Training Contents 2022
Training content for 2022
Table of contents
| Learning Path | Module | Learning objectives |
|---|---|---|
| Windows Server security | Secure Windows Server user accounts | - Configure and manage user accounts to limit security threats across an organization. - Apply Protected Users settings, policies, and authentication silos to protect highly privileged user accounts. - Describe and configure Windows Defender Credential Guard. - Configure Group Policy to block the use of NTLM for authentication. |
| Hardening Windows Server | - Manage local administrator passwords using Local Administrator Password Solution. - Limit administrative access to Privileged Access Workstations (PAWs). - Explain how to secure domain controllers from being compromised. - Describe how to use the Microsoft Security Compliance Toolkit to harden servers. - Secure SMB traffic using SMB encryption. | |
| Windows Server update management | - Describe the role of Windows Server Update Services (WSUS) - Describe the WSUS update management process - Deploy updates with WSUS | |
| Secure Windows Server DNS | - Describe split-horizon DNS and explain how to implement it. - Create DNS policies. - Implement DNS policies. - Describe the options for protecting the DNS server role. - Implement DNS security. | |
| Implementing security solutions in hybrid scenarios | Implement Windows Server IaaS VM network security | - Implement Network Security Groups (NSGs) with Windows Server IaaS VMs. - Implement adaptive network hardening. - Implement Azure Firewall. - Implement Windows Defender Firewall in Windows Server IaaS VMs. - Choose an appropriate filtering solution. - Capture network traffic with Network Watcher. |
| Audit the security of Windows Server IaaS Virtual Machines | - Describe Azure Security Center. - Enable Azure Security Center in hybrid environments. - Onboard Windows Server computers to Azure Security Center. - Implement and assess security policies. - Describe Azure Sentinel. - Implement SIEM and SOAR. - Protect your resources with Azure Security Center. | |
| Manage Azure updates | - Describe Azure updates. - Enable Update Management. - Deploy updates. - Review an update assessment. - Manage updates for your Azure VMs. | |
| Create and implement application allowlists with adaptive application control | - Enable Adaptive application controls. - Implement adaptive application control policies. | |
| Configure BitLocker disk encryption for Windows IaaS Virtual Machines | -Describe Azure Disk Encryption. - Configure Key Vault to support Azure Disk Encryption. - Explain how to encrypt Azure IaaS VM hard disks. - Back up and recover encrypted data from IaaS VM hard disks. | |
| Implement change tracking and file integrity monitoring for Windows IaaS VMs | - Implement Change Tracking and Inventory. - Manage Change Tracking and Inventory. - Manage tracked files. - Implement File Integrity Monitoring. - Select and monitor entities. - Use File Integrity Monitoring. | |
| Implement Windows Server high availability | Introduction to Cluster Shared Volumes | - Describe the functionality of CSV. - Describe the architecture and components of CSV. - Implement CSV. |
| Implement Windows Server failover clustering | - Describe Windows Server failover clustering. - Implement Windows Server failover clustering. - Manage Windows Server failover clustering. - Implement stretch clusters. - Describe cluster sets. | |
| Implement high availability of Windows Server VMs | - Describe the Hyper-V high availability options. - Describe Hyper-V VMs load balancing. - Implement Hyper-V VMs live migration. - Implement Hyper-V VMs storage migration. | |
| Implement Windows Server File Server high availability | -Provide a high-level overview of Windows Server File Server high-availability options. - Describe the characteristics of, and high-level implementation steps for Cluster Shared Volumes (CSV). - Describe the characteristics of, and high-level implementation steps for Scale-Out File Server (SOFS). - Describe the characteristics of, and high-level implementation steps for Storage Replica. | |
| Implement scale and high availability with Windows Server VM | - Describe virtual machine scale sets. - Implement scaling. - Implement load-balancing virtual machines. - Implement Azure Site Recovery. | |
| Disaster recovery in Windows Server | Implement Hyper-V Replica | - Describe Hyper-V Replica, pre-requisites for its use, and its high-level architecture and components. - Describe Hyper-V Replica usage scenarios, available replication settings, and security considerations. - Configure Hyper-V Replica settings, health monitoring, and failover options. - Implement Hyper-V Replica. - Describe extended replication. - Describe Site Recovery. - Implement Site Recovery. |
| Protect your on-premises infrastructure from disasters with Azure Site Recovery | - Identify the features and protection capabilities Azure Site Recovery provides to on-premises infrastructure. - Identify the requirements for enabling protection of on-premises infrastructure. | |
| Implementing recovery services in hybrid scenarios | Implement hybrid backup and recovery with Windows Server IaaS | - Describe Azure Backup. - Implement Recovery Vaults. - Implement Azure Backup policies. - Recover Windows IaaS VMs. - Perform file and folder recovery. - Perform backup and recovery of on-premises workloads. - Explain how to manage Azure VM backups with Azure Backup. |
| Protect your Azure infrastructure with Azure Site Recovery | - Protect Azure virtual machines with Azure Site Recovery. - Run a disaster recovery drill to validate protection. - Failover and failback your virtual machines. | |
| Protect your virtual machines by using Azure Backup | - Identify the scenarios for which Azure Backup provides backup and restore capabilities. - Back up and restore an Azure virtual machine. | |
| Upgrade and migrate in Windows Server | Active Directory Domain Services migration | - Compare upgrading an AD DS forest and migrating to a new AD DS forest. - Describe how to upgrade an existing AD DS forest. - Describe how to migrate to a new AD DS forest. - Describe Active Directory Migration Tool (ADMT). |
| Migrate file server workloads using Storage Migration Service | - Describe Storage Migration Service and its usage scenarios. - Identify the requirements for using Storage Migration Service. - Describe how to migrate a server with storage migration. - List the considerations for using Storage Migration Service. | |
| Migrate Windows Server roles | - Describe the Windows Server Migration Tools. - Use the migration tools to migrate specific Windows Server roles. | |
| Implementing migration in hybrid scenarios | Migrate on-premises Windows Server instances to Azure IaaS virtual machines | - Plan your migration. - Describe Azure Migrate. - Migrate server workloads using Windows Server Migration Tools. - Assess physical servers with Azure Migrate. - Migrate on-premises servers to Azure. |
| Upgrade and migrate Windows Server IaaS virtual machines | - Describe Windows Server IaaS migration. - Explain how to migrate workloads using Windows Server Migration tools. - Describe storage migration. - Migrate file servers by using the Storage Migration Service. | |
| Containerize and migrate ASP.NET applications to Azure App Service | - Discover and containerize your ASP.NET app running on Windows machines using Azure Migrate: App Containerization. - Build a container image for your ASP.NET application. - Deploy your containerized application to Azure App Service using Azure Migrate: App Containerization. | |
| Server and performance monitoring in Windows Server | Monitor Windows Server performance | - Use built-in tools in Windows Server to monitor server performance. - Understand the fundamentals of server performance tuning. |
| Manage and monitor Windows Server event logs | - Describe event logs. - Use Server Manager and Windows Admin Center to - Review event logs. - Implement custom views. - Configure an event subscription. | |
| Implement Windows Server auditing and diagnostics | - Audit Windows Server events. - Configure Windows Server to record diagnostic information. | |
| Troubleshoot Active Directory | - Recover the AD DS database, objects in AD DS, and SYSVOL. - Troubleshoot AD DS replication. - Troubleshoot Hybrid authentication issues. | |
| Implementing operational monitoring in hybrid scenarios | Monitor Windows Server IaaS Virtual Machines and hybrid instances | - Enable Azure Monitor for VMs. - Monitor an Azure VM with Azure Monitor. - Enable Azure Monitor in hybrid scenarios. - Collect data from a Windows computer in a hybrid environment. - Integrate Azure Monitor with Microsoft Operations Manager. |
| Monitor the health of your Azure virtual machine by using Azure Metrics Explorer and metric alerts | - Identify metrics and diagnostic data that you can collect for virtual machines. - Configure monitoring for a virtual machine. - Use monitoring data to diagnose problems. | |
| Monitor performance of virtual machines by using Azure Monitor VM Insights | - Evaluate Azure Monitor Logs and Azure Monitor VM Insights. - Configure a Log Analytics workspace. - Build queries from the Heartbeat and InsightsMetrics tables. | |
| Troubleshoot on-premises and hybrid networking | - Diagnose DHCP and DNS problems in on-premises contexts. - Diagnose IP configuration and routing problems. - Implement Packet Monitor to help diagnose network problems. - Use Azure Network Watcher to troubleshoot Microsoft Azure virtual networks. | |
| Troubleshoot Windows Server Virtual Machines in Azure | - Troubleshoot VM deployment and extension issues - Troubleshoot VM startup and performance issues - Troubleshoot VM storage and encryption issues - Troubleshoot connectivity to VMs |