Microsoft Azure Architect Technologies: Exam Guide AZ-300: A guide to preparing for the AZ-300 Microsoft Azure Architect Technologies certification exam 9781838553531
From designing solutions on Azure to configuring and managing virtual networks, AZ-300 certification can help you achiev
1,811 202 34MB
English Pages 540 Year 2020
Table of contents :
Cover
Title Page
Copyright and Credits
About Packt
Contributors
Table of Contents
Preface
Section 1: Deploying and Configuring Infrastructure
Chapter 1: Analyzing Resource Utilization and Consumption
Understanding Azure Monitor
Creating and analyzing metrics and alerts
Metrics
Multi-dimensional metrics
Creating a metric
Alerts
Creating an alert and an action group
Creating a baseline for resources
Configuring diagnostic settings on resources
Enabling diagnostic settings
Viewing alerts in Log Analytics
Utilizing log search query functions
Querying logs in Azure Monitor
Summary
Questions
Further reading
Chapter 2: Creating and Configuring Storage Accounts
Technical requirements
Understanding Azure Storage accounts
Storage account types
General-purpose v1 (GPv1)
Blob storage
General-purpose v2 (GPv2)
Storage replication types
Locally redundant storage
Zone-redundant storage
Geo-redundant storage
Geo-zone-redundant storage
Read-access geo-redundant storage
Azure Blob Storage
Access tiers
Hot access tier
Cool access tier
Archive
Azure file storage
Azure disk storage
Standard disk storage
Premium disk storage
Ultra disk storage
Unmanaged versus managed disks
Creating and configuring a storage account
Installing and using Azure Storage Explorer
Configuring network access to the storage account
SAS and access keys
Managing access keys
Generating an SAS
Implementing Azure Storage replication
Summary
Questions
Further reading
Chapter 3: Implementing and Managing Virtual Machines
Technical requirements
Understanding VMs
VM series and sizes
Managed disks
Understanding Availability Sets
Fault domains and update domains
Understanding provisioning VMs
Deploying a Windows VM from the Azure portal
Deploying a Windows VM from PowerShell
Understanding VM scale sets
Deploying and configuring scale sets
Modifying and deploying ARM templates
Modifying an ARM template
Saving a deployment as an ARM template
Configuring Azure Disk Encryption for VMs
Creating an Azure Key Vault
Encrypting the disk
Summary
Questions
Further reading
Chapter 4: Implementing and Managing Virtual Networking
Technical requirements
Understanding Azure VNet
Understanding IP addresses
Public IP address
Private IP addresses
Configuring virtual networks and subnets
Configuring private and public IP addresses
User-defined routes
Creating user-defined routes
Summary
Questions
Further reading
Chapter 5: Creating Connectivity between Virtual Networks
Technical requirements
Understanding VNet peering
Creating and configuring VNet peering
Understanding VNet-to-VNet
Creating and configuring VNet-to-VNet
Planning IP ranges
Creating PacktVNet1
Creating PacktVNet2
Creating connections
Verifying virtual network connectivity
VNet peering versus VNet-to-VNet connections
Summary
Questions
Further reading
Chapter 6: Managing Azure Active Directory (Azure AD)
Understanding Azure AD
Creating and managing users and groups
Creating users in Azure AD
Creating groups in Azure AD
Adding and managing guest accounts
Performing bulk user updates
Configuring a self-service password reset
Understanding conditional access policies
Working with Azure AD join
Managing device settings
Adding custom domains
Summary
Questions
Further reading
Chapter 7: Implementing and Managing Hybrid Identities
Understanding Azure AD Connect
Azure AD password hash synchronization
Azure AD pass-through authentication
Installing Azure AD Connect
Managing Azure AD Connect
Password writeback
Managing password writeback
Enabling password writeback in Azure AD Connect
Enabling password writeback in the Azure portal
Password synchronization
Summary
Questions
Further reading
Section 2: Implementing Workloads and Security
Chapter 8: Migrating Servers to Azure
Understanding Azure Migrate
Azure Migrate tools
Azure Migrate Server Assessment tool
Azure Migrate Server Migration tool
Database Migration Assistant
Database Migration Service
Web App Migration Assistant
Offline data migration
Migrating on-premises machines to Azure
Create an Azure Migrate project
Downloading and installing the appliance
Configuring the appliance and starting continuous discovery
Creating and viewing an assessment
Prepare Hyper-V host
Replicating the Hyper-V VMs
Replicating for the first time
Migrating Hyper-V VMs to Azure
Running a test migration
Migrating VMs to Azure
Summary
Questions
Further reading
Chapter 9: Configuring Serverless Computing
Technical requirements
Creating and managing objects
Azure Functions
Creating an Azure Function
Azure Logic Apps
Deploying the Logic App ARM template
Managing a Logic App resource
Monitoring, logging, and alerts
Viewing runs and trigger history
Setting up alerts
Accessing on-premises data
Understanding Azure Event Grid
Event domains
Understanding Azure Service Bus
Azure Service Bus geo-disaster recovery
Setting up geo-disaster recovery
Summary
Questions
Further reading
Chapter 10: Implementing Application Load Balancing
Technical requirements
Understanding Azure Application Gateway
Configuring an application gateway
Creating network resources
Creating the backend servers
Implementing frontend IP configurations
Creating the backend pool
Creating the application gateway
Testing the application gateway
Configuring load balancing rules
Managing application load balancing
Health probes
Monitoring
Turning on the web application firewall
Understanding Azure Front Door
Summary
Questions
Further reading
Chapter 11: Integrating On-Premises Networks with Azure Virtual Network
Technical requirements
Understanding Azure VPN gateway
S2S VPNs
Multi-site VPNs
P2S VPNs
ExpressRoute
Creating and configuring an Azure VPN gateway
Creating and configuring the on-premises VPN device
Creating a virtual network
Creating an Azure VPN gateway
Creating and configuring the S2S VPN
Creating the local network gateway
Configuring the on-premises VPN device
Verifying on-premises connectivity
Summary
Questions
Further reading
Chapter 12: Managing Role-Based Access Control (RBAC)
Technical requirements
Understanding RBAC
Built-in roles
Custom roles
Configuring access to Azure resources by assigning roles
Configuring management access to Azure
Creating a custom role
Azure Policy
Implementing and assigning Azure policies
Summary
Questions
Further reading
Chapter 13: Implementing Multi-Factor Authentication (MFA)
Understanding Azure MFA
Enabling MFA for an Azure AD tenant
Configuring user accounts for MFA
Configuring verification methods
Configuring trusted IPs
Configuring fraud alerts
Configuring bypass options
Summary
Questions
Further reading
Section 3: Creating and Deploying Apps
Chapter 14: Creating Web Apps by Using PaaS
Technical requirements
Understanding App Services
Understanding App Service plans
Creating an Azure App Service web app
Creating documentation for the API
Understanding Web App for Containers
Creating an App Service Web App for Containers
Understanding WebJobs
Creating an App Service background task using WebJobs
Deploying the WebJob to Azure App Services
Understanding diagnostic logging
Web server diagnostics
Application diagnostics
Enabling diagnostic logging
Summary
Questions
Further reading
Chapter 15: Designing and Developing Apps That Run in Containers
Technical requirements
Understanding Azure Container Instances
Implementing an application that runs on an ACI
Creating a container image using a Dockerfile
Publishing an image to the Azure Container Registry
Pushing the Docker image from ACR to ACI
Understanding AKS
Creating an AKS
Connecting to the cluster
Deploying the application
Testing the application
Monitoring the health and logs of the application
Summary
Questions
Further reading
Section 4: Implementing Authentication and Secure Data
Chapter 16: Implementing Authentication
Technical requirements
Understanding Azure App Service authentication
Implementing Windows-integrated authentication
Deploying the web app
Enabling authentication and authorization
Implementing authentication by using certificates
Understanding OAuth2 authentication in Azure AD
Implementing OAuth2 authentication
Registering the application in Azure AD
Implementing tokens
Refreshing tokens
Understanding managed identities
Implementing managed identities for Azure resources service principal authentication
Summary
Questions
Further reading
Chapter 17: Implementing Secure Data Solutions
Technical requirements
Understanding data security in Azure
Protecting data
Azure encryption models
Client-side encryption
Server-side encryption
Encrypting and decrypting data at rest
Encrypting and decrypting data at rest
Azure Disk Encryption
Azure Storage
Azure SQL Database
Encrypting and decrypting blobs in Microsoft Azure Storage using Azure Key Vault
Creating a storage account with a blob container
Creating an Azure Key Vault
Creating a service principal
Creating a SymmetricKey
Creating an application to encrypt and decrypt files
Encrypting and decrypting data in transit
TLS/SSL encryption in Azure
Azure Storage transactions
SMB encryption over Azure virtual networks
In-transit encryption in VMs
Azure VPN encryption
Encrypting data with Always Encrypted
Understanding Azure confidential computing
Creating, reading, updating, and deleting keys, secrets, and certificates by using the Key Vault API
Summary
Questions
Further reading
Section 5: Developing for the Cloud and for Azure Storage
Chapter 18: Developing Solutions That Use Cosmos DB Storage
Technical requirements
Understanding Cosmos DB
Create, read, update, and delete data by using appropriate APIs
Creating a Cosmos DB
Creating the sample application
Connecting to the Cosmos DB account
Creating a new database
Creating a container
Adding items to the container
Querying Azure Cosmos DB resources
Updating a JSON item
Deleting an item
Understanding partitioning schemes
Setting the appropriate consistency level for operations
Summary
Questions
Further reading
Chapter 19: Developing Solutions That Use a Relational Database
Technical requirements
Understanding Azure SQL Database
SQL Server Stretch Database
High availability
Provisioning and configuring an Azure SQL database
Creating a server-level firewall rule
Creating a table in the database
Creating, reading, updating, and deleting data tables by using code
Connecting to the Azure SQL database
Adding items to the database
Querying Azure SQL Database items
Updating an Azure SQL Database row
Deleting an item
Configuring elastic pools for Azure SQL Database
Understanding Azure SQL Database managed instances
Summary
Questions
Further reading
Chapter 20: Message-Based Integration Architecture and Autoscaling
Technical requirements
Understanding Azure Integration Services
Azure Relay service
Hybrid connections
WCF Relays
Azure Notification Hubs
Azure IoT Hub
Azure Event Hubs
Routing events using Event Grid
Designing an effective messaging architecture
Implementing autoscaling rules and patterns
Azure Monitor autoscaling
Application design considerations
Summary
Questions
Further reading
Chapter 21: Mock Questions
Chapter 22: Mock Answers
Assessments
Another Book You May Enjoy
Index
![Implementing Microsoft Azure Architect Technologies: AZ-303 Exam Prep and Beyond: A guide to preparing for the AZ-303 Microsoft Azure Architect Technologies certification exam [2 ed.]
9781800568570](https://dokumen.pub/img/200x200/implementing-microsoft-azure-architect-technologies-az-303-exam-prep-and-beyond-a-guide-to-preparing-for-the-az-303-microsoft-azure-architect-technologies-certification-exam-2nbsped-9781800568570-r-4265363.jpg)
![Implementing Microsoft Azure Architect Technologies: AZ-303 Exam Prep and Beyond: A guide to preparing for the AZ-303 Microsoft Azure Architect Technologies certification exam [2 ed.]
9781800568570](https://dokumen.pub/img/200x200/implementing-microsoft-azure-architect-technologies-az-303-exam-prep-and-beyond-a-guide-to-preparing-for-the-az-303-microsoft-azure-architect-technologies-certification-exam-2nbsped-9781800568570.jpg)
