Introduction xxiii Assessment Test xxx Chapter 1 Identity: Azure Active Directory 1 Azure Active Directory 2 Benefits 2 Concepts 4 Azure AD vs. Active Directory Domain Services 4 Azure AD: Licensing 5 Custom Domains in Azure AD 7 Users and Groups 8 User Accounts 8 Group Accounts 26 Azure AD Roles 36 Azure AD Join 37 Benefits 37 Connection Options 38 Self-Service Password Reset 39 Enabling SSPR 39 Authentication Methods 40 Managing Multiple Directories 42 Summary 43 Exam Essentials 44 Review Questions 45 Chapter 2 Compliance and Cloud Governance 49 Azure Regions 50 Facts 51 Regional Pairs 52 Azure Accounts and Subscriptions 53 Azure Accounts 54 Azure Subscriptions 54 Azure Cost Management 57 Plan and Control Expenses 58 Cost Saving Techniques 59 Resource Groups 60 Management Groups 65 Azure Policy 68 Implementing Azure Policy 69 Implementing Initiatives 77 Role-Based Access Control 79 Concepts 80 Azure RBAC Roles 82 Custom RBAC Roles 84 Role Assignment 91 Resource Locks 95 Configuring Locks 97 Resource Tags 99 Use Cases 99 Applying Tags 100 Summary 102 Exam Essentials 102 Review Questions 104 Chapter 3 Virtual Networking 109 Virtual Networks 110 VNet Concepts 111 Address Space 111 Subnets 111 Regions 111 Subscription 112 IP Addressing 113 Static and Dynamic Addressing 113 Private IP Addresses 113 Public IP Address 116 Network Routes 118 System Routes 119 User-Defined Routes 119 Service Endpoints 125 Supported Services 127 Private Endpoint 127 Azure DNS 129 Record Management 131 Private DNS Zones 133 Network Security Groups 137 NSG Concepts 137 NSG Effective Rules 141 Azure Firewall 142 Azure Firewall Rules 142 Implementing Azure Firewall 144 Summary 145 Exam Essentials 146 Review Questions 148 Chapter 4 Intersite Connectivity 153 Azure-to-Azure Connectivity 154 Internet 155 Virtual Network Peering 156 VPN Gateway 165 Virtual Network Peering vs. VPN Gateway 177 Azure to On-Premises Connectivity 178 VPN Gateways 178 ExpressRoute Connections 189 Intersite Connectivity Architecture 193 Virtual WAN 196 Summary 197 Exam Essentials 198 Review Questions 199 Chapter 5 Network Traffic Management 203 Availability Options 204 Availability Sets 205 Availability Zones 207 Service Level Agreement 208 Azure Load Balancer 208 Types of Load Balancers 209 Load Balancer SKUs 212 Configuring Load Balancer 212 Implementing Azure Load Balancer 214 Azure Application Gateway 221 Request Handling Process 222 Routing Methods 223 Configuring Application Gateway 224 Implementing Application Gateway 226 Azure Front Door 235 Azure Traffic Manager 237 Comparing the Load Balancing Solutions 239 Summary 239 Exam Essentials 240 Review Questions 241 Chapter 6 Azure Storage 245 Azure Storage Account 246 Azure Storage Services 247 Azure Blob Storage 247 Azure Files 248 Azure Queues 249 Azure Tables 249 Azure Disks 249 Storage Replication 250 Locally Redundant Storage 250 Zone Redundant Storage 251 Georedundant Storage 252 Geo-zone-Redundant Storage 253 Storage Account Types 255 Storage Account Endpoints 256 Accessing Storage 256 Custom Domain Configuration 256 Securing Storage Endpoints 257 Azure Blob Storage 258 Blob Containers 259 Blob Access Tiers 259 Blob Lifecycle Management 260 Uploading Blobs 261 Storage Security 268 Authorization Options 268 Shared Access Signatures 269 Storage Service Encryption 275 Azure Files and File Sync 276 Azure Files vs. Azure Blobs 276 Managing File Shares 277 Mapping File Shares 279 File Share Snapshots 282 Azure File Sync 285 Managing Storage 288 Azure Storage Explorer 289 AzCopy 291 Import/Export Service 297 Summary 299 Exam Essentials 300 Review Questions 302 Chapter 7 Azure Virtual Machines 307 Virtual Machine Planning 309 Virtual Network 309 Name 309 Location and Pricing 310 Size 311 Storage 312 Operating System 315 Deploying Virtual Machines 315 Connecting to Virtual Machines 320 Windows Connections 320 Linux Connections 324 Azure Bastion 329 Availability of Virtual Machines 334 Scaling Concepts 335 Vertical Scaling 335 Horizontal Scaling 336 Virtual Machine Scale Sets 336 Implementing a Scale Set 337 Autoscaling 340 Summary 342 Exam Essentials 342 Review Questions 343 Chapter 8 Automation, Deployment, and Configuration of Resources 349 Azure Resource Manager 350 ARM Templates 352 Template Design 352 Template Modes 354 Template Sections 355 Composing Templates 361 Exporting Templates 370 Configuring Virtual Hard Disk Templates 374 Create a VM from a VHD 375 Virtual Machine Extensions 376 Custom Script Extension 378 Desired State Configuration 379 Summary 380 Exam Essentials 381 Review Questions 382 Chapter 9 PaaS Compute Options 387 Azure App Service Plans 388 Pricing Tiers 389 Scaling 391 Azure App Services 396 Continuous Deployment 400 Deployment Slots 402 Securing App Service 405 Custom Domains 408 Backup 409 Container Instances 411 Docker 412 Azure Container Instances 415 Container Groups 421 Azure Kubernetes Service 422 Terminology 424 Cluster Components 425 Networking 426 Storage 429 Cluster Upgrade 431 Scaling 432 Summary 438 Exam Essentials 439 Review Questions 440 Chapter 10 Data Protection 445 File and Folder Backups 446 Azure Backup 446 Creating Recovery Services Vault 447 Configuring a Recovery Services Vault 448 Virtual Machine Data Protection 451 Virtual Machine Snapshots 452 Azure Backup 453 Azure Backup Server 463 Azure Site Recovery 466 Summary 469 Exam Essentials 470 Review Questions 471 Chapter 11 Monitoring Resources 475 Azure Monitor 476 Metrics 477 Logs 478 Data Sources 479 Activity Log 480 Azure Alerts 482 Creating Alert Rules 483 Alert States 484 Action Groups 484 Log Analytics 492 Workspace 493 Data Sources 493 Agents Configuration 496 Query Language 497 Network Watcher 502 IP Flow Verify 503 Next Hop 503 Effective Security Rules 505 VPN Troubleshoot 505 Packet Capture 506 Connection Troubleshoot 506 NSG Flow Logs 507 Topology 509 Summary 509 Exam Essentials 510 Review Questions 511 Appendix Answers to the Review Questions 515 Chapter 1: Identity: Azure Active Directory 516 Chapter 2: Compliance and Cloud Governance 517 Chapter 3: Virtual Networking 519 Chapter 4: Intersite Connectivity 520 Chapter 5: Network Traffic Management 521 Chapter 6: Azure Storage 522 Chapter 7: Azure Virtual Machines 524 Chapter 8: Automation, Deployment, and Configuration of Resources 526 Chapter 9: PaaS Compute Options 528 Chapter 10: Data Protection 529 Chapter 11: Monitoring Resources 530 Index 533.
MCA Microsoft Certified Associate Azure Administrator Study Guide with Online Labs: Exam AZ-104