AZ-104 Exam Preparation - Introduction
AZ-104 Exam Preparation - Introduction

This introduction to the AZ-104 Exam Preparation: Microsoft Azure Administrator learning path gives an overview of the requirements for the Microsoft AZ-104 exam and how they will be covered.

The five major subject areas are:

  • Manage Azure identities and governance
  • Implement and manage storage
  • Deploy and manage Azure compute resources
  • Configure and manage virtual networking
  • Monitor and back up Azure resources

Welcome to our Microsoft Azure Administrator training. The focus of this learning path is to prepare you for Microsoft’s AZ-104 exam, but even if you’re not going to take the exam, this learning path will help you get started on your way to becoming an Azure administrator.

My name’s Guy Hummel and I’m a Microsoft Certified Azure Expert.

The AZ-104 exam tests your knowledge of five subject areas.

We’ll start with managing Azure identities and governance. The first part of this section is all about Azure Active Directory, which is a managed version of Microsoft’s tried and true directory software for managing users, groups, and other identities. Next, we’ll cover role-based access control. This is how you can give users the right level of access to resources so they don’t have more privileges than they need.

The final topic in this section is managing subscriptions and governance. Aside from learning the basics of working with subscriptions, you’ll also learn how to maintain governance by applying policies to subscriptions and resources. Azure enforces these policies to prevent actions your organization doesn’t want to allow.

Next, we’ll get into implementing and managing storage. This section is, of course, mostly about Azure Storage, including everything from shared access signatures to importing data with the AzCopy tool to configuring storage tiers. It also covers how to centralize file shares using Azure File Sync.

Then you’ll learn how to deploy and manage compute resources. Azure has quite a few different types of compute resources where you can deploy your applications. The traditional way is to use virtual machines. This gives you full control of your servers, but it requires you to maintain them.

Creating a new VM on Azure is pretty easy, but this section shows you how to deploy VMs at an enterprise level. You’ll learn how to set up high availability and autoscaling and also how to automate the deployment of VMs using Azure Resource Manager.

Another approach that’s becoming very popular is to build applications as a collection of microservices. This normally requires the use of containers, such as Docker. If you use containers, then you’ll also need a way to provision, schedule, and manage them. This is also known as container orchestration, and the most popular orchestrator right now is Kubernetes.

If you don’t want to worry about dealing with the underlying compute resources, then you can use Azure App Service. It lets you host web and mobile applications without having to manage the servers that run them. 

After that, we’ll go into configuring and managing virtual networks, which is the biggest section of the exam. Again, this is about setting up enterprise-grade networks. You’ll learn how to connect virtual networks together using VNet peering and network gateways, how to configure both private and public DNS zones for name resolution, and how to secure your VNets using Network Security Groups.

We’ll also cover advanced virtual networking. An important part of this section is showing different ways to distribute an application’s load across multiple VMs. One method is to use Azure Load Balancer and another is to use Azure Application Gateway. Azure Load Balancer works at layer 4 of the network stack, so it routes TCP and UDP packets. Azure Application Gateway works at layer 7, so it routes at the HTTP layer. This gives it the ability to do more than Azure Load Balancer. For example, it includes a web application firewall that protects your applications from common exploits, such as SQL injection and cross-site scripting attacks.

This section also shows you how to do network monitoring using Network Watcher and how to integrate your on-premises network with your Azure network using VPN Gateway and ExpressRoute.

Finally, we’ll cover how to monitor and back up Azure resources. The primary service for monitoring is called, not surprisingly, Azure Monitor. You can probably guess the name of the service that performs backups, too. It’s called Azure Backup Service. You’ll also learn about how to create a Recovery Services Vault and how to use Azure Site Recovery.

To get to the next course in this learning path, click on the Learning Path pullout menu on the left side of the page. But please remember to rate this introduction before you go on to the next course. Thanks!

About the Author
Learning Paths

Guy launched his first training website in 1995 and he's been helping people learn IT technologies ever since. He has been a sysadmin, instructor, sales engineer, IT manager, and entrepreneur. In his most recent venture, he founded and led a cloud-based training infrastructure company that provided virtual labs for some of the largest software vendors in the world. Guy’s passion is making complex technology easy to understand. His activities outside of work have included riding an elephant and skydiving (although not at the same time).

Covered Topics