𝔖 Scriptorium
✦   LIBER   ✦
📁

MCA Microsoft Certified Associate Azure Network Engineer Study Guide: Exam AZ-700

✍ Scribed by Puthiyavan Udayakumar, Kathiravan Udayakumar

Publisher
Sybex
Year
2022
Tongue
English
Leaves
766
Edition
1
Category
Library
⬇  Acquire This Volume

No coin nor oath required. For personal study only.

✦ Synopsis

Prepare to take the NEW Exam AZ-700 with confidence and launch your career as an Azure Network Engineer

Not only does MCA Microsoft Certified Associate Azure Network Engineer Study Guide: Exam AZ-700 help you prepare for your certification exam, it takes a deep dive into the role and responsibilities of an Azure Network Engineer, so you can learn what to expect in your new career. You’ll also have access to additional online study tools, including hundreds of bonus practice exam questions, electronic flashcards, and a searchable glossary of important terms. Prepare smarter with Sybex's superior interactive online learning environment and test bank.

Exam AZ-700, Designing and Implementing Microsoft Azure Networking Solutions, measures your ability to design, implement, manage, secure, and monitor technical tasks such as hybrid networking; core networking infrastructure; routing; networks; and private access to Azure services. With this in-demand certification, you can qualify for jobs as an Azure Network Engineer, where you will work with solution architects, cloud administrators, security engineers, application developers, and DevOps engineers to deliver Azure solutions. This study guide covers 100% of the objectives and all key concepts, including:

  • Design, Implement, and Manage Hybrid Networking
  • Design and Implement Core Networking Infrastructure
  • Design and Implement Routing
  • Secure and Monitor Networks
  • Design and Implement Private Access to Azure Services

If you’re ready to become the go-to person for recommending, planning, and implementing Azure networking solutions, you’ll need certification with Exam AZ-700. This is your one-stop study guide to feel confident and prepared on test day. Trust the proven Sybex self-study approach to validate your skills and to help you achieve your career goals!

✦ Table of Contents

Cover
Title Page
Copyright Page
Acknowledgments
About the Authors
Contents at a Glance
Contents
Table of Exercises
Introduction
What Is Azure?
About the AZ-700 Certification Exam
Why Become a Certified Microsoft Azure Network Engineer Associate?
Preparing to Become a Certified Microsoft Azure Network Engineer Associate
How to Become a Microsoft Certified Azure Network Engineer
Who Should Buy This Book
How This Book Is Organized
Chapter Features
Interactive Online Learning Environment and Test Bank
Interactive Online Learning Environment and Test Bank
Conventions Used in This Book
Sidebars
Exercises
Using This Book
Technology Requirements
AZ-700 EXAM OBJECTIVES
Skill Measured: Design, Implement, and Manage Hybrid Networking
Skill Measured: Design and Implement Core Networking Infrastructure
Skill Measured: Design and Implement Routing
Skill Measured: Secure and Monitor Networks
Skill Measured: Design and Implement Private Access to Azure Services
How to Contact the Publisher
Assessment Test
Answers to Assessment Test
Chapter 1 Getting Started with AZ-700 Certification for Azure Networking
Basics of Cloud Computing and Networking
The Need for Networking Infrastructure
The Need for the Cloud
Basics of Networking
Enterprise Cloud Networking
Microsoft Azure Overview
Azure Cloud Foundation
Azure Global Infrastructure
Azure Networking Terminology
Azure Networking Overview
Azure Networking Services
Azure Virtual Network
VNet Concepts and Best Practices
Deploying a Virtual Network with Azure PowerShell
Configure Public IP Services
Basic SKUs
Standard SKUs
Configure a Basic SKU Public IP
Configure a Standard SKU Public IP with Zones
Configuring Domain Name Services
Configure an Azure DNS Zone and Record Using Azure PowerShell
Configuring Cross-Virtual Network Connectivity with Peering
Configuring Peering between Two Virtual Networks in the Same Region
Configuring Virtual Network Traffic Routing
Using Forced Tunneling to Secure the VNet Route
Configuring Internet Access with Azure Virtual NAT
Deploy the NAT Gateway Using Azure PowerShell
Summary
Exam Essentials
Hands-On Lab: Design and Deploy a Virtual Network via the Azure Portal
Activity 1: Prepare the Network Schema
Activity 2: Build the Aviation Resource Group
Activity 3a: Build the CoreInfraVnet Virtual Network and Subnets
Activity 3b: Build the EngineeringVnet Virtual Network and Subnets
Activity 3c: Build the BranchofficeVnet Virtual Network and Subnets
Activity 4: Validate the Build of VNets and Subnets
Review Questions
Chapter 2 Design, Deploy, and Manage a Site-to-Site VPN Connection and Point-to-Site VPN Connection
Overview of Azure VPN Gateway
Designing an Azure VPN Connection
Design Pattern 1
Design Pattern 2
Design Pattern 3
Choosing a Virtual Network Gateway SKU for Site-to-Site VPN
Using Policy-Based VPNs vs. Route-Based VPNs
Building and Configuring a Virtual Network Gateway
Building and Configuring a Local Network Gateway
Building and Configuring an IPsec/IKE Policy
Configuration Workflow
Diagnosing and Resolving VPN Gateway Connectivity Issues
Choosing a VNet Gateway SKU for Point-to-Site VPNs
Configuring RADIUS, Certificate-Based, and Azure AD Authentication
Configuration Workflow for Native Azure Certification Authentication
Configuration Workflow for Native Azure Active Directory
Configuration Workflow for Windows Active Directory
Diagnosing and Resolving Client-Side and Authentication Issues
Summary
Exam Essentials
Review Questions
Chapter 3 Design, Deploy, and Manage Azure ExpressRoute
Getting Started with Azure ExpressRoute
Key Use Case for ExpressRoute
ExpressRoute Deployment Model
Choosing Between the Network Service Provider and ExpressRoute Direct
Designing and Deploying Azure Cross-Region Connectivity between Multiple ExpressRoute Locations
Selecting ExpressRoute Circuit SKUs
Estimating Price Based on ExpressRoute SKU
Select a Peering Location
Select the Proper ExpressRoute Circuit
Select a Billing Model
Select a High Availability Design
Pick a Business Continuity and Disaster Recovery Design Pattern
Choosing an Appropriate ExpressRoute SKU and Tier
Designing and Deploying ExpressRoute Global Reach
Deploying ExpressRoute Global Reach
Use Case 1: Enabling Circuits in the Same Region
Use Case 2: Enabling Circuits in Different Regions
Designing and Deploying ExpressRoute FastPath
Evaluate Private Peering Only, Microsoft Peering Only, or Both
Setting Up Private Peering
Setting Up Microsoft Peering
Building and Configuring an ExpressRoute Gateway
Connect a Virtual Network to an ExpressRoute Circuit
Recommend a Route Advertisement Configuration
Configure Encryption over ExpressRoute
Deploy Bidirectional Forwarding Detection
Diagnose and Resolve ExpressRoute Connection Issues
Summary
Exam Essentials
Review Questions
Chapter 4 Design and Deploy Core Networking Infrastructure: Private IP and DNS
Designing Private IP Addressing for VNets
Deploying a VNet
Preparing Subnetting for Services
Subnetting Design Considerations
Example Case Study: Preparing Subnetting for Services
Configuring Subnetting for Services
Preparing and Configuring a Subnet Delegation
Configure Subnet Delegation
Planning and Configuring Subnetting for Azure Route Server
Designing and Configuring Public DNS Zones
Creating an Azure DNS Zone and Record Using PowerShell
Designing and Configuring Private DNS Zones
Creating a Private DNS Zone and Record Using PowerShell
Designing Name Resolution Inside a VNet
VMs and Role Instances
Web Apps
Linking a Private DNS Zone to a VNet
Summary
Exam Essentials
Review Questions
Chapter 5 Design and Deploy Core Networking Infrastructure and Virtual WANs
Overview of Virtual Network Peering, Service Chaining, and Gateway Transit
Configure VPN Gateway Transit for Virtual Network Peering
Design VPN Connectivity between VNets
Deploy VNet Peering
Deployment Model 1: Running in the Same Azure Subscription and Deployed Using Azure Resource Manager
Deployment Model 2: Running in Different Subscriptions and Deploying Using Resource Manager
Deployment Model 3: Running in the Same Subscription and Deploying One VNet Using Resource Manager and Another Using the Classic Model
Deployment Model 4: Running in Different Subscriptions and Deploying One VNet Using Resource Manager and Another Using the Classic Model
Design an Azure Virtual WAN Architecture
Choosing SKUs and Services for Virtual WANs
Connect a VNet Gateway to an Azure Virtual WAN and Build a Hub in a Virtual WAN
Build a Virtual Network Appliance (NVA) in a Virtual Hub
Set Up Virtual Hub Routing
Build a Connection Unit
Summary
Exam Essentials
Review Questions
Chapter 6 Design and Deploy VNet Routing and Azure Load Balancer
Design and Deploy User-Defined Routes
Basic Routing Concepts
Azure Routes
Associate a Route Table with a Subnet
Set Up Forced Tunneling
Diagnose and Resolve Routing Issues
Design and Deploy Azure Route Server
Route Server Design Pattern 1
Route Server Design Pattern 2
Choosing an Azure Load Balancer SKU
Choosing Between Public and Internal Load Balancers
Build and Configure an Azure Load Balancer (Including Cross-Region)
What is Azure Bastion?
Build and Configure Cross-Region Load Balancer Resources
Deploy a Load Balancing Rule
Build and Configure Inbound NAT Rules
Build Explicit Outbound Rules for a Load Balancer
Summary
Exam Essentials
Review Questions
Chapter 7 Design and Deploy Azure application gateway, Azure front door, and Virtual NAT
Azure Application Gateway Overview
How Application Gateway Works
Scaling Options for Application Gateway and WAF
Overview of Application Gateway Deployment
Front-End Setup
Back-End Setup
Health Probes Setup
Configuring Listeners
Redirection Overview
Application Gateway Request Routing Rules
Redirection Setting
Application Gateway Rewrite Policies
Features and Capabilities of Azure Front Door SKUs
Health Probe Characteristics and Operation
Secure Front Door with SSL
Front Door for Web Applications with a High-Availability Design Pattern
SSL Termination and End-to-End SSL Encryption
Multisite Listeners
Back-Ends, Back-End Pools, Back-End Host Headers, and Back-End Health Probes
Routing and Routing Rules
URL Redirection and URL Rewriting in Front Door Standard and Premium
Design and Deploy Traffic Manager Profiles
How Traffic Manager Works
Traffic Manager Routing Methods
Priority-Based Traffic Routing
Weighted-Based Traffic Routing
Performance-Based Traffic Routing
Geographic-Based Traffic Routing
Multivalue-Based Traffic Routing
Subnet-Based Traffic Routing
Building a Traffic Manager Profile
Virtual Network NAT
Using a Virtual Network NAT
Allocate Public IP or Public IP Prefixes for a NAT Gateway
Associate a Virtual Network NAT with a Subnet
Summary
Exam Essentials
Review Questions
Chapter 8 Design, Deploy, and Manage Azure Firewall and Network Security Groups
Azure Firewall and Firewall Manager Features
How Azure Firewall Manager Works
How Azure Firewall and Firewall Manager Protect VNets
Build and Configure an Azure Firewall Deployment
Azure Firewall Policy
Build and Configure a Secure Hub within an Azure Virtual WAN Hub
Build and Configure a Secure Hub within an Azure Virtual WAN Hub Using Azure PowerShell
Integrate an Azure Virtual WAN Hub with a Third-Party Network Virtual Appliance
High-Level Use Case for Network Virtual Appliances
Create and Attach a Network Security Group to a Resource
Key Considerations for IP Subnet Planning for NSGs
Create an Application Security Group and Attach It to a NIC
Key Consideration for ASGs
Create and Configure NSG Rules and Read Network Security Group Flow Logs
Validate NSG Flow Rules
Verify IP Flow
Summary
Exam Essentials
Review Questions
Chapter 9 Design and Deploy Azure Web Application Firewall and Monitor Networks
Azure Web Application Firewall Functions and Features
WAF on Application Gateway
WAF on Front Door
WAF on Azure CDN from Microsoft
Set Up Detection or Prevention Mode
Azure Front Door WAF Policy Rule Sets
Managed Rule Sets
Custom Rule Sets
WAF Policies
Application Gateway WAF Policy Rule Sets
Per-Site WAF Policy
Per-URI Policy
Managed Rules
WAF Policies
Custom Rules
Deploy and Attach WAF Policies
Set Up Network Health Alerts and Logging Using Azure Monitor
Build and Configure Azure Network Watcher
Build and Configure a Connection Monitor Instance
Build, Configure, and Use Traffic Analytics
Build and Configure NSG Flow Logs
Enable and Set Up Diagnostic Logging
Enabling Diagnostic Logging
Summary
Exam Essentials
Review Questions
Chapter 10 Design and Deploy Private Access to Azure Services
Overview of Private Link Services and Private Endpoints
Key Benefits of Private Link
How Private Link Integrates into an Azure Virtual Network
How Azure Private Endpoint Works
Plan Private Endpoints
Configure Access to Private Endpoints
Azure Private Link RBAC Permissions
Integrate Private Link with DNS and Private Link Services with On-Premises Clients
Use Case 1: Workloads on Virtual Networks without a Custom DNS Server
Use Case 2: Workloads That Use a DNS Forwarder On-Premises
Use Case 3: Using a DNS Forwarder for Virtual Network Workloads and On-Premises Workloads
Set Up Service Endpoints and Configure Service Endpoint Policies
Overview of Service Tags and Access to Service Endpoints
Configure Access to Service Endpoints
Integrating App Services into Regional VNets
Azure Regional VNet Integration
How Azure Regional VNet Integration Works
Subnet Requirements
Access Management
Route Management
Application Route Management
Configure Azure Kubernetes Service (AKS) for Regional VNet Integration
Configure Clients to Access the App Service Environment
Summary
Exam Essentials
Review Questions
Appendix: Answers to Review Questions
Chapter 1: Getting Started with AZ-700 Certification for Azure Networking
Chapter 2: Design, Deploy, and Manage a Site-to-Site VPN Connection and Point-to-Site VPN Connection
Chapter 3: Design, Deploy, and Manage Azure ExpressRoute
Chapter 4: Design and Deploy Core Networking Infrastructure: Private IP and DNS
Chapter 5: Design and Deploy Core Networking Infrastructure and Virtual WANs
Chapter 6: Design and Deploy VNet Routing and Azure Load Balancer
Chapter 7: Design and Deploy Azure application gateway, Azure front door, and Virtual NAT
Chapter 8: Design, Deploy, and Manage Azure Firewall and Network Security Groups
Chapter 9: Design and Deploy Azure Web Application Firewall and Monitor Networks
Chapter 10: Design and Deploy Private Access to Azure Services
Index
EULA

📜 SIMILAR VOLUMES

MCA Microsoft Certified Associate Azure
📁 MCA Microsoft Certified Associate Azure Security Engineer Study Guide: Exam AZ-500
✍ Shimon Brathwaite 📂 Library 📅 2022 🏛 Sybex 🌐 English

<p><span>Prepare for the MCA Azure Security Engineer certification exam faster and smarter with help from Sybex</span></p><p><span>In the </span><span>MCA Microsoft Certified Associate Azure Security Engineer Study Guide: Exam AZ-500</span><span>, cybersecurity veteran Shimon Brathwaite walks you th

MCA Microsoft Certified Associate Azure
📁 MCA Microsoft Certified Associate Azure Security Engineer Study Guide: Exam AZ-500
✍ Shimon Brathwaite 📂 Library 📅 2022 🏛 John Wiley & Sons 🌐 English

Prepare for the MCA Azure Security Engineer certification exam faster and smarter with help from Sybex In the MCA Microsoft Certified Associate Azure Security Engineer Study Guide: Exam AZ-500, cybersecurity veteran Shimon Brathwaite walks you through every step you need to take to prepare for the M

MCA Microsoft Certified Associate Azure
📁 MCA Microsoft Certified Associate Azure Administrator Study Guide: Exam AZ-104
✍ Rithin Skaria 📂 Library 📅 2022 🏛 Sybex 🌐 English

<p><span>Learn what it takes to be an Azure Administrator and efficiently prepare for Exam AZ-104</span><span> with this authoritative resource</span><span> </span></p><p><span>MCA Microsoft 365 Azure Administrator Study Guide</span><span>: Exam AZ-104</span><span> prepares readers to take the AZ-10

MCA Microsoft Certified Associate Azure
📁 MCA Microsoft Certified Associate Azure Data Engineer Study Guide: Exam DP-203
✍ Benjamin Perkins 📂 Library 📅 2023 🏛 Sybex 🌐 English

<p><span>Prepare for the Azure Data Engineering certification―and an exciting new career in analytics―with this must-have study aide</span></p><p><span>In the </span><span>MCA Microsoft Certified Associate Azure Data Engineer Study Guide: Exam DP-203</span><span>, accomplished data engineer and tech

MCA Microsoft Certified Associate Azure
📁 MCA Microsoft Certified Associate Azure Data Engineer Study Guide: Exam DP-203 [Team-IRA]
✍ Benjamin Perkins 📂 Library 📅 2023 🏛 Sybex 🌐 English

<p><span>Prepare for the Azure Data Engineering certification―and an exciting new career in analytics―with this must-have study aide</span></p><p><span>In the </span><span>MCA Microsoft Certified Associate Azure Data Engineer Study Guide: Exam DP-203</span><span>, accomplished data engineer and tech

Microsoft Certified Azure Fundamentals S
📁 Microsoft Certified Azure Fundamentals Study Guide: Exam AZ-900
✍ James Boyce 📂 Library 📅 2021 🏛 Sybex 🌐 English

Quickly preps technical and non-technical readers to pass the Microsoft AZ-900 certification exam Microsoft Certified Azure Fundamentals Study Guide: Exam AZ-900 is your complete resource for preparing for the AZ-900 exam. Microsoft Azure is a major component of Microsoft’s cloud computing model,