Manage Azure Subscription
-
Assign administrator permissions
-
Configure cost center quotas and tagging
-
Configure Azure subscription policies at Azure subscription level
Analyze resource utilization and consumption
-
Configure diagnostic settings on resources
-
Create baseline for resources
-
Create and rest alerts
-
Analyze alerts across subscription
-
Analyze metrics across subscription
-
Create action groups
-
Monitor for unused resources
-
Monitor spend
-
Report on spend
-
Utilize Log Search query functions
-
View lerts in Log Analytics
Manage resource groups Policy Lab
• Use Azure policies for resource groups
• Configure resource locks
• Configure resource policies
• Identify auditing requirements
• Implement and set tagging on resource groups
• Move resources across resource groups
• Remove resource groups
Managed Role Based Access Control (RBAC)
-
Create a custom role
-
Configure access to Azure resources by assigning roles
-
Configure management access to Azure
-
Troubleshoot RBAC
-
Implement RBAC policies
-
Assign RBAC Roles
Implement and Manage Storage
-
Create and configure storage accounts - Azure Storage Doc
-
Configure network access to the storage account
-
Create and configure storage account
-
Generate shared access signature
-
Install and use Azure Storage Explorer
-
Manage access keys
-
Monitor activity log by using Log Analytic implement Azure storage replication
Import and Export Data to Azure
-
Create export from Azure job
-
Create import into Azure job
-
Use Azure Data Box
-
Configure and use Azure blob storage
-
Configure Azure content delivery network (CDN) endpoints
-
Compare Azure CDN product features
Configure Azure Files
-
Create Azure file share
-
Create Azure File Sync service
-
Create Azure sync group
-
Troubleshoot Azure File Sync
Implement Azure backup
-
Configure and review backup reports
-
Perform backup operation
-
Create Recovery Services Vault
-
Create and configure backup policy perform a restore operation
Deploy and manage virtual machines
-
Create and Configure a VM for Windows and Linux
-
Configure high availability
-
Configure monitoring, networking, storage, and virtual machine size
-
Deploy and configure scale sets
Automate deployment of VMs
-
Modify Azure Resource Manager (ARM) template
-
Configure location of new VMs
-
Configure VHD template
-
Deploy from template
-
Save a deployment as an ARM template
-
Deploy Windows and Linux VMs
Manage Azure VM
-
Add Data Discs Add Network Interface
-
Automate Configuration Management by using PowerShell Desired
-
State Configuration (DSC) and VM Agent by using Custom Script Extensions
-
Manage VM sizes; move VMs from one resource group to another
-
Redeploy VMs
Manage VM Backups
-
Configure VM backup
-
Define backup policies
-
Implement backup policies
-
Perform VM restor Azure Site Recovery
-
Configure and manage virtual networks
Create connectivity between virtual networks
-
Create and configure VNET peering
-
Create and configure VNET to VNET
-
Verify virtual network connectivity
-
Create virtual network gateway
-
Implement and manage virtual networking
Configure Private and Public IP addresses, Network Routes, Network Interface, Subnets, and Virtual Network
-
Configure Name Resolution
-
Configure Azure DNS
-
Configure Custom DNS Settings
-
Configure Private and Public DNS Zones
Create and Configure a Network Security Group (NSG)
Create security rules
Associate NSG to a Subnet or Network Interface
Identify Required Ports
Evaluate effective security rules
Implement Azure Load Balancer
Configure Internal Load Balancer, Configure Load Balancing Rules, Configure Public Load balancer, troubleshoot load balancing
Monitor and troubleshoot virtual networking
• monitor on-premises connectivity,
-
Network resource monitoring
-
Network Watcher, troubleshoot external networking
-
troubleshoot virtual network connectivity
-
Azure Firewall
Integrate on premises network with Azure virtual network
-
create and configure Azure VPN Gateway, create and configure site to site VPN, configure Express Route, verify on premises connectivity, troubleshoot on premises connectivity with Azure
Manage identities
Manage Azure Active Directory (AD)
• add custom domains
• Azure AD Join
• configure self-service password reset
• manage multiple directories
Manage Azure AD objects (users, groups, and devices)
• create users and groups
• manage user and group properties
• manage device settings
• perform bulk user updates
• manage guest accounts
Implement and manage hybrid identities
• install Azure AD Connect, including password hash and pass-through synchronization
• use Azure AD Connect to configure federation with on-premises Active Directory Domain Services (AD DS)
• manage Azure AD Connect
• manage password sync and password writeback
Implement multi-factor authentication (MFA)
-
configure user accounts for MFA
-
enable MFA by using bulk update
-
configure fraud alerts,
-
configure bypass options
-
configure Trusted IPs
-
configure verification methods