Exam Ref AZ-304 Microsoft Azure Architect Design Certification and Beyond

Length: 520 pages
Edition: 1
Language: English
Publisher: Packt Publishing
Publication Date: 2021-07-23
ISBN-10: 180056693X
ISBN-13: 9781800566934
Sales Rank: #1127671 (See Top 100 Books)

Master the Microsoft Azure platform and prepare for the AZ-304 certification exam by learning the key concepts needed to identify key stakeholder requirements and translate these into robust solutions

Key Features

Build secure and scalable solutions on the Microsoft Azure platform
Learn how to design solutions that are compliant with customer requirements
Work with real-world scenarios to become a successful Azure architect, and prepare for the AZ-304 exam

Book Description

The AZ-304 exam tests an architect’s ability to design scalable, reliable, and secure solutions in Azure based on customer requirements. Exam Ref AZ-304 Microsoft Azure Architect Design Certification and Beyond offers complete, up-to-date coverage of the AZ-304 exam content to help you prepare for it confidently, pass the exam first time, and get ready for real-world challenges.

This book will help you to investigate the need for good architectural practices and discover how they address common concerns for cloud-based solutions. You will work through the CloudStack, from identity and access through to infrastructure (IaaS), data, applications, and serverless (PaaS). As you make progress, you will delve into operations including monitoring, resilience, scalability, and disaster recovery. Finally, you’ll gain a clear understanding of how these operations fit into the real world with the help of full scenario-based examples throughout the book.

By the end of this Azure book, you’ll have covered everything you need to pass the AZ-304 certification exam and have a handy desktop reference guide.

What you will learn

Understand the role of architecture in the cloud
Ensure security through identity, authorization, and governance
Find out how to use infrastructure components such as compute, containerization, networking, and storage accounts
Design scalable applications and databases using web apps, functions, messaging, SQL, and Cosmos DB
Maintain operational health through monitoring, alerting, and backups
Discover how to create repeatable and reliable automated deployments
Understand customer requirements and respond to their changing needs

Who this book is for

This book is for Azure Solution Architects who advise stakeholders and help translate business requirements into secure, scalable, and reliable solutions. Junior architects looking to advance their skills in the Cloud will also benefit from this book. Experience with the Azure platform is expected, and a general understanding of development patterns will be advantageous.

Architecture for the Cloud
Principles of Modern Architecture
Understanding User Authentication
Managing User Authorization
Ensuring Platform Governance
Building Application Security
Designing Compute Solutions
Network Connectivity And Security
Exploring Storage Solutions
Migrating Workloads to Azure
Comparing Application Components
Creating Scalable and Secure Databases
Options for Data Integration
High Availability and Redundancy Concepts
Designing for Logging and Monitoring
Developing Business Continuity
Scripted Deployments and DevOps Automation
Engaging with Real-World Customers
Enterprise Design Considerations

Exam Ref AZ-304 Microsoft Azure Architect Design Certification and Beyond
Contributors
About the author
About the reviewers
Preface
    Who this book is for
    What this book covers
    To get the most out of this book
    Download the example code files
    Download the color images
    Conventions used
    Get in touch
    Reviews
Section 1: Exploring Modern Architecture
Chapter 1: Architecture for the Cloud
    Introducing architecture
    Exploring the transition from monolithic to microservices
        Mainframe computing
        Personal computing
        Virtualization
        Web apps, mobile apps, and APIs
        Cloud computing
    Migrating to the cloud from on-premises
    Understanding infrastructure and platform services
        IaaS
        PaaS
    Moving from Waterfall to Agile projects
        Waterfall
        Agile
        IaC
    Summary
Chapter 2: Principles of Modern Architecture
    Architecting for security
        Knowing the enemy
        How do they hack?
        Defining your strategy
        Networking and firewalls
        Identity management
        Patching
        Application code
        Data encryption
        Defense-in-Depth
        User education
    Architecting for resilience and business continuity
        Defining requirements
        Using architectural best practices
        Testing and disaster recovery plans
    Architecting for performance
    Architecting for deployment
    Architecting for monitoring and operations
        Monitoring for security
        Monitoring for resilience
        Monitoring for performance
        Network monitoring
        Monitoring for DevOps and applications
    Summary
    Further reading
Section 2: Identity and Security
Chapter 3: Understanding User Authentication
    Differentiating authentication from authorization
    Introducing Azure AD
        Why AD?
        Azure AD versus AD DS 
        Azure tenants 
        Azure AD editions
    Integrating AD
        Cloud native
        Azure AD Connect
        Password Hash Synchronization
        Azure AD PTA
        Password Writeback
        Seamless SSO
        Federated authentication
        Azure AD Connect Health
    Understanding conditional access, MFA and security defaults
        MFA
        Security Defaults
        Understanding and setting up CA
    Using external identities
        Multi-tenancy
        Consumer applications – B2C
        External user collaboration – B2B
    Summary
    Exam scenario
Chapter 4: Managing User Authorization
    Technical requirements
    Understanding Azure roles
        Classic roles
        Azure roles
        Azure AD roles
    Managing users with hierarchies
        Management groups, subscriptions, and resource groups
    Controlling access with PIM
        Activating PIM
        Just-In-Time elevated access
    Managing risk with Identity Protection
        User risk
        Sign-in risk
    Summary
    Exam solution
Chapter 5: Ensuring Platform Governance
    Technical requirements 
    Applying tagging
        Adding tags manually
        Managing tags through Azure PowerShell
        Managing tags in ARM templates
        Using tags
    Understanding Azure policies
        Using policies and initiatives
        Policy structure
        Creating a policy and initiative definition
        Assigning an initiative
        Viewing the compliance dashboard
        Creating a remediation task
        Using virtual machine guest configurations
        Best practices
    Using Azure Blueprints
        Creating a blueprint definition
        Publishing and assigning a blueprint
    Summary
    Exam scenario
    Further reading
Chapter 6: Building Application Security
    Technical requirements
    Introducing Azure Key Vault
        Creating a key vault
        Managing Key Vault secrets
        Using Key Vault keys
        Using Key Vault certificates
        Access policies
    Working with security principals
        Creating the service principal
        Setting the access policy
        Creating the web app
        Integrating applications into Azure Active Directory
        Deploying a web app 
        Enabling AD integration
    Using managed identities
        Assigning a managed identity
        Using managed identities in web apps
    Summary
    Exam Scenario
    Further reading
Section 3: Infrastructure and Storage Components
Chapter 7: Designing Compute Solutions
    Technical requirements
    Understanding different types of compute
        Comparing compute options
    Automating virtual machine management
    Architecting for containerization and Kubernetes
        Containerization
        Azure Kubernetes Service
        Pods
    Summary
    Exam scenario
    Further reading
Chapter 8: Network Connectivity and Security
    Technical requirements
    Understanding Azure networking options
    Understanding IP addressing and DNS in Azure
        Understanding subnets and subnet masks
        Public IP addresses
        Private IP addresses
        Azure DNS
        Azure private DNS zones
        Azure public DNS zones
    Implementing network security
        Network Security Groups
        Application Security Groups
        Azure Firewall
        Service endpoints
        Private endpoint connections
    Connectivity
        VNET peering
        VPN gateways
        ExpressRoute
        Routing
    Load balancing and advanced traffic routing
        Azure Load Balancer
        Azure Traffic Manager
        Application Gateway
        Azure Front Door
        Choosing the right options
    Summary
    Exam scenario
    Further reading
Chapter 9: Exploring Storage Solutions
    Technical requirements
    Understanding storage types
        Azure Storage accounts
        Data classification
        Operational decisions
        VM disks
    Designing storage security
        Network protection
        Authorization
        Encryption
        Auditing
    Using storage management tools
        Azure Storage REST APIs
        AzCopy
        Azure Storage Explorer
    Summary
    Exam scenario
    Further reading
Chapter 10: Migrating Workloads to Azure
    Technical requirements
    Assessing on-premises systems
        The discovery phase
    Understanding migration options
    Migrating virtual machines and databases
        Migrating virtual machines
        Migrating databases
    Monitoring and optimizing your migration
        Azure Monitor
        Azure Cost Management
        Azure Advisor
    Summary
    Exam scenario
Section 4: Applications and Databases
Chapter 11: Comparing Application Components
    Technical requirements
    Working with web applications
        Using deployment slots
        App services VNet Integration
    Managing APIs with Azure API Gateway
        Using API policies
        Securing your APIs with subscription keys
        Client certificates
        OAuth 2.0 and OpenID Connect
    Understanding microservices
    Using messaging and events
        Azure Event Grid
        Event Hubs
        Storage queues
        Azure Service Bus
    Summary
    Exam scenario
    Further reading
Chapter 12: Creating Scalable and Secure Databases
    Technical requirements
    Selecting a database platform
        Understanding SQL databases
        NoSQL databases
    Understanding database service tiers
        SQL Database tiers
    Designing scalable databases
        Using read replicas
        Using database sharding
    Securing databases with encryption
    Summary
    Exam scenario
    Further reading
Chapter 13: Options for Data Integration
    Technical requirements
    Understanding data flows
    Comparing integration tools
        ADLS Gen2
        Azure Data Factory
    Exploring data analytics
        Azure Databricks
        Azure Synapse Analytics
        Putting it all together
    Summary
    Exam scenario
    Further reading
Chapter 14: High Availability and Redundancy Concepts
    Technical requirements
    Understanding virtual machine availability
        Fault domains and update domains
        Availability Zones
        Azure virtual machine scale sets
    Understanding Azure storage resiliency options
    Understanding SQL database availability
    Understanding Cosmos DB availability
        Consistency levels
    Summary
    Exam scenario
    Further reading
Section 5: Operations and Monitoring
Chapter 15: Designing for Logging and Monitoring
    Technical requirements
    Understanding logs and storage options
        Understanding data types and sources
        Understanding log use cases
        VM logging and monitoring
        Understanding deployment options
    Exploring monitoring tools
        Activity logs 
        Azure Metrics
        Azure alerts
        Log Analytics workspaces
    Understanding security and compliance
        Azure Security Center
        Azure Defender
        Azure Sentinel
    Using cost management and reporting
    Summary
    Exam scenario
    Further reading
Chapter 16: Developing Business Continuity
    Technical requirements
    Understanding recovery solutions
        Understanding the Recovery Time Objective (RTO)
        Understanding the Recovery Point Objective (RPO)
        Understanding Azure Backup options
    Planning for Azure Backup
        Understanding backup policies
    Planning for Site Recovery
        Understanding recovery plans
    Planning for database backups
        Understanding Azure SQL backups
        Understanding Cosmos DB backups
    Understanding the data archiving options
    Summary
    Exam scenario
    Further reading
Chapter 17: Scripted Deployments and DevOps Automation
    Technical requirements
    Exploring provisioning options
    Looking at the Azure REST API
    Choosing between PowerShell and the Azure CLI
        Signing in to Azure
        Selecting a subscription
        Listing resource groups
    Understanding ARM templates
    Looking at Azure DevOps
        Azure Repos
        Azure Pipelines
        Azure Artifacts
    Summary
    Exam scenario
    Further reading
Section 6: Beyond the Exam
Chapter 18: Engaging with Real-World Customers
    Working with customers
        Who are my stakeholders?
        Gathering requirements
    Exploring common goals
        Understanding costs
        Understanding operational requirements
        Understanding performance requirements
        Understanding reliability requirements
        Understanding security requirements
    Mapping requirements
    Getting feedback
    Summary
    Further reading
Chapter 19: Enterprise Design Considerations
    Understanding your customer
        Looking at process differences
        Understanding governance, risk, and security
    Optimizing costs
    Creating landing zones
        Identity
        Network topology
        Governance
        Disaster recovery and backup
        Monitoring and operations
    Building with continual iteration
    Summary
    Further reading
Mock Exam
Mock Answers
Assessments
    Chapter 3
    Chapter 4
    Chapter 5
    Chapter 6
    Chapter 7
    Chapter 8
    Chapter 9
    Chapter 10
    Chapter 11
    Chapter 12
    Chapter 13
    Chapter 14
    Chapter 15
    Chapter 16
    Chapter 17
    Why subscribe?
Other Books You May Enjoy
    Packt is searching for authors like you
    Leave a review - let other readers know what you think

Disaster & Recovery Microsoft Network Administration

Donate to keep this site alive

To access the Link, solve the captcha.

How to download source code?

1. Go to: https://github.com/PacktPublishing

2. In the Find a repository… box, search the book title: Exam Ref AZ-304 Microsoft Azure Architect Design Certification and Beyond, sometime you may not get the results, please search the main title.