| Deploy and manage Active Directory Domain Services (AD DS) in on-premises and cloud environments |
30â35% |
Deploy and manage AD DS domain controllers
- deploy and manage domain controllers on-premises
- deploy and manage domain controllers in Azure
- deploy Read-Only Domain Controllers (RODCs)
- troubleshoot flexible single master operations (FSMO) roles
Configure and manage multi-site, multi-domain, and multi-forest environments
- configure and manage forest and domain trusts
- configure and manage AD DS sites
- configure and manage AD DS replication
Create and manage AD DS security principals
- create and manage AD DS users and groups
- manage users and groups in multi-domain and multi-forest scenarios
- implement group managed service accounts (gMSAs)
- join Windows Servers to AD DS, Azure AD DS, and Azure AD
Implement and manage hybrid identities
- implement Azure AD Connect
- manage Azure AD Connect Synchronization
- implement Azure AD Connect cloud sync
- integrate Azure AD, AD DS, and Azure AD DS
- manage Azure AD DS
- manage Azure AD Connect Health
- manage authentication in on-premises and hybrid environments
- configure and manage AD DS passwords
Manage Windows Server by using domain-based Group Policies
- implement Group Policy in AD DS
- implement Group Policy Preferences in AD DS
- implement Group Policy in Azure AD DS
|
| Manage Windows Servers and workloads in a hybrid environment |
10â15% |
Manage Windows Servers in a hybrid environment
- deploy a Windows Admin Center gateway server
- configure a target machine for Windows Admin Center
- configure PowerShell Remoting
- configure CredSSP or Kerberos delegation for second hop remoting
- configure JEA for PowerShell Remoting
Manage Windows Servers and workloads by using Azure services
- manage Windows Servers by using Azure Arc
- assign Azure Policy Guest Configuration
- deploy Azure services using Azure Virtual Machine extensions on non-Azure machines
- manage updates for Windows machines
- integrate Windows Servers with Log Analytics
- integrate Windows Servers with Azure Security Center
- manage IaaS virtual machines (VMs) in Azure that run Windows Server
- implement Azure Automation for hybrid workloads
- create runbooks to automate tasks on target VMs
- implement DSC to prevent configuration drift in IaaS machines
|
| Manage virtual machines and containers |
15â20% |
Manage Hyper-V and guest virtual machines
- enable VM enhanced session mode
- manage VM using PowerShell Remoting, PowerShell Direct, and HVC.exe
- configure nested virtualization
- configure VM memory
- configure Integration Services
- configure Discrete Device Assignment
- configure VM Resource Groups
- configure VM CPU Groups
- configure hypervisor scheduling types
- manage VM Checkpoints
- implement high availability for virtual machines
- manage VHD and VHDX files
- configure Hyper-V network adapter
- configure NIC teaming
- configure Hyper-V switch
Create and manage containers
- create Windows Server container images
- manage Windows Server container images
- configure Container networking
- manage container instances
Manage Azure Virtual Machines that run Windows Server
- manage data disks
- resize Azure Virtual Machines
- configure continuous delivery for Azure Virtual Machines
- configure connections to VMs
- manage Azure Virtual Machines network configuration
|
| Implement and manage an on-premises and hybrid networking infrastructure |
15â20% |
Implement on-premises and hybrid name resolution
- integrate DNS with AD DS
- create and manage zones and records
- configure DNS forwarding/conditional forwarding
- integrate Windows Server DNS with Azure DNS private zones
- implement DNSSEC
Manage IP addressing in on-premises and hybrid scenarios
- implement and manage IPAM
- implement and configure the DHCP server role (on-premises only)
- resolve IP address issues in hybrid environments
- create and manage scopes
- create and manage IP reservations
- implement DHCP high availability
Implement on-premises and hybrid network connectivity
- implement and manage the Remote Access role
- implement and manage Azure Network Adapter
- implement and manage Azure Extended Network
- implement and manage Network Policy Server role
- implement Web Application Proxy
- implement Azure Relay
- implement site-to-site virtual private network (VPN)
- implement Azure Virtual WAN
- implement Azure AD Application Proxy
|
