Two weeks ago, I have earned and shared a Microsoft Advertising badge. I got several request to provide information about the training material and my expereince with the exam.
What is the digital advertising?
Well, if you are you new to digital advertising, then these Microsoft courses will provide you an introduction to the digital marketing industry. You could start learning the foundations and then looking at search, shopping, and display advertising.
Earn the Badge
By complete the 4 courses in the Learning Path (in any order) you could earn a digital Badge. As you know, it can be shared and verified on LinkedIn or other social media platforms to demonstrate your new knowledge.
Keep in mind that each chapter has assessment questions
Finally, review all the material and get ready to pass the final assessment
In this session, I focused on a number of changes in Microsoft Azure Architect exam, as it might be troublesome to get ready for it with all the digital distractions around us.
However, in this lightning talk, I shared bits and tips on how to focus on the AZ-305 Designing Microsoft Azure Infrastructure Solutions exam objectives and help you to prepare for a big day.
A screenshot from the participants comments
As part of this presentation, I have shared free, official and community learning resources that will boost your knowledge, and hopefully help you pass this important exam with confidence.
A screenshot of an official practice exam reference
If you missed this session, no worries, you are covered, as this session was recorded. It is freely availiable on the #cloudmarathoner ⏯ 🖐 YouTube channel here.
The slides and as well as links to the recommended resources are posted on my 🖐 👨💻 GitHub repo here.
Please, feel free to check up this GitHub repo, share & fork it as you like 👍
Few days ago, I was really honored to receive an invitation to speak at a great “Career Panel” Q&A event from Robin Smorenburg and Kevin Evans. This event was the first organized event of Streaming Clouds.
Oh boy, it was such an interesting and honest discussion where myself and other guests honestly shared experiences and struggles, while addressing questions from the live audience.
Cloud careers with Streaming Clouds
This panel focused on addressing the following hot question: – How to break into a cloud career or how to get your career journey to the next stage?
This event covered the certifications and how to gain hands-on experience, community and personal branding, and mentorship.
Dear friends, this event was recorded and available for re-watch at the following LinkedIn url.
High availability (HA) is an important quality measure of computing infrastructure that is mission-critical for the customer facing applications and overall organization’s systems. High availability permits the computing infrastructure to continue functioning, even when certain components fail.
Thus, cloud solution providers (CSPs) are expected to deliver certain measures and guarantees to claim the high availability of the offered services.
The diagram below, equates Service Level Agreement (SLA) percentual to actual downtime, measured in seconds per week, month and year.
How to achieve High Availability in Azure?
Azure infrastructure is composed of geographies, regions, and availability zones which in turn limits the impact of a physical server or Sofware update failure and therefore limit potential impact to customer applications and data.
The Azure availability zones construct was developed to provide a software and networking solution to protect against datacenter failures and to provide increased high availability (HA) to the Azure customers.
Availability zones are playing very important role in designing your HA solution to meet customer needs. Please, read more about the Azure Regions and availability zones here.
Part 12: Design for high availability
The references below are taken from official Microsoft docs and focused on designing HA solutions in Azure. You could also find it helpful to check the Microsoft docs and learning paths with [Tutorials] below 😉.
This collection of links is gathered with a focus on the exam objectives of the AZ-305 certification exam.
Welcome to the 11th blog post (Part 11/12) of the Azure Architect series to help you get ready for the AZ-305 exam. This post starts the last section of this exam – Design Business Continuity Solutions.
And please feel free to check the previous sections & blog posts listed below if you landed on this page for the first time 🙂
Table of content (blog series)
*** Design Identity, Governance, and Monitoring Solutions ***
Simply put, a Business Continuity (aka, BC) solution is based on a plan 🙂 A BC plan is a predefined approach and procedure for how a business will continue to run when dealing with an emergency.
In another words, it is a process of creating systems of prevention and recovery to deal with any potential threats to your company. These threats could be a natural disasters, such as hurricanes, fires, floods, power outages or an unintended misconfiguration of a system. It could also be a malicious cyberattack as well.
There are many benefits provided by BC planning and Disaster Recovering (aka, DR) planning to your organization when they are drafted and approved across the board, such as:
Improved decision-making
Risk Management
People and Property Protection
Morale boost 🙂
The “Morale boost” element is very important piece, because when employees know plans are in place, they may feel safer. Moreover, it does not just boost morale, but potentially increases the business value perception to customers who recognize the high preparedness and responsibilities of the company.
What are the Backups and Disaster Recovery solutions in Azure?
In the case of service disruption or accidental deletion or corruption of data, recover your business services in a timely and orchestrated manner. The Azure backup and disaster recovery solution is simple to architect, cloud-native, highly available, and resilient.
Backup and Disaster Recovery in azure
Azure Backup and Disaster Recovery (DR) services are important services that help you to achieve your company’s reliability goals for all of the system workloads in the cloud or on-premises. It is very important when CSP (Cloud Solution Provider) prioritizes transparency and keep it’s customers informed during and after the service issues.
You could easily target following goals when planning to deliver your Backup and DR services to your most critical customers:
Simplified Management across environments
Azure built-in security controls
Reduced complexity and cost
Extent solutions to Azure with our partners
Part 11: Design a business continuity solution
The references below are taken from official Microsoft docs and focused on designing solutions in Azure. You could also find it helpful to check the Microsoft docs and learning paths with [Tutorials] below 😉.
This collection of links is gathered with a focus on the exam objectives of the AZ-305 certification exam.
Welcome to the 10th blog post (Part 10/12) of the Azure Architect series to help you get ready for the AZ-305 exam. This post finalizes the third section of this exam – Design Data Storage Solutions.
Our next post will be discussing the last section of this exam – Design Business Continuity Solutions.
And please feel free to check the previous blog posts listed below if you landed on this page for the first time 🙂
Table of content (blog series)
*** Design Identity, Governance, and Monitoring Solutions ***
It is very natural to wonder – “what is the meaning of data integration”? In a nutshell, it is a combination of differently sourced data for a high-level overview and analysis. In other words, “Data Integration” – is a common term referring to the requirement to combine data from multiple separate business systems into a single unified view, also known as a single view of the truth.
This unified view is typically stored in a central data repository known as a data warehouse.
Data integration can serve your organization some short- and long-term benefits, including the followings:
✔️ Better Data ✔️ Better Collaboration ✔️ Fast connections between Data Storage ✔️ Increased efficiency and ROI ✔️ Better customer and partner experiences ✔️ A more comprehensive view of your business
What are the Data Integration solutions in Microsoft Azure?
Application integration often requires connecting multiple independent systems, often in complex ways. This white paper explains how the components of Azure Integration Services—API Management, Logic Apps, Service Bus, and Event Grid—work together to provide a complete solution for integrating both cloud and on-premises applications.
There are several Azure services such as Azure Functions, Azure Data Factory, and Azure Logic Apps are just a few of the services that can help you efficiently solve complex data challenges.
Check out the Overview of Data Integration in Azure from this official resource.
Part 10: Design a data integration solution
The references below are taken from official Microsoft docs and focused on designing Data Integration solutions in Azure. You could also find it helpful to check the Microsoft docs and learning paths with [Tutorials] below 😉.
This collection of links is gathered with a focus on the exam objectives of the AZ-305 certification exam.
A relational data is a set of data that have a certain pre-defined structure. Once this data structure (aka, data schema) is enforced on data then we can start talking about a relational database.
Thus, a relational database (DB) is a collection of data items with some pre-defined relationships. These data items are organized as a set of tables with columns and rows. The tables are used to hold a similar type of information object to be represented in the database.
WHAT is relational data storage in azure?
In Microsoft Azure, relational data could be stored in different forms and shapes. The early approach of storing and running relational databases has been accomplished through Virtual Machine (VM) instances. However, this approach brought a certain operational overhead and required specialized skills within the team to manage those VMs properly.
Nowadays, we could run the relational databases as a managed service (aka, PAAS) in the cloud. In other words, Microsoft Azure helped to offload operational overhead associated with the management of VMs that are assigned to run your database services. All this became possible by the introduction of managed relational Azure Database services like SQL, MySQL, PostgreSQL, and MariaDB.
In this study guide, you will learn about these managed, relational DB services in depth.
Part 9: Design a data storage solution for relational data
The references below are taken from official Microsoft docs and focused on designing Data Storage solutions for Relational data in Azure. You could also find it helpful to check the Microsoft docs and learning paths with [Tutorials] below 😉.
This collection of links is gathered with a focus on the exam objectives of the AZ-305 certification exam.
Welcome to the next blog post (Part 8/12) from the Az-305 series to help you get ready for the AZ-305 exam. This post is the first one that is covering the section – “Design Data Storage Solutions” for this exam.
Please, check the previous blog posts listed below, if you landed on this page for the first time 🙂
Table of content (blog series)
*** Design Identity, Governance, and Monitoring Solutions ***
A non-relational data is a set of gathered or existing data that does not have a strict schema (structure) which is a required condition for a relational data. Of course, when we speak about data in business, the first thing that comes to mind is the database 🙂
In contrast to a relational database, a NoSQL database is one that is less structured/confined in format. Thus, we gain more flexibility and adaptability with non-relational data.
A non-relational database is a database that does not use the tabular schema of rows and columns found in most traditional database systems. Instead, non-relational databases use a storage model that is optimized for the specific requirements of the type of data being stored. For example, data may be stored as simple key/value pairs, as JSON documents, or as a graph consisting of edges and vertices.
In practice, “NoSQL” means “non-relational database,” even though many of these databases do support SQL-compatible queries. However, the underlying query execution strategy is usually very different from the way a traditional RDBMS would execute the same SQL query.
Check out the following major categories for non-relational (NoSQL) databases below:
Document data stores
Columnar data stores
Key/value data stores
Graph data stores
Time series data stores
Object data stores
External index data stores
Microsoft Azure offers a number of services that help you to build these NoSQL databases, and in this post we will cover all of them.
Part 8: Design a non-relational data storage solution
The references below are taken from official Microsoft docs and focused on designing the non-Relational Data Storage solutions in Azure. You could also find it helpful to check the Microsoft docs and learning paths with [Tutorials] below 😉.
This collection of links are gathered with a focus toward the exam objectives of AZ-305 certification exam.
Welcome to the next blog post (Part 7/12) from the Az-305 series to help you get ready for the AZ-305 exam. This post is special and will finalize one of the biggest sections – “Design Infrastructure Solutions ” for this exam.
Please, check the previous blog posts listed below, if you landed on this page for the first time 🙂
Table of content (blog series)
*** Design Identity, Governance, and Monitoring Solutions ***
An IT Migration is basically a movement of data or software from one system to another. Also, depending on the complexity of the project, an IT migration involves data migration, application migration, operating system (OS) migration, and others.
A typical migration project usually involves the movement of data too, which is called – Data Migration. Here is the definition of data migration from Wikipedia.
Data migration is the process of selecting, preparing, extracting, and transforming data and permanently transferring it from one computer storage system to another. Additionally, the validation of migrated data for completeness and the decommissioning of legacy data storage are considered part of the entire data migration process.[1][2] Data migration is a key consideration for any system implementation, upgrade, or consolidation, and it is typically performed in such a way as to be as automated as possible, freeing up human resources from tedious tasks. Data migration occurs for a variety of reasons, including server or storage equipment replacements, maintenance or upgrades, application migration, website consolidation, disaster recovery, and data center relocation
In last few years we also have new type of migration – called cloud migration.
WHAT is the migration solution in azure?
There are many different ways you could run your migration projects. Microsoft Azure provides specialized tools to help you migrate your IT solutions from on-premises and other cloud platforms into Azure. Thus, you could take advantage of Azure Migrate offers to you..
Azure Migrate provides a centralized hub to assess and migrate on-premises servers, infrastructure, applications, and data to Azure. It provides a range of tools to help you in the migration process. Please, check an official Microsoft documentation on Azure Migrate services here.
Part 7: Design a migration solution
The references below are taken from official Microsoft docs and focused on designing Migration solutions in Azure. You could also find it helpful to check the Microsoft docs and learning paths with [Tutorials] below 😉.
This collection of links are gathered with a focus toward the exam objectives of AZ-305 certification exam.
The following post is going to be covered in the Azure Spring Clean 2022 event’s website too. Thus, you might be wondering what the Azure Spring Clean is?
Azure Spring Clean 2022 Overview
The Azure Spring Clean is a community-driven event focused on Azure management topics and gradually publishes content from March 14-18, 2022.
I would like sincerely Thank – Joe Carlyle and Thomas Thornton for putting time and effort in organizing this event. From a #cloudmarathoner ’s perspective it’s been enjoyable to contribute and be a part of this event. This topic specifically outlines how to understand the pros and cons of your initial Azure AD settings that will be aligned with your project’s expectations.
Indeed, this is a very legit question and I would like to address it with the following quote from Alex Weinert:
…our telemetry tells us that more than 99.9% of organization account compromise could be stopped by simply using MFA, and that disabling legacy authentication correlates to a 67% reduction in compromise risk (and completely stops password spray attacks, 100% of which come in via legacy authentication)…
Alex Weinert – Director of Identity Security at Microsoft
The main purpose behind these default settings is to make sure that all organizations using Azure AD have a basic level of security, and it is enabled at no extra cost according to Microsoft.
Azure AD security defaults are something you need to enable at the tenant level. Once you do this, the rules will apply to all users in your tenant without any exceptions.
If you are looking for enforce rules more selectively ( or exclude some users ) then security defaults won’t be a fit solution for you. For this scenario, you would need to look at getting some P1 or P2 licenses and use the conditional access instead.
How can I set up my Azure AD Security Defaults?
The Microsoft Azure AD team did a fantastic job by simplifying this option. You need to navigate int0 Azure AD -> Properties -> and click on link Manage Security defaults.
You will end-up with the following window on the right panel of Azure portal:
Enabling Security Defaults in Azure AD
What is baked inside the security defaults in azure ad?
There are a number of things baked into the “Security Defaults” by Azure AD team. You could read about an official and detailed description here – Security defaults in Azure AD.
One of the BIG incentives for the security defaults is that it brings Multi-Factor Authentication (MFA) to your users for #free. Of course, there are some limitations around this which I will cover later on, but this option does allow you to get an MFA with no additional cost.
Previously, you would have to have either Azure AD P1 licenses, or pay per use for MFA functionality. Thus, this is a big game changer benefit that you are getting for free in your tenant and will bring a significant extra level of security. And this defaults includes both Azure and Office 365 services.
Along with MFA, security defaults are enforcing several policies that make your tenant more secure:
Requiring all users to sign up for MFA (for free)
Requiring those in Azure administrator roles to perform MFA
Blocking legacy authentication protocols – this includes clients that don’t use modern authentication and so don’t support MFA, and older mail protocols like IMAP, SMTP and POP3
Requiring MFA authentication when undertaking privileged actions using the Azure portal, PowerShell or CLI
Will Security Defaults replace my Azure AD licenses ?
In short, the answer is No. Your Azure AD licenses provide more security protection services than what you get from “Security Defaults”.
Think of a “Security Defaults” as a security design approach for users on a free Azure AD tier. Because, if you are already using P1 or P2 licenses you would want to look at using conditional access to perform this (and more) rather than security defaults.
What you need to know before deploying the Security Defaults?
Based on Microsoft security guidelines, every organization should have at least two emergency access accounts configured. These accounts are intended for use when your regular administrator account’s can not be used. A typical example is: when person with the most recent Global Admin access has left your company.
What are the emergency access accounts ? Well, following three criteria defines it pretty well:
Aren’t used on a daily basis
Are protected with a long complex password
Has an assigned Global Administrator rights in Azure AD
These emergency access accounts and credentials are very sensitive and should be stored in a secure location like a fireproof safe. And only authorized people in your organization should have access to these accounts.
What to do when switching from Security Defaults to azure ad Conditional Access Policies?
In order to provide more productivity and better security to your users, you could replicate the policies created by Azure AD Security Defaults. First, your customer’s tenant must be licensed with Azure AD Premium P2. However, the majority of policies can also be accomplished using the Azure AD Premium P1 license.
Check out the following Microsoft documented guides on how you can use Conditional Access to configure equivalent policies to the once that get set by the security defaults:
All these policies could be implemented with Premium P1 license, except the last one. The last policy requires Azure AD Identity Protection feature of the Azure AD and could be provided via Premium P2 license.
Summary
Thank you so much for reading this post and learning about the Azure AD Security defaults. I tried my best to provide my perspective on this important topic while using availiable Microsoft docs and resources.
Please, keep up the good work by securing your and customer’s cloud environments!
