Lessons:
Introduction to Microsoft Entra ID — exploring its benefits, editions (P1/P2), architecture, and differences compared to Active Directory Domain Services (AD DS)
Configuring and managing user and group accounts — creating, bulk importing, and licensing users, managing group types and roles, and using administrative units
Implementing external identities — enabling guest users and external collaboration
Enabling hybrid identity — setting up device identities and integrating on-premises directories
Labs:
Managing user roles and account properties
Setting tenant-wide configurations
Assigning and modifying user/group licenses
Restoring or deleting user accounts
Creating and managing dynamic groups
Configuring external collaboration and guest access
After completing this module, students will be able to:
Deploy and customize Entra ID for your organizational needs
Create and manage internal and external identities, including collaboration scenarios
Implement hybrid identity solutions that unify on-premises Active Directory with Entra ID for seamless access
Lessons:
Configure subscriptions and subscription-related settings, including creating resource groups, managing quotas, and applying resource tags for cost governance
Plan and implement Azure Policies and policy initiatives to ensure compliance across your resource environment
Configure and administer Role-Based Access Control (RBAC), including defining and assigning roles and understanding Azure RBAC vs Entra ID roles
Lab:
Manage Subscriptions and RBAC: Create and configure Azure subscriptions, resource groups, and apply RBAC assignments
Manage Governance via Azure Policy: Define and apply Azure Policy or initiatives for compliance enforcement
After completing this module, students will be able to:
Administer Azure subscriptions, enforce resource hierarchy and manage cost governance through tagging and quotas
Implement Azure Policy definitions and initiatives to monitor and enforce organizational standards
Apply RBAC efficiently to ensure secure and governed access to resources by managing role definitions and assignments
Learn to manage Azure resources efficiently using a suite of administration tools. Master Azure Resource Manager (ARM) concepts and infrastructure-as-code techniques with ARM and Bicep templates. You ll use the Azure Portal, Cloud Shell, PowerShell, and CLI to deploy and organize infrastructure and automate tasks for consistency and scalability.
Lessons:
Use the Azure Portal for resource management
Explore Azure Cloud Shell for interactive CLI access
Use Azure PowerShell for scripting infrastructure tasks
Use Azure CLI for command-line operations
Review ARM template benefits and structure (schema, parameters)
Consider Azure Bicep as an alternative to ARM templates
Demonstrations: QuickStart template usage, running templates via scripting tools
Lab:
Managing Azure resources via the Azure Portal
Deploying resources using ARM templates
Optionally, using Azure PowerShell for resource deployment
Optionally, using Azure CLI for scripting deployments
After completing this module, students will be able to:
Leverage Azure Resource Manager to organize and manage resource deployments
Navigate and operate using the Azure Portal and Cloud Shell tools
Automate resource management via Azure PowerShell and CLI
Deploy and maintain Azure resources using ARM templates—and understand the option to use Bicep for infrastructure-as-code efficiency
This module introduces the core concepts of Azure virtual networking. You will gain the skills needed to design and implement virtual networks, subnets, and IP addressing. You’ll also configure network security through security groups, deploy Azure Firewall, and manage DNS zones to ensure proper name resolution across your cloud environment.
Lessons:
Design and deploy Azure Virtual Networks and subnets
Plan and configure public and private IP addressing
Define and apply Network Security Groups (NSGs) for traffic control
Deploy and manage Azure Firewall for network protection
Configure Azure DNS zones—both private and public domains
Lab:
Implement Virtual Networking
Design and deploy virtual networks with subnets and IP addressing
Create and apply Network Security Groups
Deploy Azure Firewall for advanced traffic filtering
Configure private and public DNS zones using Azure DNS
After completing this module, students will be able to:
Design and implement Azure virtual networks and subnets to isolate and segment services
Configure IP addressing schemes, accommodating both private (internal) and public (external) access needs
Secure network traffic through NSGs that regulate inbound and outbound access
Deploy Azure Firewall as a robust solution for stateful traffic inspection and filtering
Manage DNS zones to support resolution for both internal services and internet-facing endpoints
In this module, you ll explore options for connecting different network environments—across Azure, on-premises, or hybrid. You’ll learn how to implement Virtual Network Peering for seamless internal communication, set up VPN Gateways for secure site-to-site connections, and evaluate ExpressRoute and Virtual WAN for high-performance network architecture suited to enterprise scenarios.
Lessons:
Implement VNet Peering to enable direct, low-latency connectivity between virtual networks
Configure and manage VPN Gateway connections for secure communication across environments
Explore ExpressRoute and Virtual WAN as advanced connectivity options for high-throughput and global networking
Plan and configure network routing (custom routes and endpoints) to optimize traffic flow
Lab:
Implement Intersite Connectivity
Set up VNet Peering between virtual networks
Configure VPN Gateway and establish site-to-site connectivity
Choose the appropriate intersite solution based on performance and scenario requirements
After completing this module, students will be able to:
Configure VNet Peering for efficient internal network communication
Deploy and manage VPN Gateway for encrypted cross-site connections
Evaluate and choose between connectivity options like ExpressRoute and Virtual WAN based on organizational needs
Implement custom routing strategies to optimize traffic between sites
This module covers essential strategies for managing network traffic in Azure. Participants will learn to implement network routing with service endpoints, deploy Azure Load Balancer and Application Gateway for high availability and secure traffic delivery, and use Azure Network Watcher for traffic diagnostics and monitoring.
Lessons:
Configure network routing and service endpoints to enhance security and connectivity
Deploy and manage Azure Load Balancer for distributing inbound traffic and load balancing across VMs
Implement Azure Application Gateway for HTTP/HTTPS traffic management, including advanced Layer 7 routing
Use Azure Network Watcher to monitor, diagnose, and troubleshoot network traffic, with tools such as topology, packet capture, and flow logs
Lab:
Implement Traffic Management
Configure custom routing and service endpoints
Deploy Azure Load Balancer and configure backend pools, health probes, and rules
Create and configure an Azure Application Gateway, including frontend, backend, and rules
Enable and use Azure Network Watcher tools to visualize topology, verify traffic flow, and troubleshoot network issues
After completing this module, students will be able to:
Configure advanced network routing, including custom routes and service endpoints, to control traffic flow
Deploy Azure Load Balancer effectively for high-availability scenarios
Set up Azure Application Gateway for secure, application-level traffic management
Use Azure Network Watcher to monitor network health, diagnose issues, and visualize infrastructure relationships
In this module, you will explore the fundamental features of Azure storage services. You will learn how to configure storage accounts, manage blob containers, implement security for storage, deploy Azure Files including File Sync, and use management tools for everyday administration tasks.
Lessons:
Configure and manage Azure storage accounts including replication, access tiers, and endpoints
Configure Azure Blob Storage—create containers, manage access, and implement lifecycle policies
Apply storage security measures such as encryption, shared access signatures (SAS), and access policies
Configure Azure Files and implement Azure File Sync for hybrid scenarios
Use tools like Azure Storage Explorer and Azure CLI for efficient storage management
Lab: Manage Azure storage
Create and configure a storage account
Set up and secure blob containers with appropriate access controls
Create and configure Azure file shares and enable Azure File Sync
Perform storage operations using management tools like Storage Explorer
After completing this module, students will be able to:
Create and configure Azure storage accounts with appropriate replication, redundancy, and tiering
Configure Blob Storage containers securely and manage lifecycle and access controls
Implement storage security using encryption features and SAS tokens for fine-grained access
Deploy Azure File shares and enable Azure File Sync for hybrid access patterns
Manage storage resources efficiently using graphical and scripting tools
This module focuses on provisioning and managing Azure Virtual Machines (VMs). You ll learn how to deploy VMs, ensure their availability through scaling and redundancy, and leverage VM extensions to enhance operational capabilities such as monitoring, configuration, and automation.
Lessons:
Plan and implement virtual machine deployment strategies
Create and configure Azure Virtual Machines (size, OS options, disks, networking)
Enhance VM availability using Availability Sets, Availability Zones, and Virtual Machine Scale Sets
Leverage Virtual Machine Extensions to add functionality (e.g., monitoring agents, configurations)
Lab:
Manage Virtual Machines
Create and configure an Azure VM with networking and storage settings
Set up availability through Availability Sets or Scale Sets
Install and use VM extensions to extend capabilities (e.g., boot diagnostics, custom scripts)
After completing this module, students will be able to:
Plan VM implementations considering performance, redundancy, and availability requirements
Deploy and configure Azure Virtual Machines effectively
Apply high-availability patterns using Scale Sets and Availability Zones
Deploy and manage VM extensions to augment operations, monitoring, and configuration
In this module, you’ll explore serverless compute options within Azure. You ll learn to configure and manage Azure App Service Plans and Web Apps, deploy containerized workloads via Azure Container Instances, and work with Azure Kubernetes Service (AKS) for orchestrated container deployments.
Lessons:
Plan and configure Azure App Service Plans for hosting web applications
Create and manage Azure Web Apps for deploying web workloads
Deploy and manage containerized applications using Azure Container Instances
Understand and implement Azure Kubernetes Service for orchestrating containers
Lab:
Implement Web Apps and Containers
Create an App Service Plan and deploy a Web App
Deploy workloads using Azure Container Instances
Optionally, deploy and manage container workloads with Azure Kubernetes Service
After completing this module, students will be able to:
Create and configure an App Service Plan appropriate for web application workloads
Deploy and manage Web Apps using Azure native hosting services
Deploy container workloads using Azure Container Instances for fast, scalable compute
Implement and manage orchestrated container clusters with AKS for microservices and complex deployments
In this module, you will learn how to implement data protection strategies in Azure. You’ll cover backing up files, folders, and virtual machines, ensuring your data and workloads are protected and recoverable in the event of accidental loss or disruption.
Lessons:
Configure backup solutions for files and folders
Deploy and manage virtual machine backup strategies
Lab:
Implement Data Protection
Perform file and folder backup and recovery tasks
Backup and restore Azure virtual machines using Recovery Services vaults and backup policies
After completing this module, students will be able to:
Backup and restore files and folders within the Azure environment
Configure and manage backup for virtual machines to maintain data resilience and business continuity
In this module, you ll build the skills to monitor your Azure deployment using core tools such as Azure Monitor, Alerts, Log Analytics, and Network Watcher. You ll learn how to collect metrics and logs, create alert rules, analyze data effectively, and troubleshoot networking issues using visualization and diagnostic tools.
Lessons:
Use Azure Monitor to collect and analyze metrics and diagnostic logs
Create and manage Azure Alerts and action groups for proactive response
Write queries using Log Analytics to search and analyze telemetry
Use Network Watcher to troubleshoot and monitor network activity
Lab:
Implement Monitoring
Enable Azure Monitor for infrastructure metrics and logs
Create custom alert rules and configure notification groups
Use Log Analytics to run queries and visualize resource data
Deploy Network Watcher tools such as topology mapping, packet capture, and flow logs
You will learn to:
Monitor resource health and performance using Azure Monitor
Configure responsive alerting systems to notify stakeholders proactively
Query and analyze telemetry via Log Analytics for insights and detection
Utilize Network Watcher to diagnose connectivity issues and monitor network traffic
