Azure Solution Architect Bootcamp (AZ-300 and AZ-301)

COURSE OUTLINE:

Description

In an intensive and immersive hands-on learning environment, you will build the skills needed for Azure Architect-Technologies contains courseware that helps prepare students for Exams AZ-300 and AZ-301. Passing this exam is required to earn the Azure Architect-Technologies certification.

This boot camp includes all the exam vouchers required for certification.� It also includes access to our Microsoft Boot Camp Exclusives, providing indispensable certification exam prep.

You will prepare for these exams:

  • Exam AZ-300: Microsoft Azure Architect Technologies
  • Exam AZ-301: Microsoft Azure Architect Design

This course covers:

  • Course AZ-300T01: Deploying and Configuring Infrastructure.
  • Course AZ-300T02: Implementing Workloads and Security.
  • Course AZ-300T03: Understanding Cloud Architect Technology Solutions.
  • Course AZ-300T04: Creating and Deploying Apps.
  • Course AZ-300T05: Implementing Authentication and Secure Data.
  • Course AZ-300T06: Developing for the Cloud.

Audience

Successful Cloud Solutions Architects begin this role with practical experience with operating systems, virtualization, cloud infrastructure, storage structures, billing, and networking.

Learning Objectives

  • Managing Azure Subscriptions and Resources
  • Implementing and Managing Storage
  • Deploying and Managing VMs
  • Configuring and Managing Virtual Networks
  • Managing Identities using Azure Active Directory
  • Evaluating and Performing Server Migration to Azure
  • Implementing and Managing Application Services�
  • Implementing Advanced Virtual Networking.
  • Securing Identities using Azure AD.
  • Design and Connectivity Patterns�
  • Hybrid Networking�
  • Address Durability of Data and Caching�
  • Measure Throughput and Structure of Data Access
  • Use shell commands to create an App Service Web App
  • Create Background Tasks
  • Use Swagger to document an API
  • Create a reliable service
  • Create a Reliable Actors app
  • Hands-on with Reliable collections
  • Understand the Azure Container Registry
  • Use Azure Container instances
  • Understand how to Implement authentication using certificates, Azure AD, Azure AD Connect, and tokens.
  • Implement Role-aBsed Access Control (RBAC) authorization.
  • Implement secure data for end-to-end encryption.
  • Implement secure data for implementing SSL and TLS communications.
  • Use Azure Key Vault to manage cryptographic keys.
  • How to configure a message-based integration architecture
  • Understand how to Develop for Asynchronous Processing
  • Begin creating apps for Autoscaling
  • Understand Azure Cognitive Services Solutions
  • Integrate their existing solutions with external identity providers using Azure AD B2B or B2C.
  • Design a hybrid identity solution.
  • Determine when to use advanced features of Azure AD such as Managed Service Identity, MFA and Privileged Identity Management.
  • Secure application secrets using Key Vault.
  • Secure application data using SQL Database and Azure Storage features.
  • Detail the various APIs available in Cognitive Services.
  • Identify when to use the Face API, Speech API or Language Understanding (LUIS) service.
  • Describe the relationship to Bot Framework and Azure Bot Services.
  • Determine the ideal pricing option for Azure Storage based on a solution�s requirements.
  • Identify performance thresholds for the Azure Storage service.
  • Determine the type of Storage blobs to use for specific solution components.
  • Use the Azure Files service for SMB operations.
  • Identify solutions that could benefit from the use of StorSimple physical or virtual devices.
  • Compare and contrast monitoring services for applications, the Azure platform, and networking.
  • Design an alert scheme for a solution hosted in Azure.
  • Select the appropriate backup option for infrastructure and data hosted in Azure.
  • Automate the deployment of future resources for backup recovery or scaling purposes.
  • Create a resource group.
  • Add resources to a resource group.
  • Deploy an ARM template to a resource group Integrate an API or Logic App with the API Management service.
  • Design an App Service Plan or multi-region deployment for high performance and scale.
  • Integrate an API or Logic App with the API Management service.
  • Design an App Service Plan or multi-region deployment for high performance and scale.
  • Describe various patterns pulled from the Cloud Design Patterns.
  • Distribute network traffic across multiple loads using load balancers.
  • Design a hybrid connectivity scenario between cloud and on-premise.
  • Design an availability set for one or more virtual machines.
  • Describe the differences between fault and update domains.
  • Author a VM Scale Set ARM template.

AZ-300T01:� Deploying and Configuring Infrastructure

Module 1: Managing Azure Subscriptions and Resources

In this module you will explore Azure monitoring capabilities using Azure alerts, Azure activity logs, and Log Analytics. You will learn to query, analyze, and interpret the data viewed in Log Analytics.

After completing this module, students will be able to:

  • Managing Azure Subscriptions and Resources

Module 2: Implementing and Managing Storage

In this module you will learn about Azure storage accounts, data replication, how to use Azure Storage Explorer, and monitor storage.

After completing this module, students will be able to:

  • Implementing and Managing Storage�

Module 3: Deploying and Managing Virtual Machines (VMs)

In this module you will learn how to do the following: � Create Virtual Machines (VM)s within the Azure Portal � Create Virtual Machines (VM)s using Azure PowerShell � Create Virtual Machines (VM)s using ARM templates � Deploy Linux Virtual Machines (VM)s � Monitor Virtual Machines (VM)s Additionally, you will learn how to protect data using backups at regular intervals, whether by snapshot, Azure Backup, or Azure Site Recovery.

After completing this module, students will be able to:

  • Deploying and Managing VMs

Module 4: Configuring and Managing Virtual Networks

In this module you will create and implement virtual networks using the Azure Portal as well as Azure PowerShell and CLI. You will receive and overview on how to assign IP addresses to Azure resources to communicate with other Azure resources, your on-premises network, and the Internet.

Lessons

  • Network routing using routing tables and algorithms
  • Inter-site connectivity using VNet-to-VNet connections and VPNs
  • Virtual network peering for regional and global considerations
  • Gateway transit

After completing this module, students will be able to:

  • Configuring and Managing Virtual Networks

Module 5: Managing Identities

This module covers Azure Active Directory (Azure AD) for IT Admins and Developers with a focus on the Azure AD multi-tenant cloud-based directory and identity management service.

Lessons

  • Role-Based Access Control (RBAC)
  • built-in roles
  • Self-Service Password Reset (SSPR)
  • authentication methods for password reset

After completing this module, students will be able to:

  • Managing Identities using Azure Active Directory

�

AZ-300T02:� Implementing Workloads and Security

Module 1: Evaluating and Performing Server Migration to Azure

This module covers migrating workloads to a new environment, whether it be another datacenter, or to a public cloud, and setting clear goals for the migration. Goals include both technology-focused and business-focused goals for migrations, and the benefits to an organization�s business. Activities include components of the Azure migration process: creating a project, creating a collector, assessing readiness, and estimating costs. Additionally, you will receive and overview of Azure Site Recovery (ASR) that includes and end-to-end scenarios.

After completing this module, students will be able to:

  • Evaluating and Performing Server Migration to Azure

Module 2: Implementing and Managing Application Services

This module includes the following topics:

  • Deploying Web Apps
  • Managing Web Apps
  • App Service Security
  • Serverless Computing Concepts
  • Managing Event Grid
  • Managing Service Bus
  • Managing Logic App

After completing this module, students will be able to:

  • Implementing and Managing Application Services

Module 3: Implementing Advanced Virtual Networking

This module includes the following topics:

  • Azure Load Balancer
  • Azure Application Gateway
  • Site-to-Site VPN Connections As well as an overview of ExpressRoute which allows companies to extend on-premises networks into the Microsoft cloud over a dedicated private connection facilitated by a connectivity provider.

After completing this module, students will be able to:

  • Implementing Advanced Virtual Networking.

Module 4: Securing Identities

This module includes the following topics with an emphasis on identity and roles:

  • Azure AD Identity Protection
  • Azure Domains and Tenants
  • Azure Users and Groups
  • Azure Roles As well as an overview of Azure AD integration options that focuses on Azure AD Connect to integrate on-premises directories with Azure Active Directory.

After completing this module, students will be able to:

  • Securing Identities using Azure AD

�

AZ-300T03:� Understanding Cloud Architect Technology Solutions

Module 1: Selecting Compute and Storage Solutions

This module includes the following topics:

  • Azure Architecture Center
  • Cloud design patterns
  • Competing consumers pattern
  • Cache-aside pattern As well as sharding patterns to divide a data store into horizontal partitions, or shards. Each shard has the same schema but holds its own distinct subset of the data.

After completing this module, students will be able to:

  • Design and Connectivity Patterns�

Module 2: Hybrid Networking

This module includes the following topics:

  • Site-to-site connectivity
  • Point-to-site connectivity
  • Combining site-to-site and point-to-site connectivity
  • Virtual network�to�virtual network connectivity As well as connecting across cloud providers for failover, backup, or even migration between providers such as AWS.

After completing this module, students will be able to:

  • Hybrid Networking�

Module 3: Measuring Throughput and Structure of Data Access

This module includes the following topics:

  • DTUs � Azure SQL Database
  • RUs � Azure Cosmos DB
  • Structured and unstructured data
  • Using structured data stores

After completing this module, students will be able to:

  • Address Durability of Data and Caching�
  • Measure Throughput and Structure of Data Access

�

AZ-300T04:� Creating and Deploying Apps

Module 1: Creating Web Applications using PaaS

This module provides and overview of Azure App Service Web Apps for hosting web applications, REST APIs, and a mobile back end. Topics include the following:

  • Using shell commands to create an App Service Web App
  • Creating Background Tasks
  • Using Swagger to document an API As well as an explanation of how Logic Apps help to build solutions that integrate apps, data, systems, and services across enterprises or organizations by automating tasks and business processes as workflows.

After completing this module, students will be able to:

  • Use shell commands to create an App Service Web App
  • Create Background Tasks
  • Use Swagger to document an API

Module 2: Creating Apps and Services Running on Service Fabric

This module provides an overview of Azure Service Fabric as a distributed systems platform that makes it easy to package, deploy, and manage scalable and reliable microservices and containers. This module also addresses the challenges in developing and managing cloud native applications. Additional topics include:

  • Creating a reliable service
  • Creating a Reliable Actors app
  • Working with Reliable collections

After completing this module, students will be able to:

  • Create a reliable service
  • Create a Reliable Actors app
  • Hands-on with Reliable collections

Module 3: Using Azure Kubernetes Service

This module focuses on the AzureKubernetes Service (AKS) for deploying and managing a Kubernetes cluster in Azure. Topics include how to reduce operational overhead of managing Kubernetes by offloading much of that responsibility to Azure, such as health monitoring and maintenance. Additional topics include:

  • Azure Container Registry
  • Azure Container Instances

After�completing this module, students will be able to:

  • Understand the Azure Container Registry
  • Use Azure Container instances

�

AZ-300T05:� Implementing Authentication and Secure Data

Module 1: Implementing Authentication Topics for this module include:

Lessons

  • Implementing authentication in applications (certificates, Azure AD, Azure AD Connect, token-based)
  • Implementing multi-factor authentication
  • Claims-based authorization
  • Role-based access control (RBAC) authorization

After completing this module, students will be able to:

  • Understand how to Implement authentication using certificates, Azure AD, Azure AD Connect, and tokens
  • Implement Role-Based Access Control (RBAC) authorization

Module 2: Implementing Secure Data

Lessons

  • End-to-end encryption
  • Implementing Azure confidential computing
  • Implementing SSL and TLS communications
  • Managing cryptographic keys in Azure Key Vault

After completing this module, students will be able to:

  • Implement secure data for end-to-end encryption
  • Implement secure data for implementing SSL and TLS communications.
  • Use Azure Key Vault to manage cryptographic keys

�

AZ-300T06:� Developing for the Cloud

Module 1: Developing Long-Running Tasks and Distributed Transactions

Topics for this module include:

  • Implementing large-scale, parallel, and high-performance apps using batches
  • HPC using Microsoft Azure Virtual Machines
  • Implementing resilient apps by using queues As well as, implementing code to address application events by using webhooks. Implementing a webhook gives an external resource a URL for an application. The external resource then issues an HTTP request to that URL whenever a change is made that requires the application to take an action.

Module 2: Configuring a Message-Based Integration Architecture

Lessons

  • Configure an app or service to send emails
  • Configure an event publish and subscribe model
  • Configure the Azure Relay service
  • Configure apps and services with Microsoft Graph

After completing this module, students will be able to:

  • How to configure a message-based integration architecture

Module 3: Developing for Asynchronous Processing

Lessons

  • Implement parallelism, multithreading, and processing
  • Implement Azure Functions and Azure Logic Apps
  • Implement interfaces for storage or data access
  • Implement appropriate asynchronous computing models
  • Implement autoscaling rules and patterns

After completing this module, students will be able to:

  • Understand how to Develop for Asynchronous Processing

Module 4: Developing for Autoscaling

Lessons

  • Implementing autoscaling rules and patterns
  • Implementing code that addresses singleton application instances
  • Implementing code that addresses a transient state

After completing this module, students will be able to:

  • Begin creating apps for Autoscaling

Module 5: Developing Azure Cognitive Services Solutions

Lessons

  • Developing Solutions using Computer Vision
  • Developing solutions using Bing Web Search
  • Developing solutions using Custom Speech Service
  • Developing solutions using QnA Maker

After completing this module, students will be able to:

  • Understand Azure Cognitive Services Solutions
AZ-301T01:� Designing for Identity and Security

Module 1: Managing Security & Identity for Azure Solutions

This module discusses both security and identity within the context of Azure. For security, this module reviews the various options for monitoring security, the options available for securing data and the options for securing application secrets. For identity, this module focuses specifically on Azure Active Directory (Azure AD) and the various features available such as Multi-Factor Authentication (MFA), Managed Service Identity, Azure AD Connect, ADFS and Azure AD B2B/B2C.

Module 2: Integrating SaaS Services Available on the Azure Platform

This module introduces multiple SaaS services available in Azure that are available for integration into existing Azure solutions. These services include Cognitive Services, Bot Service, Machine Learning and Media Services.

�

AZ-301T02:� Designing a Data Platform Solution

Module 1: Backing Azure Solutions with Azure Storage

This module describes how many Azure services use the Azure Storage service as a backing store for other application solution in Azure. The module dives into critical considerations when using Azure Storage as a supplemental service for an all-up Azure solution.

After completing this module, students will be able to:

  • Determine the ideal pricing option for Azure Storage based on a solution�s requirements.
  • Identify performance thresholds for the Azure Storage service.
  • Determine the type of Storage blobs to use for specific solution components.
  • Use the Azure Files service for SMB operations.
  • Identify solutions that could benefit from the use of StorSimple physical or virtual devices.

Module 2: Comparing Database Options in Azure

This module compares the various relational and non-relational data storage options available in Azure. Options are explored as groups such as relational databases (Azure SQL Database, MySQL, and PostgreSQL on Azure), non-relational (Azure Cosmos DB, Storage Tables), streaming (Stream Analytics) and storage (Data Factory, Data Warehouse, Data Lake).

Module 3: Monitoring & Automating Azure Solutions

This module covers the monitoring and automation solutions available after an Azure solution has been architected, designed and possibly deployed. The module reviews services that are used to monitor individual applications, the Azure platform, and networked components. This module also covers automation and backup options to enable business-continuity scenarios for solutions hosted in Azure.

�

AZ-301T03:� Designing for Deployment, Migration, and Integration

Module 1: Deploying Resources with Azure Resource Manager

This module establishes a basic understanding of Azure Resource Manager and the core concepts of deployments, resources, templates, resource groups, and tags. The module will dive deeply into the automated deployment of resources using ARM templates.

Module 2: Creating Managed Server Applications in Azure

This module describes how solutions can leverage serverless application hosting services in Azure to host web applications, REST APIs, integration workflows and HPC workloads without the requirement to manage specific server resources. The module focuses on App Services-related components such as Web Apps, API Apps, Mobile Apps, Logic Apps, and Functions.

Module 3: Authoring Serverless Applications in Azure

This module describes how solutions can leverage serverless application hosting services in Azure to host web applications, REST APIs, integration workflows and HPC workloads without the requirement to manage specific server resources. The module focuses on App Services-related components such as Web Apps, API Apps, Mobile Apps, Logic Apps, and Functions.

�

AZ-301T04:� Designing an Infrastructure Strategy

Module 1: Application Architecture Patterns in Azure

This module introduces, and reviews common Azure patterns and architectures as prescribed by the Microsoft Patterns & Practices team. Each pattern is grouped into performance, resiliency, and scalability categories and described in the context of similar patterns within the category.

After completing this module, students will be able to:

  • Locate and reference the Cloud Design Patterns documentation.
  • Locate and reference the Azure Architecture Center.
  • Describe various patterns pulled from the Cloud Design Patterns.

Module 2: Building Azure IaaS-Based Server Applications (ADSK)

This module identifies workloads that are ideally deployed using Infrastructure-as-a-Service services in Azure. The module focuses on the VM Scale Sets and Virtual Machine services in Azure and how to best deploy workloads to these services using best practices and features such as Availability Sets.

Module 3: Networking Azure Application Components

This module describes the various networking and connectivity options available for solutions deployed on Azure. The module explores connectivity options ranging from ad-hoc connections to long-term hybrid connectivity scenarios. The module also discusses some of the performance and security concerns related to balancing workloads across multiple compute instances, connecting on-premise infrastructure to the cloud and creating gateways for on-premise data.

Module 4: Integrating Azure Solution Components Using Messaging Services

This module describes and compares the integration and messaging services available for solutions hosted on the Azure platform. Messaging services described include Azure Storage Queues, Service Bus Queues, Service Bus Relay, IoT Hubs, Event Hubs, and Notification Hubs. Integration services include Azure Functions and Logic Apps.