Chapter 1: Course Introduction
Chapter 1 introduces the course and discusses the associatedTestOut and Microsoft certifications. It also shows students how to navigate various interfaces including: Windows 10 and 11, Window Client interface, Windows Server, and the Azure interface.
Chapter 2: Secure Windows Servers
Chapter 2 focuses on the essential concepts of server security.It covers the understanding and management of malware protection, the configuration and use of Windows Defender Exploit Guard and ApplicationControl, the application of Microsoft Defender for Endpoint, the utilization ofWindows Defender Credential Guard, and the setup of Defender SmartScreen. Exploring how each of these concepts is crucial in providing comprehensive security forWindows servers.
Chapter 3: Secure Windows Server with Active Directory and Group Policy
Chapter 3 guides students on securing Windows Server usingActive Directory and Group Policy. Topics include operating system security, password policy configuration, User Rights Assignment, Protected Users management, and Audit Policies. It also covers Security Options, User AccountControl, and securing a Hybrid Active Directory Infrastructure. Students learn about Active Directory Account Security, restricting access to DomainControllers, managing AD Built-In Administrative Groups, and using MicrosoftDefender for Identity. They will also learn how Microsoft Sentinel and AzureSecurity Center are used to address security issues.
Chapter 4: Secure Windows Server Networking and Storage
Chapter 4 focuses on securing Windows Server networking and storage. It begins with understanding and managing Windows Defender Firewall, implementing domain isolation, and connection security rules. The chapter then moves on to secure Windows Server storage, both on-premise and on Azure.On-premise security involves managing BitLocker Drive Encryption and recovering encrypted volumes. Azure storage security includes using Azure Disk Encryption and managing disk encryption keys for Infrastructure as a Service (IaaS)virtual machines.
Chapter 5: Clustering and High Availability
Chapter 5 instructs students on clustering and high availability. The chapter covers network load balancing, SMB Direct and SMBMultichannel, and failover clustering, including its creation, storage options, and differences in cloud versus on-premises implementations. Students learn about Cluster Role Management and workloads, configuring failover roles, and managing continuously available shares. They will explore cluster quorums and how to configure them with load balancing. They also learn to manage failover clusters using Windows Admin Center, install updates on cluster nodes, and handle failover workloads. The chapter concludes by discussing highly available storage settings, including managing Storage Spaces Direct.
Chapter 6: Implement Disaster Recovery
Chapter 6 explores how to implement disaster recovery including backup and recovery. It begins with Windows Server Backup, covering AzureRecovery Services Vault, file and folder backup and restoration, and backup policy creation. The chapter then delves into Windows Server Recovery, discussing VM recovery options, temporary snapshot recovery, and VM restoration. It also explores Azure Site Recovery, including recovery plan configuration, site recovery for on-premises and Azure VMs, and VM replication. The chapter concludes with Azure Site Recovery Networking and Hyper-V Replica, focusing on its importance in disaster recovery, networking configuration, failover and failback management, IP address settings for failover and failback, and network mapping management.
Chapter 7: Migrate Servers and Workloads
Chapter 7 teaches students about server and workload migration across various versions in hybrid environments. It begins with the migration of on-premises storage to other on-premises or Azure servers using StorageMigration Service and Azure File Sync. Students learn data transfer, server cutover, and migration to Azure VMs and File Shares. The chapter then discusses migrating on-premises servers to Azure, deploying Azure Migrate Appliance, and migrating VM and physical workloads to Azure IaaS. It also covers migrating previous versions to latest versions of Windows Server, including IIS, Hyper-V hosts, RDS, DHCP, and print servers. Lastly, it delves into the migration of ADDS infrastructure to Windows Server 2022 AD DS, using the Active DirectoryMigration Tool, migrating to a new Active Directory Forest, and upgrading an existing forest.
Chapter 8: Monitor andTroubleshoot Windows Server Environments
Chapter8 instructs students on monitoring and troubleshooting Windows Server environments and the various tools and utilities they will use to do so. It starts with understanding Windows System Events, managing Event Logs, and configuring Data Collector Sets. The chapter then explores Windows ConfigurationTools, performance management, and the use of the Windows Admin Center andSystem Insights. Students learn about resource monitoring using Task Manager,Resource Monitor, and Process Explorer. The chapter also delves into AzureMonitoring Services, including the deployment of Azure Monitor and LogAnalytics Agents, performance counter collection, alert creation, and the use of Azure Diagnostics Extension and VM Insights. It concludes with Azure LogAnalytics and Azure Network Watcher, teaching students how to query logs, create alerts based on log queries, use Log Analytics workspaces, monitor, diagnose, view metrics, and enable Network Watcher.
Chapter 1: Course Introduction
Windows and Azure Simulator Interface
- Windows Client Interface
- Windows Server Interface
- Azure Interface
Chapter 2: Secure Windows Servers
Malware
- Malware Protection
- Manage Windows Security
Microsoft Defender
- Configure Microsoft Defender for Endpoint
- Microsoft Defender Products
- Manage Exploit Protection
- Manage Application Control
- Manage Credential Guard
- Manage SmartScreen
Chapter 3: Secure Windows Server with Active Directory and Group Policy
Secure Windows Servers with Group Policies
- Implement Operating System Security by using Group Policies
Password Policies
- Configure Password Policies
- Password Block Lists
- Configure Azure AD Password Protection
- Password Block Lists
- Configure Fine-Grained Password Policies
User Rights Assignment and Protected Users
- Manage User Rights
- Manage Protected Users
Audit Policies
- Configure Audit Policies
Security Options
- Configure Security Options
- Configure User Account Control
- User Account Control Facts
- Enforce User Account Control
Secure a Hybrid Active Directory Infrastructure
- Secure Domain Controllers
- Manage Account Security on a Read-Only Domain Controller
- Harden Domain Controllers
- Configure Authentication Policies Silos
- Authentication Policies Silos Facts
Secure a Hybrid Active Directory Accounts
- Active Directory Account Security
- Restrict Access to Domain Controllers
- Configure Account Security
- Manage AD Delegation and Built-In Administrative Groups
- Implement and Manage Microsoft Defender for Identity
- Microsoft Defender for Identity
- Restrict Access to Domain Controllers
- Manage AD Built-In Administrative Groups
- Manage AD Delegation
Resolve Security Issues by Using Azure Services
- Microsoft Sentinel
- Azure Security Center
Chapter 4: Secure Windows Server Networking and Storage
Secure Windows Server Networking
- Manage Windows Defender Firewall
- Implement Domain Isolation
- Implement Connection Security Rules
- Windows Defender Firewall and Security Rules
Secure Windows Server Storage (On-Premise)
- BitLocker Drive Encryption and Recovery Keys
- Manage Windows BitLocker Drive Encryption
- Manage and Recover Encrypted Volumes
Secure Windows Server Storage (Azure)
- Azure Disk Encryption and Keys
- Manage Disk Encryption Keys for IaaS Virtual Machines
- Azure Disk Encryption and Keys Facts
- Creating Azure Key Vaults
Chapter 5: Clustering and High Availability
Network Load Balancing and High Availability
- Network Load Balancing Overview
- Configure Network Adapters for Failover Clustering
- Managing Network Load Balancing
- SMB Direct and SMB Multichannel Overview
- Enabling SMB Direct on RDMA
Implement Failover Clustering
- Failover Clustering Overview
- Create an On-Premises Windows Failover Cluster
- Create an Azure Failover Cluster
- Cluster Storage Options
- Configure a Floating IP Address for The Cluster
- Create a Failover Cluster
Configuring Cluster Quorum
- Modify Quorum Options
- Create an Azure Witness
- Implement Load Balancing for The Failover Cluster
- Configure Cluster Settings in the Cloud
- Configure Cluster Quorum Settings
Cluster Role Management and Workloads
- Failover Cluster Role Configuration
- Configuring Failover Roles and Settings
- Configuring Continuously Available Shares
- Add a Failover Cluster Role
- Configure Failover and Preference Settings
- Configure Scale-Out File Servers
Manage Failover Clustering
- Implement Cluster-Aware Updating
- Recover a Failed Cluster Node
- Upgrade a Node to Windows Server 2022
- Failover Workloads Between Nodes
- Manage Failover Clusters Using Windows Admin Center
Highly Available Storage Spaces
- Storage Spaces Direct
- Create a Failover Cluster Using Storage Spaces Direct
Chapter 6: Implement Disaster Recovery
Windows Server Backup
- Azure Recovery Services Vault
- Back Up and Restore Files and Folders to ARS Vault
- Create a Backup Policy
- Azure Backup Server
- Azure Recovery Services Vault
- Use the Built-In Backup Agent
- Prepare On-Premises Infrastructure for Azure
Windows Server Recovery
- Virtual Machine Recovery Options
- Recover a VM Using Temporary Snapshots
- Recover VMs to New Azure Virtual Machines
- Restore a VM
Azure Site Recovery
- Azure Site Recovery Plan
- Configure a Recovery Plan
- Site Recovery for On-Premises VMs
- Site Recovery for Azure Virtual Machines
- VM Replication to Secondary Datacenter or Azure Region
- Azure Site Recovery Policies
- Site Recovery for On-Premises VMs
- Site Recovery for Azure Virtual Machines
- VM Replication to Secondary Datacenter or Azure Region
Azure Site Recovery Networking
- ASR Networking
Hyper-V Replica
- Configure Hyper-V Hosts for Replication
- Configure VM Replication
- Perform a Failover
- Configure VM Replication
- Perform a Failover
- Perform a Reverse Replication
- Perform a Test Failover
- Perform a Planned Failover
Chapter 7: Migrate Servers and Workloads
Migrate On-Premises Storage to On-Premises Servers or Azure
- Storage Migration Service
- Transfer Data and Share
- Cut Over to a New Server Using Storage Migration Services
- Use Storage Migration Service to Migrate to Azure VMs
- Azure File Sync
- Migrate to Azure File Shares
- Create Azure File Sync Service
- Create Sync Groups
- Create Server Endpoints
Migrate On-Premises Servers to Azure
- Deploy and Configure Azure Migrate Appliance
- Migrate VM Workloads to Azure IaaS
- Migrate Physical Workloads to Azure IaaS
- Migrate by Using Azure Migrate
- Create an Azure Migrate Project
Migrate Previous Versions to Windows Server
- Windows Server Migration
- Migrate Internet Information Services
- Migrate Hyper-V Hosts
- Migrate DHCP
- Migrate Print Servers
- Migrate Hyper-V Host Storage
Migrate IIS Workloads to Azure
- Migrate IIS Workloads to Azure Web Apps
- Migrate Workloads to Containers
Migrate an AD DS Infrastructure to WindowsServer 2022 AD DS
- Migrate an AD DS Infrastructure
- Use Active Directory Migration Tool
- Migrate to a new Active Directory Forest
- Upgrade an Existing Forest
Chapter 8: Monitor and Troubleshoot Windows Server Environments
Windows System Events
- Event Viewer
- Manage Event Logs
- Data Collector Sets
- Create and Configure Data Collector Sets
- Clear Audit Policies
Windows Configuration Tools
- Viewing System Information
- Using the System Configuration Utility
- Configure and Manage Services
- Use Management Consoles
Windows Performance Management
- Performance Monitoring
- Resource Monitor and Process Explorer
- Use Task Manager
- Resource Monitoring Tools
- Reliability Monitor and Action Center
- Use Reliability Monitor
Windows Admin Center and System Insights
- Alerts with Windows Admin Center
- Monitor by Using System Insights
Monitor Windows Server by Using Azure Services
- Azure Monitoring Services
- Deploy Azure Monitor Agents
- Collect Performance Counters to Azure
- Create Alerts
- Use Azure Diagnostics Extension
- Use VM Insights
Troubleshoot Windows Server On-Premises and Hybrid Networking
- Troubleshooting On-Premises Connectivity
- Troubleshoot DHCP and DNS
- Troubleshoot On-Premises DHCP and DNS
- Troubleshooting Hybrid Networking
- Troubleshoot Hybrid Network Connectivity
Troubleshoot Windows Server Virtual Machines in Azure
- Troubleshoot Deployment Failures
- Troubleshoot Booting Failures
- Troubleshoot VM Performance Issues
- Troubleshoot VM Extension Issues
- Troubleshoot Disk Encryption Issues
- Troubleshoot Storage
- Troubleshoot VM Connection Issues
- Troubleshoot Booting Failures
Troubleshoot Active Directory
- Restore Objects from AD Recycle Bin
- Use Directory Services Restore Mode
- Recover SYSVOL
- Troubleshoot Active Directory Replication
- Troubleshoot Hybrid Authentication Issues
- Troubleshoot On-Premises Active Directory