Build a single Azure VM lab environment with PowerShell automation and GitHub version control, deploying a VM and networking resources via scripts and Cloud Shell, with teardown scripts.

Master network security group configuration for rdp access and automate azure vm creation with PowerShell.

Explore automating Azure resource cleanup and multi-region VM deployment with PowerShell, creating and removing VMs, VNets, NSGs, and public IPs across UK West, East US, and Central India.

Explore vm size limitations across regions for azure vms and secure access methods, including private access and just-in-time access, while avoiding insecure public internet exposure.

Learn to securely access Azure virtual machines with Azure Bastion, eliminating public IPs, enabling centralized access via TLS over port 443, while setting up a domain controller with Active Directory.

Learn to manage Azure network interfaces, attach and detach NICs, configure static and public IPs, and deploy domain controllers in a Windows forest with PowerShell guidance.

Configure a static internal IP for an Azure VM using PowerShell, then promote disk two as a secondary domain controller for the learned lessons domain, adjusting DNS.

Configure Active Directory sites for a multi-region lab, creating UK, West Europe, and Central India sites, setting 15-minute replication, and assigning domain controllers via GUI and PowerShell.

Navigate Windows Server 2025 editions and licensing options to balance cost and virtualization, including essentials edition, standard edition, data center edition, and Azure edition, plus pay-as-you-go and per-VM licensing.

Explore Windows Server 2025 edition selection and licensing strategies through realistic scenarios, covering essentials, standard, datacenter, pay-as-you-go options, virtualization rights, and hybrid cloud and azure integration.

Plan Windows Server 2025 deployments by evaluating processor requirements, including sse 4.2 with popcnt, memory and storage needs, virtualization, and security hardware like tpm 2.0 and secure boot.

Explore Windows Server 2025 installation options, compare Server Core and Server with Desktop Experience, and learn how Nano Server evolved into container images for scalable deployments with minimal attack surface.

Learn to set up Hyper-V on physical and nested virtualization for Windows Server labs, enable nested virtualization, deploy VMs, configure virtual switches, and compare server core versus desktop experience.

Explore Windows Server 2025 installation options—server core and server with desktop experience—and nano server evolution into container images with features on demand, plus remote management via RSAT and PowerShell remoting.

Master advanced PowerShell scripting with multi-line commands and backticks, and perform system monitoring using Get-ComputerInfo, Get-Counter, and Get-WinEvent. Explore remote sessions, PowerShell direct, and feature management on Hyper-V VMs.

Demonstrate desired state configuration (DSC) to ensure consistent server configurations, build and apply a basic DSC on localhost, and troubleshoot services with PowerShell techniques.

Explore Windows Server 2025 SMB security enhancements, including SMB over QUIC, default signing and auditing, plus Azure Arc powered hot patching and streamlined management with Windows Admin Center.

Explore Windows Server 2025 performance improvements, including nvme optimizations delivering up to 90% more iops, and secure file access via smb over quic, plus server core management basics.

Engage in a hands-on workshop using as config tool for Windows Server 2025 server core. Learn tasks like configuring network, updates, time, remote management, and PowerShell basics.

Explore Windows Server 2025 installation options—server core and desktop experience—covering management approaches, resource needs, planning, security implications, and application compatibility for informed deployment.

Deploy Windows Server 2025 or Windows 11 VMs with Hyper-V, from obtaining official installation media to creating generation 2 VMs with TPM and secure boot, and configuring storage and networking.

Choose generation two for Windows 11 on Hyper-V to enable UEFI, secure boot, and TPM 2.0, then enable these settings and use dynamic memory with startup 4 GB.

Explore enterprise virtualization platforms, focusing on Proxmox VE's KVM and LXC integration, clustering, and high availability. Evaluate open source and cloud lab options with nested virtualization and infrastructure as code.

Learn secure remote management for Windows Server 2025, including RDP with network level authentication and custom ports, WinRM/PowerShell remoting, OpenSSH, Windows Admin Center, and monitoring tools for proactive maintenance.

Explore upgrade and migration strategies for Windows Server 2025, transferring roles, data, configurations with Windows Server migration tools. Follow a phased plan with assessment, environment preparation, migration execution, and decommissioning.

Build a complete Windows Server 2025 Active Directory domain infrastructure in a hands-on Hyper-V lab, including DNS, domain controllers, joined client, and remote management via Windows Admin Center and PowerShell.

Explore the Active Directory schema as the forest-wide blueprint, covering the schema partition's role, replication, and administration, plus Windows Server 2025 schema updates and best practices.

Explore Active Directory Domain Services domains, access rules, and dynamic access control, and learn Windows Server 2025 enhancements, including 32k pages, delegated managed service accounts, laps, and functional level upgrades.

Verify Active Directory domain and forest functional levels, global catalog, and organizational units using Server Manager and PowerShell, with hands-on steps toward upgrading to Windows Server 2025.

Organize and manage Active Directory with organizational units as the primary tool, differentiating OUs from containers, linking GPOs to OUs, planning delegation, and applying best practices for efficient administration.

Demonstrates creating and organizing organizational units and containers in Active Directory using graphical interface, PowerShell one-liners, and command-line tools, with hands-on tasks to move users and computers.

This hands-on demo guides configuring user account attributes in Active Directory, covering expiration, logon hours, logon restrictions, smartcards, password policies, and attribute editor access via GUI, PowerShell, and ADAC.

Practice user profiles and account management in Windows Server, covering account lifecycle, template management, roaming profiles, and PowerShell provisioning for bulk onboarding.

Explore Active Directory group types and scopes, learn when to use security versus distribution groups and how local, domain local, global, and universal scopes govern permissions and membership.

Master the IGLA framework to manage identities, global groups, domain local groups, and universal groups for cross-domain access, plus delegated management and restricted groups via group policy.

Explore default groups and special identities in Windows Server to manage access, permissions, and security roles within a modern Windows infrastructure bootcamp context.

Develop active directory computer account management skills by exploring the computers container, creating custom organizational units, delegating join permissions, pre-creating accounts, and validating secure channel with PowerShell and command-line tools.

Learn practical PowerShell techniques to automate Active Directory tasks, including managing users, groups, computers, and organizational units, plus bulk operations, filtering, and CSV processing.

Explore how the domain partition creates replication boundaries and how objects replicate across domain controllers. Use repadmin and AD sites to verify replication and learn troubleshooting steps.

Explore the fundamentals of Windows PowerShell, including its purpose, hosting options, and versioning; learn to configure the console and ISE for efficient administration.

Configure the Windows PowerShell console and ISE in lab one, adjusting appearance, layout, fonts, colors, and transcripts; run as administrator, pin to the taskbar, and customize single-pane ISE view.

Explore PowerShell command discovery and syntax, using verbs, nouns, wildcards, and help to locate commands for tasks like configuring IP addresses, reading event logs, and managing remote systems.

Learn how to use and update PowerShell help system, including Get-Help, Update-Help, and Save-Help, and configure a network-share source and group policy to maintain offline access and multilingual help.

Explore discovering and using Windows PowerShell commands with what-if and confirm prompts, and learn to modify the confirm preference while practicing basic commands and pipeline concepts.

Learn to work with PowerShell objects by inspecting properties, methods, and events. Use Get-member and pipeline techniques to sort, measure, and select data, including calculated properties.

Learn how to convert and export data with Windows PowerShell, including CSV, HTML, XML formats, and import from external storage to build practical management reports.

Master object filtering and performance optimization in Windows PowerShell by converting management information into HTML, CSV, XML, and pipe-delimited formats, while applying basic and advanced filtering syntax and filter-left strategies.

Explore how explicit parameter binding disrupts pipeline input in Windows PowerShell and how pericentral commands, by value, by property name, and property expansion shape command pipelines.

Learn to craft formatted PowerShell reports for management using Get- commands and format controls, including computer system details, process tables, and route data, with WMI and CIM context.

Query remote computers with WMI and CIM using computername and credentials, create persistent SIM sessions, and invoke methods such as reboot or terminate.

Master Windows PowerShell operators (arithmetic, assignment, comparison, logical, and unary), learn operator precedence, basic script parameters, and led binding for robust tooling. Use param block and led binding.

Master parameterizing Windows PowerShell scripts, test and run them in the Windows PowerShell ISE, enable verbose output, and organize code with command based help and script modules.

Learn PowerShell debugging with write debug and verbose, pausing scripts to inspect state, and convert scripts to functions and modules while mastering error handling via try catch and error actions.

Learn to implement robust error handling in Windows PowerShell scripts using try/catch and verbose logging; explore if, switch, and foreach constructs, and configure networks with Get-NetAdapter and New-NetIPAddress.

Create and manage forward and reverse DNS zones, including Active Directory integrated zones, with dynamic updates and replication, and configure conditional forwarders to keep internal traffic within the network.

Master creating and managing active directory groups and organizational units using PowerShell cmdlets, adding members, setting group scopes, and moving objects between OUs, then automate domain controller deployment.

Create bulk Active Directory users using a foreach loop and a CSV file, auto-generating lab users with passwords, then modify properties in bulk—description and phone numbers—via PowerShell.

Execute bulk Active Directory operations on user and computer accounts with PowerShell, using Get-ADUser and Get-ADComputer, and piping to enable, disable, move, or remove objects.

Manage Active Directory security groups by adding users and computers with PowerShell, including bulk operations, nested groups, and exporting group membership for reporting.

Learn PowerShell group policy management with Gpmc, including creating, linking, backing up, and restoring GPOs, plus IIS installation via Server Manager or PowerShell.

Manage IIS with PowerShell and IIS manager, inspect event logs, and create dynamic test pages using ASP or ASP.NET, while testing the default website with server variables and default documents.

Explore managing IIS via IIS manager and PowerShell, monitor events, export logs, and test default pages; create dynamic pages with ASP/ASP.NET using server variables in the default site.

Create and configure websites in IIS with appcmd and PowerShell, set up application pools and bindings, and enable HTTP 2.0 on IIS 10 with SSL.

Learn how to manage nano server and IIS remotely with PowerShell, including creating sessions, importing the IIS administration module, listing and configuring sites, and starting and stopping sites.

Explore configuring DHCP scopes and managing super scopes with PowerShell commands. Learn to view, set, and remove scope options, create and modify superscopes, and automate with DHCP server v4 commands.

Learn the evolution of PowerShell from 1.0 to 5.0, explore console and ISE hosts, verify versions with $PSVersionTable, and practice using transcripts, history, and aliases to discover commands.

Explore how to map and manage PowerShell drives, access registry and file system items, and leverage pipelines to sort, select, and control services with start and stop operations.

Understand DNS architecture and name resolution in Windows Server, distinguishing recursive and iterative queries, forwarders, and zone types, with common records and basic troubleshooting tools.

Learn to install, remove, and manage DNS server roles with PowerShell and DNS Manager, create forward and secondary zones, and configure zone transfers.

Learn to manage DNS roles and zones on Windows servers using PowerShell, including installing and removing DNS features, and creating primary and secondary forward lookup zones.

Master PowerShell comparison operators, including eq, gt, like, and case-insensitive variants, and apply DNS zone creation and conditional forwarders; explore PowerShell formatting with format wide and alternate views.

Format PowerShell output as the last step in the pipeline, then use Outfile or redirection to save results, while deciding between objects and strings for downstream use.

Master PowerShell pipeline operations by chaining Get-Process, Sort-Object, Measure-Object, and Group-Object for concise reports. Explore domain controller fundamentals, including the global catalog, DNS, sign-in, and operations masters.

Discover Nano Server deployment methods for Windows Server 2016 using PowerShell to create VHDs, bootable drives, or VIM images, and explore the Nano Server Image Generator steps and supported roles.

Learn to manage contacts, mail enabled users, and distribution groups in exchange management shell, including creating, updating, removing, bulk provisioning with csv imports, and configuring resource mailboxes with calendar processing.

Learn to enable mail tips organization-wide and adjust large-audience thresholds, then master recipient filters, server-side filtering, dynamic distribution groups, and email address management in Exchange.

Learn mailbox migration and data import-export in Exchange with the Exchange Management Shell, including move requests, status tracking, and PST export reports.

Bulk add distribution group members from text or csv files using Get-Content, Import-Csv, and the Add-DistributionGroupMember cmdlet in the Exchange Management Shell.

Learn to configure distribution group self-management with set distribution group, controlling member join and depart restrictions (open or closed), and create address lists with recipient filters and exports.

Use the Exchange Management shell to create, mount, rename, move, and remove mailbox databases. Enable automatic mailbox distribution and configure quotas, retention, and bulk updates via csv.

Move active mailbox database copies between servers with the Move Active Mailbox Database cmdlet in Exchange Management Shell, using mount dial overrides and health checks to ensure safe switchover.

Explore the Azure portal to create resource groups, manage subscriptions and regions, attach storage via Cloud Shell, and automate tasks with PowerShell while handling resource dependencies.

Learn how to organize Azure resources with resource groups, design regions and availability zones for high availability, disaster recovery, and cost control, including naming, tagging, and life cycle best practices.

Explore Azure's all services catalog to find, configure, and manage hundreds of compute, storage, database, and network services, with cost management tools like budgets and cost analysis.

Explore GitHub integration with Azure, clone the Azure Learned Lessons repository, run ps1 scripts to manage VMs, and learn cloud computing fundamentals.

Explore cloud computing basics, the shared responsibility model, and cloud models (public, private, hybrid, multi-cloud) along with scalability, reliability, security, governance, and cost management.

Explore cloud resource management and scaling approaches, including template-based provisioning, automated scaling, continuous monitoring, and web portals, CLI, APIs, PowerShell, plus IaaS, PaaS, SaaS with shared responsibility.

Explore how Azure organizes resources through resource groups, subscriptions, and management groups to enable governance, cost management, and region pairs for disaster recovery.

Explore Azure cost management and pricing strategies that transform capex to opex, cover pay-as-you-go and reserved capacity, region and subscription pricing, marketplace options, and the pricing and TCO calculators.

Explore Azure cost management with cost analysis, budgets and alerts, and learn how resource tagging (app name, cost center, owner, environment, impact) supports cost allocation and governance via Azure Policy.

Access the Service Trust Portal with a Microsoft Cloud Service account and Entra Organization account, then learn Azure governance and resource management using policy, Purview, Resource Logs, and ARM templates.

Explore ARM templates and Bicep for declarative, modular, and idempotent Azure deployments with automated orchestration. Preview Azure Monitor tools such as Azure Advisor, Service Health, Log Analytics, and alerts.

Explore Azure Cloud Shell, a browser-based command line interface with persistent cloud storage, pre-configured tools, and bash or PowerShell support for managing resources.

Master bash commands for Linux file navigation and operations, including ls, cd, and pwd. Learn cp and mv for copying and moving, with -R -p -v -i options and mkdir.

Master Linux file operations and directory management. Use rm with -r -i -f for safe recursive deletion, mkdir -p for nested structures, and cat, more, less, head, tail for file content; manage privileges with sudo and su.

Master Bash fundamentals for file operations, process management, I/O redirection, piping, and grep, then explore PowerShell as a cross-platform automation tool with cmdlets and pipelines for cloud resources.

Discover how to locate PowerShell commands for Azure resources with Get-Command, Get-Help, and Get-Member, using verb-noun naming and filters by noun or verb.

Harness PowerShell to explore and manage Azure resources, querying properties and deleting resources. Deploy infrastructure with JSON ARM templates in Visual Studio Code and validate deployments with Azure Resource Manager.

Learn to build an Azure ARM template by defining parameter blocks (location, storage account), configuring types, defaults, metadata, and allowed values, and constructing the resources section.

Learn to debug and deploy an Azure Resource Manager template by editing parameters, validating the template, and running idempotent deployments with parameter files.

Leverage PowerShell automation to create a multi-VM Azure lab, enforcing 15-character names, deploying VM, NIC, IP, NSG, VNet and disk, and clean up all resources with a removal script.

Deploy multi-region Azure VMs with PowerShell scripts across UK, West, East US, and Central India, creating resource groups, VNet, public IPs, NSGs, and Windows Server 2022 Azure Edition.

Learn Azure VM security access methods, including private access, site-to-site VPN, just-in-time access, and Azure Bastion, to securely access VMs via TLS without public IP exposure.

Configure static IP addresses on Windows Server VMs. Promote the server to a domain controller using Active Directory Domain Services and DNS for learned lessons.com.

Manage Azure network interfaces and promote a second domain controller for learned lessons, using PowerShell to set static IPs, attach NICs, configure DNS, and complete Active Directory domain services promotion.

Configure a multi-region active directory with a child domain and inter-site vnet peering, plus dns delegation and forwarders to ensure cross-region name resolution.

Configure DNS delegation and forwarders, then create active directory sites UK West, West Europe, Central India, and assign domain controllers with 15-minute replication.

Describe Azure Virtual Desktop setup in West US, including resource group naming, VNet and host pool creation, load balancer and session host basics, and Windows 10 Enterprise multi-session image.

Deploy and configure an Azure Virtual Desktop workspace, verify host pools and application groups, and implement Microsoft Entra ID authentication with single sign-on for secure remote access.

Learn how Microsoft Entra tenants relate to Azure subscriptions in a multi-tenant architecture, and how to register a custom domain and verify ownership.

Verify a custom domain with Microsoft Entra ID, configure Azure Entra Connect to sync on-prem AD, and compare Entra ID with AD DS for cloud identity and single sign-on.

Explore how Microsoft Entra Domain Services provides cloud-based domain services, including policy management, domain joining, and Kerberos authentication, and how it synchronizes with on-premises Active Directory for hybrid deployments.

Configure hybrid identity by deploying Azure Entra ID, syncing on-premises AD with Azure AD Connect, and enabling seamless single sign-on across Azure resources and on-prem VMs.

Deploy a WordPress site with Azure App Service from the Marketplace, manage resources via the portal or CLI, and scale and monitor using Cloud Shell and pricing tiers.

Master designing and deploying Azure virtual networks, configuring subnets, IP addressing, DNS, security policies, and provisioning Windows Server 2016 Data Center VMs with managed disks and availability sets.

Explore advanced Azure networking and backup recovery with virtual networks, subnets, NSGs, load balancers, VPN gateways, and Recovery Services Vaults, detailing Azure Backup, Site Recovery, RPO, RTO, and BCDR planning.

Explore Windows Server 2022 installation, core vs desktop options, and digital sovereignty concepts, including NSGs, Azure virtual networks, ExpressRoute encryption, and hyperscale cloud considerations.

Discover how hyperscale cloud enables digital sovereignty for public sector needs. Explore Microsoft Cloud for sovereignty, guardrails, and sovereign landing zones for secure, compliant scalability.

Explore the Microsoft Cloud Security Benchmark domains: data protection, login and threat detection, and network security, and implement encryption in transit, centralized logging, and zero trust architecture for compliance.

Encrypt data in transit and enforce secure protocols across Azure, AWS, and GCP, and implement network segmentation with Vnets, VPCs, subnets, NSGs, firewall rules, and threat detection.

Learn to secure cloud native services across Azure, AWS, and GCP by establishing private access points, restricting public access, and using gateways or load balancers for secure, private communication.

Deploy and configure web application firewalls across Azure, AWS, and GCP to protect apps from application layer attacks, detect insecure protocols, and establish private on-premises to cloud connections.

Discover how cloud benefits, such as high availability, scalability, reliability, and predictability, transform IT infrastructure with IaaS, PaaS, and SaaS, plus shared responsibility and lift-and-shift use cases.

Learn to organize Azure resources with resource groups, manage environments with subscriptions and management groups, and apply governance, policy, and cost management across the organization.

Create a Linux VM in Azure using the Azure CLI and a custom script extension to install nginx, then explore Azure containers, serverless functions, and Azure Virtual Desktop.

Learn to design Azure VPN gateway and ExpressRoute connectivity, linking on-premises networks to Azure with IPsec or SSP, site-to-site and point-to-site, and BGP routing.

Explore Azure dns as a global, highly available domain hosting service with private dns domains, and learn storage accounts, endpoints, redundancy options, and alias records.

Compare Azure storage redundancy options—LRS and ZRS in the primary region, and GRS and GZRS for geo replication—plus RA-GRS read access, failover, and an RPO under 15 minutes.

Explore Azure storage foundations, including blobs, files, queues, disks, and tables, with blob tiers hot, cool, cold, and archive to optimize costs, durability, and availability.

Explore Azure storage solutions for virtual machines and data, including managed disks, Azure Table Storage, and Azure Data Box, plus migration tools like Azure Migrate and Data Migration Assistant.

Learn how Microsoft Entra ID bridges on-prem and cloud identities, enables single sign-on across Microsoft and custom apps, and supports MFA and passwordless options for secure hybrid access.

Learn how Azure external identities enable secure cross-organization collaboration through B2B and B2C, using Entra ID with bring your own identity, access reviews, conditional access, and RBAC.

Explore the zero trust security model and defense in depth within modern cloud and hybrid environments, emphasizing identity-centric access, least privilege, micro-segmentation, and continuous monitoring using Azure security tools.

Use the Azure pricing calculator to estimate resource costs and build solution-wide cost scenarios. Compare with the TCO calculator and monitor spending using cost management, budgets, and alerts.

Unify data governance with Microsoft Purview across on-prem, multi-cloud, and SaaS, featuring automated discovery, sensitive data classification, and end-to-end lineage, plus Azure Policy for scalable compliance.

Apply Azure resource locks to protect critical resources from accidental deletion or modification, using delete and read-only locks with inheritance across resources, resource groups, or subscriptions, complemented by RBAC.

Explore Azure Portal, Azure PowerShell, and Azure CLI with Azure Arc for hybrid cloud administration. Apply governance and security with Azure Policy, Azure Security Center, and Azure Sentinel across environments.

Explore Linux system administration commands, including sudo for secure privilege elevation, directory and file management, process monitoring, and introduce PowerShell's object-based pipeline and cross-platform tools.

Explore PowerShell cmdlet discovery using Get-Command, Get-Help, and Get-Member, with verb-noun naming and wildcards, and examine Microsoft Entra ID as cloud-based identity with SSO, MFA, and hybrid identity.

Explore how Microsoft Entra ID enables cloud-based identity and single sign-on across Microsoft and third-party apps, with domain services, premium tiers, and hybrid deployment options.

Explore how Azure regions and subscriptions enable low latency, data residency, and reliable disaster recovery, while Cost Management offers analysis, budgeting, recommendations, and data export.

Explore Azure resource tagging with name-value pairs to organize resources, enable cost allocation, and apply tags at both resource and resource group levels, noting that group tags are not inherited.

Master Microsoft Entra group management and B2B collaboration for secure external access. Implement dynamic group membership, guest users, and Azure RBAC with least privilege across subscriptions.

Discover how Azure RBAC uses security principals, role definitions, and scope to grant least-privilege, granular access through role assignments and inheritance, plus self-service password reset in Microsoft Entra ID.

Explore Azure storage replication strategies, from locally redundant storage to zone and geo redundant options, including read-access variants, balancing durability, availability, and cost for global data protection.

Explore Azure blob storage access tiers including hot, cool, cold, and archive to optimize costs, and master lifecycle management, object replication, versioning, security, and authorization strategies.

Master Azure storage security with shared access signatures, their parameters, and AES-256 encryption at rest, plus Microsoft managed keys or customer managed keys via Azure Key Vault.

Explore Azure Files protocol support with SMB and NFS, Rest API access, and the distinction between standard and premium shares, including snapshots, soft delete, protocol isolation, and cloud tiering.

Configure Azure storage accounts with standard v2, lrs vs grs, hot and cool tiers, and security, then connect and manage data using Storage Explorer across multiple storage accounts.

Create and manage Azure storage accounts with Storage Explorer, enabling Data Lake Storage Gen2 via hierarchical namespace and organizing blobs, file shares, queues, and tables.

Explore Azure availability zones, zonal and zone-redundant services, and best practices for vertical and horizontal scaling with VM scale sets to boost cloud resilience and performance.

Explore Azure App Service plans, regional deployment, and scaling strategies to optimize hosting, performance, and cost. Learn about pricing tiers, auto scale, deployment slots, and deployment options.

Explore how deployment slots enable safe staging, warm up, and seamless slot swapping. Learn about app service security, anonymous and authenticated modes, custom domains, and comprehensive backup and restore options.

Explore how Azure container groups enable multi-container deployments with unified networking, shared resources, and coordinated lifecycle, and learn Azure virtual network design, dns resolution, security, and connectivity.

Explore how Azure network security groups protect subnet and NIC level traffic with subnet, NIC, and DMZ configurations. Learn to apply priority, default, and effective rules for secure access.

Explore Azure load balancer architecture, including front end IP configurations, back end pools, health probes, and the SKU options—basic, standard, and gateway—for public and internal use.

Explore Azure load balancer backend pools, including basic and standard SKUs, and learn to configure health probes, load balancing rules, and session persistence for reliable application delivery.

Explore Azure application gateway components and virtual networks, including front-end ip, listeners, routing rules, backend pools, health probes, and web application firewall with OWASP, path-based and multi-site routing, ssl termination.

Master Azure virtual network peering for private, high-speed connectivity across regions and subscriptions, with gateway transit, and apply Azure DNS concepts, record types, private zones, and alias records.

Explore how Azure virtual networks route traffic, from system routes and next-hop types to VNet peering, service chaining, and custom routes, with best practices for security, redundancy, and monitoring.

Explore Azure load balancer architecture, distribution methods, and availability options, including five tuple hash, source IP affinity, inbound and outbound traffic, health probes, and scalable resilience.

Explore Azure backup architecture and recovery services vault, featuring a zero infrastructure model, centralized backup center management, multi-tier data storage, workload extensions, and robust security for on-premises and Azure workloads.

Explore Azure load balancer configuration—front end IP and port, back end pool, health probes, five-tuple hash, IP version and protocol, port mapping, and session persistence—plus Recovery Services Vault.

Explore Azure Network Watcher tools for diagnosing connectivity with IP Flow Verify, Next Hop, VPN troubleshoot, and NSG diagnostics, plus topology visualization and Azure Monitor alerts for proactive monitoring.

Discover how Azure Monitor log search and activity log alerts detect issues and changes, while VM insights and Kusto queries enable proactive VM monitoring.

Build an enterprise Windows Server 2025 Active Directory domain from scratch, configuring DNS infrastructure, domain controllers, and client domain joins using PowerShell, Windows Admin Center, and remote management.

Deploy Windows Admin Center and Active Directory user management for a lab environment, creating OUs, users, groups, and enabling Remote Desktop on client machines.

Configure an http web server for PKI certificate distribution. Create the cert enroll directory, grant third publishers group permissions, enable delta CRL double escaping, and prepare an offline root CA.

Learn to create a CA policy file, install and configure a standalone root CA, and harden security by defining CRL distribution points, policy statements, and certificate extensions.

Configure a two-tier PKI architecture by finalizing the offline root CA, processing certificate requests, issuing certificates, and setting up CRL distribution points and AIA extensions for secure certificate management.

Learn to install Windows Server 2022, choose between server core and desktop experience, configure post-install settings, and secure a PKI infrastructure integrated with Active Directory.

Activate Windows Server 2022 and verify post-installation tasks, including license status and edition, driver checks, network connectivity, and enabling remote desktop.

Learn to create a reusable base image with sysprep on Windows Server 2022 and deploy domain controllers with AD DS and DNS using Windows Admin Center and PowerShell.

Master PowerShell automation for Active Directory environment management. Set up a lab with a child domain Lab1, deploy domain controllers, and configure DNS delegation.

Configure a Windows PKI with offline root CA, set CRL distribution points and authority information access, and deploy an enterprise subordinate CA using PowerShell, certutil, and certreq.

Set up and manage a Windows PKI infrastructure with an offline root CA and issuing CAs, configuring CRL distribution points and AIA, using PowerShell direct and certutil.

explains deploying an enterprise subordinate certificate authority, requesting and installing subordinate certificates from a parent offline root CA, and configuring Active Directory Certificate Services and PKI in Windows lab.

Explore how Active Directory Certificate Services enables PKI with role services to issue, enroll, and manage certificates. Design CA hierarchies with root and subordinate CAs, policy CAs, and offline roots.

Configure CA security roles and permissions through the Certification Authority console, including read, issue and manage certificates, and restrict rights via the Certificate Manager tab and certificate templates.

Configure CA properties, review policy, publication settings, extensions, and ACLs; troubleshoot CA hierarchies using certificate snap-in, certutil, PowerShell, and GPO tools.

Learn to back up and restore a certificate authority during migration, keep the CA identity, and monitor with PKI view while deploying offline root and enterprise subordinate CAs.

Explore certificate templates and their version compatibility in Windows Server 2016 AD CS, including version two to four features, template permissions, auto enrollment, and deployment across forests.

Describe certificate enrollment methods, including auto enrollment and enrollment agents, and explain certificate revocation with CRLs, plus key archival and recovery configurations.

Master certificate revocation and lifecycle, including crl and ocsp status checks via crypto api, and implement key archival and recovery with ca templates and data recovery agents.

Demonstrates how ssl certificates secure client-server connections and authenticate identities during the handshake. Explains digital signatures, PKI, and encryption options such as EFS, BitLocker, and email encryption.

Deploy a two-tier Windows Server 2016 certificate authority with offline root and enterprise subordinate CAs, configure templates, auto enrollment, and certificate enrollment for digital signatures in Office documents and EFS.

Examine multi-forest PKI management and trust challenges, showing how independent forest CAs require coordinated certificate templates, enrollment policies, and revocation across five forests.

Explain symmetric and asymmetric encryption and digital signing in PKI enabled applications, and show how hybrid encryption uses fast symmetric keys with secure asymmetric exchange.

Explain how TLS secures online banking with RSA or ECC certificates, end-to-end login, AES-256 for payments, and PKI with X.509 version 3 extensions.