. Creating an Azure file share
      2. Configuring Azure Blob storage
      3. Configuring storage tiers
      4. Azure URL paths for storage
      5. PowerShell scripts
      6. Further reading
    7. Summary
  14. Chapter 7: Securing Storage
    1. Technical requirements
    2. Configuring network access to storage accounts
      1. Public endpoint and Azure Virtual Network (VNet) integration
      2. Private endpoints
      3. Network routing from storage accounts
      4. PowerShell scripts
      5. Further reading
    3. Storage access keys
      1. Managing access keys
    4. Working with SAS tokens
      1. Types of SAS
      2. Forms of SAS
      3. Generating SAS tokens
      4. Storage access policies
      5. Further reading
    5. Configuring access and authentication
      1. Configuring Azure AD authentication for a storage account
      2. Configuring access to Azure files
      3. Further reading
    6. Copying data by using AzCopy
      1. Downloading and installing
      2. Copying data by using AzCopy
      3. Copying data between containers using AzCopy
      4. Further reading
    7. Configuring storage replication and life cycle
      1. Storage replication and management services
      2. Creating and configuring the Azure File Sync service
      3. Implement Azure Storage replication
      4. Configuring blob object replication
      5. Configuring blob life cycle management
      6. Configuring blob data protection
      7. Further reading
    8. Summary
  15. Chapter 8: Practice Labs – Implementing and Managing Storage
    1. Technical requirements
    2. Managing the Azure Storage lab
    3. The Azure Functions AzCopy lab
      1. Lab steps
      2. Prerequisites
    4. Connecting storage using a private endpoint lab
      1. Lab steps
    5. Summary
  16. Part 3: Deploying and Managing Azure Compute Resources
  17. Chapter 9: Automating VM Deployments Using ARM Templates
    1. Technical requirements
    2. Modifying an ARM template
      1. Configure a VHD template
      2. Deploy from a template
    3. Saving a deployment as an ARM template
    4. Deploying VM extensions
    5. Summary
  18. Chapter 10: Configuring Virtual Machines
    1. Technical requirements
    2. Understanding Azure disks
      1. Disk management options
      2. Disk performance
      3. Disk caching
    3. Disk types
      1. Disk redundancy options
    4. Understanding Azure VMs
      1. VM sizes
      2. Networking
      3. Fault domain versus update domain
      4. Scale sets
      5. Availability sets
    5. Deploying a VM in Azure
      1. PowerShell scripts
    6. Deploying and configuring scale sets
    7. VM management tasks
      1. Managing VM sizes
      2. Adding data disks
      3. Configuring networking
      4. Moving VMs from one resource group to another
      5. Redeploying VMs
    8. Disk encryption in Azure
      1. Configuring ADE
    9. Automating configuration management
    10. Summary
  19. Chapter 11: Creating and Configuring Containers
    1. Technical requirements
    2. Introduction to containers
    3. Containers versus VMs
      1. Isolation
      2. OS
      3. Deployment
      4. Storage persistence
      5. Fault tolerance
    4. ACI
    5. Container groups
      1. Common scenarios
      2. Resources
      3. Networking
      4. Deployment
    6. Docker platform
      1. Docker terminology
      2. Setting up Docker
      3. Creating our first Docker image
    7. AKS
    8. Creating an Azure container registry
    9. Deploying your first Azure container instance
    10. Configuring container groups for Azure container instances
    11. Configuring sizing and scaling for Azure container instances
    12. Deploying AKS
    13. Configuring storage for AKS
    14. Configuring scaling for AKS
    15. Configuring network connections for AKS
      1. Network configuration
      2. Traffic routing
      3. Security
    16. Upgrading an AKS cluster
    17. Summary
  20. Chapter 12: Creating and Configuring App Services
    1. Technical requirements
    2. Understanding App Service plans and App Service
      1. App Service plans
    3. Creating an App Service plan
    4. Creating an app service
      1. PowerShell scripts
    5. Configuring the scaling settings of an App Service plan
      1. PowerShell scripts
    6. Securing an app service
    7. Configuring custom domain names
    8. Configuring a backup for an app service
    9. Configuring networking settings
    10. Configuring deployment settings
    11. Summary
  21. Chapter 13: Practice Labs – Deploying and Managing Azure Compute Resources
    1. Technical requirements
      1. Downloading and extracting files for labs
    2. Managing virtual machines lab
    3. Deploying an Azure Container Instances lab
    4. Deploying an Azure Kubernetes Service lab
    5. Deploying Web App service lab
    6. Summary
  22. Part 4: Configuring and Managing Virtual Networking
  23. Chapter 14: Implementing and Managing Virtual Networking
    1. Technical requirements
    2. Creating and configuring virtual networks, including peering
      1. A VNet overview
      2. An IP addressing overview
    3. Create private and public IP addresses
    4. User-defined routing
    5. Implementing subnets
    6. Configuring endpoints on subnets
    7. Configuring private endpoints
    8. Configuring Azure DNS
    9. Summary
  24. Chapter 15: Securing Access to Virtual Networks
    1. Technical requirements
    2. Associating an NSG with a subnet
    3. Creating NSG rules
    4. Evaluating effective security rules
    5. Implementing Azure Firewall and Azure Bastion
      1. Azure Firewall
      2. Azure Bastion
    6. Summary
  25. Chapter 16: Configuring Load Balancing
    1. Technical requirements
    2. Azure load balancing services
      1. Regional services
      2. Global services
      3. Load balancer service options
      4. SSL offloading
      5. Path-based load balancing
      6. Session affinity
      7. Web application firewall
    3. Azure Load Balancer
      1. Features and capabilities
      2. Load Balancer SKUs
    4. Configuring an ILB
      1. Creating the VNet
      2. Creating the VMs
      3. Creating the load balancer
      4. Creating the health probes
      5. Creating load balancing rules
      6. Testing the load balancer
    5. Configuring a public load balancer
      1. Creating the public load balancer
      2. Creating the VNet and NSG
      3. Creating backend servers
      4. Testing the load balancer
      5. Troubleshooting load balancing
    6. Azure Application Gateway
    7. Configuring Azure Application Gateway
      1. Creating an Azure application gateway
      2. Deploying your web app
      3. Testing the application gateway
    8. Azure Front Door
    9. Summary
  26. Chapter 17: Integrating On-Premises Networks with Azure
    1. Technical requirements
    2. Azure VPN Gateway
      1. S2S VPN connections
      2. Multi-site VPN connections
      3. P2S VPN connections
      4. ExpressRoute
    3. Creating and configuring an Azure VPN gateway
      1. Creating and configuring an Azure VPN gateway
      2. VPN server deployment
      3. S2S VPN Configuration
      4. Verify connectivity via the Azure portal
      5. VNet to VNet connections
    4. Create and configure Azure ExpressRoute
    5. Azure Virtual WAN
    6. Configuring Azure Virtual WAN
      1. Creating a VPN Site
      2. Connecting your VPN site to the hub
      3. Connect to your VPN site
    7. Summary
  27. Chapter 18: Monitoring and Troubleshooting Virtual Networking
    1. Technical requirements
    2. Network Watcher
      1. Monitoring
      2. Network diagnostic tools
      3. Metrics
      4. Logs
    3. Configuring Network Watcher
      1. Network resource monitoring
      2. Managing VNet connectivity
      3. Monitoring on-premises connectivity
      4. Troubleshooting external networking
    4. Summary
  28. Chapter 19: Practice Labs – Configuring and Managing Virtual Networking
    1. Technical requirements
      1. Downloading and extracting files for labs
    2. Virtual network subnetting lab
    3. Global peering interconnectivity Lab
    4. Traffic management lab
    5. Summary
  29. Part 5: Monitoring and Backing Up Azure Resources
  30. Chapter 20: Monitoring Resources with Azure Monitor
    1. Technical requirements
    2. Azure Monitor
      1. The Activity log
      2. Metrics
      3. Alerts
      4. Insights
      5. Diagnostic settings
      6. Service Health
    3. Creating and analyzing metrics and alerts
      1. Creating a VM
      2. Creating a metric
      3. Creating a dashboard
      4. Creating an alert
      5. Configuring diagnostic settings on resources
      6. Triggering an alert
    4. Querying Log Analytics
      1. Creating a Log Analytics workspace
      2. Utilizing log search query functions
      3. Querying logs in Azure Monitor
    5. Configuring Application Insights
      1. Creating your application
      2. Creating your Application Insights resource
      3. Associate your web app with Application Insights
    6. Summary
  31. Chapter 21: Implementing Backup and Recovery Solutions
    1. Technical requirements
    2. Creating a Recovery Services vault
    3. Creating and configuring backup policies
    4. Performing backup and restore operations via Azure Backup
    5. Performing site-to-site recovery via Azure Site Recovery
    6. Configuring and reviewing backup reports
    7. Summary
  32. Chapter 22: Practice Labs – Monitoring and Backing Up Azure Resources
    1. Technical requirements
      1. Downloading and extracting files for labs
    2. Azure Recovery Services Vault with VM backup lab
    3. Azure Monitor lab
    4. Summary
  33. Chapter 23: Mockup Test Questions and Answers
    1. Managing Azure identities and governance (15-20%)
    2. Implement and manage storage (15-20%)
    3. Deploy and manage Azure compute resources (20-25%)
    4. Configure and manage virtual networking (25-30%)
    5. Monitor and back up Azure resources (10-15%)
    6. Mockup test answers
      1. Manage Azure identities and governance
      2. Implement and manage storage
      3. Configure and manage virtual networking (30-35%)
      4. Monitor and back up Azure resources
    7. Why subscribe?
  34. Other Books You May Enjoy
    1. Packt is searching for authors like you
    2. Share Your Thoughts

Product information

  • Title: Exam Ref AZ-104 Microsoft Azure Administrator Certification and Beyond - Second Edition
  • Author(s): Riaan Lowe, Donovan Kelly
  • Release date: July 2022
  • Publisher(s): Packt Publishing
  • ISBN: 9781801819541