Training: Configure Windows Server Hybrid Advanced Services (AZ-801)

Ref. AZ-801T00

Download PDF

Duration:

4

days

Exam:

Optionnel

Level:

Intermediate

Funding:

Eligible

Home > Trainings > IT Pro > Systems and Networking > Configure Windows Server Hybrid Advanced Services (AZ-801)

Configure Windows Server Hybrid Advanced Services Training (AZ-801)

Windows Server infrastructure management is rapidly evolving toward hybrid environments. Organizations are seeking administrators capable of combining on-premises technologies with Azure cloud services. This AZ-801 training addresses this need precisely by offering comprehensive learning of advanced Windows Server services.

Mastering hybrid environments with Windows Server

This program targets IT professionals who want to extend their skills beyond traditional infrastructures. You’ll learn to secure on-premises and cloud systems, migrate workloads to Azure IaaS, and implement high availability. Azure Arc, Windows Admin Center, and PowerShell technologies form the foundation of this hands-on training.

The AZ-801 certification validates your expertise in configuring advanced Windows Server services. It demonstrates your ability to manage complex hybrid infrastructures. This training effectively prepares you for the exam while developing skills immediately applicable in enterprise environments.

Participant Profiles

System and network administrators
IT infrastructure engineers
Level 2 and 3 support technicians
IT managers
Microsoft technology consultants

Objectives

Secure on-premises and hybrid Windows Server infrastructures
Implement high availability and failover clustering
Configure Azure Site Recovery for disaster recovery
Migrate servers and workloads to Azure IaaS
Manage updates with Azure Update Management
Monitor environments with Azure Monitor
Troubleshoot network and virtual machine issues
Audit security with Microsoft Defender for Cloud

Prerequisites

Basic experience in Windows Server administration
Fundamental knowledge of networking and virtualization
Familiarity with Azure cloud concepts

Course Content

Module 1: Implement network security for Windows Server IaaS virtual machines

Implement network security groups and Windows IaaS virtual machines
Implement Azure Firewall and Windows IaaS virtual machines
Implement Windows Firewall with Windows Server IaaS virtual machines
Choose the appropriate filtering solution
Deploy and configure Azure Firewall using the Azure portal
Capture network traffic with Network Watcher
Log network traffic to and from a virtual machine using the Azure portal

Module 2: Audit the security of Windows Server IaaS virtual machines

Describe Microsoft Defender for Cloud
Enable Microsoft Defender for Cloud in hybrid environments
Implement and evaluate security policies
Protect your resources with Microsoft Defender for Cloud
Implement Microsoft Sentinel

Module 3: Manage Azure updates

Describe Update Management
Enable update management
Deploy updates
View update assessments
Manage updates for your Azure virtual machines

Module 4: Configure BitLocker disk encryption for Windows IaaS virtual machines

Describe Azure Disk Encryption and server-side encryption
Configure Key Vault for Azure Disk Encryption
Encrypt Azure IaaS virtual machine hard drives
Back up and recover data from encrypted disks
Create and encrypt a Windows virtual machine

Module 5: Implement change tracking and file integrity monitoring for Windows IaaS virtual machines

Implement Change Tracking and Inventory
Manage Change Tracking and Inventory
Manage tracked files
Implement File Integrity Monitoring
Select and monitor entities
Use File Integrity Monitoring

Module 6: Describe Windows Server DNS

Implement split-horizon DNS
Create DNS policies
Implement DNS policies
Describe Windows Server DNS
Implement DNSSEC protocol

Module 7: Secure Windows Server user accounts

Configure user account rights
Protect user accounts using the Protected Users group
Describe Windows Defender Credential Guard
Block NTLM authentication
Locate problematic accounts

Module 8: Harden Windows Server security

Describe the Local Administrator Password Solution
Configure privileged access workstations
Secure domain controllers
Analyze security configuration with Security Compliance Toolkit
Secure SMB traffic

Module 9: Windows Server update management

Explore Windows Update
Review Windows Server Update Services server deployment options
Define the Windows Server Update Services update management process
Describe the Update Management process

Module 10: Introduction to Cluster Shared Volumes

Determine the features of Cluster Shared Volumes
Explore the architecture and components of Cluster Shared Volumes
Implement Cluster Shared Volumes

Module 11: Implement Windows Server failover clustering

Define Windows Server failover clustering
Plan a Windows Server failover clustering
Implement Windows Server failover clustering
Manage Windows Server failover clustering
Implement stretch clusters
Define cluster sets

Module 12: Implement high availability for Windows Server virtual machines

Select high availability options for Hyper-V
Consider network load balancing for Hyper-V virtual machines
Implement live migration of Hyper-V virtual machines
Implement storage migration of Hyper-V virtual machines

Module 13: Implement high availability for Windows Server file servers

Explore high availability options for Windows Server file servers
Define cluster shared volumes
Implement a scale-out file server
Implement storage replica

Module 14: Implement scaling and high availability with Windows Server virtual machines

Describe virtual machine scale sets
Implement scaling
Implement load-balanced virtual machines
Create a virtual machine scale set in the Azure portal
Describe Azure Site Recovery
Implement Azure Site Recovery

Module 15: Implement Hyper-V Replica

Define Hyper-V Replica
Plan Hyper-V Replica
Configure and implement Hyper-V Replica
Describe extended replication
Define Azure Site Recovery
Implement Site Recovery from an on-premises site to Azure

Module 16: Implement hybrid backup and recovery with Windows Server IaaS

Describe Azure Backup
Implement recovery vaults
Implement Azure backup policies
Recover Windows IaaS virtual machines
Perform file and folder recovery
Perform backup and restore of on-premises workloads
Manage Azure virtual machine backups with the Azure Backup service

Module 17: Protect your on-premises infrastructure from disasters with Azure Site Recovery

Overview of Azure Site Recovery
Supported workloads for protection with Azure Site Recovery
Run a disaster recovery drill
Failover and failback

Module 18: Protect your virtual machines using Azure Backup

Azure Backup features and scenarios
Back up an Azure virtual machine using Azure Backup
Restore virtual machine data

Module 19: Migrate on-premises Windows Server instances to Azure IaaS virtual machines

Plan your migration
Describe Azure Migrate
Perform server assessment
Assess physical servers with Azure Migrate
Migrate Windows Server workloads using Azure Migrate

Module 20: Upgrade and migrate Windows Server IaaS virtual machines

Describe Azure Migrate
Migrate Windows Server workloads using Azure Migrate
Describe storage migration
Migrate file servers using Storage Migration Service

Module 21: Active Directory Domain Services migration

Review and compare upgrade and migration
Upgrade a previous version of Active Directory Domain Services to Windows Server 2025
Migrate to Active Directory Domain Services in Windows Server 2025 from a previous version
Explore the Active Directory Migration Tool

Module 22: Migrate file server workloads using Storage Migration Service

Overview of Storage Migration Service and usage scenarios
Storage migration requirements
Migrate a server with Storage Migration Service
Assessment of migration considerations

Module 23: Migrate Windows Server roles

Describe Windows Server Migration Tools
Install the Migration Tools feature
Migrate roles using Migration Tools

Module 24: Monitor virtual machines and hybrid Windows Server IaaS instances

Enable Azure Monitor for virtual machines
Monitor an Azure virtual machine with Azure Monitor
Enable Azure Monitor in hybrid scenarios
Collect data from a Windows computer in a hybrid environment
Integrate Azure Monitor with Microsoft Operations Manager

Module 25: Monitor your Azure virtual machines with Azure Monitor

Azure virtual machine monitoring
Monitor virtual machine host data
Use Metrics Explorer to view detailed host metrics
Collect client performance counters using virtual machine insights
Collect virtual machine client event logs

Module 26: Monitor Windows Server performance

Use Performance Monitor to identify performance issues
Use Resource Monitor to check current resource usage
Check reliability with Reliability Monitor
Implement a performance monitoring methodology
Use data collector sets to analyze server performance
Monitor network infrastructure services
Monitor virtual machines running Windows Server
Monitor performance with Windows Admin Center
Use System Insights to better anticipate future capacity issues
Optimize Windows Server performance

Module 27: Manage and monitor Windows Server event logs

Describe Windows Server event logs
Use Windows Admin Center to view logs
Use Server Manager to view logs
Use custom views
Implement event log subscriptions

Module 28: Implement Windows Server auditing and diagnostics

Describe basic audit categories
Describe advanced categories
Access user logs
Enable setup and boot event collection

Module 29: Troubleshoot on-premises and hybrid networking

Diagnose DHCP issues
Diagnose DNS issues
Diagnose IP configuration issues
Diagnose routing issues
Use Message Analyzer to facilitate network troubleshooting
Use Azure Network Watcher to facilitate network troubleshooting

Module 30: Troubleshoot Windows Server virtual machines in Azure

Troubleshoot virtual machine deployment issues
Troubleshoot virtual machine boot issues
Troubleshoot virtual machine extension issues
Troubleshoot virtual machine connectivity issues
Troubleshoot virtual machine performance issues
Troubleshoot virtual machine storage issues

Module 31: Troubleshoot Active Directory

Recover objects from the AD recycle bin
Recover the AD DS database
Recover SYSVOL
Troubleshoot AD DS replication issues
Troubleshoot hybrid authentication issues

Documentation

Access to Microsoft Learn, Microsoft’s online learning platform, offering interactive resources and educational content to deepen your knowledge and develop your technical skills.

Lab / Exercises

This course provides you with exclusive access to the official Microsoft lab, enabling you to practice your skills in a professional environment.

Exam

This course prepares to the exam AZ-801: Configuring Windows Server Hybrid Advanced Services

Complementary Courses

Administer Windows Server Hybrid Core Infrastructure (AZ-800) | AZ-800T00

Eligible Funding

ITTA is a partner of a continuing education fund dedicated to temporary workers. This fund can subsidize your training, provided that you are subject to the “Service Provision” collective labor agreement (CCT) and meet certain conditions, including having worked at least 88 hours in the past 12 months.

Additional Information

The evolution of Windows Server infrastructures toward hybrid

The hybrid model is radically transforming information systems management. Organizations no longer choose between on-premises infrastructure and cloud. They now combine these two approaches to optimize performance and costs. This evolution requires new technical skills that few professionals currently master.

Windows Server integrates naturally with Azure services through Azure Arc. This technology extends cloud management capabilities to on-premises physical servers. You supervise everything from a single console. Compliance policies apply uniformly across all environments. This consistency significantly simplifies security audits.

Traditional infrastructures are reaching their limits given current needs. Manual scalability consumes valuable time. Tape backups present risks of data loss. The hybrid model addresses these challenges by combining on-premises stability and cloud agility.

Securing identities in a distributed world

Authentication represents the weak link for many organizations. Credential stuffing attacks exploit reused passwords. Windows Defender Credential Guard protects credentials in memory. This hardware-based protection prevents malware from extracting stored credentials.

The Protected Users group limits possible attack vectors. Member accounts can no longer use NTLM or Kerberos DES. These restrictions significantly strengthen the security posture. However, they require planning to avoid application incompatibilities.

The Local Administrator Password Solution resolves an old problem. Many servers share the same local administrator password. A compromise then exposes the entire fleet. LAPS generates and stores unique passwords for each machine. Active Directory centralizes this management securely.

Privileged access workstations isolate sensitive administrative tasks. An administrator should never manage critical servers from their daily workstation. This separation blocks privilege escalation attacks. It ranks among Microsoft’s essential recommendations.

Designing resilience against major incidents

Every organization must anticipate the worst-case scenario. A fire, flood, or cyberattack can destroy an entire datacenter. Azure Site Recovery replicates your critical workloads to a remote region. Failover activates within minutes during an actual disaster.

Recovery tests validate your setup without impacting production. These simulations detect flaws in your plan before an actual incident occurs. Teams train on emergency procedures under realistic conditions. This preparation makes all the difference during a crisis.

Azure Backup protects your data with geographic redundancy. Immutable snapshots resist ransomware that encrypts data. Granular restore recovers a specific file without rebuilding everything. These features far surpass traditional tape-based solutions.

Storage replica synchronizes data between remote sites. This native Windows Server technology eliminates costly third-party solutions. Volumes replicate in real-time or on a defined schedule. You choose the appropriate mode based on your RPO objectives.

Automating security patch management

Unpatched vulnerabilities constitute the main entry point for attackers. Windows Server Update Services centralizes patch distribution. Administrators approve updates before mass deployment. This prior validation avoids unexpected incompatibilities.

Azure Update Manager extends this management to hybrid environments. On-premises servers and Azure virtual machines follow the same policies. Compliance reports identify vulnerable systems in real-time. Maintenance windows schedule reboots at opportune times.

Automation drastically reduces administrative burden. PowerShell orchestrates repetitive tasks with precision. Scripts verify state before modification and log each action. This traceability facilitates regulatory compliance audits.

Optimizing cloud infrastructure costs

Usage-based billing can quickly spiral without rigorous control. Azure virtual machines consume credits even when stopped if disks persist. Virtual machine scale sets automatically adjust capacity. You only pay for resources actually needed at each moment.

Azure Hybrid Benefit leverages your existing Windows Server licenses. This savings reaches up to 40% on compute costs. Reserved instances further reduce the bill for stable workloads. These financial optimizations often justify the migration alone.

Proper sizing avoids resource waste. Azure Migrate analyzes the actual usage of your current servers. The tool recommends optimal sizing rather than blindly replicating. This analytical approach ensures an optimal performance-to-cost ratio.

FAQ

What’s the difference between AZ-800 and AZ-801?

The AZ-800 exam covers core Windows Server services. AZ-801 focuses on advanced configurations and hybrid integration. Both certifications combined validate the Windows Server Hybrid Administrator Associate title.

What career prospects after this certification?

Certified administrators gain access to infrastructure architect positions. Salaries typically increase by 15 to 25% post-certification. Demand currently far exceeds the supply of qualified professionals.