Skip to main content
Kubernetes Made Easy! Instantly spin up best-practice clusters with GetInfra templates. Browse Now

AZ-301 Links and Topics

Azure Certification

Determine workload requirements (10-15%)

Gather Information and Requirements
  • Identify compliance requirements, identity and access management infrastructure, and service-oriented architectures (e.g., integration patterns, service design, service discoverability)
  • identify accessibility (e.g. Web Content Accessibility Guidelines), availability (e.g. Service Level Agreement), capacity planning and scalability, deploy-ability (e.g., repositories, failback, slot-based deployment), configurability, governance, maintainability (e.g. logging, debugging, troubleshooting, recovery, training), security (e.g. authentication, authorization, attacks), and sizing (e.g. support costs, optimization) requirements
  • recommend changes during project execution (ongoing)
  • evaluate products and services to align with solution
  • create testing scenarios
Optimize Consumption Strategy
  • optimize app service, compute, identity, network, and storage costs
Design an Auditing and Monitoring Strategy
  • define logical groupings (tags) for resources to be monitored
  • determine levels and storage locations for logs
  • plan for integration with monitoring tools
  • recommend appropriate monitoring tool(s) for a solution
  • specify mechanism for event routing and escalation
  • design auditing for compliance requirements
  • design auditing policies and traceability requirements

Design for identity and security (20-25%)

Design Identity Management
  • choose an identity management approach
  • design an identity delegation strategy, identity repository (including directory, application, systems, etc.)
  • design self-service identity management and user and persona provisioning
  • define personas and roles
  • recommend appropriate access control strategy (e.g., attribute-based, discretionary access, history-based, identity-based, mandatory, organization-based, role-based, rule-based, responsibility-based)
Design Authentication
  • choose an authentication approach
  • design a single-sign on approach
  • design for IPSec, logon, multi-factor, network access, and remote authentication
Design Authorization
  • choose an authorization approach
  • define access permissions and privileges
  • design secure delegated access (e.g., oAuth, OpenID, etc.)
  • recommend when and how to use API Keys
Design for Risk Prevention for Identity
  • design a risk assessment strategy (e.g., access reviews, RBAC policies, physical access)
  • evaluate agreements involving services or products from vendors and contractors
  • update solution design to address and mitigate changes to existing security policies, standards, guidelines and procedures
Design a Monitoring Strategy for Identity and Security
  • design for alert notifications
  • design an alert and metrics strategy
  • recommend authentication monitors

Design a data platform solution (15-20%)

Design a Data Management Strategy
  • choose between managed and unmanaged data store
  • choose between relational and non-relational databases
  • design data auditing and caching strategies identify data attributes (e.g., relevancy, structure, frequency, size, durability, etc.)
  • recommend Database Transaction Unit (DTU) sizing
  • design a data retention policy
  • design for data availability, consistency, and durability
  • design a data warehouse strategy
Design a Data Protection Strategy
  • recommend geographic data storage
  • design an encryption strategy for data at rest, for data in transmission, and for data in use
  • design a scalability strategy for data
  • design secure access to data
  • design a data loss prevention (DLP) policy
Design and Document Data Flows
  • identify data flow requirements
  • create a data flow diagram
  • design a data flow to meet business requirements
  • design a data import and export strategy
Design a Monitoring Strategy for the Data Platform
  • design for alert notifications
  • design an alert and metrics strategy

Design a business continuity strategy (15-20%)

Design a Site Recovery Strategy
  • design a recovery solution
  • design a site recovery replication policy
  • design for site recovery capacity and for storage replication
  • design site failover and failback (planned/unplanned)
  • design the site recovery network recommend recovery objectives (e.g., Azure, on-prem, hybrid, Recovery Time Objective (RTO), Recovery Level Objective (RLO), Recovery Point Objective (RPO))
  • identify resources that require site recovery
  • identify supported and unsupported workloads
  • recommend a geographical distribution strategy
Design for High Availability
  • design for application redundancy, autoscaling, data center and fault domain redundancy, and network redundancy
  • identify resources that require high availability
  • identify storage types for high availability
Design a Data Archiving Strategy
  • recommend storage types and methodology for data archiving
  • identify requirements for data archiving and business compliance requirements for data archiving
  • identify SLA(s) for data archiving

Design for deployment, migration, and integration (10-15%)

Design Deployments
  • design a compute, container, data platform, messaging solution, storage, and web app and service deployment strategy
Design Migrations
  • recommend a migration strategy
  • design data import/export strategies during migration
  • determine the appropriate application migration, data transfer, and network connectivity method
  • determine migration scope, including redundant, related, trivial, and outdated data
  • determine application and data compatibility
Design an API Integration Strategy
  • design an API gateway strategy
  • determine policies for internal and external consumption of APIs
  • recommend a hosting structure for API management

Design an infrastructure strategy (15-20%)

Design a Storage Strategy
  • design a storage provisioning strategy
  • design storage access strategy
  • identify storage requirements
  • recommend a storage solution and storage management tools
Design a Compute Strategy
  • design compute provisioning and secure compute strategies
  • determine appropriate compute technologies (e.g., virtual machines, functions, service fabric, container instances, etc.)
  • design an Azure HPC environment
  • identify compute requirements
  • recommend management tools for compute
Design a Networking Strategy
  • design network provisioning and network security strategies
  • determine appropriate network connectivity technologies
  • identify networking requirements
  • recommend network management tools
Design a Monitoring Strategy for Infrastructure
  • design for alert notifications
  • design an alert and metrics strategy

Share this article

Facebook Twitter LinkedIn

About the Author

Alexander Lvovich

Alexander Lvovich

Solution Architect & Software Developer | Automating & Scaling Infrastructure

💡 Working with Kubernetes, Istio, and DevOps. Got questions? Feel free to reach out!

About me

No comments are allowed for this post