AZ-700 Study Guide (Design & Implement Azure Networking Solutions)

AZ-700 Study Guide (Designing and Implementing Microsoft Azure Networking Solutions)

Preparing for the AZ-700 Designing and implementing Microsoft Azure Networking solutions exam? Don’t know where to start? This post is the AZ-700 Certificate Study Guide (with links to each exam objective).

I have curated a list of articles from Microsoft documentation for each objective of the AZ-700 exam. Please share the post within your circles so it helps them to prepare for the exam.

Exam Voucher for AZ-700 with 1 Retake

Get 40% OFF with the combo

AZ-700 Design Azure Virtual Networking Prep

Looking for AZ-700 Dumps? Read This!

Using az-700 exam dumps can get you permanently banned from taking any future Microsoft certificate exam. Read the FAQ page for more information. However, I strongly suggest you validate your understanding with practice questions.

Check out all the other Azure certificate study guides

Full Disclosure: Some of the links in this post are affiliate links. I receive a commission when you purchase through them.

Design, Implement, and Manage Hybrid Networking (10–15%)

Design, Implement, and Manage a Site-to-site VPN Connection

Design a site-to-site VPN connection for high availability

Highly available S2S VPN connections

Select an appropriate virtual network (VNet) gateway SKU

Gateway SKUs

Identify when to use policy-based VPN versus route-based VPN

About policy-based and route-based VPN gateways

Create and configure a local network gateway

Create a local network gateway

Create and configure an IPsec/IKE policy

Azure Portal: Configure IPsec/IKE policy

Azure PowerShell: Configure IPsec/IKE policy

Create and configure a virtual network gateway

Create and manage a VPN gateway using the Azure portal

Diagnose and resolve VPN gateway connectivity issues

Troubleshooting an Azure site-to-site VPN connection

Diagnose on-premises connectivity via VPN gateways

Design, Implement, and Manage a Point-to-site VPN Connection

Select an appropriate virtual network gateway SKU

Gateway SKUs

Plan and configure RADIUS authentication

Configure a P2S connection to a VNet using RADIUS

Plan and configure certificate-based authentication

Configure a P2S connection using certificates

Plan and configure OpenVPN authentication

Configure OpenVPN for P2S VPN gateways

Plan and configure Azure Active Directory (Azure AD) authentication

Create an Azure AD tenant for P2S connections

Implement a VPN client configuration file

Install VPN client configuration files for P2S RADIUS authentication

VPN client config files for P2S certificate authentication

Diagnose and resolve client-side and authentication issues

Troubleshoot Azure P2S connection problems

Troubleshoot an Azure AD authentication VPN client

Design, Implement, and Manage Azure ExpressRoute

Choose between provider and direct model (ExpressRoute Direct)

ExpressRoute using a service provider & Direct

Design and implement Azure cross-region connectivity between multiple ExpressRoute locations

Cross-network connectivity

Select an appropriate ExpressRoute SKU and tier

Gateway SKUs

Design and implement ExpressRoute Global Reach

ExpressRoute Global Reach

Configure ExpressRoute Global Reach

Design and implement ExpressRoute FastPath

About ExpressRoute FastPath

Configure ExpressRoute FastPath

Choose between private peering only, Microsoft peering only, or both

ExpressRoute peering

Peering comparison

Configure private peering

Configure an S2S connection over ExpressRoute private peering

Configure Microsoft peering

Configure an S2S VPN over ExpressRoute Microsoft peering

Create and configure an ExpressRoute gateway

About ExpressRoute virtual network gateways

Configure a VNet gateway for ExpressRoute

Connect a virtual network to an ExpressRoute circuit

Link a VNet to an ExpressRoute circuit

Recommend a route advertisement configuration

Advertising default routes

Configure encryption over ExpressRoute

ExpressRoute encryption: IPsec over ExpressRoute for Virtual WAN

Implement Bidirectional Forwarding Detection

Configure BFD over ExpressRoute

Diagnose and resolve ExpressRoute connection issues

Troubleshooting network performance

Design and Implement Core Networking Infrastructure (20–25%)

Design and Implement Private IP Addressing for VNets

Create a VNet

Create an Azure VNet

Plan and configure subnetting for services, including VNet gateways, private endpoints, firewalls, application gateways, and VNet-integrated platform services

Configure Azure VNet subnets with CIDR notation

Application Gateway infrastructure configuration

Plan and configure subnet delegation

What is subnet delegation?

Delegate a subnet

Design and Implement Name Resolution

Design public DNS zones

Design a hybrid DNS solution with Azure

Design private DNS zones

What is a private Azure DNS zone?

Design name resolution inside a VNet

Name resolution for resources in Azure VNet

Configure a public or private DNS zone

Create a public Azure DNS zone

Create an Azure private DNS zone

Link a private DNS zone to a VNet

Link a private DNS Zone to VNet

Design and Implement Cross-VNet Connectivity

Design service chaining, including gateway transit

Service Chaining and VNET demo

Service chaining

Design VPN connectivity between VNets

Configure a VNet-to-VNet VPN gateway connection

Implement VNet peering

Create a virtual network peering

Design and Implement an Azure Virtual WAN Architecture

Design an Azure Virtual WAN architecture, including selecting SKUs and services

What is Azure Virtual WAN?

Azure Virtual WAN architecture

Connect a VNet gateway to Azure Virtual WAN

Connect a VPN Gateway to Virtual WAN

Create a hub in Virtual WAN

Create a hub

Create a network virtual appliance (NVA) in a virtual hub

About Network Virtual Appliance

Create an NVA in an Azure Virtual WAN hub

Configure virtual hub routing

About virtual hub routing

How to configure virtual hub routing?

Create a connection unit

What is a connection unit?

implement azure networking az-700

Amazon link (affiliate)

Design and Implement Routing (25–30%)

Design, Implement, and Manage VNet Routing

Design and Implement an Azure Load Balancer

Choose an Azure Load Balancer SKU (Basic versus Standard)

Azure Load Balancer SKUs

Choose between public and internal

Public vs. internal load balancer

Create and configure an Azure Load Balancer (including cross-region)

Create a public load balancer

Create a cross-region Azure Load Balancer

Implement a load balancing rule

Create a load balancer rule

Create and configure inbound NAT rules

Create an inbound NAT port-forwarding rule

Create explicit outbound rules for a load balancer

Outbound rules Azure Load Balancer

Create outbound rule configuration

Design and Implement Azure Application Gateway

Implement Azure Front Door

Choose an Azure Front Door SKU

Overview of Azure Front Door SKU

Configure health probes, including customization of HTTP response codes

Health probes for Azure Front Door

Configure SSL termination and end-to-end SSL encryption

Configure HTTPS on a Front Door custom domain

Configure multisite listeners

Application Gateway multiple site hosting

Configure back-end targets

Backends & backend pools in Azure Front Door

Configure routing rules, including redirection rules

How requests are matched to a routing rule?

Routing rules for redirection

Implement an Azure Traffic Manager Profile

Design and Implement an Azure Virtual Network NAT

Choose when to use a Virtual Network NAT

What is Virtual Network NAT?

Allocate public IP or public IP prefixes for a NAT gateway

Design VNets with NAT gateway resources

Associate a Virtual Network NAT with a subnet

What is Virtual Network NAT?

Secure and Monitor Networks (15–20%)

Design, Implement, and Manage an Azure Firewall Deployment

Design an Azure Firewall deployment

Deploy & configure Azure Firewall

Create and implement an Azure Firewall deployment

Deploy & configure Azure Firewall & policy

Configure Azure Firewall rules

Configure Azure Firewall rules

Create and implement Azure Firewall Manager policies

Azure Firewall Manager policy overview

Create a secure hub by deploying Azure Firewall inside an Azure Virtual WAN hub

Configure Azure Firewall in a Virtual WAN hub

Secure your virtual hub using Firewall Manager

Integrate an Azure Virtual WAN hub with a third-party NVA

About NVA in an Azure Virtual WAN hub

Route traffic through an NVA

Implement and Manage Network Security Groups (NSGs)

Implement a Web Application Firewall (WAF) Deployment

Configure detection or prevention mode

WAF modes

Change/update WAF mode

Configure rule sets for Azure Front Door, including Microsoft managed and user-defined

Default Rule Set (DRS)

Web Application Firewall DRS rule groups

Custom rules for WAF with Azure Front Door

Configure rule sets for Application Gateway, including Microsoft managed and user-defined

WAF CRS rule groups

Custom rules for WAF on Azure Application Gateway

Create WAF custom rules on Application Gateway

Implement a WAF policy

Create WAF policies for Application Gateway

Associate a WAF policy

Associate a WAF policy with an Application Gateway

Monitor Networks

Configure network health alerts and logging by using Azure Monitor

Network health and metrics

Create and configure a Connection Monitor instance

Create a monitor in Connection Monitor

Configure and use Traffic Analytics

Traffic Analytics

Configure NSG flow logs

Configure NSG Flow Logs

Enable and configure diagnostic logging

Create diagnostic settings

Configure Azure Network Watcher

Create an Azure Network Watcher instance

Design and Implement Private Access to Azure Services (10–15%)

Design and Implement Azure Private Link Service and Azure Private Endpoint

Create a Private Link service

Portal: Create a Private Link service

Plan private endpoints

What is Azure Private Endpoint?

Create private endpoints

Create a Private Endpoint

Configure access to private endpoints

Use private endpoints

Integrate Private Link with DNS

Private Link & DNS integration at scale

Integrate a Private Link service with on-premises clients

Connect to Azure SQL server using an Azure Private Endpoint

Design and Implement Service Endpoints

Create service endpoints

Restrict access to PaaS resources with service endpoints

Configure service endpoint policies

Create service endpoint policy

Configure service tags

Virtual network service tags

Configure access to service endpoints

Allow access to services from specific networks

Configure VNet Integration for Dedicated Platform as a Service (PaaS) Services

Configure App Service for regional VNet integration

Integrate your app with an Azure VNet

Configure Azure Kubernetes Service (AKS) for regional VNet integration

Create a private AKS cluster

Configure clients to access App Service Environment

App access for ASE

This brings us to the end of the AZ-700 Designing and implementing Microsoft Azure Networking solutions exam study guide.

What do you think? Let me know in the comments section if I have missed out on anything. Also, I love to hear from you how your preparation is going on!

In case you are preparing for other Azure certification exams, check out the Azure study guide for those exams.

Follow Me to Receive Updates on AZ-700 Exam

Want to be notified as soon as I post? Subscribe to RSS feed / leave your email address in the subscribe section. Share the article to your social networks with the below links so it can benefit others.

Share the AZ-700 Study Guide in Your Network

  •  
  •  
  •  
  •  
  •  
  •  

You may also like

Leave a Reply

Your email address will not be published. Required fields are marked *