Microsoft AZ-140 Exam Guide – Azure Virtual Desktop Specialism – How to pass for (almost) free!

After finishing my most recent contract I took some time off to do some projects on my house and take a well earned break after 1 1/2 years with no let up. Inevitably after a few days I started feeling restless and having had one eye on AVD over the last 18 months (but no hands on experience) I wanted to get to grips with the technology and understand how it works, but did not expect I could pass a specialism exam as quickly as I did, so I wanted to share the steps I took with you so you can also benefit if you’re keen to learn about AVD without having to waste hours watching lame tutorials or reading over priced textbooks.

So, with ZERO prior AVD knowledge and very little general Azure experience, below details my approach to passing the AZ-140 certification, which took me around 2-3 weeks at (almost) ZERO cost and sitting the exam remotely (home proctored). I hope it helps you achieve the certification and good luck!

Exam Format

The AZ-140 exam is around 50-55 questions of which 15-20 of these are in a case-study style. Note that the exam is periodically updated to cover new technologies or developments to the AVD platform and you can expect the exam to include around 5 or 6 questions that are under review by Microsoft. You won’t know which questions these are (and they do count towards your final score), and you will be requested to provided feedback on them once your exam has been submitted.

Getting started…

I usually do a thorough high level skim-read of the main technologies that are referenced in the exam blueprint. Microsoft have an AVD learning course that covers the basics, do this and then look through the Microsoft Azure Virtual Desktop Documentation – don’t spend more than a day discovering and note taking because the next steps will alleviate any concerns or knowledge gaps you may perceive yourself as having…

Getting hands on experience with Azure Virtual Desktop: Register for Office 365 Premium Trial and Azure $200 free credits

Once you’ve given yourself a primer in the high level elements of an AVD environment you can now get hands on with AVD and (with bias) the best way to do this is to follow the Azure Academy AZ-140 study guide series on YouTube. This is literally the only resource I used for practicing the hands-on configuration and it will school you from AVD zero-to-hero in a few days. Before starting the series you will need to get a free 30-day trial of Office 365 Business Premium and register for an Azure account. The O365 trial is required in order to login to the AVD session hosts that you will build during the Azure Academy series (you must have a license in order to use the service). You should register for Office 365 Business Premium first and then register your Azure subscription using the same credentials. Bear in mind the 30-day clock is ticking once you have registered, so you should commit to study from this point on.

Register for Office 365 Business Premium trial here

Register for Azure here

Azure Academy AZ-140 YouTube Series

Dean Cefola’s Azure Academy AZ-140 Study Guide series is broken into 2 halves – videos 1-10 deal with planning for an AVD environment and cover things like understanding the preferred technologies for AVD and decision making for DR/failover, knowing what components are used in a typical setup and how to connect your on-prem services to AVD – it’s all tutorial based with no technical work. Video’s 11-20 are 100% hands on and will take you through the technical implementation of the ‘What The Hack’ pre-defined, design of the AVD environment (below).

The beauty of the series is that he covers every aspect of the exam using a mix of manual , ARM templates, Powershell and Azure CLI to build out 3-region AVD setup complete with DR, backup and an optional VPN so you can connect into your multi-session desktop hosts and test the service. You will learn everything you need to pass the certification, but also get clearly communicated explanations of all the components used in AVD with no technical guff and zero ego. Dean is also responsive to comments so you can get help when needed and simply put – this series will leave you feeling confident in how to setup an AVD environment and you will learn a ton whilst doing it, the entire What The Hack environment costs around £15-20 per day when it’s powered on and deployed, so you can spend a week or two tweaking and practicing without running out of free Azure credit. Just remember to switch off your VM’s when you’re not studying to ensure you don’t burn through your azure credits.

Final Prep: How Microsoft Test and Measure Up

When you book the exam you will have the opportunity to add MeasureUp AZ-140 Practice Test at a 50% discounted price to your exam booking – I would recommend doing this as it’s cheap and to this point you’ve not spent a penny and have no idea of the technical level of experience the exam questions are targeted at. I spent a couple of days working through the practice test, referencing the aforementioned KB articles for particular services, understanding the common misconfigurations in an AVD environment and ironing out the steps to take for configuring various AVD elements.

Microsoft love to write questions that are formulated from their knowledgebase articles. Whilst you are revising and re-configuring parts of the ‘What the Hack’ environment, make sure you reference the Microsoft KB’s and take notice of the order of the steps that the KB’s follow to configure a given component. For example, let’s take enabling authentication for an azure file shares – this is a question that will be guaranteed to appear on the exam and you should know the steps as detailed in the KB here – I emphasise this not because the Azure Academy misses steps, but the video series is relatively fast paced and it’s easy to overlook what the actual configuration steps are, particularly when Dean is providing you with the various scripts, templates or options to select, so my advice: avoid having a false sense of confidence and read the adjoining KB’s!

Good luck and thanks for reading!

I passed with a score of 920 and, for once, actually enjoyed every part of the study process – I hope you found this post useful, get out there and get learning!

My experience of the Cisco CCNA Cyber Operations Certification Path

Exam Tips, Advice and Study Notes for the CCNA 210-250 and 210-255 CertificationCCNACyberOpsBadge

After passing both CCNA 210-255 Cyber Security Foundations and 210-255 SECOPS exams (retaking the 210-255 once) below contains a study guide, practice questions, tips for both exams and some considerations for Cisco to improve the quality of this course.

What did I like about studying the CCNA Cyber Ops Course?

  • It’s not very Cisco-heavy. Around 10% -15% of the total study material discusses Cisco product lines. It’s a solid, broad grounding in all aspects of Info Sec and cyber security without requiring you to know tons of Cisco products, CLI commands or nonsense that you’ll never use in real life!
  • Applicable knowledge you can impress your boss with. The OCG books provide great insights into how people attack infrastructure, the ways company’s can mitigate against this, and the frameworks that provide governance and guidelines for keeping your environment secure, as well as how to implement an incident response function.
  • There’s something for everyone, regardless of what role you perform. I was fairly naive to the breadth of attack vectors in any given IT eco-system, and considered this course would be an analyst-level undertaking for people working in infrastructure (primarily). Once of the real strengths of this course is its ability to be useful across disciplines – from architecture, networks, support to development or monitoring – there’s something for everyone.
  • You don’t need much (if any!) existing knowledge. It helps if you have a CCNA R & S already but is not necessity. You should however understand basics of an OS, typical networking equipment, the OSI model and TCP/IP stack.

What could improve about the CCNA Cyber Ops Certification?

  • Terminology. Cisco refer to the NIST Incident response phases using different terminology than the actual white paper. For example, Scoping is not an N.I.S.T Inc response phase (nor is it mentioned at all in the whitepaper).
  • Official study material could be improved. The video training that is available to supplement the course (with Omar Santos narrating) is a complete waste of £80 and he simply reads out what is already in the cert guide. Lazy. It would also be easy to provide a hosted instance of the FMC Console and an IDP/IPS device so, as a student, you don’t have to rely on screenshots to imagine how the software works.
  • Missed subject areas. Certain subject areas were missing from the OCG books but appeared in the exam. I had to pay for another resit after being blindsided by these. See my exam study notes for tips on how to avoid this.


Study Resources for the CCNA Cyber Ops Foundation and SECOPS Certification

CCNA Cyber Ops (SECFND #210-250 and SECOPS #210-255) Official Cert Guide Library  Read the books cover to cover, try to base your notes on the ‘Key Points’ sections and be sure to read the ‘Recommended reading’ sections.

Wider reading is necessary for this cert and my study notes cover which elements are mentioned in the exam and most relevant reading materials.

CCNA Cyber Ops (210-250 & 210-255) Ultimate Practice Exam – Charles Judd

100 questions available on Kindle – this is definitely more useful for the 210-250 exam but helps jog your memory.  Cheap and cheerful but a lot of questions are recycled from the OCG ‘Do I know this already?’ sections.


Exam Objectives

Download the PDF exam topics and be sure to check out the Study Materials link in both.

CCNA Cyber Ops Foundations 210-250 Exam Topics

CCNA Cyber Ops Implementing 210-255 Exam Topics

Study Notes

Download my study notes from here for both exams. They contain lots of links to wider reading, articles and tutorials.

210-250 – Cyber Ops Foundations

210-255 – Cyber Ops Operations


Latest NIST Incident Response Documentation

NIST 800-61 r2 Computer Security Incident Response Handling Guide

NIST 800-86 Guide to Integration Forensic Techniques into Incident Response

What you should know to pass the 210-255 SECOPS exam

210-255 Revision Dump

Example exam questions coming soon….