In today’s rapidly evolving cloud era, Microsoft Azure stands as one of the world’s leading cloud platforms. Its certification system has become a crucial pathway for IT professionals and career changers alike. AZ-104: Microsoft Azure Administrator Associate is a foundational intermediate-level certification that builds the core skills necessary to manage Azure environments effectively.

This study plan is designed for learners who want a structured, practical, and results-driven approach to mastering Azure, especially for:

• Professionals preparing for the AZ-104 certification exam

• IT generalists or developers transitioning into cloud administration roles

• Learners planning to pursue advanced certifications (e.g., AZ-305, AZ-500)

Learning Objectives

Over the course of 5 weeks, this plan will guide you through a complete, hands-on, and strategically reinforced learning path that covers all five AZ-104 domains. The goal is not only to pass the exam but also to develop practical, job-ready skills for managing Azure environments.

By the end of this plan, you’ll be able to:

• Confidently manage Azure identities, access control, subscriptions, and governance

• Deploy and secure multiple types of Azure Storage services

• Build resilient and scalable compute environments using virtual machines, automation, and containers

• Design secure, scalable virtual networks across regions and hybrid clouds

• Monitor resources effectively, implement backup and recovery, and optimize performance using built-in Azure tools

Methodology: Driving Both Efficiency and Retention

This plan integrates two proven learning strategies to help you study smarter, not just harder:

1. Pomodoro Technique

• Each study day includes 3–4 focused learning blocks (25 minutes each, with 5-minute breaks)

• A longer break follows every 4 Pomodoros

• This maximizes focus and energy, reducing cognitive fatigue

2. Ebbinghaus Forgetting Curve (Spaced Repetition)

• Every new concept is revisited on Day 1, Day 2, Day 4, and Day 7

• This method reinforces memory connections and increases long-term retention

• Combined with personal notes, visual mind maps, and a mistake log to create a powerful "second brain"

Study Structure Overview

The plan is divided into 5 stages, each aligned with one major AZ-104 exam domain:

1. Week 1 – Manage Azure Identities and Governance (Azure AD, RBAC, Policies, Subscription Structure)

2. Week 2 – Implement and Manage Storage (Blob, File, Encryption, Lifecycle, Data Tools)

3. Week 3 – Deploy and Manage Azure Compute Resources (VMs, Automation, Containers, App Services)

4. Week 4 – Implement and Manage Virtual Networking (VNets, NSGs, Firewalls, VPN, Load Balancing)

5. Week 5 – Monitor and Maintain Azure Resources (Monitoring, Logs, Backup, Site Recovery, Advisor)

AZ-104 Week 1 Study Plan: Manage Azure Identities and Governance

Primary Goal: Master the structure and operations of Azure Active Directory (Azure AD), RBAC, policies, resource governance tools, and cost management systems. Gain the ability to configure and manage identity, access, and policy enforcement in real Azure environments.

Time Commitment: ~2.5 hours/day using Pomodoro sessions
Methodology:

• 3 Pomodoro blocks per day (25 minutes each with breaks)

• Active practice in Azure Portal + CLI

• Flash review (10–15 mins) at night following the Ebbinghaus forgetting curve

Day 1: Azure AD Users and Groups

Learning Objectives:

• Understand how Azure AD identities are structured

• Learn to create, update, delete, and manage users

• Differentiate between security groups and Microsoft 365 groups

• Implement static vs dynamic membership

• Configure group-based licensing

Tasks:

1. Read and summarize the structure of Azure AD tenants and users

2. Use the Azure Portal and CLI to create:

   • 3 users

   • 2 security groups (one with dynamic rule)

3. Assign group-based licenses (trial available in Microsoft 365)

4. Document your group rules and license assignment logic

Reinforcement:

• Draw a diagram to show the user–group–license relationship

• Review today's notes before sleep (15 min flash review)

Day 2: Devices and External Identities

Learning Objectives:

• Understand how devices join Azure AD and are managed

• Set up and explore Azure AD B2B collaboration

• Configure invitation settings for guest users

• Study device-based Conditional Access

Tasks:

1. Register a virtual machine or Windows client to Azure AD

2. Invite an external email (e.g., personal Gmail) as a guest user

3. Create and apply access restrictions to guest accounts

4. Explore Azure AD device settings in the tenant blade

Reinforcement:

• List differences between internal users, guest users, and devices

• Add 2 questions to your flashcard tool based on today’s content

Day 3: Role-Based Access Control (RBAC)

Learning Objectives:

• Understand roles, scopes, and inheritance

• Know when to use built-in vs custom roles

• Apply least privilege principle in real environments

Tasks:

1. Assign the Reader role to a user at the resource group level

2. Create a custom role using Azure CLI that allows read-only access to Storage

3. Test permission effectiveness by switching user accounts

4. Review and document differences between scope levels: management group, subscription, resource group, resource

Reinforcement:

• Build a diagram showing scope hierarchy

• Recap Day 1 and 2 for 10 minutes (build retention layers)

Day 4: Management Groups and Subscriptions

Learning Objectives:

• Learn the hierarchy of Azure resource governance

• Create and organize subscriptions and management groups

• Apply RBAC and policy inheritance in a hierarchical structure

Tasks:

1. Create two management groups and nest one under the other

2. Move a subscription under the top-level group

3. Assign a policy at the management group level

4. Assign RBAC at different levels and observe inheritance

Reinforcement:

• Summarize your understanding of management group vs subscription

• Review your RBAC test from Day 3 to see what carried down in the hierarchy

Day 5: Azure Policy and Blueprints

Learning Objectives:

• Understand what Azure Policy is and how it enforces governance

• Create and assign policies with parameters

• Learn what Azure Blueprints are and how they group governance artifacts

Tasks:

1. Create a policy definition to allow only specific VM SKUs (e.g., B-series)

2. Assign the policy at the resource group level

3. Create a Blueprint including a policy and role assignment

4. Deploy the Blueprint to a test subscription

Reinforcement:

• Draw a diagram that shows how policies are structured (Definition → Assignment → Parameters → Effects)

• Recap Day 4’s management group configuration (Ebbinghaus 2-day review)

Day 6: Resource Locks and Cost Management

Learning Objectives:

• Apply locks to prevent accidental deletion or modification

• Use cost analysis, budgets, and alerts

• Understand tagging and its impact on cost tracking

Tasks:

1. Apply a CanNotDelete lock to a test resource

2. Set up a budget alert for your test subscription

3. Use Cost Analysis to check forecast and filter by resource type

4. Create and apply at least 3 tags (Department, Owner, Environment)

Reinforcement:

• Write a short summary of your budgeting and tagging strategy

• Review Day 5 policy logic (Ebbinghaus day-2 cycle)

Day 7: Weekly Review and Practice Quiz

Learning Objectives:

• Strengthen your recall and understanding of the week's content

• Identify and address weak areas through self-assessment

Tasks:

1. Review all notes, diagrams, and flashcards from the past 6 days

2. Take a 20-question timed quiz on Domain 1 topics (e.g., using MS Learn, Whizlabs, or my practice sets)

3. Analyze incorrect answers and update your error log

4. Summarize the full domain in 1–2 pages in your own words

Reinforcement:

• Final weekly Ebbinghaus review cycle: Re-study Day 1 & 2 key concepts

• Write a list of your top 5 insights or learning breakthroughs this week

AZ-104 Week 2 Study Plan: Implement and Manage Storage

Primary Goal: Understand the architecture, configuration, and security of Azure Storage services. Be able to deploy, secure, monitor, and optimize different types of storage (Blob, Files, ADLS, etc.), including lifecycle policies and access mechanisms.

Time Commitment: ~2.5 hours/day using Pomodoro study blocks
Methodology:

• 3–4 Pomodoro sessions per day (25 minutes each)

• Daily lab or configuration task in Azure

• Daily micro-review of earlier topics (spaced repetition)

• Lab summaries and weekly consolidation for better recall

Day 1: Storage Account Types and Access Tiers

Learning Objectives:

• Understand different storage account types: GPv2, Blob, Premium

• Learn how to choose between Hot, Cool, and Archive access tiers

• Know the use cases for standard vs premium storage

Tasks:

1. Create three different storage accounts: GPv2 with Hot tier, GPv2 with Archive tier, and Premium FileStorage

2. Upload test data to each and evaluate performance/cost differences

3. Read official docs on access tiers and write a summary of when to use each

Reinforcement:

• Review key comparisons: GPv2 vs Blob vs Premium

• Revisit and test Day 1 of Week 1 content (user + group configuration)

Day 2: Storage Security – Encryption and Access Control

Learning Objectives:

• Understand server-side encryption with Microsoft-managed keys (MMK) and customer-managed keys (CMK)

• Learn client-side encryption scenarios

• Configure Shared Access Signatures (SAS), Azure AD authentication, and access keys

Tasks:

1. Generate a SAS token using Azure Portal and AzCopy

2. Create an Azure Key Vault and configure a storage account to use CMK

3. Test data upload with both SAS token and account key

4. Enable HTTPS-only traffic on the storage account

Reinforcement:

• Draw a flowchart for storage access paths (keys, SAS, AD-based)

• Review Day 2 of Week 1 (external identities, guest access)

Day 3: Networking and Lifecycle Management

Learning Objectives:

• Use private endpoints and firewall rules to restrict access

• Configure lifecycle rules to optimize costs over time

• Understand network isolation and TLS policies for storage accounts

Tasks:

1. Enable a private endpoint for an existing storage account and test connectivity from within a VNet

2. Set firewall rules to allow access only from one subnet

3. Create a lifecycle policy: move blobs to Cool after 30 days, then delete after 180 days

4. Test policy by uploading and tagging blobs

Reinforcement:

• Create a checklist for network configuration steps

• Re-study Day 3 of Week 1 (RBAC scopes + least privilege)

Day 4: Blob Storage – Structure, Features, and Use

Learning Objectives:

• Understand blob types: block blob, append blob, page blob

• Learn how to use containers, blob metadata, and tags

• Configure versioning and soft delete for disaster recovery

Tasks:

1. Upload files as block, append, and page blobs; observe differences

2. Enable soft delete and versioning

3. Delete a blob and recover it; compare previous versions

4. Add custom metadata to a blob and retrieve it using Azure CLI

Reinforcement:

• Map blob types to use cases in your notes

• Revisit Day 4 of Week 1 (management groups and policy inheritance)

Day 5: Azure Files and Sync

Learning Objectives:

• Configure and mount Azure File Shares with SMB/NFS

• Deploy Azure File Sync for hybrid file management

• Use snapshots and soft delete for file protection

Tasks:

1. Create an Azure File Share and mount it on your local Windows machine

2. Install Azure File Sync agent on a test server or VM

3. Enable cloud tiering and set the tier threshold to 20%

4. Create and test a file share snapshot and recover a deleted file

Reinforcement:

• Document the Azure File Sync deployment process step-by-step

• Recheck your policy and lock configuration from Week 1, Day 5–6

Day 6: Data Migration and Advanced Storage Tools

Learning Objectives:

• Learn tools for data transfer: AzCopy, Azure Storage Explorer, Azure Data Factory

• Understand when to use Import/Export service for massive data loads

• Explore ADLS Gen2 and hierarchical namespace

Tasks:

1. Use AzCopy to upload 1GB of data from your machine to blob storage

2. Navigate data using Azure Storage Explorer

3. Enable hierarchical namespace on a new storage account (ADLS Gen2)

4. Create folder-based permissions using Access Control Lists (ACLs)

Reinforcement:

• Make a chart comparing storage transfer tools (CLI, GUI, programmatic)

• Review Day 6 of Week 1 (cost analysis and budgeting)

Day 7: Weekly Review + Practice Quiz

Learning Objectives:

• Consolidate and retain all key concepts from the week

• Evaluate understanding via practice questions

• Identify and fix any weak areas

Tasks:

1. Review your notes, mind maps, and storage lab results

2. Take a 20-question practice quiz on Domain 2 (storage)

3. Analyze and explain all incorrect answers

4. Write a 1-page knowledge summary for blob, file, and data transfer services

5. Revisit Week 1 Day 3 and Day 5 topics as per Ebbinghaus curve

Optional Task:

• Record a 5-minute verbal explanation (voice memo or video) of storage account types and when to use each. This helps reinforce active recall.

AZ-104 Week 3 Study Plan: Deploy and Manage Azure Compute Resources

Primary Goal: Learn how to create, configure, secure, and scale Azure compute resources, including virtual machines (VMs), container instances, and web applications. Understand deployment automation through templates and scripting. Be prepared to design and manage compute resources efficiently in real-world cloud environments.

Time Commitment: ~2.5 to 3 hours/day using Pomodoro sessions
Methodology:

• 3 to 4 Pomodoro blocks per day

• Daily hands-on labs in Azure

• Flash reviews of past content for spaced repetition (target: Days 1–2, 4–5 from previous weeks)

• Final daily task: write or speak a short summary of what you learned that day

Day 1: VM Availability and Scalability

Learning Objectives:

• Understand how Azure provides high availability through Availability Sets and Availability Zones

• Learn how VM Scale Sets (VMSS) enable auto-scaling and load distribution

• Use Load Balancer to manage traffic across VMs

Tasks:

1. Create an Availability Set with 2 VMs

2. Deploy a Standard Load Balancer with backend pool and health probe

3. Deploy a VM Scale Set (VMSS) with automatic instance scaling rules based on CPU load

4. Configure autoscale settings and simulate a load test

Reinforcement:

• Create a visual comparison between Availability Sets, Availability Zones, and VMSS

• Review Week 2 Day 6 (lifecycle and storage optimization logic)

Day 2: VM Creation and Sizing

Learning Objectives:

• Understand Azure VM SKUs (D, B, E, F, N series)

• Deploy VMs using multiple tools: Portal, CLI, PowerShell, ARM

• Evaluate performance vs cost trade-offs

Tasks:

1. Create 1 Linux VM and 1 Windows VM via Portal

2. Create another VM using Azure CLI (az vm create)

3. Resize one VM from B-series to D-series and compare CPU/memory stats

4. Create an ARM template for deploying a basic VM with NSG

Reinforcement:

• Build a chart summarizing each VM SKU family and its use case

• Review RBAC scope assignment (Week 1 Day 3)

Day 3: VM Disk and Networking Configuration

Learning Objectives:

• Learn how to attach, format, and use OS/data disks

• Understand encryption options (BitLocker for Windows, DM-Crypt for Linux)

• Configure network settings: static IP, NSG, NIC

Tasks:

1. Attach a data disk to an existing VM and initialize it

2. Enable Azure Disk Encryption using Key Vault

3. Set a static private IP for a VM

4. Create custom NSG rules (e.g., allow RDP only from one IP)

Reinforcement:

• Write a step-by-step document on disk encryption

• Review Storage Account security (Week 2 Day 2)

Day 4: VM Extensions and Diagnostics

Learning Objectives:

• Learn what VM extensions are and when to use them

• Understand diagnostics, Azure Monitor Agent, and boot diagnostics

• Automate post-deployment configuration using scripts

Tasks:

1. Use Custom Script Extension to install NGINX or IIS

2. Enable boot diagnostics on a Linux or Windows VM

3. Install Azure Monitor Agent using portal or CLI

4. View diagnostic data in Log Analytics

Reinforcement:

• Record a video or write an explanation of how you installed and verified an extension

• Review App Insights and Logs (Week 5 Day 1 preview)

Day 5: Deployment Automation – ARM Templates and Cloud-init

Learning Objectives:

• Understand Infrastructure-as-Code (IaC) concepts

• Learn how ARM templates declare Azure resources

• Use cloud-init for Linux configuration automation

Tasks:

1. Build a basic ARM template to deploy a VM + NSG + storage

2. Deploy the template from the portal and Azure CLI

3. Write a cloud-init YAML file to create a Linux user and install Apache

4. Deploy a VM with that cloud-init file and verify configuration

Reinforcement:

• Review and annotate one example from Microsoft’s QuickStart ARM templates gallery

• Refresh Week 2 Day 4 (soft delete and versioning for blob)

Day 6: Container Services – ACI and AKS Basics

Learning Objectives:

• Deploy single containers using Azure Container Instances (ACI)

• Understand basic AKS architecture: node pools, scaling, and identity integration

• Compare container hosting options

Tasks:

1. Deploy a container using ACI via Azure CLI (e.g., NGINX or Hello World app)

2. Configure ACI with DNS label and port

3. Explore AKS cluster settings (review node pools, autoscaling)

4. Write a short comparison: ACI vs AKS vs App Service for container hosting

Reinforcement:

• Draw a container orchestration model (ACI → AKS → App Services)

• Review your ARM template logic from Day 5

Day 7: Azure App Services – Web App Deployment

Learning Objectives:

• Learn how to deploy and manage App Services

• Configure app settings, authentication, and deployment slots

• Enable scaling and monitoring

Tasks:

1. Deploy a sample .NET or Node.js app using Azure App Service

2. Create a staging slot and swap slots after changes

3. Configure App Settings and a connection string

4. Enable autoscale based on CPU or HTTP request count

5. Enable Application Insights for your app and test response times

Reinforcement:

• Summarize pros/cons of PaaS vs IaaS for app hosting

• Review your Day 1–2 flashcards as part of spaced review

AZ-104 Week 4 Study Plan: Implement and Manage Virtual Networking

Primary Goal: Master Azure virtual networking, including Virtual Networks (VNets), subnets, IP addressing, name resolution, network security, peering, VPN connectivity, and load balancing. By the end of this week, you should be able to design, deploy, secure, and troubleshoot network topologies in Azure.

Time Commitment: ~2.5 to 3 hours/day
Methodology:

• 3 to 4 Pomodoro blocks per day (25-minute focus + 5-minute breaks)

• Lab tasks every day using the Azure Portal and CLI

• Frequent diagramming of topologies and rule structures

• Scheduled flash reviews on Days 2, 4, and 7 (reinforcement per Ebbinghaus curve)

Day 1: VNet and Subnet Design

Learning Objectives:

• Understand VNet fundamentals, logical isolation, and CIDR-based address space

• Learn to design and implement subnets based on functional tiers (e.g., Web, App, DB)

• Explore subnet delegation and service integration

Tasks:

1. Create a VNet with address space 10.1.0.0/16 and divide into 3 subnets (Web, App, DB)

2. Configure subnet delegation to an App Service Environment or Bastion

3. Validate IP ranges using subnet calculator tools

4. Draw a network diagram to document your setup

Reinforcement:

• Build a decision table: When to use subnet delegation, service endpoints, and private endpoints

• Review Week 3 Day 3 (NSG and IP configuration in VMs)

Day 2: IP Addressing, NICs, and DNS

Learning Objectives:

• Configure dynamic and static private/public IP addresses

• Understand network interfaces and IP configuration

• Explore Azure-provided DNS and private DNS zones

Tasks:

1. Assign a static private IP to an existing VM

2. Create a Standard Public IP and bind it to a NIC

3. Create a private DNS zone, link it to a VNet, and register a VM hostname

4. Test name resolution between VMs using both Azure DNS and custom DNS

Reinforcement:

• Write a short explanation of the difference between Azure DNS and custom DNS

• Review and revisit VM deployment configuration (Week 3 Day 2)

Day 3: Network Security Groups (NSGs), Service Tags, and ASGs

Learning Objectives:

• Understand NSG structure and rule components

• Use service tags for simplified rule targeting

• Group VMs with Application Security Groups (ASGs)

Tasks:

1. Create an NSG with:

   • Allow RDP from your IP

   • Allow HTTP from Internet

   • Deny all other inbound traffic

2. Apply the NSG to a subnet and test access

3. Create two ASGs (Web-ASG, App-ASG) and assign VMs

4. Use ASGs in NSG rules to allow Web → App communication only

Reinforcement:

• Sketch an NSG rule table and label each rule’s priority and effect

• Revisit RBAC assignment best practices (Week 1 Day 3)

Day 4: Azure Firewall and Just-in-Time Access

Learning Objectives:

• Understand Azure Firewall capabilities: L3/L4 filtering, DNAT/SNAT, threat intelligence

• Deploy a centralized firewall in a hub-spoke topology

• Configure JIT access for secure, time-based management

Tasks:

1. Create a dedicated “hub” VNet and deploy Azure Firewall into it

2. Route traffic from spoke VNets to the firewall using route tables

3. Enable JIT access for a VM: restrict SSH or RDP to your IP and time limit

4. Observe rule hits and diagnostic logs in Azure Monitor

Reinforcement:

• Create a diagram showing hub-spoke network layout with NSGs and Firewall

• Review App Gateway rules from Week 3 Day 7 for comparison

Day 5: VNet Peering and Private Communication

Learning Objectives:

• Learn how to peer VNets in the same region and across regions

• Understand the configuration of gateway transit and traffic forwarding

• Identify limitations of VNet peering (no transitive peering)

Tasks:

1. Create two VNets: one in East US, one in West US

2. Establish bidirectional peering between them

3. Enable "allow forwarded traffic" and test ping/connectivity between VMs

4. Simulate a scenario with gateway transit for shared VPN

Reinforcement:

• List use cases where peering is preferred vs VPN

• Review Week 2 Day 6 (AzCopy transfers via public vs private paths)

Day 6: VPN and ExpressRoute Connectivity

Learning Objectives:

• Understand Site-to-Site (S2S) and Point-to-Site (P2S) VPN configurations

• Learn ExpressRoute basics, benefits, and use cases

• Configure VPN Gateway types and authentication

Tasks:

1. Deploy a VPN Gateway in your VNet using route-based configuration

2. Simulate a P2S VPN using certificate-based auth from a local client

3. Review SKU options and identify limits of Basic vs VpnGw SKUs

4. Read about ExpressRoute provider requirements and latency advantages

Reinforcement:

• Diagram a full hybrid network: On-prem → Azure via VPN → Peered VNets

• Recheck your previous JIT/Firewall configurations (Week 4 Day 4)

Day 7: Load Balancing Solutions

Learning Objectives:

• Compare different load balancers: Azure Load Balancer (L4), Application Gateway (L7), Traffic Manager, and Front Door

• Learn how each operates and in what scenarios they are optimal

• Implement basic end-to-end load balancing

Tasks:

1. Deploy a Standard Load Balancer with backend pool (2 VMs) and NAT rule for SSH

2. Deploy Application Gateway with WAF enabled and a custom listener

3. Set up Traffic Manager to route traffic between two App Services based on performance

4. Explore Azure Front Door: create a frontend endpoint and test SSL offloading

Reinforcement:

• Build a comparison table: LB vs App Gateway vs Traffic Manager vs Front Door

• Review Week 3 Day 6 (ACI and AKS scaling features)

AZ-104 Week 5 Study Plan: Monitor and Maintain Azure Resources

Primary Goal: Learn how to monitor, diagnose, back up, restore, and optimize Azure workloads. Be able to create alerts, manage update schedules, and ensure business continuity using Azure Site Recovery and Backup. This week also includes exam readiness and full-scope review.

Time Commitment: 2.5–3 hours/day
Methodology:

• 3 to 4 Pomodoro sessions per day

• Real hands-on monitoring and alerting labs

• Daily error review from prior weeks (spaced repetition)

• Final mock test and deep review on Day 7

Day 1: Azure Monitor – Metrics, Logs, and Diagnostic Settings

Learning Objectives:

• Understand Azure Monitor’s architecture: metrics, logs, agents, and workbooks

• Learn how to collect and analyze metrics and logs

• Configure diagnostic settings for different services

Tasks:

1. Enable diagnostics on a VM, a storage account, and an App Service

2. Route data to a Log Analytics Workspace

3. View metrics (CPU, memory, disk) using Metrics Explorer

4. Create a custom workbook to display CPU + disk trends on one dashboard

Reinforcement:

• Summarize the difference between metrics and logs

• Revisit Week 2 Day 2 (data encryption and logging)

Day 2: Kusto Query Language (KQL) for Logs

Learning Objectives:

• Learn KQL syntax for filtering and aggregating logs

• Write queries to diagnose system health and performance issues

• Use KQL in Log Analytics and workbooks

Tasks:

1. Query performance metrics using:

   • Perf | where CounterName == "% Processor Time"

2. Analyze boot diagnostics and failure causes

3. Explore AzureDiagnostics, Heartbeat, and Syslog tables

4. Practice joins and summarize functions

Reinforcement:

• Create a cheat sheet of KQL patterns and functions

• Review VM extensions and diagnostics (Week 3 Day 4)

Day 3: Alerts and Action Groups

Learning Objectives:

• Understand different alert types: metric, log, and activity

• Learn how to configure alert conditions, thresholds, and frequency

• Create and reuse action groups

Tasks:

1. Create a metric alert: CPU > 80% for 5 minutes

2. Create a log alert: when more than 5 500-status errors occur in 10 minutes

3. Configure an action group to send:

   • Email

   • Webhook (to simulate automation)

4. Attach the action group to both alerts

Reinforcement:

• Document when to use each alert type (metric, log, activity log)

• Review your monitoring dashboard (Day 1) and see what triggers alerts

Day 4: Backup and Restore (Azure Backup)

Learning Objectives:

• Learn how Azure Backup protects VMs, files, SQL, and on-premises systems

• Understand Recovery Services Vaults, backup policies, and retention

• Perform full and file-level restores

Tasks:

1. Create a Recovery Services Vault

2. Backup a VM and configure a daily retention policy (14 days)

3. Enable Instant Restore and test file-level recovery

4. Test restoring the full VM to a new instance

Reinforcement:

• Summarize differences between Instant Restore and full restore

• Revisit Week 1 Day 6 (cost management—tied to backup storage consumption)

Day 5: Azure Site Recovery (ASR)

Learning Objectives:

• Learn how ASR replicates VMs between regions

• Understand recovery plans and failover workflows

• Know how to test failover without affecting production

Tasks:

1. Enable replication for a VM to another region

2. Create a recovery plan grouping 2 VMs

3. Execute a test failover and validate the boot logs

4. Test failback (manual or simulated) from secondary to primary

Reinforcement:

• Diagram the failover/failback workflow

• Compare ASR to backup in terms of RTO and RPO objectives

Day 6: Maintenance, Updates, and Optimization

Learning Objectives:

• Configure update management for scheduled patching

• Use Azure Service Health to track outages and maintenance

• Optimize resources with Azure Advisor recommendations

Tasks:

1. Enable update management on a Windows and Linux VM

2. Schedule updates and view compliance reports

3. Explore Azure Service Health and configure a service alert for your region

4. Review Azure Advisor’s suggestions and take action on:

   • Cost savings

   • Performance

   • High availability

Reinforcement:

• Write a one-page memo: “How I would optimize our Azure environment monthly”

• Recheck your alert configurations from Day 3

Day 7: Final Review + Mock Exam

Learning Objectives:

• Synthesize everything you've learned into a mental model

• Identify knowledge gaps through testing

• Apply exam strategies (time management, question filtering, elimination)

Tasks:

1. Take a full-length mock exam (60 questions, 120 minutes)

2. Review all incorrect and flagged questions

3. Update your master study sheet with any new patterns or insights

4. Complete your final 1-page summary per domain (5 in total)

5. Reflect and rate your readiness across all domains from 1 to 5

Optional:

• Rewatch MS Learn video snippets or attend a final cram session

• Create a "last 48-hour" revision plan leading into your exam date

---