Configure and manage virtual networks (30-35%)
Note than many topics below can be performed in the Azure portal, Powershell, and CLI. Ensure you become familiar with all three methods for the exam.
Create connectivity between virtual networks
Note than many topics below can be performed in the Azure portal, Powershell, and CLI. Ensure you become familiar with all three methods for the exam.
| Topic | Link |
|---|---|
| create and configure VNET peering | Virtual network peering |
| Create, change, or delete a virtual network peering | |
| Connect virtual networks with virtual network peering using PowerShell | |
| create and configure VNET to VNET connections | Configure a VNet-to-VNet VPN gateway connection by using the Azure portal |
| verify virtual network connectivity | Verify a VPN Gateway connection |
| create virtual network gateway | Create a route-based VPN gateway using the Azure portal |
| Experiential Learning | Distribute your services across Azure virtual networks and integrate them by using virtual network peering |
| Lab: VNet Peering and Service Chaining |
Implement and manage virtual networking
| Topic | Link |
|---|---|
| configure private and public IP addresses, network routes, network interface, subnets, and virtual network | IP address types and allocation methods in Azure |
| Create a virtual machine with a static public IP address using the Azure portal | |
| Assign multiple IP addresses to virtual machines using PowerShell | |
| Create and manage a Windows virtual machine that has multiple NICs |
Configure name resolution
| Topic | Link |
|---|---|
| configure Azure DNS | What is Azure DNS? |
| configure custom DNS settings | How to manage DNS Zones in the Azure portal |
| configure private and public DNS zones | Quickstart: Create an Azure DNS zone and record using the Azure portal |
| Manage DNS records and record sets by using the Azure portal | |
| Quickstart: Create an Azure private DNS zone using the Azure portal | |
| Experiential Learning | Lab: Configure Azure DNS |
Create and configure a Network Security Group (NSG)
| Topic | Link |
|---|---|
| create security rules | Tutorial: Filter network traffic with a network security group using the Azure portal |
| associate NSG to a subnet or network interface | Create, change, or delete a network security group |
| evaluate effective security rules | Diagnose a virtual machine routing problem |
| implement Application Security Groups | Application security groups |
| experiential learning | Tutorial: Filter network traffic with a network security group using the Azure portal |
| Filter network traffic with a network security group using PowerShell | |
| Create, change, or delete a network security group | |
| Diagnostic logging for a network security group | |
| Diagnose a virtual machine network traffic filter problem |
Implement Azure load balancer
| Topic | Link |
|---|---|
| What is Azure Load Balancer? | |
| configure internal load balancer | Create an internal load balancer by using the Azure PowerShell module |
| configure load balancing rules | Configure load balancing and outbound rules in Standard Load Balancer by using the Azure portal |
| configure public load balancer | Lab: Load Balancer and Traffic Manager |
| troubleshoot load balancing | Troubleshoot Azure Load Balancer |
| Experiential Learning | Improve application scalability and resiliency by using Azure Load Balancer |
Monitor and troubleshoot virtual networking
| Topic | Link |
|---|---|
| monitor on-premises connectivity, troubleshoot external networking, troubleshoot virtual network connectivity | Diagnose on-premises connectivity via VPN gateways |
| use Network resource monitoring | Tutorial: Log network traffic to and from a virtual machine using the Azure portal |
| use Network Watcher | What is Azure Network Watcher? |
Integrate on premises network with Azure virtual network
| Topic | Link |
|---|---|
| create and configure Azure VPN Gateway | Connect your on-premises network to Azure with VPN Gateway |
| create and configure site to site VPN | Create a Site-to-Site connection in the Azure portal |
| configure Express Route | Connect your on-premises network to the Microsoft global network by using ExpressRoute |
| verify on premises connectivity | Verifying ExpressRoute connectivity |
| troubleshoot on premises connectivity with Azure | Troubleshoot connections with Azure Network Watcher using the Azure portal |
| Diagnose on-premises connectivity via VPN gateways |