Exam Ref AZ-300 Microsoft Azure Architect Technologies

Book description

Prepare for Microsoft Exam AZ-300—and help demonstrate your real-world mastery of architecting high-value Microsoft Azure solutions for your organization or customers. Designed for modern IT professionals, this Exam Ref focuses on the critical thinking and decision-making acumen needed for success at the Microsoft Certified Expert level.

Focus on the expertise measured by these objectives:

  • Deploy and configure infrastructure
  • Implement workloads and security
  • Create and deploy apps
  • Implement authentication and secure data
  • Develop for the cloud and for Azure storage

This Microsoft Exam Ref:

  • Organizes its coverage by exam objectives
  • Features strategic, what-if scenarios to challenge you
  • Assumes you are an IT professional who wants to demonstrate your ability to design modern Microsoft Azure solutions involving compute, network, storage, and security

About the Exam

Exam AZ-300 focuses on knowledge needed to analyze resource usage; create and configure storage accounts and VMs; automate VM deployments and implement VM solutions; create and manage virtual networks; manage Azure AD and hybrid identities; migrate servers to Azure; configure serverless computing; implement app load balancing; integrate on-premises and virtual networks; manage RBAC; implement MFA; create web apps with PaaS; design and develop containerized apps; implement authentication and secure data solutions; build solutions with Cosmos DB or RDBMSes; configure message-based integration architecture; and develop for autoscaling.

About Microsoft Certification

Passing this exam and Exam AZ-301: Microsoft Azure Architect Design fulfills your requirements for the Microsoft Certified: Azure Solutions Architect Expert credential, demonstrating your expertise in compute, network, storage, and security for designing modern cloud-based solutions that run on Microsoft Azure.

See full details at: microsoft.com/learn

Table of contents

  1. Cover Page
  2. Title Page
  3. Copyright Page
  4. Contents at a glance
  5. Contents
  6. Acknowledgments
  7. About the Authors
  8. Introduction
    1. Organization of this book
    2. Microsoft certifications
    3. Quick access to online references
    4. Errata, updates, and book support
    5. Stay in touch
  9. Important: How to use this book to study for the exam
  10. Chapter 1. Deploy and configure infrastructure
    1. Skill 1.1: Analyze resource utilization and consumption
      1. Configure diagnostic settings on resources
      2. Create a baseline for resources
      3. Analyze metrics across subscriptions
      4. Create and analyze alerts across subscriptions
      5. Create action groups
      6. Monitor for unused resources
      7. Monitor and report on spend
    2. Skill 1.2: Create and configure storage accounts
      1. Create and configure a storage account
      2. Implement Azure storage replication
      3. Install and use Azure Storage Explorer
      4. Manage access keys
      5. Generate a shared access signature
      6. Monitor the Activity Log by using Log Analytics and Azure Monitor
    3. Skill 1.3: Create and configure a virtual machine for Windows and Linux
      1. Configure high availability
      2. Configure monitoring, networking, storage, and VM size
      3. Deploy and configure scale sets
    4. Skill 1.4: Automate the deployment of virtual machines
      1. Deploy Windows and Linux VMs from a template
      2. Save a deployment as an ARM template
      3. Modify Azure Resource Manager templates
    5. Skill 1.5: Implement solutions that use virtual machines
      1. Provision VMs with a new ARM template
      2. Configure disk encryption for VMs
    6. Skill 1.6: Create connectivity between virtual networks
      1. Create and configure virtual network peering
      2. Create and configure VNet-to-VNet VPN
      3. Verify virtual network connectivity
    7. Skill 1.7: Implement and manage Azure virtual networking
      1. Configure virtual networks
      2. Configure network interfaces and IP addresses
      3. Configure network routes
    8. Skill 1.8: Manage Azure Active Directory
      1. Add custom domains
      2. Manage multiple directories
      3. Configure self-service password reset
      4. Implement conditional access policies
      5. Perform an access review
      6. Configure Azure AD Identity Protection
      7. Configure Azure AD Join
      8. Configure Enterprise State Roaming
    9. Skill 1.9: Implement and manage hybrid identities
      1. Install and configure Azure AD Connect
      2. Manage Azure AD Connect
    10. Chapter summary
    11. Thought experiment
    12. Thought experiment answers
  11. Chapter 2. Implement workloads and security
    1. Skill 2.1: Migrate servers to Azure
      1. Configure Azure components of Site Recovery
      2. Configure on-premises components of Site Recovery
      3. Replicate data to Azure
      4. Migrate by using Azure Site Recovery
    2. Skill 2.2: Configure serverless computing
      1. Create a simple logic app
      2. Manage Azure Functions
      3. Manage Azure Event Grid
      4. Manage Azure Service Bus
    3. Skill 2.3: Implement application load balancing
      1. Configure Application Gateway and load balancing rules
      2. Implement front-end IP configurations
      3. Manage application load balancing
    4. Skill 2.4: Integrate an Azure virtual network andan on-premises network
      1. Create and configure Azure VPN Gateway
      2. Create and configure site-to-site VPN
      3. Verify on-premises connectivity
      4. Manage on-premises connectivity with Azure
      5. Configure ExpressRoute
    5. Skill 2.5: Manage Role-Based Access Control (RBAC)
      1. Create a custom role
      2. Configure access to resources by assigning roles
      3. Configure Management Access to Azure
      4. Troubleshoot RBAC
      5. Implement Azure Policy
    6. Skill 2.6: Implement Multi-Factor Authentication (MFA)
      1. Enable MFA for an Azure AD Tenant
      2. Configure user accounts for use with MFA
      3. Configure trusted IPs for MFA
      4. Configure fraud alerts for MFA
      5. Configure MFA bypass options
      6. Configure MFA verification methods
    7. Chapter summary
    8. Thought experiment
    9. Thought experiment answers
  12. Chapter 3. Create and deploy apps
    1. Skill 3.1: Create web apps by using PaaS
      1. Create an Azure App Service web app
      2. Create an App Service web app for containers
      3. Create documentation for an API
      4. Create an App Service background task by using WebJobs
      5. Enable diagnostics logging for web apps
    2. Skill 3.2: Design and develop apps that run in containers
      1. Create a container image by using a Dockerfile
      2. Publish an image to the Azure Container Registry
      3. Implement an application that runson an AzureContainer Instance
      4. Manage container settings by using code
      5. Create an Azure Container Service (ACS/AKS)
    3. Chapter summary
    4. Thought experiment
    5. Thought experiment answers
  13. Chapter 4. Implement Authentication and Secure Data
    1. Skill 4.1: Implement authentication
      1. Implement authentication by using certificates,forms-based authentication, tokens orWindows-integrated authentication
      2. Implement Multi-Factor Authentication by using Azure AD
      3. Implement OAuth 2.0
      4. Implement managed identities for Azureresourcesservice principle authentication
    2. Skill 4.2: Implement secure data solutions
      1. Create, read, update, delete keys, secrets, andcertificates byusing the key vault API
      2. Encrypt and decrypt data at rest and in transit
      3. Encrypt data with Always Encrypted
      4. Implement Azure Confidential Compute and SSL/TLScommunications
    3. Chapter summary
    4. Thought experiment
    5. Thought experiment answers
  14. Chapter 5. Develop for the cloud and for Azure Storage
    1. Skill 5.1: Develop solutions that use Cosmos DB Storage
      1. Create and manage Azure Cosmos DB account
      2. Manage scalability and implementing partitioning schemes for Cosmos DB
      3. Set appropriate consistency level for operations
      4. Create, read, update, and delete data by appropriate APIs
    2. Skill 5.2: Develop solutions that use a relational database
      1. Provision and configure relational databases
      2. Create elastic pools for Azure SQL databases
      3. Create, read, update, and delete data tables by using code
    3. Skill 5.3: Configure a message-based integration architecture
      1. Configure an app or service to send emails, Event Grid, and the Azure Relay Service
      2. Create and configure Notification Hubs, Event Hubs, and Service Bus
      3. Configure queries across multiple products
    4. Skill 5.4: Develop for autoscaling
      1. Implement autoscaling rules and patterns
      2. Implement code that addresses the transient state
    5. Chapter summary
    6. Thought experiment
    7. Thought experiment answers
  15. Index

Product information

  • Title: Exam Ref AZ-300 Microsoft Azure Architect Technologies
  • Author(s): Mike Pfeiffer, Derek Schauland, Nicole Stevens, Timothy L. Warner
  • Release date: November 2019
  • Publisher(s): Microsoft Press
  • ISBN: 9780135881477