After passing many Azure exams, and continued questions from colleagues and friends, I thought about beginning to write about Azure Exam Study Guides in such a way that they bring all the relevant material together in one big guide, which a student may learn easily from.
I know it makes more sense to see a guide coming from someone who have already passed what he preaches, so here’s the guide and some of my lessons learned for you to take away.
The bullet points of this guide primary come from the Microsoft’s Azure examination documentation / syllabus. The idea is, or say the understanding is that the new exams are all about Role based and the contents assessed during the exam is outlined below which you can refer to. And doing so, fully and completely, will ensure that you pass the exam with the highest chances possible (because you have studied everything that is being asked about.)
Just to tell you the other side: This cannot be said with full certainty that studying the whole syllabus will make it certain that you pass. You need practice to cover the real life scenarios and edge cases!
This is how I’d prepare for a typical (any, including I did for AZ-104) Azure exam:
- Go thru the following guide.
- Search Pluralsight if you have subscription. There are a number of certification paths on Pluralsight, one of them is for AZ-104.
- Search Udemy for courses and buy those micro courses on the topic. There are many authors who have their version of the course. These courses are often not updated and brief, so make sure you take them only as a supplement to the actual/core preparation of your exam.
- Go to Microsoft Hands On Labs and practice free. Yeah you can get free, micro-Azure subscriptions which you don’t have to pay for but are only typically available for couple of hours. Maybe good if you are thrifty, or just exploring it at this time.
- There are also several companies that sells practice exams. One of them is called MeasureUp.
- Another pro technique is, if you are new, that to search YouTube about Azure topic that you are interested in and select search results to appear from playlists. This will give you reference to the greater playlist, thus you can watch that playlist/channel and get access to broader content.
- Whenever watching any video content, the best advice is to learn to play it faster. For example you are able to listen and comprehend at 1.0x speed of the video, next time try playing at 1.25x. See how much of it still makes sense. If English is not your first language, this may require some practice but it definitely worth how you can polish your comprehension speed, thus overall improve your learning experience, of not just Azure but all the other technologies out there.
- The most effective way I have found to go in great depths, without loosing interest or attention is to follow Microsoft Azure Docs. Another interesting technique is to use the left hand side navigation and go to areas like Concepts and How-To Guides. For example you can checkout Concepts and How-To guides of Azure Cosmos DB.
- Don’t like reading much but an Audio/Visual learner? I’d suggest that you use Microsoft’s new Edge browser, open the page and use the Read Aloud feature which will nicely convert text to voice. You can also speed it up and skip the content by clicking on the paragraph where you want to to continue reading.
The following guide is written in format like 1 to 5, then each of them have child topics A, B, C… Such format will allow you to navigate and bookmark easily when reading it.
1. Manage Azure subscriptions and Resources (15-20%)
A. Manage Azure Subscriptions
Assign administrator permissions
https://docs.microsoft.com/en-us/azure/billing/billing-add-change-azure-subscription-administrator
Configure cost center quotas and tagging
LinkedIn Learning: Configure Cost Center quotas (check with a free trial)
Configure policies at Azure subscription level
https://docs.microsoft.com/en-us/azure/governance/policy/assign-policy-portal
B. Analyze Resource Utilization and Consumption
Configure diagnostic settings on resources
Linkedin Learning: Configure Diagnostic Setting (check with a free trial)
Create a baseline for resources
LinkedIn Learning: Creating a Baseline for Resources (check with a free trial)
Create and test alerts
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/alerts-metric
Analyze alerts across subscription
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/alerts-managing-alert-instances
Analyze metrics across subscription
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/metrics-charts
Create action groups and action rules
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/action-groups
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/alerts-action-rules
Monitor for unused resources
https://docs.bmc.com/docs/reclaiming-the-unused-and-overallocated-azure-virtual-machines
Monitor spend
https://docs.microsoft.com/en-us/azure/billing/billing-getting-started
Report on spend
https://docs.microsoft.com/en-us/azure/billing/billing-download-azure-invoice-daily-usage-date
Utilize Log queries in Azure Monitor
https://docs.microsoft.com/en-us/azure/azure-monitor/log-query/query-language
View alerts in Azure Monitor
C. Manage Resource Groups
Use Azure policies for resource groups
https://docs.microsoft.com/en-us/azure/governance/policy/enforce-tag-on-resource-groups
Configure resource locks
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-lock-resources
Configure resource policies
https://docs.microsoft.com/en-us/azure/governance/policy/tutorials/create-and-manage
Implement and set tagging on resource groups
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-using-tags
Move resources across resource groups
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-move-resources
Remove resource groups
D. Managed Role based Access Control (RBAC)
Create a custom role
https://docs.microsoft.com/en-us/azure/role-based-access-control/tutorial-custom-role-powershell
Configure access to Azure resources by assigning roles
https://docs.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal
Configure management access to Azure
https://docs.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal
Troubleshoot RBAC
https://docs.microsoft.com/en-us/azure/role-based-access-control/troubleshooting
Implement RBAC policies
https://docs.microsoft.com/en-us/azure/role-based-access-control/conditional-access-azure-management
Assign RBAC Roles
https://docs.microsoft.com/en-us/azure/role-based-access-control/quickstart-assign-role-user-portal
2. Implement and Manage Storage (15-20%)
A. Create and Configure Storage Accounts
Configure network access to the storage account
https://docs.microsoft.com/en-us/azure/storage/common/storage-network-security
Create and configure storage account
https://docs.microsoft.com/en-us/azure/storage/common/storage-quickstart-create-account
https://docs.microsoft.com/en-us/azure/storage/common/storage-account-manage
Generate shared access signature
https://docs.microsoft.com/en-us/azure/storage/common/storage-dotnet-shared-access-signature-part-1
Install and use Azure Storage Explorer
https://docs.microsoft.com/en-us/azure/vs-azure-tools-storage-manage-with-storage-explorer
Manage access keys
https://docs.microsoft.com/en-us/azure/storage/common/storage-account-manage
Monitor activity log by using Monitor Logs
Implement Azure storage replication
MSDN Blog: Azure Storage Replication Implementation
Implement Azure AD authentication
https://docs.microsoft.com/en-us/azure/storage/common/storage-auth-aad-app
B. Import and Export Data to Azure
Create export from Azure job
https://docs.microsoft.com/en-us/azure/storage/common/storage-import-export-data-from-blobs
Create import into Azure job
https://docs.microsoft.com/en-us/azure/storage/common/storage-import-export-data-to-blobs
Use Azure Data Box
https://docs.microsoft.com/en-us/azure/databox/data-box-quickstart-portal
Configure and use Azure blob storage
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-quickstart-blobs-portal
Configure Azure content delivery network (CDN) endpoints
https://docs.microsoft.com/en-us/azure/cdn/cdn-create-a-storage-account-with-cdn
Use Azure Data Factory to transfer data to Azure
https://docs.microsoft.com/en-us/azure/data-factory/copy-activity-overview
C. Configure Azure Files
Create an Azure file share
https://docs.microsoft.com/en-us/azure/storage/files/storage-how-to-create-file-share
Create Azure File Sync service
Create Azure sync group
Troubleshoot Azure File Sync
https://docs.microsoft.com/en-us/azure/storage/files/storage-sync-files-troubleshoot
D. Implement Azure Backup
Configure and review backup reports
https://docs.microsoft.com/en-us/azure/backup/backup-azure-configure-reports
Perform backup operation
https://azure.microsoft.com/en-in/blog/microsoft-azure-block-blob-storage-backup/
Create Recovery Services Vault
https://docs.microsoft.com/en-us/azure/backup/backup-create-rs-vault
Create and configure a backup policy
https://docs.microsoft.com/en-us/cli/azure/backup/policy?view=azure-cli-latest
Perform a restore operation
https://docs.microsoft.com/en-us/azure/sql-database/sql-database-recovery-using-backups
3. Deploy and Manage Virtual Machines (VMs) (15-20%)
A. Create and Configure a VM for Windows and Linux
Configure high availability
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/tutorial-availability-sets
Configure monitoring, networking, storage, and virtual machine size
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/tutorial-monitoring
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/tutorial-virtual-network
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/managed-disks-overview
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/sizes
Deploy and configure scale sets
https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/quick-create-portal
B. Automate Deployment of VMs
Modify Azure Resource Manager (ARM) template
Configure location of new VMs
https://docs.microsoft.com/en-us/azure/site-recovery/azure-to-azure-tutorial-migrate
Configure VHD template
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/create-vm-specialized
Deploy from template
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/ps-template
Save a deployment as an ARM template
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/download-template
Deploy Windows and Linux VMs
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/ps-template
https://docs.microsoft.com/en-us/azure/virtual-machines/linux/create-ssh-secured-vm-from-template
C. Manage Azure VM
Add data discs
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/attach-disk-ps
Add network interfaces
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-network-interface-vm
Automate configuration management by using PowerShell Desired State Configuration (DSC) and VM Agent by using custom script extensions
https://docs.microsoft.com/en-us/azure/automation/automation-dsc-getting-started
Manage VM sizes
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/sizes
Move VMs from one resource group to another
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/move-vm
Redeploy VMs
https://docs.microsoft.com/en-us/azure/virtual-machines/troubleshooting/redeploy-to-new-node-windows
Soft delete for Azure VMs
https://docs.microsoft.com/bs-latn-ba/azure/backup/backup-azure-security-feature-cloud#soft-delete
D. Manage VM Backups
Configure VM backup
https://docs.microsoft.com/en-us/azure/backup/quick-backup-vm-portal
Define backup policies
https://docs.microsoft.com/en-us/azure/backup/backup-azure-vms-encryption
Implement backup policies
https://docs.microsoft.com/en-us/azure/backup/backup-azure-arm-vms-prepare
Perform VM restore
https://docs.microsoft.com/en-us/azure/backup/backup-azure-arm-restore-vms
Azure Site Recovery
https://docs.microsoft.com/en-us/azure/site-recovery/azure-to-azure-quickstart
4. Configure and Manage Virtual Networks (30-35%)
A. Create Connectivity between Virtual Networks
Create and configure VNET peering
https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal
Create and configure VNET to VNET connections
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-vnet-vnet-rm-ps
Verify virtual network connectivity
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-verify-connection-resource-manager
Create a virtual network gateway
https://docs.microsoft.com/en-us/azure/vpn-gateway/create-routebased-vpn-gateway-portal
B. Implement and Manage Virtual Networking
Configure private and public IP addresses
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-public-ip-address
Configure network routes
https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-create-route-table-portal
Configure network interface
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-network-interface
Configure subnets
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-manage-subnet
Configure virtual network
https://docs.microsoft.com/en-us/azure/virtual-network/manage-virtual-network
C. Configure Name Resolution
Configure Azure DNS
https://docs.microsoft.com/en-us/azure/dns/dns-getstarted-portal
Configure custom DNS settings
https://docs.microsoft.com/en-us/azure/dns/dns-custom-domain
Configure private and public DNS zones
https://docs.microsoft.com/en-us/azure/dns/private-dns-getstarted-powershell
https://docs.microsoft.com/en-us/azure/dns/dns-delegate-domain-azure-dns
D. Create and Configure a Network Security Group (NSG)
Create security rules
https://docs.microsoft.com/en-us/azure/virtual-network/manage-network-security-group
Associate NSG to a subnet or network interface
https://docs.microsoft.com/en-us/azure/virtual-network/manage-network-security-group
Identify required ports
https://docs.microsoft.com/en-us/azure/virtual-network/security-overview
Evaluate effective security rules
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-network-interface
Implement Application Security Groups
E. Implement Azure Load Balancer
Configure the internal load balancer
https://docs.microsoft.com/en-us/azure/load-balancer/tutorial-load-balancer-basic-internal-portal
Configure load balancing rules
https://docs.microsoft.com/en-us/azure/load-balancer/configure-load-balancer-outbound-cli
Configure a public load balancer
Troubleshoot load balancing
https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-troubleshoot
F. Monitor and Troubleshoot Virtual Networking
Monitor on-premises connectivity
Use Network resource monitoring
https://docs.microsoft.com/en-us/azure/azure-monitor/insights/network-performance-monitor
Use Network Watcher
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-create
Troubleshoot external networking
Troubleshoot virtual network connectivity
G. Integrate On premises Network with Azure Virtual Network
Create and configure Azure VPN Gateway
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-tutorial-create-gateway-powershell
Create and configure site to site VPN
Configure Express Route
Verify on premises connectivity
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-verify-connection-resource-manager
Troubleshoot on premises connectivity with Azure
Use Azure network adapter
https://www.thomasmaurer.ch/2018/09/windows-server-azure-network-adapter/
5. Manage Identities (15-20%)
A. Manage Azure Active Directory (AD)
Add custom domains
https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/add-custom-domain
Azure AD Join
https://docs.microsoft.com/en-us/azure/active-directory/user-help/user-help-join-device-on-network
Configure self-service password reset
https://docs.microsoft.com/en-us/azure/active-directory/authentication/quickstart-sspr
Manage multiple directories
B. Manage Azure AD Objects (Users, Groups, and Devices)
Create users and groups
Manage user and group properties
Manage device settings
https://docs.microsoft.com/en-us/azure/active-directory/devices/device-management-azure-portal
Perform bulk user updates
https://blogs.technet.microsoft.com/active-directory/bulk-user-modification/
Manage guest accounts
https://docs.microsoft.com/en-us/azure/active-directory/b2b/b2b-quickstart-add-guest-users-portal
C. Implement and Manage Hybrid Identities
Install Azure AD Connect, including password hash and pass-through synchronization
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-install-express
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-pta-quick-start
Use Azure AD Connect to configure federation with on-premises Active Directory Domain Services (AD DS)
Manage Azure AD Connect
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-post-installation
Manage password sync and password writeback
https://docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-enable-writeback
D. Implement Multi-factor Authentication (MFA)
Configure user accounts for MFA
Enable MFA by using bulk update
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-userstates/bulk
Configure fraud alerts
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings/fraud
Configure bypass options
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings/bypass
Configure Trusted IPs
Configure verification methods