Course Outline
Module 1: Implement Azure Active Directory
In this module, you will learn how to secure identities using Azure Active Directory and manage users and groups. Key topics include:
Lessons
- Overview of Azure Active Directory
- Users and Groups
- Domains and Custom Domains
- Azure AD Identity Protection
- Implementing Conditional Access
- Configuring Fraud Alerts for MFA
- Implementing Bypass Options
- Configuring Guest Users in Azure AD
- Configuring Trusted IPs
- Managing Multiple Directories
Upon completion, students will be able to:
- Understand interactions between multiple AAD organizations
- Add Guest Users to Azure AD
- Configure Location-Based Conditions
- Configure Azure MFA settings
- Implement Conditional Access for Azure MFA
- Create a Blueprint
Module 2: Implement and Manage Hybrid Identities
This module focuses on installing and configuring Azure AD Connect and implementing Azure AD Connect Health. Topics include:
Lessons
- Installing and Configuring Azure AD Connect
- Configuring Password Sync and Password Writeback
- Configuring Azure AD Connect Health
Upon completion, students will be able to:
- Implement Azure AD Seamless Single Sign-On
- Perform an Azure AD Connect installation
- Implement Azure AD Connect Health
Module 3: Implement Virtual Networking
This module introduces fundamental virtual networking concepts, including virtual networks, subnetting, IP addressing, Network Security Groups, Azure Firewall, and Azure DNS. Key lessons include:
Lessons
- Virtual Network Peering
- Implementing VNet Peering
Upon completion, students will be able to:
- Connect services using Virtual Network Peering
- Configure VNet Peering
- Understand Service Chaining
- Modify or delete VNet Peering
Module 4: Implement VMs for Windows and Linux
This module covers Azure virtual machines, focusing on planning, creation, availability, and extensions. Key lessons include:
Lessons
- Selecting Virtual Machine Sizes
- Configuring High Availability
- Implementing Azure Dedicated Hosts
- Deploying and Configuring Scale Sets
- Configuring Azure Disk Encryption
Upon completion, students will be able to:
- Plan for virtual machine implementations
- Create virtual machines
- Configure virtual machine availability, including scale sets
- Understand High Availability options for VMs in Azure
Module 5: Implement Load Balancing and Network Security
This module explores network traffic strategies, including routing, service endpoints, Azure Load Balancer, Azure Application Gateway, and Traffic Manager. Key lessons include:
Lessons
- Implementing Azure Load Balancer
- Implementing an Application Gateway
- Understanding the Web Application Firewall
- Implementing Azure Firewall
- Implementing Azure Front Door
- Implementing Azure Traffic Manager
- Implementing Network Security Groups and Application Security Groups
- Implementing Azure Bastion
Lab: Implementing Highly Available Azure IaaS Compute Architecture
- Describe characteristics of highly available Azure VMs in the same availability set
- Describe characteristics of highly available Azure VMs in different availability zones
- Describe characteristics of automatic horizontal scaling of Azure VM Scale Sets
- Describe characteristics of manual vertical scaling of Azure VM Scale Sets
Upon completion, students will be able to:
- Select a Load Balancer solution
- Configure an Application Gateway
- Implement Azure Firewall
- Create an Azure Front Door
- Understand Traffic Manager routing methods
- Configure Network Security Groups (NSGs)
Module 6: Implement Storage Accounts
This module covers basic storage features, including storage accounts, blob storage, Azure Files, File Sync, storage security, and management tools. Key lessons include:
Lessons
- Storage Accounts
- Blob Storage
- Storage Security
- Managing Storage
- Accessing Blobs and Queues using AAD
Lab: Implementing and Configuring Azure Storage File and Blob Services
- Implement authorization of Azure Storage blobs using shared access signatures
- Implement authorization of Azure Storage blobs using Azure Active Directory
- Implement authorization of Azure Storage file shares using access keys
- Configure Azure Storage and Virtual Networks
Upon completion, students will be able to:
- Understand Storage Account services and types
- Configure Blob storage, accounts, containers, and access tiers
- Implement Shared Access Signatures (SAS)
- Understand Azure Storage firewalls and virtual networks
Module 7: Implement NoSQL Databases
This module explores Azure Table Storage and recommendations for CosmosDB APIs. Key lessons include:
Lessons
- Configuring Storage Account Tables
- Selecting Appropriate CosmosDB APIs
Upon completion, students will be able to:
- Outline the Table Service Data Model
- Understand options for Azure Cosmos DB
- Understand high availability using CosmosDB
Module 8: Implement Azure SQL Databases
In this module, you will create an Azure SQL Database single database, set up a Managed Instance, and review high-availability options. Key lessons include:
Lessons
- Configuring Azure SQL Database Settings
- Implementing Azure SQL Database Managed Instances
- High-Availability and Azure SQL Database
- Learn how to:
- Create an Azure SQL Database (single database)
- Create an Azure SQL Database Managed Instance
- Recommend high-availability architectural models for Azure SQL Database
Module 9: Automate Deployment and Configuration of Resources
This module introduces tools used by Azure Administrators to manage infrastructure, including the Azure Portal, Cloud Shell, Azure PowerShell, CLI, and Resource Manager Templates. Key lessons include:
Lessons
- Azure Resource Manager Templates
- Saving a Template for a VM
- Evaluating Locations for New Resources
- Configuring a Virtual Hard Disk Template
- Deploying from a Template
- Creating and Executing an Automation Runbook
Upon completion, students will be able to:
- Leverage Azure Resource Manager to organize resources
- Use ARM Templates to deploy resources
- Create and Execute an Automation Runbook
- Deploy an Azure VM from a VHD
- Understand Azure encryption technologies
Module 10: Implement and Manage Azure Governance
This module focuses on managing subscriptions and accounts, implementing Azure policies, and utilizing Role-Based Access Control (RBAC). Key lessons include:
Lessons
- Creating Management Groups, Subscriptions, and Resource Groups
- Overview of Role-Based Access Control (RBAC)
- Role-Based Access Control (RBAC) Roles
- Azure AD Access Reviews
- Implementing and Configuring an Azure Policy
- Azure Blueprints
Lab: Implementing and Configuring Azure Storage File and Blob Services
- Implement authorization of Azure Storage blobs using shared access signatures
- Implement authorization of Azure Storage blobs using Azure Active Directory
- Implement authorization of Azure Storage file shares using access keys
Lab: Managing Azure Role-Based Access Control
- Define a custom RBAC role
- Assign a custom RBAC role
Upon completion, students will be able to:
- Understand Resource Group Organization
- Understand how RBAC works
- Create an Azure AD access review
- Create and manage policies to enforce compliance
Module 11: Manage Security for Applications
This module covers Azure Key Vault and implementing authentication using Azure Managed Identities. Key lessons include:
Lessons
- Azure Key Vault
- Azure Managed Identity
Upon completion, students will be able to:
- Explain Key Vault uses, such as secrets, keys, and Certificate management
- Use Managed Identities with Azure resources
Module 12: Manage Workloads in Azure
This module teaches how to migrate workloads using Azure Migrate, perform VMware agent-based and agent-less migrations, and implement Azure Backup and Azure Site Recovery. Key lessons include:
Lessons
- Migrating Workloads using Azure Migrate
- VMware - Agentless Migration
- VMware - Agent-Based Migration
- Implementing Azure Backup
- Azure to Azure Site Recovery
- Implementing Azure Update Management
Lab: Protecting Hyper-V VMs by using Azure Site Recovery
- Configure Azure Site Recovery
- Perform test failover
- Perform planned failover
- Perform unplanned failover
Upon completion, students will be able to:
- Understand agent-based migration architecture
- Prepare for Azure migration
- Prepare an on-premises VMware environment
- Understand Azure VM backup architecture
- Manage updates and patches for Azure VMs
Module 13: Implement Container-Based Applications
This module demonstrates how to run Azure Container Instances and deploy Kubernetes with AKS. Key lessons include:
Lessons
- Azure Container Instances
- Configuring Azure Kubernetes Service
Upon completion, students will be able to:
- Run Azure Container Instances
- Deploy Kubernetes with AKS
Module 14: Implement an Application Infrastructure
This module covers creating App Service web Apps for Containers, configuring App Service Plans, and managing Deployment Slots. Key lessons include:
Lessons
- Creating and Configuring Azure App Service
- Creating an App Service Web App for Containers
- Creating and Configuring an App Service Plan
- Configuring Networking for an App Service
- Creating and Managing Deployment Slots
- Implementing Logic Apps
- Implementing Azure Functions
Lab: Configuring a Message-Based Integration Architecture
- Configure and validate an Azure Function App Storage Blob trigger
- Configure and validate an Azure Event Grid subscription-based queue messaging
Lab: Implementing an Azure App Service Web App with a Staging Slot
- Implement Blue/Green deployment patterns using deployment slots of Azure App Service web apps
- Perform A/B testing using deployment slots of Azure App Service web apps
Upon completion, students will be able to:
- Configure an Azure App Service
- Create an App Service Plan
- Create a Workflow using Azure Logic Apps
- Create a Function App
Module 15: Implement Cloud Infrastructure Monitoring
This module explores Azure Monitor, Azure Workbooks, Azure Alerts, Network Watcher, Azure Service Health, and Azure Application Insights. Key lessons include:
Lessons
- Azure Infrastructure Security Monitoring
- Azure Monitor
- Azure Workbooks
- Azure Alerts
- Log Analytics
- Network Watcher
- Azure Service Health
- Monitoring Azure Costs
- Azure Application Insights
- Unified Monitoring in Azure
In this module, you will also learn how to:
- Understand Azure Log Analytics
- Understand Azure Service Health
Requirements
Students who successfully complete this Azure Architect course typically bring prior experience with the following technologies and concepts:
- Understanding of on-premises virtualization technologies, including Virtual Machines (VMs) and virtual networking
- Knowledge of network configuration, encompassing TCP/IP, Domain Name System (DNS), virtual private networks (VPNs), firewalls, and encryption technologies
- Familiarity with Active Directory concepts, such as domains, forests, and domain controllers
Testimonials (3)
Examples and their usage
Dariusz Frycz - WASKO SPOLKA AKCYJNA
Course - AZ-040T00: Automating Administration with PowerShell
Everything, is a new platform for me and everything was interesting.
Sergiu
Course - AZ-104T00-A: Microsoft Azure Administrator
It was very much what we asked for—and quite a balanced amount of content and exercises that covered the different profiles of the engineers in the company who participated.
