MAPA MENTAL AZURE CERTIFICATION AZ-103

Get Started. It's Free
or sign up with your email address
Rocket clouds
MAPA MENTAL AZURE CERTIFICATION AZ-103 by Mind Map: MAPA MENTAL  AZURE CERTIFICATION AZ-103

1. Manage Azure subscriptions and resources (15% à 20%)

1.1. Manage Azure subscriptions

1.1.1. Assign administrator permissions

1.1.2. Configure cost center quotas and tagging

1.1.3. Configure subscription policies

1.1.4. Cost Center Tagging: https://docs.microsoft.com/en-us/azure/billing/billing-getting-started#ways-to-monitor-your-costs-when-using-azure-services

1.1.5. Azure Policies: https://docs.microsoft.com/en-us/azure/azure-policy/azure-policy-introduction

1.1.6. Azure Administrator Subscription: https://docs.microsoft.com/en-us/azure/billing/billing-add-change-azure-subscription-administrator

1.2. Analyze resource utilization and consumption

1.2.1. Configure diagnostic settings on resources

1.2.2. Create baseline for resources

1.2.3. Create and rest alerts

1.2.4. Analyze alerts across subscription

1.2.5. Analyze metrics across subscription

1.2.6. Create action groups

1.2.7. Monitor for unused resources

1.2.8. Monitor spend

1.2.9. Report on spend

1.2.10. Utilize Log Search query functions

1.2.11. View alerts in Log Analytics

1.2.12. Action Groups: https://docs.microsoft.com/en-my/azure/monitoring-and-diagnostics/monitoring-action-groups

1.2.13. Metrics in Microsoft Azure: https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/monitoring-overview-metrics

1.2.14. Cost Management Report: https://docs.microsoft.com/en-us/azure/cost-management/use-reports

1.2.15. Setup Billing Alerts: https://docs.microsoft.com/en-us/azure/billing/billing-set-up-alerts

1.2.16. Log Query Functions Examples: https://github.com/MicrosoftDocs/LogAnalyticsExamples/tree/master/log-analytics

1.2.17. Create Alerts in Azure Monitor: https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/monitor-alerts-unified-usage

1.3. Manage role-based access control (RBAC)

1.3.1. Create a custom role

1.3.2. configure access to Azure resources by assigning roles

1.3.3. configure management access to Azure

1.3.4. troubleshoot RBAC

1.3.5. implement RBAC policies

1.3.6. assign RBAC roles

1.3.7. Custom Roles: https://msandbu.org/microsoft-azure-and-security-best-pratices-part-1-identity/

1.3.8. Troubleshoot RBAC: https://docs.microsoft.com/en-us/azure/role-based-access-control/troubleshooting

1.4. Manage resource groups

1.4.1. Allocate resource policies

1.4.2. Configure resource locks

1.4.3. Configure resource policies

1.4.4. Implement and set tagging on resource groups

1.4.5. Move resources across resource groups

1.4.6. Remove resource groups

1.4.7. Azure Policy: https://docs.microsoft.com/en-us/azure/azure-policy/create-manage-policy

1.4.8. Resource Locks: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-lock-resources

1.4.9. Azure Resource Group Tags: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-using-tags

1.4.10. Move Resources across resource groups: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-move-resources

2. Implement and manage storage (20% à 25%)

2.1. Create and configure storage accounts

2.1.1. Configure network access to the storage account

2.1.2. Create and configure storage account

2.1.3. Generate shared access signature

2.1.4. Install and use Azure Storage Explorer

2.1.5. Manage access keys

2.1.6. Monitor activity log by using Log Analytics

2.1.7. Implement Azure storage replication

2.1.8. Virtual Endpoint for Azure Storage: https://azure.microsoft.com/en-us/blog/virtual-network-service-endpoints-and-firewalls-for-azure-storage-now-generally-available/

2.1.9. Create and Manage Storage Account: https://docs.microsoft.com/en-us/azure/storage/common/storage-create-storage-account

2.1.10. Create SAS: https://docs.microsoft.com/en-us/azure/storage/blobs/storage-dotnet-shared-access-signature-part-2

2.1.11. Azure Storage Explorer: https://docs.microsoft.com/en-us/azure/vs-azure-tools-storage-manage-with-storage-explorer?tabs=windows

2.1.12. Azure Storage Analytics: https://docs.microsoft.com/nb-no/rest/api/storageservices/storage-analytics

2.1.13. Azure Activity Log Analytics: https://docs.microsoft.com/en-us/azure/security/azure-log-audit

2.1.14. Azure Storage Access Keys: https://docs.microsoft.com/en-us/azure/storage/common/storage-create-storage-account

2.2. Import and export data to Azure

2.2.1. Create export from Azure job

2.2.2. Create import into Azure job

2.2.3. Configure and use Azure blob storage

2.2.4. Configure Azure content delivery network (CDN) endpoints

2.2.5. Azure Import and Export Job: https://docs.microsoft.com/en-us/azure/storage/common/storage-import-export-service

2.2.6. Configure CDN for Azure: https://docs.microsoft.com/en-us/azure/cdn/cdn-create-new-endpoint

2.2.7. Configure CDN for WordPress: https://blogs.msdn.microsoft.com/azureossds/2015/04/27/improving-wordpress-performance-use-azure-cdn/

2.3. Configure Azure files

2.3.1. Create Azure file share

2.3.2. Create Azure File Sync service

2.3.3. Create Azure sync group

2.3.4. Troubleshoot Azure File Sync

2.3.5. Troubleshoot File Sync: https://docs.microsoft.com/en-us/azure/storage/files/storage-sync-files-troubleshoot?tabs=portal1%2Cportal

2.3.6. Deploy Azure File Sync: https://docs.microsoft.com/en-us/azure/storage/files/storage-sync-files-deployment-guide?tabs=portal

2.3.7. Create a Sync Group: https://docs.microsoft.com/en-us/azure/storage/files/storage-sync-files-deployment-guide?tabs=portal#create-a-sync-group-and-a-cloud-endpoint

2.4. Implement Azure backup

2.4.1. Configure and review backup reports

2.4.2. Perform backup operation

2.4.3. Create Recovery Services Vault

2.4.4. Create and configure backup policy

2.4.5. Perform a restore operation

2.4.6. Azure Backup Reports: https://docs.microsoft.com/en-us/azure/backup/backup-azure-configure-reports

2.4.7. Create Backup Vault: https://docs.microsoft.com/en-us/azure/backup/backup-azure-manage-windows-server

2.4.8. Restore from Azure backup agent: https://docs.microsoft.com/en-us/azure/backup/backup-azure-restore-windows-server

2.4.9. Restore VM’s in Azure: https://docs.microsoft.com/en-us/azure/backup/backup-azure-arm-restore-vms

2.4.10. Creating a backup Policy: https://docs.microsoft.com/en-us/azure/backup/backup-azure-vms-first-look-arm#defining-a-backup-policy

3. Deploy and manage virtual machines (VMs) (20% à 25%)

3.1. Create and configure a VM for Windows and Linux

3.1.1. Configure high availability

3.1.2. Configure monitoring networking, storage, and virtual machine size

3.1.3. Deploy and configure scale sets

3.1.4. High Availability IaaS Azure: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/manage-availability

3.1.5. Scale Sets Azure: https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/quick-create-portal

3.1.6. Monitor Azure Virtual Machine: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/monitor

3.1.7. Resize Virtual Machines Azure: https://thuansoldier.net/6515/

3.2. Automate deployment of VMs

3.2.1. Modify Azure Resource Manager (ARM) template

3.2.2. Configure location of new VMs

3.2.3. Configure VHD template

3.2.4. Deploy from template

3.2.5. Save a deployment as an ARM template

3.2.6. Deploy Windows and Linux VMs

3.2.7. ARM Templates: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-authoring-templates

3.2.8. ARM Azure Github: https://github.com/Azure/azure-quickstart-templates

3.2.9. Deploy Templates from ARM: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-template-deploy

3.2.10. Save Template as ARM: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-export-template

3.3. Manage Azure VM

3.3.1. Add data discs

3.3.2. Add network interfaces

3.3.3. Automate configuration management by using PowerShell Desired State Configuration (DSC) and VM Agent by using custom script extensions

3.3.4. Manage VM sizes

3.3.5. Move VMs from one resource group to another

3.3.6. Redeploy VMs

3.3.7. Move VM from one resource group to another: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/move-vm

3.3.8. Azure Automation DSC and Azure: https://docs.microsoft.com/en-us/azure/automation/automation-dsc-overview

3.3.9. Custom Script Extension Azure: https://docs.microsoft.com/en-us/azure/virtual-machines/extensions/custom-script-windows

3.3.10. ARM Custom Script Extension: https://github.com/Azure/azure-quickstart-templates/tree/master/201-vm-custom-script-windows

3.3.11. Attached Data Disk Azure: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/attach-managed-disk-portal

3.4. Manage VM backups

3.4.1. Define backup policies

3.4.2. Implement backup policies

3.4.3. Configure VM backup

3.4.4. Perform VM restore

3.4.5. Restore VM’s in Azure: https://docs.microsoft.com/en-us/azure/backup/backup-azure-arm-restore-vms

3.4.6. Creating a backup Policy: https://docs.microsoft.com/en-us/azure/backup/backup-azure-vms-first-look-arm#defining-a-backup-policy

3.4.7. Backup VM using ARM: https://azure.microsoft.com/en-gb/resources/templates/101-recovery-services-create-vm-and-configure-backup/

4. Configure and manage virtual networks (20% a 25%)

4.1. Create connectivity between virtual networks

4.1.1. Create and configure VNET peering

4.1.2. Create and configure VNET to VNET

4.1.3. Verify virtual network connectivity

4.1.4. Create virtual network gateway

4.1.5. VNET Peering: https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal

4.1.6. Virtual Network Gateway: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpngateways

4.1.7. Verify Connection: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-verify-connection-resource-manager

4.1.8. Site to Site VNET: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-vnet-vnet-resource-manager-portal

4.2. Implement and manage virtual networking

4.2.1. Configure private and public IP addresses,

4.2.2. Network routes

4.2.3. network interface

4.2.4. subnets, and virtual network

4.2.5. Configure Private IP address: https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-static-private-ip-arm-pportal

4.2.6. Configure Public IP address: https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-deploy-static-pip-arm-portal

4.2.7. Configure Routing: https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-udr-overview

4.2.8. IP Addressing VNET: https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-ip-addresses-overview-arm

4.3. Monitor and manage networking

4.3.1. Monitor on-premises connectivity

4.3.2. use network resource monitoring and Network Watcher

4.3.3. manage external networking and virtual network connectivity

4.3.4. Implement Network Watcher: https://docs.microsoft.com/en-us/azure/network-watcher/connection-monitor

4.3.5. Diagnose a Gateway: https://docs.microsoft.com/en-us/azure/network-watcher/diagnose-communication-problem-between-networks

4.4. Implement Azure load balancer

4.4.1. Configure internal load balancer, load balancing rules, and public load balancer

4.4.2. manage Azure load balancing

4.4.3. Configure Internal Azure Load Balancer: https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-get-started-ilb-arm-ps

4.4.4. Load Balancing Rules: https://docs.microsoft.com/nb-no/azure/load-balancer/load-balancer-distribution-mode

4.4.5. Troubleshoot Azure Load Balancing: https://docs.microsoft.com/nb-no/azure/load-balancer/load-balancer-troubleshoot

4.5. Implement application load balancing

4.5.1. Configure application gateway and load balancing rules

4.5.2. implement front end IP configurations

4.5.3. manage application load balancing

4.5.4. Application Load Balancing: https://docs.microsoft.com/en-us/azure/application-gateway/quick-create-portal

4.5.5. Configure Application Gateway with PowerShell: https://docs.microsoft.com/en-us/azure/application-gateway/tutorial-manage-web-traffic-powershell

4.5.6. Multiple Front-end: https://docs.microsoft.com/en-us/azure/application-gateway/create-multiple-sites-portal

4.6. Integrate on premises network with Azure virtual network

4.6.1. Create and configure Azure VPN Gateway

4.6.2. create and configure site to site VPN

4.6.3. configure Express Route

4.6.4. verify on premises connectivity

4.6.5. manage on-premise connectivity with Azure

4.6.6. Configure ExpressRoute: https://docs.microsoft.com/en-us/azure/expressroute/expressroute-howto-circuit-portal-resource-manager

4.6.7. VNET Peering: https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal

4.6.8. Virtual Network Gateway: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpngateways

4.6.9. Verify Connection: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-verify-connection-resource-manager

4.6.10. Site to Site VNET: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-vnet-vnet-resource-manager-portal

4.7. Configure name resolution

4.7.1. Configure Azure DNS

4.7.2. Configure custom DNS settings

4.7.3. Configure DNS zones

4.7.4. DNS Azure: https://docs.microsoft.com/en-us/azure/dns/dns-zones-records

4.7.5. DNS Azure FAQ: https://docs.microsoft.com/en-us/azure/dns/dns-faq

4.7.6. Manage Azure DNS: https://docs.microsoft.com/en-us/azure/dns/dns-operations-dnszones-portal

4.7.7. Configure DNS Zones Azure: https://docs.microsoft.com/en-us/azure/dns/dns-operations-recordsets

4.8. Create and configure a Network Security Group (NSG)

4.8.1. Create security rules

4.8.2. Associate NSG to a subnet or network interface

4.8.3. Identify required ports

4.8.4. Evaluate effective security rules

4.8.5. Azure IaaS Security: https://msandbu.org/microsoft-azure-and-security-best-pratices-part-1-identity/

4.8.6. Create Security Rules Azure: https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-filter-network-traffic-powershell

4.8.7. Diagnose Azure NSG Rules: https://docs.microsoft.com/en-us/azure/virtual-network/diagnose-network-traffic-filter-problem

5. Manage identities (15% à 20%)

5.1. Manage Azure Active Directory (AD)

5.1.1. Add custom domains

5.1.2. configure Azure AD Identity Protection

5.1.3. Azure AD Join, and Enterprise State Roaming

5.1.4. Configure self-service password reset

5.1.5. Implement conditional access policies

5.1.6. Manage multiple directories; perform an access review

5.1.7. Azure AD Custom Domains: https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/add-custom-domain

5.1.8. Azure Self Service Reset: https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-howitworks

5.1.9. Azure Identity Security: https://msandbu.org/microsoft-azure-and-security-best-pratices-part-1-identity/

5.1.10. Enable Enterprise State Roaming: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-windows-enterprise-state-roaming-enable

5.2. Manage Azure AD objects (users, groups, and devices)

5.2.1. Create users and groups

5.2.2. Manage user and group properties

5.2.3. Manage device settings

5.2.4. Perform bulk user updates

5.2.5. Manage Devices: https://docs.microsoft.com/en-us/azure/active-directory/devices/device-management-azure-portal

5.2.6. Bulk Update Azure AD Users: http://ericphan.net/blog/2017/9/26/azure-active-directory-bulk-updating-user-profile-attributes-using-powershell

5.2.7. Create Groups Azure AD: https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-groups-create-azure-portal

5.2.8. Dynamic Rules Azure AD Group: https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/groups-dynamic-membership

5.3. Implement Multi-Factor Authentication (MFA)

5.3.1. Enable MFA for an Azure tenant

5.3.2. configure user accounts for MFA

5.3.3. configure fraud alerts

5.3.4. configure bypass options

5.3.5. configure trusted IPs

5.3.6. configure verification methods

5.3.7. manage role-based access control (RBAC)

5.3.8. implement RBAC policies

5.3.9. assign RBAC Roles

5.3.10. create a custom role

5.3.11. configure access to Azure resources by assigning roles

5.3.12. configure management access to Azure

5.3.13. Configure Fraud Alerts: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings#fraud-alert

5.3.14. Configure Cloud Based MFA: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-getstarted

5.3.15. Custom Roles: https://msandbu.org/microsoft-azure-and-security-best-pratices-part-1-identity/

5.3.16. Trusted IP’s: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings#trusted-ips

5.4. Implement and manage hybrid identities

5.4.1. May include but not limited to: ; ; ;

5.4.2. Install and configure Azure AD Connect

5.4.3. Configure federation and single sign-on

5.4.4. Manage Azure AD Connect

5.4.5. Manage password sync and writeback

5.4.6. Configure Federated Access: https://docs.microsoft.com/en-us/azure/active-directory/application-config-sso-how-to-configure-federated-sso-gallery

5.4.7. Install Azure AD Connect: https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-get-started-custom

5.4.8. Configure Password Writeback: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-sspr-writeback

6. BÔNUS: Implement and manage application service

6.1. Configure serverless computing

6.1.1. Manage a Logic App resource

6.1.2. manage Azure Function app settings

6.1.3. manage Event Grid

6.1.4. manage Service Bus

6.1.5. Custom Event Grid Events: https://docs.microsoft.com/en-us/azure/event-grid/custom-event-quickstart-portal

6.1.6. Dead Letter Event Grid: https://docs.microsoft.com/en-us/azure/event-grid/manage-event-delivery

6.1.7. Manage an Azure Functions App: https://docs.microsoft.com/en-us/azure/azure-functions/functions-how-to-use-azure-function-app-settings

6.1.8. Monitor Azure Logic App Status: https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-monitor-your-logic-apps

6.1.9. Manage Service Bus: https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-metrics-azure-monitor

6.2. Manage App Service plans

6.2.1. Configure application for scaling

6.2.2. enable monitoring and diagnostics

6.2.3. configure App Service plans

6.2.4. Scaling App Plan: https://docs.microsoft.com/en-us/azure/app-service/environment/app-service-web-scale-a-web-app-in-an-app-service-environment

6.2.5. App Service Plan: https://docs.microsoft.com/en-us/azure/app-service/azure-web-sites-web-hosting-plans-in-depth-overview

6.2.6. Monitor and alerts App Service: https://docs.microsoft.com/nb-no/azure/app-service/web-sites-monitor

6.3. Manage App services

6.3.1. Assign SSL certificates

6.3.2. configure application settings

6.3.3. configure deployment slots

6.3.4. configure Azure content delivery network (CDN) integration

6.3.5. manage App Service protection

6.3.6. manage roles for an App service

6.3.7. create and manage App Service environment

6.3.8. Use SSL: https://docs.microsoft.com/nb-no/azure/app-service/web-sites-purchase-ssl-web-site

6.3.9. Deployment Slots: https://docs.microsoft.com/en-us/azure/app-service/web-sites-staged-publishing

6.3.10. App Service Protection: https://docs.microsoft.com/en-us/azure/app-service/app-service-security

6.3.11. Patching and updates App Service: https://docs.microsoft.com/en-us/azure/app-service/app-service-patch-os-runtime

6.3.12. CDN Integration: https://docs.microsoft.com/en-us/azure/cdn/cdn-add-to-web-app

7. BÔNUS: Evaluate and perform server migration to Azure

7.1. Evaluate migration scenarios by using Azure Migrate

7.1.1. Discover and assess environment

7.1.2. identify workloads that can and cannot be deployed

7.1.3. identify ports to open

7.1.4. identify changes to network

7.1.5. identify if target environment is supported

7.1.6. setup domain accounts and credentials

7.1.7. Asessment Azure Migrate: https://docs.microsoft.com/en-us/azure/migrate/tutorial-assessment-vmware

7.1.8. Ports Required: https://docs.microsoft.com/en-us/azure/migrate/migrate-overview

7.2. Migrate servers to Azure

7.2.1. Migrate by using Azure Site Recovery (ASR)

7.2.2. migrate using P2V

7.2.3. configure storage

7.2.4. create a backup vault

7.2.5. prepare source and target environments

7.2.6. backup and restore data

7.2.7. deploy Azure Site Recovery (ASR) agent

7.2.8. prepare virtual network

7.2.9. Azure Site Recovery: https://docs.microsoft.com/en-us/azure/site-recovery/migrate-tutorial-on-premises-azure

7.2.10. Prepare Azure: https://docs.microsoft.com/en-us/azure/site-recovery/tutorial-prepare-azure

7.2.11. MIgrate P2V: https://docs.microsoft.com/en-us/azure/site-recovery/physical-azure-disaster-recovery#create-a-replication-policy