AZ-800T00 Administering Windows Server Hybrid Core Infrastructure
1. Introduction to Active Directory Domain Services (AD DS)
– Define AD DS
– Define users, groups, and computers
– Define AD DS forests and domains
– Define Organizational Units (OUs)
– Manage objects and their properties in AD DS
2. Management of AD DS Domain Controllers and FSMO Roles
– Deploy AD DS domain controllers
– Maintain AD DS domain controllers
– Manage the AD DS Global Catalog role
– Manage AD DS operations masters
– Manage AD DS schema
3. Implementation of Group Policy Objects (GPOs)
– Define GPOs
– Implement GPO scope and inheritance
– Define domain-based GPOs
– Create and configure a domain-based GPO
– Define GPO storage
– Define administrative templates
4. Management of Advanced Features of AD DS
– Create trust relationships
– Implement ESAE (Enhanced Security Administrative Environment) forests
– Monitor and troubleshoot AD DS
– Create custom AD DS partitions
5. Implementation of Hybrid Identity with Windows Server
– Select a Microsoft Enterprise integration model
– Plan for Microsoft Enterprise integration
– Prepare on-premises Active Directory for directory synchronization
– Install and configure directory synchronization with Microsoft Enterprise Connect
– Implement Seamless Single Sign-On
– Enable Microsoft Enterprise login for Windows VM in Azure
– Describe Microsoft Enterprise Domain Services
– Implement and configure Microsoft Enterprise Domain Services
– Manage Windows Server 2019 in a Microsoft Enterprise Domain Services environment
– Create and configure a Microsoft Enterprise Domain Services instance
– Join a Windows Server VM to a managed domain
6. Deployment and Management of Azure IaaS Active Directory Domain Controllers in Azure
– Select an option to implement directory and identity services using Active Directory Domain Services in Azure
– Deploy and configure Active Directory Domain Services domain controllers in Azure VMs
– Install a replica Active Directory domain controller in an Azure VM
– Install a new Active Directory forest on an Azure VNet
7. Secure Administration of Windows Server
– Define least privilege administration
– Implement delegated privileges
– Use privileged access workstations
– Use jump servers
8. Description of Windows Server Administration Tools
– Explore Windows Admin Center
– Use Server Manager
– List Remote Server Administration Tools
– Use Windows PowerShell
– Use Windows PowerShell to remotely administer a server
9. Post-installation Configuration of Windows Server
– List the available post-installation configuration tools
– Configure Server Core using Sconfig
– Use DSC (Desired State Configuration) to configure Windows Server
– Perform post-installation configuration with Windows Admin Center
– Configure a server with answer files
10. Administration and Management of Windows Server IaaS Virtual Machines Remotely
– Select the appropriate remote administration tool
– Manage Windows Virtual Machines with Azure Bastion
– Create an Azure Bastion host
– Configure just-in-time administration
11. Management of Hybrid Workloads with Azure Arc
– Describe Azure Arc
– Onboard Windows Server instances
– Connect hybrid machines to Azure from the Azure portal
– Use Azure Arc to manage Windows Server instances
– Restrict access with Role-Based Access Control (RBAC)
12. Optimization of IT Operations and Management with Azure Automanage
– Describe concepts around Azure Automanage best practices
– Enable Azure Automanage best practices
– Create and assign a custom configuration profile
– Extend Azure Automanage across non-Azure infrastructure with Azure Arc
13. Just Enough Administration in Windows Server
– Explain the concept of Just Enough Administration (JEA)
– Define role capabilities for a JEA endpoint
– Create a session configuration file to register a JEA endpoint
– Describe how JEA endpoints work to limit access to a PowerShell session
– Create and connect to a JEA endpoint
– Demonstration: Connect to a JEA endpoint
14. Configuration and Management of Hyper-V
– Define Hyper-V
– Define Hyper-V Manager
– Configure Hyper-V hosts using best practices
– Configure Hyper-V networking
– Assess advanced Hyper-V networking features
– Define nested virtualization
15. Configuration and Management of Hyper-V Virtual Machines
– List the virtual machine configuration versions
– List the virtual machine generation versions
– List available VHD formats and types
– Create and configure VMs
– Determine storage options for VMs
– Define shared VHDs and VHD Sets
– Implement guest clusters using shared VHDX
16. Secure Hyper-V Workloads
– Define guarded fabric
– Define the Host Guardian Service
– Explore TPM-trusted attestation
– Define KPS (Key Protection Service)
– Determine key features of shielded VMs
– Compare encryption-supported and shielded VMs in a guarded fabric
– Implement a shielded VM
17. Planning and Deployment of Windows Server IaaS Virtual Machines
– Describe Azure compute
– Describe Virtual Machine storage
– Deploy Azure Virtual Machines
– Create a Windows Virtual Machine using the portal
– Create a Windows Virtual Machine using Azure CLI
– Deploy Azure Virtual Machines using templates
– Describe additional management optimization options
18. Customization of Windows Server IaaS Virtual Machine Images
– Create a generalized image
– Create a new Virtual Machine from a managed image
– Create a managed image of a generalized virtual machine in Azure
– Create a Virtual Machine from a managed image
– Implement Azure Image Builder
– Create a Windows Virtual Machine using Azure Image Builder template
– Create a Windows Virtual Machine with Azure Image Builder using PowerShell
19. Automation of Configuration of Windows Server IaaS Virtual Machines
– Describe Azure Automation
– Implement Azure Automation with DSC
– Remediate noncompliant servers
– Describe Custom Script Extensions
– Configure a Virtual Machine using DSC
20. Running Containers on Windows Server
– Define containers
– List the differences between containers and VMs
– Define Windows Server and Hyper-V containers and isolation modes
– Explore Docker
– Prepare a Windows Server 2019 host for container deployment
– Security, Storage, and Networking with Windows containers
21. Orchestration of Containers on Windows Server using Kubernetes
– Define orchestration
– Define Kubernetes
– Deploy Kubernetes resources
– Create a Kubernetes cluster on Windows
– Define Azure Arc
– Connect an Azure Arc-enabled Kubernetes cluster to Azure Arc
22. Implementation of DNS for Windows Server IaaS VMs
– Understand Azure DNS
– Implement Azure DNS
– Create an Azure DNS zone and record using the Azure portal
– Implement DNS with Azure IaaS virtual machines
– Implement split-horizon DNS in Azure
– Troubleshoot DNS
23. Deployment and Management of DHCP
– Use DHCP to simplify IP configuration
– Install and configure the DHCP role
– Configure DHCP options
– Configure DHCP scopes
– Select DHCP high availability options
– Implement DHCP Failover
24. Implementation of Windows Server DNS
– Explore the DNS architecture
– Work with DNS zones and records
– Install and configure the DNS role
– Implement DNS forwarding
25. Implementation of IP Address Management (IPAM)
– Define IP Address Management
– Deploy IP Address Management
– Administer IP Address Management
– Configure IP Address Management options
– Manage DNS zones with IP Address Management
– Manage DHCP servers with IP Address Management
– Use IP Address Management to manage IP addressing
26. Implementation of Remote Access
– Examine the remote access options in Windows Server
– Select and set up VPNs
– Use NPS (Network Policy Server) to create and enforce network access policies
– Plan and implement NPS
– Deploy a PKI (Public Key Infrastructure) for remote access
– Use WAP (Web Application Proxy) as a reverse web proxy
27. Implementation of Hybrid Network Infrastructure
– Describe Azure network topologies
– Implement Azure VPN options
– Create a route-based VPN gateway using the Azure portal
– Implement Azure ExpressRoute
– Configure Azure Virtual WAN
– Implement DNS in hybrid environments
28. Implementation of Windows Server IaaS VM IP Addressing and Routing
– Implement a virtual network
– Implement IaaS VM IP addressing
– Assign and manage IP addresses
– Configure a private IP address for a virtual machine using the Azure portal
– Create a virtual machine with a static public IP address using the Azure portal
– Implement IaaS virtual machine IP routing
– Implement IPv6 for Windows Server IaaS virtual machines
29. Management of Windows Server File Servers
– Define the Windows Server file system
– List the benefits and uses of File Server Resource Manager
– Define SMB (Server Message Block) and its security considerations
– Configure SMB protocol
– Define Volume Shadow Copy Service
30. Implementation of Storage Spaces and Storage Spaces Direct
– Define the Storage Spaces architecture and its components
– List the functionalities, benefits, and use cases of Storage Spaces
– Implement Storage Spaces
– List the functionalities, components, benefits, and use cases of Storage Spaces Direct
– Implement Storage Spaces Direct
31. Implementation of Windows Server Data Deduplication
– Define the architecture, components, and functionality of Data Deduplication
– Define the use cases and interoperability of Data Deduplication
– Implement Data Deduplication
– Manage and maintain Data Deduplication
32. Implementation of Windows Server iSCSI
– List the functionalities, components, and use cases of iSCSI
– List the considerations for implementing iSCSI
– Implement iSCSI
– Configure high availability for iSCSI
33. Implementation of Windows Server Storage Replica
– List the functionalities and components of Storage Replica
– Examine the prerequisites for implementing Storage Replica
– Implement Storage Replica using Windows Admin Center
– Implement Storage Replica using Windows PowerShell
34. Implementation of a Hybrid File Server Infrastructure
– Describe Azure File services
– Configure Azure Files
– Configure connectivity to Azure Files
– Describe Azure File Sync
– Implement Azure File Sync
– Deploy Azure File Sync
– Manage cloud tiering
– Migrate from DFSR (Distributed File System Replication) to Azure File Sync