Book Image

Configuring Windows Server Hybrid Advanced Services Exam Ref AZ-801

By : Chris Gill

Book Image

Configuring Windows Server Hybrid Advanced Services Exam Ref AZ-801

By: Chris Gill

Overview of this book

Configuring Windows Server Hybrid Advanced Services Exam Ref AZ-801 helps you master various cloud and data center management concepts in detail, helping you grow your expertise in configuring and managing Windows Server in on-premises, hybrid, and cloud-based workloads. Throughout the book, you'll cover all the topics needed to pass the AZ-801 exam and use the skills you acquire to advance in your career. With this book, you’ll learn how to secure your on-premises Windows Server resources and Azure IaaS workloads. First, you’ll explore the potential vulnerabilities of your resources and learn how to fix or mitigate them. Next, you'll implement high availability Windows Server virtual machine workloads with Hyper-V Replica, Windows Server Failover Clustering, and Windows File Server. You’ll implement disaster recovery and server migration of Windows Server in on-premises and hybrid environments. You’ll also learn how to monitor and troubleshoot Windows Server environments. By the end of this book, you'll have gained the knowledge and skills required to ace the AZ-801 exam, and you'll have a handy, on-the-job desktop reference guide.

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the color images

Conventions used

Share Your Thoughts

Download a free PDF copy of this book

Part 1: Exam Overview and the Current State of On-Premises, Hybrid, and Cloud Workflows

Part 1: Exam Overview and the Current State of On-Premises, Hybrid, and Cloud Workflows

Free Chapter

Chapter 1: Exam Overview and the Current State of Cloud Workloads

Chapter 1: Exam Overview and the Current State of Cloud Workloads

Technical requirements and lab setup

Preparing for a Microsoft exam

Resources available and utilizing Microsoft Learn for supplemental experience

Creating a Microsoft 365 trial subscription and free Azure account

Setting up a lab environment using Hyper-V

Exam objectives

Who should take the AZ-801 exam?

The current state of on-premises, hybrid, and cloud workflows (and how they can work together to deliver for you and your business needs)

Part 2: Secure Windows Server On-Premises and Hybrid Infrastructures

Part 2: Secure Windows Server On-Premises and Hybrid Infrastructures

Chapter 2: Securing the Windows Server Operating System

Chapter 2: Securing the Windows Server Operating System

Technical requirements and lab setup

Configuring and managing exploit protection

Configuring and managing WDAC

Configuring and managing Microsoft Defender for Endpoint

Configuring and managing Windows Defender Credential Guard

Configuring Microsoft Defender SmartScreen

Implementing operating system security by using Group Policy

Chapter 3: Securing a Hybrid Active Directory (AD) Infrastructure

Chapter 3: Securing a Hybrid Active Directory (AD) Infrastructure

Technical requirements and lab setup

Configuring and managing account and user security

Securing domain controllers

Managing AD built-in groups and delegation

Implementing and managing Microsoft Defender for Identity

Chapter 4: Identifying and Remediating Windows Server Security Issues Using Azure Services

Chapter 4: Identifying and Remediating Windows Server Security Issues Using Azure Services

Technical requirements and lab setup

Monitoring on-premises servers and Azure IaaS VMs using Microsoft Sentinel

Identifying and remediating security issues for on-premises servers and Azure-hosted VMs with MDC

Chapter 5: Secure Windows Server Networking

Chapter 5: Secure Windows Server Networking

Technical requirements and lab setup

Managing Windows Defender Firewall

Implementing domain isolation

Implementing connection security rules

Chapter 6: Secure Windows Server Storage

Chapter 6: Secure Windows Server Storage

Introduction to NSGs

Introduction to ASGs

Overview of Azure service tags

Overview of the Azure Storage firewall

Technical requirements and lab setup

Managing BitLocker

Managing and recovering encrypted volumes

Enabling storage encryption by using ADE

Managing Disk Encryption keys for IaaS VMs

Part 3: Implement and Manage Windows Server High Availability

Part 3: Implement and Manage Windows Server High Availability

Chapter 7: Implementing a Windows Server Failover Cluster

Chapter 7: Implementing a Windows Server Failover Cluster

Overview of Windows Server Failover Clustering

Technical requirements and lab setup

Introduction to Windows Admin Center

Creating and managing a Windows Server Failover Cluster

Configuring network settings for Failover Clustering

Configuring Windows Server Failover Cluster storage options

Configuring cluster workload options

Configuring Stretch Clusters

Configuring Scale-Out File Server

Configuring Cluster Sets

Chapter 8: Managing Failover Clustering

Chapter 8: Managing Failover Clustering

Technical requirements and lab setup

Managing failover clusters using Windows Admin Center

Implementing cluster-aware updating

Installing Windows updates on cluster nodes

Recovering a failed cluster node

Upgrading a node to Windows Server 2022

Failing over workloads between nodes

Chapter 9: Implementing and Managing Storage Spaces Direct

Chapter 9: Implementing and Managing Storage Spaces Direct

Technical requirements and lab setup

Introduction to Storage Spaces Direct (S2D)

Implementing networking for S2D

Deploying S2D on Windows Server

Upgrading an S2D cluster node

Part 4: Implement Disaster Recovery

Part 4: Implement Disaster Recovery

Chapter 10: Managing Backup and Recovery for Windows Server

Chapter 10: Managing Backup and Recovery for Windows Server

Technical requirements and lab setup

Using Azure Backup Server to manage, back up, and recover files

Using Azure Recovery Services vault to manage, back up, and restore files and folders

Configuring backups for Azure Virtual Machines using the built-in backup agent

Recovering a VM using temporary snapshots

Restoring or recovering VMs to existing or new Azure Virtual Machines

Chapter 11: Implementing Disaster Recovery Using Azure Site Recovery

Chapter 11: Implementing Disaster Recovery Using Azure Site Recovery

Technical requirements and lab setup

Introduction to Azure Site Recovery

Configuring Azure Site Recovery networking

Configuring Azure Site Recovery for on-premises VMs

Configuring a recovery plan

Configuring Azure Site Recovery policies

Configuring Azure Site Recovery for Azure Virtual Machines

Implementing VM replication to a secondary data center or Azure region

Chapter 12: Protecting Virtual Machines by Using Hyper-V Replicas

Chapter 12: Protecting Virtual Machines by Using Hyper-V Replicas

Technical requirements and lab setup

Introduction to Hyper-V Replica

Configuring Hyper-V hosts for replication

Configuring VM replication

Managing Hyper-V replica servers

Performing a VM failover

Part 5: Migrate Servers and Workloads

Part 5: Migrate Servers and Workloads

Chapter 13: Migrating On-Premises Storage to On-Premises Servers or Azure

Chapter 13: Migrating On-Premises Storage to On-Premises Servers or Azure

Technical requirements and lab setup

Introduction to Storage Migration Service

Transferring data and sharing configuration

Cutting over to a new server by using Storage Migration Service

Using Storage Migration Service to migrate to Azure Virtual Machines

Migrating to Azure File shares

Chapter 14: Migrating On-Premises Servers to Azure

Chapter 14: Migrating On-Premises Servers to Azure

Technical requirements and lab setup

Introduction to Azure Migrate

Migrating using Azure Migrate tools

Deploying and configure the Azure Migrate appliance

Migrating VM workloads to Azure IaaS

Migrating physical workloads to Azure IaaS

Chapter 15: Migrating Workloads from Previous Versions to Windows Server 2022

Chapter 15: Migrating Workloads from Previous Versions to Windows Server 2022

Technical requirements and lab setup

Migrate Internet Information Services (IIS)

Migrating Hyper-V hosts

Migrating RDS host servers

Migrating DHCP servers

Migrating print servers

Chapter 16: Migrating IIS Workloads to Azure

Chapter 16: Migrating IIS Workloads to Azure

Technical requirements and lab setup

Migrating IIS workloads to Azure Web Apps

Migrating IIS workloads to containers

Chapter 17: Migrating an Active Directory Domain Services (AD DS) Infrastructure to Windows Server 2022 AD DS

Chapter 17: Migrating an Active Directory Domain Services (AD DS) Infrastructure to Windows Server 2022 AD DS

Technical requirements and lab setup

Upgrading an existing forest

Migrating AD DS objects, users, groups, and Group Policy objects using the Active Directory Migration Tool

Migrating to a new Active Directory forest

Part 6: Monitor and Troubleshoot Windows Server Environments

Part 6: Monitor and Troubleshoot Windows Server Environments

Chapter 18: Monitoring Windows Server Using Windows Server Tools and Azure Services

Chapter 18: Monitoring Windows Server Using Windows Server Tools and Azure Services

Technical requirements and lab setup

Configuring monitoring and alerting for Windows Server

Managing Windows Server event logs

Deploying Azure Monitor Agents

Collecting performance counters for Azure

Creating Azure Monitor alerts

Monitoring Azure Virtual Machines using the Azure Diagnostics extension

Monitoring Azure Virtual Machines performance using VM Insights

Chapter 19: Troubleshooting Windows Server On-Premises and Hybrid Networking

Chapter 19: Troubleshooting Windows Server On-Premises and Hybrid Networking

Technical requirements and lab setup

Troubleshooting hybrid network connectivity

Troubleshooting on-premises connectivity

Chapter 20: Troubleshooting Windows Server Virtual Machines in Azure

Chapter 20: Troubleshooting Windows Server Virtual Machines in Azure

Technical requirements and lab setup

Troubleshooting deployment failures

Troubleshooting booting failures

Troubleshooting VM performance issues

Troubleshooting VM extension issues

Troubleshooting disk encryption issues

Troubleshooting storage

Troubleshooting VM connection issues

Chapter 21: Troubleshooting Active Directory

Chapter 21: Troubleshooting Active Directory

Technical requirements and lab setup

Restoring objects from AD Recycle Bin

Recovering an AD database using DSRM

Recovering SYSVOL

Troubleshooting AD replication

Troubleshooting hybrid authentication issues

Troubleshooting on-premises AD

Chapter 22: Final Assessment and Mock Exam/Questions

Chapter 22: Final Assessment and Mock Exam/Questions

Mock exam practice questions

Mock exam practice answers

Lab environment housekeeping

Index

Other Books You May Enjoy

Other Books You May Enjoy

Packt is searching for authors like you

Share Your Thoughts

Download a free PDF copy of this book

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Configuring and managing WDAC

In a nutshell, WDAC works to combat untrusted software, malware, and other vulnerabilities running on your devices. In a trust what you know and know what you trust approach, this means that only known and approved code will be able to run on your devices. This approach is super useful in high-security departments or government agencies, as you are equipped with an incredible amount of control over what can and cannot run.

For the most part, Windows Store apps, signed drivers, Windows operating system base components, Configuration Manager clients and software deployments, and updates that target standard Windows components are all marked as allowed and can run. The key differentiator with WDAC is that this feature makes use of the Microsoft Intelligent Security Graph, allowing you to trust applications that have been vetted by Microsoft and reducing your overall WDAC policy management.

We can utilize several deployment methods to deploy WDAC policies...