Azure 2in1 and GCP Course Outline

Azure 2in1 Course Outline

AZURE MODULE:

AZ-104 AZURE ADMINISTRATOR ASSOCIATE

  • Module 1 Manage Azure identities and governance
  • Module 2 Implement and manage storage
  • Module 3 Deploy and manage Azure compute resources
  • Module 4 Configure and manage virtual networking
  • Module 5 Monitor and back up Azure resources
AZ-500 AZURE SECURITY ENGINEER ASSOCIATE
  • Module 1 Security

AZURE PREREQUISITES:

  • Basic networking knowledge required i.e. IP address/Routers/Subnet/Gateway/Firewall/Switch /LAN/WAN

INTRODUCTION TO AZURE FUNDAMENTALS AND SECURITY

  • Benefits and Considerations
  • As A Service Offerings
  • Azure Tools
  • Core Identity
  • Azure Pricing and Support
  • Planning and Managing Cost
  • Azure Regions
  • Azure Resource Manager
  • Defense in Depth
  • Security Layers
  • Compliance and Security Requirements

MANAGE AZURE SUBSCRIPTIONS AND SECURITY OPERATIONS (THEORY)

  • Intro to Accounts and Subscriptions
  • Naming and Tagging
  • Azure Subscriptions Configurations
  • RBAC Overview
  • Azure Monitor
  • Log Analytics
  • Azure Security Center Overview
  • Azure Policy

MANAGE AZURE SUBSCRIPTIONS AND SECURITY OPERATIONS (LABS)

  • Azure Trial Account Creation
  • Quotas, Cost Analysis and Tagging
  • Monitoring, Alerts, Activity log
  • Billing Alerts
  • Cost Management
  • Subscription Policies
  • Implement Role-Based Access
  • Azure Monitor and Alerts
  • Log Analytics
  • Prevent and Respond to Threats in Azure Security Center
  • Implement Azure Policy
  • Implement a Resource Lock

AZURE VIRTUAL NETWORKS AND SECURITY (THEORY)

  • Network Overview
  • Network Security Overview
  • Network Security Groups (NSGs)
  • Cross Site Connectivity
  • Azure Load Balancing Services
  • Azure Firewall
  • Distributed Denial of Service (DDoS)

AZURE VIRTUAL NETWORKS AND SECURITY (LABS)

  • Create VNets and Subnets via the Azure
    Portal and PowerShell
  • Configure User-Defined Routes and VNet
    Peering
  • Create and Configure a NSG
  • Cross Site Connectivity
  • Create and Configure an Azure Load
    Balancer
  • Configure Azure DNS
  • Configure App Gateway
  • Configure Azure Firewall

HOST OPERATIONS AND SECURITY (THEORY)

  • Virtual Machines (VMs) Overview
  • VM Configuration, Networking, Storage
  • VM Availability, Scalability, Extensions
  • Azure Disk Encryption
  • VM Security Best Practices

HOST OPERATIONS AND SECURITY (LABS)

  • Create and Connect to Azure VM
  • Deploying Virtual Machine Images, Custom Images, Linux
  • Configuring Virtual Machines
  • Create Key Vault for Disk Encryption
  • Configure Disk Encryption
  • Azure Security Center and VMManagement
  • VM Hardening in Security Center

STORAGE AND DATA SERVICES WITH SECURITY (THEORY)

  • Storage Account Overview
  • Manage Permissions
  • Encryption Keys and Key Vault
  • Key Vault Overview
  • Azure Backup and Recovery Services

STORAGE AND DATA SERVICES WITH SECURITY (LABS)

  • Create a Storage Account via Portal
  • Use Storage Explorer with Azure Storage
  • Create and Manage SAS
  • Azure File and Sync Services
  • Configure Azure Backup and Recovery Services

AZURE ACTIVE DIRECTORY FOR WORKLOADS (THEORY)

  • Azure Active Directory (AD) Overview
  • AD Connect Overview
  • Authentication Options
  • Service Principals
  • Identity Protection
  • Privileged Identity Management (PIM)

AZURE ACTIVE DIRECTORY FOR WORKLOADS (LABS)

  • Create Azure AD Tenant
  • Move Subscription to another Directory
  • Create Users and Groups
  • Implementing AD Connect
  • Monitoring with AD Connect Health
  • Create a Service Principal
  • App Registration
  • Configure Identity Protection
  • Configure Privileged Identity Management

AZURE DATABASE (LABS)

  • Create Azure SQL database
  • Database connectivity
  • Private Endpoint to connect to Azure SQL Database.
  • Database backup & restore
  • Import & export database

FINAL PROJECT

  • Final Overview & Exam Discussion​

GCP Course Outline

Identity & Access Management Roles:

  • IAM roles
  • User types
  • Primitive, predefined & custom role

Virtual Networks:

  • Multi region network deployment
  • Discontiguous network implementation
  • Multi-region subnet
  • Route & route table
  • Cloud router
  • Cloud NAT
  • Firewall rules with tags

Cloud SQL

  • Deployment of Cloud SQL
  • Using MySQL to setup a database engine
  • Using Dbeavers/ MySQL workbench to connect Database engine

Cloud Storage:

  • Folder setup
  • Upload file & folder
  • File lock
  • Change storage classes

Google Compute Engine (GCE):

  • Windows machine deployment
  • Linux machine deployment
  • SSH & RDP access
  • Image & Backup
  • Cloud shell SSH access
  • Firewall tagging

Global Load Balancer:

  • HTTP & HTTPS load balancer
  • Frontend & Backend services
  • Link with scaling services
  • Global anycast IP
  • Application deployment using scaling & load balancing

AutoScaling:

  • Setup launch template
  • Configure & deployment of managed instance group
  • Link with global load balancer