You are on page 1of 4

Design Microsoft Azure infrastructure and networking (1520%)

Describe how Azure uses Global Foundation Services (GFS) data centres

Design Azure virtual networks, networking services, DNS, DHCP and IP

addressing configuration

Design Azure virtual machines (VMs) and VM architecture for IaaS

and PaaS; understand availability sets, fault domains and update
domains in Azure; differentiate between machine classifications

Describe Azure virtual private network (VPN) and ExpressRoute

architecture and design

Extend on-premises Active Directory, deploy Active Directory, define

static IP reservations, understand ACLs and Network Security Groups,
design resource groups

Design Azure Compute

Understand Azure data centre architecture, regional availability and

high availability

Describe Azure point-to-site (P2S) and site-to-site (S2S) VPN,

understand the architectural differences between Azure VPN and

Describe Azure services

Understand, at a high level, Azure load balancing options, including

Traffic Manager, Azure Media Services, CDN, Azure Active Directory
(Azure AD), Azure Cache, Multi-Factor Authentication and Service Bus

Secure resources (1520%)

Secure resources by using managed identities

Secure resources by using hybrid identities

Describe the differences between Active Directory on-premises and

Azure AD, programmatically access Azure AD using Graph API,
secure access to resources from Azure AD applications using OAuth
and OpenID Connect

Use SAML claims to authenticate to on-premises resources, describe

DirSync synchronisation, implement federated identities using Azure
Access Control service (ACS) and Active Directory Federation
Services (ADFS)

Secure resources by using identity providers

Identify an appropriate data security solution

Provide access to resources using identity providers, such as

Microsoft account, Facebook, Google and Yahoo!; manage identity
and access by using Azure Active Directory B2C

Use the appropriate Access Control List (ACL), identify security

requirements for data in transit and data at rest; identify, assess and
mitigate security risks by using Azure Operations Management Suite

Design a role-based access control strategy

Secure resource scopes, such as the ability to create VMs and Azure
Web Apps

Design an application storage and data access strategy (1520%)

Design data storage

Design applications that use Mobile Apps

Implement a custom web API, scale using Azure Web Apps, offload
long-running applications using WebJobs, secure a web API using
Azure AD

Design a data access strategy for hybrid applications

Implement push notification services in Mobile Apps, send push

notifications to all subscribers, specific subscribers or a segment of

Design applications that use a web API

Create Azure Mobile Services, consume Mobile Apps from crossplatform clients, integrate offline sync capabilities into an
application, extend Mobile Apps using custom code, implement
Mobile Apps using Microsoft .NET or Node.js, secure Mobile Apps
using Azure AD

Design applications that use notifications

Design storage options for data, including Table Storage, SQL

Database, DocumentDB, Blob Storage, MongoDB and MySQL; design
security options for SQL Database or Azure Storage; identify the
appropriate VM type and size for a solution

Connect to on-premises data from Azure applications using Service

Bus Relay, Hybrid Connections, or the VPN capability of Websites,
identify constraints for connectivity with VPN, identify options for
joining VMs to domains or cloud services

Design a media solution

Describe Media Services, understand key components of Media

Services, including streaming capabilities, video on-demand
capabilities and monitoring services

Design an advanced application (1520%)

Create compute-intensive applications

Create long-running applications

Implement worker roles for scalable processing, design stateless

components to accommodate scale

Select the appropriate storage option

Design high-performance computing (HPC) and other computeintensive applications using Azure Services

Use a queue-centric pattern for development, select the appropriate

storage for performance, identify storage options for cloud services
and hybrid scenarios with compute on-premises and storage on
Azure, differentiate between cloud services and VMs interacting with
storage service and SQL Database

Integrate Azure services in a solution

Identify the appropriate use of Azure Machine Learning, big data,

Azure Media Services and Azure Search services

Design Azure Web Apps (1520%)

Design Azure Web Apps for scalability and performance

Deploy Azure Web Apps

Globally scale Azure Web Apps, create Azure Web Apps using Visual
Studio, debug Azure Web Apps, understand supported languages,
differentiate between Azure Web Apps to VMs and cloud services

Implement Azure Site Extensions, create packages, App service

plans, deployment slots, resource groups, publishing options, Web
Deploy and FTP locations and settings

Design Azure Web Apps for business continuity

Scale up and scale out using Azure Web Apps and SQL Database,
configure data replication patterns, update Azure Web Apps with
minimal downtime, back up and restore data, design for disaster
recovery, deploy Azure Web Apps to multiple regions for high
availability, design the data tier

Design a management, monitoring and business continuity strategy (1520%)

Evaluate hybrid and Azure-hosted architectures for Microsoft System

Center deployment

Design a monitoring strategy

Design and deploy Azure Backup and other Microsoft backup

solutions for Azure, understand use cases when StorSimple and
System Center Data Protection Manager would be appropriate,
design and deploy Azure Site recovery

Design Azure Automation and PowerShell workflows

Understand the architectural capabilities of BC/DR, describe Hyper-V

Replica and Azure Site Recovery (ASR), describe use cases for HyperV Replica and ASR

Design a disaster recovery strategy

Identify the Microsoft products and services for monitoring Azure

solutions; understand the capabilities of System Center for
monitoring an Azure solution; understand built-in Azure capabilities;
identify third-party monitoring tools, including open source; describe
use cases for Operations Manager, Global Service Monitor and
Application Insights; describe the use cases for Windows Software
Update Services (WSUS), Configuration Manager and custom
solutions; describe the Azure architecture constructs, such as
availability sets and update domains, and how they impact a
patching strategy; analyse logs by using the Azure Operations
Management Suite

Describe Azure business continuity/disaster recovery (BC/DR) capabilities

Understand, at an architectural level, which components are

supported in Azure; describe design considerations for managing
Azure resources with System Center; understand which scenarios
would dictate a hybrid scenario

Create a PowerShell script specific to Azure, automate tasks by

using the Azure Operations Management Suite

Describe the use cases for Azure Automation configuration

Understand when to use Azure Automation, Chef, Puppet,

PowerShell or Desired State Configuration (DSC)