top of page
Writer's pictureThe Tech Platform

AZ-303 STUDY GUIDE: AZURE ARCHITECT TECHNOLOGIES



To get the Microsoft Certified: Azure Solutions Architect Expert certification, there are two new exams which you need to pass, the AZ-303: Microsoft Azure Architect Technologies and the AZ-304: Microsoft Azure Architect Design exam. In this blog post, I am going to share my AZ-303: Microsoft Azure Architect Technologies Certification Exam Study Guide with you. To learn and prepare for the exam, I usually use a couple of online resources, mainly Microsoft Docs and Microsoft Learn, which I am going to share with you. You can find more information about how I prepare for a Microsoft Certification exam on my blog post: How to prepare and pass Microsoft Certification Exam.


Here is my AZ-303 Microsoft Azure Architect Technologies Certification Exam Study Guide

It is essential to get familiar with the exam objectives and skills measured first. That is why I recommend reading the description of the exam and the skills measured.

Exam AZ-303: Microsoft Azure Architect Technologies Candidates for this exam are Azure Solutions Architects who advise stakeholders and translate business requirements into secure, scalable, and reliable solutions. Candidates should have advanced experience and knowledge of IT operations, including networking, virtualization, identity, security, business continuity, disaster recovery, data platform, budgeting, and governance. This role requires managing how decisions in each area affects an overall solution. Candidates must have expert-level skills in Azure administration and have experience with Azure development processes and DevOps processes.

The high-level view of the skills measured in the exam:

  • Implement and Monitor an Azure Infrastructure (50-55%)

  • Implement Management and Security Solutions (25-30%)

  • Implement Solutions for Apps (10-15%)

  • Implement and Manage Data Platforms (10-15%)

You can find more information on the exam website.


Free Online Microsoft Learn AZ-303 Exam Study Guide resources

Microsoft Learn provides you with free online training and learning paths for different Microsoft technologies. They not just offer reading material, but also control questions and free online labs. Here are some relevant Microsoft Learn modules and learning paths for the AZ-303 Microsoft Azure Architect Technologies Certification Exam. Microsoft Learn is an important part of my AZ-303 exam study guide.

  • Architect great solutions in Azure

  • Architect network infrastructure in Azure

  • Architect a data platform in Azure

  • Architect storage infrastructure in Azure

  • Architect compute infrastructure in Azure

  • Architect infrastructure operations in Azure

  • Architect migration, business continuity, and disaster recovery in Azure

  • Architect modern applications in Azure

  • Architect secure infrastructure in Azure

Microsoft Docs AZ-303 study guide resources

One thing I always used to prepare for my Microsoft exams is Microsoft Docs. Here are the relevant Microsoft Docs which I used to prepare and study for the AZ-303 exam.


Implement and Monitor an Azure Infrastructure (50-55%)

Implement cloud infrastructure monitoring

  • monitor security

    • Strengthen your security posture with Azure Security Center

    • Security Control: Logging and Monitoring

    • Azure infrastructure monitoring

  • monitor performance

    • Create diagnostic setting to collect platform logs and metrics in Azure

    • Create diagnostic setting in Azure using a Resource Manager template

    • Metric Baseline – Get

    • Azure Monitor overview

    • Quickstart: Monitor an Azure resource with Azure Monitor

    • Azure Monitor Workbooks

    • Azure Monitor workbook visualizations

    • Collect data from an Azure virtual machine with Azure Monitor

  • monitor health and availability

    • Azure Service Health

    • Resource Health overview

  • monitor cost

    • Monitoring your cloud costs

    • Use cost alerts to monitor usage and spending

    • Download or view your Azure billing invoice and daily usage data

  • configure advanced logging

    • What is Application Insights?

    • Overview of Insights in Azure Monitor

  • configure logging for workloads

    • Logs in Azure Monitor

  • initiate automated responses by using Action Groups

    • Create and manage action groups in the Azure portal

  • configure and manage advanced alerts

    • Create, view, and manage log alerts using Azure Monitor

    • Manage alert instances with unified alerts

    • Create diagnostic setting to collect platform logs and metrics in Azure

    • Overview of alerts in Microsoft Azure

    • Create a Log Analytics workspace in the Azure portal


Implement storage accounts

  • select storage account options based on a use case

    • Storage account overview

    • Introduction to Azure Storage

  • configure Azure Files and blob storage

    • Introduction to Azure Blob storage

    • Create an Azure file share

  • configure network access to the storage account

    • Configure Azure Storage firewalls and virtual networks

  • implement Shared Access Signatures and access policies

    • Delegate access with a shared access signature

    • Grant limited access to Azure Storage resources using shared access signatures (SAS)

  • implement Azure AD authentication for storage

    • Authorize access to blobs and queues using Azure Active Directory

  • manage access keys

    • Manage storage account access keys

  • implement Azure storage replication

    • Azure Storage redundancy

    • Disaster recovery and account failover (preview)

  • implement Azure storage account failover

    • Initiate a storage account failover (preview)


Implement VMs for Windows and Linux

  • configure High Availability

    • Availability options for virtual machines in Azure

    • Manage the availability of Windows virtual machines in Azure

  • configure storage for VMs

    • Attach a managed data disk to a Windows VM by using the Azure portal

    • Attach a data disk to a Windows VM with PowerShell

    • What disk types are available in Azure?

  • select virtual machine size

    • Sizes for Windows virtual machines in Azure

    • Sizes for Linux virtual machines in Azure

  • implement Azure Dedicated Hosts

    • Deploy VMs to dedicated hosts using the portal

    • Azure Dedicated Hosts

  • deploy and configure scale sets

    • What are virtual machine scale sets?

  • configure Azure Disk Encryption

    • Azure Disk Encryption for Linux VMs

    • Azure Disk Encryption for Windows VMs


Automate deployment and configuration of resources

  • save a deployment as an Azure Resource Manager template

    • Download the template for a VM

  • modify Azure Resource Manager template

    • Extend Azure Resource Manager template functionality

    • Azure Resource Manager templates overview

    • Tutorial: Create and deploy your first Azure Resource Manager template

  • evaluate location of new resources

    • Conditional deployment in Resource Manager templates

    • Set resource location in Resource Manager template

  • configure a virtual disk template

    • Create a VM from a VHD by using the Azure portal

  • deploy from a template

    • Download the template for a VM

  • manage a template library

    • Azure Resource Manager templates overview

  • create and execute an automation runbook

    • Start a runbook in Azure Automation


Implement virtual networking

  • implement VNet to VNet connections

    • Configure a VNet-to-VNet VPN gateway connection by using the Azure portal

  • implement VNet peering

    • Virtual network peering

    • Create, change, or delete a virtual network peering


Implement Azure Active Directory

  • add custom domains

    • Add your custom domain name using the Azure Active Directory portal

  • configure Azure AD Identity Protection

    • What is Azure Active Directory Identity Protection?

  • implement self-service password reset

    • Plan an Azure Active Directory self-service password reset

    • How it works: Azure AD self-service password reset

    • Licensing requirements for Azure AD self-service password reset

  • implement Conditional Access including MFA

    • Conditional Access: Require MFA for all users

    • Conditional Access: Risk-based Conditional Access

  • configure user accounts for MFA

    • Tutorial: Secure user sign-in events with Azure Multi-Factor Authentication

  • configure fraud alerts

    • Reports in Azure Multi-Factor Authentication

    • Configure Azure Multi-Factor Authentication settings

  • configure bypass options

    • Configure Azure Multi-Factor Authentication settings

  • configure Trusted IPs

    • Quickstart: Configure named locations in Azure Active Directory

    • What is the location condition in Azure Active Directory Conditional Access?

  • configure verification methods

    • Change your two-factor verification method and settings

    • What is the Additional verification page?

  • implement and manage guest accounts

    • What is guest user access in Azure Active Directory B2B?

    • Manage guest access with Azure AD access reviews

    • Quickstart: Add guest users to your directory in the Azure portal

  • manage multiple directories

    • Understand how multiple Azure Active Directory tenants interact


Implement and manage hybrid identities

  • install and configure Azure AD Connect

    • Custom installation of Azure AD Connect

    • Select which installation type to use for Azure AD Connect

  • identity synchronization options

    • Azure AD Connect sync: Understand and customize synchronization

    • Azure Active Directory Hybrid Identity Design Considerations

  • configure and manage password sync and password write back

    • Implement password hash synchronization with Azure AD Connect sync

    • Tutorial: Enable Azure Active Directory self-service password reset write back to an on-premises environment

    • Azure AD Connect: Enabling device write back

    • What is password write back?

  • configure single sign-on

    • Azure Active Directory Seamless Single Sign-On: Quick start

    • Azure Active Directory Seamless Single Sign-On: Frequently asked questions

  • use Azure AD Connect Health

    • Azure Active Directory Connect Health operations

    • What is Azure AD Connect?


Implement Management and Security Solutions (25-30%)

Manage workloads in Azure

  • migrate workloads using Azure Migrate

    • About Azure Migrate

    • Prepare VMware VMs for assessment and migration to Azure

    • Assess VMware VMs by using Azure Migrate Server Assessment

    • Select a VMware migration option

    • Migrate VMware VMs to Azure (agentless)

    • Migrate VMware VMs to Azure (agent-based)

  • implement Azure Backup for VMs

    • An overview of Azure VM backup

    • Get improved backup and restore performance with Azure Backup Instant Restore capability

  • implement disaster recovery

    • Set up disaster recovery to a secondary Azure region for an Azure VM

  • implement Azure Update Management

    • Update Management solution in Azure

    • Enable Update Management, Change Tracking, and Inventory solutions on multiple VMs

    • Manage updates and patches for your Azure VMs


Implement load balancing and network security

  • implement Azure Load Balancer

    • Tutorial: Balance internal traffic load with a Basic load balancer in the Azure portal

    • Create an internal load balancer by using the Azure PowerShell module

    • Quickstart: Create a Load Balancer to load balance VMs using the Azure portal

  • implement an application gateway

    • Application Gateway configuration overview

  • implement a Web Application Firewall

    • Azure Web Application Firewall on Azure Application Gateway

  • implement Azure Firewall

    • Tutorial: Deploy and configure Azure Firewall using the Azure portal

  • implement the Azure Front Door Service

    • What is Azure Front Door Service?

    • Quickstart: Create a Front Door for a highly available global web application

  • implement Azure Traffic Manager

    • What is Traffic Manager?

    • Quickstart: Create a Traffic Manager profile using the Azure portal

  • implement Network Security Groups and Application Security Groups

    • Security groups

    • Create, change, or delete a network security group

  • implement Bastion

    • Create an Azure Bastion host


Implement and manage Azure governance solutions

  • create and manage hierarchical structure that contains management groups, subscriptions and resource groups

    • Azure Resource Manager overview

    • Organize your resources with Azure management groups

    • Create management groups for resource organization and management

    • Manage Azure Resource Manager resource groups by using the Azure portal

    • Azure subscription and service limits, quotas, and constraints

  • assign RBAC roles

    • Add or remove role assignments using Azure RBAC and the Azure portal

  • create a custom RBAC role

    • Custom roles for Azure resources

    • Tutorial: Create a custom role for Azure resources using Azure PowerShell

  • configure access to Azure resources by assigning roles

    • Tutorial: Grant a user access to Azure resources using RBAC and the Azure portal

  • configure management access to Azure

    • Manage access to Azure management with Conditional Access

    • Manage access to Azure resources with Azure AD Privileged Identity Management

    • Add or remove role assignments using Azure RBAC and the Azure portal

  • interpret effective permissions

    • What is role-based access control (RBAC) for Azure resources?

    • Quickstart: View the access a user has to Azure resources

  • set up and perform an access review

    • What are Azure AD access reviews?

  • implement and configure an Azure Policy

    • What is Azure Policy?

    • Quickstart: Create a policy assignment to identify non-compliant resources

    • Tutorial: Create and manage policies to enforce compliance

  • implement and configure an Azure Blueprint

    • What is Azure Blueprints?

    • Quickstart: Define and assign a blueprint in the portal


Manage security for applications

  • implement and configure KeyVault

    • What is Azure Key Vault?

    • About keys, secrets, and certificates

  • implement and configure Azure AD Managed Identities

    • What are managed identities for Azure resources?

    • Use a Windows VM system-assigned managed identity to access Resource Manager

  • register and manage applications in Azure AD

    • Tutorial: Register an application in Azure Active Directory B2C


Implement Solutions for Apps (10-15%)

Implement an application infrastructure

  • create and configure Azure App Service

    • App Service overview

    • Introduction to the App Service Environments

    • Custom configuration and application settings in Azure Web Sites

    • Configure an App Service app in the Azure portal

    • Buy a custom domain name for Azure App Service

    • Create an ASP.NET Core web app in Azure

  • create an App Service Web App for Containers

    • Deploy a custom Linux container to Azure App Service

  • create and configure an App Service plan

    • Azure App Service plan overview

    • Manage an App Service plan in Azure

  • configure an App Service

    • Custom configuration and application settings in Azure Web Sites

    • Configure an App Service app in the Azure portal

    • Buy a custom domain name for Azure App Service

  • configure networking for an App Service

    • Networking considerations for an App Service Environment

    • App Service networking features

    • Integrate your app with an Azure Virtual Network

  • create and manage deployment slots

    • Set up staging environments in Azure App Service

  • implement Logic Apps

    • Overview – What is Azure Logic Apps?

    • Quickstart: Create your first workflow by using Azure Logic Apps – Azure portal

    • Quickstart: Create automated tasks, processes, and workflows with Azure Logic Apps – Visual Studio

    • Quickstart: Create and manage logic app workflow definitions by using Visual Studio Code

  • implement Azure Functions

    • An introduction to Azure Functions

    • Azure Functions triggers and bindings concepts

    • Azure Functions trigger and binding example

    • Azure Functions triggers and bindings concepts

    • Azure Functions trigger and binding example

    • Azure Functions HTTP triggers and bindings overview

    • What are Durable Functions?


Implement container-based applications

  • create a container image

    • Tutorial: Build and deploy container images in the cloud with Azure Container Registry Tasks

    • Tutorial: Create container images on a Linux Service Fabric cluster

    • Tutorial: Create a container image for deployment to Azure Container Instances

  • configure Azure Kubernetes Service

    • Azure Kubernetes Service (AKS)

    • Quickstart: Deploy an Azure Kubernetes Service (AKS) cluster using the Azure portal

  • publish and automate image deployment to the Azure Container Registry

    • Push your first image to a private Docker container registry using the Docker CLI

    • Tutorial: Build and deploy container images in the cloud with Azure Container Registry Tasks

  • publish a solution on an Azure Container Instance

    • What is Azure Container Instances?

    • Quickstart: Deploy a container instance in Azure using the Azure portal

    • Quickstart: Deploy a container instance in Azure using the Azure CLI


Implement and Manage Data Platforms (10-15%)

Implement NoSQL databases

  • configure storage account tables

    • Azure Table storage overview

    • Understanding the Table service data model

  • select appropriate CosmosDB APIs

    • Choose the appropriate API for Azure Cosmos DB storage (Microsoft Learn module)

    • Welcome to Azure Cosmos DB

  • set up replicas in CosmosDB

    • Choose the right consistency level

    • Consistency levels and Azure Cosmos DB APIs

    • Consistency, availability, and performance tradeoffs


Implement Azure SQL databases

  • configure Azure SQL database settings

    • What is the Azure SQL Database service? 

    • Quickstart: Create a single database in Azure SQL Database using the Azure portal, PowerShell, and Azure CLI

    • Choose the right deployment option in Azure SQL

  • implement Azure SQL Database managed instances

    • SQL managed instance

    • What is Azure SQL Database managed instance?

    • Quickstart: Create an Azure SQL Database managed instance

  • configure HA for an Azure SQL database

    • High-availability and Azure SQL Database

  • publish an Azure SQL database

    • Azure SQL database deployment

    • Tutorial: Deploy your ASP.NET app and Azure SQL Database code by using Azure DevOps Projects


Tips and Resources

I hope this AZ-303 Microsoft Azure Architect Technologies Certification Exam Study Guide helps you pass the exam and get the Azure Solutions Architect certification. I also recommend that you open a free Azure account if you don’t have one yet. You can create your free Azure account here. Also, check out my blog posts about Microsoft Azure Certification:

  • Why you should become Microsoft Azure certified

  • How to pick the right Azure exam certification path

  • How to prepare and pass a Microsoft Azure exam

  • Learn Microsoft Azure in 2020

  • AZ-104 Microsoft Azure Administrator Exam Study Guide

I hope you enjoyed my AZ-303 Study Guide and it helps you as exam prep. Did I miss any link, or do you have any recommended AZ-303 Microsoft Azure Architect Technologies Certification Exam Study Guide resources? Let me know in the comments.


Source: Paper.li

0 comments

Comments


bottom of page