MS Exam 70-534: Architecting Microsoft Azure Solutions

This is now the third exam that’s released for Microsoft Azure. Based on the Skills measured, it is an exam that does not test you on how, but why you would do something.

The exam homepage is located at  https://www.microsoft.com/learning/en-us/exam-70-534.aspx.

Please note that the Microsoft Cloud is constantly changing and improving, so some of this content may be outdated or points to websites that no longer exists. Therefore, make sure to check the official exam home page to get up to speed before taking the exam. I’m trying to keep these lists updated, but please send me an email with any missing content 🙂

This exam is divided into six main categories, but as always, the topics described in this page or at the Microsoft Learning home page do not limit the questions you can be asked at the exam. The Exam is also a beta exam, that means that it most likely will change soon. Therefor, remember to check the Official page before entering the exam.

  1. Design Microsoft Azure infrastructure and networking
  2. Secure resources
  3. Design an application storage and data access strategy
  4. Design an advanced application
  5. Design websites
  6. Design a management, monitoring, and business continuity strategy

Some general links first

Design Microsoft Azure infrastructure and networking (15–20%)

Describe how Azure uses Global Foundation Services (GFS) datacenters

Understand Azure datacenter architecture, regional availability, and high availability

Design Azure virtual networks, networking services, DNS, DHCP, and IP addressing configuration

Extend on-premises Active Directory, deploy Active Directory, define static IP reservations, understand ACLs and Network Security Groups

Design Azure Compute

Design Azure virtual machines (VMs) and VM architecture for IaaS and PaaS; understand availability sets, fault domains, and update domains in Azure; differentiate between machine classifications

Describe Azure virtual private network (VPN) and ExpressRoute architecture and design

Describe Azure point-to-site (P2S) and site-to-site (S2S) VPN, understand the architectural differences between Azure VPN and ExpressRoute

Describe Azure services

Understand, at a high level, Azure load balancing options, including Traffic Manager, Azure Media Services, CDN, Azure Active Directory (Azure AD), Azure Cache, Multi-Factor Authentication, and Service Bus

Secure resources (15–20%)

Secure resources by using managed identities

Describe the differences between Active Directory on-premises and Azure AD, programmatically access Azure AD using Graph API, secure access to resources from Azure AD applications using OAuth and OpenID Connect

Secure resources by using hybrid identities

Use SAML claims to authenticate to on-premises resources, describe DirSync synchronization, implement federated identities using Azure Access Control service (ACS) and Active Directory Federation Services (ADFS)

Secure resources by using identity providers

Provide access to resources using identity providers, such as Microsoft account, Facebook, Google, and Yahoo!

Identify an appropriate data security solution

Use the appropriate Access Control List (ACL), identify security requirements for data in transit and data at rest

Design a role-based access control strategy

Secure resource scopes, such as the ability to create VMs and websites

Design an application storage and data access strategy (15–20%)

Design data storage

Design storage options for data, including Table Storage, SQL Database, DocumentDB, Blob Storage, MongoDB, and MySQL; design security options for SQL Database or Azure Storage; identify the appropriate VM type and size for a solution

Design applications that use Mobile Services

Create Azure Mobile Services, consume Mobile Services from cross-platform clients, integrate offline sync capabilities into an application, extend Mobile Services using custom code, implement Mobile Services using Microsoft .NET or Node.js, secure Mobile Services using Azure AD

Design applications that use notifications

Implement push notification services in Mobile Services, send push notifications to all subscribers, specific subscribers, or a segment of subscribers

Design applications that use a web API

Implement a custom web API, scale using Azure Websites, offload long-running applications using WebJobs, secure a web API using Azure AD

Design a data access strategy for hybrid applications

Connect to on-premises data from Azure applications using Service Bus Relay, BizTalk Hybrid Connections, or the VPN capability of Websites, identify constraints for connectivity with VPN, identify options for joining VMs to domains or cloud services

Design a media solution

Describe Media Services, understand key components of Media Services, including streaming capabilities, video on-demand capabilities, and monitoring services

Design an advanced application (15–20%)

Create compute-intensive applications

Design high-performance computing (HPC) and other compute-intensive applications using Azure Services

Create long-running applications

Implement worker roles for scalable processing, design stateless components to accommodate scale

Select the appropriate storage option

Use a queue-centric pattern for development, select the appropriate storage for performance, identify storage options for cloud services and hybrid scenarios with compute on-premises and storage on Azure, differentiate between cloud services and VMs interacting with storage service and SQL Database

Integrate Azure services in a solution

Identify the appropriate use of machine learning, big data, Media Services, and search services

Design websites (15–20%)

Design websites for scalability and performance

Globally scale websites, create websites using Visual Studio, debug websites, understand supported languages, differentiate between websites to VMs and cloud services

Deploy websites

Implement Azure Site Extensions, create packages, hosting plans, deployment slots, resource groups, publishing options, Web Deploy, and FTP locations and settings

Design websites for business continuity

Scale up and scale out using Azure Websites and SQL Database, configure data replication patterns, update websites with minimal downtime, back up and restore data, design for disaster recovery, deploy websites to multiple regions for high availability, design the data tier

Design a management, monitoring, and business continuity strategy (15–20%)

Evaluate hybrid and Azure-hosted architectures for Microsoft System Center deployment

Understand, at an architectural level, which components are supported in Azure; describe design considerations for managing Azure resources with System Center; understand which scenarios would dictate a hybrid scenario

Design a monitoring strategy

Identify the Microsoft products and services for monitoring Azure solutions; understand the capabilities of System Center for monitoring an Azure solution; understand built-in Azure capabilities; identify third-party monitoring tools, including open source; describe use cases for Operations Manager, Global Service Monitor, and Application Insights; describe the use cases for Windows Software Update Services (WSUS), Configuration Manager, and custom solutions; describe the Azure architecture constructs, such as availability groups and update domains, and how they impact a patching strategy

Describe Azure business continuity/disaster recovery (BC/DR) capabilities

Understand the architectural capabilities of BC/DR, describe Hyper-V Replica and Azure Site Recovery (ASR), describe use cases for Hyper-V Replica and ASR

Design a disaster recovery strategy

Design and deploy Azure Backup and other Microsoft backup solutions for Azure, understand use cases when StorSimple and System Center Data Protection Manager would be appropriate

Design Azure Automation and PowerShell workflows

Create a PowerShell script specific to Azure

Describe the use cases for Azure Automation configuration

Understand when to use Azure Automation, Chef, Puppet, PowerShell, or Desired State Configuration (DSC)