AZ-101 Exam Prep Introduction
This introduction to the Microsoft Azure Integration and Security learning path gives an overview of the requirements for the Microsoft AZ-101 exam and how they will be covered.
The 4 major subject areas are:
- Evaluating and performing server migrations
- Implementing and managing application services
- Implementing advanced virtual networking
- Securing identities
About the Author
Guy launched his first training website in 1995 and he's been helping people learn IT technologies ever since. He has been a sysadmin, instructor, sales engineer, IT manager, and entrepreneur. In his most recent venture, he founded and led a cloud-based training infrastructure company that provided virtual labs for some of the largest software vendors in the world. Guy’s passion is making complex technology easy to understand. His activities outside of work have included riding an elephant and skydiving (although not at the same time).
Hello and welcome to Microsoft Azure Integration and Security. The focus of this learning path is to prepare you for Microsoft's AZ-101 exam. But even if you're not going to take the exam, this learning path will help you get started on your way to becoming an Azure administrator. My name's Guy Hummel, I'm the Azure Content Lead at Cloud Academy. The AZ-101 exam tests your knowledge of four subject areas and that's how we've structured this learning path as well. We'll start with evaluating and performing server migrations to Azure. This section covers the two most important services for migrations, Azure Migrate and Azure Site Recovery.
You would think that Azure Migrate is the service that you would use to perform a migration, right? Well it's actually used only for evaluating your on-premises environment and helping you plan how to move your resources to Azure. To perform the actual migration you would use Azure Site Recovery, which seems kinda weird since ASR is normally used for disaster recovery. But it turns out that it's a very effective way to perform migrations too. Next we'll get into implementing and managing application services. This action mainly covers Azure App Service which lets you create web and mobile apps without having to worry too much about the underlying infrastructure. It also goes over Serverless computing which is a term that can mean slightly different things to different people, but it usually means that you really don't have to worry about the underlying infrastructure because you don't have any control over that.
Azure Functions is a service that most people consider to be serverless. But there are other related services as well. Such as Logic Apps, Event Grid and Service Bus. Then you'll learn how to implement advanced virtual networking. A big part of this section is showing different ways to distribute an applications load across multiple VMs. One method is to use Azure Load Balancer and another is to use Azure Application Gateway. Azure Load Balancer works at layer four of the network stack. So it routes TCP and UDP packets. Azure Application Gateway works at layer seven which is the application layer. So it routes at the HTTP layer. This gives it the ability to do more than Azure Load Balancer. For example it includes a web application firewall to protect your applications from common exploits such as SQL injection and cross-site scripting attacks.
This section also shows you how to do network monitoring using Network Watcher and how to integrate your on-premises network with your Azure network using VPN Gateway and ExpressRoute. Finally, we'll cover how to secure the identities of your users. One practice that has become very popular is multi-factor authentication. This is where users have to use more than one authentication method to log in, such as having to enter both a password and a verification code that was texted to their phone. Once a user has logged in, their level of access should be limited by role-based access control. This is one of the most important ways to secure all of your resources in Azure. The most dangerous user account is an administrator account, because it has such broad access. To keep a close eye on these accounts, you can use the Privileged Identity Management feature of Azure Active Directory. That's a lot of topics to learn, so let's get started.