AZ-304 Preparation Details
Preparing for the AZ-304 Microsoft Azure Architect Design exam? Don’t know where to start? This post is the AZ-304 Study Guide, which helps you to achieve the Microsoft Azure Certified Solutions Architect expert certification.
Note: You also need to clear AZ-303 to achieve this certification.
This post contains a curated list of articles from Microsoft documentation for each objective of the AZ-304 exam. Please share the post within your circles so it helps them to prepare for the exam.
Exam Voucher for AZ-304 with 1 Retake
Get 40% OFF with the combo
AZ-304 Azure Architect Design Online Course
| Pluralsight | Microsoft Azure Architect Design Course |
| LinkedIn Learning (Free trial) | Exam Tips for Azure Architecture Exam |
| Skylines Academy | Microsoft Azure Architect Design Certification |
| Udemy | Azure Architect Design Cert. Prep Course |
AZ-304 Azure Architect Design Practice Test
| Whizlabs Exam Questions | Azure Exam: 3 Practice Tests (165 Questions) |
| Udemy Practice Tests | Azure Exam Preparation Practice Questions |
AZ-304 Azure Architect Other Learning Stuff
| Whizlabs | Microsoft Azure Architect Design Certification |
| Amazon e-book (PDF) | Azure Solutions Architect Digital Flash Cards |
AZ-304 Sample Exam Questions
Looking for AZ-304 Dumps? Read This!
Using az-304 exam dumps can get you permanently banned from taking any future Microsoft certificate exam. Read the FAQ page for more information. However, I strongly suggest you validate your understanding with practice questions.
Check out all the other Azure certificate study guides
Full Disclosure: Some of the links in this post are affiliate links. I receive a commission when you purchase through them.
Design Monitoring (10-15%)
Design for Cost Optimization
Recommend a solution for cost management and cost reporting
What is Azure Cost Management & Billing?
Recommend solutions to minimize costs
Design a Solution for Logging and Monitoring
Determine levels and storage locations for logs
Plan for integration with monitoring tools including Azure Monitor and Azure Sentinel
Recommend appropriate monitoring tool(s) for a solution
Check this PS module on the recommendation for monitoring tools (Free Trial)
Choose a mechanism for event routing and escalation
Check this PS module on Event Routing and Escalation (Free trial)
Recommend a logging solution for compliance requirements
Audit activity reports in the Azure Active Directory portal
Amazon link (affiliate)
Design Identity and Security (25-30%)
Design Authentication
Recommend a solution for single-sign-on
Recommend a solution for authentication
Right authentication method for Azure AD hybrid identity solution
Authentication & verification methods available in Azure AD
Identity & access management (IAM)
Recommend a solution for Conditional Access, including multi-factor authentication
Common conditional access policies
Recommend a solution for network access authentication
Azure network security overview
Recommend a solution for a hybrid identity including Azure AD Connect and Azure AD Connect Health
Authentication method for Azure AD hybrid identity solution
Recommend a solution for user self-service
Self-service sign-up for Azure AD?
Recommend and implement a solution for B2B integration
YouTube video: Azure AD B2B authentication
Design Authorization
Choose an authorization approach
Recommend a hierarchical structure that includes management groups, subscriptions, and resource groups
What are the Azure management groups?
Recommend an access management solution including RBAC policies, access reviews, role assignments, physical access, Privileged Identity Management (PIM), Azure AD
Grant a user access to Azure resources using the Azure portal
Manage user access with Azure AD access reviews
Add or remove Azure role assignments
Start using Privileged Identity Management
Create a new tenant in Azure AD
Identity Protection, Just In Time (JIT) access
Secure your management ports with just-in-time access
Design Governance
Recommend a strategy for tagging
Resource naming & tagging decision guide
Recommend a solution for using Azure Policy
Enabling & managing a Key Vault policy
Recommend a solution for using Azure Blueprint
Design Security for Applications
Recommend a solution that includes KeyVault
- What can be stored in KeyVault? & KeyVault operations
Azure Key Vault keys, secrets & certificates overview
- KeyVault regions
Recommend a solution that includes Azure AD Managed Identities
Using managed identity to access Azure Resource Manager
Recommend a solution for integrating applications into Azure AD
Integrating applications with Azure AD
Design Data Storage (15-20%)
Design a Solution for Databases
Select an appropriate data platform based on requirements
Selecting an Appropriate Data Storage Service in Microsoft Azure
Recommend database service tier sizing
Service tiers in the DTU-based purchase model
Recommend a solution for database scalability
Dynamically scale database resources with minimal downtime
Scaling out with Azure SQL Database
Recommend a solution for encrypting data at rest, data in transmission, and data in use
Information protection & encryption
Design Data Integration
Recommend a data flow to meet business requirements
PS Course: Design and Document Data Flow (Free trial)
Recommend a solution for data integration, including Azure Data Factory, Azure Data bricks, Azure Data Lake, Azure Synapse Analytics
Copy & transform data in Azure Synapse Analytics using Azure Data Factory
Select an Appropriate Storage Account
Choose between storage tiers
Access tiers for Azure Blob Storage: hot, cool & archive
Recommend a storage access solution
Select an appropriate storage account
Recommend storage management tools
PS Video: Azure Storage Management Tools (Free trial)
Design Business Continuity (10-15%)
Design a Solution for Backup and Recovery
Recommend a recovery solution for Azure hybrid and on-premises workloads that meet recovery objectives (RTO, RLO, RPO)
Reduce disaster recovery time with Azure Site Recovery
Design an Azure Site Recovery solution
- Recommend a site recovery replication policy
- Recommend a solution for site recovery capacity
Plan capacity for Hyper-V VM disaster recovery
Plan capacity & scaling for VMware disaster recovery to Azure
- Recommend a solution for site failover and failback (planned/unplanned)
About on-premises disaster recovery failover/failback
Run a failover from on-premises to Azure
- Recommend a solution for the site recovery network
About networking in Azure VM disaster recovery
Recommend a solution for recovery in different regions
Set up disaster recovery to a secondary Azure region for an Azure VM
Recommend a solution for Azure Backup management
Management for Azure VM backup in Recovery Services vault
Design a solution for data archiving and retention
o Recommend storage types and methodology for data archiving
o Identify business compliance requirements for data archiving
o Identify requirements for data archiving
o Identify SLA(s) for data archiving
o Recommend a data retention policy
Design for High Availability
Recommend a solution for application and workload redundancy, including compute, database, and storage
Recommend a solution for autoscaling
Identify resources that require high availability
Azure High Availability: Basic Concepts and a Checklist
Identify storage types for high availability
Introduction to the core Azure Storage services
Recommend a solution for geo-redundancy of workloads
Use geo-redundancy to design highly available applications
Design Infrastructure (25-30%)
Design a Compute Solution
Recommend a solution for compute provisioning
Choose an Azure compute service for your application
Determine appropriate compute technologies, including virtual machines, App Services, Service Fabric, Azure Functions, Windows Virtual Desktop, and containers
Pluralsight course: Choose an appropriate compute solution
Recommend a solution for containers
- AKS versus ACI and the configuration of each one
The best choice between ACI or AKS or Web App for containers
Recommend a solution for automating compute management
Design a Network Solution
Recommend a solution for network addressing and name resolution
Name resolution for resources in Azure virtual networks
Recommend a solution for network provisioning
Recommend a solution for network security
- Private endpoints
What is Azure Private Endpoint?
- Firewalls
- Gateways
What is Azure Application Gateway?
Recommend a solution for network connectivity to the Internet, on-premises networks, and other Azure virtual networks
Recommend a solution for automating network management
Recommend a solution for load balancing and traffic routing
Traffic Manager routing methods
Load balance Windows VM in Azure
Design an Application Architecture
Recommend a microservices architecture including Event Grid, Event Hubs, Service Bus, Azure Queue Storage, Logic Apps, Azure Functions, and webhooks
Building serverless microservices in Azure
Building microservices on Azure
Recommend an orchestration solution for the deployment of applications including ARM templates, Logic Apps, or Azure Functions
- Select an automation method
Azure Automation runbook types
o Choose which resources or lifecycle steps will be automated
o Design integration with other sources such as an ITSM solution
IT Service Management Connector Overview
- recommend a solution for monitoring automation
Monitor runbooks with metric alerts
Recommend a solution for API integration
- Design an API gateway strategy
Design an API Gateway Strategy
- Determine policies for internal and external consumption of APIs
Policies in Azure API Management
Publishing internal APIs to external users
o Recommend a hosting structure for API management
o Recommend when and how to use API Keys
Design Migrations
Assess and interpret on-premises servers, data, and applications for migration
Assess VMware VMs for migration to Azure VMs
Migrate your .NET web app or service to Azure App Service
Migrate SQL Server to Azure SQL Database offline using DMS
Recommend a solution for migrating applications and VMs
YouTube video: How to migrate your VMs, databases, and apps to Azure using Azure Migrate
Recommend a solution for migration of databases
- Determine migration scope, including redundant, related, trivial, and outdated data
This brings us to the end of the AZ-304 Microsoft Azure Architect Design Study Guide
What do you think? Let me know in the comments section if I have missed out on anything. Also, I love to hear from you about how your preparation is going on!
In case you are preparing for other Azure certification exams, check out the Azure study guide for those exams.
Follow Me to Receive Updates on AZ-304 Exam
Want to be notified as soon as I post? Subscribe to the RSS feed / leave your email address in the subscribe section. Share the article to your social networks with the below links so it can benefit others.
