AZ-103 Study Guide – Part 4 – Configure and manage virtual networks

This is part 4 of 5, in which I cover all objectives / skills measured in AZ-103 exam.
Part 1 can be found here:
AZ-103 Study Guide – Part 1 – Manage Azure subscriptions and resources
Part 2 can be found here:
AZ-103 Study Guide – Part 2 – Implement and manage storage
Part 3 can be found here:
AZ-103 Study Guide – Part 3 – Deploy and manage virtual machines (VMs)

Part 4 covers all objectives that are described in “Configure and manage virtual networks”.
30-35% of the exam questions are based on these subjects.

Azure Administrator AZ-103 skills measured Configure and manage virtual networks

Configure and manage virtual networks (30-35%)

Create connectivity between virtual networks

create and configure VNET peering:
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-manage-peering

create and configure VNET to VNET:
https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal

verify virtual network connectivity:
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-peering-overview#troubleshoot
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-connectivity-portal

create virtual network gateway:
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-site-to-site-resource-manager-portal

Implement and manage virtual networking

configure private and public IP addresses, network routes, network interface, subnets, and virtual network:

https://docs.microsoft.com/en-us/azure/virtual-network/quick-create-portal

Configure name resolution

configure Azure DNS:

https://docs.microsoft.com/en-us/azure/dns/dns-getstarted-portal

configure custom DNS settings:
https://docs.microsoft.com/en-us/azure/dns/dns-custom-domain

configure private and public DNS zones:
https://docs.microsoft.com/en-us/azure/dns/dns-operations-dnszones-portal

Create and configure a Network Security Group (NSG)

create security rules:
https://docs.microsoft.com/en-us/azure/virtual-network/manage-network-security-group

associate NSG to a subnet or network interface

identify required ports:
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-nsg-flow-logging-portal

evaluate effective security rules:
https://docs.microsoft.com/en-us/azure/virtual-network/diagnose-network-traffic-filter-problem

Implement Azure load balancer

configure internal load balancer, configure load balancing rules, configure public load balancer, troubleshoot load balancing

configure internal load balancer:
https://docs.microsoft.com/en-us/azure/load-balancer/tutorial-load-balancer-basic-internal-portal

configure load balancing rules:
https://docs.microsoft.com/en-us/azure/load-balancer/quickstart-create-basic-load-balancer-portal#create-a-load-balancer-rule

configure public load balancer:
https://docs.microsoft.com/en-us/azure/load-balancer/quickstart-create-basic-load-balancer-portal

troubleshoot load balancing:
https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-troubleshoot

Monitor and troubleshoot virtual networking

monitor on-premises connectivity, use Network resource monitoring, use Network Watcher, troubleshoot external networking, troubleshoot virtual network connectivity

monitor on-premises connectivity:
https://docs.microsoft.com/en-us/azure/azure-monitor/overview

use Network resource monitoring:
No direct Microsoft docs found

use Network Watcher:
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-monitoring-overview

troubleshoot external networking:
No direct Microsoft docs found, but try to be familiar with Express Route and VPN troubleshooting, like:
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-troubleshoot-site-to-site-cannot-connect

troubleshoot virtual network connectivity:
See Network Watcher. Like:
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-connectivity-portal

Integrate on premises network with Azure virtual network

create and configure Azure VPN Gateway, create and configure site to site VPN, configure Express Route, verify on premises connectivity, troubleshoot on premises connectivity with Azure

create and configure Azure VPN Gateway:
https://docs.microsoft.com/en-us/azure/vpn-gateway/create-routebased-vpn-gateway-portal

create and configure site to site VPN:
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-site-to-site-resource-manager-portal

configure Express Route:
https://docs.microsoft.com/en-us/azure/expressroute/expressroute-howto-circuit-portal-resource-manager

verify on premises connectivity:
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-verify-connection-resource-manager

troubleshoot on premises connectivity with Azure:
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-troubleshoot-site-to-site-cannot-connect

Continue to part 5
AZ-103 Study Guide – Part 5 – Manage identities