This series will cover various study notes as I study for the Azure Infrastructure and Deployment exam. Most sections are still applicable to AZ-103 so I’d say it’s safe to use this as a study resource for that too but you will need to look up some sections which are new and unique to AZ-103.
The exam covers the sections below which I will flesh out in their own articles as I learn more. Any published articles may be reached by clicking the heading links for each section –
Manage Azure subscriptions and resources (15-20%)
- May include but not limited to: Assign administrator permissions; configure cost center quotas and tagging; configure Azure subscription policies at Azure subscription level
Analyze resource utilization and consumption
- May include but not limited to: Configure diagnostic settings on resources; create baseline for resources; create and test alerts; analyze alerts across subscription; analyze metrics across subscription; create action groups; monitor for unused resources; monitor spend; report on spend; utilize Log Search query functions; view alerts in Log Analytics
- May include but not limited to: Use Azure policies for resource groups; configure resource locks; configure resource policies; implement and set tagging on resource groups; move resources across resource groups; remove resource groups
Implement and manage storage (20-25%)
Create and configure storage accounts
- May include but not limited to: Configure network access to the storage account; create and configure storage account; generate shared access signature; install and use Azure Storage Explorer; manage access keys; monitor activity log by using Log Analytics; implement Azure storage replication
Import and export data to Azure
- May include but not limited to: Create export from Azure job; create import into Azure job; Use Azure Data Box; configure and use Azure blob storage; configure Azure content delivery network (CDN) endpoints
- May include but not limited to: Create Azure file share; create Azure File Sync service; create Azure sync group; troubleshoot Azure File Sync
- May include but not limited to: Configure and review backup reports; perform backup operation; create Recovery Services Vault; create and configure backup policy; perform a restore operation
Deploy and manage virtual machines (VMs) (20-25%)
Create and configure a VM for Windows and Linux
- May include but not limited to: Configure high availability; configure monitoring, networking, storage, and virtual machine size; deploy and configure scale sets
- May include but not limited to: Modify Azure Resource Manager (ARM) template; configure location of new VMs; configure VHD template; deploy from template; save a deployment as an ARM template; deploy Windows and Linux VMs
- May include but not limited to: Add data discs; add network interfaces; automate configuration management by using PowerShell Desired State Configuration (DSC) and VM Agent by using custom script extensions; manage VM sizes; move VMs from one resource group to another; redeploy VMs
- May include but not limited to: Configure VM backup; define backup policies; implement backup policies; perform VM restore
Configure and manage virtual network (20-25%)
Create connectivity between virtual networks
- May include but not limited to: Create and configure VNET peering; create and configure VNET to VNET; verify virtual network connectivity; create virtual network gateway
Implement and manage virtual networking
- May include but not limited to: Configure private and public IP addresses, network routes, network interface, subnets, and virtual network
Configure name resolution
- May include but not limited to: Configure Azure DNS; configure custom DNS settings; configure private and public DNS zones
Create and configure a Network Security Group (NSG)
- May include but not limited to: Create security rules; associate NSG to a subnet or network interface; identify required ports; evaluate effective security rules
Manage identities (15-20%)
Manage Azure Active Directory (AD)
- May include but not limited to: Add custom domains; configure Azure AD Identity Protection, Azure AD Join, and Enterprise State Roaming; configure self-service password reset; implement conditional access policies; manage multiple directories; perform an access review
Manage Azure AD objects (users, groups, and devices)
- May include but not limited to: Create users and groups; manage user and group properties; manage device settings; perform bulk user updates
Implement and manage hybrid identities
- May include but not limited to: Install and configure Azure AD Connect; configure federation and single sign-on; manage Azure AD Connect; manage password sync and writeback
Great notes! Keep up the good work! 🙂
LikeLiked by 1 person