AZ-300 Certificate Study Guide

AZ-300-Certification-Preparation-Guide

Preparing for AZ-300 Azure Architect exam? Don’t know where to start? This post is the AZ-300 Certificate Study Guide (with links to each exam objective).

I have curated a list of articles from Microsoft documentation for each objective of AZ-103 exam. I hope this article will be your AZ-300 Certificate Study Guide.

Also, please share the post within your circles so it helps them to prepare for the exam.

 

Video Preparation Options (Check with a free trial):

Pluralsight (Check Role IQs, Skill IQs & individual courses for practice tests) Microsoft Azure Architect Technologies (AZ-300)
Udemy (paid option, includes 100+ practice tests) Exam AZ-300: Microsoft Azure Architect Technologies

 

Exam Reference books:

Amazon India Architecting Microsoft Azure Solutions
Other Countries Exam Ref AZ-300 Microsoft Azure Architect Technologies
 

The AZ-301 Exam Certificate Guide is here. To view other Azure certificate study guides, click here

 

Full disclosure: Some of the links in this post are affiliate links. I may earn some commission if you purchase through them. This way you can support my blog at not extra cost to you!

 

Here you go!

 

AZ-300 – Deploy and Configure Infrastructure:

Analyze resource utilization and consumption:

Configure diagnostic settings on resources

https://linkedin-learning.pxf.io/diagnostic

Create a baseline for resources

https://linkedin-learning.pxf.io/baseLine (check with a free trial)

Create and test alerts

https://docs.microsoft.com/en-us/azure/azure-monitor/platform/alerts-metric

Analyze alerts across subscription

https://docs.microsoft.com/en-us/azure/azure-monitor/platform/alerts-managing-alert-instances

Analyze metrics across subscription

https://docs.microsoft.com/en-us/azure/azure-monitor/platform/metrics-charts

Create action groups

https://docs.microsoft.com/en-us/azure/azure-monitor/platform/action-groups

Monitor for unused resources

https://docs.bmc.com/docs/btco113/reclaiming-the-unused-and-overallocated-azure-virtual-machines-785283461.html

Monitor spend

https://docs.microsoft.com/en-us/azure/billing/billing-getting-started#ways-to-monitor-your-costs-when-using-azure-services

Report on spend

https://docs.microsoft.com/en-us/azure/billing/billing-download-azure-invoice-daily-usage-date

Utilize Log Search query functions

https://docs.microsoft.com/en-us/azure/azure-monitor/log-query/search-queries

View alerts in Azure Monitor logs

https://docs.microsoft.com/en-us/azure/azure-monitor/platform/alerts-activity-log#azure-portal

 

Create and configure storage accounts:

Configure network access to the storage account

https://docs.microsoft.com/en-us/azure/storage/common/storage-network-security

Create the storage account

https://docs.microsoft.com/en-us/azure/storage/common/storage-quickstart-create-account?tabs=azure-portal

Configure the storage account

https://docs.microsoft.com/en-us/azure/storage/common/storage-account-manage?toc=%2fazure%2fstorage%2fblobs%2ftoc.json

Generate shared access signature

https://docs.microsoft.com/en-us/azure/storage/common/storage-dotnet-shared-access-signature-part-1

Install and use Azure Storage Explorer

https://docs.microsoft.com/en-us/azure/vs-azure-tools-storage-manage-with-storage-explorer?tabs=windows

Manage access keys

https://docs.microsoft.com/en-us/azure/storage/common/storage-account-manage#access-keys

Monitor activity log by using Azure Monitor logs

https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-audit

Implement Azure storage replication

https://blogs.msdn.microsoft.com/windowsazurestorage/2013/12/11/windows-azure-storage-redundancy-options-and-read-access-geo-redundant-storage/

 

 

Create and configure a Virtual Machine (VM) for Windows and Linux:

Configure high availability

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/tutorial-availability-sets

Configure monitoring, networking, storage, and virtual machine size
deploy and configure scale sets

Monitoring:

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/tutorial-monitoring

Networking:

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/tutorial-virtual-network

Storage:

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/managed-disks-overview

Size:

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/sizes

Scale set:

https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/quick-create-portal

 

Automate deployment of Virtual Machines (VMs):

Modify Azure Resource Manager template

https://docs.microsoft.com/en-us/azure/architecture/building-blocks/extending-templates/update-resource

Configure the location of new VMs

https://docs.microsoft.com/en-us/azure/site-recovery/azure-to-azure-tutorial-migrate

Configure VHD template

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/create-vm-specialized

Deploy from template

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/ps-template

Save a deployment as an Azure Resource Manager template

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/download-template

Deploy Windows VMs

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/ps-template

Deploy Linux VMs

https://docs.microsoft.com/en-us/azure/virtual-machines/linux/create-ssh-secured-vm-from-template

 

Implement solutions that use virtual machines (VM):

Provision VMs

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/quick-create-powershell

Create Azure Resource Manager templates

https://docs.microsoft.com/en-us/azure/azure-resource-manager/how-to-create-template

Configure Azure Disk Encryption for VMs

https://docs.microsoft.com/en-us/azure/security/azure-security-disk-encryption-windows

 

Create connectivity between virtual networks:

Create and configure VNET peering

https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal

Create and configure VNET to VNET

https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-vnet-vnet-rm-ps

Verify virtual network connectivity

https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-verify-connection-resource-manager

Create a virtual network gateway

https://docs.microsoft.com/en-us/azure/vpn-gateway/create-routebased-vpn-gateway-portal

 

Implement and manage virtual networking:

Configure public IP addresses

https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-public-ip-address

Configure private IP addresses

https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-static-private-ip-arm-pportal

Configure network routes

https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-create-route-table-portal

Configure network interface

https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-network-interface

Configure subnets

https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-manage-subnet

Configure virtual network

https://docs.microsoft.com/en-us/azure/virtual-network/manage-virtual-network

 

Manage Azure Active Directory (AD):

Add custom domains

https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/add-custom-domain

Configure Azure AD Identity Protection

https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/enable

Configure Azure AD Join

https://docs.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-managed-domains

Configure Enterprise State Roaming

https://docs.microsoft.com/en-us/azure/active-directory/devices/enterprise-state-roaming-enable

Configure self-service password reset

https://docs.microsoft.com/en-us/azure/active-directory/authentication/quickstart-sspr

Implement conditional access policies

https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/app-based-mfa

https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/require-tou

https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/app-sign-in-risk

Manage multiple directories

https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/licensing-directory-independence

Perform an access review

https://docs.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview

 

 

Implement and manage hybrid identities:

Install and configure Azure AD Connect

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-install-express

Configure federation and single sign-on

https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/configure-single-sign-on-portal

Manage Azure AD Connect

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-post-installation

Manage password sync

https://docs.microsoft.com/en-us/azure/active-directory-domain-services/active-directory-ds-getting-started-password-sync-synced-tenant

Manage password writeback

https://docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-enable-writeback

 

AZ-300 – Implement Workloads and Security:

Migrate servers to Azure:

Migrate by using Azure Site Recovery

https://docs.microsoft.com/en-us/azure/site-recovery/tutorial-prepare-azure

Migrate using P2V

https://docs.microsoft.com/en-us/azure/site-recovery/migrate-tutorial-windows-server-2008

Configure storage

https://azure.microsoft.com/sv-se/blog/asr-storage-specific-enhancements/

Create a backup vault

https://docs.microsoft.com/en-us/azure/backup/backup-create-rs-vault

Prepare source environment

https://docs.microsoft.com/en-us/azure/site-recovery/vmware-azure-tutorial-prepare-on-premises

Prepare target environment

https://docs.microsoft.com/en-us/azure/site-recovery/tutorial-prepare-azure

Backup and restore data

https://docs.microsoft.com/en-us/azure/backup/quick-backup-vm-portal

https://docs.microsoft.com/en-us/azure/backup/tutorial-restore-disk

Deploy Azure Site Recovery agent

https://docs.microsoft.com/en-us/azure/site-recovery/hyper-v-azure-tutorial#install-the-provider

Prepare virtual network

https://docs.microsoft.com/en-us/azure/site-recovery/tutorial-prepare-azure#set-up-an-azure-network

 

Configure serverless computing:

Manage a Logic App resource

https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-overview

Manage Azure Function app settings

https://docs.microsoft.com/en-us/azure/azure-functions/functions-how-to-use-azure-function-app-settings

Manage Event Grid

https://docs.microsoft.com/en-us/azure/event-grid/overview

Manage Service Bus

https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-messaging-overview

 

Implement application load balancing:

Configure application gateway and load balancing rules

https://docs.microsoft.com/en-us/azure/application-gateway/quick-create-powershell

https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-ilb-arm

Implement front end IP configurations

https://docs.microsoft.com/en-us/azure/application-gateway/configure-application-gateway-with-private-frontend-ip

Manage application load balancing

https://docs.microsoft.com/en-us/azure/load-balancer/tutorial-load-balancer-standard-manage-portal

 

Integrate the on-premises network with Azure virtual network:

Create and configure Azure VPN Gateway

https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-tutorial-create-gateway-powershell

Create and configure site to site VPN

https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-site-to-site-resource-manager-portal

Configure Express Route

https://docs.microsoft.com/en-us/azure/expressroute/expressroute-howto-circuit-portal-resource-manager

Verify on-premises connectivity

https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-verify-connection-resource-manager

Manage on-premises connectivity with Azure

https://docs.microsoft.com/en-us/office365/enterprise/connect-an-on-premises-network-to-a-microsoft-azure-virtual-network

 

Manage role-based access control (RBAC):

Create a custom role

https://docs.microsoft.com/en-us/azure/role-based-access-control/tutorial-custom-role-powershell

Configure access to Azure resources by assigning roles

https://docs.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal#add-a-role-assignment

Configure management access to Azure

https://docs.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal

Troubleshoot RBAC

https://docs.microsoft.com/en-us/azure/role-based-access-control/troubleshooting

Implement RBAC policies

https://docs.microsoft.com/en-us/azure/role-based-access-control/conditional-access-azure-management

Assign RBAC roles

https://docs.microsoft.com/en-us/azure/role-based-access-control/quickstart-assign-role-user-portal

 

Implement Multi-Factor Authentication (MFA):

Enable MFA for an Azure tenant

https://docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-mfa-applications#enable-azure-multi-factor-authentication

Configure user accounts for MFA

https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-userstates#enable-azure-mfa-by-changing-user-state

Configure fraud alerts

https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings#fraud-alert

Configure bypass options

https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings#one-time-bypass

Configure trusted IPs

https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings#trusted-ips

Configure verification methods

https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings#verification-methods

 

AZ-300 – Create and Deploy apps:

Create web apps by using PaaS:

Create an Azure App Service Web App

https://docs.microsoft.com/en-us/azure/app-service/app-service-web-get-started-dotnet

Create documentation for the API

https://www.c-sharpcorner.com/article/azure-app-service-api-configure-swashbuckle/

Create an App Service Web App for containers

https://docs.microsoft.com/en-us/azure/app-service/app-service-web-get-started-windows-container

Create an App Service background task by using WebJobs

https://docs.microsoft.com/en-us/azure/app-service/webjobs-create

Enable diagnostics logging

https://docs.microsoft.com/en-us/azure/app-service/troubleshoot-diagnostic-logs

 

Design and develop apps that run in containers:

Configure diagnostic settings on resources

https://docs.microsoft.com/en-us/azure/container-instances/container-instances-get-logs

Create a container image by using a Docker file

https://docs.microsoft.com/en-us/azure/container-registry/container-registry-quickstart-task-cli#build-an-image-from-a-dockerfile

Create an Azure Kubernetes Service

https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough-portal

Publish an image to the Azure Container Registry

https://docs.microsoft.com/en-us/azure/container-registry/container-registry-get-started-docker-cli

Implement an application that runs on an Azure Container Instance

https://docs.microsoft.com/en-us/azure/container-instances/container-instances-quickstart-portal

Manage container settings by using code

https://azure.microsoft.com/en-gb/resources/samples/container-service-python-manage/

 

AZ-300: Implement authentication and secure data:

Implement authentication:

Implement authentication by using certificates

https://github.com/Azure-Samples/active-directory-dotnetcore-daemon-v2#Variation-daemon-application-using-client-credentials-with-certificates

Implement Forms-based authentication 

https://docs.microsoft.com/en-us/aspnet/web-api/overview/security/forms-authentication

Implement Token-based authentication

https://docs.microsoft.com/en-us/azure/app-service/overview-authentication-authorization

Windows-integrated authentication

https://docs.microsoft.com/en-us/aspnet/web-api/overview/security/integrated-windows-authentication

Implement multi-factor authentication by using Azure AD

https://docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-mfa-applications

Implement OAuth2 authentication

https://docs.microsoft.com/en-us/azure/active-directory/develop/tutorial-v2-asp-webapp

Implement Managed identities for Azure resources Service Principal authentication

https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/tutorial-windows-vm-access-arm

 

Implement secure data solutions:

Encrypt and decrypt data at rest and in transit

https://cloudacademy.com/blog/how-does-azure-encrypt-data/

Encrypt data with Always Encrypted

https://docs.microsoft.com/en-us/azure/sql-database/sql-database-always-encrypted-azure-key-vault

Implement Azure Confidential Compute

https://azure.microsoft.com/en-in/blog/azure-confidential-computing/

Implement SSL/TLS communications

https://docs.microsoft.com/en-us/azure/storage/common/storage-security-tls

Create, read, update, and delete keys using the KeyVault API

https://docs.microsoft.com/en-us/rest/api/keyvault/createkey/createkey

https://docs.microsoft.com/en-us/rest/api/keyvault/getkey/getkey

https://docs.microsoft.com/en-us/rest/api/keyvault/updatekey/updatekey

https://docs.microsoft.com/en-us/rest/api/keyvault/deletekey/deletekey

Create, read, update, and delete secrets using the KeyVault API

https://docs.microsoft.com/en-us/rest/api/keyvault/setsecret/setsecret

https://docs.microsoft.com/en-us/rest/api/keyvault/getsecret/getsecret

https://docs.microsoft.com/en-us/rest/api/keyvault/updatesecret/updatesecret

https://docs.microsoft.com/en-us/rest/api/keyvault/deletesecret/deletesecret

Create, read, update, and delete certificates by using the KeyVault API

https://docs.microsoft.com/en-us/rest/api/keyvault/createcertificate/createcertificate

https://docs.microsoft.com/en-us/rest/api/keyvault/getcertificate/getcertificate

https://docs.microsoft.com/en-us/rest/api/keyvault/updatecertificate/updatecertificate

https://docs.microsoft.com/en-us/rest/api/keyvault/deletecertificate/deletecertificate

 

AZ-300: Develop for the cloud and for Azure storage:

Develop solutions that use Cosmos DB storage:

Create, read, update, and delete data by using appropriate APIs

https://docs.microsoft.com/en-us/rest/api/cosmos-db/documents

Implement partitioning schemes

https://docs.microsoft.com/en-us/azure/cosmos-db/how-to-model-partition-example

Set the appropriate consistency level for operations

https://docs.microsoft.com/en-us/azure/cosmos-db/consistency-levels-choosing

 

Develop solutions that use a relational database:

Provision relational databases

https://docs.microsoft.com/en-us/azure/sql-database/sql-database-single-database-get-started

Configure relational databases

https://docs.microsoft.com/en-us/azure/sql-database/sql-database-server-level-firewall-rule

Configure elastic pools for Azure SQL Database

https://docs.microsoft.com/en-us/azure/sql-database/sql-database-elastic-pool#creating-a-new-sql-database-elastic-pool-using-the-azure-portal

Create, read, update, and delete data tables by using code

https://docs.microsoft.com/en-us/azure/sql-database/sql-database-connect-query-dotnet-core

 

Configure a message-based integration architecture:

Configure an app or service to send emails

https://docs.microsoft.com/en-us/azure/sendgrid-dotnet-how-to-send-email

Configure Event Grid

https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-event-quickstart-powershell?toc=%2fazure%2fevent-grid%2ftoc.json

Configure Azure Relay Service

https://docs.microsoft.com/en-us/azure/service-bus-relay/relay-hybrid-connections-dotnet-get-started

Create and configure Notification Hub

https://docs.microsoft.com/en-us/azure/notification-hubs/create-notification-hub-portal

Create and configure Event Hub

https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-create

Create and configure Service Bus

https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-quickstart-portal

Configure queries across multiple products

https://docs.microsoft.com/en-us/azure/azure-monitor/log-query/cross-workspace-query

 

Develop for autoscaling:

Implement autoscaling rules and patterns (schedule, operational/system metrics)

https://docs.microsoft.com/en-us/azure/azure-monitor/platform/autoscale-get-started

https://docs.microsoft.com/en-us/azure/azure-monitor/platform/autoscale-common-scale-patterns

Implement autoscaling rules and patterns (code that addresses singleton application instances)

https://pluralsight.pxf.io/PqDz6 Check the entire module (Writing Code to Handle Singleton Application Instances) with a free trial

Implement code that addresses the transient state

https://docs.microsoft.com/en-us/azure/architecture/best-practices/retry-service-specific#azure-storage

 

That’s it! This completes the AZ-300 Certification Preparation Guide! In case you are looking for other Azure certification exams check out this page


Want to be notified as soon as I post? Subscribe to RSS feed / leave your email address in the subscribe section. Share the article to your social networks with the below links so it can benefit others.

You may also like

3 Comments

Leave a Reply

Your e-mail address will not be published. Required fields are marked *