Learning path: https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWtVsd

Deploy and configure infrastructure 25%-30%

Analyse resource utilisation and consumption

• Configure diagnostic settings on resources
  • Diagnostic log overview
  • Diagnostcilog stream template
  • Troubleshoot diagnostic logs
• Create baseline for resources
  • Baseline protection
• Create and rest alerts
  • Azure Monitor overview
  • Alerts activity log
• Analyse alerts across subscription
  • Alerts overview
• Analyse metrics across subscription
  • Alerts metric
• Create action groups
  • Create and manage action groups in the Azure portal
• Monitor for unused resources
• Monitor spend
• Report on spend
• Utilise Log Search query functions
  • get started with queries
• View alerts in Log Analytics
  • Azure Monitor log queries
  • Joins in Azure Monitor log queries

Create and configure storage accounts

Storage Account Overview

• Configure network access to the storage account
  • Manage resources with portal
• Create and configure storage account
  • Storage Redundancy
  • Storage blob tiers
  • LRS redundancy
• Generate shared access signature
  • Configure Azure Storage connection strings
  • Using the Azure Storage REST API
• Install and use Azure Storage Explorer
• Manage access keys
  • Storage Security Guide
  • Storage SAS overview
• Monitor activity log by using Log Analytics
  • Quickstart: Route storage events to web endpoint with Azure CLI
• Implement Azure storage replication
• Azure Storage redundancy

Create and configure a Virtual Machine (VM) for Windows and Linux

• Configure high availability
  • Availability sets
• Configure monitoring, networking, storage, and virtual machine size
  • Deploying Microsoft Azure VM
• Deploy and configure scale sets

Automate deployment of Virtual Machines (VMs)

• Modify Azure Resource Manager (ARM) template
  • Azure Resource Manager deployment modes
  • Deploy resources with Resource Manager templates and Azure PowerShell
  • Azure Resource Manager vs. classic deployment: Understand deployment models and the state of your resources
• Configure location of new VMs
• Configure VHD template
• Deploy from template
• Save a deployment as an ARM template
• Deploy Windows and Linux VMs

Implement solutions that use virtual machines (VM)

• Provision VMs; create ARM templates
• Configure Azure Disk Encryption for VMs
  • Azure Security Disk Encryption FAQ
  • Azure Security Disk Encryption Prerequisites
  • Azure Security Disk Encryption Overview

Create connectivity between virtual networks

• Create and configure VNET peering
  • Virtual Network peering overview
  • Manage peering
• Create and configure VNET to VNET
• Verify virtual network connectivity
• Create virtual network gateway
  • https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-site-to-site-resource-manager-portal
  • Configure a Point-to-Site VPN connection to a VNet using native Azure certificate authentication: Azure portal
• Implement and manage virtual networking
  • Configure private and public IP addresses, network routes, network interface, subnets, and virtual network
• Manage Azure Active Directory (AD)
  • Add custom domains
  • Configure Azure AD Identity Protection, Azure AD Join, and Enterprise State Roaming.
    • Identity protection
  • Configure self-service password reset
  • Implement conditional access policies
    • Howto configure risk policies
  • Manage multiple directories
  • Perform an access review
• Implement and manage hybrid identities
  • Install and configure Azure AD Connect
    • Hybrid identity overview
    • Connect on premises network
    • Route express
  • Configure federation and single sign-on
  • Manage Azure AD Connect
  • Manage password sync and writeback
    • How-to: Configure password writeback

Implement workloads and Security 20-25%

• https://www.pluralsight.com/courses/microsoft-azure-resources-workloads-monitoring

Migrate servers to Azure

• https://www.pluralsight.com/courses/microsoft-azure-migrating-physical-virtual-servers
• Migrate by using Azure Site Recovery (ASR);
  • Migrate on-premises machines to Azure
• Migrate using P2V;
• Configure storage;
• Create a backup vault;
• Prepare source and target environments;
• Backup and restore data;
  • Recovery Services vaults overview
• Deploy Azure Site Recovery (ASR) agent;
  • Prepare virtual network

Configure serverless computing

• https://www.pluralsight.com/courses/microsoft-azure-serverless-computing-configuring
• Create and manage objects
• Manage a Logic App resource
• Manage Azure Function app settings
• Manage Event Grid
• Manage Service Bus
  • What is Azure Service Bus?
  • What is Azure Relay?
  • Expose an on-premises WCF REST service to external client by using Azure WCF Relay

Implement application load balancing

• Configure application gateway and load balancing rules
  • What is Azure Application Gateway
• Implement front end IP configurations
• Manage application load balancing

Integrate on premises network with Azure virtual network

• Create and configure Azure VPN Gateway
  • https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-multi-site-to-site-resource-manager-portal
  • https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-compliance-crypto
  • https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-vpn-faq
• Create and configure site to site VPN
  • https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-site-to-site-resource-manager-portal
  • https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-point-to-site-resource-manager-portal
• Configure Express Route
  • Expressroute Connectivity Models
  • Create and modify an ExpressRoute circuit
  • Create and modify peering for an ExpressRoute circuit
  • ExpressRoute virtual network gateway and FastPath
• Verify on premises connectivity
• Manage on-premise connectivity with Azure

Manage role-based access control (RBAC)

• Create a custom role
  • Built in roles
  • Role definitions
• configure access to Azure resources by assigning roles
• configure management access to Azure
• troubleshoot RBAC
• implement RBAC policies
• assign RBAC roles

Implement Multi-Factor Authentication (MFA)

• Enable MFA for an Azure tenant
• Configure user accounts for MFA
  • How to: Require MFA for access from untrusted networks with Conditional Access
• Configure fraud alerts
• Configure bypass options
• Configure trusted Ips
• Configure verification methods
• Manage role-based access control (RBAC)
• Implement RBAC policies
• Assign RBAC Roles
• Create a custom role
• Configure access to Azure resources by assigning roles
• Configure management access to Azure

Create and deploy apps 5-10%

Create web apps by using PaaS

• Create an Azure App Service Web App
  • Logic App Overview
  • Logic App Gateway connection
• Create documentation for the API
• Create an App Service Web App for containers
• Create an App Service background task by using WebJobs
• Enable diagnostics logging

Design and develop apps that run in containers

• https://www.pluralsight.com/courses/microsoft-azure-containers-deploying-managing
• Configure diagnostic settings on resources
• Create a container image by using a Docker file
• Create an Azure Container Service (ACS/AKS)
• Publish an image to the Azure Container Registry
• Implement an application that runs on an Azure Container Instance
• Manage container settings by using code

Implement Authentication and Secure Data 5-10%

• https://www.pluralsight.com/courses/microsoft-azure-data-securing

Implement authentication

• Implement authentication by using certificates, forms-based authentication, tokens, or Windows-integrated authentication
  • https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/tutorial-windows-vm-access-arm
• implement multi-factor authentication by using Azure AD
  • What is Conditional Access
• implement OAuth2 authentication
• implement Managed Service Identity (MSI) Service Principal authentication
  • https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/qs-configure-cli-windows-vm
  • https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/tutorial-windows-vm-access-arm

Implement secure data solutions

• Encrypt and decrypt data at rest and in transit
• Encrypt data with Always Encrypted
• Implement Azure Confidential Compute and SSL/TLS communications
• Create, read, update, and delete keys, secrets, and certificates by using the KeyVault API
  • Basic concepts
  • Quick create with powershell

Develop for the Cloud and for Azure Storage 20-25%

Develop solutions that use Cosmos DB storage

• Create, read, update, and delete data by using appropriate APIs
  • Introduction
  • Designing your data structure
  • Gettigng started with SQL query
  • Query table
  • High Availability
• implement partitioning schemes
  • https://docs.microsoft.com/en-us/azure/cosmos-db/partitioning-overview
• set the appropriate consistency level for operations
  • Consistency levels
  • Consistency levels tradeoffs

Develop solutions that use a relational database

• Provision and configure relational databases;
• configure elastic pools for Azure SQL Database;
  • What is Azure SQL Database managed instance
  • Managed instance T-SQL differences, limitations, and known issues
• create, read, update, and delete data tables by using code

Configure a message-based integration architecture

• Configure an app or service to send emails, Event Grid, and the Azure Relay Service;
  • Compare messaging services
  • Service bus queues and topic subscriptions
  • Entity suspend
• create and configure Notification Hub, Event Hub, and Service Bus;
  • https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-dotnet-how-to-use-topics-subscriptions
  • https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-queues-topics-subscriptions
• configure queries across multiple products

Develop for autoscaling

• Implement autoscaling rules and patterns (schedule, operational/system metrics, code that addresses singleton application instances);
  • Autoscale best practices
  • https://www.pluralsight.com/courses/microsoft-azure-autoscaling-developing
  • Function binding http webhook
  • VM Scale sets
  • Understand autoscale settings
  • Autoscale performance tutorial
• implement code that addresses transient state
  • Transient faults handling