To get the Microsoft Certified: Azure Solutions Architect Expert certification, there are two new exams which you need to pass, the AZ-303: Microsoft Azure Architect Technologies and the AZ-304: Microsoft Azure Architect Design exam. In this blog post, I am going to share my AZ-304: Microsoft Azure Architect Design Certification Exam Study Guide with you. To learn and prepare for the exam, I usually use a couple of online resources, mainly Microsoft Docs and Microsoft Learn, which I am going to share with you. You can find more information about how I prepare for a Microsoft Certification exam on my blog post: How to prepare and pass Microsoft Certification Exam.
NOTE: Before starting with this exam, check out the new AZ-305 exam and my AZ-305 Microsoft Azure Solutions Architect Certification Exam Study Guide.
Also, check out other Microsoft Azure Certification Exam Study Guides:
- Exam AZ-900: Microsoft Azure Fundamentals Exam Study Guide
- Exam AZ-104: Microsoft Azure Administrator Exam Study Guide
- Exam AZ-204: Developing Solutions for Microsoft Azure Exam Study Guide
- Exam AZ-303: Microsoft Azure Architect Technologies Exam Study Guide
- Exam AZ-500: Microsoft Azure Security Technologies Exam Study Guide
- Exam AZ-600: Configuring and Operating a Hybrid Cloud with Microsoft Azure Stack Hub Exam Study Guide
- Exam AZ-700: Microsoft Azure Network Engineer Exam Study Guide
- Exam SC-900: Microsoft Security, Compliance, and Identity Fundamentals Exam Study Guide
- Exam DP-300: Azure Database Administrator Exam Study Guide
Here is my AZ-304 Microsoft Azure Architect Technologies Certification Exam Study Guide
It is essential to get familiar with the exam objectives and skills measured first. That is why I recommend reading the description of the exam and the skills measured.
Exam AZ-304: Microsoft Azure Architect Design
Candidates for this exam are Azure Solutions Architects who advise stakeholders and translate business requirements into secure, scalable, and reliable solutions.
Candidates should have advanced experience and knowledge of IT operations, including networking, virtualization, identity, security, business continuity, disaster recovery, data platform, budgeting, and governance. This role requires managing how decisions in each area affects an overall solution.
Candidates must have expert-level skills in Azure administration and have experience with Azure development processes and DevOps processes.
The high-level view of the skills measured in the exam:
- Design Monitoring (10-15%)
- Design Identity and Security (25-30%)
- Design Data Storage (15-20%)
- Design Business Continuity (10-15%)
- Design Infrastructure (25-30%)
You can find more information on the exam website.
Free Online Microsoft Learn AZ-304 Exam Study Guide resources
Microsoft Learn provides you with free online training and learning paths for different Microsoft technologies. They not just offer reading material, but also control questions and free online labs. Here are some relevant Microsoft Learn modules and learning paths for the AZ-304 Microsoft Azure Architect Design Certification Exam. Microsoft Learn is an important part of my AZ-304 exam study guide.
- Architect great solutions in Azure
- Architect network infrastructure in Azure
- Architect a data platform in Azure
- Architect storage infrastructure in Azure
- Architect compute infrastructure in Azure
- Architect infrastructure operations in Azure
- Architect migration, business continuity, and disaster recovery in Azure
- Architect modern applications in Azure
- Architect secure infrastructure in Azure
Microsoft Docs AZ-304 study guide resources
One thing I always used to prepare for my Microsoft exams is Microsoft Docs. Here are the relevant Microsoft Docs which I used to prepare and study for the AZ-304 exam.
Design Monitoring (10-15%)
Design for cost optimization
- recommend a solution for cost management and cost reporting
- recommend solutions to minimize costs
Design a solution for logging and monitoring
- determine levels and storage locations for logs
- plan for integration with monitoring tools including Azure Monitor and Azure Sentinel
- recommend appropriate monitoring tool(s) for a solution
- choose a mechanism for event routing and escalation
- recommend a logging solution for compliance requirements
Design Identity and Security (25-30%)
Design authentication
- recommend a solution for single-sign on
- recommend a solution for authentication
- recommend a solution for Conditional Access, including multi-factor authentication
- recommend a solution for network access authentication
- recommend a solution for a hybrid identity including Azure AD Connect, Azure AD
Connect cloud sync and Azure AD Connect Health - recommend a solution for user self-service
- recommend and implement a solution for B2B integration
Design authorization
- choose an authorization approach
- recommend a hierarchical structure that includes management groups, subscriptions and resource groups
- Overview of Management services in Azure
- Azure Resource Manager overview
- Organize your resources with Azure management groups
- Create management groups for resource organization and management
- Manage Azure Resource Manager resource groups by using the Azure portal
- Azure subscription and service limits, quotas, and constraints
- recommend an access management solution including RBAC policies, access reviews, role assignments, physical access, Privileged Identity Management (PIM), Azure AD Identity Protection, Just In Time (JIT) access
- Add or remove role assignments using Azure RBAC and the Azure portal
- What is role-based access control (RBAC) for Azure resources?
- Quickstart: View the access a user has to Azure resources
- What are Azure AD access reviews?
- What is Azure Active Directory Identity Protection?
- Secure your management ports with just-in-time access
- What is Azure AD Privileged Identity Management?
Design governance
- recommend a strategy for tagging
- recommend a solution for using Azure Policy
- recommend a solution for using Azure Blueprint
- recommend a solution that leverages Azure Resource Graph
Design security for applications
- recommend a solution that includes KeyVault
- recommend a solution that includes Azure AD Managed Identities
- recommend a solution for integrating applications into Azure AD
Design Data Storage (15-20%)
Design a solution for databases
- select an appropriate data platform based on requirements
- recommend database service tier sizing
- recommend a solution for database scalability
- recommend a solution for encrypting data at rest, data in transmission, and data in use
Design data integration
- recommend a data flow to meet business requirements
- recommend a solution for data integration, including Azure Data Factory, Azure Data Bricks, Azure Data Lake, Azure Synapse Analytics
Select an appropriate storage account
- choose between storage tiers
- recommend a storage access solution
- recommend storage management tools
Design Business Continuity (10-15%)
Design a solution for backup and recovery
- recommend a recovery solution for Azure hybrid and on-premises workloads that meets recovery objectives (RTO, RLO, RPO)
- design and Azure Site Recovery solution
- recommend a solution for recovery in different regions
- recommend a solution for geo-redundancy of workloads
- recommend a solution for Azure Backup management
- design a solution for data archiving and retention
Design for high availability
- recommend a solution for application and workload redundancy, including compute, database, and storage
- recommend a solution for autoscaling
- identify resources that require high availability
- identify storage types for high availability
Design Infrastructure (25-30%)
Design a compute solution
- recommend a solution for compute provisioning
- determine appropriate compute technologies, including virtual machines, App Services, Service Fabric, Azure Functions, Windows Virtual Desktop, and containers
- recommend a solution for containers
- recommend a solution for automating compute management
Design a network solution
- recommend a network architecture (hub and spoke, Virtual WAN)
- recommend a solution for network addressing and name resolution
- recommend a solution for network provisioning
- recommend a solution for network security including Private Link, firewalls, gateways,
network segmentation (perimeter networks/DMZs/NVAs) - recommend a solution for network connectivity to the Internet, on-premises networks, and other Azure virtual networks
- recommend a solution for automating network management
- recommend a solution for load balancing and traffic routing
Design an application architecture
- recommend a microservices architecture including Event Grid, Event Hubs, Service Bus, Storage Queues, Logic Apps, Azure Functions, and webhooks
- recommend an orchestration solution for deployment of applications including ARM templates, Logic Apps, or Azure Functions
- recommend a solution for API integration
Design migrations
- assess and interpret on-premises servers, data, and applications for migration
- Azure migration center
- About Azure Migrate
- Prepare VMware VMs for assessment and migration to Azure
- Assess VMware VMs by using Azure Migrate Server Assessment
- About assessments in Azure Migrate
- Assess the readiness of a SQL Server data estate migrating to Azure SQL Database using the Data Migration Assistant
- recommend a solution for migrating applications and VMs
- recommend a solution for migration of databases
- determine migration scope, including redundant, related, trivial, and outdated data
- recommend a solution for migrating data (Storage Migration Service, Azure Data Box,
Azure File Sync-based migration to hybrid file server)
Tips and Resources
I hope this AZ-304 Microsoft Azure Architect Design Certification Exam Study Guide helps you pass the exam and get the Azure Solutions Architect certification. I also recommend that you open a free Azure account if you don’t have one yet. You can create your free Azure account here. Also, check out my blog posts about Microsoft Azure Certification:
- Why you should become Microsoft Azure certified
- How to pick the right Azure exam certification path
- How to prepare and pass a Microsoft Azure exam
- Learn Microsoft Azure in 2020
- AZ-104 Microsoft Azure Administrator Exam Study Guide
I hope you enjoyed my AZ-304 Study Guide and it helps you as exam prep. Did I miss any link, or do you have any recommended AZ-304 Microsoft Azure Architect Design Certification Exam Study resources? Let me know in the comments.
Tags: Architect, AZ-304, AZ-304 Study Guide, Azure, Azure Architect, Azure Architect Design, Certification, Exam, guide, Learn, Learning, Microsoft, Microsoft Exam, Prep, Prepration, Study, Study Guide Last modified: October 7, 2021
Thank you Thomas!
That’s awesome!
Thanks
Thanks David! :)
Great Stuff Thomas.
Always comprehensive guide :)
Thanks, you’re welcome :)
Dear Thomas,
I would like to know when do you intend to publish a study guide for AZ-500?
I look forward to hearing from u asap.
Yes, but that will take a moment :)
Hi.
I already passed the AZ-300 last month.
If I give AZ-304(earlier was 301) exam & passed then can considered as part of Azure Architect Expert completion?
Thanks
Nilesh
Hi. Has any of this information changed now that the beta test has released? Do you know when practice questions might be available from Microsoft or others?
Great Guide to get the information needed for this exam. thank you :)
One point to note that “azure blueprints” is in preview, so unlikely to be in the exam AFAIK.
On portal.azure.com > Blueprints> it states:
“Welcome to Azure Blueprints PREVIEW”
Thank you :)
Well if it is in the skills measured list, I would definitely have a look at it :)
Hi Thomas,
thanks a lot for your effort. This page is very helpful and saves me a lot of time. Time i can invest in learning.
BR Tony
Thanks Tony :)
Thanks Thomas!!
You are a life saver :-)
Monika
Thank you :) I am happy to help!
Hi Thomas,
Happy New Year!
I am working as a Solution Architect and planning to give AZ 300 exam. Would like to know if i can give
AZ-304 first followed by AZ-303. What do you suggest?
Happy New Year to you too!
First, to achieve the certification, you don’t have to do the exams in a specific order. I think it personally comes down to personal preference. I think the 303 is more technical (if I remember correctly), while the 304 is more higher-level architecture. I think I would have a look at the skill outline and start with the one you think is easier.