Disclaimer: This exam study guide is not intended as a replacement for formal training on Microsoft Azure.
This exam study guide is intended as a study reference tool to assist experienced architects with preparing for Microsoft Specialist certification via Exam 70-534, Architecting Microsoft Azure Solutions.
Exam 70-534 is one of three exams that can be successfully passed to complete Microsoft Specialist certification on Microsoft Azure. Other exams in this Microsoft Specialist series include:
- Exam 70-532, Developing Microsoft Azure Solutions
- Exam 70-533, Implementing Microsoft Azure Solutions
Only one exam listed above (70-532 or 70-533 or 70-534) needs to be passed to attain Microsoft Specialist certification on Microsoft Azure.
About this Exam Study Guide
This exam guide presents the target exam objectives within each of the above objective domains in a checklist format to provide an easy method for experienced exam candidates to quickly self-assess their general exam preparedness and also provide specific study resources to help candidates address knowledge gap areas prior to attempting this exam. These are the same study resources that I personally used to prepare for Exams 70-534, 70-533 and 70-532 myself, so I’ve already taken time to proof and review each and every resource.
About Exam 70-534
Who should take Exam 70-534?
This exam is for candidates who are interested in validating their Microsoft Azure solution design skills. Candidates should know the features and capabilities of Azure services to be able to identify tradeoffs and make decisions for designing public and hybrid cloud solutions. Candidates who take this exam are expected to be able to define the appropriate infrastructure (IaaS) and platform solutions (PaaS) to meet the required functional, operational, and deployment requirements through the solution lifecycle.
Exam 70-532: Developing Microsoft Azure Solutions and Exam 70-533: Implementing Microsoft Azure Infrastructure Solutions are useful for candidates who also want to validate their implementation experience across cloud projects, but they are not prerequisites for this exam.
Which skills does Exam 70-534 target?
Exam 70-534 targets the following six (6) certification objective domains:
- Design Microsoft Azure infrastructure and networking (15-20%)
- Secure resources (15-20%)
- Design an application storage and data access strategy (15-20%)
- Design an advanced application (15-20%)
- Design websites (15-20%)
- Design a management, monitoring and business continuity strategy (15-20%)
Exam Format and Question Types
Microsoft certification exams may use a variety of exam question formats to test related skills. If you haven't taken a Microsoft certification exam recently, be sure to review the following information to get a better understanding of each question format that may be used for your exam.
Additional Study Resources for Exams 70-532 and 70-533
In addition to the exam preparation resources for Exam 70-534 in this study guide, you will find these additional resources helpful if you are also planning to prepare for Exam 70-532, Developing Microsoft Azure Solutions and/or Exam 70-533, Implementing Microsoft Azure Solutions.
Additional study resources for Exam 70-532
- Exam Prep Course for Exam 70-532 on Microsoft Virtual Academy
- Study Guide for Exam 70-532 by Jeremy Foster
Additional study resources for Exam 70-533
- Azure IaaS for IT Pros training course on Microsoft Virtual Academy
- Early Experts Study Guide for Exam 70-533 by Jennelle Crothers
If you’ve not already done so, you’ll need an active Microsoft Azure subscription to gain the most value from this exam study guide. Many of the resources below involve hands-on activities, and having access to Azure is key to mastery of the associated skills.
Activate a Microsoft Azure subscription
If you don’t currently have an active Microsoft Azure subscription, you can obtain one for free via our Microsoft Azure free trial subscription program.
Formal Training on Microsoft Azure
If you’re completely new to Microsoft Azure, you may wish to complete a formal training program to build foundational knowledge before leveraging this Exam Study Guide. Foundational training on Microsoft Azure is available via:
- Early Experts: Hybrid Cloud Specialist
- Microsoft Virtual Academy
- Channel 9 Azure Friday
- Microsoft Press ebooks and training guides
- Additional Microsoft ebooks
- In-person Microsoft Azure Training via Microsoft Learning Partners
In addition to foundational training, an online training course that specifically targets this exam is also available on Microsoft Virtual Academy.
Using this Exam Study Guide
When you're ready to begin preparing for your certification exam, I'd recommend following this strategy to use your time as productively as possible:
- Review each objective listed below at a high-level under each objective domain.
- Check-off exam objectives for which you already feel that you have sufficient knowledge.
- For the remaining exam objectives, review the linked study resources.
- As you progress, check-off each exam objective when you've completed the linked study resources
- After all exam objectives have been checked-off, you're ready to schedule your exam!
1. Design Microsoft Azure infrastructure and networking (15–20%)
1.1 Describe how Azure uses Global Foundation Services (GFS) datacenters.
☐ Understand Azure datacenter architecture, regional availability, and high availability
1.2 Design Azure virtual networks.
☐ Deploy Azure Active Directory
- What is an Azure AD directory?
- Azure Active Directory Editions
- Getting Started with Azure AD Premium
☐ Extend on-premises Active Directory
- Determine which directory integration scenario to use
- Directory Synchronization Tools
- Azure AD Connect
- Directory Sync with Password Sync Scenario
- Directory Sync with SSO using ADFS
☐ Design Azure Virtual Networks
- TCP/IP Fundamentals for Microsoft Windows
- 8 Steps to Understanding IP Subnetting
- Understand the basics of network security
- Virtual Network FAQ
- Configure a Cloud-Only Virtual Network
- Add or Remove DNS Servers for a Virtual Network
- About Regional VNets and Affinity Groups for Virtual Networks
- About Public IP Address Space and Virtual Network
- Create a VM with Multiple NICs
- Move a VM or Role Instance to a Different Subnet in an Azure Virtual Network
- Export and Import Virtual Network Settings
☐ Define static IP reservations
- Configure a Static Internal IP Address (DIP) for a VM
- Reserved Public IP Addresses (VIPs)
- Instance-Level Public IP Addresses (PIP)
☐ Understand ACLs and Network Security Groups
1.3 Design Azure Compute.
☐ Design applications using Azure IaaS virtual machines (VMs) IaaS and PaaS roles.
- Microsoft Azure Architecture Overview
- Overview of Azure Virtual Machines
- Azure Virtual Machines FAQ
- Build an Application that runs in Cloud Services
- Building Real-world Cloud Apps (summary)
- Building Real-world Cloud Apps (eBook)
- Cloud Design Patterns
- Transient Fault Handling Application Block
- FailSafe: Guidance for Resilient Cloud Architectures
- Scaling applications using Cloud Services
- Run Software in Azure IaaS VMs
- Azure Architecture Guide
☐ Understand availability sets, fault domains, and update domains in Azure
- Manage the availability of Azure IaaS virtual machines
- Azure Fault Domains and Upgrade Domains Explained
- Upgrade Domains with Azure Cloud Services
☐ Differentiate between virtual machine classifications
1.4 Describe Azure virtual private network (VPN) and ExpressRoute.
☐ Azure site-to-site (S2S) VPN
- About VPN Gateways
- Configure a Site-to-Site VPN in the Management Portal
- Configure a VNet-to-Vnet Connection
- Configure a Multi-Site VPN
- About Forced Tunneling
- Diagnose Azure Virtual Network VPN Connectivity
☐ Azure ExpressRoute
- Azure ExpressRoute Technical Overview
- Azure ExpressRoute FAQ
- ExpressRoute workflow for circuit provisioning
- Create an ExpressRoute circuit
- Create and modify routing for an ExpressRoute circuit
- Configure a Virtual Network for ExpressRoute
- Link a Virtual Network to an ExpressRoute circuit
- Microsoft Azure ExpressRoute (eBook)
☐ Azure point-to-site (P2S) VPN
1.5 Describe Azure services.
☐ Understand Azure Services, at a high level
☐ Azure load balancing options, including Traffic Manager
- Load Balancing Azure IaaS Virtual Machines
- Microsoft Azure Load Balancing Services
- Azure Load Balancer – New Distribution Modes
- Configurable Idle Timeout for Azure Load Balancer
☐ Azure Media Services
☐ Azure Content Delivery Network (CDN)
☐ Azure Cache
- Azure In-Role Cache Overview
- Azure Managed Cache Overview
- Azure Redis Cache Overview
- Common cache patterns with Azure Redis Cache
☐ Azure Service Bus
- How to use Service Bus Queues
- How to use Service Bus Topics/Subscriptions
- How to use Service Bus Relay
☐ Azure Active Directory (Azure AD)
☐ Multi-Factor Authentication
2. Secure resources (15–20%)
2.1 Secure resources by using managed identities.
☐ Describe the differences between Active Directory on-premises and Azure AD
☐ Programmatically access Azure AD using Graph API
☐ Secure access to resources from Azure AD applications using OAuth and OpenID Connect
2.2 Secure resources by using hybrid identities.
☐ Use SAML claims to authenticate to on-premises resources
☐ Implement federated identities using Azure Access Control service (ACS) and Active Directory Federation Services (ADFS)
2.3 Secure resources by using identity providers
☐ Provide access to resources using identity providers, such as Microsoft account, Facebook, Google, and Yahoo!
2.4 Identify an appropriate data security solution
☐ Use the appropriate Access Control List (ACL), and identify security requirements for data in transit and data at rest
2.5 Design a role-based access control strategy
☐ Secure resource scopes, such as the ability to create VMs and websites
3. Design an application storage and data access strategy (15–20%)
3.1 Design storage options for data, including the following technologies:
☐ Azure Storage Options
- Data Storage Options
- Data Partitioning Strategies
- Unstructured Blob Storage
- Configure Software RAID on Linux VMs
- Using Storage Spaces on Windows VMs
- Introduction to Azure Files
- Persisting Connections to Azure Files
- Data Management Patterns and Guidance
☐ Azure SQL Database
- Azure SQL Database Service Tiers
- Azure SQL Database Guidelines
- Azure SQL Database Resource Management
- What’s new in the Latest Azure SQL Database Update V12 (preview)
- Data Access Application Block
☐ Azure DocumentDB
- Introduction to Azure DocumentDB
- DocumentDB Resource Model and Concepts
- Azure DocumentDB FAQ
- Getting Started with Azure DocumentDB
- DocumentDB Limits
- DocumentDB Indexing Policies and Performance Tuning
- Introduction to MongoDB
- Deploy MongoDB Worker roles in Azure
- MongoDB as a Service in the Azure Marketplace
- MongoDB Architecture Guide
3.2 Design security options for data, including:
☐ SQL Database
☐ Azure Storage
☐ Create Azure Mobile Services
☐ Consume Mobile Services from cross-platform clients
☐ Integrate offline sync capabilities into an application
☐ Extend Mobile Services using custom code
☐ Secure Mobile Services using Azure AD
3.4 Design applications that use notifications
☐ Implement push notification services in Mobile Services
☐ Send push notifications to all subscribers, specific, or a segment of subscribers
3.5 Design applications that use a web API
☐ Implement a custom web API
☐ Scale using Azure Websites
☐ Offload long-running applications using WebJobs
☐ Secure a web API using Azure AD
3.6 Design a data access strategy for hybrid applications.
☐ Service Bus Relay
☐ BizTalk Hybrid Connections
- BizTalk Hybrid Connections Overview
- Create and manage Hybrid Connections
- Connect an Azure website to an on-premises resource using Hybrid Connections
☐ VPN capability of Azure Websites
☐ Identify constraints for connectivity with VPN
☐ Identify options for joining VMs to domains or cloud services
3.7 Design a media solution.
☐ Understand key components of Media Services, including streaming capabilities, video on-demand capabilities, and monitoring services
4. Design an advanced application (15–20%)
4.1 Create compute-intensive applications.
☐ Design high-performance computing (HPC) and other compute-intensive applications using Azure Services
4.2 Create long-running applications.
☐ Implement worker roles for scalable processing with stateless components
4.3 Select the appropriate storage option.
☐ Identify storage options for cloud services
- Get Started with Azure Cloud Services and Storage in ASP.NET
- Configure Local Storage Resources for Cloud Services
☐ Use a queue-centric pattern for development
☐ Select the appropriate storage for performance
- Azure Storage Scalability and Performance Targets
- Azure Premium Storage: High Performance Storage for Virtual Machine Workloads
- Azure SQL Database Performance Guidance
- Storage Performance Considerations for SQL Server on Azure IaaS VMs
☐ Design hybrid scenarios with compute on-premises and storage on Azure
☐ Differentiate between cloud services and VMs interacting with storage service and SQL Database
4.4 Integrate Azure services in a solution with the following technologies:
☐ Azure Machine Learning
☐ Big Data
☐ Azure Media Services
☐ Azure Search
5. Design websites (15–20%)
5.1 Design websites for scalability and performance
☐ Create and Deploy Azure Websites
☐ Create websites using Visual Studio
☐ Globally scale websites
☐ Debug websites
☐ Understand supported languages
- .NET – Get started with Azure Websites and ASP.NET
- Java – Get started with Azure Websites and Java
- Node.js – Build and deploy a Node.js website to Azure Websites
- PHP – How to create a PHP website in Azure Websites
- Python – Creating Websites with Django Python
- Python – Creating Websites with Bottle Python
- Python – Creating Websites with Flask Python
☐ Differentiate between websites to VMs and cloud services
5.2 Deploy websites
☐ Implement Azure Site Extensions
☐ Create packages
☐ Hosting plans and Resource Groups
☐ Deployment slots
☐ Publishing options
5.3 Design websites for business continuity
☐ Scale up and scale out using Azure Websites and SQL Database
- Scaling Your Web Application with Azure Websites
- Getting Started with Azure SQL Database Elastic Scale
☐ Configure data replication patterns
☐ Update websites with minimal downtime
☐ Backup and restore data
☐ Design websites across multiple regions for high availability and disaster recovery
☐ Design the data tier
6. Design a management, monitoring, and business continuity strategy (15–20%)
6.1 Evaluate hybrid and Azure-hosted architectures for Microsoft System Center deployment.
☐ Understand, at an architectural level, which components are supported in Azure
- Microsoft Server Software Support on Azure
- System Center 2012 Configuration Manager and Endpoint Protection on Azure
☐ Describe design considerations for managing Azure resources with System Center
☐ Understand which scenarios would dictate a hybrid scenario
6.2 Design a monitoring strategy.
☐ Identify the Microsoft products and services for monitoring Azure solutions
☐ Understand the capabilities of System Center for monitoring an Azure solution
☐ Understand built-in Azure capabilities
- Understanding Monitoring Alerts and Notifications in Azure
- How to Monitor Azure Websites
- How to Monitor Cloud Services
- How to Monitor a Storage Account
- Monitoring Azure SQL Database using Dynamic Management Views
- Configure Web Endpoint Status Monitoring
- About Traffic Manager Monitoring
- Microsoft Azure Security and Audit Log Management
- Automate Health Monitoring Alert Rules in the Cloud
☐ Describe use cases for Operations Manager, Global Service Monitor, and Application Insights
☐ Identify third-party monitoring tools, including open source
- ClearPointe Managed Azure Management
- New Relic Application Performance Management on Azure
- Alert Logic Log Manager
- Nagios XI
☐ Describe the use cases for Windows Software Update Services (WSUS), Configuration Manager, and custom solutions
- Windows Server Update Services
- Software Update Management in System Center Configuration Manager
- Manage Windows Updates on an Azure VM using Azure Automation
☐ Describe the Azure architecture constructs, such as availability groups and update domains, and how they impact a patching strategy
6.3 Describe Azure business continuity/disaster recovery (BC/DR) capabilities.
☐ Understand the architectural capabilities of BC/DR
- Azure Storage Redundancy Options
- Azure SQL Database Business Continuity
- Azure Recovery Options for Azure Virtual Machines
- SQL Server in Azure IaaS VMs Disaster Recovery
☐ Describe Hyper-V Replica and Azure Site Recovery (ASR) and associated use cases
6.4 Design a disaster recovery strategy.
☐ Design and deploy Azure Backup and other Microsoft backup solutions for Azure
☐ Understand use cases when StorSimple and System Center Data Protection Manager would be appropriate
6.5 Design Azure Automation and PowerShell workflows.
☐ Create a PowerShell script specific to Azure
- Approved Verbs for Windows PowerShell Commands
- How to install and configure Azure PowerShell
- Azure PowerShell Cmdlet Reference
- Using PowerShell with Azure Resource Manager
- Using Azure PowerShell with the Azure Service Management REST API
- Azure Script Center
6.6 Describe the use cases for Azure Automation configuration.
☐ Understand when to use Azure Automation, Chef, Puppet, PowerShell, or Desired State Configuration (DSC)
- Getting Started with Azure Automation
- End-to-End Azure Provisioning with Azure Automation and PowerShell DSC – Part 1
- End-to-End Azure Provisioning with Azure Automation and PowerShell DSC – Part 2
- PowerShell DSC Resource Kit
- PowerShell DSC for Linux
- Automated Provisioning for Linux with Azure Xplat CLI and Node.js – Part 1
- Automated Provisioning for Linux with Azure Xplat CLI and Node.js – Part 2
- Puppet and Azure: Bringing DevOps to the Enterprise
- Deploying Puppet Enterprise in Microsoft Azure
- Hands-free Configuration of Microsoft Azure VM’s using Chef
- Getting Started with Docker on Microsoft Azure
Scheduling your Exam
- DO IT! Schedule Exam 70-534
For other questions regarding Microsoft certification exams and exam policies, visit the Microsoft Learning Exam policies and FAQ page.
Good luck with your exam preparation!