70-534 – Architecting Microsoft Azure Solutions
70-534 – Skills to study
Well if you love Microsoft products as much as we do, and you wish to learn about them further and be recognised as one of the select few that are solution experts, well you will need to study, study and complete more study. There is nothing better than hands on experience combined with excellent articles and blogs to help you pass. First thing to do would be to sign up to Azure for a free account. Microsoft offers free $200 a month which should be more than enough to put what you learn in to practice. As always with Microsoft’s Azure, you are billed by the minute, so make sure to shutdown and deallocate anything you build to avoid using up your free credits. (You could also use our tool, the Azure Virtual Machine Scheduler to automate the shutdown, deallocate and power back on your VMs with a schedule you specify. You can download a free 30 day trial to test for yourself.)
If you are familiar with Microsoft exams, they are never easy. Be prepared to spend many nights reading books, watching videos and playing in your test Azure subscription to gain first hand experience. The following is taken from the Microsoft site for the required sections that you will need to study to pass the 70-534 exam, and I will cover off in future posts to help you with this.
Design Microsoft Azure infrastructure and networking (15-20%)
Describe how Azure uses Global Foundation Services (GFS) datacenters
Understand Azure datacenter architecture, regional availability, and high availability
Design Azure virtual networks, networking services, DNS, DHCP, and IP addressing configuration
Extend on-premises Active Directory, deploy Active Directory, define static IP reservations, understand ACLs and Network Security Groups, design resource groups
Design Azure Compute
Design Azure virtual machines (VMs) and VM architecture for IaaS and PaaS; understand availability sets, fault domains, and update domains in Azure; differentiate between machine classifications
Describe Azure virtual private network (VPN) and ExpressRoute architecture and design
Describe Azure point-to-site (P2S) and site-to-site (S2S) VPN, understand the architectural differences between Azure VPN and ExpressRoute
Describe Azure services
Understand, at a high level, Azure load balancing options, including Traffic Manager, Azure Media Services, CDN, Azure Active Directory (Azure AD), Azure Cache, Multi-Factor Authentication, and Service Bus
Design Azure virtual networks, network services, DNS, DHCP and IP addressing configuration (15-20%)
Secure resources by using managed identities
Describe the differences between Active Directory on-premises and Azure AD, programmatically access Azure AD using Graph API, secure access to resources from Azure AD applications using OAuth and OpenID Connect
Secure resources by using hybrid identities
Use SAML claims to authenticate to on-premises resources, describe DirSync synchronization, implement federated identities using Azure Access Control service (ACS) and Active Directory Federation Services (ADFS)
Secure resources by using identity providers
Provide access to resources using identity providers, such as Microsoft account, Facebook, Google, and Yahoo!; manage identity and access by using Azure Active Directory B2C
Identify an appropriate data security solution
Use the appropriate Access Control List (ACL), identify security requirements for data in transit and data at rest; identify, assess, and mitigate security risks by using Azure Operations Management Suite
Design a role-based access control strategy
Secure resource scopes, such as the ability to create VMs and Azure Web Apps
Design an application storage and data access strategy (15-20%)
Design data storage
Design storage options for data, including Table Storage, SQL Database, DocumentDB, Blob Storage, MongoDB, and MySQL; design security options for SQL Database or Azure Storage; identify the appropriate VM type and size for a solution
Design applications that use Mobile Apps
Create Azure Mobile Services, consume Mobile Apps from cross-platform clients, integrate offline sync capabilities into an application, extend Mobile Apps using custom code, implement Mobile Apps using Microsoft .NET or Node.js, secure Mobile Apps using Azure AD
Design applications that use notifications
Implement push notification services in Mobile Apps, send push notifications to all subscribers, specific subscribers, or a segment of subscribers
Design applications that use a web API
Implement a custom web API, scale using Azure Web Apps, offload long-running applications using WebJobs, secure a web API using Azure AD
Design a data access strategy for hybrid applications
Connect to on-premises data from Azure applications using Service Bus Relay, Hybrid Connections, or the VPN capability of Websites, identify constraints for connectivity with VPN, identify options for joining VMs to domains or cloud services
Design a media solution
Describe Media Services, understand key components of Media Services, including streaming capabilities, video on-demand capabilities, and monitoring services
Design an advanced application (15-20%)
Create compute-intensive applications
Design high-performance computing (HPC) and other compute-intensive applications using Azure Services
Create long-running applications
Implement worker roles for scalable processing, design stateless components to accommodate scale
Select the appropriate storage option
Use a queue-centric pattern for development, select the appropriate storage for performance, identify storage options for cloud services and hybrid scenarios with compute on-premises and storage on Azure, differentiate between cloud services and VMs interacting with storage service and SQL Database
Integrate Azure services in a solution
Identify the appropriate use of Azure Machine Learning, big data, Azure Media Services, and Azure Search services
Design Azure Web Apps (15-20%)
Design Azure Web Apps for scalability and performance
Globally scale Azure Web Apps, create Azure Web Apps using Visual Studio, debug Azure Web Apps, understand supported languages, differentiate between Azure Web Apps to VMs and cloud services
Deploy Azure Web Apps
Implement Azure Site Extensions, create packages, App service plans, deployment slots, resource groups, publishing options, Web Deploy, and FTP locations and settings
Design Azure Web Apps for business continuity
Scale up and scale out using Azure Web Apps and SQL Database, configure data replication patterns, update Azure Web Apps with minimal downtime, back up and restore data, design for disaster recovery, deploy Azure Web Apps to multiple regions for high availability, design the data tier; use Azure Resource Manager (ARM) templates to configure highly available Web Apps
Design a management, monitoring, and business continuity strategy (15-20%)
Evaluate hybrid and Azure-hosted architectures for Microsoft System Center deployment
Understand, at an architectural level, which components are supported in Azure; describe design considerations for managing Azure resources with System Center; understand which scenarios would dictate a hybrid scenario
Design a monitoring strategy
Identify the Microsoft products and services for monitoring Azure solutions; understand the capabilities of System Center for monitoring an Azure solution; understand built-in Azure capabilities; identify third-party monitoring tools, including open source; describe use cases for Operations Manager, Global Service Monitor, and Application Insights; describe the use cases for Windows Software Update Services (WSUS), Configuration Manager, and custom solutions; describe the Azure architecture constructs, such as availability sets and update domains, and how they impact a patching strategy; analyze logs by using the Azure Operations Management Suite
Describe Azure business continuity/disaster recovery (BC/DR) capabilities
Understand the architectural capabilities of BC/DR, describe Hyper-V Replica and Azure Site Recovery (ASR), describe use cases for Hyper-V Replica and ASR; use Azure Backup to back up ARM VMs
Design a disaster recovery strategy
Design and deploy Azure Backup and other Microsoft backup solutions for Azure, understand use cases when StorSimple and System Center Data Protection Manager would be appropriate, design and deploy Azure Site recovery
Design Azure Automation and PowerShell workflows
Create a PowerShell script specific to Azure, automate tasks by using the Azure Operations Management Suite
Describe the use cases for Azure Automation configuration
Understand when to use Azure Automation, Chef, Puppet, PowerShell, or Desired State Configuration (DSC)
Azure Exam FAQs
| Question | Answer |
|---|---|
What is the 70-534 exam? |
The 70-534 exam is a Microsoft certification exam that tests your ability to design and implement Azure solutions. |
What skills do I need to study for the 70-534 exam? |
You will need to have a solid understanding of Microsoft Azure infrastructure and networking, as well as experience with Azure virtual networks, networking services, DNS, DHCP, and IP addressing configuration. |
What resources are available to help me prepare for the exam? |
Microsoft offers free $200 a month Azure credits which should be more than enough to put what you learn into practice. You can also sign up for hands-on experience, read articles and blogs, watch videos and use test Azure subscriptions to gain first-hand experience. |
How can I secure my resources when using Azure? |
You can use managed identities, hybrid identities, and identity providers to secure your resources. You can also implement role-based access control strategies and identify appropriate data security solutions. |
What options do I have for data storage in Azure? |
You can choose from several storage options, including Table Storage, SQL Database, DocumentDB, Blob Storage, MongoDB, and MySQL. You should also design security options for SQL Database or Azure Storage and identify the appropriate VM type and size for a solution. |
How can I design applications that use notifications or a web API? |
You can implement push notification services in Mobile Apps and send push notifications to all subscribers or specific segments. You can also implement a custom web API, scale using Azure Web Apps, offload long-running applications using WebJobs, and secure a web API using Azure AD. |
What is the importance of a data access strategy for hybrid applications? |
A data access strategy is important for connecting to on-premises data from Azure applications using Service Bus Relay, Hybrid Connections, or the VPN capability of Websites. It helps you identify constraints for connectivity with VPN and options for joining VMs to domains or cloud services. |
How can I design an advanced application? |
You can create compute-intensive applications using Azure Services, implement worker roles for scalable processing, and select the appropriate storage option. You should also design stateless components to accommodate scale. |
Continue reading the next blog post to learn about the Azure Datacentres for the 70-534 exam.
