AZ-304 Exam Study Guide (Microsoft Azure Architect Design)

AZ-304 MICROSOFT AZURE ARCHITECT DESIGN CERTIFICATE EXAM STUDY GUIDE

The AZ-304 Azure Architect Design exam will replace the older AZ-303 exam by end of June 2020. Since I received requests to continue to create study guides for the new Azure exams, I have prepared the AZ-304 Study Guide. This exam is in beta now.

If you haven't read about the exam changes and how they will impact your certification journey, read here

This post contains a curated list of articles from Microsoft documentation for each objective of the AZ-304 exam. Please share the post within your circles so it helps them to prepare for the exam.

AZ-304 Architect Course (Online Training)

Pluralsight (Learning Path)Microsoft Azure Architect Design Course [Free Trial]
LinkedIn Learning [Free Trial]
Exam Tips for Azure Architectecture Exam
Skylines AcademyAZ-300 & AZ-301 Certification Bundle
UdemyA Course on Designing Architecture in Azure

AZ-304 Azure Architect Design Practice Test

Whizlabs Exam Questions5 Practice Tests (a total of 275 Questions)
Udemy Practice TestsAzure Exam Preparation Practice Questions

AZ-304 Exam Reference E-book (PDF) & Lab

AmazonArchitect Design Lab Guide e-book
Labs on GitHubMicrosoft Azure Architect Design Labs

In case, if you are looking for the older Azure Architect Design exam, check out AZ-301 Study Guide. To view other Azure certificate study guides, click here

Full Disclosure: Some of the links in this post are affiliate links. I receive a commission when you purchase through them.

Looking for AZ-304 dumps? Read this!

Using az-304 exam dumps can get you permanently banned from taking any future Microsoft certificate exam. Read the FAQ page for more information. However, I strongly suggest you validate your understanding with practice questions.

Design Monitoring (10-15%)

Design for cost optimization

Recommend a solution for cost management and cost reporting

https://docs.microsoft.com/en-us/azure/cost-management-billing/costs/choose-between-azure-cost-management-cloudyn

Recommend solutions to minimize costs

https://docs.microsoft.com/en-us/azure/cost-management-billing/costs/tutorial-acm-opt-recommendations

 

Design a solution for logging and monitoring

Determine levels and storage locations for logs

https://docs.microsoft.com/en-us/azure/storage/common/storage-monitor-storage-account#configure-logging

Plan for integration with monitoring tools including Azure Monitor and Azure Sentinel

https://azure.microsoft.com/en-in/blog/introducing-microsoft-azure-sentinel-intelligent-security-analytics-for-your-entire-enterprise/

Recommend appropriate monitoring tool(s) for a solution

Check this PS module on the recommendation for monitoring tools (Free Trial)

Choose a mechanism for event routing and escalation

Check this PS module on Event Routing and Escalation (Free trial)

Recommend a logging solution for compliance requirements

https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-audit-logs

Design Identity and Security (25-30%)

Design authentication

Recommend a solution for single-sign-on

https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/what-is-single-sign-on

Recommend a solution for authentication

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/choose-ad-authn

https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-methods

https://azure.microsoft.com/en-in/product-categories/identity/

Recommend a solution for Conditional Access, including multi-factor authentication

https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-policy-common

Recommend a solution for network access authentication

https://docs.microsoft.com/en-us/azure/security/fundamentals/network-overview

Recommend a solution for a hybrid identity including Azure AD Connect and Azure AD Connect Health

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/choose-ad-authn

Recommend a solution for user self-service

https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-self-service-signup

Recommend and implement a solution for B2B integration

YouTube video: Azure AD B2B authentication

 

Design authorization

Choose an authorization approach

https://docs.microsoft.com/en-us/azure/app-service/overview-authentication-authorization#authorization-behavior

Recommend a hierarchical structure that includes management groups, subscriptions and resource groups

https://docs.microsoft.com/en-us/azure/governance/management-groups/overview

Recommend an access management solution including RBAC policies, access reviews, role assignments, physical access, Privileged Identity Management (PIM), Azure AD

https://docs.microsoft.com/en-us/azure/role-based-access-control/quickstart-assign-role-user-portal

https://docs.microsoft.com/en-us/azure/active-directory/governance/manage-user-access-with-access-reviews

https://docs.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal

https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-getting-started

https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-access-create-new-tenant

Identity Protection, Just In Time (JIT) access

https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/concept-identity-protection-policies

https://docs.microsoft.com/en-us/azure/security-center/security-center-just-in-time

 

Design governance

Recommend a strategy for tagging

https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/decision-guides/resource-tagging/

Recommend a solution for using Azure Policy

https://docs.microsoft.com/en-us/azure/key-vault/azure-policy

Recommend a solution for using Azure Blueprint

https://microsoft.github.io/AzureTips-and-Tricks/blog/tip210

 

Design security for applications

Recommend a solution that includes KeyVault

o What can be stored in KeyVault? & KeyVault operations

https://docs.microsoft.com/en-us/azure/key-vault/about-keys-secrets-and-certificates

o KeyVault regions

https://azure.microsoft.com/en-us/global-infrastructure/services/?products=key-vault

Recommend a solution that includes Azure AD Managed Identities

https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/tutorial-windows-vm-access-arm

Recommend a solution for integrating applications into Azure AD

https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/plan-an-application-integration

az-304

Amazon link (affiliate)

Design Data Storage (15-20%)

Design a solution for databases

Select an appropriate data platform based on requirements

Selecting an Appropriate Data Storage Service in Microsoft Azure

Recommend database service tier sizing

https://docs.microsoft.com/en-us/azure/sql-database/sql-database-service-tiers-dtu

Recommend a solution for database scalability

https://docs.microsoft.com/en-us/azure/sql-database/sql-database-scale-resources

https://docs.microsoft.com/en-us/azure/sql-database/sql-database-elastic-scale-introduction

Recommend a solution for encrypting data at rest, data in transmission, and data in use

https://docs.microsoft.com/en-us/azure/sql-database/sql-database-security-overview#information-protection-and-encryption

 

Design data integration

Recommend a data flow to meet business requirements

PS Course: Design and Document Data Flow (Free trial)

Recommend a solution for data integration, including Azure Data Factory, Azure Data Bricks, Azure Data Lake, Azure Synapse Analytics

https://docs.microsoft.com/en-us/azure/data-factory/connector-azure-sql-data-warehouse

 

Select an appropriate storage account

Choose between storage tiers

https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers

Recommend a storage access solution

https://docs.microsoft.com/en-us/azure/storage/common/storage-explorers

Recommend storage management tools

PS Video: Azure Storage Management Tools (Free trial)

Design Business Continuity (10-15%)

Design a solution for backup and recovery

Recommend a recovery solution for Azure hybrid and on-premises workloads that meet recovery objectives (RTO, RLO, RPO)

https://azure.microsoft.com/en-in/blog/reduce-disaster-recovery-time-with-azure-site-recovery/

Design an Azure Site Recovery solution

o Recommend a site recovery replication policy

https://docs.microsoft.com/en-us/azure/site-recovery/azure-to-azure-common-questions#replication-policy

o Recommend a solution for site recovery capacity

https://docs.microsoft.com/en-us/azure/site-recovery/site-recovery-capacity-planner

https://docs.microsoft.com/en-us/azure/site-recovery/site-recovery-plan-capacity-vmware

o Recommend a solution for site failover and failback (planned/unplanned)

https://docs.microsoft.com/en-us/azure/site-recovery/failover-failback-overview

https://docs.microsoft.com/en-us/azure/site-recovery/site-recovery-test-failover-to-azure

https://docs.microsoft.com/en-us/azure/site-recovery/site-recovery-failover

o Recommend a solution for the site recovery network

https://docs.microsoft.com/en-us/azure/site-recovery/azure-to-azure-about-networking

Recommend a solution for recovery in different regions

https://docs.microsoft.com/en-us/azure/site-recovery/azure-to-azure-quickstart

Recommend a solution for Azure Backup management

https://azure.microsoft.com/en-us/blog/azure-vm-backup-policy-management/

Design a solution for data archiving and retention

o Recommend storage types and methodology for data archiving

o Identify business compliance requirements for data archiving

o Identify requirements for data archiving

o Identify SLA(s) for data archiving

o Recommend a data retention policy

 

Design for high availability

Recommend a solution for application and workload redundancy, including compute, database, and storage

https://docs.microsoft.com/en-us/azure/architecture/guide/design-principles/redundancy

https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy

Recommend a solution for autoscaling

https://docs.microsoft.com/en-us/azure/architecture/best-practices/auto-scaling

Identify resources that require high availability

https://cloud.netapp.com/blog/azure-high-availability-basic-concepts-and-a-checklist

Identify storage types for high availability

https://docs.microsoft.com/en-us/azure/storage/common/storage-introduction

Recommend a solution for geo-redundancy of workloads

https://docs.microsoft.com/en-us/azure/storage/common/storage-designing-ha-apps-with-ragrs

Design Infrastructure (25-30%)

Design a compute solution

Recommend a solution for compute provisioning

https://docs.microsoft.com/en-us/azure/architecture/guide/technology-choices/compute-decision-tree

Determine appropriate compute technologies, including virtual machines, App Services, Service Fabric, Azure Functions, Windows Virtual Desktop, and containers

Pluralsight course: Choose an appropriate compute solution

Recommend a solution for containers

o AKS versus ACI and the configuration of each one

https://medium.com/the-best-choice-between-aci-or-aks-or-web-app-for-containers

Recommend a solution for automating compute management

 

Design a network solution

Recommend a solution for network addressing and name resolution

https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-ip-addresses-overview-arm

https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-name-resolution-for-vms-and-role-instances

Recommend a solution for network provisioning

Recommend a solution for network security

o Private endpoints

https://docs.microsoft.com/en-us/azure/private-link/private-endpoint-overview

o Firewalls

https://docs.microsoft.com/en-us/azure/firewall/overview

o Gateways

https://docs.microsoft.com/en-us/azure/application-gateway/overview

Recommend a solution for network connectivity to the Internet, on-premises networks, and other Azure virtual networks

https://docs.microsoft.com/en-us/azure/networking/networking-overview

Recommend a solution for automating network management

Recommend a solution for load balancing and traffic routing

https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-routing-methods

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/tutorial-load-balancer

 

Design an application architecture

Recommend a microservices architecture including Event Grid, Event Hubs, Service Bus, Storage Queues, Logic Apps, Azure Functions, and webhooks

https://azure.microsoft.com/en-in/blog/building-serverless-microservices-in-azure-sample-architecture/

https://docs.microsoft.com/en-us/azure/architecture/microservices/

Recommend an orchestration solution for deployment of applications including ARM templates, Logic Apps, or Azure Functions

o Select an automation method

https://docs.microsoft.com/en-us/azure/automation/automation-runbook-types

o Choose which resources or lifecycle steps will be automated

o Design integration with other sources such as an ITSM solution

https://docs.microsoft.com/en-us/azure/azure-monitor/platform/itsmc-overview

o recommend a solution for monitoring automation

https://docs.microsoft.com/en-us/azure/automation/automation-alert-metric

Recommend a solution for API integration

o Design an API gateway strategy

Design an API Gateway Strategy

o Determine policies for internal and external consumption of APIs

https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-policies

https://docs.microsoft.com/en-us/azure/architecture/example-scenario/apps/publish-internal-apis-externally

o Recommend a hosting structure for API management

o Recommend when and how to use API Keys

 

Design migrations

Assess and interpret on-premises servers, data, and applications for migration

https://docs.microsoft.com/en-us/azure/migrate/tutorial-assess-vmware

https://docs.microsoft.com/en-us/dotnet/azure/migration/app-service?view=azure-dotnet

https://docs.microsoft.com/en-us/azure/dms/tutorial-sql-server-to-azure-sql

Recommend a solution for migrating applications and VMs

YouTube video: How to migrate your VMs, databases, and apps to Azure using Azure Migrate

Recommend a solution for migration of databases

o Determine migration scope, including redundant, related, trivial, and outdated data

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/migration-classic-resource-manager-overview

This brings us to the end of AZ-304 Study Guide

What do you think? Let me know in the Comments section if I have missed out on anything. Also, I love to hear from you how your preparation is going on!

In case you are looking for other Azure certification exams check out this page

Follow/Like ravikirans.com to receive updates

Sign up for Newsletter

Want to be notified as soon as I post? Subscribe to RSS feed / leave your email address in the subscribe section. Share the article to your social networks with the below links so it can benefit others.

Sharing is Caring

  • 1
  •  
  •  
  •  
  •  
    1
    Share

You may also like

Leave a Reply

Your e-mail address will not be published. Required fields are marked *