Overview
This four-day AZ-801T00: Configuring Windows Server Hybrid Advanced Services instructor-led course is designed for IT professionals who configure advanced Windows Server services using on-premises, hybrid, and cloud technologies. These professionals manage and support an infrastructure that includes on-premises and Azure IaaS-hosted Windows Server-based workloads. The course teaches IT professionals how to leverage the hybrid capabilities of Azure, how to migrate virtual and physical server workloads to Azure IaaS, and how to manage and secure Azure VMs running Windows Server. The course also covers how to perform tasks related to high availability, troubleshooting, and disaster recovery.
The course highlights various administrative tools and technologies including Windows Admin Center, PowerShell, Azure Arc, Azure Automation Update Management, Microsoft Defender for Identity, Azure Security Center, Azure Migrate, and Azure Monitor.
Skills Covered
- Harden the security configuration of the Windows Server operating system environment.
- Enhance hybrid security using Azure Security Center, Azure Sentinel, and Windows Update Management.
- Apply security features to protect critical resources.
- Implement high availability and disaster recovery solutions.
- Implement recovery services in hybrid scenarios.
- Plan and implement hybrid and cloud-only migration, backup, and recovery scenarios.
- Perform upgrades and migration related to AD DS, and storage.
- Manage and monitor hybrid scenarios using WAC, Azure Arc, Azure Automation and Azure Monitor.
- Implement service monitoring and performance monitoring, and apply troubleshooting.
Who Should Attend
This four-day course is intended for Windows Server Hybrid Administrators who have experience working with Windows Server and want to extend the capabilities of their on-premises environments by combining on-premises and hybrid technologies. Windows Server Hybrid Administrators who already implement and manage on-premises core technologies want to secure and protect their environments, migrate virtual and physical workloads to Azure Iaas, enable a highly available, fully redundant environment, and perform monitoring and troubleshooting.
Course Curriculum
Prerequisites
Before attending this course, students must have:
- Experience with managing Windows Server operating system and Windows Server workloads in on-premises scenarios, including AD DS, DNS, DFS, Hyper-V, and File and Storage Services
- Experience with common Windows Server management tools (implied in the first prerequisite).
- Basic knowledge of core Microsoft compute, storage, networking, and virtualization technologies (implied in the first prerequisite).
- Experience and an understanding of core networking technologies such as IP addressing, name resolution, and Dynamic Host Configuration Protocol (DHCP)
- Experience working with and an understanding of Microsoft Hyper-V and basic server virtualization concepts
- An awareness of basic security best practices
- Basic understanding of security-related technologies (firewalls, encryption, multi-factor authentication, SIEM/SOAR).
- Basic knowledge of on-premises resiliency Windows Server-based compute and storage technologies (Failover Clustering, Storage Spaces).
- Basic experience with implementing and managing IaaS services in Microsoft Azure
- Basic knowledge of Azure Active Directory
- Experience working hands-on with Windows client operating systems such as Windows 10 or Windows 11
- Basic experience with Windows PowerShell
An understanding of the following concepts as related to Windows Server technologies:
- High availability and disaster recovery
- Automation
- Monitoring
- Troubleshooting
Download Course Syllabus
Course Modules
This module discusses how to protect an Active Directory environment by securing user accounts to least privilege and placing them in the Protected Users group. The module covers how to limit authentication scope and remediate potentially insecure accounts. The module also describes how to harden the security configuration of a Windows Server operating system environment. In addition, the module discusses the use of Windows Server Update Services to deploy operating system updates to computers on the network. Finally, the module covers how to secure Windows Server DNS to help protect the network name resolution infrastructure.
Lessons
- Secure Windows Sever user accounts
- Hardening Windows Server
- Windows Server Update Management
- Secure Windows Server DNS
Lab : Configuring security in Windows Server
- Configuring Windows Defender Credential Guard
- Locating problematic accounts
- Implementing LAPS
After completing this module, students will be able to:
- Diagnose and remediate potential security vulnerabilities in Windows Server resources.
- Harden the security configuration of the Windows Server operating system environment.
- Deploy operating system updates to computers on a network by using Windows Server Update Services.
- Secure Windows Server DNS to help protect the network name resolution infrastructure.
- Implement DNS policies.
This module describes how to secure on-premises Windows Server resources and Azure IaaS workloads. The module covers how to improve the network security for Windows Server infrastructure as a service (IaaS) virtual machines (VMs) and how to diagnose network security issues with those VMs. In addition, the module introduces Azure Security Center and explains how to onboard Windows Server computers to Security Center. The module also describes how to enable Azure Update Management, deploy updates, review an update assessment, and manage updates for Azure VMs. The modules explains how Adaptive application controls and BitLocker disk encryption are used to protect Windows Server IaaS VMs. Finally, the module explains how to monitor Windows Server Azure IaaS VMs for changes in files and the registry, as well as monitoring modifications made to application software.
Lessons
- Implement Windows Server IaaS VM network security.
- Audit the security of Windows Server IaaS Virtual Machines
- Manage Azure updates
- Create and implement application allowlists with adaptive application control
- Configure BitLocker disk encryption for Windows IaaS Virtual Machines
- Implement change tracking and file integrity monitoring for Windows Server IaaS VMs
Lab : Using Azure Security Center in hybrid scenarios
- Provisioning Azure VMs running Windows Server
- Configuring Azure Security Center
- Onboarding on-premises Windows Server into Azure Security Center
- Verifying the hybrid capabilities of Azure Security Center
- Configuring Windows Server 2019 security in Azure VMs
After completing this module, students will be able to:
- Diagnose network security issues in Windows Server IaaS virtual machines.
- Onboard Windows Server computers to Azure Security Center.
- Deploy and manage updates for Azure VMs by enabling Azure Automation Update Management.
- Implement Adaptive application controls to protect Windows Server IaaS VMs.
- Configure Azure Disk Encryption for Windows IaaS virtual machines (VMs).
- Back up and recover encrypted data.
- Monitor Windows Server Azure IaaS VMs for changes in files and the registry.
This module describes technologies and options to create a highly available Windows Server environment. The module introduces Clustered Shared Volumes for shared storage access across multiple cluster nodes. The module also highlights failover clustering, stretch clusters, and cluster sets for implementing high availability of Windows Server workloads. The module then discusses high availability provisions for Hyper-V and Windows Server VMs, such as network load balancing, live migration, and storage migration. The module also covers high availability options for shares hosted on Windows Server file servers. Finally, the module describes how to implement scaling for virtual machine scale sets and load-balanced VMs, and how to implement Azure Site Recovery.
Lessons
- Introduction to Cluster Shared Volumes.
- Implement Windows Server failover clustering.
- Implement high availability of Windows Server VMs.
- Implement Windows Server File Server high availability.
- Implement scale and high availability with Windows Server VMs.
Lab : Implementing failover clustering
- Configuring iSCSI storage
- Configuring a failover cluster
- Deploying and configuring a highly available file server
- Validating the deployment of the highly available file server
After completing this module, students will be able to:
- Implement highly available storage volumes by using Clustered Share Volumes.
- Implement highly available Windows Server workloads using failover clustering.
- Describe Hyper-V VMs load balancing.
- Implement Hyper-V VMs live migration and Hyper-V VMs storage migration.
- Describe Windows Server File Server high availablity options.
- Implement scaling for virtual machine scale sets and load-balanced VMs.
- Implement Azure Site Recovery.
This module introduces Hyper-V Replica as a business continuity and disaster recovery solution for a virtual environment. The module discusses Hyper-V Replica scenarios and use cases, and prerequisites to use it. The module also discusses how to implement Azure Site Recovery in on-premises scenarios to recover from disasters.
Lessons
- Implement Hyper-V Replica
- Protect your on-premises infrastructure from disasters with Azure Site Recovery
Lab : Implementing Hyper-V Replica and Windows Server Backup
- Implementing Hyper-V Replica
- Implementing backup and restore with Windows Server Backup
After completing this module, students will be able to:
- Describe Hyper-V Replica, pre-requisites for its use, and its high-level architecture and components
- Describe Hyper-V Replica use cases and security considerations.
- Configure Hyper-V Replica settings, health monitoring, and failover options.
- Describe extended replication.
- Replicate, failover, and failback virtual machines and physical servers with Azure Site Recovery.
This module covers tools and technologies for implementing disaster recovery in hybrid scenarios, whereas the previous module focus on BCDR solutions for on-premises scenarios. The module begins with Azure Backup as a service to protect files and folders before highlighting how to implementRecovery Vaults and Azure Backup Policies. The module describes how to recover Windows IaaS virtual machines, perform backup and restore of on-premises workloads, and manage Azure VM backups. The modules also covers how to provide disaster recovery for Azure infrastructure by managing and orchestrating replication, failover, and failback of Azure virtual machines with Azure Site Recovery.
Lessons
- Implement hybrid backup and recovery with Windows Server IaaS
- Protect your Azure infrastructure with Azure Site Recovery
- Protect your virtual machines by using Azure Backup
Lab : Implementing Azure-based recovery services
- Implementing the lab environment
- Creating and configuring an Azure Site Recovery vault
- Implementing Hyper-V VM protection by using Azure Site Recovery vault
- Implementing Azure Backup
After completing this module, students will be able to:
- Recover Windows Server IaaS virtual machines by using Azure Backup.
- Use Azure Backup to help protect the data for on-premises servers and virtualized workloads.
- Implement Recovery Vaults and Azure Backup policies.
- Protect Azure VMs with Azure Site Recovery.
- Run a disaster recovery drill to validate protection.
- Failover and failback Azure virtual machines.
This module discusses approaches to migrating Windows Server workloads running in earlier versions of Windows Server to more current versions. The module covers the necessary strategies needed to move domain controllers to Windows Server 2022 and describes how the Active Directory Migration Tool can consolidate domains within a forest or migrate domains to a new AD DS forest. The module also discusses the use of Storage Migration Service to migrate files and files shares from existing file servers to new servers running Windows Server 2022. Finally, the module covers how to install and use the Windows Server Migration Tools cmdlets to migrate commonly used server roles from earlier versions of Windows Server.
Lessons
- Active Directory Domain Services migration
- Migrate file server workloads using Storage Migration Service
- Migrate Windows Server roles
Lab : Migrating Windows Server workloads to IaaS VMs
- Deploying AD DS domain controllers in Azure
- Migrating file server shares by using Storage Migration Service
After completing this module, students will be able to:
- Compare upgrading an AD DS forest and migrating to a new AD DS forest.
- Describe the Active Directory Migration Tool (ADMT).
- Identify the requirements and considerations for using Storage Migration Service.
- Describe how to migrate a server with storage migration.
- Use the Windows Server Migration Tools to migrate specific Windows Server roles.
This module discusses approaches to migrating workloads running in Windows Server to an infrastructure as a service (IaaS) virtual machine. The module introduces using Azure Migrate to assess and migrate on-premises Windows Server instances to Microsoft Azure. The module also covers how migrate a workload running in Windows Server to an infrastructure as a service (IaaS) virtual machine (VM) and to Windows Server 2022 by using Windows Server migration tools or the Storage Migration Service. Finally, this module describes how to use the Azure Migrate App Containerization tool to containerize and migrate ASP.NET applications to Azure App Service.
Lessons
- Migrate on-premises Windows Server instances to Azure IaaS virtual machines
- Upgrade and migrate Windows Server IaaS virtual machines
- Containerize and migrate ASP.NET applications to Azure App Service
Lab : Migrating on-premises VMs servers to IaaS VMs
- Implementing assessment and discovery of Hyper-V VMs using Azure Migrate
- Implementing migration of Hyper-V workloads using Azure Migrate
After completing this module, students will be able to:
- Plan a migration strategy and choose the appropriate migration tools.
- Perform server assessment and discovery using Azure Migrate.
- Migrate Windows Server workloads to Azure VM workloads using Azure Migrate.
- Explain how to migrate workloads using Windows Server Migration tools.
- Migrate file servers by using the Storage Migration Service.
- Discover and containerize ASP.NET applcations running on Windows.
- Migrate a containerized application to Azure App Service.
This module introduces a range of tools to monitor the operating system and applications on a Windows Server computer as well as describing how to configure a system to optimize efficiency and to troublshoot problems. The module covers how Event Viewer provides a convenient and accessible location for observing events that occur, and how to interpret the data in the event log. The module also covers how to audit and diagnose a Windows Server environment for regulatory compliance, user activity, and troubleshooting. Finally, the module explains how to troubleshoot AD DS service failures or degraded performance, including recovery of deleted objects and the AD DS database, and how to troubleshoot hybrid authentication issues.
Lessons
- Monitor Windows Server performance
- Manage and monitor Windows Server event logs
- Implement Windows Server auditing and diagnostics
- Troubleshoot Active Directory
Lab : Monitoring and troubleshooting Windows Server
- Establishing a performance baseline
- Identifying the source of a performance problem
- Viewing and configuring centralized event logs
After completing this module, students will be able to:
- Explain the fundamentals of server performance tuning.
- Use built-in tools in Windows Server to monitor server performance.
- Use Server Manager and Windows Admin Center to review event logs.
- Implement custom views.
- Configure an event subscription.
- Audit Windows Server events.
- Configure Windows Server to record diagnostic information.
- Recover the AD DS database and objects in AD DS.
- Troubleshoot AD DS replication.
- Troubleshoot hybrid authentication issues.
This module covers using monitoring and troubleshooing tools, processes, and best practices to streamline app performance and availabilty of Windows Server IaaS VMs and hybrid instances. The module describes how to implement Azure Monitor for IaaS VMs in Azure, implement Azure Monitor in on-premises environments, and use dependency maps. The module then explains how to enable diagnostics to get data about a VM, and how to view VM metrics in Azure Metrics Explorer, and how to create a metric alert to monitor VM performance. The module then covers how to monitor VM performance by using Azure Monitor VM Insights. The module then describes various aspects of troubleshooting on premises and hybrid network connectivity, including how to diagnose common issues with DHCP, name resolution, IP configuration, and routing. Finally, the module examines how to troubleshoot configuration issues that impact connectivity to Azure-hosted Windows Server virtual machines (VMs), as well as approaches to resolve issues with VM startup, extensions, performance, storage, and encryption.
Lessons
- Monitor Windows Server IaaS Virtual Machines and hybrid instances
- Monitor the health of your Azure virtual machines by using Azure Metrics Explorer and metric alerts
- Monitor performance of virtual machines by using Azure Monitor VM Insights
- Troubleshoot on-premises and hybrid networking
- Troubleshoot Windows Server Virtual Machines in Azure
Lab : Monitoring and troubleshooting of IaaS VMs running Windows Server
- Enabling Azure Monitor for virtual machines
- Setting up a VM with boot diagnostics
- Setting up a Log Analytics workspace and Azure Monitor VM Insights
After completing this module, students will be able to:
- Implement Azure Monitor for IaaS VMs in Azure and in on-premises environments.
- Implement Azure Monitor for IaaS VMs in Azure and in on-premises environments.
- View VM metrics in Azure Metrics Explorer.
- Use monitoring data to diagnose problems.
- Evaluate Azure Monitor Logs and configure Azure Monitor VM Insights.
- Configure a Log Analytics workspace.
- Troubleshoot on-premises connectivity and hybrid network connectivity.
- Troubleshoot AD DS service failures or degraded performance.
- Recover deleted security objects and the AD DS database.
- Troubleshoot hybrid authentication issues.
Request More Information
Training Options
- ILT: Instructor-Led Training
- VILT: Virtual Instructor-Led Training
Exam & Certification
Microsoft Certified: Windows Server Hybrid Administrator Associate.
This newly-released Microsoft certification validates the skills of administrators working in hybrid environments. Administrators in this role support their teams and organizations using Windows Server—both in the cloud and on-premises—by performing critical tasks, such as elevating security posture starting with the operating system, extending the datacenter to Azure for greater IT efficiency, and taking advantage of a flexible platform to modernize applications. Windows Server hybrid administrators can run new and existing business-critical applications on Azure, on-premises, and at the edge.
To attain this certification, candidates will need to pass this course as well as AZ-800T00: Administering Windows Server Hybrid Core Infrastructure training course.
Training & Certification Guide
Candidates for the Windows Server Hybrid Administrator Associate certification should have subject matter expertise in configuring and managing Windows Server on-premises, hybrid, and infrastructure as a service (IaaS) platform workloads.
Responsibilities for this role include integrating Windows Server environments with Azure services and managing Windows Server in on-premises networks. This role manages and maintains Windows Server IaaS workloads in Azure, in addition to migrating and deploying workloads to Azure.
This role typically collaborates with Azure administrators, enterprise architects, Microsoft 365 administrators, and network engineers.
Candidates for this certification administer core and advanced Windows Server workloads and services using on-premises, hybrid, and cloud technologies. These professionals should have expertise in implementing and managing on-premises and hybrid solutions, such as identity, management, compute, networking, and storage. They are also experts at performing tasks related to security, migration, monitoring, high availability, troubleshooting, and disaster recovery. These professionals use administrative tools and technologies, including Windows Admin Center, PowerShell, Azure Arc, and IaaS virtual machine administration. They also work with Azure Automation Update Management, Microsoft Defender for Identity, Azure Security Center, Azure Migrate, and Azure Monitor.
A candidate for this certification should have extensive experience working with Windows Server operating systems.
Candidates for this exam configure advanced Windows Server services using on-premises, hybrid, and cloud technologies. These professionals should have expertise in implementing and managing on-premises and hybrid solutions, including performing tasks related to security, migration, monitoring, high availability, troubleshooting, and disaster recovery. They use administrative tools and technologies, such as Windows Admin Center, PowerShell, Azure Arc, Azure Automation Update Management, Microsoft Defender for Identity, Azure Security Center, Azure Migrate, and Azure Monitor.
A candidate for this exam should have extensive experience working with Windows Server operating systems.
This exam measures your ability to accomplish the following technical tasks: secure Windows Server on-premises and hybrid infrastructures; implement and manage Windows Server high availability; implement disaster recovery; migrate servers and workloads; and monitor and troubleshoot Windows Server environments.
Skills measured
- Secure Windows Server on-premises and hybrid infrastructures (25-30%)
- Implement and manage Windows Server high availability (10-15%)
- Implement disaster recovery (10-15%)
- Migrate servers and workloads (20-25%)
- Monitor and troubleshoot Windows Server environments (20-25%)
Azure Strategy & Implementation Guide
Get a step-by-step introduction to using Azure for your cloud infrastructure with this Pack e-book. Read the latest edition of the Azure Strategy and Implementation Guide for detailed guidance on how to create a successful cloud adoption strategy with new innovations, capabilities, and security features from Microsoft Azure.
Microsoft Azure SQL Jumpstart Guide
Find out how to get started launching your first Azure SQL database or find ways to make your existing SQL database work harder. Download the Azure SQL Jumpstart Guide for detailed instructions and in-depth insights to help you make your Azure SQL deployment, migration, or enhancement run smoothly.
Low-code Application Development – Microsoft PowerApps and Azure
Build production-ready apps faster with a low-code environment. Quickly stand up your applications with Power Apps and get more time to apply your technical expertise to extending and optimizing those apps in Azure.
Azure Cloud Native Architecture Mapbook
Grow your cloud architecture skills with guidance from Azure Experts. Go beyond developing cloud-native applications to planning and implementing cloud application infrastructure. In this free e-book from Packt Publishing, you’ll find best practices for infrastructure design and patterns for building a complete solution.
Windows Virtual Desktop Security
Find out how to secure your Windows Virtual Desktop environment when migrating your virtual desktop infrastructure (VDI) to Azure. Read this security handbook to get technical hands-on guidance on how to help protect your apps and data in your Windows Virtual Desktop deployment.
Discover how to get more value from your on premises Windows Server and SQL Server investments and move some or all of your workloads to the cloud using your existing skills. See how to start using the cloud to support new ways of doing business and help ensure business continuity even if you need to keep some of your IT assets on-premises due to regulatory or data governance requirements.
Discover how to build highly scalable applications using containers and how to deploy and manage those containers at scale with Kubernetes on Azure. Read the completely reviewed and updated Packet e-book, Hands-On Kubernetes on Azure, Third Edition and discover what’s new, including security enhancements, continuous integration and continuous delivery (CI/CD) automation, and the latest supported technologies. Gain insight into building reliable applications in the new foreword by Kubernetes co-founder Brendan Burns.
Azure Synapse Analytics Proof of Concept Playbook
Learn how to perform a proof of concept efficiently and economically with Azure Synapse Analytics. Read the Azure Synapse Analytics Proof of Concept Playbook to understand the key concepts involved in deploying data warehousing, data lake, and big data workloads with Azure Synapse and get the evidence you need to make the case for implementation at your organization.
Spend less time managing server infrastructure and more time building great apps. Get your solutions to market faster using Azure Functions, a fully managed compute platform for processing data, integrating systems, and building simple APIs and microservices. The Azure Serverless Computing Cookbook will, through the development of basic back-end wep API that performs simple operations, helps you understand how to persist data in Azure Storage services.
Frequently Asked Questions
Earning a Microsoft Certification is globally recognized and industry-endorsed evidence of mastering real world skills. It shows you demonstrate proficiency in keeping pace with technology. It’s a career move that yields many positive results.
Getting a Microsoft Certification is also a great way to break into the tech industry. A Microsoft Certification immediately confers a level of authority and expertise, especially helpful for someone new to the industry.
The number of questions on a certification exam is subject to change as Microsoft make updates to ensure it aligns with current changes in the technology and job role. Most Microsoft Certification exams typically contain between 40-60 questions; and around 60-140 minutes.
Starting June 30 2021, all newly earned role-based and specialty certifications will be valid for one year from the date the certification was earned.
To stay up to date, IT pros are constantly learning and adding skills. The IDC study concluded that Microsoft Learning Partners such as Trainocate Malaysia which was recently awarded the Microsoft Learning Partner 2021 are well positioned to help organizations achieve their business and learning goals. The IT leaders who were surveyed found the most value from a Learning Partner that provides:
- An end-to-end solution which starts with identifying skill gaps, simplifies the learning experience, and finishes by evaluating how well the Learning Partner met the organization goals.
- Scale, flexibility, and speed to train teams of any size, in any location, amid changing circumstances.
- Value-added services, such as hands-on labs, classroom training, and custom content that help the skills development program succeed.
- High-quality content and delivery, meaning accurate, relevant courseware, top-notch instructors, and a path to certification, if needed.
AZ-104T00: Microsoft Azure Administrator
This course teaches IT Professionals how to manage their Azure subscriptions, secure identities, administer the infrastructure, configure virtual networking, connect Azure and on-premises sites, manage network traffic, implement storage solutions, create and scale virtual machines, implement web apps and containers, back up and share data, and monitor your solution.
AZ-204T00: Developing Solutions for Microsoft Azure
This course teaches developers how to create end-to-end solutions in Microsoft Azure. Students will learn how to implement Azure compute solutions, create Azure Functions, implement and manage web apps, develop solutions utilizing Azure storage, implement authentication and authorization, and secure their solutions by using KeyVault and Managed Identities.
AZ-400T00: Designing and Implementing Microsoft DevOps Solutions
This course provides the knowledge and skills to design and implement DevOps processes and practices. Students will learn how to plan for DevOps, use source control, scale Git for an enterprise, consolidate artifacts, design a dependency management strategy, manage secrets, implement continuous integration, implement a container build strategy, design a release strategy, set up a release management workflow, implement a deployment pattern, and optimize feedback mechanisms.
AZ-500T00: Microsoft Azure Security Technologies
The AZ-500T00 training enables you to secure end-to-end infrastructure on both cloud and hybrid environments and validate technical expertise with the Azure Security Engineer Associate certification.
AZ-700T00: Designing and Implementing Microsoft Azure Networking Solutions
This course teaches Network Engineers how to design, implement, and maintain Azure networking solutions. This course covers the process of designing, implementing, and managing core Azure networking infrastructure, Hybrid Networking connections, load balancing traffic, network routing, private access to Azure services, network security and monitoring. Learn how to design and implement a secure, reliable, network infrastructure in Azure and how to establish hybrid connectivity, routing, private access to Azure services, and monitoring in Azure.