Cover image for Microsoft Azure Architect Technologies: Exam Guide AZ-300

Microsoft Azure Architect Technologies: Exam Guide AZ-300

Author Sjoukje Zaal
Release Date: 2020/01/01
ISBN: 9781838553531
Topic:
0%
418
Chapters
0-1
Hours read
0k
Total Words
    Start Reading Now    
       Add to Wishlist       
View table of contents

Book Description

Become a certified Azure Architect and learn to design effective solutions that span compute, security, networking, and development

Key Features

  • Learn to successfully design and architect powerful and cost-effective solutions on Microsoft Azure
  • Prepare to gain AZ-300 certification with the help of mock tests and practice questions
  • Enhance your computing, networking, storage, and security skills to design modern cloud-based solutions

    From designing solutions on Azure to configuring and managing virtual networks, AZ-300 certification can help you achieve all this and more. Whether you want to get certified or gain hands-on experience in administering, developing, and architecting Azure solutions, this study guide will help you get started. The book features not only the different exam objectives, but also guides you through configuring, managing, securing, and architecting Azure resources.

    Divided into five modules, this book will systematically take you through the different concepts and features as you advance through the sections. The first module demonstrates how to deploy and configure infrastructure. You will cover techniques related to implementing workloads and security, before learning how to create and deploy apps in the next module. To build on your knowledge, the final two modules will get you up to speed with implementing authentication, data security, and application and platform monitoring, along with covering Azure storage, alerting, and automation strategies. Finally, you'll work through exam-based mock tests with answers to boost your confidence in passing the exam.

    By the end of this book, you'll have learned the concepts and techniques you need to know in order to prepare for the AZ-300 exam, along with the skills to design effective solutions on Microsoft Azure.

    What you will learn

    • Manage Azure subscriptions and resources
    • Understand how to migrate servers to Azure
    • Configure and manage virtual networks
    • Monitor and troubleshoot virtual network connectivity
    • Manage Azure Active Directory (Azure AD) Connect and implement multi-factor authentication
    • Implement and manage hybrid identities
    • Develop solutions that use Cosmos DB and the Azure SQL Database
    • Get to grips with implementing secure data solutions

    Who this book is for

    This book is for solution architects and experienced developers who advise stakeholders and translate business requirements into secure, scalable, and reliable solutions. Technical architects interested in learning more about designing cloud solutions will also find this book useful. Some experience and knowledge of various aspects of IT operations, including networking, security, business continuity, disaster recovery, budgeting, and governance are required to grasp the concepts covered in the book effectively.

Table of Contents

  1. Title Page
  2. Copyright and Credits
    1. Microsoft Azure Architect Technologies: Exam Guide AZ-300
  3. About Packt
    1. Why subscribe?
  4. Contributors
    1. About the author
    2. About the reviewers
    3. Packt is searching for authors like you
  5. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
      1. Download the example code files
      2. Download the color images
      3. Conventions used
    4. Get in touch
      1. Reviews
  6. Section 1: Deploying and Configuring Infrastructure
  7. Analyzing Resource Utilization and Consumption
    1. Understanding Azure Monitor
    2. Creating and analyzing metrics and alerts
      1. Metrics
      2. Multi-dimensional metrics
        1. Creating a metric
      3. Alerts
        1. Creating an alert and an action group
    3. Creating a baseline for resources
    4. Configuring diagnostic settings on resources
      1. Enabling diagnostic settings
    5. Viewing alerts in Log Analytics
    6. Utilizing log search query functions
      1. Querying logs in Azure Monitor
    7. Summary
    8. Questions
    9. Further reading
  8. Creating and Configuring Storage Accounts
    1. Technical requirements
    2. Understanding Azure Storage accounts
      1. Storage account types
        1. General-purpose v1 (GPv1)
        2. Blob storage
        3. General-purpose v2 (GPv2)
      2. Storage replication types
        1. Locally redundant storage
        2. Zone-redundant storage
        3. Geo-redundant storage
        4. Geo-zone-redundant storage
        5. Read-access geo-redundant storage
      3. Azure Blob Storage
        1. Access tiers
          1. Hot access tier
          2. Cool access tier
          3. Archive
      4. Azure file storage
      5. Azure disk storage
        1. Standard disk storage
        2. Premium disk storage
        3. Ultra disk storage
        4. Unmanaged versus managed disks
    3. Creating and configuring a storage account
    4. Installing and using Azure Storage Explorer
    5. Configuring network access to the storage account
    6. SAS and access keys
      1. Managing access keys
      2. Generating an SAS
    7. Implementing Azure Storage replication
    8. Summary
    9. Questions
    10. Further reading
  9. Implementing and Managing Virtual Machines
    1. Technical requirements
    2. Understanding VMs
      1. VM series and sizes
      2. Managed disks
    3. Understanding Availability Sets
      1. Fault domains and update domains
    4. Understanding provisioning VMs
      1. Deploying a Windows VM from the Azure portal
      2. Deploying a Windows VM from PowerShell
    5. Understanding VM scale sets
      1. Deploying and configuring scale sets
    6. Modifying and deploying ARM templates
      1. Modifying an ARM template
      2. Saving a deployment as an ARM template
    7. Configuring Azure Disk Encryption for VMs
      1. Creating an Azure Key Vault
      2. Encrypting the disk
    8. Summary
    9. Questions
    10. Further reading
  10. Implementing and Managing Virtual Networking
    1. Technical requirements
    2. Understanding Azure VNet
    3. Understanding IP addresses
      1. Public IP address
      2. Private IP addresses
    4. Configuring virtual networks and subnets
    5. Configuring private and public IP addresses
    6. User-defined routes
      1. Creating user-defined routes
    7. Summary
    8. Questions
    9. Further reading
  11. Creating Connectivity between Virtual Networks
    1. Technical requirements
    2. Understanding VNet peering
      1. Creating and configuring VNet peering
    3. Understanding VNet-to-VNet
      1. Creating and configuring VNet-to-VNet
        1. Planning IP ranges
        2. Creating PacktVNet1
        3. Creating PacktVNet2
        4. Creating connections
    4. Verifying virtual network connectivity
    5. VNet peering versus VNet-to-VNet connections
    6. Summary
    7. Questions
    8. Further reading
  12. Managing Azure Active Directory (Azure AD)
    1. Understanding Azure AD
    2. Creating and managing users and groups
      1. Creating users in Azure AD
      2. Creating groups in Azure AD
      3. Adding and managing guest accounts
      4. Performing bulk user updates
    3. Configuring a self-service password reset
    4. Understanding conditional access policies
    5. Working with Azure AD join
      1. Managing device settings
    6. Adding custom domains
    7. Summary
    8. Questions
    9. Further reading
  13. Implementing and Managing Hybrid Identities
    1. Understanding Azure AD Connect
      1. Azure AD password hash synchronization
      2. Azure AD pass-through authentication
    2. Installing Azure AD Connect
    3. Managing Azure AD Connect
    4. Password writeback
      1. Managing password writeback
        1. Enabling password writeback in Azure AD Connect
        2. Enabling password writeback in the Azure portal
    5. Password synchronization
    6. Summary
    7. Questions
    8. Further reading
  14. Section 2: Implementing Workloads and Security
  15. Migrating Servers to Azure
    1. Understanding Azure Migrate
    2. Azure Migrate tools
      1. Azure Migrate Server Assessment tool
      2. Azure Migrate Server Migration tool
      3. Database Migration Assistant
      4. Database Migration Service
      5. Web App Migration Assistant
      6. Offline data migration
    3. Migrating on-premises machines to Azure
      1. Create an Azure Migrate project
      2. Downloading and installing the appliance
      3. Configuring the appliance and starting continuous discovery
      4. Creating and viewing an assessment
      5. Prepare Hyper-V host
      6. Replicating the Hyper-V VMs
        1. Replicating for the first time
      7. Migrating Hyper-V VMs to Azure
        1. Running a test migration
        2. Migrating VMs to Azure
    4. Summary
    5. Questions
    6. Further reading
  16. Configuring Serverless Computing
    1. Technical requirements
    2. Creating and managing objects
      1. Azure Functions
        1. Creating an Azure Function
      2. Azure Logic Apps
        1. Deploying the Logic App ARM template
    3. Managing a Logic App resource
      1. Monitoring, logging, and alerts
        1. Viewing runs and trigger history
        2. Setting up alerts
      2. Accessing on-premises data
    4. Understanding Azure Event Grid
      1. Event domains
    5. Understanding Azure Service Bus
      1. Azure Service Bus geo-disaster recovery
        1. Setting up geo-disaster recovery
    6. Summary
    7. Questions
    8. Further reading
  17. Implementing Application Load Balancing
    1. Technical requirements
    2. Understanding Azure Application Gateway
    3. Configuring an application gateway
      1. Creating network resources
      2. Creating the backend servers
    4. Implementing frontend IP configurations
      1. Creating the backend pool
        1. Creating the application gateway
        2. Testing the application gateway
    5. Configuring load balancing rules
    6. Managing application load balancing
      1. Health probes
      2. Monitoring
      3. Turning on the web application firewall
    7. Understanding Azure Front Door
    8. Summary
    9. Questions
    10. Further reading
  18. Integrating On-Premises Networks with Azure Virtual Network
    1. Technical requirements
    2. Understanding Azure VPN gateway
      1. S2S VPNs
      2. Multi-site VPNs
      3. P2S VPNs
      4. ExpressRoute
    3. Creating and configuring an Azure VPN gateway
      1. Creating and configuring the on-premises VPN device
      2. Creating a virtual network
      3. Creating an Azure VPN gateway
    4. Creating and configuring the S2S VPN
      1. Creating the local network gateway
      2. Configuring the on-premises VPN device
    5. Verifying on-premises connectivity
    6. Summary
    7. Questions
    8. Further reading
  19. Managing Role-Based Access Control (RBAC)
    1. Technical requirements
    2. Understanding RBAC
      1. Built-in roles
      2. Custom roles
    3. Configuring access to Azure resources by assigning roles
    4. Configuring management access to Azure
    5. Creating a custom role
    6. Azure Policy
    7. Implementing and assigning Azure policies
    8. Summary
    9. Questions
    10. Further reading
  20. Implementing Multi-Factor Authentication (MFA)
    1. Understanding Azure MFA
      1. Enabling MFA for an Azure AD tenant
    2. Configuring user accounts for MFA
    3. Configuring verification methods
    4. Configuring trusted IPs
    5. Configuring fraud alerts
    6. Configuring bypass options
    7. Summary
    8. Questions
    9. Further reading
  21. Section 3: Creating and Deploying Apps
  22. Creating Web Apps by Using PaaS
    1. Technical requirements
    2. Understanding App Services
    3. Understanding App Service plans
      1. Creating an Azure App Service web app
      2. Creating documentation for the API
    4. Understanding Web App for Containers
      1. Creating an App Service Web App for Containers
    5. Understanding WebJobs
      1. Creating an App Service background task using WebJobs
      2. Deploying the WebJob to Azure App Services
    6. Understanding diagnostic logging
      1. Web server diagnostics
      2. Application diagnostics
      3. Enabling diagnostic logging
    7. Summary
    8. Questions
    9. Further reading
  23. Designing and Developing Apps That Run in Containers
    1. Technical requirements
    2. Understanding Azure Container Instances
      1. Implementing an application that runs on an ACI
        1. Creating a container image using a Dockerfile
        2. Publishing an image to the Azure Container Registry
        3. Pushing the Docker image from ACR to ACI
    3. Understanding AKS
      1. Creating an AKS
      2. Connecting to the cluster
      3. Deploying the application
      4. Testing the application
      5. Monitoring the health and logs of the application
    4. Summary
    5. Questions
    6. Further reading
  24. Section 4: Implementing Authentication and Secure Data
  25. Implementing Authentication
    1. Technical requirements
    2. Understanding Azure App Service authentication
    3. Implementing Windows-integrated authentication
      1. Deploying the web app
      2. Enabling authentication and authorization
    4. Implementing authentication by using certificates
    5. Understanding OAuth2 authentication in Azure AD
      1. Implementing OAuth2 authentication
        1. Registering the application in Azure AD
        2. Implementing tokens
        3. Refreshing tokens
    6. Understanding managed identities
    7. Implementing managed identities for Azure resources service principal authentication
    8. Summary
    9. Questions
    10. Further reading
  26. Implementing Secure Data Solutions
    1. Technical requirements
    2. Understanding data security in Azure
      1. Protecting data
      2. Azure encryption models
        1. Client-side encryption
        2. Server-side encryption
    3. Encrypting and decrypting data at rest
      1. Encrypting and decrypting data at rest
        1. Azure Disk Encryption 
        2. Azure Storage 
        3. Azure SQL Database
      2. Encrypting and decrypting blobs in Microsoft Azure Storage using Azure Key Vault
        1. Creating a storage account with a blob container
        2. Creating an Azure Key Vault
        3. Creating a service principal
        4. Creating a SymmetricKey 
        5. Creating an application to encrypt and decrypt files
    4. Encrypting and decrypting data in transit
      1. TLS/SSL encryption in Azure
      2. Azure Storage transactions
      3. SMB encryption over Azure virtual networks
      4. In-transit encryption in VMs
      5. Azure VPN encryption
    5. Encrypting data with Always Encrypted
    6. Understanding Azure confidential computing
    7. Creating, reading, updating, and deleting keys, secrets, and certificates by using the Key Vault API
    8. Summary
    9. Questions
    10. Further reading
  27. Section 5: Developing for the Cloud and for Azure Storage
  28. Developing Solutions That Use Cosmos DB Storage
    1. Technical requirements
    2. Understanding Cosmos DB
    3. Create, read, update, and delete data by using appropriate APIs
      1. Creating a Cosmos DB
      2. Creating the sample application
        1. Connecting to the Cosmos DB account
        2. Creating a new database
        3. Creating a container
        4. Adding items to the container
        5. Querying Azure Cosmos DB resources
        6. Updating a JSON item
        7. Deleting an item
    4. Understanding partitioning schemes
    5. Setting the appropriate consistency level for operations
    6. Summary
    7. Questions
    8. Further reading
  29. Developing Solutions That Use a Relational Database
    1. Technical requirements
    2. Understanding Azure SQL Database
      1. SQL Server Stretch Database
      2. High availability
    3. Provisioning and configuring an Azure SQL database
      1. Creating a server-level firewall rule
      2. Creating a table in the database
    4. Creating, reading, updating, and deleting data tables by using code
      1. Connecting to the Azure SQL database
      2. Adding items to the database
      3. Querying Azure SQL Database items
      4. Updating an Azure SQL Database row
      5. Deleting an item
    5. Configuring elastic pools for Azure SQL Database
    6. Understanding Azure SQL Database managed instances
    7. Summary
    8. Questions
    9. Further reading
  30. Message-Based Integration Architecture and Autoscaling
    1. Technical requirements
    2. Understanding Azure Integration Services
      1. Azure Relay service
        1. Hybrid connections
        2. WCF Relays
      2. Azure Notification Hubs
      3. Azure IoT Hub
      4. Azure Event Hubs
    3. Routing events using Event Grid
    4. Designing an effective messaging architecture
    5. Implementing autoscaling rules and patterns
      1. Azure Monitor autoscaling
      2. Application design considerations
    6. Summary
    7. Questions
    8. Further reading
  31. Mock Questions
  32. Mock Answers
  33. Assessments
    1. Chapter 1: Analyzing Resource Utilization and Consumption
    2. Chapter 2: Creating and Configuring Storage Accounts
    3. Chapter 3: Implementing and Managing Virtual Machines
    4. Chapter 4: Implementing and Managing Virtual Networking
    5. Chapter 5: Creating Connectivity between Virtual Networks
    6. Chapter 6: Managing Azure Active Directory (Azure AD)
    7. Chapter 7: Implementing and Managing Hybrid Identities
    8. Chapter 8: Migrating Servers to Azure
    9. Chapter 9: Configuring Serverless Computing
    10. Chapter 10: Implementing Application Load Balancing
    11. Chapter 11: Integrating On-Premises Networks with Azure Virtual Networks
    12. Chapter 12: Managing Role-Based Access Control (RBAC)
    13. Chapter 13: Implementing Multi-Factor Authentication (MFA)
    14. Chapter 14: Creating Web Apps by Using PaaS
    15. Chapter 15: Designing and Developing Apps That Run in Containers
    16. Chapter 16: Implementing Authentication
    17. Chapter 17: Implementing Secure Data Solutions
    18. Chapter 18: Developing Solutions That Use Cosmos DB Storage
    19. Chapter 19: Developing Solutions That Use a Relational Database
    20. Chapter 20: Message-Based Integration Architecture and Autoscaling
  34. Another Book You May Enjoy
    1. Leave a review - let other readers know what you think
3.149.243.32