Contents
Quick access to online references
Errata, updates, & book support
Chapter 1 Design and implement Azure App Service Web Apps
Migrate a web app to separate App Service Plan
Configuring application settings
Configure a custom domain for a web app
Configuring virtual applications and directories
Skill 1.3: Configure diagnostics, monitoring, and analytics
Enabling application and web server diagnostics
Monitor App Service Plan resources
Monitor availability, performance, and usage
Skill 1.4: Configure web apps for scale and resilience
Scale up or down an app service plan
Scale app service instances manually
Scale app service instances using Autoscale
Configure Azure Traffic Manager
Chapter 2 Create and manage Compute Resources
Skill 2.1: Deploy workloads on Azure Resource Manager (ARM) virtual machines (VMs)
Identify and run workloads in VMs
Connecting to virtual machines
Skill 2.2: Perform configuration management
PowerShell Desired State Configuration
Using the custom script extension
Skill 2.3: Design and implement VM Storage
Virtual machine storage overview
Skill 2.5: Manage ARM VM availability
Deploy and configure VM scale sets (VMSS)
Skill 2.7 Manage containers with Azure Container Services (ACS)
Configure for open-source tooling
Create and manage container images
Implement Azure Container Registry
Deploy a Kubernetes cluster in ACS
Manage containers with Azure Container Services (ACS)
Scale applications using Docker Swarm, DC/OS, or Kubernetes
Migrate container workloads to and from Azure
Monitor Kubernetes by using Microsoft Operations Management Suite (OMS)
Chapter 3 Design and implement a storage strategy
Skill 3.1: Implement Azure Storage blobs and files
Using the async blob copy service
Configuring the Content Delivery Network
Configuring custom domains for storage and CDN
Creating, and using, shared access signatures
Virtual Network Service Endpoints
Skill 3.3: Configure diagnostics, monitoring, and analytics
Configuring Azure Storage Diagnostics
Enabling monitoring and alerts
Skill 3.4: Implement storage encryption
Encrypt data using Azure Storage Service Encryption (SSE)
Implement encryption and role based access control with Azure Data Lake Store
Chapter 4 Implement Virtual Networks
Skill 4.1: Configure Virtual Networks
Create a Virtual Network (VNet)
Setup DNS at the Virtual Network level
Connect VNets using VNet peering
Skill 4.2: Design and implement multi-site or hybrid network connectivity
Choose the appropriate solution between ExpressRoute, Site-to-Site and Point-to-Site
Choose the appropriate gateway
Identify network prerequisites
Implement Virtual Network peering service chaining
Configure Virtual Network and Multi-Site Virtual Networks
Skill 4.3: Configure ARM VM Networking
Configure Private Static IP Addresses
DNS at the Network Interface (NIC) Level
Network Security Groups (NSGs)
User Defined Routes (UDR) with IP Forwarding
External and Internal load balancing with HTTP and TCP health probes
Design and Implement Application Gateway (App Gateway)
Skill 4.4: Design and implement a communication strategy
Leverage Site-to-Site (S2S) VPN to connect to an on-premises infrastructure
Implement Hybrid Connections to access data sources on-premises
Chapter 5 Design and deploy ARM templates
Skill 5.1: Implement ARM templates
Leverage service principals with ARM authentication
Skill 5.3: Design role-based access control (RBAC)
Implement Azure RBAC standard roles
Design Azure RBAC custom roles
Chapter 6 Manage Azure Security and Recovery Services
Skill 6.1: Manage data protection and security compliance
Create and import encryption keys with Key Vault
Automate tasks for SSL/TLS Certificates
Prevent and respond to security threats with Azure Security Center
Configure single sign-on with SaaS applications using federation and password based
Add users and groups to applications
Revoke access to SaaS applications
Configure federation with public consumer identity providers such as Facebook and Google
Skill 6.2: Implement recovery services
Create a Recovery Services vault
Implement DR as service, Deploy ASR agent, ASR Configuration & best practices
Chapter 7 Manage Azure Operations
Skill 7.1: Enhance cloud management with automation
Integrate Azure Automation with Web Apps
Create and manage PowerShell Desired State Configurations (DSC)
Generate DSC node configurations
Monitor and automatically update machine configurations with Azure Automation DSC
Skill 7.2: Collect and analyze data generated by resources in cloud and on-premises environments
Collect and search across data sources from multiple systems
Visualize Azure resources across multiple subscriptions
Transform Azure activity data and managed resource data into an insight with flexible search queries
Monitor system updates and malware status
Track server configuration changes by using Azure Log Analytics
Chapter 8 Manage Azure Identities
Monitor Sync Engine & Replication
Setup Email Notifications for Critical Alerts
Monitor ADFS proxy and Web Application proxy Servers
Skill 8.2: Manage Domains with Active Directory Domain Services
Implement Azure AD Domain Services
Join Azure virtual machines to a Domain
Securely Administer Domain-joined virtual machines by using Group Policy
Migrate On-premises Apps to Azure
Handle Traditional Directory-aware Apps along with SaaS Apps
Skill 8.3: Integrate with Azure Active Directory (Azure AD)
Implement Azure AD Connect and Single Sign-on with On-premises Windows Server
Multi-Factor Authentication (MFA)
Config Windows 10 with Azure AD Domain Join
Implement Azure AD Integration in Web and Desktop Applications
Skill 8.4: Implement Azure AD B2C and Azure AD B2B
Create an Azure AD B2C Directory
Implement Social Identity Provider Authentication
Enable Multi-Factor Authentication (MFA)
Set up Self-Service Password Reset
Implement B2B Collaboration and Configure Partner Users
What do you think of this book? We want to hear from you!
Microsoft is interested in hearing your feedback so we can continually improve our books and learning resources for you. To participate in a brief online survey, please visit: