Mark Grimes | Microsoft Consulting Services

Senior Azure IaaS Consultant

 About Mark

Beautiful Wife, 3 kids and a very white fluffy dog

Just over 6 years @ Microsoft

About 5 years with Sogeti/Capgemini

aka.ms/MarkGrimes
aka.ms/Azure/Shortcuts =aka.ms/Azure/…..
aka.ms/Azure/IaaSOpsGuide
@markbgrimes
Certification Overview

Mark Grimes | Microsoft Consulting Services

Senior Azure IaaS Consultant
Roadmap – Azure Certification

aka.ms/mcsecloud

aka.ms/azure/mcsd
 How to prepare and take the Exam

Almost everything written that you need can be found at azure.microsoft.com

Caveat Emptor! Anything not in the exam 70-533 exam objectives, future “previews”, or really old (ASM)
Get a Free trial account.
Microsoft Virtual Academy (MVA)
USE THIS DECK and the links plus the Ignite Decks

Select all of the questions for a particular topic, then click END.
Review all the answers right and wrong

Have a mental cheat sheet

Right before you start – DUMP IT on the paper they give you for notes
aka.ms/70-534
Module 1
Design Azure
Resource Manager (ARM) Networking

Mark Grimes | Microsoft Consulting Services

Senior Azure IaaS Consultant
aka.ms/70-534
 Only TCP or UDP

168.63.129.16
Port 1688

Read more!
 UDR

aka.ms/Azure/UDR
aka.ms/Azure/DMZ
aka.ms/Azure/ALB
 WAF Protects

• from vulnerabilities and attacks

w/o modification to backend code
• multiple web applications at the
WAF same time
• supports hosting up to 20 websites
behind a single gateway
• monitor using real-time report
generated by application gateway
WAF logs
Certain compliance controls require all
internet facing end points to be
protected by a WAF solution.

aka.ms/Azure/AppGateway
aka.ms/Azure/VPN
 Supported Services

aka.ms/Azure/ExpressRoute
Module 2
Secure Resources

Mark Grimes | Microsoft Consulting Services

Senior Azure IaaS Consultant
aka.ms/70-534
AD On-premises vs Azure AD
 ••••••••••
••••••••••

aka.ms/Azure/B2C
 1. Arvind can choose not to create
account. If not, the invitation
remains unredeemed.
2. b2btest074.onmicrosoft.com is
the tenant domain and
contoso.com is an email verified
domain.
3. Admin can DNS verify the
b2btest074.com domain and
Arvind_btbtest074. com#EXT#@... [email protected] take over this dynamic tenancy.
msonline-setup.com
4. When the tenant is taken over -
the domain changes to DNS
verified.
msonline-setup.com B2btest074.onmicrosoft.com 5. Tenant can choose to keep
(host tenant) (dynamic tenant) existing cloud passwords for the
users or configure On Prem
aka.ms/Azure/B2CB federation if available.
 Azure AD B2B Collaboration Azure AD B2C
What is it for?
IT Pros providing access to their organization’s data and Developers working on Consumer- & citizen-facing
applications to partner organizations and mobile & web apps that reach out to the customer, and
collaborators. citizens directly.

Who is it for?

Partner users that are acting *on behalf of*, i.e. as Consumers and citizens that are acting as themselves.
representatives or employees of their organization.

Manageability
Access reviews, email verification, allowlist/denylist, Self-Serve. Users manage their own profiles.
etc… govern access to host application and resources.

Discoverability
Partner users are discoverable and can see other users Consumers and citizens are invisible to other consumers
from their own organization (subject to policy). and citizens. Privacy and consent are paramount.
Consider this Azure AD Multi- Azure AD B2B Azure AD B2C
Product tenant SaaS app
If I need to provide A service to Partner access to my A service to
businesses apps consumers
And I am similar to Pharm Distribution Imaging company Sports Franchise

Deploying an App for… Practice Supplier extranet Soccer Fans

Management
Targeting… Doctor’s offices Approved Business Anyone with email
Partners
Accessible when Customer admin My admin invites The consumer signs
consents up
Deploy AD FS in Azure Virtual Machines
Read More
PowerBI

SIEM
Azure Log Integration

built-in roles
Policies
aka.ms/Azure/TDE
Module 3
Design Application & Storage Data Access

Mark Grimes | Microsoft Consulting Services

Senior Azure IaaS Consultant
aka.ms/70-534
Azure Storage security guide
Table Storage SQL Database My SQL DocumentDB Blob Storage MongoDB
NoSQL Relational Relational NoSQL Unstructured Data NoSQL
Key/attribute Tables JSON/JavaScript Big Data - logs JSON-like
Schemaless Web/Mobile! Config Data- apps Dynamic schemas
Fast Data Access Fast DB High Performance
Lower $$ versus> Open Source Written in C++

Share Access Signature SAS

same model

aka.ms/azure/storage http://storageexplorer.com/
Disk Encryption
aka.ms/Azure/SSE
Azure Storage security guide
Module 4
Design an Advanced Application

Mark Grimes | Microsoft Consulting Services

Senior Azure IaaS Consultant
aka.ms/70-534
aka.ms/Azure/HPC
aka.ms/Azure/StreamAnalytics

FEATURES OF STREAM ANALYTICS WHEN TO USE

Easy to use, T-SQL w/ Intellisense Real-time stock-trading analysis and alerts
Scalable up to 1 Gbps Real-time fraud detection
Integration with Event & IoT hubs, ML Data and identity protection services
Pay-as-you go = streaming unit usage Embedded sensors and actuators (IoT)
Writes to Azure Storage Blobs or Tables, Web clickstream analytics
Azure SQL DB, Azure Data Lake Stores,
DocumentDB, Event Hubs, Azure Service
Bus Topics or Queues, and Power BI
aka.ms/Azure/Functions

FEATURES OF FUNCTIONS WHEN TO USE

Choice of Language Processing data
Pay-per-use Integrating systems
Integrated Security Working with IoT
Simplified integration Build simple IoT and microservices
Flexible Development and Open-source Tasks: image/order processing, file
maintenance
aka.ms/Azure/API
aka.ms/Azure/ADDS

aka.ms/azure/ADjoin
Module 5
Design Azure Web and Mobile Apps

Mark Grimes | Microsoft Consulting Services

Senior Azure IaaS Consultant
aka.ms/70-534
aka.ms/Azure/WebApps
Free Shared Basic Standard Premium
Dev/ test apps Dev/test with Go live with basic Go live with web, Maximum scale
higher limits apps mobile, logic and enterprise
apps integration
Globally Unique name

See also Data Access

Tables

MobileServiceClient.SyncContext
IMobileServiceSyncTable

Using Offline data sync in Mobile Services

 WNS

see more

Notification Hubs
TAGS
Template feature

See more
Module 6
Design Mgt, Monitoring
& Business Continuity

Mark Grimes | Microsoft Consulting Services

Senior Azure IaaS Consultant
aka.ms/Azure/OMS
aka.ms/azure/AppInsights
Azure Backup
Safeguard your valuable data

Decrease reliance on tape backup to

save money and increase agility

Have confidence in the safety of your

data with Azure’s cutting-edge security,
privacy, and compliance practices

Decrease the management overhead of

backup processes with automation

Reduce the dependence on offsite tape

backup to accelerate recovery time
 Azure Site Recovery
One solution for multiple infrastructures
Replication

Replication Replication
SAN SAN

Microsoft
Hyper-V Hyper-V Hyper-V Hyper-V Hyper-V Azure
Hyper-V to Hyper-V Hyper-V to Hyper-V
1 (on-premises)
2 (on-premises) 3 Hyper-V to Microsoft Azure

Replication Replication

Microsoft
VMware or Physical VMware VMware or Physical Azure
VMware or Physical to VMware or Physical to
4 VMware (on-premises) 5 Microsoft Azure

Protect important applications by coordinating the replication and recovery of private clouds across sites.
Protect your applications to your own second site, a hoster’s site, or even use Microsoft Azure as your disaster recovery site.
aka.ms/Azure/WebApps
Module 7
Architect an Azure Compute Infrastructure

Mark Grimes | Microsoft Consulting Services

Senior Azure IaaS Consultant
 aka.ms/Azure/ARM
aka.ms/Azure/RBAC
ARM World Class Templates Proven Practices
©2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, Office, Azure, System Center, Dynamics and other product names are or may be registered trademarks and/or trademarks in the
U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft
must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after
the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.