AZ-104 Exam Study Guide Overview

Sep 12, 2024

Take quiz

Review flashcards

AZ-104 V2 Study Cram

Overview

  • Updated version of the AZ-104 study guide.
  • Minor changes and updates.
  • Links to study sections and activities available in the description.
  • Emphasizes practical activities alongside theoretical learning.
  • Resources include a study guide and self-paced learning modules.
  • Hands-on practice is crucial.

Entra ID (Formerly Azure AD)

  • Entra ID is Microsoft's cloud-based identity provider.
  • Supports protocols: OAuth 2.0, OpenID Connect, SAML, WS-Fed.
  • Optimized for cloud communication via HTTPS and TLS.

Differences from On-Prem AD

  • On-premises AD uses Kerberos, NTLM, and LDAP over Domain Controllers.
  • Entra ID uses Microsoft Graph for REST-based API interaction.
  • Entra ID is flat without organizational units (OUs), unlike Active Directory.
  • Administrative Units in Entra ID to delegate permissions.

Identity Synchronization

  • Active Directory Domain Services (AD DS) is the source of truth.
  • Use Entra Connect Sync (on-premise engine) or Entra Connect Cloud Sync (cloud engine).

Trust and Application Integration

  • Applications trust Entra ID for authentication and authorization.
  • Supports Azure, Microsoft 365, and third-party SaaS applications.

Multi-Tenancy

  • Each organization has its Entra ID tenant.
  • Possibility to add custom domains to tenants.
  • Tenant is independent of Azure subscriptions but can be trusted by them.

External Users

  • Can invite external users as guests in Entra ID.
  • External users can authenticate using their primary identity providers.

Licensing

  • Free, P1, P2 licenses with differing features (e.g., Conditional Access, Identity Protection).
  • Lifecycle workflows and other governance features require additional licenses.

Self-Service Password Reset

  • Available for cloud accounts and hybrid with writeback.
  • Configurations include authentication methods and number of required verifications.

Role-Based Access Control

  • Global Administrator is the highest privilege role.
  • Use of administrative units for granularity.

Azure Regions and Availability

  • Azure has multiple cloud environments: Azure Commercial, Azure US Gov, Azure China.
  • Regions consist of multiple data centers and are often divided into Availability Zones.
  • Paired Regions for redundancy and geo-distribution.

Subscription Hierarchy

  • Management Groups for organizing subscriptions, applying policies, and roles.
  • Resource Groups to manage resources with a common lifecycle.

Cost Management

  • Azure is consumption-based.
  • Tools: Cost analysis, Azure Advisor, budgets, savings plans, reserved instances.

Networking Basics

  • Virtual Network (VNet): Bound to a region and subscription, divided into subnets.
  • Options for connectivity: Peering, Gateway Transit, Azure Virtual Network Manager.
  • Network Security Groups (NSGs): Manage inbound/outbound traffic with priority-based rules.

Advanced Networking

  • Options for internet egress: Public IP, Azure Firewall, NAT Gateway.
  • VPN Gateway and ExpressRoute for private connectivity.
  • Azure Virtual WAN for complex network topologies and connectivity.

Storage

  • Storage Accounts: General-purpose v2, premium for specific use cases.
  • Redundancy Options: LRS, ZRS, GRS, GZRS.
  • Blob Storage: Hot, Cool, Archive tiers for cost optimization.
  • Azure Files: SMB, NFS, Azure File Sync.

Compute

  • Virtual Machines: Infrastructure-as-a-Service with various SKUs.
  • Availability Sets/Zones: For redundancy and availability.
  • Virtual Machine Scale Sets: Automatic scaling based on load.

Containers and Orchestration

  • Azure Container Instances: For simple container deployments.
  • Azure Kubernetes Service: Full Kubernetes orchestration with node pools.

Monitoring and Logging

  • Azure Monitor: Metrics, logs, alerts.
  • Diagnostic Settings: For resource logs.
  • Network Watcher: For network diagnostics and visibility.

Exam Preparation Tips

  • Focus on hands-on practice and completing learning modules.
  • Logical reasoning for exam questions if unsure.
  • Review score report for targeted improvement areas.

These notes provide a high-level overview of key topics and concepts from the AZ-104 V2 study cram. It's important to dive deeper into each section with practical examples and hands-on labs to fully understand and apply the knowledge.