Summary
AZ-304T00 – Microsoft Azure Architect Design
This course teaches Solutions Architects how to translate business requirements into secure, scalable, and reliable solutions. Lessons include design considerations related to logging, cost analysis, authentication and authorization, governance, security, storage, high availability, and migration. This role requires decisions in multiple areas that affect an overall design solution.
Introduction
Who Should Attend
This course is for IT Professionals with expertise in designing and implementing solutions running on Microsoft Azure. They should have broad knowledge of IT operations, including networking, virtualization, identity, security, business continuity, disaster recovery, data platform, budgeting, and governance. Azure Solution Architects use the Azure Portal and as they become more adept they use the Command Line Interface. Candidates must have expert-level skills in Azure administration and have experience with Azure development processes and DevOps processes.
Course Objectives
After completing this course, students will be able to:
– Recommend solutions to minimize costs
– Recommend a solution for Conditional Access, including multi-factor authentication
– Recommend a solution for a hybrid identity including Azure AD Connect and Azure AD Connect
– Recommend a solution for using Azure Policy
– Recommend a solution that includes KeyVault
– Recommend a solution that includes Azure AD Managed Identities
– Recommend a storage access solution
– Design and Azure Site Recovery solution
– Recommend a solution for autoscaling
– Recommend a solution for containers
– Recommend a solution for network security
– Recommend a solution for migrating applications and VMs
– Recommend a solution for migration of databases
Outline
-
DESIGN FOR COST OPTIMIZATION
- Recommend Solutions for Cost Management
- Recommended Viewpoints for Minimizing Costs
- Optimize with Azure Cost Management.
- Design with Cost in mind
- Optimize Costs from recommendations
-
DESIGN A SOLUTION FOR LOGGING AND MONITORING
- Azure Monitoring Services
- Azure Monitor
- Monitor Azure resources with Azure Monitor
- Collect and analyze Resource Logs for Azure resources
- Understand how Azure Sentinel collects data on the devices, users, infrastructure, and applications
-
DESIGN AUTHENTICATION
- Recommend a Solution for Multi-Factor Authentication
- Recommend a Solution for Single-Sign On (SSO)
- Five Steps for Securing Identity Infrastructure
- Recommend a Solution for a Hybrid Identity
- Recommend a Solution for B2B Integration
- Plan for a MFA Deployment
- Understand Azure Active Directory Seamless Single Sign-On (SSO)
- Recommend an Authentication Methodology for Hybrid Identity
- Integrate with Identity Providers
-
DESIGN AUTHORIZATION
- Infrastructure Protection
- Recommend a Hierarchical Structure for Management Groups, Subscriptions and Resource Groups
- Recommend hierarchy of Management Groups and Subscriptions
- Configure custom RBAC Role definitions and assignments
-
DESIGN GOVERNANCE
- Recommend a Solution for using Azure Policy
- Recommend a Solution for using Azure Blueprint
- Organize Policies with Initiatives
- Manage Tag Governance with Azure Policy
- Provide guidance on Azure Blueprints
-
DESIGN SECURITY FOR APPLICATIONS
- Recommend a Solution using KeyVault
- Recommend a Solution using Azure AD Managed Identities
- Understand Key Vault authentication and authorization
- Understand Azure Key Vault availability and redundancy
- Understand how Blueprints differ from Resource Manager Templates and Azure Policy
-
DESIGN A SOLUTION FOR DATABASES
- Select an Appropriate Data Platform Based on Requirements
- Overview of Azure Data Storage
- Recommend Database Service Tier Sizing
- Dynamically Scale Azure SQL Database and Azure SQL Managed Instances
- Recommend a Solution for Encrypting Data at Rest, Transmission, and In Use
- Recommend Database Service Tier Sizing
- Recommend a Solution for Encrypting Data at Rest, Transmission, and In Use
- Understand Azure Data Lake Store and Azure Blob Storage containers
-
DESIGN DATA INTEGRATION
- Recommend a Data Flow
- Recommend a Solution for Data Integration
- Implement Azure Synapse Analytics
- Describe how data flows using Azure Data Factory
- Demonstrate how to use Azure Data Factory to load data into SQL Data Warehouse
-
SELECT AN APPROPRIATE STORAGE ACCOUNT
- Understanding Storage Tiers
- Recommend a Storage Access Solution
- Recommend Storage Management Tools
- Recommend tools for working with Azure Storage
- Design for Azure Blob Storage access tiers
-
DESIGN A SOLUTION FOR BACKUP AND RECOVERY
- Recommend a Recovery Solution for Hybrid and On-Premises Workloads
- Design and Azure Site Recovery Solution
- Recommend a Solution for Recovery in Different Regions
- Recommend a Solution for Azure Backup Management
- Design a Solution for Data Archiving and Retention
- Recommend solutions for Azure hybrid and on-premises workloads that meets recovery objectives
- Recommend a solution for site recovery capacity
- Recommend storage types and methodology for data archiving
- Identify requirements for data archiving
-
DESIGN FOR HIGH AVAILABILITY
- Recommend a Solution for Application and Workload Redundancy
- Recommend a Solution for Autoscaling
- Identify Resources that Require High Availability
- Identify Storage Tpes for High Availability
- Recommend a Solution for Geo-Redundancy of Workloads
- Recommend a solutions for autoscaling
- Identify storage types for high availability
- Recommend a solutions for geo-redundancy of workloads
-
DESIGN A COMPUTE SOLUTION
- Recommend a Solution for Compute Provisioning
- Determine Appropriate Compute Technologies
- Recommend a Solution for Containers
- Recommend a Solution for Automating Compute Management
- Refer solution for automating compute management
- Recommend the appropriate compute technologies, including virtual machines, and App Services
- Recommend the appropriate AKS and ACI and the configurations
-
DESIGN A NETWORK SOLUTION
- Recommend a Solution for Network Addressing and Name Resolution
- Recommend a Solution for Network Provisioning
- Recommend a Solution for Network Security
- Recommend a Solution for iInternete Connectivity and On-Premises Networks
- Recommend a Solution for Automating Network Management
- Recommend a Solution for Load Balancing and Rraffic Routing
- Solutions for network addressing and name resolution
- Solutions for network security including private endpoints, firewalls, and gateways
- Recommendations for network connectivity to the Internet, on-premises networks, and other VNets
- Recommendations for load balancing and traffic routing
-
DESIGN AN APPLICATION ARCHITECTURE
- Recommend a Microservices Architecture
- Recommend an Orchestration Solution for Deployment of Applications
- Recommend a Solution for API Integration
- Recommend deployment solutions using ARM templates, Logic Apps, or Azure Functions
- Recommend a solution for monitoring automation
- Recommend a hosting structure for API management
-
DESIGN MIGRATIONS
- Assess and On-Premises Servers and Applications for Migration
- Recommend a Solution for Migrating Applications and VMs
- Recommend a Solution for Migration of Databases
- Assess on-premises servers and applications for migration
- Suggest solutions for migrating applications and VMs
- Determine migration scope, including redundant, related, trivial, and outdated data
Course Schedule
DATES
LOCATION
START
END
STATUS
**Indicates a course that is only a half day.