AZ-305 Exam Study Guide Azure Solutions Architect Certification

To get the Microsoft Certified Azure Solutions Architect Expert certification, there is now a new exam that you need to pass, the AZ-305 Azure Solutions Architect Expert certification exam. In this blog post, I am going to share my AZ-305: Microsoft Azure Solutions Architect Certification Exam Study Guide with you. To learn and prepare for the exam, I usually use a couple of online resources, mainly Microsoft Docs and Microsoft Learn, which I am going to share with you

Design Identity, Governance, and Monitoring Solutions (25-30%)

Design a Solution for Logging and Monitoring

• design a log routing solution
  • Logs in Azure Monitor
  • Azure diagnostic logs
  • Enable diagnostics logging for apps in Azure App Service
  • Create diagnostic setting to collect platform logs and metrics in Azure
• recommend an appropriate level of logging
  • Azure security logging and auditing
• recommend a monitoring tool(s) for a solution
  • Azure Monitor overview
  • Best practices for monitoring cloud applications
  • Azure Sentinel

Design Authentication and Authorization Solutions

• recommend a solution for securing resources with role-based access controls
  • Add or remove role assignments using Azure RBAC and the Azure portal
  • What is role-based access control (RBAC) for Azure resources?
  • Quickstart: View the access a user has to Azure resources
• recommend an identity management solution
  • What are managed identities for Azure resources?
  • Use a Windows VM system-assigned managed identity to access Resource Manager
• recommend a solution for securing identities
  • What are Azure AD access reviews?
  • What is Azure Active Directory Identity Protection?
  • Secure your management ports with just-in-time access
  • What is Azure AD Privileged Identity Management?

Design Governance

• recommend an organizational and hierarchical structure for Azure resources
  • What are the Azure Management areas?
  • What are Azure management groups?
• recommend a solution for enforcing and auditing compliance
  • What is Azure Policy?
  • Tutorial: Create and manage policies to enforce compliance

Design Identities and Access for Applications

• recommend solutions to allow applications to access Azure resources
  • What are managed identities for Azure resources?
  • Use a Windows VM system-assigned managed identity to access Resource Manager
• recommend a solution that securely stores passwords and secrets
  • What is Azure Key Vault?
  • About keys, secrets, and certificates
• recommend a solution for integrating applications into Azure AD
  • Tutorial: Register an application in Azure Active Directory B2C
• recommend a user consent solution for applications
  • Configure how end-users consent to applications using Azure Active Directory

Design Data Storage Solutions (25-30%)

Design a Data Storage Solution for Relational Data

• recommend database service tier sizing
  • Azure SQL Database service tiers
  • General purpose service tier – Azure SQL Database
• recommend a solution for database scalability
  • Scalability
• recommend a solution for encrypting data at rest, data in transmission, and data in use
  • Azure Data Encryption-at-Rest
  • Azure encryption overview
  • Transparent data encryption for SQL Database and Azure Synapse

Design Data Integration

• recommend a solution for data integration
  • What is Azure Data Factory?
  • What is Azure Databricks?
  • What is Azure Data Lake Storage Gen1?
  • Introduction to Azure Data Lake Storage Gen2
  • What is Azure Synapse Analytics (formerly SQL DW)?

Recommend a solution for data analysis Recommend a Data Storage Solution

• recommend a solution for storing relational data
  • Understand data store models
  • SQL Server on Azure virtual machines
  • What is Azure SQL Database?
  • What is Azure SQL Managed Instance?
  • What is Azure Database for PostgreSQL?
  • What is Azure Database for MariaDB?
  • What is Azure Database for MySQL?
  • Welcome to Azure Cosmos DB
• recommend a solution for storing semi-structured data
  • Understand data store models
  • Welcome to Azure Cosmos DB
• recommend a solution for storing non-relational data
  • Understand data store models
  • Non-relational data and NoSQL
  • Welcome to Azure Cosmos DB
  • HBase in HDInsight
  • Azure Cache for Redis
  • Azure Table Storage
  • Azure Time Series Insights
  • Azure Blob Storage
  • Azure Data Lake Store
  • Azure File Storage
  • Azure Search

Design a Data Storage Solution for Non-relational Data

• recommend a data storage solution to balance features, performance, and cost
  • Non-relational data and NoSQL
  • Introduction to the core Azure Storage services
• recommend access control solutions to data storage
  • Access control model in Azure Data Lake Storage Gen2
• design a data solution for protection and durability
  • Data protection overview

Design Business Continuity Solutions (10-15%)

Design a Solution for Backup and Disaster Recovery

• recommend a recovery solution for Azure, hybrid, and on-premises workloads that meets recovery objectives (RTO, RLO, RPO)
  • About Site Recovery
  • General questions about Azure Site Recovery
  • Common questions about VMware to Azure replication
  • Common questions – Hyper-V to Azure disaster recovery
  • What is the Azure Backup service?
  • Azure Backup architecture and components
  • Azure Backup Server protection matrix
• understand the recovery solutions for containers
  • Best practices for business continuity and disaster recovery in Azure Kubernetes Service (AKS)
• recommend a backup and recovery solution for compute
  • What is the Azure Backup service?
  • Azure Backup architecture and components
  • An overview of Azure VM backup
• recommend a backup and recovery solution for databases
  • What is the Azure Backup service?
  • Azure Backup architecture and components
  • About SQL Server Backup in Azure VMs
  • About Azure Database for PostgreSQL backup (preview)

Design for High Availability

• identify the availability requirements of Azure resources
  • Regions and availability zones
  • Azure services that support availability zones
• recommend a high availability solution for Compute
  • Availability options for virtual machines in Azure
  • Manage the availability of Windows virtual machines in Azure
• recommend a high availability solution for non-relational data storage
  • Build solutions for high availability using Availability Zones
  • Azure Storage redundancy
  • How does Azure Cosmos DB provide high availability
• recommend a high availability solution for relational data storage
  • Build solutions for high availability using Availability Zones
  • High availability for Azure SQL Database and SQL Managed Instance
  • How does Azure Cosmos DB provide high availability

Design Infrastructure Solutions (25-30%)

Design a Compute Solution

• recommend a Virtual Machine-based compute solution
  • Virtual machines
  • What is Windows Virtual Desktop?
• recommend an appropriately sized compute solution based on workload requirements
  • Virtual machines
• recommend a Container-based compute solution
  • Choose an Azure compute service for your application
  • App Service
  • Azure Kubernetes Service (AKS)
  • Container Instances
  • What is Azure Container Instances?
  • Introduction to private Docker container registries in Azure
• recommend a Serverless-based compute solution
  • Functions

Design an Application Architecture

• recommend a caching solution for applications
  • Caching
  • Azure CDN Documentation
  • Best practices for using content delivery networks (CDNs)
  • Create an Azure CDN endpoint
  • What is Azure Front Door?
  • Azure Cache for Redis
• recommend a messaging architecture
  • Choose between Azure messaging services – Event Grid, Event Hubs, and Service Bus
  • What is Azure Service Bus?
  • Quickstart: Use Azure portal to create a Service Bus queue
  • Get started with Service Bus queues
• recommend an event-driven architecture
  • What is Azure Event Grid?
  • Event-Driven Architecture in the Cloud with Azure Event Grid
  • Quickstart: Route custom events to web endpoint with the Azure portal and Event Grid
  • Tutorial: Monitor virtual machine changes by using Azure Event Grid and Logic Apps
  • Features and terminology in Azure Event Hubs
  • Quickstart: Create an event hub using Azure portal
  • Tutorial: Stream data into Azure Databricks using Event Hubs
• recommend an automated deployment solution for your applications
  • Use infrastructure automation tools with virtual machines in Azure
• recommend an application configuration management solution
  • Azure Automation State Configuration
  • Use infrastructure automation tools with virtual machines in Azure
• recommend a solution for API integration
  • About API Management

Design Migrations

• evaluate migration solution that leverages the Cloud Adoption Framework
  • Cloud migration in the Cloud Adoption Framework
• assess and interpret on-premises servers, data, and applications for migration
  • About Azure Migrate
• recommend a solution for migrating applications and Virtual Machines
  • About Azure Migrate
• recommend a solution for migrating databases
  • About Azure Migrate
  • Migrate a SQL Server database to Azure
  • What is Azure Database Migration Service?
• recommend a solution for migrating unstructured data
  • About Azure Migrate
  • Storage Migration Service overview
  • What is Azure Data Box?

Design Network Solutions

• recommend a network architecture solution based on workload requirements
  • Azure Networking architecture documentation
• recommend a connectivity solution that connects Azure resources to the Internet
  • What is Azure Firewall?
  • What is Azure Front Door Service?
• recommend a connectivity solution that connects Azure resources to on-premises networks
  • What is VPN Gateway?
  • What is Azure ExpressRoute?
• optimize network performance for applications
  • Optimize network throughput for Azure virtual machines
• recommend a solution to optimize network security
  • What is Azure Firewall?
  • Network security groups
  • Azure Web Application Firewall on Azure Application Gateway
  • Application Gateway configuration overview
  • What is Azure Firewall Manager?
  • What is Azure Front Door Service?
  • Create an Azure Bastion host
  • Azure security baseline for Virtual Network
  • Integrate Azure services with virtual networks for network isolation
  • Application security groups
  • Azure DDoS Protection Standard overview
  • Virtual network TAP
• recommend a load balancing and routing solution
  • Tutorial: Balance internal traffic load with a Basic load balancer in the Azure portal
  • Create an internal load balancer by using the Azure PowerShell module
  • Quickstart: Create a Load Balancer to load balance VMs using the Azure portal
  • What is Azure Front Door Service?
  • Quickstart: Create a Front Door for a highly available global web application
  • What is Traffic Manager?
  • What is Azure Route Server?
  • Virtual network traffic routing