A Couple of weeks ago I signed up for the new beta exams for Microsoft Azure, which are currently in Beta and was limited to a number amount of seats. So this post is more of a study guide I created for preparation for these exams, listed below. Which also lists out the different topics that will be tested on the certification as well.
Links to the different exams
Microsoft Azure Infrastructure and Deployment AZ-100
Microsoft Azure Integration and Security AZ-101
Microsoft Azure Administrator Certification Transition AZ-102
Study Guide – AZ-100
Manage Azure subscriptions
May include but not limited to: Assign administrator permissions; configure cost center quotas and tagging; configure subscription policies
Cost Center Tagging: https://docs.microsoft.com/en-us/azure/billing/billing-getting-started#ways-to-monitor-your-costs-when-using-azure-services
Azure Policies: https://docs.microsoft.com/en-us/azure/azure-policy/azure-policy-introduction
Azure Administrator Subscription: https://docs.microsoft.com/en-us/azure/billing/billing-add-change-azure-subscription-administrator
Analyze resource utilization and consumption
May include but not limited to: Configure diagnostic settings on resources; create baseline for resources; create and test alerts; analyze alerts across subscription; analyze metrics across subscription; create action groups; monitor for unused resources; monitor spend; report on spend; utilize Log Search query functions; view alerts in Log Analytics
Action Groups: https://docs.microsoft.com/en-my/azure/monitoring-and-diagnostics/monitoring-action-groups
Metrics in Microsoft Azure: https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/monitoring-overview-metrics
Cost Management Report: https://docs.microsoft.com/en-us/azure/cost-management/use-reports
Setup Billing Alerts: https://docs.microsoft.com/en-us/azure/billing/billing-set-up-alerts
Log Query Functions Examples: https://github.com/MicrosoftDocs/LogAnalyticsExamples/tree/master/log-analytics
Create Alerts in Azure Monitor: https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/monitor-alerts-unified-usage
Manage resource groups
May include but not limited to: Allocate resource policies; configure resource locks; configure resource policies; implement and set tagging on resource groups; move resources across resource groups; remove resource groups
Azure Policy: https://docs.microsoft.com/en-us/azure/azure-policy/create-manage-policy
Resource Locks: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-lock-resources
Azure Resource Group Tags: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-using-tags
Move Resources across resource groups: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-move-resources
Create and configure storage accounts
May include but not limited to: Configure network access to the storage account; create and configure storage account; generate shared access signature; install and use Azure Storage Explorer; manage access keys; monitor activity log by using Log Analytics; implement Azure storage replication
Virtual Endpoint for Azure Storage: https://azure.microsoft.com/en-us/blog/virtual-network-service-endpoints-and-firewalls-for-azure-storage-now-generally-available/
Create and Manage Storage Account: https://docs.microsoft.com/en-us/azure/storage/common/storage-create-storage-account
Create SAS: https://docs.microsoft.com/en-us/azure/storage/blobs/storage-dotnet-shared-access-signature-part-2
Azure Storage Explorer: https://docs.microsoft.com/en-us/azure/vs-azure-tools-storage-manage-with-storage-explorer?tabs=windows
Azure Storage Analytics: https://docs.microsoft.com/nb-no/rest/api/storageservices/storage-analytics
Azure Activity Log Analytics: https://docs.microsoft.com/en-us/azure/security/azure-log-audit
Azure Storage Access Keys: https://docs.microsoft.com/en-us/azure/storage/common/storage-create-storage-account
Import and export data to Azure
May include but not limited to: Create export from Azure job; create import into Azure job; configure and use Azure blob storage; configure Azure content delivery network (CDN) endpoints
Azure Import and Export Job: https://docs.microsoft.com/en-us/azure/storage/common/storage-import-export-service
Configure CDN for Azure: https://docs.microsoft.com/en-us/azure/cdn/cdn-create-new-endpoint
Configure CDN for WordPress: https://blogs.msdn.microsoft.com/azureossds/2015/04/27/improving-wordpress-performance-use-azure-cdn/
Configure Azure files
May include but not limited to: Create Azure file share; create Azure File Sync service; create Azure sync group; troubleshoot Azure File Sync
Troubleshoot File Sync: https://docs.microsoft.com/en-us/azure/storage/files/storage-sync-files-troubleshoot?tabs=portal1%2Cportal
Deploy Azure File Sync: https://docs.microsoft.com/en-us/azure/storage/files/storage-sync-files-deployment-guide?tabs=portal
Create a Sync Group: https://docs.microsoft.com/en-us/azure/storage/files/storage-sync-files-deployment-guide?tabs=portal#create-a-sync-group-and-a-cloud-endpoint
Implement Azure backup
May include but not limited to: Configure and review backup reports; perform backup operation; create Recovery Services Vault; create and configure backup policy; perform a restore operation
Azure Backup Reports: https://docs.microsoft.com/en-us/azure/backup/backup-azure-configure-reports
Create Backup Vault: https://docs.microsoft.com/en-us/azure/backup/backup-azure-manage-windows-server
Restore from Azure backup agent: https://docs.microsoft.com/en-us/azure/backup/backup-azure-restore-windows-server
Restore VM’s in Azure: https://docs.microsoft.com/en-us/azure/backup/backup-azure-arm-restore-vms
Creating a backup Policy: https://docs.microsoft.com/en-us/azure/backup/backup-azure-vms-first-look-arm#defining-a-backup-policy
Create and configure a VM for Windows and Linux
May include but not limited to: Configure high availability; configure monitoring, networking, storage, and virtual machine size; deploy and configure scale sets
High Availability IaaS Azure: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/manage-availability
Scale Sets Azure: https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/quick-create-portal
Monitor Azure Virtual Machine: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/monitor
Resize Virtual Machines Azure: https://thuansoldier.net/6515/
Automate deployment of VMs
May include but not limited to: Modify Azure Resource Manager (ARM) template; configure the location of new VMs; configure VHD template; deploy from the template; save a deployment as an ARM template; deploy Windows and Linux VMs
ARM Templates: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-authoring-templates
ARM Azure Github: https://github.com/Azure/azure-quickstart-templates
Deploy Templates from ARM: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-template-deploy
Save Template as ARM: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-export-template
Manage Azure VM
May include but not limited to: Add data discs; add network interfaces; automate configuration management by using PowerShell Desired State Configuration (DSC) and VM Agent by using custom script extensions; manage VM sizes; move VMs from one resource group to another; redeploy VMs
Move VM from one resource group to another: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/move-vm
Azure Automation DSC and Azure: https://docs.microsoft.com/en-us/azure/automation/automation-dsc-overview
Custom Script Extension Azure: https://docs.microsoft.com/en-us/azure/virtual-machines/extensions/custom-script-windows
ARM Custom Script Extension: https://github.com/Azure/azure-quickstart-templates/tree/master/201-vm-custom-script-windows
Attached Data Disk Azure: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/attach-managed-disk-portal
Manage VM backups
May include but not limited to: Configure VM backup; define backup policies; implement backup policies; perform VM restore
Restore VM’s in Azure: https://docs.microsoft.com/en-us/azure/backup/backup-azure-arm-restore-vms
Creating a backup Policy: https://docs.microsoft.com/en-us/azure/backup/backup-azure-vms-first-look-arm#defining-a-backup-policy
Backup VM using ARM: https://azure.microsoft.com/en-gb/resources/templates/101-recovery-services-create-vm-and-configure-backup/
Create connectivity between virtual networks
May include but not limited to: Create and configure VNET peering; create and configure VNET to VNET; verify virtual network connectivity; create virtual network gateway
VNET Peering: https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal
Virtual Network Gateway: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpngateways
Verify Connection: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-verify-connection-resource-manager
Site to Site VNET: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-vnet-vnet-resource-manager-portal
Implement and manage virtual networking
May include but not limited to: Configure private and public IP addresses, network routes, network interface, subnets, and virtual network
Configure Private IP address: https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-static-private-ip-arm-pportal
Configure Public IP address: https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-deploy-static-pip-arm-portal
Configure Routing: https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-udr-overview
IP Addressing VNET: https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-ip-addresses-overview-arm
Configure name resolution
May include but not limited to: Configure Azure DNS; configure custom DNS settings; configure DNS zones
DNS Azure: https://docs.microsoft.com/en-us/azure/dns/dns-zones-records
DNS Azure FAQ: https://docs.microsoft.com/en-us/azure/dns/dns-faq
Manage Azure DNS: https://docs.microsoft.com/en-us/azure/dns/dns-operations-dnszones-portal
Configure DNS Zones Azure: https://docs.microsoft.com/en-us/azure/dns/dns-operations-recordsets
Create and configure a Network Security Group (NSG)
May include but not limited to: Create security rules; associate NSG to a subnet or network interface; identify required ports; evaluate effective security rules
Azure IaaS Security: https://msandbu.org/microsoft-azure-and-security-best-pratices-part-1-identity/
Create Security Rules Azure: https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-filter-network-traffic-powershell
Diagnose Azure NSG Rules: https://docs.microsoft.com/en-us/azure/virtual-network/diagnose-network-traffic-filter-problem
Manage Azure Active Directory (AD)
May include but not limited to: Add custom domains; configure Azure AD Identity Protection, Azure AD Join, and Enterprise State Roaming; configure self-service password reset; implement conditional access policies; manage multiple directories; perform an access review
Azure AD Custom Domains: https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/add-custom-domain
Azure Self Service Reset: https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-howitworks
Azure Identity Security: https://msandbu.org/microsoft-azure-and-security-best-pratices-part-1-identity/
Enable Enterprise State Roaming: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-windows-enterprise-state-roaming-enable
Manage Azure AD objects (users, groups, and devices)
May include but not limited to: Create users and groups; manage user and group properties; manage device settings; perform bulk user updates
Manage Devices: https://docs.microsoft.com/en-us/azure/active-directory/devices/device-management-azure-portal
Bulk Update Azure AD Users: http://ericphan.net/blog/2017/9/26/azure-active-directory-bulk-updating-user-profile-attributes-using-powershell
Create Groups Azure AD: https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-groups-create-azure-portal
Dynamic Rules Azure AD Group: https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/groups-dynamic-membership
Implement and manage hybrid identities
May include but not limited to: Install and configure Azure AD Connect; configure federation and single sign-on; manage Azure AD Connect; manage password sync and writeback
Configure Federated Access: https://docs.microsoft.com/en-us/azure/active-directory/application-config-sso-how-to-configure-federated-sso-gallery
Install Azure AD Connect: https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-get-started-custom
Configure Password Writeback: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-sspr-writeback
Study Guide – AZ-101
Evaluate and perform server migration to Azure (15-20%)
Evaluate migration scenarios by using Azure Migrate
May include but not limited to: Discover and assess environment; identify workloads that can and cannot be deployed; identify ports to open; identify changes to network; identify if target environment is supported; setup domain accounts and credentials
Asessment Azure Migrate: https://docs.microsoft.com/en-us/azure/migrate/tutorial-assessment-vmware
Ports Required: https://docs.microsoft.com/en-us/azure/migrate/migrate-overview
Migrate servers to Azure
May include but not limited to: Migrate by using Azure Site Recovery (ASR); migrate using P2V; configure storage; create a backup vault; prepare source and target environments; backup and restore data; deploy Azure Site Recovery (ASR) agent; prepare virtual network
Azure Site Recovery: https://docs.microsoft.com/en-us/azure/site-recovery/migrate-tutorial-on-premises-azure
Prepare Azure: https://docs.microsoft.com/en-us/azure/site-recovery/tutorial-prepare-azure
MIgrate P2V: https://docs.microsoft.com/en-us/azure/site-recovery/physical-azure-disaster-recovery#create-a-replication-policy
Implement and manage application services (20-25%)
Configure serverless computing
May include but not limited to: Manage a Logic App resource; manage Azure Function app settings; manage Event Grid; manage Service Bus
Custom Event Grid Events: https://docs.microsoft.com/en-us/azure/event-grid/custom-event-quickstart-portal
Dead Letter Event Grid: https://docs.microsoft.com/en-us/azure/event-grid/manage-event-delivery
Manage an Azure Functions App: https://docs.microsoft.com/en-us/azure/azure-functions/functions-how-to-use-azure-function-app-settings
Monitor Azure Logic App Status: https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-monitor-your-logic-apps
Manage Service Bus: https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-metrics-azure-monitor
Manage App Service plans
May include but not limited to: Configure application for scaling; enable monitoring and diagnostics; configure App Service plans
Scaling App Plan: https://docs.microsoft.com/en-us/azure/app-service/environment/app-service-web-scale-a-web-app-in-an-app-service-environment
App Service Plan: https://docs.microsoft.com/en-us/azure/app-service/azure-web-sites-web-hosting-plans-in-depth-overview
Monitor and alerts App Service: https://docs.microsoft.com/nb-no/azure/app-service/web-sites-monitor
Manage App services
May include but not limited to: Assign SSL certificates; configure application settings; configure deployment slots; configure Azure content delivery network (CDN) integration; manage App Service protection; manage roles for an App service; create and manage App Service environment
Use SSL: https://docs.microsoft.com/nb-no/azure/app-service/web-sites-purchase-ssl-web-site
Deployment Slots: https://docs.microsoft.com/en-us/azure/app-service/web-sites-staged-publishing
App Service Protection: https://docs.microsoft.com/en-us/azure/app-service/app-service-security
Patching and updates App Service: https://docs.microsoft.com/en-us/azure/app-service/app-service-patch-os-runtime
CDN Integration: https://docs.microsoft.com/en-us/azure/cdn/cdn-add-to-web-app
Implement advanced virtual networking (30-35%)
Implement application load balancing
May include but not limited to: Configure application gateway and load balancing rules; implement front end IP configurations; manage application load balancing
Application Load Balancing: https://docs.microsoft.com/en-us/azure/application-gateway/quick-create-portal
Configure Application Gateway with PowerShell: https://docs.microsoft.com/en-us/azure/application-gateway/tutorial-manage-web-traffic-powershell
Multiple Front-end: https://docs.microsoft.com/en-us/azure/application-gateway/create-multiple-sites-portal
Implement Azure load balancer
May include but not limited to: Configure internal load balancer, load balancing rules, and public load balancer; manage Azure load balancing
Configure Internal Azure Load Balancer: https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-get-started-ilb-arm-ps
Load Balancing Rules: https://docs.microsoft.com/nb-no/azure/load-balancer/load-balancer-distribution-mode
Troubleshoot Azure Load Balancing: https://docs.microsoft.com/nb-no/azure/load-balancer/load-balancer-troubleshoot
Monitor and manage networking
May include but not limited to: Monitor on-premises connectivity; use network resource monitoring and Network Watcher; manage external networking and virtual network connectivity
Implement Network Watcher: https://docs.microsoft.com/en-us/azure/network-watcher/connection-monitor
Diagnose a Gateway: https://docs.microsoft.com/en-us/azure/network-watcher/diagnose-communication-problem-between-networks
Integrate on premises network with Azure virtual network
May include but not limited to: Create and configure Azure VPN Gateway; create and configure site to site VPN; configure Express Route; verify on premises connectivity; manage on-premise connectivity with Azure
Configure ExpressRoute: https://docs.microsoft.com/en-us/azure/expressroute/expressroute-howto-circuit-portal-resource-manager
VNET Peering: https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal
Virtual Network Gateway: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpngateways
Verify Connection: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-verify-connection-resource-manager
Site to Site VNET: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-vnet-vnet-resource-manager-portal
Implement Multi-Factor Authentication (MFA)
May include but not limited to: Enable MFA for an Azure tenant; configure user accounts for MFA; configure fraud alerts; configure bypass options; configure trusted IPs; configure verification methods; manage role-based access control (RBAC); implement RBAC policies; assign RBAC Roles; create a custom role; configure access to Azure resources by assigning roles; configure management access to Azure
Configure Fraud Alerts: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings#fraud-alert
Configure Cloud Based MFA: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-getstarted
Custom Roles: https://msandbu.org/microsoft-azure-and-security-best-pratices-part-1-identity/
Trusted IP’s: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings#trusted-ips
Manage role-based access control (RBAC)
May include but not limited to: Create a custom role; configure access to Azure resources by assigning roles; configure management access to Azure; troubleshoot RBAC; implement RBAC policies; assign RBAC roles
Custom Roles: https://msandbu.org/microsoft-azure-and-security-best-pratices-part-1-identity/
Troubleshoot RBAC: https://docs.microsoft.com/en-us/azure/role-based-access-control/troubleshooting
Implement Azure Active Director (AD) Privileged Identity Management (PIM)
May include but not limited to: Activate a PIM role; configure just-in-time access, permanent access, PIM management access, and time-bound access; create a Delegated Approver account; enable PIM; process pending approval requests
Activate a PIM Role: https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-how-to-activate-role
Just in time: https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-resource-roles-assign-roles
Delegated Provider: https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/azure-ad-pim-approval-workflow#view-pending-approvals-requests
Enable PIM: https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-getting-started
Hi,
In the contents of Exam AZ-100 and 70-101, are differente of 70-533 exam?
Yes, the contents are different. The AZ100 and 101 are based upon new technology and features in Azure which the 533 does not cover.
Big thanks Marius! I was a bit stuck on how to proceed to structurally study for the exam without taking the instructor-led courses. Let’s hope this will suffice to pass the exam.
Good to hear! There was quite a heavy focus on the new stuff such as File Sync and so on. So if you pass, remember to ask Tom Roger for a raise 😉
Hi,
Is the exam alreday live or still in beta? I´ve been making some research but I don´t find this.
Thanks
Hi, the exam is already live and no longer in beta