Exam AZ-103: Microsoft Azure Administrator
Manage Azure subscriptions and resources (15-20%) |
Manage Azure subscriptions |
• assign administrator permissions |
• configure cost center quotas and tagging |
• configure policies at Azure subscription level |
Analyze resource utilization and consumption |
• configure diagnostic settings on resources |
• create baseline for resources |
• create and test alerts |
• analyze alerts across subscription |
• analyze metrics across subscription |
• create action groups and action rules |
• monitor for unused resources |
• monitor spend |
• report on spend |
• utilize log queries in Azure Monitor |
• view alerts in Azure Monitor |
Manage resource groups |
• use Azure policies for resource groups |
• configure resource locks |
• configure resource policies |
• identify auditing requirements |
• implement and set tagging on resource groups |
• move resources across resource groups |
• remove resource groups |
Managed role based access control (RBAC) |
• create a custom role |
• configure access to Azure resources by assigning roles |
• configure management access to Azure, troubleshoot RBAC, implement RBAC policies, assign RBAC Roles |
Implement and manage storage (15-20%) |
Create and configure storage accounts |
• configure network access to the storage account |
• create and configure storage account |
• generate shared access signature |
• install and use Azure Storage Explorer |
• manage access keys |
• monitor activity log by using Monitor Logs |
• implement Azure storage replication |
• implement Azure AD authentication |
Import and export data to Azure |
• create export from Azure job |
• create import into Azure job |
• use Azure Data Box |
• configure and use Azure blob storage |
• configure Azure content delivery network (CDN) endpoints |
Implement Azure backup |
• configure and review backup reports |
• perform backup operation |
• create Recovery Services Vault |
• create and configure backup policy |
• perform a restore operation |
Deploy and manage virtual machines (VMs) (15-20%) |
Create and configure a VM for Windows and Linux |
• configure high availability |
• configure monitoring, networking, storage, and virtual machine size |
• deploy and configure scale sets |
Automate deployment of VMs |
• modify Azure Resource Manager (ARM) template |
• configure location of new VMs |
• configure VHD template |
• deploy from template |
• save a deployment as an ARM template |
• deploy Windows and Linux VMs |
Manage Azure VM |
• add data discs |
• add network interfaces |
• automate configuration management by using PowerShell Desired State Configuration |
(DSC) and VM Agent by using custom script extensions |
• manage VM sizes |
• move VMs from one resource group to another |
• redeploy VMs |
• soft delete for Azure VMs |
Manage VM backups |
• configure VM backup |
• define backup policies |
• implement backup policies |
• perform VM restore • Azure Site Recovery |
Configure and manage virtual networks (30-35%) |
Create connectivity between virtual networks |
• create and configure VNET peering |
• create and configure VNET to VNET connections |
• verify virtual network connectivity |
• create virtual network gateway |
Implement and manage virtual networking |
• configure private and public IP addresses, network routes, network interface, subnets, and virtual network |
Create and configure a Network Security Group (NSG) |
• create security rules |
• associate NSG to a subnet or network interface |
• identify required ports |
• evaluate effective security rules |
Implement Azure load balancer |
• configure internal load balancer, configure load balancing rules, configure public load balancer, troubleshoot load balancing |
Monitor and troubleshoot virtual networking |
• monitor on-premises connectivity, use Network resource monitoring, use Network Watcher, troubleshoot external networking, troubleshoot virtual network connectivity |
Integrate on premises network with Azure virtual network |
• create and configure Azure VPN Gateway, create and configure site to site VPN, configure Express Route, verify on premises connectivity, troubleshoot on premises connectivity with Azure |
Manage identities (15-20%) |
Manage Azure Active Directory (AD) |
• add custom domains |
• Azure AD Join |
• configure self-service password reset |
• manage multiple directories |
Manage Azure AD objects (users, groups, and devices) |
• create users and groups |
• manage user and group properties |
• manage device settings |
• perform bulk user updates |
• manage guest accounts |
Implement and manage hybrid identities |
• install Azure AD Connect, including password hash and pass-through synchronization |
• use Azure AD Connect to configure federation with on-premises Active Directory Domain Services (AD DS) |
• manage Azure AD Connect |
• manage password sync and password writeback |
Implement multi-factor authentication (MFA) |
• configure user accounts for MFA, enable MFA by using bulk update, configure fraud alerts, configure bypass options, configure Trusted IPs, configure verification methods |