Scribd
Upload
204 views9 pages

Exam Az 104 Microsoft Azure Administrator Skills Measured

This document provides information on the skills measured in the AZ-104: Microsoft Azure Administrator certification exam. It includes a breakdown of the exam topics and percentages, such as managing Azure identities and governance (15-20%), implementing and managing storage (15-20%), deploying and managing Azure compute resources (20-25%), and configuring and managing virtual networking (25-30%). It also provides details on the types of tasks that may be assessed under each topic, such as managing Azure Active Directory objects, configuring storage accounts, deploying virtual machines, and implementing virtual networks. Finally, it includes a comparison table showing updates made to the exam guide on March 26, 2021.

Uploaded by

raj
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
204 views9 pages

Exam Az 104 Microsoft Azure Administrator Skills Measured

This document provides information on the skills measured in the AZ-104: Microsoft Azure Administrator certification exam. It includes a breakdown of the exam topics and percentages, such as managing Azure identities and governance (15-20%), implementing and managing storage (15-20%), deploying and managing Azure compute resources (20-25%), and configuring and managing virtual networking (25-30%). It also provides details on the types of tasks that may be assessed under each topic, such as managing Azure Active Directory objects, configuring storage accounts, deploying virtual machines, and implementing virtual networks. Finally, it includes a comparison table showing updates made to the exam guide on March 26, 2021.

Uploaded by

raj
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 9

Exam AZ-104: Microsoft Azure Administrator – Skills

Measured
This exam was updated on March 26, 2021. Following the current exam guide, we’ve
included a table that compares the old study guide to the current one by functional
group.

Audience Profile
Candidates for this exam should have subject matter expertise implementing, managing, and
monitoring an organization’s Microsoft Azure environment.

Responsibilities for this role include implementing, managing, and monitoring identity,
governance, storage, compute, and virtual networks in a cloud environment, plus provision, size,
monitor, and adjust resources, when needed.

An Azure administrator often serves as part of a larger team dedicated to implementing an


organization's cloud infrastructure.

A candidate for this exam should have at least six months of hands-on experience administering
Azure, along with a strong understanding of core Azure services, Azure workloads, security, and
governance. In addition, this role should have experience using PowerShell, Azure CLI, Azure
portal, and Azure Resource Manager templates.

Skills Measured
NOTE: The bullets that follow each of the skills measured are intended to illustrate how we
assess that skill. This list is not definitive or exhaustive.

NOTE: Most questions cover features that are General Availability (GA). The exam may contain
questions on Preview features if those features are commonly used.

Manage Azure identities and governance (15–20%)


Manage Azure Active Directory (Azure AD) objects

 create users and groups


 manage user and group properties
 manage device settings
 perform bulk user updates
 manage guest accounts
 configure Azure AD join
 configure self-service password reset

Manage role-based access control (RBAC)


 create a custom role
 provide access to Azure resources by assigning roles at different scopes
 interpret access assignments

Manage subscriptions and governance

 configure Azure policies


 configure resource locks
 apply and manage tags on resources
 manage resource groups
 manage subscriptions
 manage costs
 configure management groups

Implement and manage storage (15–20%)


Secure storage

 configure network access to storage accounts


 create and configure storage accounts
 generate shared access signature (SAS) tokens
 manage access keys
 configure Azure AD authentication for a storage account
 configure access to Azure Files

Manage storage

 export from Azure job


 import into Azure job
 install and use Azure Storage Explorer
 copy data by using AZCopy
 implement Azure Storage replication
 configure blob object replication

Configure Azure files and Azure Blob Storage

 create an Azure file share


 create and configure Azure File Sync service
 configure Azure Blob Storage
 configure storage tiers for Azure Blob Storage
 configure blob lifecycle management

Deploy and manage Azure compute resources (20–25%)


Automate deployment of virtual machines (VMs) by using Azure Resource Manager
templates

 modify an Azure Resource Manager template


 configure a virtual hard disk (VHD) template
 deploy from a template
 save a deployment as an Azure Resource Manager template
 deploy virtual machine extensions

Configure VMs

 configure Azure Disk Encryption


 move VMs from one resource group to another
 manage VM sizes
 add data disks
 configure networking
 redeploy VMs
 configure high availability
 deploy and configure scale sets

Create and configure containers

 configure sizing and scaling for Azure Container Instances


 configure container groups for Azure Container Instances
 configure storage for Azure Kubernetes Service (AKS)
 configure scaling for AKS
 configure network connections for AKS
 upgrade an AKS cluster

Create and configure Azure App Service

 create an App Service plan


 configure scaling settings in an App Service plan
 create an App Service
 secure an App Service
 configure custom domain names
 configure backup for an App Service
 configure networking settings
 configure deployment settings

Configure and manage virtual networking (25–30%)


Implement and manage virtual networking
 create and configure virtual networks, including peering
 configure private and public IP addresses
 configure user-defined network routes
 implement subnets
 configure endpoints on subnets
 configure private endpoints
 configure Azure DNS, including custom DNS settings and private or public DNS zones

Secure access to virtual networks

 create security rules


 associate a network security group (NSG) to a subnet or network interface
 evaluate effective security rules
 implement Azure Firewall
 implement Azure Bastion

Configure load balancing

 configure Azure Application Gateway


 configure an internal or public load balancer
 troubleshoot load balancing

Monitor and troubleshoot virtual networking

 monitor on-premises connectivity


 configure and use Network Performance Monitor
 use Azure Network Watcher
 troubleshoot external networking
 troubleshoot virtual network connectivity

Integrate an on-premises network with an Azure virtual network

 create and configure Azure VPN Gateway


 create and configure Azure ExpressRoute
 configure Azure Virtual WAN

Monitor and back up Azure resources (10–15%)


Monitor resources by using Azure Monitor

 configure and interpret metrics


 configure Azure Monitor logs
 query and analyze logs
 set up alerts and actions
 configure Application Insights

Implement backup and recovery

 create a Recovery Services vault


 create and configure backup policy
 perform backup and restore operations by using Azure Backup
 perform site-to-site recovery by using Azure Site Recovery
 configure and review backup reports

Comparison Table
Former study guide up to March 26, 2021 New study guide as of March 26, 2021

Manage Azure identities and governance Manage Azure identities and governance (15–
(15–20%) 20%)

Manage Azure AD objects Manage Azure Active Directory (Azure AD)


objects
 create users and groups
 manage user and group properties  create users and groups
 manage device settings  manage user and group properties
 perform bulk user updates  manage device settings
 manage guest accounts  perform bulk user updates
 configure Azure AD Join  manage guest accounts
 configure self-service password reset  configure Azure AD join
 configure self-service password reset
Manage role-based access control (RBAC)
Manage role-based access control (RBAC)
 create a custom role
 provide access to Azure resources by  create a custom role
assigning roles  provide access to Azure resources by
 interpret access assignments assigning roles at different scopes
 manage multiple directories  interpret access assignments

Manage subscriptions and governance Manage subscriptions and governance

 configure Azure policies  configure Azure policies


 configure resource locks  configure resource locks
 apply tags  apply and manage tags on resources
 create and manage resource groups  manage resource groups
 manage subscriptions  manage subscriptions
 configure Cost Management  manage costs
 configure management groups  configure management groups

Implement and manage storage (10– Implement and manage storage (15–20%)
15%)
Secure storage
Manage storage accounts
 configure network access to storage
 configure network access to storage accounts
accounts  create and configure storage accounts
 create and configure storage  generate shared access signature (SAS)
accounts tokens
 generate shared access signature  manage access keys
 manage access keys  configure Azure AD authentication for a
 implement Azure storage replication storage account
 configure Azure AD Authentication  configure access to Azure Files
for a storage account
Manage storage
Manage data in Azure Storage
 export from Azure job
 export from Azure job  import into Azure job
 import into Azure job  install and use Azure Storage Explorer
 install and use Azure Storage  copy data by using AZCopy
Explorer  implement Azure Storage replication
 copy data by using AZCopy  configure blob object replication

Configure Azure files and Azure blob Configure Azure files and Azure Blob Storage
storage
 create an Azure file share
 create an Azure file share  create and configure Azure File Sync
 create and configure Azure File Sync service
service  configure Azure Blob Storage
 configure Azure blob storage  configure storage tiers for Azure Blob
 configure storage tiers for Azure Storage
blobs  configure blob lifecycle management
 configure blob lifecycle
management
 configure blob object replication

Deploy and manage Azure compute Deploy and manage Azure compute resources
resources (25–30%) (20–25%)

Configure VMs for high availability and Automate deployment of virtual machines
scalability (VMs) by using Azure Resource Manager
templates
 configure high availability
 deploy and configure scale sets  modify an Azure Resource Manager
template
Automate deployment and configuration  configure a virtual hard disk template
of VMs  deploy from a template
 save a deployment as an Azure Resource
 modify Azure Resource Manager Manager template
(ARM) template  deploy virtual machine extensions
 configure VHD template
 deploy from template Configure VMs
 save a deployment as an ARM
template  configure Azure Disk Encryption
 automate configuration  move VMs from one resource group to
management by using custom script another
extensions  manage VM sizes
 add data disks
Create and configure VMs  configure networking
 redeploy VMs
 configure Azure Disk Encryption  configure high availability
 move VMs from one resource group  deploy and configure scale sets
to another
 manage VM sizes Create and configure containers
 add data discs
 configure networking  configure sizing and scaling for Azure
 redeploy VMs Container Instances
 configure container groups for Azure
Create and configure containers Container Instances
 configure storage for Azure Kubernetes
 create and configure Azure Service (AKS)
Kubernetes Service (AKS)  configure scaling for AKS
 create and configure Azure  configure network connections for AKS
Container Instances (ACI)  upgrade an AKS cluster

Create and configure Web Apps Create and configure Azure App Service

 create and configure App Service  create an App Service plan


 create and configure App Service  configure scaling settings in an App
Plans Service plan
 create an App Service
 secure an App Service
 configure custom domain names
 configure backup for an App Service
 configure networking settings
 configure deployment settings

Configure and manage virtual Configure and manage virtual networking


networking (30–35%) (25–30%)

Implement and manage virtual Implement and manage virtual networking


networking
 create and configure virtual networks,
 create and configure VNET peering including peering
 configure private and public IP  configure private and public IP addresses
addresses, network routes, network  configure user-defined network routes
interface, subnets, and virtual  implement subnets
network  configure endpoints on subnets
 configure private endpoints
Configure name resolution  configure Azure DNS, including custom
DNS settings and private or public DNS
 configure Azure DNS zones
 configure custom DNS settings
 configure a private or public DNS Secure access to virtual networks
zone
 create security rules
Secure access to virtual networks  associate a network security group (NSG)
to a subnet or network interface
 create security rules  evaluate effective security rules
 associate an NSG to a subnet or  implement Azure Firewall
network interface  implement Azure Bastion Service
 evaluate effective security rules
 deploy and configure Azure Firewall Configure load balancing
 deploy and configure Azure Bastion
Service  configure Azure Application Gateway
 configure an internal or public load
Configure load balancing balancer
 troubleshoot load balancing
 configure Application Gateway
 configure an internal load balancer Monitor and troubleshoot virtual networking
 configure load balancing rules
 configure a public load balancer  monitor on-premises connectivity
 troubleshoot load balancing  configure and use Network Performance
Monitor
Monitor and troubleshoot virtual  use Azure Network Watcher
networking  troubleshoot external networking
 troubleshoot virtual network connectivity
 monitor on-premises connectivity
 use Network Performance Monitor Integrate an on-premises network with an
 use Network Watcher Azure virtual network
 troubleshoot external networking
 troubleshoot virtual network  create and configure Azure VPN Gateway
connectivity  create and configure Azure ExpressRoute
 configure Azure Virtual WAN
Integrate an on-premises network with
an Azure virtual network

 create and configure Azure VPN


Gateway
 create and configure VPNs
 configure ExpressRoute
 configure Azure Virtual WAN

Monitor and back up Azure resources Monitor and back up Azure resources (10–
(10–15%) 15%)

Monitor resources by using Azure Monitor resources by using Azure Monitor


Monitor
 configure and interpret metrics
 configure and interpret metrics  configure Azure Monitor logs
 configure Log Analytics  query and analyze logs
 query and analyze logs  set up alerts and actions
 set up alerts and actions  configure Application Insights
 configure Application Insights
Implement backup and recovery
Implement backup and recovery
 create a Recovery Services vault
 configure and review backup reports  create and configure backup policy
 perform backup and restore  perform backup and restore operations
operations by using Azure Backup by using Azure Backup
 create a Recovery Services Vault  perform site-to-site recovery by using
 create and configure backup policy Azure Site Recovery
 perform site-to-site recovery by  configure and review backup reports
using Azure Site Recovery

You might also like