Share:
Twitter
LinkedIn
Facebook
Google+
Reddit
Whatsapp
Follow by Email

Below you will find a list of what is going to be tested in the new AZ-301 Microsoft Azure Architect Design exam and a link to a resource that I think will help you learn and pass the exam. It is a work in progress at the moment and I will keep updating it. If you do find a link that is not working, or I have linked to the wrong resource. Please let me know. Also if you would like to help fill in the blanks please leave a comment below.

At Microsoft Ignite, they had a session on this Exam. It is worth the watch.

Skills measured from AZ-301: Microsoft Azure Architect Design exam

Determine Workload Requirements (10-15%)

Gather Information and Requirements

Identify compliance requirements, identity and access management infrastructure, and service-oriented architectures (e.g., integration patterns, service design, service discoverability)
Identify accessibility (e.g. Web Content Accessibility Guidelines), availability (e.g. Service Level Agreement), capacity planning and scalability, deploy-ability (e.g., repositories, failback, slot-based deployment), configurability, governance, maintainability (e.g. logging, debugging, troubleshooting, recovery, training), security (e.g. authentication, authorization, attacks), and sizing (e.g. support costs, optimization) requirements
Recommend changes during project execution (ongoing)
Evaluate products and services to align with solution
Create testing scenarios

Optimize Consumption Strategy

Optimize app service, compute, identity, network, and storage costs

Design an Auditing and Monitoring Strategy

Define logical groupings (tags) for resources to be monitoredhttp://bit.ly/2PhpJSV
Determine levels and storage locations for logshttp://bit.ly/2Pk0IXc
Plan for integration with monitoring toolshttp://bit.ly/2Pe3Nbo
Recommend appropriate monitoring tool(s) for a solution
Specify mechanism for event routing and escalation
Design auditing for compliance requirementshttp://bit.ly/2PhpZ4l
Design auditing policies and traceability requirements

Design for Identity and Security (20-25%)

Design Identity Management

Choose an identity management approach
Design an identity delegation strategy, identity repository (including directory, application, systems, etc.)
Design self-service identity management and user and persona provisioning
Define personas and roles
Recommend appropriate access control strategy (e.g., attribute-based, discretionary access, history-based, identity-based, mandatory, organization-based, role-based, rule-based, responsibility-based)

Design Authentication

Choose an authentication approach
Design a single-sign on approach
Design for IPSec, logon, multi-factor, network access, and remote authentication

Design Authorization

Choose an authorization approach
Define access permissions and privileges
Design secure delegated access (e.g., oAuth, OpenID, etc.)
Recommend when and how to use API Keys

Design for Risk Prevention for Identity

Design a risk assessment strategy (e.g., access reviews, RBAC policies, physical access)
Evaluate agreements involving services or products from vendors and contractors
Update solution design to address and mitigate changes to existing security policies, standards, guidelines and procedures

Design a Monitoring Strategy for Identity and Security

Design for alert notifications
Design an alert and metrics strategy
Recommend authentication monitors

Design a Data Platform Solution (15-20%)

Design a Data Management Strategy

Choose between managed and unmanaged data store
Choose between relational and non-relational databases
Design data auditing and caching strategies
Identify data attributes (e.g., relevancy, structure, frequency, size, durability, etc.)
Recommend Database Transaction Unit (DTU) sizing
Design a data retention policy
Design for data availability, consistency, and durability
Design a data warehouse strategy


Design a Data Protection Strategy

Recommend geographic data storage
Design an encryption strategy for data at rest, for data in transmission, and for data in use
Design a scalability strategy for data
Design secure access to data
Design a data loss prevention (DLP) policy


Design and Document Data Flows

Identify data flow requirements
Create a data flow diagram
Design a data flow to meet business requirements
Design a data import and export strategy

Design a Monitoring Strategy for the Data Platform

Design for alert notifications
Design an alert and metrics strategy

Design a Business Continuity Strategy (15-20%)

Design a Site Recovery Strategy

Design a recovery solution
Design a site recovery replication policy
Design for site recovery capacity and for storage replication
Design site failover and failback (planned/unplanned)
Design the site recovery network
Recommend recovery objectives (e.g., Azure, on-prem, hybrid, Recovery Time Objective (RTO), Recovery Level Objective (RLO), Recovery Point Objective (RPO))
Identify resources that require site recovery
Identify supported and unsupported workloads
Recommend a geographical distribution strategy

Design for High Availability

Design for application redundancy, autoscaling, data center and fault domain redundancy, and network redundancy
Identify resources that require high availability
Identify storage types for high availability

Design a disaster recovery strategy for individual workloads

Design failover/failback scenario(s)
Document recovery requirements
Identify resources that require backup
ecommend a geographic availability strategy

Design a Data Archiving Strategy

Recommend storage types and methodology for data archiving
Identify requirements for data archiving and business compliance requirements for data archiving
Identify SLA(s) for data archiving

Design for Deployment, Migration, and Integration (10-15%)

Design Deployments

Design a compute, container, data platform, messaging solution, storage, and web app and service deployment strategy

Design Migrations

Recommend a migration strategy
Design data import/export strategies during migration
Determine the appropriate application migration, data transfer, and network connectivity method
Determine migration scope, including redundant, related, trivial, and outdated data
Determine application and data compatibility

Design an API Integration Strategy

Design an API gateway strategy
Determine policies for internal and external consumption of APIs
Recommend a hosting structure for API management

Design an Infrastructure Strategy (15-20%)

Design a Storage Strategy

Design a storage provisioning strategy
Design storage access strategy
Identify storage requirements
Recommend a storage solution and storage management tools

Design a Compute Strategy

Design compute provisioning and secure compute strategies
Determine appropriate compute technologies (e.g., virtual machines, functions, service fabric, container instances, etc.)
Design an Azure HPC environment
Identify compute requirements
ecommend management tools for compute

Design a Networking Strategy

Design network provisioning and network security strategies
Determine appropriate network connectivity technologies
Identify networking requirements
Recommend network management tools

Design a Monitoring Strategy for Infrastructure

Design for alert notifications
Design an alert and metrics strategy

I hope you found this helpful and Good Luck in your exams!

Share:
Twitter
LinkedIn
Facebook
Google+
Reddit
Whatsapp
Follow by Email

Pixel Robots.

I’m Richard Hooper aka Pixel Robots. I started this blog in 2016 for a couple reasons. The first reason was basically just a place for me to store my step by step guides, troubleshooting guides and just plain ideas about being a sysadmin. The second reason was to share what I have learned and found out with other people like me. Hopefully, you can find something useful on the site.

2 Comments

Palas Roychowdhury · October 16, 2018 at 1:55 pm

Hi,
This is great information. Are you still updating the content ?

    Pixel Robots. · October 17, 2018 at 9:01 am

    Hello, yes I am still updating. If you have any links I can add, please let me know.

    Thanks

Leave a Reply

Your email address will not be published. Required fields are marked *

*

I agree