AZ-700 Study Guide (Design & Implement Azure Networking Solutions)

AZ-700 Study Guide (Designing and Implementing Microsoft Azure Networking Solutions)

AZ-700 Preparation Details

Preparing for the AZ-700 Designing and implementing Microsoft Azure Networking solutions exam? Don’t know where to start? This post is the AZ-700 Certificate Study Guide (with links to each exam objective).

I have curated a list of articles from Microsoft documentation for each objective of the AZ-700 exam. Please share the post within your circles so it helps them to prepare for the exam.

Exam Voucher for AZ-700 with 1 Retake

Get 40% OFF with the combo

AZ-700 Design Azure Virtual Networking Prep

Pluralsight Design & Implement Azure Network Solutions
LinkedIn Learning (Free trial) Design a Networking Strategy for Architects
Udemy Implementing Azure Networking Exam

AZ-700 Implement Azure Networks Practice Test

Whizlabs Exam QuestionsDesign networking solutions practice test
Udemy Practice TestImplementing Azure Networking exam Q&A
Amazon e-book (PDF)Azure networking cookbook (2nd edition)

AZ-700 Sample Practice Exam Questions

Looking for AZ-700 Dumps? Read This!

Using az-700 exam dumps can get you permanently banned from taking any future Microsoft certificate exam. Read the FAQ page for more information. However, I strongly suggest you validate your understanding with practice questions.

Check out all the other Azure certificate study guides

Full Disclosure: Some of the links in this post are affiliate links. I receive a commission when you purchase through them.

Design, Implement, and Manage Hybrid Networking (10–15%)

Design, Implement, and Manage a Site-to-site VPN Connection

Design a site-to-site VPN connection for high availability

Highly available S2S VPN connections

Select an appropriate virtual network (VNet) gateway SKU

Gateway SKUs

Identify when to use policy-based VPN versus route-based VPN

About policy-based and route-based VPN gateways

Create and configure a local network gateway

Create a local network gateway

Create and configure an IPsec/IKE policy

Azure Portal: Configure IPsec/IKE policy

Azure PowerShell: Configure IPsec/IKE policy

Create and configure a virtual network gateway

Create and manage a VPN gateway using the Azure portal

Diagnose and resolve VPN gateway connectivity issues

Troubleshooting an Azure site-to-site VPN connection

Diagnose on-premises connectivity via VPN gateways

Azure certification Frequently Asked Questions

Design, Implement, and Manage a Point-to-site VPN Connection

Select an appropriate virtual network gateway SKU

Gateway SKUs

Plan and configure RADIUS authentication

Configure a P2S connection to a VNet using RADIUS

Plan and configure certificate-based authentication

Configure a P2S connection using certificates

Plan and configure OpenVPN authentication

Configure OpenVPN for P2S VPN gateways

Plan and configure Azure Active Directory (Azure AD) authentication

Create an Azure AD tenant for P2S connections

Implement a VPN client configuration file

Install VPN client configuration files for P2S RADIUS authentication

VPN client config files for P2S certificate authentication

Diagnose and resolve client-side and authentication issues

Troubleshoot Azure P2S connection problems

Troubleshoot an Azure AD authentication VPN client

Design, Implement, and Manage Azure ExpressRoute

Choose between provider and direct model (ExpressRoute Direct)

ExpressRoute using a service provider & Direct

Design and implement Azure cross-region connectivity between multiple ExpressRoute locations

Cross-network connectivity

Select an appropriate ExpressRoute SKU and tier

Gateway SKUs

Design and implement ExpressRoute Global Reach

ExpressRoute Global Reach

Configure ExpressRoute Global Reach

Design and implement ExpressRoute FastPath

About ExpressRoute FastPath

Configure ExpressRoute FastPath

Choose between private peering only, Microsoft peering only, or both

ExpressRoute peering

Peering comparison

Configure private peering

Configure an S2S connection over ExpressRoute private peering

Configure Microsoft peering

Configure an S2S VPN over ExpressRoute Microsoft peering

Create and configure an ExpressRoute gateway

About ExpressRoute virtual network gateways

Configure a VNet gateway for ExpressRoute

Connect a virtual network to an ExpressRoute circuit

Link a VNet to an ExpressRoute circuit

Recommend a route advertisement configuration

Advertising default routes

Configure encryption over ExpressRoute

ExpressRoute encryption: IPsec over ExpressRoute for Virtual WAN

Implement Bidirectional Forwarding Detection

Configure BFD over ExpressRoute

Diagnose and resolve ExpressRoute connection issues

Troubleshooting network performance

Design and Implement Core Networking Infrastructure (20–25%)

Design and Implement Private IP Addressing for VNets

Create a VNet

Create an Azure VNet

Plan and configure subnetting for services, including VNet gateways, private endpoints, firewalls, application gateways, and VNet-integrated platform services

Configure Azure VNet subnets with CIDR notation

Application Gateway infrastructure configuration

Plan and configure subnet delegation

What is subnet delegation?

Delegate a subnet

Design and Implement Name Resolution

Design public DNS zones

Design a hybrid DNS solution with Azure

Design private DNS zones

What is a private Azure DNS zone?

Design name resolution inside a VNet

Name resolution for resources in Azure VNet

Configure a public or private DNS zone

Create a public Azure DNS zone

Create an Azure private DNS zone

Link a private DNS zone to a VNet

Link a private DNS Zone to VNet

Design and Implement Cross-VNet Connectivity

Design service chaining, including gateway transit

Service Chaining and VNET demo

Service chaining

Design VPN connectivity between VNets

Configure a VNet-to-VNet VPN gateway connection

Implement VNet peering

Create a virtual network peering

Design and Implement an Azure Virtual WAN Architecture

Design an Azure Virtual WAN architecture, including selecting SKUs and services

What is Azure Virtual WAN?

Azure Virtual WAN architecture

Connect a VNet gateway to Azure Virtual WAN

Connect a VPN Gateway to Virtual WAN

Create a hub in Virtual WAN

Create a hub

Create a network virtual appliance (NVA) in a virtual hub

About Network Virtual Appliance

Create an NVA in an Azure Virtual WAN hub

Configure virtual hub routing

About virtual hub routing

How to configure virtual hub routing?

Create a connection unit

What is a connection unit?

implement azure networking az-700

Amazon link (affiliate)

Design and Implement Routing (25–30%)

Design, Implement, and Manage VNet Routing

Design and implement user-defined routes (UDRs)

User-defined custom routes

Create a user-defined route table with routes & an NVA

Associate a Route table with a subnet

Associate a Route table to a subnet

Configure forced tunneling

Configure forced tunneling for S2S connections

Diagnose and resolve routing issues

Diagnose a VM network routing problem

Diagnose a virtual machine routing problem

Design and Implement an Azure Load Balancer

Choose an Azure Load Balancer SKU (Basic versus Standard)

Azure Load Balancer SKUs

Choose between public and internal

Public vs. internal load balancer

Create and configure an Azure Load Balancer (including cross-region)

Create a public load balancer

Create a cross-region Azure Load Balancer

Implement a load balancing rule

Create a load balancer rule

Create and configure inbound NAT rules

Create an inbound NAT port-forwarding rule

Create explicit outbound rules for a load balancer

Outbound rules Azure Load Balancer

Create outbound rule configuration

Design and Implement Azure Application Gateway

Recommend Azure Application Gateway deployment options

Azure Portal: Azure Application Gateway

PowerShell: Azure Application Gateway

CLI: Azure Application Gateway

ARM template: Azure Application Gateway

Choose between manual and autoscale

Scaling Application Gateway

Create a back-end pool

Backends tab

Configure health probes

Create health probe for Application Gateway

Configure listeners

Application Gateway listener configuration

Configure routing rules

Application Gateway request routing rules

Configure HTTP settings

Application Gateway HTTP settings configuration

Configure Transport Layer Security (TLS)

Configure end to end TLS by using Application Gateway

Configure rewrite policies

Rewrite URL with Azure Application Gateway

Implement Azure Front Door

Choose an Azure Front Door SKU

Overview of Azure Front Door SKU

Configure health probes, including customization of HTTP response codes

Health probes for Azure Front Door

Configure SSL termination and end-to-end SSL encryption

Configure HTTPS on a Front Door custom domain

Configure multisite listeners

Application Gateway multiple site hosting

Configure back-end targets

Backends & backend pools in Azure Front Door

Configure routing rules, including redirection rules

How requests are matched to a routing rule?

Routing rules for redirection

Implement an Azure Traffic Manager Profile

Configure a routing method (mode)

Traffic Manager routing methods

Configure priority traffic routing method

Configure endpoints

Add Traffic Manager endpoints

Create HTTP settings

Configure endpoint monitoring

Design and Implement an Azure Virtual Network NAT

Choose when to use a Virtual Network NAT

What is Virtual Network NAT?

Allocate public IP or public IP prefixes for a NAT gateway

Design VNets with NAT gateway resources

Associate a Virtual Network NAT with a subnet

What is Virtual Network NAT?

Secure and Monitor Networks (15–20%)

Design, Implement, and Manage an Azure Firewall Deployment

Design an Azure Firewall deployment

Deploy & configure Azure Firewall

Create and implement an Azure Firewall deployment

Deploy & configure Azure Firewall & policy

Configure Azure Firewall rules

Configure Azure Firewall rules

Create and implement Azure Firewall Manager policies

Azure Firewall Manager policy overview

Create a secure hub by deploying Azure Firewall inside an Azure Virtual WAN hub

Configure Azure Firewall in a Virtual WAN hub

Secure your virtual hub using Firewall Manager

Integrate an Azure Virtual WAN hub with a third-party NVA

About NVA in an Azure Virtual WAN hub

Route traffic through an NVA

Implement and Manage Network Security Groups (NSGs)

Create an NSG

Create a network security group

Associate an NSG to a resource

Associate an NSG

Associate network security group to subnet

Create an application security group (ASG)

Create application security groups

Associate an ASG to a NIC

Associate a Network Security Group to a NIC

Create and configure NSG rules

Create a security rule

Interpret NSG flow logs

Read NSG flow logs

Validate NSG flow rules

Introduction to flow logging

Verify IP flow

Introduction to IP flow verify

Troubleshoot NSG configuration using IP Flow Verify

Implement a Web Application Firewall (WAF) Deployment

Configure detection or prevention mode

WAF modes

Change/update WAF mode

Configure rule sets for Azure Front Door, including Microsoft managed and user-defined

Default Rule Set (DRS)

Web Application Firewall DRS rule groups

Custom rules for WAF with Azure Front Door

Configure rule sets for Application Gateway, including Microsoft managed and user-defined

WAF CRS rule groups

Custom rules for WAF on Azure Application Gateway

Create WAF custom rules on Application Gateway

Implement a WAF policy

Create WAF policies for Application Gateway

Associate a WAF policy

Associate a WAF policy with an Application Gateway

Monitor Networks

Configure network health alerts and logging by using Azure Monitor

Network health and metrics

Create and configure a Connection Monitor instance

Create a monitor in Connection Monitor

Configure and use Traffic Analytics

Traffic Analytics

Configure NSG flow logs

Configure NSG Flow Logs

Enable and configure diagnostic logging

Create diagnostic settings

Configure Azure Network Watcher

Create an Azure Network Watcher instance

Design and Implement Private Access to Azure Services (10–15%)

Design and Implement Azure Private Link Service and Azure Private Endpoint

Create a Private Link service

Portal: Create a Private Link service

Plan private endpoints

What is Azure Private Endpoint?

Create private endpoints

Create a Private Endpoint

Configure access to private endpoints

Use private endpoints

Integrate Private Link with DNS

Private Link & DNS integration at scale

Integrate a Private Link service with on-premises clients

Connect to Azure SQL server using an Azure Private Endpoint

Design and Implement Service Endpoints

Create service endpoints

Restrict access to PaaS resources with service endpoints

Configure service endpoint policies

Create service endpoint policy

Configure service tags

Virtual network service tags

Configure access to service endpoints

Allow access to services from specific networks

Configure VNet Integration for Dedicated Platform as a Service (PaaS) Services

Configure App Service for regional VNet integration

Integrate your app with an Azure VNet

Configure Azure Kubernetes Service (AKS) for regional VNet integration

Create a private AKS cluster

Configure clients to access App Service Environment

App access for ASE

This brings us to the end of the AZ-700 Designing and implementing Microsoft Azure Networking solutions exam study guide.

What do you think? Let me know in the comments section if I have missed out on anything. Also, I love to hear from you how your preparation is going on!

In case you are preparing for other Azure certification exams, check out the Azure study guide for those exams.

Follow Me to Receive Updates on AZ-700 Exam

Want to be notified as soon as I post? Subscribe to the RSS feed / leave your email address in the subscribe section. Share the article to your social networks with the below links so it can benefit others.

Share the AZ-700 Study Guide in Your Network

You may also like