Azure Solution Architect
Azure Solution Architect
Azure Solution Architect :
Azure Az-104
Manage Azure AD objects
Create users and groups
Manage licenses in Azure AD
Create administrative units
Manage user and group properties
Manage device settings and device identity
Perform bulk updates
Manage guest accounts
Configure self-service password reset
Manage access control
Create custom role-based access control (RBAC) and Azure AD roles
Provide access to Azure resources by assigning roles at different scopes
Interpret access assignments
Manage Azure subscriptions and governance
Configure and manage Azure Policy
Configure resource locks
Apply and manage tags on resources
Manage resource groups
Manage subscriptions
Manage costs by using alerts, budgets, and recommendations
Configure management groups
Implement and manage storage :
Configure access to storage
Configure network access to storage accounts
Create and configure storage accounts
Generate shared access signature tokens
Configure stored access policies
Manage access keys
Configure Azure AD authentication for a storage account
Configure storage encryption
Manage data in Azure storage accounts
Create import and export jobs
Manage data by using Azure Storage Explorer and AzCopy
Implement Azure Storage redundancy
Configure object replication
Configure Azure Files and Azure Blob Storage
Create an Azure file share
Configure Azure Blob Storage
Configure storage tiers
Configure blob lifecycle management
Deploy and manage Azure compute resources :
Automate deployment of resources by using templates
Modify an ARM template
Deploy a template
Save a deployment as an ARM template
Deploy virtual machine (VM) extensions
Create and configure VMs
Create a VM
Manage images by using the Azure Compute Gallery
Configure Azure Disk Encryption
Move VMs from one resource group to another
Manage VM sizes
Add data disks
Configure VM network settings
Configure VM availability options
Deploy and configure VM scale sets
Create and configure containers
Configure sizing and scaling for Azure Container Instances
Configure container groups for Azure Container Instances
Create and configure Azure Container Apps
Configure storage for Azure Kubernetes Service (AKS)
Configure scaling for AKS
Configure network connections for AKS
Upgrade an AKS cluster
Create and configure an Azure App Service
Create an App Service plan
Configure scaling settings in an App Service plan
Create an App Service
Secure an App Service
Configure custom domain names
Configure backup for an App Service
Configure networking settings
Configure deployment settings
Configure and manage virtual networking :
Configure virtual networks
Create and configure virtual networks and subnets
Create and configure virtual network peering
Configure private and public IP addresses
Configure user-defined network routes
Configure Azure DNS
Configure secure access to virtual networks
Create and configure network security groups (NSGs) and application security groups (ASGs)
Evaluate effective security rules
Implement Azure Bastion
Configure service endpoints on subnets
Configure private endpoints
Configure load balancing
Configure Azure Application Gateway
Configure an internal or public load balancer
Troubleshoot load balancing
Monitor virtual networking
Monitor on-premises connectivity
Configure and use Azure Monitor for networks
Use Azure Network Watcher
Troubleshoot external networking
Troubleshoot virtual network connectivity
Monitor and maintain Azure resources :
Monitor resources by using Azure Monitor
Configure and interpret metrics
Configure Azure Monitor Logs
Query and analyze logs
Set up alerts and actions
Configure monitoring of VMs, storage accounts, and networks by using VM insights
Implement backup and recovery
Create an Azure Recovery Services vault
Create an Azure Backup vault
Create and configure backup policy
Perform backup and restore operations by using Azure Backup
Configure Azure Site Recovery for Azure resources
Perform failover to a secondary region by using Azure Site Recovery
Configure and review backup reports
AZURE AZ-305
Design identity, governance, and monitoring solutions :
Design a solution for logging and monitoring
Design a log routing solution
Recommend an appropriate level of logging
Recommend monitoring tools for a solution
Design authentication and authorization solutions
Recommend a solution for securing resources with role-based access control
Recommend an identity management solution
Recommend a solution for securing identities
Design governance
Recommend an organizational and hierarchical structure for Azure resources
Recommend a solution for enforcing and auditing compliance
Design identities and access for applications
Recommend solutions to allow applications to access Azure resources
Recommend a solution that securely stores passwords and secrets
Recommend a solution for integrating applications into Microsoft Azure Active Directory (Azure AD), part of Microsoft Entra
Recommend a user consent solution for applications
Design data storage solutions :
Design a data storage solution for relational data
Recommend database service tier sizing
Recommend a solution for database scalability
Recommend a solution for encrypting data at rest, data in transmission, and data in use
Design data integration
? Recommend a solution for data integration
Recommend a solution for data analysis
Recommend a data storage solution
? Recommend a solution for storing relational data
Recommend a solution for storing semi-structured data
Recommend a solution for storing non-relational data
Design a data storage solution for non-relational data
Recommend access control solutions to data storage
Recommend a data storage solution to balance features, performance, and cost
Design a data solution for protection and durability
Design business continuity solutions :
Design a solution for backup and disaster recovery
Recommend a recovery solution for Azure, hybrid, and on-premises workloads that meets recovery objectives (Recovery Time Objective [RTO], Recovery Level Objective [RLO], Recovery Point Objective [RPO])
Understand the recovery solutions for containers
Recommend a backup and recovery solution for compute
Recommend a backup and recovery solution for databases
Recommend a backup and recovery solution for unstructured data
Design for high availability
? Identify the availability requirements of Azure resources
Recommend a high availability solution for compute
Recommend a high availability solution for non-relational data storage
Recommend a high availability solution for relational data storage
Design infrastructure solutions :
Design a compute solution
Recommend a virtual machine–based compute solution
Recommend an appropriately sized compute solution based on workload requirements
Recommend a container-based compute solution
Recommend a serverless-based compute solution
Design an application architecture
Recommend a caching solution for applications
Recommend a messaging architecture
Recommend an event-driven architecture
Recommend an automated deployment solution for your applications
Recommend an application configuration management solution
Recommend a solution for API integration
Design migrations
Evaluate a migration solution that leverages the Cloud Adoption Framework for Azure
Assess and interpret on-premises servers, data, and applications for migration
Recommend a solution for migrating applications and virtual machines
Recommend a solution for migrating databases
Recommend a solution for migrating unstructured data
Design network solutions
Recommend a network architecture solution based on workload requirements
Recommend a connectivity solution that connects Azure resources to the internet
Recommend a connectivity solution that connects Azure resources to on-premises networks
Optimize network performance for applications
Recommend a solution to optimize network security
Recommend a load balancing and routing solution