Exam Ref AZ-304 Microsoft Azure Architect Design Certification and Beyond
- Length: 520 pages
- Edition: 1
- Language: English
- Publisher: Packt Publishing
- Publication Date: 2021-07-23
- ISBN-10: 180056693X
- ISBN-13: 9781800566934
- Sales Rank: #1127671 (See Top 100 Books)
Master the Microsoft Azure platform and prepare for the AZ-304 certification exam by learning the key concepts needed to identify key stakeholder requirements and translate these into robust solutions
Key Features
- Build secure and scalable solutions on the Microsoft Azure platform
- Learn how to design solutions that are compliant with customer requirements
- Work with real-world scenarios to become a successful Azure architect, and prepare for the AZ-304 exam
Book Description
The AZ-304 exam tests an architect’s ability to design scalable, reliable, and secure solutions in Azure based on customer requirements. Exam Ref AZ-304 Microsoft Azure Architect Design Certification and Beyond offers complete, up-to-date coverage of the AZ-304 exam content to help you prepare for it confidently, pass the exam first time, and get ready for real-world challenges.
This book will help you to investigate the need for good architectural practices and discover how they address common concerns for cloud-based solutions. You will work through the CloudStack, from identity and access through to infrastructure (IaaS), data, applications, and serverless (PaaS). As you make progress, you will delve into operations including monitoring, resilience, scalability, and disaster recovery. Finally, you’ll gain a clear understanding of how these operations fit into the real world with the help of full scenario-based examples throughout the book.
By the end of this Azure book, you’ll have covered everything you need to pass the AZ-304 certification exam and have a handy desktop reference guide.
What you will learn
- Understand the role of architecture in the cloud
- Ensure security through identity, authorization, and governance
- Find out how to use infrastructure components such as compute, containerization, networking, and storage accounts
- Design scalable applications and databases using web apps, functions, messaging, SQL, and Cosmos DB
- Maintain operational health through monitoring, alerting, and backups
- Discover how to create repeatable and reliable automated deployments
- Understand customer requirements and respond to their changing needs
Who this book is for
This book is for Azure Solution Architects who advise stakeholders and help translate business requirements into secure, scalable, and reliable solutions. Junior architects looking to advance their skills in the Cloud will also benefit from this book. Experience with the Azure platform is expected, and a general understanding of development patterns will be advantageous.
Table of Contents
- Architecture for the Cloud
- Principles of Modern Architecture
- Understanding User Authentication
- Managing User Authorization
- Ensuring Platform Governance
- Building Application Security
- Designing Compute Solutions
- Network Connectivity And Security
- Exploring Storage Solutions
- Migrating Workloads to Azure
- Comparing Application Components
- Creating Scalable and Secure Databases
- Options for Data Integration
- High Availability and Redundancy Concepts
- Designing for Logging and Monitoring
- Developing Business Continuity
- Scripted Deployments and DevOps Automation
- Engaging with Real-World Customers
- Enterprise Design Considerations
Exam Ref AZ-304 Microsoft Azure Architect Design Certification and Beyond Contributors About the author About the reviewers Preface Who this book is for What this book covers To get the most out of this book Download the example code files Download the color images Conventions used Get in touch Reviews Section 1: Exploring Modern Architecture Chapter 1: Architecture for the Cloud Introducing architecture Exploring the transition from monolithic to microservices Mainframe computing Personal computing Virtualization Web apps, mobile apps, and APIs Cloud computing Migrating to the cloud from on-premises Understanding infrastructure and platform services IaaS PaaS Moving from Waterfall to Agile projects Waterfall Agile IaC Summary Chapter 2: Principles of Modern Architecture Architecting for security Knowing the enemy How do they hack? Defining your strategy Networking and firewalls Identity management Patching Application code Data encryption Defense-in-Depth User education Architecting for resilience and business continuity Defining requirements Using architectural best practices Testing and disaster recovery plans Architecting for performance Architecting for deployment Architecting for monitoring and operations Monitoring for security Monitoring for resilience Monitoring for performance Network monitoring Monitoring for DevOps and applications Summary Further reading Section 2: Identity and Security Chapter 3: Understanding User Authentication Differentiating authentication from authorization Introducing Azure AD Why AD? Azure AD versus AD DS Azure tenants Azure AD editions Integrating AD Cloud native Azure AD Connect Password Hash Synchronization Azure AD PTA Password Writeback Seamless SSO Federated authentication Azure AD Connect Health Understanding conditional access, MFA and security defaults MFA Security Defaults Understanding and setting up CA Using external identities Multi-tenancy Consumer applications – B2C External user collaboration – B2B Summary Exam scenario Chapter 4: Managing User Authorization Technical requirements Understanding Azure roles Classic roles Azure roles Azure AD roles Managing users with hierarchies Management groups, subscriptions, and resource groups Controlling access with PIM Activating PIM Just-In-Time elevated access Managing risk with Identity Protection User risk Sign-in risk Summary Exam solution Chapter 5: Ensuring Platform Governance Technical requirements Applying tagging Adding tags manually Managing tags through Azure PowerShell Managing tags in ARM templates Using tags Understanding Azure policies Using policies and initiatives Policy structure Creating a policy and initiative definition Assigning an initiative Viewing the compliance dashboard Creating a remediation task Using virtual machine guest configurations Best practices Using Azure Blueprints Creating a blueprint definition Publishing and assigning a blueprint Summary Exam scenario Further reading Chapter 6: Building Application Security Technical requirements Introducing Azure Key Vault Creating a key vault Managing Key Vault secrets Using Key Vault keys Using Key Vault certificates Access policies Working with security principals Creating the service principal Setting the access policy Creating the web app Integrating applications into Azure Active Directory Deploying a web app Enabling AD integration Using managed identities Assigning a managed identity Using managed identities in web apps Summary Exam Scenario Further reading Section 3: Infrastructure and Storage Components Chapter 7: Designing Compute Solutions Technical requirements Understanding different types of compute Comparing compute options Automating virtual machine management Architecting for containerization and Kubernetes Containerization Azure Kubernetes Service Pods Summary Exam scenario Further reading Chapter 8: Network Connectivity and Security Technical requirements Understanding Azure networking options Understanding IP addressing and DNS in Azure Understanding subnets and subnet masks Public IP addresses Private IP addresses Azure DNS Azure private DNS zones Azure public DNS zones Implementing network security Network Security Groups Application Security Groups Azure Firewall Service endpoints Private endpoint connections Connectivity VNET peering VPN gateways ExpressRoute Routing Load balancing and advanced traffic routing Azure Load Balancer Azure Traffic Manager Application Gateway Azure Front Door Choosing the right options Summary Exam scenario Further reading Chapter 9: Exploring Storage Solutions Technical requirements Understanding storage types Azure Storage accounts Data classification Operational decisions VM disks Designing storage security Network protection Authorization Encryption Auditing Using storage management tools Azure Storage REST APIs AzCopy Azure Storage Explorer Summary Exam scenario Further reading Chapter 10: Migrating Workloads to Azure Technical requirements Assessing on-premises systems The discovery phase Understanding migration options Migrating virtual machines and databases Migrating virtual machines Migrating databases Monitoring and optimizing your migration Azure Monitor Azure Cost Management Azure Advisor Summary Exam scenario Section 4: Applications and Databases Chapter 11: Comparing Application Components Technical requirements Working with web applications Using deployment slots App services VNet Integration Managing APIs with Azure API Gateway Using API policies Securing your APIs with subscription keys Client certificates OAuth 2.0 and OpenID Connect Understanding microservices Using messaging and events Azure Event Grid Event Hubs Storage queues Azure Service Bus Summary Exam scenario Further reading Chapter 12: Creating Scalable and Secure Databases Technical requirements Selecting a database platform Understanding SQL databases NoSQL databases Understanding database service tiers SQL Database tiers Designing scalable databases Using read replicas Using database sharding Securing databases with encryption Summary Exam scenario Further reading Chapter 13: Options for Data Integration Technical requirements Understanding data flows Comparing integration tools ADLS Gen2 Azure Data Factory Exploring data analytics Azure Databricks Azure Synapse Analytics Putting it all together Summary Exam scenario Further reading Chapter 14: High Availability and Redundancy Concepts Technical requirements Understanding virtual machine availability Fault domains and update domains Availability Zones Azure virtual machine scale sets Understanding Azure storage resiliency options Understanding SQL database availability Understanding Cosmos DB availability Consistency levels Summary Exam scenario Further reading Section 5: Operations and Monitoring Chapter 15: Designing for Logging and Monitoring Technical requirements Understanding logs and storage options Understanding data types and sources Understanding log use cases VM logging and monitoring Understanding deployment options Exploring monitoring tools Activity logs Azure Metrics Azure alerts Log Analytics workspaces Understanding security and compliance Azure Security Center Azure Defender Azure Sentinel Using cost management and reporting Summary Exam scenario Further reading Chapter 16: Developing Business Continuity Technical requirements Understanding recovery solutions Understanding the Recovery Time Objective (RTO) Understanding the Recovery Point Objective (RPO) Understanding Azure Backup options Planning for Azure Backup Understanding backup policies Planning for Site Recovery Understanding recovery plans Planning for database backups Understanding Azure SQL backups Understanding Cosmos DB backups Understanding the data archiving options Summary Exam scenario Further reading Chapter 17: Scripted Deployments and DevOps Automation Technical requirements Exploring provisioning options Looking at the Azure REST API Choosing between PowerShell and the Azure CLI Signing in to Azure Selecting a subscription Listing resource groups Understanding ARM templates Looking at Azure DevOps Azure Repos Azure Pipelines Azure Artifacts Summary Exam scenario Further reading Section 6: Beyond the Exam Chapter 18: Engaging with Real-World Customers Working with customers Who are my stakeholders? Gathering requirements Exploring common goals Understanding costs Understanding operational requirements Understanding performance requirements Understanding reliability requirements Understanding security requirements Mapping requirements Getting feedback Summary Further reading Chapter 19: Enterprise Design Considerations Understanding your customer Looking at process differences Understanding governance, risk, and security Optimizing costs Creating landing zones Identity Network topology Governance Disaster recovery and backup Monitoring and operations Building with continual iteration Summary Further reading Mock Exam Mock Answers Assessments Chapter 3 Chapter 4 Chapter 5 Chapter 6 Chapter 7 Chapter 8 Chapter 9 Chapter 10 Chapter 11 Chapter 12 Chapter 13 Chapter 14 Chapter 15 Chapter 16 Chapter 17 Why subscribe? Other Books You May Enjoy Packt is searching for authors like you Leave a review - let other readers know what you think
Donate to keep this site alive
How to download source code?
1. Go to: https://github.com/PacktPublishing
2. In the Find a repository… box, search the book title: Exam Ref AZ-304 Microsoft Azure Architect Design Certification and Beyond
, sometime you may not get the results, please search the main title.
3. Click the book title in the search results.
3. Click Code to download.
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.