AZ-104-MicrosoftAzureAdministrator

Lab 01 - Manage Azure Active Directory Identities

 Task 1: Create and configure Azure AD users

 Task 2: Create Azure AD groups with assigned and dynamic membership
 Task 3: Create an Azure Active Directory (AD) tenant (Optional - Lab environment issue)
 Task 4: Manage Azure AD guest users.

Lab 02a - Manage Subscriptions and RBAC

 Task 1: Implement Management Groups

 Task 2: Create custom RBAC roles
 Task 3: Assign RBAC roles

Lab 02b - Manage Governance via Azure Policy

 Task 1: Assign tags via the Azure portal

 Task 2: Enforce tagging via an Azure policy
 Task 3: Apply tagging via an Azure policy

Lab 03a - Manage Azure resources by Using the Azure Portal

 Task 1: Create resource groups and deploy resources to resource groups

 Task 2: Move resources between resource groups
 Task 3: Implement resource locks

Lab 03b - Manage Azure resources by Using ARM Templates

 Task 1: Review an ARM template for deployment of an Azure managed disk

 Task 2: Create an Azure managed disk by using an ARM template
 Task 3: Review the ARM template-based deployment of the managed disk

Lab 03c - Manage Azure resources by Using Azure PowerShell

 Task 1: Start a PowerShell session in Azure Cloud Shell

 Task 2: Create a resource group and an Azure managed disk by using Azure PowerShell
 Task 3: Configure the managed disk by using Azure PowerShell

Lab 03d - Manage Azure resources by Using Azure CLI

 Task 1: Start a Bash session in Azure Cloud Shell

 Task 2: Create a resource group and an Azure managed disk by using Azure CLI
 Task 3: Configure the managed disk by using Azure CLI

Lab 04 - Implement Virtual Networking

 Task 1: Create and configure a virtual network

 Task 2: Deploy virtual machines into the virtual network
 Task 3: Configure private and public IP addresses of Azure VMs
 Task 4: Configure network security groups
 Task 5: Configure Azure DNS for internal name resolution
 Task 6: Configure Azure DNS for external name resolution

Lab 05 - Implement Intersite Connectivity

 Task 1: Provision the lab environment

  Task 2: Configure local and global virtual network peering
 Task 3: Test intersite connectivity

Lab 06 - Implement Traffic Management

 Task 1: Provision the lab environment

 Task 2: Configure the hub and spoke network topology
 Task 3: Test transitivity of virtual network peering
 Task 4: Configure routing in the hub and spoke topology
 Task 5: Implement Azure Load Balancer
 Task 6: Implement Azure Application Gateway

Lab 07 - Manage Azure Storage

 Task 1: Provision the lab environment

 Task 2: Create and configure Azure Storage accounts
 Task 3: Manage blob storage
 Task 4: Manage authentication and authorization for Azure Storage
 Task 5: Create and configure an Azure Files shares
 Task 6: Manage network access for Azure Storage

Lab 08 - Manage Virtual Machines

 Task 1: Deploy zone-resilient Azure VMs using Azure portal and ARM template
 Task 2: Configure Azure virtual machines by using virtual machine extensions
 Task 3: Scale compute and storage for Azure virtual machines
 Task 4: Register the Microsoft.Insights and Microsoft.AlertsManagement resource providers
 Task 5: Deploy zone-resilient Azure virtual machine scale sets by using the Azure portal
 Task 6: Configure Azure virtual machine scale sets by using virtual machine extensions
 Task 7: Scale compute and storage for Azure virtual machine scale sets

Lab 09a - Implement Web Apps

 Task 1: Create an Azure web app

 Task 2: Create a staging deployment slot
 Task 3: Configure web app deployment settings
 Task 4: Deploy code to the staging deployment slot
 Task 5: Swap the staging slots
 Task 6: Configure and test autoscaling of the Azure web app

Lab 09b - Implement Azure Container Instances

 Task 1: Deploy a Docker image by using the Azure Container Instance

 Task 2: Review the functionality of the Azure Container Instance

Lab 09c - Implement Azure Kubernetes Service

 Task 1: Register the Microsoft.Kubernetes and Microsoft.KubernetesConfiguration resource providers.

 Task 2: Deploy an Azure Kubernetes Service cluster
 Task 3: Deploy pods into the Azure Kubernetes Service cluster
 Task 4: Scale containerized workloads in the Azure Kubernetes service cluster

Lab 10 - Backup virtual machines

 Task 1: Provision the lab environment

 Task 2: Create a Recovery Services vault
  Task 3: Implement Azure virtual machine-level backup
 Task 4: Implement File and Folder backup
 Task 5: Perform file recovery by using Azure Recovery Services agent (optional)
 Task 6: Perform file recovery by using Azure virtual machine snapshots (optional)
 Task 7: Review the Azure Recovery Services soft delete functionality

Lab 11 - Implement Monitoring

 Task 1: Provision the lab environment

 Task 2: Register the Microsoft.Insights and Microsoft.AlertsManagement resource providers.
 Task 3: Create and configure an Azure Log Analytics workspace and Azure Automation-based solutions
 Task 4: Review default monitoring settings of Azure virtual machines
 Task 5: Configure Azure virtual machine diagnostic settings
 Task 6: Review Azure Monitor functionality
 Task 7: Review Azure Log Analytics functionality

AZ-204-DevelopingSolutionsforMicrosoftAzure
Module 01: Create Azure App Service Web Apps

Lab 01: Build a web application on Azure platform as a service offerings

Exercise 1: Build a backend API by using Azure Storage and the Web Apps feature of Azure App Service

 Task 1: Open the Azure portal

 Task 2: Create a Storage account
 Task 3: Upload a sample blob
 Task 4: Create a web app
 Task 5: Configure the web app

Exercise 2: Build a front-end web application by using Azure Web Apps

 Task 1: Create a web app

 Task 2: Configure a web app
 Task 3: Deploy an ASP.NET web application to Web Apps

Module 02: Implement Azure Functions

Lab 02: Implement task processing logic by using Azure Functions

Exercise 1: Create Azure resources

 Task 1: Open the Azure portal

 Task 2: Create an Azure Storage account
 Task 3: Create a function app

Exercise 2: Configure a local Azure Functions project

 Task 1: Initialize a function project

 Task 2: Configure a connection string
 Task 3: Build and validate a project

Exercise 3: Create a function that's triggered by an HTTP request

 Task 1: Create an HTTP-triggered function

 Task 2: Write HTTP-triggered function code
  Task 3: Test the HTTP-triggered function by using httprepl

Exercise 4: Create a function that triggers on a schedule

 Task 1: Create a schedule-triggered function

 Task 2: Observe function code
 Task 3: Observe function runs
 Task 4: Update the function integration configuration
 Task 5: Observe function runs

Exercise 5: Create a function that integrates with other services

 Task 1: Upload sample content to Azure Blob Storage

 Task 2: Create an HTTP-triggered function
 Task 3: Write HTTP-triggered and blob-inputted function code
 Task 4: Register Azure Storage Blob extensions
 Task 5: Test the function by using httprepl

Exercise 6: Deploy a local function project to an Azure Functions app

 Task 1: Deploy using the Azure Functions Core Tools

 Task 2: Validate deployment

Module 03: Develop solutions that use blob storage

Lab 03: Retrieve Azure Storage resources and metadata by using the Azure Storage SDK for .NET

Exercise 1: Create Azure resources

 Task 1: Open the Azure portal

 Task 2: Create a Storage account

Exercise 2: Upload a blob into a container

 Task 1: Create storage account containers

 Task 2: Upload a storage account blob

Exercise 3: Access containers by using the .NET SDK

 Task 1: Create .NET project

 Task 2: Modify the Program class to access Storage
 Task 3: Connect to the Azure Storage blob service endpoint
 Task 4: Enumerate the existing containers

Exercise 4: Retrieve blob Uniform Resource Identifiers (URIs) by using the .NET SDK

 Task 1: Enumerate the blobs in an existing container by using the SDK

 Task 2: Create a new container by using the SDK
 Task 3: Upload a new blob by using the portal
 Task 4: Access blob URI by using the SDK
 Task 5: Test the URI by using a browser

Module 04: Develop solutions that use Cosmos DB storage

Lab 04: Construct a polyglot data solution

Exercise 1: Creating data store resources in Azure

  Task 1: Open the Azure portal
 Task 2: Create an Azure Cosmos DB account resource
 Task 3: Create an Azure Storage account resource

Exercise 2: Review and upload data

 Task 1: Upload images to Azure Blob Storage

 Task 2: Review JSON data
 Task 3: Create a Cosmos DB database and collection, and perform a JSON data upload
 Task 4: Validate JSON data upload

Exercise 3: Configure a .NET web application

 Task 1: Update references to data stores and build the web application
 Task 2: Configure connectivity to Azure Cosmos DB
 Task 3: Review the .NET application startup logic
 Task 4: Validate that the .NET application successfully connects to data stores

Module 05: Implement IaaS solutions

Lab 05: Deploy compute workloads by using images and containers

Exercise 1: Create a VM by using the Azure Command-Line Interface (CLI)

 Task 1: Open the Azure portal

 Task 2: Create a resource group
 Task 3: Open Azure Cloud Shell
 Task 4: Use the Azure CLI commands

Exercise 2: Create a Docker container image and deploy it to Azure Container Registry

 Task 1: Open the Cloud Shell and editor

 Task 2: Create and test a .NET application
 Task 3: Create a Container Registry resource
 Task 4: Store Container Registry metadata
 Task 5: Deploy a Docker container image to Container Registry
 Task 6: Validate your container image in Container Registry

Exercise 3: Deploy an Azure container instance

 Task 1: Enable the admin user in Container Registry

 Task 2: Automatically deploy a container image to an Azure container instance
 Task 3: Manually deploy a container image to Container Instances
 Task 4: Validate that the container instance ran successfully

Module 06: Implement user authentication and authorization

Lab 06: Authenticate by using OpenID Connect, MSAL, and .NET SDKs

Exercise 1: Configure a single-tenant Azure AD environment

 Task 1: Open the Azure portal

 Task 2: Register an application in Azure AD
 Task 3: Record unique identifiers
 Task 4: Configure the application authentication settings
 Task 5: Create an Azure AD user
Exercise 2: Create a single-tenant ASP.NET web app

 Task 1: Create an ASP.NET web app project

 Task 2: Test the single-tenant web app in a single-tenant scenario

Module 07: Implement secure cloud solutions

Lab 07: Access resource secrets more securely across services

Exercise 1: Create Azure resources

 Task 1: Open the Azure portal

 Task 2: Create a Storage account
 Task 3: Create an Azure Key Vault
 Task 4: Create a Function app

Exercise 2: Configure secrets and identities

 Task 1: Configure a system-assigned managed service identity

 Task 2: Create a Key Vault secret
 Task 3: Configure a Key Vault access policy
 Task 4: Create a Key Vault-derived application setting

Exercise 3: Build an Azure Functions app

 Task 1: Initialize a function project

 Task 2: Create an HTTP-triggered function
 Task 3: Configure and read an application setting
 Task 4: Validate the local function
 Task 5: Deploy the function using the Azure Functions Core Tools
 Task 6: Test the Key Vault-derived application setting

Exercise 4: Access Azure Blob Storage data

 Task 1: Upload a sample storage blob

 Task 2: Pull and configure the Azure SDK for .NET
 Task 3: Write Azure Blob Storage code using the Azure SDK for .NET
 Task 4: Deploy and validate the Azure Functions app

Module 08: Implement API Management

Lab 08: Create a multi-tier solution by using Azure services

Exercise 1: Create an Azure App Service resource by using a Docker container image

 Task 1: Open the Azure portal

 Task 2: Create a web app by using Azure App Service resource by using an httpbin container image
 Task 3: Test the httpbin web application

Exercise 2: Build an API proxy tier by using Azure API Management

 Task 1: Create an API Management resource

 Task 2: Define a new API
 Task 3: Manipulate an API response
 Task 4: Manipulate an API request

Module 09: Develop event-based solutions

Lab 09: Publish and subscribe to Event Grid events

Exercise 1: Create Azure resources

 Task 1: Open the Azure portal

 Task 2: Open Azure Cloud Shell
 Task 3: Review the Microsoft.EventGrid provider registration
 Task 4: Create a custom Event Grid topic
 Task 5: Deploy the Azure Event Grid viewer to a web app

Exercise 2: Create an Event Grid subscription

 Task 1: Access the Event Grid Viewer web application

 Task 2: Create a new subscription
 Task 3: Observe the subscription validation event
 Task 4: Record subscription credentials

Exercise 3: Publish Event Grid events from .NET

 Task 1: Create a .NET project

 Task 2: Modify the Program class to connect to Event Grid
 Task 3: Publish new events
 Task 4: Observe published events

Module 10: Develop message-based solutions

Lab 10: Asynchronously process messages by using Azure Service Bus Queues

Exercise 1: Create Azure resources

 Task 1: Open the Azure portal

 Task 2: Create an Azure Service Bus queue

Exercise 2: Create a .NET Core project to publish messages to a Service Bus queue

 Task 1: Create a .NET Core project

 Task 2: Publish messages to an Azure Service Bus queue

Exercise 3: Create a .NET Core project to read messages from a Service Bus queue

 Task 1: Create a .NET project

 Task 2: Read messages from an Azure Service Bus queue

Module 11: Monitor and optimize Azure solutions

Lab 11: Monitor services that are deployed to Azure

Exercise 1: Create and configure Azure resources

 Task 1: Open the Azure portal

 Task 2: Create an Application Insights resource
 Task 3: Create an Azure Web API resource
 Task 4: Configure web API autoscale options

Exercise 2: Monitor a local web API by using Application Insights

 Task 1: Build a .NET Web API project

 Task 2: Update app code to disable HTTPS and use Application Insights
  Task 3: Test an API application locally
 Task 4: Review metrics in Application Insights

Exercise 3: Monitor a web API using Application Insights

 Task 1: Deploy an application to the web API

 Task 2: Configure in-depth metric collection for Web Apps
 Task 3: Get updated metrics in Application Insights
 Task 4: View real-time metrics in Application Insights

Exercise 4: Application Insights logging with .NET

 Task 1: Configure logging for a .NET API app

 Task 2: Test logging of a .NET Core API app
 Task 3: Review the Application Insights logging

Module 12: Integrate caching and content delivery within solutions

Lab 12: Enhance a web application by using the Azure Content Delivery Network

Exercise 1: Create Azure resources

 Task 1: Open the Azure portal

 Task 2: Create a Storage account
 Task 3: Create a web app by using Azure App Service

Exercise 2: Configure Content Delivery Network and endpoints

 Task 1: Open Azure Cloud Shell

 Task 2: Register the Microsoft.CDN provider
 Task 3: Create a Content Delivery Network profile
 Task 4: Configure Storage containers
 Task 5: Create Content Delivery Network endpoints

Exercise 3: Upload and configure static web content

 Task 1: Observe the landing page

 Task 2: Upload Storage blobs
 Task 3: Configure Web App settings
 Task 4: Validate the corrected landing page

Exercise 4: Use Content Delivery Network endpoints

 Task 1: Retrieve endpoint Uniform Resource Identifiers (URIs)

 Task 2: Test multimedia content
 Task 3: Update the Web App settings
 Task 4: Test the web content

AZ-400-DesigningandImplementingMicrosoftDevOpsSolutions
Module 01: Get started on a DevOps transformation journey

Lab 01: Agile Planning and Portfolio Management with Azure Boards

Exercise 1: Manage Agile project

 Task 1: Manage teams, areas, and iterations

  Task 2: Manage work items
 Task 3: Manage sprints and capacity
 Task 4: Customize Kanban boards
 Task 5: Customize team process

Exercise 2 (optional) : Define dashboards

Lab 02: Version Controlling with Git in Azure Repos

Exercise 1: Clone an existing repository

 Task 1: Clone an existing repository

Exercise 2: Save work with commits

 Task 1: Commit changes

 Task 2: Review commits
 Task 3: Stage changes

Exercise 3: Review history

 Task 1: Compare files

Exercise 4: Work with branches

 Task 1: Create a new branch in your local repository

 Task 2: Work with branches

Module 02: Development for enterprise DevOps

Lab 03: Version Controlling with Git in Azure Repos

Exercise 1: Clone an existing repository

 Task 1: Clone an existing repository

Exercise 2: Manage branches from Azure DevOps

 Task 1: Create a new branch

 Task 2: Delete and restore a branch
 Task 3: Lock and unlock a branch
 Task 4: Tag a release

Exercise 3: Manage repositories

 Task 1: Create a new repo from Azure DevOps

 Task 2: Delete and rename Git repos

Module 03: Implement CI with Azure Pipelines and GitHub Actions

Lab 04: Configuring Agent Pools and Understanding Pipeline Styles

Exercise 1: Author YAML-based Azure Pipelines

 Task 1: Create an Azure DevOps YAML pipeline

Exercise 2: Manage Azure DevOps agent pools

 Task 1: Configure an Azure DevOps self-hosting agent

Lab 05: Enabling Continuous Integration with Azure Pipelines

Exercise 1: Introduction to Azure DevOps Build

 Task 1: Creating a basic build pipeline from a template

 Task 2: Tracking and reviewing a build
 Task 3: Invoking a continuous integration build

Lab 06: Integrating External Source Control with Azure Pipelines

Exercise 1: Getting started with Azure Pipelines

 Task 1: Forking a GitHub repo and installing Azure Pipelines

 Task 2: Configuring your Azure Pipelines project
 Task 3: Modifying a YAML build pipeline definition
 Task 4: Proposing a change via GitHub pull request
 Task 5: Using the broken pull request to improve the project
 Task 6: Adding a build status badge

Lab 07: Implementing GitHub Actions by using DevOps Starter

Exercise 1: Create a DevOps Starter project

 Task 1: Create DevOps Starter project

 Task 2: Review the results of creating the DevOps Starter project

Module 03: Create and manage containers using Docker and Kubernetes

Lab 08: Deploying Docker containers to Azure App Service web apps

Exercise 1: Configure the lab prerequisites

 Task 1: Configure the team project

 Task 2: Create Azure resources

Exercise 2: Deploy a Docker container to Azure App Service web app using Azure DevOps

 Task 1: Configure Continuous Integration (CI) and Continuous Delivery (CD)

 Task 2: Trigger build and release pipelines by using code commit

Module 04: Design and implement a release strategy

Lab 09: Controlling Deployments using Release Gates

Exercise 1: Configure the release pipeline

 Task 1: Update release tasks

Exercise 2: Configure release gates

 Task 1: Configure pre-deployment gates

 Task 2: Configure post-deployment gates

Exercise 3: Test release gates

 Task 1: Update and deploy application after adding release gates

Lab 10: Creating a Release Dashboard

Exercise 1: Create a release dashboard

  Task 1: Create an Azure DevOps Starter resource
 Task 2: Create Azure DevOps releases
 Task 3: Create an Azure DevOps release dashboard

Exercise 2: Query release information via REST API

 Task 1: Generate an Azure DevOps personal access token

 Task 2: Query release information via REST API by using Postman

Module 05: Implement a secure continuous deployment using Azure Pipelines

Lab 11: Configuring Pipelines as Code with YAML

Exercise 1: Configure CI/CD Pipelines as Code with YAML in Azure DevOps

 Task 1: Delete the existing pipeline

 Task 2: Add a YAML build definition
 Task 3: Add continuous delivery to the YAML definition
 Task 4: Review the deployed site

Lab 12: Setting Up and Running Functional Tests

Exercise 1: Implement Selenium tests by using a self-hosted Azure DevOps agent

 Task 1: Configure a self-hosted Azure DevOps agent

 Task 2: Configure a release pipeline
 Task 3: Trigger Build and Release

Lab 13: Integrating Azure Key Vault with Azure DevOps

Exercise 1: Integrate Azure Key Vault with Azure DevOps

 Task 1: Create a service principal

 Task 2: Create an Azure Key vault
 Task 3: Check the Azure Pipeline

Module 06: Manage infrastructure as code using Azure and DSC

Lab 14: Azure deployments using Azure Resource Manager templates

Exercise 1: Author and deploy Azure Resource Manager templates

 Task 1: Create Resource Manager template

 Task 2: Create a Linked template for storage resources
 Task 3: Upload Linked Template to Azure Blob Storage and generate SAS token
 Task 4: Modify the main template to call the linked template
 Task 5: Modify main template to update dependencies
 Task 6: Deploy resources to Azure by using linked templates

Module 07: Implement security and validate code bases for compliance

Lab 15: Implement Security and Compliance in an Azure Pipeline

Exercise 1: Implement Security and Compliance in an Azure Pipeline using Mend Bolt

 Task 1: Activate Mend Bolt

 Task 2: Trigger a build
 Task 3: Analyze Reports
Lab 16: Managing technical debt with SonarCloud and Azure DevOps

Exercise 0: Configure the lab prerequisites

 Task 1: Create the team project

 Task 2: Generate an Azure DevOps personal access token
 Task 3: Install and configure the SonarCloud Azure DevOps extension

Exercise 1: Set up an Azure Pipeline that integrates with SonarCloud

 Task 1: Initiate creation of the project build pipeline

 Task 2: Create a pipeline by using the YAML editor
 Task 3: Check pipeline results

Exercise 2: Analyze SonarCloud reports

 Task 1: Analyze SonarCloud reports

Exercise 3: Implement Azure DevOps pull request integration with SonarCloud

 Task 1: Create an Azure DevOps personal access token for pull request integration with SonarCloud
 Task 2: Configure pull request integration in SonarCloud
 Task 3: Configure a branch policy for integration with SonarCloud
 Task 4: Validate pull request integration
 Task 4: Block pull requests in response to failing Code Quality checks

Module 08: Design and implement a dependency management strategy

Lab 17: Package Management with Azure Artifacts

Exercise 1: Working with Azure Artifacts

 Task 1: Creating and connecting to a feed

 Task 2: Creating and publishing a NuGet package
 Task 3: Importing a NuGet package
 Task 4: Updating a NuGet package

Module 09: Implement continuous feedback

Lab 18: Monitoring Application Performance with Application Insights

Exercise 1: Monitor an Azure App Service web app using Azure Application Insights

 Task 1: Deploy a web app to Azure App Service by using Azure DevOps
 Task 2: Generate and review application traffic
 Task 3: Investigate application performance
 Task 4: Track application usage
 Task 5: Configure web app alerts

Lab 19: Integration between Azure DevOps and Teams

Exercise 1: Integrate Azure Boards with Microsoft Teams

 Task 1: Install and configure Azure Boards app in Microsoft Teams

 Task 2: Add Azure Boards Kanban boards to Microsoft Teams

Exercise 2: Integrate Azure Pipelines with Microsoft Teams

 Task 1: Install and configure Azure Pipelines app in Microsoft Teams

  Task 2: Subscribe to the Azure Pipeline notifications in Microsoft Teams
 Task 3: Using filters to customize subscriptions to Azure Pipelines in Microsoft Teams

Lab 20: Sharing Team Knowledge using Azure Project Wikis

Exercise 1: Publish code as a wiki

 Task 1: Publish a branch of an Azure DevOps repo as wiki

 Task 2: Manage content of a published wiki

Exercise 2: Create and manage a project wiki

 Task 1: Create a project wiki including a Mermaid diagram and an image

 Task 2: Manage a project wiki

AZ-500-AzureSecurityTechnologies
Module 01 - Manage Identity and Access

Lab 01: Role-Based Access Control

Exercise 1: Create the Senior Admins group with the user account Joseph Price as its member (the Azure portal).

 Task 1: Use the Azure portal to create a user account for Joseph Price
 Task2: Use Azure portal to create Senior Admins group and add the user account of Joseph Price to the group.

Exercise 2: Create the Junior Admins group with the user account Isabel Garcia as its member (PowerShell).

 Task 1: Use PowerShell to create a user account for Isabel Garcia.

 Task2: Use PowerShell to create the Junior Admins group and add the user account of Isabel Garcia to the group.

Exercise 3: Create the Service Desk group with the user Dylan Williams as its member (Azure CLI).

 Task 1: Use Azure CLI to create a user account for Dylan Williams.
 Task 2: Use Azure CLI to create the Service Desk group and add the user account of Dylan to the group.

Exercise 4: Assign the Virtual Machine Contributor role to the Service Desk group.

 Task 1: Create a resource group

 Task 2: Assign the Service Desk Virtual Machine Contributor permissions.

Lab 02: Azure Policy

Exercise 1: Implement Azure Policy.

 Task 1: Create an Azure resource group.

 Task 2: Create an Allowed Locations policy assignment.
 Task 3: Verify the Allowed Locations policy assignment is working.

Lab 03: Resource Manager Locks

Exercise 1: Resource Manager Locks

 Task 1: Create a resource group with a storage account.

 Task 2: Add a ReadOnly lock on the storage account.
 Task 3: Test the ReadOnly lock.
 Task 4: Remove the ReadOnly lock and create a Delete lock.
 Task 5: Test the Delete lock.
Lab 04: MFA, Conditional Access and AAD Identity Protection

Exercise 1: Deploy an Azure VM by using an Azure Resource Manager template

 Task 1: Deploy an Azure VM by using an Azure Resource Manager template

Exercise 2: Implement Azure MFA

 Task 1: Create a new Azure AD tenant.

 Task 2: Activate Azure AD Premium P2 trial.
 Task 3: Create Azure AD users and groups.
 Task 4: Assign Azure AD Premium P2 licenses to Azure AD users.
 Task 5: Configure Azure MFA settings.
 Task 6: Validate MFA configuration

Exercise 3: Implement Azure AD Conditional Access Policies

 Task 1: Configure a conditional access policy.

 Task 2: Test the conditional access policy.

Exercise 4: Implement Azure AD Identity Protection

 Task 1: View Azure AD Identity Protection options in the Azure portal

 Task 2: Configure a user risk policy
 Task 3: Configure a sign-in risk policy
 Task 4: Simulate risk events against the Azure AD Identity Protection policies
 Task 5: Review the Azure AD Identity Protection reports

Lab 05: Azure AD Privileged Identity Management

Exercise 1 - Configure PIM users and roles

 Task 1: Make a user eligible for a role.

 Task 2: Configure a role to require approval to activate and add an eligible member.
 Task 3: Give a user permanent assignment to a role.

Exercise 2 - Activate PIM roles with and without approval

 Task 1: Activate a role that does not require approval.

 Task 2: Activate a role that requires approval.

Exercise 3 - Create an Access Review and review PIM auditing features

 Task 1: Configure security alerts for Azure AD directory roles in PIM

 Task 2: Review PIM alerts, summary information, and detailed audit information

Lab 06: Implement Directory Synchronization

Exercise 1: Deploy an Azure VM hosting an Active Directory domain controller

 Task 1: Identify an available DNS name for an Azure VM deployment

 Task 2: Use an ARM template to deploy an Azure VM hosting an Active Directory domain controller

Exercise 2: Create and configure an Azure Active Directory tenant

 Task 1: Create an Azure Active Directory (AD) tenant

 Task 2: Add a custom DNS name to the new Azure AD tenant
 Task 3: Create an Azure AD user with the Global Administrator role
Exercise 3: Synchronize Active Directory forest with an Azure Active Directory tenant

 Task 1: Prepare AD DS for directory synchronization

 Task 2: Install Azure AD Connect
 Task 3: Verify directory synchronization

Module 02 - Implement Platform Protection

Lab 07: Network Security Groups and Application Security Groups

Exercise 1: Create the virtual networking infrastructure

 Task 1: Create a virtual network with one subnet.

 Task 2: Create two application security groups.
 Task 3: Create a network security group and associate it with the virtual network subnet.
 Task 4: Create inbound NSG security rules to all traffic to web servers and RDP to the management servers.

Exercise 2: Deploy virtual machines and test network filters

 Task 1: Create a virtual machine to use as a web server.

 Task 2: Create a virtual machine to use as a management server.
 Task 3: Associate each virtual machines network interface to it's application security group.
 Task 4: Test the network traffic filtering.

Lab 08: Azure Firewall

Exercise 1: Deploy and test an Azure Firewall

 Task 1: Use a template to deploy the lab environment.

 Task 2: Deploy an Azure firewall.
 Task 3: Create a default route.
 Task 4: Configure an application rule.
 Task 5: Configure a network rule.
 Task 6: Configure DNS servers.
 Task 7: Test the firewall.

Lab 09: Configuring and Securing ACR and AKS

Exercise 1: Configuring and Securing ACR and AKS

 Task 1: Create an Azure Container Registry

 Task 2: Create a Dockerfile, build a container and push it to Azure Container Registry
 Task 3: Create an Azure Kubernetes Service cluster
 Task 4: Grant the AKS cluster permissions to access the ACR
 Task 5: Deploy an external service to AKS
 Task 6: Verify the you can access an external AKS-hosted service
 Task 7: Deploy an internal service to AKS
 Task 8: Verify the you can access an internal AKS-hosted service

Module 03 - Secure Data and Applications

Lab 10: Key Vault (Implementing Secure Data by setting up Always Encrypted)

Exercise 1: Deploy the base infrastructure from an ARM template

 Task 1: Deploy an Azure VM and an Azure SQL database

Exercise 2: Configure the Key Vault resource with a key and a secret

 Task 1: Create and configure a Key Vault

 Task 2: Add a key to the Key Vault
 Task 3: Add a secret to the Key Vault

Exercise 3: Configure an Azure SQL database and a data-driven application

 Task 1: Enable a client application to access the Azure SQL Database service.
 Task 2: Create a policy allowing the application access to the Key Vault.
 Task 3: Retrieve SQL Azure database ADO.NET Connection String
 Task 4: Log on to the Azure VM running Visual Studio 2019 and SQL Management Studio 2018
 Task 5: Create a table in the SQL Database and select data columns for encryption

Exercise 4: Demonstrate the use of Azure Key Vault in encrypting the Azure SQL database

 Task 1: Run data-driven application to demonstrate use of Azure Key Vault in encrypting the Azure SQL database

Lab 11: Securing Azure SQL Database

Exercise 1: Implement SQL Database security features

 Task 1: Deploy an Azure SQL Database

 Task 2: Configure Advanced Data Protection
 Task 3: Configure Data Classification
 Task 4: Configure Auditing

Lab 12: Service Endpoints and Securing Storage

Exercise 1: Service endpoints and security storage

 Task 1: Create a virtual network

 Task 2: Add a subnet to the virtual network and configure a storage endpoint
 Task 3: Configure a network security group to restrict access to the subnet
 Task 4: Configure a network security group to allow rdp on the public subnet
 Task 5: Create a storage account with a file share
 Task 6: Deploy virtual machines into the designated subnets
 Task 7: Test the storage connection from the private subnet to confirm that access is allowed
 Task 8: Test the storage connection from the public subnet to confirm that access is denied

Module 04 - Manage security operations

Lab 13: Azure Monitor

Exercise 1: Collect data from an Azure virtual machine with Azure Monitor

 Task 1: Deploy an Azure virtual machine

 Task 2: Create a Log Analytics workspace
 Task 3: Enable the Log Analytics virtual machine extension
 Task 4: Collect virtual machine event and performance data
 Task 5: View and query collected data

Lab 14: Microsoft Defender for Cloud

Exercise 1: Implement Microsoft Defender for Cloud

 Task 1: Configure Microsoft Defender for Cloud

  Task 2: Review the Microsoft Defender for Cloud recommendations
 Task 3: Implement the Microsoft Defender for Cloud recommendation to enable Just in time VM Access

Lab 15: Microsoft Sentinel

Exercise 1: Implement Microsoft Sentinel

 Task 1: On-board Microsoft Sentinel

 Task 2: Connect Azure Activity to Sentinel
 Task 3: Create a rule that uses the Azure Activity data connector.
 Task 4: Create a playbook
 Task 5: Create a custom alert and configure the playbook as an automated response.
 Task 6: Invoke an incident and review the associated actions.

AZ-700-Designing- Implementing- Azure-Networking-Solutions

Module 01 - Introduction to Azure Virtual Networks

M01-Unit 4 Design and implement a Virtual Network in Azure

 Task 1: Create the Contoso resource group

 Task 2: Create the CoreServicesVnet virtual network and subnets
 Task 3: Create the ManufacturingVnet virtual network and subnets
 Task 4: Create the ResearchVnet virtual network and subnets
 Task 5: Verify the creation of VNets and Subnets

M01 - Unit 6 Configure DNS settings in Azure

 Task 1: Create a private DNS Zone

 Task 2: Link subnet for auto registration
 Task 3: Create Virtual Machines to test the configuration
 Task 4: Verify records are present in the DNS zone

M01-Unit 8 Connect two Azure Virtual Networks using global virtual network peering

 Task 1: Create a Virtual Machine to test the configuration

 Task 2: Connect to the Test VMs using RDP
 Task 3: Test the connection between the VMs
 Task 4: Create VNet peerings between CoreServicesVnet and ManufacturingVnet
 Task 5: Test the connection between the VMs

Module 02 - Design and implement hybrid networking

M02-Unit 3 Create and configure a virtual network gateway

 Task 1: Create CoreServicesVnet and ManufacturingVnet

 Task 2: Create CoreServicesVM
 Task 3: Create ManufacturingVM
 Task 4: Connect to the Test VMs using RDP
 Task 5: Test the connection between the VMs
 Task 6: Create CoreServicesVnet Gateway
 Task 7: Create ManufacturingVnet Gateway
 Task 8: CoreServicesVnet to ManufacturingVnet
 Task 9: Connect ManufacturingVnet to CoreServicesVnet
 Task 10: Verify that the connections connect
  Task 11: Test the connection between the VMs

M02-Unit 7 Create a Virtual WAN by using Azure Portal

 Task 1: Create a Virtual WAN

 Task 2: Create a hub by using Azure Portal
 Task 3: Connect a VNet to the Virtual Hub

Module 03 - Design and implement Azure ExpressRoute

M03-Unit 4 Configure an ExpressRoute Gateway

 Task 1: Create the VNet and gateway subnet

 Task 2: Create the virtual network gateway

M03-Unit 5 Provision an ExpressRoute circuit

 Task 1: Create and provision an ExpressRoute circuit

 Task 2: Retrieve your Service key
 Task 3: Deprovisioning an ExpressRoute circuit

Module 04 - Load balancing non-HTTP(S) traffic in Azure

M04-Unit 4 Create and configure an Azure load balancer

 Task 1: Create the virtual network

 Task 2: Create backend servers
 Task 3: Create the load balancer
 Task 4: Create load balancer resources
 Task 5: Test the load balancer

M04-Unit 6 Create a Traffic Manager profile using the Azure portal

 Task 1: Create the web apps

 Task 2: Create a Traffic Manager profile
 Task 3: Add Traffic Manager endpoints
 Task 4: Test the Traffic Manager profile

Module 05 - Load balancing HTTP(S) traffic in Azure

M05-Unit 4 Deploy Azure Application Gateway

 Task 1: Create an application gateway

 Task 2: Create virtual machines
 Task 3: Add backend servers to backend pool
 Task 4: Test the application gateway

M05-Unit 6 Create a Front Door for a highly available web application using the Azure portal

 Task 1: Create two instances of a web app

 Task 2: Create a Front Door for your application
 Task 3: View Azure Front Door in action

Module 06 - Design and implement network security

M06-Unit 4 Configure DDoS Protection on a virtual network using the Azure portal

 Task 1: Create a resource group

  Task 2: Create a DDoS Protection plan
 Task 3: Enable DDoS Protection on a new virtual network
 Task 4: Configure DDoS telemetry
 Task 5: Configure DDoS diagnostic logs
 Task 6: Configure DDoS alerts
 Task 7: Submit a DDoS service request to run a DDoS attack

M06-Unit 7 Deploy and configure Azure Firewall using the Azure portal

 Task 1: Create a resource group

 Task 2: Create a virtual network and subnets
 Task 3: Create a virtual machine
 Task 4: Deploy the firewall and firewall policy
 Task 5: Create a default route
 Task 6: Configure an application rule
 Task 7: Configure a network rule
 Task 8: Configure a Destination NAT (DNAT) rule
 Task 9: Change the primary and secondary DNS address for the server's network interface
 Task 10: Test the firewall

M06-Unit 9 Secure your virtual hub using Azure Firewall Manager

 Task 1: Create two spoke virtual networks and subnets

 Task 2: Create the secured virtual hub
 Task 3: Connect the hub and spoke virtual networks
 Task 4: Deploy the servers
 Task 5: Create a firewall policy and secure your hub
 Task 6: Associate the firewall policy
 Task 7: Route traffic to your hub
 Task 8: Test the application rule
 Task 9: Test the network rule

Module 07 - Design and implement private access to Azure Services

M07-Unit 5 Restrict network access to PaaS resources with virtual network service endpoints

 Task 1: Create a virtual network

 Task 2: Enable a service endpoint
 Task 3: Restrict network access for a subnet
 Task 4: Add additional outbound rules
 Task 5: Allow access for RDP connections
 Task 6: Restrict network access to a resource
 Task 7: Create a file share in the storage account
 Task 8: Restrict network access to a subnet
 Task 9: Create virtual machines
 Task 10: Confirm access to storage account

M07-Unit 6 Create an Azure private endpoint using Azure PowerShell

 Task 1: Create a resource group

 Task 2: Create a virtual network and bastion host
 Task 3: Create a test virtual machine
 Task 4: Create a Private Endpoint
  Task 5: Configure the private DNS zone
 Task 6: Test connectivity to the Private Endpoint

Module 08 - Design and implement network monitoring

M08-Unit 3 Monitor a load balancer resource using Azure Monitor

 Task 1: Create the virtual network

 Task 2: Create the load balancer
 Task 3: Create a backend pool
 Task 4: Create a health probe
 Task 5: Create a load balancer rule
 Task 6: Create backend servers
 Task 7: Add VMs to the backend pool
 Task 8: Install IIS on the VMs
 Task 9: Test the load balancer
 Task 10: Create a Log Analytics Workspace
 Task 11: Use Functional Dependency View
 Task 12: View detailed metrics
 Task 13: View resource health
 Task 14: Configure diagnostic settings

AZ-900T0x-MicrosoftAzureFundamentals-1210
Module 02 - Core Azure Services

01 - Create a virtual machine in the portal

 Task 1: Create the virtual machine

 Task 2: Connect to the virtual machine
 Task 3: Install the web server role and test

02 - Deploy Azure Container Instances

 Task 1: Create a container instance

 Task 2: Deploy the container

03 - Create a virtual network

 Task 1: Create a virtual network

 Task 2: Create two virtual machines
 Task 3: Test the connection

04 - Create blob storage

 Task 1: Create a storage account

 Task 2: Work with blob storage
 Task 3: Monitor the storage account

05 - Create a SQL database

 Task 1: Create the database

 Task 2: Test the database.

06 - Implement an Azure IoT Hub

  Task 1: Create an IoT hub
 Task 2: Add an IoT device
 Task 3: Test the device using the Raspberry Pi Simulator

07 - Implement Azure Functions

 Task 1: Create a Function app

 Task 2: Create a HTTP triggered function and test

08 - Create a Web App

 Task 1: Create a Web App

 Task 2: Test the Web App

09 - Create a VM with a Template

 Task 1: Explore the gallery and locate a template

 Task 2: Verify and monitor your virtual machine deployment

10 - Create a VM with PowerShell

 Task 1: Configure PowerShell locally

 Task 2: Create a resource group and virtual machine
 Task 3: Execute commands in the Cloud Shell
 Task 4: Review Azure Advisor Recommendations

11 - Create a VM with the CLI

 Task 1: Install the CLI locally

 Task 2: Create a resource group and a virtual machine
 Task 3: Execute commmands in the Cloud Shell
 Task 4: Review Azure Advisor Recommendations

Module 03 - Security, Privacy, Compliance and Trust

12 - Secure network traffic

 Task 1: Create a virtual machine

 Task 2: Create a network security group
 Task 3: Configure an inbound security port rule to allow RDP
 Task 4: Configure an outbound security port rule to deny Internet access

13 - Implement Azure Key Vault

 Task 1: Create an Azure Key Vault

 Task 2: Add a secret to the Key Vault

14 - Create an Azure Policy

 Task 1: Create a Policy assignment

 Task 2: Test Allowed location policy
 Task 3: Delete the policy assignment

15 - Manage access with RBAC

 Task 1: View and assign roles

 Task 2: Monitor role assignments and remove a role
16 - Manage resource locks

 Task 1: Create a resource group

 Task 2: Add a Lock to the resource group and test deletion
 Task 3: Test deleting a member of the resource group
 Task 4: Remove the resource lock

17 - Implement resource tagging

 Task 1: Create a Policy assignment

 Task 2: Create a storage account to test the required tagging
 Task 3: View all resources with a specific tag
 Task 4: Delete the policy assignment

18 - Explore the Trust Center

 Task 1: Access the Trust Center

 Task 2: Access the Service Trust Portal (STP)
 Task 3: Access the Compliance Manager

Module 04 - Azure Pricing and Support

19 - Use the Pricing Calculator

 Task 1: Configure the pricing calculator

 Task 2: Review the pricing estimate

20 - Use the Azure TCO Calculator

 Task 1: Configure the TCO calculator

 Task 2: Review the results and save a copy

21 - Open a Support Request

 Task 1: View available support plan options and a technical support request
 Task 2: Create a billing support request

22 - Calculate Composite SLAs

 Task 1: Determine the SLA uptime percentage values for our application
 Task 2: Calculate the Application Composite SLA percentage uptime

23 - Access Azure Preview features

 Task 1: Access preview services and features

 Task 2: Review the Azure Updates page

……………..