Book Image

Exam Ref AZ-104 Microsoft Azure Administrator Certification and Beyond - Second Edition

By : Riaan Lowe, Donovan Kelly
4.5 (2)
Book Image

Exam Ref AZ-104 Microsoft Azure Administrator Certification and Beyond - Second Edition

4.5 (2)
By: Riaan Lowe, Donovan Kelly

Overview of this book

Exam Ref AZ-104 Microsoft Azure Administrator Certification and Beyond covers all the exam objectives and will help you to earn the Microsoft Azure Administrator certification with ease. Whether you’re studying to pass the AZ-104 exam or just want hands-on experience in administering Azure, this AZ-104 study guide will help you to achieve your objectives. This book covers the latest Azure features and capabilities around configuring, managing, and securing Azure resources. Adhering to Microsoft's AZ-104 exam syllabus, this guide is divided into five modules. The first module will show you how to manage Azure identities and governance. You'll find out how to configure Azure subscription policies at the Azure subscription level and use Azure policies for resource groups. After that, the book covers techniques related to implementing and managing storage in Azure, enabling you to create and manage Azure Storage, including File and Blob storage. In the second module, you’ll learn how to deploy and manage Azure compute resources. The third and fourth modules will teach you about configuring and managing virtual networks and monitoring and backing up Azure resources. Finally, you'll work through mock tests, with answers provided, to prepare for this exam. By the end of this book, you'll have the skills needed to pass the AZ-104 exam and be able to expertly manage Azure.

Related Content you might be interested in

Current Title:

Small book image
Exam Ref AZ-104 Microsoft Azure Administrator Certification and Beyond - Second Edition
Riaan Lowe | Donovan Kelly
Jul, 2022 | 776 pages
Small book image
Implementing Microsoft Azure Architect Technologies: AZ-303 Exam Prep and Beyond
Brett Hargreaves | Sjoukje Zaal
Dec, 2020 | 548 pages
Small book image
Microsoft Azure Architect Technologies: Exam Guide AZ-300
Sjoukje Zaal
Jan, 2020 | 540 pages
Small book image
Learn Azure Administration
Kamil Mrzygłód
Dec, 2023 | 346 pages
Table of Contents (30 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Get in touch
Share Your Thoughts
1
Part 1: Managing Azure Identities and Governance
Part 1: Managing Azure Identities and Governance
Free Chapter
2
Chapter 1: Managing Azure Active Directory Objects
Chapter 1: Managing Azure Active Directory Objects
Technical requirements
Creating Azure AD users and groups
Creating Azure AD AUs
Managing user and group properties
Managing device settings
Performing bulk updates
Managing guest accounts
Configuring Azure AD join
Configuring SSPR
Summary
3
Chapter 2: Managing Role-Based Access Control
Chapter 2: Managing Role-Based Access Control
Technical requirements
Creating a custom RBAC role
Providing access to resources by assigning the custom RBAC role
Interpreting access assignments
Summary
4
Chapter 3: Creating and Managing Governance
Chapter 3: Creating and Managing Governance
Technical requirements
Understanding Azure policies
Applying and managing tags on resources
Summary
5
Chapter 4: Managing Governance and Costs
Chapter 4: Managing Governance and Costs
Technical requirements
Managing resource groups
Configuring resource locks
Managing subscriptions
Managing costs
Configuring management groups
Summary
6
Chapter 5: Practice Labs – Managing Azure Identities and Governance
Chapter 5: Practice Labs – Managing Azure Identities and Governance
Technical requirements
Managing Azure AD objects
Managing RBAC
7
Part 2: Implementing and Managing Storage
Part 2: Implementing and Managing Storage
8
Chapter 6: Understanding and Managing Storage
Chapter 6: Understanding and Managing Storage
Technical requirements
Understanding Azure storage accounts
Creating and configuring storage accounts
Using Azure Import/Export
Installing and using Azure Storage Explorer
Configuring Azure Files and Azure Blob storage
Summary
9
Chapter 7: Securing Storage
Chapter 7: Securing Storage
Technical requirements
Configuring network access to storage accounts
Storage access keys
Working with SAS tokens
Configuring access and authentication
Copying data by using AzCopy
Configuring storage replication and life cycle
Summary
10
Chapter 8: Practice Labs – Implementing and Managing Storage
Chapter 8: Practice Labs – Implementing and Managing Storage
Technical requirements
Managing the Azure Storage lab
The Azure Functions AzCopy lab
Connecting storage using a private endpoint lab
Summary
11
Part 3: Deploying and Managing Azure Compute Resources
Part 3: Deploying and Managing Azure Compute Resources
12
Chapter 9: Automating VM Deployments Using ARM Templates
Chapter 9: Automating VM Deployments Using ARM Templates
Technical requirements
Modifying an ARM template
Saving a deployment as an ARM template
Deploying VM extensions
Summary
13
Chapter 10: Configuring Virtual Machines
Chapter 10: Configuring Virtual Machines
Technical requirements
Understanding Azure disks
Disk types
Understanding Azure VMs
Deploying a VM in Azure
Deploying and configuring scale sets
VM management tasks
Disk encryption in Azure
Automating configuration management
Summary
14
Chapter 11: Creating and Configuring Containers
Chapter 11: Creating and Configuring Containers
Technical requirements
Introduction to containers
Containers versus VMs
ACI
Container groups
Docker platform
AKS
Creating an Azure container registry
Deploying your first Azure container instance
Configuring container groups for Azure container instances
Configuring sizing and scaling for Azure container instances
Deploying AKS
Configuring storage for AKS
Configuring scaling for AKS
Configuring network connections for AKS
Upgrading an AKS cluster
Summary
15
Chapter 12: Creating and Configuring App Services
Chapter 12: Creating and Configuring App Services
Technical requirements
Understanding App Service plans and App Service
Creating an App Service plan
Creating an app service
Configuring the scaling settings of an App Service plan
Securing an app service
Configuring custom domain names
Configuring a backup for an app service
Configuring networking settings
Configuring deployment settings
Summary
16
Chapter 13: Practice Labs – Deploying and Managing Azure Compute Resources
Chapter 13: Practice Labs – Deploying and Managing Azure Compute Resources
Technical requirements
Managing virtual machines lab
Deploying an Azure Container Instances lab
Deploying an Azure Kubernetes Service lab
Deploying Web App service lab
Summary
17
Part 4: Configuring and Managing Virtual Networking
Part 4: Configuring and Managing Virtual Networking
18
Chapter 14: Implementing and Managing Virtual Networking
Chapter 14: Implementing and Managing Virtual Networking
Technical requirements
Creating and configuring virtual networks, including peering
Create private and public IP addresses
User-defined routing
Implementing subnets
Configuring endpoints on subnets
Configuring private endpoints
Configuring Azure DNS
Summary
19
Chapter 15: Securing Access to Virtual Networks
Chapter 15: Securing Access to Virtual Networks
Technical requirements
Associating an NSG with a subnet
Creating NSG rules
Evaluating effective security rules
Implementing Azure Firewall and Azure Bastion
Summary
20
Chapter 16: Configuring Load Balancing
Chapter 16: Configuring Load Balancing
Technical requirements
Azure load balancing services
Azure Load Balancer
Configuring an ILB
Configuring a public load balancer
Azure Application Gateway
Configuring Azure Application Gateway
Azure Front Door
Summary
21
Chapter 17: Integrating On-Premises Networks with Azure
Chapter 17: Integrating On-Premises Networks with Azure
Technical requirements
Azure VPN Gateway
Creating and configuring an Azure VPN gateway
Create and configure Azure ExpressRoute
Azure Virtual WAN
Configuring Azure Virtual WAN
Summary
22
Chapter 18: Monitoring and Troubleshooting Virtual Networking
Chapter 18: Monitoring and Troubleshooting Virtual Networking
Technical requirements
Network Watcher
Configuring Network Watcher
Summary
23
Chapter 19: Practice Labs – Configuring and Managing Virtual Networking
Chapter 19: Practice Labs – Configuring and Managing Virtual Networking
Technical requirements
Virtual network subnetting lab
Global peering interconnectivity Lab
Traffic management lab
Summary
24
Part 5: Monitoring and Backing Up Azure Resources
Part 5: Monitoring and Backing Up Azure Resources
25
Chapter 20: Monitoring Resources with Azure Monitor
Chapter 20: Monitoring Resources with Azure Monitor
Technical requirements
Azure Monitor
Creating and analyzing metrics and alerts
Querying Log Analytics
Configuring Application Insights
Summary
26
Chapter 21: Implementing Backup and Recovery Solutions
Chapter 21: Implementing Backup and Recovery Solutions
Technical requirements
Creating a Recovery Services vault
Creating and configuring backup policies
Performing backup and restore operations via Azure Backup
Performing site-to-site recovery via Azure Site Recovery
Configuring and reviewing backup reports
Summary
27
Chapter 22: Practice Labs – Monitoring and Backing Up Azure Resources
Chapter 22: Practice Labs – Monitoring and Backing Up Azure Resources
Technical requirements
Azure Recovery Services Vault with VM backup lab
Azure Monitor lab
Summary
28
Chapter 23: Mockup Test Questions and Answers
Chapter 23: Mockup Test Questions and Answers
Managing Azure identities and governance (15-20%)
Implement and manage storage (15-20%)
Deploy and manage Azure compute resources (20-25%)
Configure and manage virtual networking (25-30%)
Monitor and back up Azure resources (10-15%)
Mockup test answers
Why subscribe?
29
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts

Managing user and group properties

Part of an Azure administrator's task is to understand what can be done from a user and group perspective within Azure AD. Let's take a look at what we can configure for an Azure AD user account:

  • Profile: This is where you can view and update information such as the name, user type, job information, and more.
  • Assigned roles: This setting is where you can view all of the role assignments for that specific account; assignments can be in the form of eligible, active, or expired assignments.
  • Administrative units: This setting displays the AUs that the user is part of.
  • Groups: This setting displays the AD groups that the user is part of.
  • Applications: This setting displays the application assignments.
  • Licenses: This setting displays what licenses are currently assigned to the user account.
  • Devices: This setting shows what devices are associated with the user account, including the join type such as Azure AD joined.
  • Azure role assignments: This setting displays the resources on a subscription level to which the account has access.
  • Authentication methods: This setting displays the authentication contact information, such as the phone number and email address for MFA. From here, you can also set the account to reregister for MFA or revoke current MFA sessions.

Now that we have reviewed all the user properties, let's take a look at the group settings.

Azure AD groups have the following settings available:

  • Overview: This displays the membership type, the source directory, the object ID, the creation date, and more.
  • Properties: This setting displays the general settings for the group, such as the group name, the description, the group type, and the membership type, which can be changed here.
  • Members: This setting displays all of the current members of the group; bulk operations can also be performed from here.
  • Owners: This setting displays the owners of the group who can modify the group and the members within it.
  • Administrative units: This setting displays the AUs that the group is part of.
  • Group memberships: This setting displays all of the security groups that the group belongs to (nested grouping).
  • Applications: This setting displays the application assignments.
  • Licenses: This setting displays the licenses that are assigned to the group, which group members will inherit automatically.
  • Azure role assignments: This setting displays the resources of a subscription level to which the group members have access.
  • Dynamic membership rules: This setting displays the configuration rules; for dynamic groups, this is where you can change the configuration rules, which will affect the members of the group.

And that brings an end to the user and group properties. In this section, we have looked at all of the different settings for Azure AD users and Azure AD groups.

We encourage students to read up further by using the following links, which will provide additional information around managing group settings via the command line and also dive into external user attribute flows:

Next, we are going to look at how to manage device settings within Azure.

Previous Section
End of Section 5
Next Section