General
The course hasn't been updated in a while.
If it says a feature is found in the Security Center, then the feature is probably now in Defender for Cloud (probably in the Cloud Security | Workload protections blade).
Most of the modules don't mention Windows 11 or Windows Server 2022. The topics covered should also apply to those newer operating systems, but I'm sure there are exceptions. As I find them I'll note them below.
In the Summary screens, disregard the link to course WS-011T00-A. That course was discontinued a year ago.
Windows Admin Center
http://craigb-mct.blogspot.com/2023/02/windows-admin-center-setup.html
Learning Path: Secure Windows Server on-premises and hybrid infrastructures
Module: Implement Windows Server IaaS VM network security
Module: Audit the security of Windows Server IaaS Virtual Machines
Module: Manage Azure Updates
Automated Guest Patching has a very strict list of OS compatibility. In particular, I can't get it to work with migrated VMs.
https://learn.microsoft.com/en-nz/azure/virtual-machines/automatic-vm-guest-patching#supported-os-images
Module: Create and implement application allowlists with adaptive application control
Module: Configure BitLocker disk encryption for Windows IaaS Virtual Machines
Azure Disk Encryption is available for gen 1 and gen 2 virtual machines.
https://learn.microsoft.com/en-us/azure/virtual-machines/windows/disk-encryption-overview
Module: Implement change tracking and file integrity monitoring for Windows IaaS VMs
Module: Secure Windows Server DNS
What is "split-horizon DNS"? Just another term for split DNS. Why does this module use the term, but only in the heading on page 1 (using "split-DNS" everywhere else)? Who knows.
Module: Secure Windows Server user accounts
Module: Hardening Windows Server
Module: Windows Server update management
Learning Path: Implement Windows Server high availability
Module: Introduction to Cluster Shared Volumes
Module: Implement Windows Server failover clustering
Module: Implement high availability of Windows Server VMs
Module: Implement Windows Server File Server high availability
As a historic note, why are computer names limited to 15 characters? Because in 2022, over 30 years after IBM LAN Server and Microsoft LAN Manager were discontinued, NetBIOS is still being used in a few places.
Lots of duplication with the previous module.
Module: Implement scale and high availability with Windows Server VM
Review questions: External load balancer is an old term for a public load balancer. This phrasing is better because you know that public LBs have public IP addresses.
Learning Path: Implement disaster recovery in Windows Server on-premises and hybrid environments
There is a lot of duplication of material in this learning path because the "pactice" modules (the last three) repeat key topics from the first two modules.
Delivery Hint: Discuss Backup vaults and Recovery Services vaults. Maybe also the Backup Centre in the portal?
Module: Implement Hyper-V Replica
Module: Implement hybrid backup and recovery with Windows Server IaaS
Note that disk level backup and restore uses a Backup vault, not a Recovery Services vault.
Module: Protect your on-premises infrastructure from disasters with Azure Site Recovery
Module: Protect your Azure infrastructure with Azure Site Recovery
Module: Protect your virtual machines by using Azure Backup
Learning Path: Migrate servers and workloads in on-premises and hybrid environments
Module: Migrate on-premises Windows Server instances to Azure IaaS virtual machines
Other Microsoft courses and articles talk about 7 Rs of migration: Remain, Rehost, Refactor, Rearchitect, Rebuild, Replace, Retire. Some talk about five or six. It seems Microsoft can't make up their mind how many there are.
https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/digital-estate/5-rs-of-rationalization
Deleting an Azure Migrate project is annoying since there are a number of resources you have to remove individually. If you used a dedicated resource group then you can just dlete that, otherwise its a bit of a mission.
https://learn.microsoft.com/en-us/azure/migrate/how-to-delete-project
Module: Upgrade and migrate Windows Server IaaS virtual machines
Module: Active Directory Domain Services migration
When you promote member servers to domain controllers you will not have to specify an AD site because you already have your sites and subnets set up. Right…?
Module: Migrate file server workloads using Storage Migration Service
Module: Migrate Windows Server roles
Module: Containerize and migrate ASP.NET applications to Azure App Service
Learning Path: Monitor and troubleshoot Windows Server environments
There is a more up-to-date version of the Azure Monitor diagram at
https://docs.microsoft.com/en-us/azure/azure-monitor/overview
Module: Monitor Windows Server IaaS Virtual Machines and hybrid instances
Module: Monitor the health of your Azure virtual machine by using Azure Metrics Explorer and metric alerts
Module: Monitor performance of virtual machines by using Azure Monitor VM Insights
Note that VM Insights are different to Application Insights.
Module: Monitor Windows Server performance
Module: Manage and monitor Windows Server event logs
Module: Implement Windows Server auditing and diagnostics
Module: Troubleshoot on-premises and hybrid networking
Third review question: I disagree with the answer. Telnet is not the next step, especialy since telnet is not installed in Windows operating systems by default.
The technician should next try Test-NetConnection, wither with or without -Port 80 or -Port 443.
Module: Troubleshoot Windows Server Virtual Machines in Azure
Serial Console is a little-known but really useful tool. It's nice to see Microsoft Learning promoting it in courses now.
Module: Troubleshoot Active Directory