Introduction

Microsoft Azure has become one of the most popular cloud platforms in recent years, providing a vast range of services and solutions for businesses of all sizes. To become proficient in Azure administration, many IT professionals pursue the AZ-104 certification exam, which measures their ability to manage Azure resources, monitor and optimize the platform's performance, and implement various security measures.

"The Ultimate AZ-104 Study Guide: Master Microsoft Azure Administration" is a comprehensive resource designed to help individuals prepare for the AZ-104 exam and excel in their Azure administration skills. This study guide covers all the essential topics, including virtual machines, storage, networking, security, and resource management, providing detailed explanations, practical examples, and hands-on exercises.

In this article, we will explore the benefits of "The Ultimate AZ-104 Study Guide: Master Microsoft Azure Administration" and discuss why it is an essential resource for anyone looking to advance their Azure administration skills and obtain the AZ-104 certification.

The high-level view of the skills measured in the exam:

• Manage Azure identities and governance (15-20%)
• Implement and manage storage (10-15%)
• Deploy and manage Azure compute resources (25-30%)
• Configure and manage virtual networking (30-35%)
• Monitor and back up Azure resources (10-15%)

Preparing for the AZ-104 exam

Preparing for the AZ-104 exam, Microsoft Azure Administrator, requires a thorough understanding of Azure services, tools, and concepts. Here's a comprehensive guide on how to prepare for the AZ-104 exam:

1. Review the exam objectives: Familiarize yourself with the exam objectives outlined by Microsoft. Visit the official AZ-104 exam page to understand the skills measured: https://docs.microsoft.com/en-us/learn/certifications/exams/az-104

2. Microsoft Learn: Microsoft provides a free learning path for AZ-104. Complete the learning modules and gain hands-on experience with Azure services:

3. Official Microsoft Documentation: Study the Azure documentation to dive deeper into specific topics and services: https://docs.microsoft.com/en-us/azure/

4. Books: Consider purchasing study guides or books, such as "Exam Ref AZ-104 Microsoft Azure Administrator Certification and Beyond: A pragmatic guide to achieving the Azure administration certification, 2nd Edition" by Riaan Lowe, Donovan Kelly, or "Exam Ref AZ-104 Microsoft Azure Administrator" by Harshul Patel, Michael Washam, Jonathan Tuliani.

5. Online courses: Enroll in an online course from platforms like Pluralsight, Udemy, or A Cloud Guru. These platforms offer comprehensive video lectures and practice exams for the AZ-104 exam.

6. Practice exams: Take practice exams to gauge your understanding and identify areas that need improvement. MeasureUp (https://www.measureup.com/) and Whizlabs (https://www.whizlabs.com/) are popular platforms for practice exams.

7. Hands-on practice: Create a free Azure account and gain hands-on experience by working with Azure services, following tutorials, and completing labs. Microsoft provides free Azure services and a $200 credit for the first 30 days: https://azure.microsoft.com/en-us/free/

8. Microsoft Learn: Microsoft provides a free learning path for AZ-104. Complete the learning modules and gain hands-on experience with Azure services:

• AZ-104 Prerequisites for Azure administrators
• AZ-104 Manage identities and governance in Azure
• AZ-104 Implement and manage storage in Azure
• AZ-104 Deploy and manage Azure compute resources
• AZ-104: Configure and manage virtual networking
• AZ-104 Monitor and back up Azure resources

 Microsoft Docs AZ-104 Study Guide Materials

 Here are the pertinent Microsoft Docs which can be utilized to study and prepare for the AZ-104 exam.

Manage Azure identities and governance (15-20%)

Manage Azure AD objects

What is Azure Active Directory?

create users and groups

• Add or delete users using Azure Active Directory
• Creating a new user in Azure AD
• New-AzureADUser

manage user and group properties

• Add or update a user’s profile information using Azure Active Directory
• Edit your group information using Azure Active Directory

manage device settings

• Manage device identities using the Azure portal
• How To: Manage stale devices in Azure AD

perform bulk user updates

• Bulk import group members (preview) in Azure Active Directory

manage guest accounts

• What is guest user access in Azure Active Directory B2B?
• Manage guest access with Azure AD access reviews
• Quickstart: Add guest users to your directory in the Azure portal

configure Azure AD Join

• How to: Plan your Azure AD join implementation
• Tutorial: Configure hybrid Azure Active Directory join for managed domains

configure self-service password reset

• Plan an Azure Active Directory self-service password reset
• How it works: Azure AD self-service password reset
• Licensing requirements for Azure AD self-service password reset

Manage role-based access control (RBAC)

What is role-based access control (RBAC) for Azure resources?

create a custom role

• Tutorial: Create a custom role for Azure resources using Azure PowerShell
• Tutorial: Create a custom role for Azure resources using Azure CLI

provide access to Azure resources by assigning roles

• Add or remove role assignments using Azure RBAC and the Azure portal

interpret access assignments

• List role assignments using Azure RBAC and the Azure portal
• Understand deny assignments for Azure resources

manage multiple directories

• Understand how multiple Azure Active Directory tenants interact

Manage subscriptions and governance

Overview of Management services in Azure

configure Azure policies

• What is Azure Policy?
• Quickstart: Create a policy assignment to identify non-compliant resources
• Tutorial: Create and manage policies to enforce compliance

configure resource locks

• Lock resources to prevent unexpected changes
• Prevent Azure Resources from unexpected deletion using Locks (Thomas Maurer)

apply tags

• Use tags to organize your Azure resources
• Use Azure Tags to organize Resources (Thomas Maurer)

create and manage resource groups

• Manage Azure Resource Manager resource groups by using the Azure portal
• Manage Azure resource groups by using Azure PowerShell

move resources

• Move resources to a new resource group or subscription

remove RGs

• Delete resource groups

manage subscriptions

• Create an additional Azure subscription
• Change your Azure subscription to a different offer

configure Cost Management

• What is Azure Cost Management and Billing?
• Quickstart: Explore and analyze costs with cost analysis

configure management groups

• Create management groups for resource organization and management
• Manage your resources with management groups

Implement and manage storage (10-15%)

Manage storage accounts

Introduction to Azure Storage

configure network access to storage accounts

• Configure Azure Storage firewalls and virtual networks

create and configure storage accounts

• Storage account overview
• Create an Azure Storage account
• Upgrade to a general-purpose v2 storage account

generate shared access signature

• Delegate access with a shared access signature
• Grant limited access to Azure Storage resources using shared access signatures (SAS)

manage access keys

• Manage storage account access keys

implement Azure storage replication

• Azure Storage redundancy

configure Azure AD Authentication for a storage account

• Authorize access to blobs and queues using Azure Active Directory

Manage data in Azure Storage

export from Azure job

• Use the Azure Import/Export service to export data from Azure Blob storage

import into Azure job

• Use the Azure Import/Export service to import data to Azure Blob Storage

install and use Azure Storage Explorer

• Get started with Storage Explorer

copy data by using AZCopy

• What is Azure CLI
• Get started with Azure CLI
• Install the Azure CLI (Thomas Maurer)

Configure Azure files and Azure blob storage

What is Azure Files?

create an Azure file share

• Quickstart: Create and manage Azure file shares with the Azure portal
• Create an Azure file share

create and configure Azure File Sync service

• Planning for an Azure File Sync deployment
• Tutorial: Extend Windows file servers with Azure File Sync

configure Azure blob storage

• Quickstart: Upload, download, and list blobs with the Azure portal

configure storage tiers for Azure blobs

• Azure Blob storage: hot, cool, and archive access tiers

Deploy and manage Azure compute resources (25-30%)

Configure VMs for high availability and scalability

configure high availability

• Availability options for virtual machines in Azure
• Manage the availability of Windows virtual machines in Azure

deploy and configure scale sets

• What are virtual machine scale sets?

Automate deployment and configuration of VMs

modify Azure Resource Manager (ARM) template

• Extend Azure Resource Manager template functionality
• Azure Resource Manager templates overview
• Tutorial: Create and deploy your first Azure Resource Manager template

configure VHD template

• Create a VM from a VHD by using the Azure portal

deploy from template

• Quickstart: Create and deploy Azure Resource Manager templates by using the Azure portal

save a deployment as an ARM template

• Download the template for a VM

automate configuration management by using custom script extensions

• Custom Script Extension for Windows
• Use the Azure Custom Script Extension Version 2 with Linux virtual machines

Create and configure VMs

configure Azure Disk Encryption

• Azure Disk Encryption for Linux VMs
• Azure Disk Encryption for Windows VMs

move VMs from one resource group to another

• Move a Windows VM to another Azure subscription or resource group

manage VM sizes

• Resize a Windows VM

add data discs

• Attach a managed data disk to a Windows VM by using the Azure portal
• Attach a data disk to a Windows VM with PowerShell

configure networking

• Common PowerShell commands for Azure Virtual Networks
• How to open ports to a virtual machine with the Azure portal
• Create and manage a Windows virtual machine that has multiple NICs

redeploy VMs

• Redeploy Windows virtual machine to new Azure node

Create and configure containers

create and configure Azure Kubernetes Service (AKS)

• Azure Kubernetes Service (AKS)
• Quickstart: Deploy an Azure Kubernetes Service (AKS) cluster using the Azure portal

create and configure Azure Container Instances (ACI)

• What is Azure Container Instances?
• Quickstart: Deploy a container instance in Azure using the Azure portal
• Quickstart: Deploy a container instance in Azure using the Azure CLI

Create and configure Web Apps

create and configure App Service

• App Service overview
• Create an ASP.NET Core web app in Azure

create and configure App Service Plans

• Azure App Service plan overview
• Manage an App Service plan in Azure

Configure and manage virtual networking (30-35%)

Implement and manage virtual networking

create and configure VNET peering

• Virtual network peering overview
• Azure Virtual Network frequently asked questions (FAQ) VNet Peering
• Tutorial: Connect virtual networks with virtual network peering using the Azure portal
• Create a virtual network peering – different deployment models, same subscription
• Create, change, or delete a virtual network peering

configure private and public IP addresses, network routes, network interface, subnets, and virtual network

• What is Azure Virtual Network?
• Quickstart: Create a virtual network using the Azure portal
• Virtual network traffic routing
• Networking limits
• Create, change, or delete a public IP address
• Add, change, or remove IP addresses for an Azure network interface
• Associate a public IP address to a virtual machine
• Subnet extension
• Virtual network traffic routing
• Add network interfaces to or remove network interfaces from virtual machines

Configure name resolution

• configure Azure DNS
  • What is Azure DNS?
  • What is Azure Private DNS?
  • Quickstart: Create an Azure DNS zone and record using the Azure portal
  • Azure DNS FAQ
• configure custom DNS settings
  • Name resolution for resources in Azure virtual networks
  • Use Azure DNS to provide custom domain settings for an Azure service
• configure a private or public DNS zone
  • Tutorial: Host your domain in Azure DNS
  • Quickstart: Create an Azure private DNS zone using the Azure portal

Secure access to virtual networks

• create security rules
  • Create, change, or delete a network security group
• associate an NSG to a subnet or network interface
  • Create, change, or delete a network security group
• evaluate effective security rules
  • Create, change, or delete a network interface
• deploy and configure Azure Firewall
  • Tutorial: Deploy and configure Azure Firewall using the Azure portal
• deploy and configure Azure Bastion Service
  • Create an Azure Bastion host

Configure load balancing

• configure Application Gateway
  • Application Gateway configuration overview
• configure an internal load balancer
  • Tutorial: Balance internal traffic load with a Basic load balancer in the Azure portal
• configure load balancing rules
  • Create an internal load balancer by using the Azure PowerShell module
• configure a public load balancer
  • Quickstart: Create a Load Balancer to load balance VMs using the Azure portal
• troubleshoot load balancing
  • Troubleshoot Azure Load Balancer

Monitor and troubleshoot virtual networking

monitor on-premises connectivity

• Diagnose on-premises connectivity via VPN gateways

use Network Performance Monitor

• Network Performance Monitor solution: Performance monitoring

use Network Watcher

• What is Azure Network Watcher?

troubleshoot external networking

• Troubleshoot Virtual Network Gateway and Connections using Azure Network Watcher Azure CLI

troubleshoot virtual network connectivity

• Troubleshoot connections with Azure Network Watcher using the Azure portal

Integrate an on-premises network with an Azure virtual network

create and configure Azure VPN Gateway

• Create a route-based VPN gateway using the Azure portal

create and configure VPNs

• Create a Site-to-Site connection in the Azure portal

configure ExpressRoute

• ExpressRoute overview
• Tutorial: Create and modify an ExpressRoute circuit

configure Azure Virtual WAN

• About Azure Virtual WAN
• Tutorial: Create a Site-to-Site connection using Azure Virtual WAN

Monitor and back up Azure resources (10-15%)

Monitor resources by using Azure Monitor

configure and interpret metrics

• Metrics in Azure Monitor
• Quickstart: Monitor an Azure resource with Azure Monitor

configure Log Analytics

• Get started with Log Analytics in Azure Monitor

query and analyze logs

• Overview of log queries in Azure Monitor

set up alerts and actions

• Create, view, and manage metric alerts using Azure Monitor
• Metric Alerts with Dynamic Thresholds in Azure Monitor
• Create Metric Alerts for Logs in Azure Monitor

configure Application Insights

• Manage Application Insights resources using PowerShell

Implement backup and recovery

configure and review backup reports

• Configure Azure Backup reports

perform backup and restore operations by using Azure Backup

• Back up a virtual machine in Azure
• Restore a disk and create a recovered VM in Azure

create a Recovery Services Vault

• Create a Recovery Services vault

use soft delete to recover Azure VMs

• Soft delete for virtual machines

create and configure backup policy

• Manage Azure VM backups with Azure Backup service

perform site-to-site recovery by using Azure Site Recovery

• About Site Recovery
• Set up disaster recovery of on-premises VMware virtual machines or physical servers to a secondary site

Prior skills, knowledge, and experience

• It is recommended that candidates have at least six months of hands-on experience administering Azure, including implementing and managing storage, compute, networking, and security.
• Candidates should have a strong understanding of core Azure services, workloads, security, and governance.
• Experience using PowerShell, Azure CLI, Azure Portal, and ARM templates is beneficial.
• Note prior skills, knowledge or experience with Terraform not required, but could be nbeneficial.

Time spent on preparation

• The time needed to prepare for the AZ-104 exam varies depending on the candidate's prior knowledge and experience with Azure.
• On average, candidates typically spend between 1 to 3 months preparing for the exam. This includes studying, taking online courses, and gaining hands-on experience with Azure services.
• It's essential to allocate sufficient time for each topic and take practice exams to assess your readiness for the actual exam.

Remember, everyone learns at a different pace. Focus on understanding the concepts and gaining practical experience to increase your chances of passing the AZ-104 exam.

Conclusion

"The Ultimate AZ-104 Study Guide: Master Microsoft Azure Administration" is an invaluable resource for IT professionals looking to enhance their Azure administration skills and obtain the AZ-104 certification. This study guide covers all the essential topics in a comprehensive and accessible manner, providing readers with the knowledge and practical skills they need to succeed in their Azure administration careers.

With "The Ultimate AZ-104 Study Guide: Master Microsoft Azure Administration," readers can gain a deeper understanding of virtual machines, storage, networking, security, and resource management, and learn how to apply these concepts to real-world scenarios. Additionally, this study guide includes hands-on exercises, sample questions, and exam tips, making it an excellent tool for preparing for the AZ-104 certification exam.

Overall, "The Ultimate AZ-104 Study Guide: Master Microsoft Azure Administration" is a must-have resource for anyone seeking to become an Azure administration expert and advance their career in the cloud computing industry.