Cover image for Exam Ref AZ-304 Microsoft Azure Architect Design Certification and Beyond

Exam Ref AZ-304 Microsoft Azure Architect Design Certification and Beyond

Release Date: 2021/07/01
ISBN: 9781800566934
Topic:
0%
33
Chapters
0-1
Hours read
0k
Total Words
    Start Reading Now    
       Add to Wishlist       
View table of contents

Master the Microsoft Azure platform and prepare for the AZ-304 certification exam by learning the key concepts needed to identify key stakeholder requirements and translate these into robust solutions

Key Features

  • Build secure and scalable solutions on the Microsoft Azure platform
  • Learn how to design solutions that are compliant with customer requirements
  • Work with real-world scenarios to become a successful Azure architect, and prepare for the AZ-304 exam

Book Description

The AZ-304 exam tests an architect's ability to design scalable, reliable, and secure solutions in Azure based on customer requirements. Exam Ref AZ-304 Microsoft Azure Architect Design Certification and Beyond offers complete, up-to-date coverage of the AZ-304 exam content to help you prepare for it confidently, pass the exam first time, and get ready for real-world challenges.

This book will help you to investigate the need for good architectural practices and discover how they address common concerns for cloud-based solutions. You will work through the CloudStack, from identity and access through to infrastructure (IaaS), data, applications, and serverless (PaaS). As you make progress, you will delve into operations including monitoring, resilience, scalability, and disaster recovery. Finally, you'll gain a clear understanding of how these operations fit into the real world with the help of full scenario-based examples throughout the book.

By the end of this Azure book, you'll have covered everything you need to pass the AZ-304 certification exam and have a handy desktop reference guide.

What you will learn

  • Understand the role of architecture in the cloud
  • Ensure security through identity, authorization, and governance
  • Find out how to use infrastructure components such as compute, containerization, networking, and storage accounts
  • Design scalable applications and databases using web apps, functions, messaging, SQL, and Cosmos DB
  • Maintain operational health through monitoring, alerting, and backups
  • Discover how to create repeatable and reliable automated deployments
  • Understand customer requirements and respond to their changing needs

Who this book is for

This book is for Azure Solution Architects who advise stakeholders and help translate business requirements into secure, scalable, and reliable solutions. Junior architects looking to advance their skills in the Cloud will also benefit from this book. Experience with the Azure platform is expected, and a general understanding of development patterns will be advantageous.

Table of Contents

  1. Exam Ref AZ-304 Microsoft Azure Architect Design Certification and Beyond
  2. Contributors
  3. About the author
  4. About the reviewers
  5. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
    4. Download the example code files
    5. Download the color images
    6. Conventions used
    7. Get in touch
    8. Reviews
  6. Section 1: Exploring Modern Architecture
  7. Chapter 1: Architecture for the Cloud
    1. Introducing architecture
    2. Exploring the transition from monolithic to microservices
    3. Mainframe computing
    4. Personal computing
    5. Virtualization
    6. Web apps, mobile apps, and APIs
    7. Cloud computing
    8. Migrating to the cloud from on-premises
    9. Understanding infrastructure and platform services
    10. IaaS
    11. PaaS
    12. Moving from Waterfall to Agile projects
    13. Waterfall
    14. Agile
    15. IaC
    16. Summary
  8. Chapter 2: Principles of Modern Architecture
    1. Architecting for security
    2. Knowing the enemy
    3. How do they hack?
    4. Defining your strategy
    5. Networking and firewalls
    6. Identity management
    7. Patching
    8. Application code
    9. Data encryption
    10. Defense-in-Depth
    11. User education
    12. Architecting for resilience and business continuity
    13. Defining requirements
    14. Using architectural best practices
    15. Testing and disaster recovery plans
    16. Architecting for performance
    17. Architecting for deployment
    18. Architecting for monitoring and operations
    19. Monitoring for security
    20. Monitoring for resilience
    21. Monitoring for performance
    22. Network monitoring
    23. Monitoring for DevOps and applications
    24. Summary
    25. Further reading
  9. Section 2: Identity and Security
  10. Chapter 3: Understanding User Authentication
    1. Differentiating authentication from authorization
    2. Introducing Azure AD
    3. Why AD?
    4. Azure AD versus AD DS
    5. Azure tenants
    6. Azure AD editions
    7. Integrating AD
    8. Cloud native
    9. Azure AD Connect
    10. Password Hash Synchronization
    11. Azure AD PTA
    12. Password Writeback
    13. Seamless SSO
    14. Federated authentication
    15. Azure AD Connect Health
    16. Understanding conditional access, MFA and security defaults
    17. MFA
    18. Security Defaults
    19. Understanding and setting up CA
    20. Using external identities
    21. Multi-tenancy
    22. Consumer applications – B2C
    23. External user collaboration – B2B
    24. Summary
    25. Exam scenario
  11. Chapter 4: Managing User Authorization
    1. Technical requirements
    2. Understanding Azure roles
    3. Classic roles
    4. Azure roles
    5. Azure AD roles
    6. Managing users with hierarchies
    7. Management groups, subscriptions, and resource groups
    8. Controlling access with PIM
    9. Activating PIM
    10. Just-In-Time elevated access
    11. Managing risk with Identity Protection
    12. User risk
    13. Sign-in risk
    14. Summary
    15. Exam solution
  12. Chapter 5: Ensuring Platform Governance
    1. Technical requirements
    2. Applying tagging
    3. Adding tags manually
    4. Managing tags through Azure PowerShell
    5. Managing tags in ARM templates
    6. Using tags
    7. Understanding Azure policies
    8. Using policies and initiatives
    9. Policy structure
    10. Creating a policy and initiative definition
    11. Assigning an initiative
    12. Viewing the compliance dashboard
    13. Creating a remediation task
    14. Using virtual machine guest configurations
    15. Best practices
    16. Using Azure Blueprints
    17. Creating a blueprint definition
    18. Publishing and assigning a blueprint
    19. Summary
    20. Exam scenario
    21. Further reading
  13. Chapter 6: Building Application Security
    1. Technical requirements
    2. Introducing Azure Key Vault
    3. Creating a key vault
    4. Managing Key Vault secrets
    5. Using Key Vault keys
    6. Using Key Vault certificates
    7. Access policies
    8. Working with security principals
    9. Creating the service principal
    10. Setting the access policy
    11. Creating the web app
    12. Integrating applications into Azure Active Directory
    13. Deploying a web app
    14. Enabling AD integration
    15. Using managed identities
    16. Assigning a managed identity
    17. Using managed identities in web apps
    18. Summary
    19. Exam Scenario
    20. Further reading
  14. Section 3: Infrastructure and Storage Components
  15. Chapter 7: Designing Compute Solutions
    1. Technical requirements
    2. Understanding different types of compute
    3. Comparing compute options
    4. Automating virtual machine management
    5. Architecting for containerization and Kubernetes
    6. Containerization
    7. Azure Kubernetes Service
    8. Pods
    9. Summary
    10. Exam scenario
    11. Further reading
  16. Chapter 8: Network Connectivity and Security
    1. Technical requirements
    2. Understanding Azure networking options
    3. Understanding IP addressing and DNS in Azure
    4. Understanding subnets and subnet masks
    5. Public IP addresses
    6. Private IP addresses
    7. Azure DNS
    8. Azure private DNS zones
    9. Azure public DNS zones
    10. Implementing network security
    11. Network Security Groups
    12. Application Security Groups
    13. Azure Firewall
    14. Service endpoints
    15. Private endpoint connections
    16. Connectivity
    17. VNET peering
    18. VPN gateways
    19. ExpressRoute
    20. Routing
    21. Load balancing and advanced traffic routing
    22. Azure Load Balancer
    23. Azure Traffic Manager
    24. Application Gateway
    25. Azure Front Door
    26. Choosing the right options
    27. Summary
    28. Exam scenario
    29. Further reading
  17. Chapter 9: Exploring Storage Solutions
    1. Technical requirements
    2. Understanding storage types
    3. Azure Storage accounts
    4. Data classification
    5. Operational decisions
    6. VM disks
    7. Designing storage security
    8. Network protection
    9. Authorization
    10. Encryption
    11. Auditing
    12. Using storage management tools
    13. Azure Storage REST APIs
    14. AzCopy
    15. Azure Storage Explorer
    16. Summary
    17. Exam scenario
    18. Further reading
  18. Chapter 10: Migrating Workloads to Azure
    1. Technical requirements
    2. Assessing on-premises systems
    3. The discovery phase
    4. Understanding migration options
    5. Migrating virtual machines and databases
    6. Migrating virtual machines
    7. Migrating databases
    8. Monitoring and optimizing your migration
    9. Azure Monitor
    10. Azure Cost Management
    11. Azure Advisor
    12. Summary
    13. Exam scenario
  19. Section 4: Applications and Databases
  20. Chapter 11: Comparing Application Components
    1. Technical requirements
    2. Working with web applications
    3. Using deployment slots
    4. App services VNet Integration
    5. Managing APIs with Azure API Gateway
    6. Using API policies
    7. Securing your APIs with subscription keys
    8. Client certificates
    9. OAuth 2.0 and OpenID Connect
    10. Understanding microservices
    11. Using messaging and events
    12. Azure Event Grid
    13. Event Hubs
    14. Storage queues
    15. Azure Service Bus
    16. Summary
    17. Exam scenario
    18. Further reading
  21. Chapter 12: Creating Scalable and Secure Databases
    1. Technical requirements
    2. Selecting a database platform
    3. Understanding SQL databases
    4. NoSQL databases
    5. Understanding database service tiers
    6. SQL Database tiers
    7. Designing scalable databases
    8. Using read replicas
    9. Using database sharding
    10. Securing databases with encryption
    11. Summary
    12. Exam scenario
    13. Further reading
  22. Chapter 13: Options for Data Integration
    1. Technical requirements
    2. Understanding data flows
    3. Comparing integration tools
    4. ADLS Gen2
    5. Azure Data Factory
    6. Exploring data analytics
    7. Azure Databricks
    8. Azure Synapse Analytics
    9. Putting it all together
    10. Summary
    11. Exam scenario
    12. Further reading
  23. Chapter 14: High Availability and Redundancy Concepts
    1. Technical requirements
    2. Understanding virtual machine availability
    3. Fault domains and update domains
    4. Availability Zones
    5. Azure virtual machine scale sets
    6. Understanding Azure storage resiliency options
    7. Understanding SQL database availability
    8. Understanding Cosmos DB availability
    9. Consistency levels
    10. Summary
    11. Exam scenario
    12. Further reading
  24. Section 5: Operations and Monitoring
  25. Chapter 15: Designing for Logging and Monitoring
    1. Technical requirements
    2. Understanding logs and storage options
    3. Understanding data types and sources
    4. Understanding log use cases
    5. VM logging and monitoring
    6. Understanding deployment options
    7. Exploring monitoring tools
    8. Activity logs
    9. Azure Metrics
    10. Azure alerts
    11. Log Analytics workspaces
    12. Understanding security and compliance
    13. Azure Security Center
    14. Azure Defender
    15. Azure Sentinel
    16. Using cost management and reporting
    17. Summary
    18. Exam scenario
    19. Further reading
  26. Chapter 16: Developing Business Continuity
    1. Technical requirements
    2. Understanding recovery solutions
    3. Understanding the Recovery Time Objective (RTO)
    4. Understanding the Recovery Point Objective (RPO)
    5. Understanding Azure Backup options
    6. Planning for Azure Backup
    7. Understanding backup policies
    8. Planning for Site Recovery
    9. Understanding recovery plans
    10. Planning for database backups
    11. Understanding Azure SQL backups
    12. Understanding Cosmos DB backups
    13. Understanding the data archiving options
    14. Summary
    15. Exam scenario
    16. Further reading
  27. Chapter 17: Scripted Deployments and DevOps Automation
    1. Technical requirements
    2. Exploring provisioning options
    3. Looking at the Azure REST API
    4. Choosing between PowerShell and the Azure CLI
    5. Signing in to Azure
    6. Selecting a subscription
    7. Listing resource groups
    8. Understanding ARM templates
    9. Looking at Azure DevOps
    10. Azure Repos
    11. Azure Pipelines
    12. Azure Artifacts
    13. Summary
    14. Exam scenario
    15. Further reading
  28. Section 6: Beyond the Exam
  29. Chapter 18: Engaging with Real-World Customers
    1. Working with customers
    2. Who are my stakeholders?
    3. Gathering requirements
    4. Exploring common goals
    5. Understanding costs
    6. Understanding operational requirements
    7. Understanding performance requirements
    8. Understanding reliability requirements
    9. Understanding security requirements
    10. Mapping requirements
    11. Getting feedback
    12. Summary
    13. Further reading
  30. Chapter 19: Enterprise Design Considerations
    1. Understanding your customer
    2. Looking at process differences
    3. Understanding governance, risk, and security
    4. Optimizing costs
    5. Creating landing zones
    6. Identity
    7. Network topology
    8. Governance
    9. Disaster recovery and backup
    10. Monitoring and operations
    11. Building with continual iteration
    12. Summary
    13. Further reading
  31. Mock Exam
  32. Mock Answers
  33. Assessments
    1. Chapter 3
    2. Chapter 4
    3. Chapter 5
    4. Chapter 6
    5. Chapter 7
    6. Chapter 8
    7. Chapter 9
    8. Chapter 10
    9. Chapter 11
    10. Chapter 12
    11. Chapter 13
    12. Chapter 14
    13. Chapter 15
    14. Chapter 16
    15. Chapter 17
    16. Why subscribe?
  34. Other Books You May Enjoy
    1. Packt is searching for authors like you
    2. Leave a review - let other readers know what you think
18.219.236.62