The AZ-101 Microsoft Azure Integration and Security certification exam tests and validates your expertise managing and securing cloud services that span storage, security, networking, and compute capabilities within the Microsoft Azure cloud. This is the second in a set of exams that make up the new Azure Administrator certification track.

As of July 16, 2018, this exam is available as “Beta”, with an expected full release to come around the Microsoft Ignite 2018 conference in September 2018.

Certification Target Audience

The AZ-101 Microsoft Azure Integration and Security certification exam is geared towards Azure Security Administrators who manage and secure cloud services that span storage, security, networking, and compute capabilities within the Microsoft Azure cloud. Exam candidates should have a deep understanding of each service across the full IT lifecyle, and take requests for infrastructure services, applications, and environments. They also make recommendations on services to use for optimal performance and scale, as well as provision, size, monitor, and adjust resources as appropriate.

Skills Measured

Here’s a very high level list of the skills and objectives measured on this AZ-100 Microsoft Azure Infrastructure and Deployment certification exam. The percentages next to each objective area represents the number of questions on the exam in that objective area.

Evaluate and perform server migration to Azure (15-20%)

  • Evaluate migration scenarios by using Azure Migrate
    • May include but not limited to: Discover and assess environment; identify workloads that can and cannot be deployed; identify ports to open; identify changes to network; identify if target environment is supported; setup domain accounts and credentials
  • Migrate servers to Azure
    • May include but not limited to: Migrate by using Azure Site Recovery (ASR); migrate using P2V; configure storage; create a backup vault; prepare source and target environments; backup and restore data; deploy Azure Site Recovery (ASR) agent; prepare virtual network

Implement and manage application services (20-25%)

  • Configure serverless computing
    • May include but not limited to: Create and manage objects; manage a Logic App resource; manage Azure Function app settings; manage Event Grid; manage Service Bus
  • Manage App Service plans
    • May include but not limited to: Configure application for scaling; enable monitoring and diagnostics; configure App Service plans
  • Manage App services
    • May include but not limited to: Assign SSL certificates; configure application settings; configure deployment slots; configure Azure content delivery network (CDN) integration; manage App Service protection; manage roles for an App service; create and manage App Service environment

Implement advanced virtual networking (30-35%)

  • Implement application load balancing
    • May include but not limited to: Configure application gateway and load balancing rules; implement front end IP configurations; manage application load balancing
  • Implement Azure load balancer
    • May include but not limited to: Configure internal load balancer, load balancing rules, and public load balancer; manage Azure load balancing
  • Monitor and manage networking
    • May include but not limited to: Monitor on-premises connectivity; use network resource monitoring and Network Watcher; manage external networking and virtual network connectivity
  • Integrate on premises network with Azure virtual network
    • May include but not limited to: Create and configure Azure VPN Gateway; create and configure site to site VPN; configure Express Route; verify on premises connectivity; manage on-premise connectivity with Azure

Secure identities (25-30%)

  • Implement Multi-Factor Authentication (MFA)
    • May include but not limited to: Enable MFA for an Azure tenant; configure user accounts for MFA; configure fraud alerts; configure bypass options; configure trusted IPs; configure verification methods; manage role-based access control (RBAC); implement RBAC policies; assign RBAC Roles; create a custom role; configure access to Azure resources by assigning roles; configure management access to Azure
  • Manage role-based access control (RBAC)
    • May include but not limited to: Create a custom role; configure access to Azure resources by assigning roles; configure management access to Azure; troubleshoot RBAC; implement RBAC policies; assign RBAC roles
  • Implement Azure Active Director (AD) Privileged Identity Management (PIM)
    • May include but not limited to: Activate a PIM role; configure just-in-time access, permanent access, PIM management access, and time-bound access; create a Delegated Approver account; enable PIM; process pending approval requests

To view the most up-to-date list of these exam objectives, please reference the official AZ-101 exam page.

Happy Studying!

GET MORE STUFF LIKE THIS

Subscribe to the Build Azure Weekly newsletter to receive similar updates about Microsoft Azure and related topics!


We respect your privacy and take protecting it seriously. We do not sell our email list, and you can unsubscribe at any time.

Posted by Chris Pietschmann

Chris is a Microsoft MVP and has nearly 20 years of experience building enterprise systems both in the cloud and on-premises. He is also a Certified Microsoft Azure Solutions Architect (both MCSD and MCSE), a Microsoft Certified Trainer, and self proclaimed Cloud Advocate. He has a passion for technology and sharing what he learns with others to help enable them to learn faster and be more productive.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.