Course Description
This course prepares you for the 70-534 Architecting Microsoft Azure Solutions Certification Exam and is targeted towards Solutions Architects or Software Architects. This this is an architecture exam, its focuses primarily at a higher level than the Developer (70-532) and Infrastructure (70-533) exams. This is fitting since when working at an Architecture level, you need to have a better understanding of how the various technologies within Azure work and can be configured in relation to each other. As a result this exam does not cover as much of the lower level, technical, implementation details as the other two exams. The training will cover the following topics: Design Microsoft Azure infrastructure and networking; Secure resources; Design an application storage and data access strategy; Design an advanced application; Design websites; Design a management, monitoring, and business continuity strategy.
What am I going to get from this course?
- Describe how Azure uses Global Foundation Services (GFS) datacenters: Understand Azure datacenter architecture, regional availability, and high availability
- Design Azure virtual networks, networking services, DNS, DHCP, and IP addressing configuration: Extend on-premises Active Directory, deploy Active Directory, define static IP reservations, understand ACLs and Network Security Groups, design resource groups
- Design Azure Compute: Design Azure virtual machines (VMs) and VM architecture for IaaS and PaaS; understand availability sets, fault domains, and update domains in Azure; differentiate between machine classifications
- Describe Azure virtual private network (VPN) and ExpressRoute architecture and design: Describe Azure point-to-site (P2S) and site-to-site (S2S) VPN, understand the architectural differences between Azure VPN and ExpressRoute
- Describe Azure services: Understand, at a high level, Azure load balancing options, including Traffic Manager, Azure Media Services, CDN, Azure Active Directory (Azure AD), Azure Cache, Multi-Factor Authentication, and Service Bus
SECURE RESOURCES
- Secure resources by using managed identities: Describe the differences between Active Directory on-premises and Azure AD, programmatically access Azure AD using Graph API, secure access to resources from Azure AD applications using OAuth and OpenID Connect
- Secure resources by using hybrid identities: Use SAML claims to authenticate to on-premises resources, describe DirSync synchronization, implement federated identities using Azure Access Control service (ACS) and Active Directory Federation Services (ADFS)
- Secure resources by using identity providers: Provide access to resources using identity providers, such as Microsoft account, Facebook, Google, and Yahoo!; manage identity and access by using Azure Active Directory B2C
- Identify an appropriate data security solution: Use the appropriate Access Control List (ACL), identify security requirements for data in transit and data at rest; identify, assess, and mitigate security risks by using Azure Operations Management Suite
- Design a role-based access control strategy: Secure resource scopes, such as the ability to create VMs and Azure Web Apps
DESIGN AN APPLICATION STORAGE AND DATA ACCESS STRATEGY
- Design data storage: Design storage options for data, including Table Storage, SQL Database, DocumentDB, Blob Storage, MongoDB, and MySQL; design security options for SQL Database or Azure Storage; identify the appropriate VM type and size for a solution
- Design applications that use Mobile Apps: Create Azure Mobile Services, consume Mobile Apps from cross-platform clients, integrate offline sync capabilities into an application, extend Mobile Apps using custom code, implement Mobile Apps using Microsoft .NET or Node.js, secure Mobile Apps using Azure AD
- Design applications that use notifications: Implement push notification services in Mobile Apps, send push notifications to all subscribers, specific subscribers, or a segment of subscribers
- Design applications that use a web API: Implement a custom web API, scale using Azure Web Apps, offload long-running applications using WebJobs, secure a web API using Azure AD
- Design a data access strategy for hybrid applications: Connect to on-premises data from Azure applications using Service Bus Relay, Hybrid Connections, or the VPN capability of Websites, identify constraints for connectivity with VPN, identify options for joining VMs to domains or cloud services
- Design a media solution: Describe Media Services, understand key components of Media Services, including streaming capabilities, video on-demand capabilities, and monitoring services
DESIGN AN ADVANCED APPLICATION
- Create compute-intensive applications: Design high-performance computing (HPC) and other compute-intensive applications using Azure Services
- Create long-running applications: Implement worker roles for scalable processing, design stateless components to accommodate scale
- Select the appropriate storage option: Use a queue-centric pattern for development, select the appropriate storage for performance, identify storage options for cloud services and hybrid scenarios with compute on-premises and storage on Azure, differentiate between cloud services and VMs interacting with storage service and SQL Database
- Integrate Azure services in a solution: Identify the appropriate use of Azure Machine Learning, big data, Azure Media Services, and Azure Search services
DESIGN AZURE WEB APPS
- Design Azure Web Apps for scalability and performance: Globally scale Azure Web Apps, create Azure Web Apps using Visual Studio, debug Azure Web Apps, understand supported languages, differentiate between Azure Web Apps to VMs and cloud services
- Deploy Azure Web Apps: Implement Azure Site Extensions, create packages, App service plans, deployment slots, resource groups, publishing options, Web Deploy, and FTP locations and settings
- Design Azure Web Apps for business continuity: Scale up and scale out using Azure Web Apps and SQL Database, configure data replication patterns, update Azure Web Apps with minimal downtime, back up and restore data, design for disaster recovery, deploy Azure Web Apps to multiple regions for high availability, design the data tier
DESIGN A MANAGEMENT, MONITORING, AND BUSINESS CONTINUITY STRATEGY
- Evaluate hybrid and Azure-hosted architectures for Microsoft System Center deployment: Understand, at an architectural level, which components are supported in Azure; describe design considerations for managing Azure resources with System Center; understand which scenarios would dictate a hybrid scenario
- Design a monitoring strategy: Identify the Microsoft products and services for monitoring Azure solutions; understand the capabilities of System Center for monitoring an Azure solution; understand built-in Azure capabilities; identify third-party monitoring tools, including open source; describe use cases for Operations Manager, Global Service Monitor, and Application Insights; describe the use cases for Windows Software Update Services (WSUS), Configuration Manager, and custom solutions; describe the Azure architecture constructs, such as availability sets and update domains, and how they impact a patching strategy; analyze logs by using the Azure Operations Management Suite
- Describe Azure business continuity/disaster recovery (BC/DR) capabilities: Understand the architectural capabilities of BC/DR, describe Hyper-V Replica and Azure Site Recovery (ASR), describe use cases for Hyper-V Replica and ASR
- Design a disaster recovery strategy: Design and deploy Azure Backup and other Microsoft backup solutions for Azure, understand use cases when StorSimple and System Center Data Protection Manager would be appropriate, design and deploy Azure Site recovery
- Design Azure Automation and PowerShell workflows: Create a PowerShell script specific to Azure, automate tasks by using the Azure Operations Management Suite
- Describe the use cases for Azure Automation configuration: Understand when to use Azure Automation, Chef, Puppet, PowerShell, or Desired State Configuration (DSC)