AZ-303: Microsoft Azure Architect Technologies (beta) – Study Guide

Microsoft continues to update it’s role based exams and next on the list is AZ-303. This is the updated version of AZ-300 and should launch at the end of June 2020. Currently this is arguably the most difficult exam certification path as it is one of only two Expert level certifications for Azure. This post will cover AZ-303 and here is what Microsoft have to say about it:

Candidates for this exam are Azure Solutions Architects who advise stakeholders and translate business requirements into secure, scalable, and reliable solutions. Candidates should have advanced experience and knowledge of IT operations, including networking, virtualization, identity, security, business continuity, disaster recovery, data platform, budgeting, and governance. This role requires managing how decisions in each area affects an overall solution. Candidates must have expert-level skills in Azure administration and have experience with Azure development processes and DevOps processes.

As the exam is still in beta, if you take it, it will not be scored immediately. So bear that in mind before you sit it! Of course, if you pass the exam, once scored, it will count towards the certification.

As always, a great place to start is Microsoft Learn. There are several interactive learning paths that are free that you can work through at your own pace. I find this a great way to study and gain greater understanding of the services by actually using them and you will need to be very familiar with Azure to pass this exam.

Below I’ve put together a collection of links relevant to the sections Microsoft have highlighted as being part of the skills measured for this exam. These are only guide links, sometimes you need to explore a topic much more deeply if you are not familiar with it. Hopefully these study materials will help guide you to successfully passing AZ-303!

Implement and Monitor an Azure Infrastructure (50-55%)

Implement cloud infrastructure monitoring

Implement storage accounts

Implement VMs for Windows and Linux

Automate deployment and configuration of resources

Implement virtual networking

Implement Azure Active Directory

Implement and manage hybrid identities

Implement Management and Security Solutions (25-30%)

Manage workloads in Azure

Implement load balancing and network security

Implement and manage Azure governance solutions

Manage security for applications

Implement Solutions for Apps (10-15%)

Implement an application infrastructure

Implement container-based applications

Implement and Manage Data Platforms (10-15%)

Implement NoSQL databases

Implement Azure SQL databases

AZ-301: Microsoft Azure Architect Design – Study Guide

Now that AZ-302 has officially been retired, there is only one route to earn your Microsoft Certified: Azure Solutions Architect Expert certification. That route is to sit and pass both the AZ-300 and the AZ-301 exams. Currently this is arguably the most difficult exam certification path as it is one of only two Expert level certifications for Azure. This post will cover AZ-301, here is what Microsoft have to say about it:

This exam measures your ability to accomplish the following technical tasks: determine workload requirements; design for identity and security; design a data platform solution; design a business continuity strategy; design for deployment, migration, and integration; and design an infrastructure strategy.

Below I’ve put together a collection of links relevant to the sections highlighted as being part of the skills measured for this exam. As always, these are only guide links, sometimes you need to explore a topic much more deeply if you are not familiar with it. Hopefully these study materials will help guide you to successfully passing AZ-301!

If you spot something, or have a better link for a topic, get in touch! I will update this post as regularly as possible and always appreciate any feedback.

A good place to start is Microsoft Learn. there are several interactive learning paths that are free that you can work through at your own pace. I find this a great way to study and gain greater understanding of the services by actually using them.

Determine workload requirements

Gather Information and Requirements

This section requires broad knowledge of the platform and general IT architecture experience. My recommendation would be to familiarise yourself with the Azure Architecture Center.

Optimize Consumption Strategy

Design an Auditing and Monitoring Strategy

Design for identity and security

Design Identity Management

Design Authentication

Design Authorization

Design for Risk Prevention for Identity

Design a Monitoring Strategy for Identity and Security

Design a data platform solution

Design a Data Management Strategy

Design a Data Protection Strategy

Design and Document Data Flows

Design a Monitoring Strategy for the Data Platform

Design a business continuity strategy

Design a Site Recovery Strategy

Design for High Availability

Design a Data Archiving Strategy

Design for deployment, migration, and integration

Design Deployments

Design Migrations

Design an API Integration Strategy

Design an infrastructure strategy

Design a Storage Strategy

Design a Compute Strategy

Design a Networking Strategy

Design a Monitoring Strategy for Infrastructure

AZ-300: Microsoft Azure Architect Technologies – Study Guide

Now that AZ-302 has officially been retired, there is only one route to earn your Microsoft Certified: Azure Solutions Architect Expert certification. That route is to sit and pass both the AZ-300 and the AZ-301 exams. Currently this is arguably the most difficult exam certification path as it is one of only two Expert level certifications for Azure. This post will cover AZ-300, here is what Microsoft have to say about it:

This exam measures your ability to accomplish the following technical tasks: deploy and configure infrastructure; implement workloads and security; create and deploy apps; implement authentication and secure data; and develop for the cloud and Azure storage.

Below I’ve put together a collection of links relevant to the sections highlighted as being part of the skills measured for this exam. As always, these are only guide links, sometimes you need to explore a topic much more deeply if you are not familiar with it. Hopefully these study materials will help guide you to successfully passing AZ-300!

If you spot something, or have a better link for a topic, get in touch! I will update this post as regularly as possible and always appreciate any feedback.

A good place to start is Microsoft Learn. there are several interactive learning paths that are free that you can work through at your own pace. I find this a great way to study and gain greater understanding of the services by actually using them.

Deploy and configure infrastructure

Analyze resource utilization and consumption

Create and configure storage accounts

Create and configure a Virtual Machine (VM) for Windows and Linux

Automate deployment of Virtual Machines (VMs)

Implement solutions that use virtual machines (VM)

Create connectivity between virtual networks

Implement and manage virtual networking

Manage Azure Active Directory (AD)

Implement and manage hybrid identities

Implement workloads and security

Migrate servers to Azure

Configure serverless computing

Implement application load balancing

Integrate on-premises network with Azure virtual network

Manage role-based access control (RBAC)

Implement Multi-Factor Authentication (MFA)

Create and deploy apps

Create web apps by using PaaS

Design and develop apps that run in containers

Implement authentication and secure data

Implement authentication

Implement secure data solutions

Develop for the cloud and for Azure storage

Develop solutions that use Cosmos DB storage

Develop solutions that use a relational database

Configure a message-based integration architecture

Develop for autoscaling

AZ-500 Microsoft Azure Security Technologies – Study Guide

The latest Azure exam is now out of beta, AZ-500 Microsoft Azure Security Technologies. Passing this single exam will allow you to earn a Microsoft Certified: Azure Security Engineer Associate certification. I recently got the results for my exam which I sat in beta back in April and thankful to say I passed!

So, if you’re interested and wondering if you should take this exam? Here is what Microsoft have to say:

Candidates for this exam are Microsoft Azure security engineers who implement security controls, maintain the security posture, manages identity and access, and protects data, applications, and networks. Candidates identify and remediate vulnerabilities by using a variety of security tools, implements threat protection, and responds to security incident escalations. As a Microsoft Azure security engineer, candidates often serve as part of a larger team dedicated to cloud-based management and security and may also secure hybrid environments as part of an end-to-end infrastructure.

Candidates for this exam should have strong skills in scripting and automation, a deep understanding of networking, virtualization, and cloud N-tier architecture, and a strong familiarity with cloud capabilities, Microsoft Azure products and services, and other Microsoft products and services.

Below, I’ve put together a collection of links relevant to the sections highlighted as being part of the skills measured for this exam. As always, these are only guide links, sometimes you need to explore a topic much more deeply if you are not familiar with it.

If you spot something, or have a better link for a topic, get in touch! I will update this post as regularly as possible and always appreciate any feedback.

A good place to start is the Azure Security Documentation page. This site includes most of the key concepts and services covered in this exam, as well as several best practice approaches you should consider.

Manage Identity and Access

App registration

MFA

Groups

Users

Adconnect

CA

AADIP

PIM

Tenant

Implement Platform Protection

VNET

NSG & ASG

Firewall

Remote Accesss Management

Baseline Security

Resource Firewall

Endpoint Security VM

VM Security

Harden VM

Container Networks

Container Isolation & Security

AKS Security

Container Registry Security & Authentication

Container Instance Security

Resource Locks

Resource Group Security

Azure Policy

Custom RBAC

Manage Security Operations

Azure Monitor

Log Analytics

Diagnostic Logs

Vulnerability Scanning

Security Center Policies & JIT

Security Alerts

Secure Data and Applications

Data Security Policies

Data Infrastructure

Data at Rest

Application Delivery

Application Security

Key Vault