Exam 70-535: Architecting Microsoft Azure Solutions Day Column left blank based on your exam Sdate Please fill that. I suggest daily to read 1 hr. Domains and Objectives Links Day 1. Design Compute Infrastructure (20 25%) 1.1 Design solutions using virtual machines https://docs.microsoft.com/en-us/azure/virtualmachines/windows/quick-create-portal azureinfrastructure/common-azure-hierarchies?u=2125562 Design VM deployments by leveraging availability sets, fault domains, and update domains https://docs.microsoft.com/en-us/azure/virtual-machines/ windows/manageavailability https://blogs.msdn.microsoft.com/plankytronixx/2015/05/01/azure-exam-prepfault-domains-and-update-domains/ azure-infrastructure/availability-sets-andfault-and-update- domains?u=2125562 Use web app for containers https://azure.microsoft.com/en-ca/services/app-service/ containers/ Design VM scale sets https://docs.microsoft.com/en-us/azure/virtual-machine-scalesets/virtual-machine-scale-sets-overview Design for compute-intensive tasks using Azure Batch https://docs.microsoft.com/en-us/azure/batch/ 1 of 31
Define a migration strategy from cloud services https://docs.microsoft.com/en-us/azure/architecture/servicefabric/migrate-from-cloud-services Recommend use of Azure Backup and Azure Site Recovery https://support.microsoft.com/en-ca/help/3197558/ introduction-to-azure-site-recovery-and-backup 1.2 Design solutions for serverless computing Use Azure Functions to implement event-driven actions https://docs.microsoft.com/en-us/azure/azure-functions/ Design for serverless computing using Azure Container Instances https://azure.microsoft.com/en-us/services/container-service/ Design application solutions by using Azure Logic Apps, Azure Functions, or both https://docs.microsoft.com/en-ca/azure/logic-apps/ 2 of 31
API management service https://docs.microsoft.com/en-ca/azure/api-management/ 1.3 Design microservicesbased solutions https://docs.microsoft.com/en-us/azure/service-fabric/ service-fabric-overview-microservices Determine when a containerbased solution is appropriate Determine when containerorchestration is appropriate https://docs.microsoft.com/en-ca/azure/containerinstances/container-instances-orchestrator-relationship Determine when Azure Service Fabric (ASF) is appropriate https://docs.microsoft.com/en-ca/azure/service-fabric/ Determine when Azure Functions is appropriate https://azure.microsoft.com/en-us/blog/azure-container-servicethe-cloud-s-most-open-option-for-containers/ https://www.quora.com/what-are-some-good-uses-for-azure- Functions 3 of 31
API management service Determine when Web API is appropriate Determine which platform is appropriate for container orchestration Consider migrating existing assets versus cloud native deployment Design lifecycle management strategies https://docs.microsoft.com/en-us/azure/api-management/apimanagement-using-with-vnet https://docs.microsoft.com/en-us/azure/architecture/bestpractices/api-implementation https://docs.microsoft.com/en-us/azure/containerinstances/container-instances-orchestrator-relationship https://docs.microsoft.com/en-us/dotnet/standard/modernizewith-azure-and-containers/ https://azure.microsoft.com/en-in/resources/videos/azureservice-fabric-103-lifecycle-management/ 1.4 Design web applications https://www.linkedin.com/learning/microsoft-azuredesign-azure-web-and-mobile-apps?u=2125562 4 of 31
Design custom web API https://docs.microsoft.com/en-us/azure/logic-apps/ custom-connector-build-web-api-app-tutorial Secure Web API https://docs.microsoft.com/en-us/azure/api-management/ api-management-howto-protect-backend-with-aad Design web apps for scalability and performance https://docs.microsoft.com/en-us/azure/app-service/websites-scale Design for high availability using Azure web apps in multiple regions https://docs.microsoft.com/en-us/azure/architecture/ reference-architectures/app-service-web-app/multi-region Determine which App service plan to use https://docs.microsoft.com/en-us/azure/app-service/azureweb-sites-web-hosting-plans-in-depth-overview Design web apps for business continuity https://docs.microsoft.com/en-us/azure/architecture/ resiliency/ 5 of 31
Determine when to use Azure App Service Environment (ASE) https://docs.microsoft.com/en-us/azure/app-service/ environment/intro Design for API apps https://docs.microsoft.com/en-us/azure/architecture/bestpractices/api-design API management service https://docs.microsoft.com/en-us/azure/api-management/apimanagement-key-concepts web apps on Linux https://azure.microsoft.com/en-us/blog/generalavailability-of-app-service-on-linux-and-web-app-forcontainers/ a CDN https://docs.microsoft.com/en-ca/azure/cdn/ a cache, including Azure Redis cache https://docs.microsoft.com/en-us/azure/redis-cache/ 6 of 31
1.5 Create computeintensive applications Design high-performance computing (HPC) and other compute-intensive applications using Azure Services https://azure.microsoft.com/en-ca/solutions/big-compute/ engineering-design/ Azure Batch Design stateless components to accommodate scale https://blogs.msdn.microsoft.com/microsoft_press/2015/05/04/ from-the-mvps-application-design-going-stateless-on-azure/ Design lifecycle strategy for Azure Batch https://docs.microsoft.com/en-us/azure/batch/batch-technicaloverview http://blog.itaysk.com/2016/10/08/a-practical-introduction-toazure-batch 2. Design Data Implementation (15 20%) https://www.linkedin.com/learning/microsoft-azuredesign-an-application-storage-and-data-accessstrategy?u=2125562 7 of 31
2.1 Design for Azure Storage solutions https://docs.microsoft.com/en-ca/azure/storage/ Azure Blob Storage, blob tiers, Azure Files, disks, and StorSimple 2.2 Design for Azure Data Services https://azure.microsoft.com/en-ca/overview/dataplatform/ Data Catalog, Azure Data Factory, SQL Data Warehouse, Azure Data Lake Analytics, Azure Analysis Services https://docs.microsoft.com/enus/azure/storage/common/storage-decide-blobs-files-disks https://azure.microsoft.com/en-us/blog/storsimple-supportscool-blobstorage/?ranmid=24542&raneaid=tnl5hpstwnw&ransiteid=tn L5HPStwNwmc1IcdZPcagTuRwA3pnZ6A&tduid=(a92d5f9137bdd2fb78cad443 9e9516ce)(256380)(2459594)(TnL5HPStwNwmc1IcdZPcagTuRwA3pnZ6A)() https://docs.microsoft.com/en-us/azure/sql-data-warehouse/sqldata-warehouse-integrate-azure-data-factory 2.3 Design for relational database storage 8 of 31
Azure SQL Database and SQL Server Stretch Database https://docs.microsoft.com/en-ca/azure/sql-database/ 9 of 31
Design for scalability and features Azure Database for MySQL and Azure Database for PostgreSQL https://docs.microsoft.com/en-ca/azure/mysql/ https://docs.microsoft.com/en-ca/azure/postgresql/ Intentionally left Blank Design for HA/DR, georeplication Design a backup and recovery strategy Design for HA/DR, georeplication 10 of 31
Design a backup and recovery strategy 2.4 Design for NoSQL storage Azure Redis Cache, Azure Table Storage, Azure Data Lake, Azure Search, Time Series Insights 2.5 Design for CosmosDB storage https://docs.microsoft.com/en-us/azure/cosmos-db/ MongoDB API, DocumentDB API, Graph API, Azure Tables API Design for cost, performance, data consistency, availability, and business continuity https://docs.microsoft.com/en-us/azure/cosmos-db/tutorial-developgraph-dotnet https://docs.microsoft.com/en-us/azure/cosmos-db/mongodbintroduction https://docs.microsoft.com/en-us/azure/time-series-insights/timeseries-insights-overview https://azure.microsoft.com/en-in/blog/documentdb-api-for-mongodbnow-generally-available/ https://docs.microsoft.com/en-us/azure/cosmos-db/table-storage-howto-use-dotnet https://docs.microsoft.com/en-us/azure/activedirectory/develop/active-directory-graph-api-quickstart https://docs.microsoft.com/en-us/azure/best-practicesavailability-paired-regions 11 of 31
3. Design Networking Implementation (15 20%) 3.1 Design Azure virtual networks https://www.concurrency.com/blog/w/azure-traffic-manager-vs-azure-load-balancer Design solutions that use Azure networking services: Design for load balancing using Azure Load Balancer and Azure Traffic Manager Define DNS, DHCP https://www.concurrency.com/blog/w/azure-traffic-manager-vs-azure-load-balancer https://docs.microsoft.com/en-us/azure/load-balancer/ load-balancer-overview https://docs.microsoft.com/en-us/azure/virtual-network/ virtual-networksfaq#name-resolution-dns Define IP strategies https://docs.microsoft.com/en-us/azure/virtual-network/ virtual-network-ipaddresses-overview-arm Azure Application Gateway https://docs.microsoft.com/en-us/azure/applicationgateway/application-gateway-introduction 12 of 31
multi-node application gateways, Traffic Manager, and load balancers https://docs.microsoft.com/en-us/azure/applicationgateway/application-gateway-multi-site-overview 3.2 Design external connectivity for Azure Virtual Networks Azure VPN, ExpressRoute, and Virtual Network Peering architecture and design https://www.linkedin.com/learning/microsoft-azure-architectingazure-infrastructure/vpn-gateway-topologies?u=2125562 userdefined routes (UDRs) https://docs.microsoft.com/en-us/azure/virtual-network/ virtual-networks-udr-overview VPN gateway site-to-site failover for ExpressRoute https://docs.microsoft.com/en-us/azure/architecture/ reference-architectures/hybrid-networking/expressroutevpn-failover https://docs.microsoft.com/en-us/azure/architecture/ reference-architectures/hybrid-networking/index 3.3 Design security strategies 13 of 31
network virtual appliances https://docs.microsoft.com/en-us/azure/architecture/ reference-architectures/dmz/nva-ha Design a perimeter network (DMZ) a Web Application Firewall (WAF), Network Security Group (NSG), and virtual network service tunneling https://docs.microsoft.com/en-us/azure/architecture/ reference-architectures/dmz/secure-vnet-hybrid https://docs.microsoft.com/en-us/azure/architecture/ reference-architectures/dmz/secure-vnet-dmz https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-forcedtunneling-rm https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-nsg https://docs.microsoft.com/en-us/azure/application-gateway/applicationgateway-web-application-firewall-overview 3.4 Design connectivity for hybrid applications https://docs.microsoft.com/en-us/azure/service-bus-relay/ relay-what-is-it Design connectivity to onpremises data from Azure applications using: Azure Relay Service https://docs.microsoft.com/en-us/azure/service-bus-relay/ relay-what-is-it 14 of 31
Azure Data Management Gateway for Data Factory https://docs.microsoft.com/en-us/azure/data-factory/v1/ data-factory-data-management-gateway Azure On-Premises Data Gateway https://docs.microsoft.com/en-us/azure/analysis-services/ analysis-services-gateway Hybrid Connections https://docs.microsoft.com/en-us/azure/biztalk-services/ integration-hybrid-connection-overview Azure web app s virtual private network (VPN) capability Identify constraints for connectivity with VPN https://docs.microsoft.com/en-us/azure/app-service/websites-integrate-with-vnet When connecting thru VPN to other network the maximum networks to which you can connect is 10. Identify options for joining VMs to domains https://docs.microsoft.com/en-us/azure/active-directorydomain-services/active-directory-ds-admin-guide-joinwindows-vm-portal 15 of 31
4. Design Security and Identity Solutions (20 25%) https://www.linkedin.com/learning/microsoft-azure-secureresources?u=2125562 4.1 Design an identity solution Design AD Connect synchronization https://docs.microsoft.com/en-us/azure/active-directory/ connect/active-directory-aadconnect Design federated identities using Active Directory Federation Services (AD FS) https://docs.microsoft.com/en-us/azure/active-directory/ connect/active-directory-aadconnectfed-whatis Design solutions for Multi- Factor Authentication (MFA) https://docs.microsoft.com/en-us/azure/multi-factorauthentication/multi-factor-authentication Design an architecture using Active Directory on-premises and Azure Active Directory (AAD) https://docs.microsoft.com/en-us/azure/architecture/ reference-architectures/hybrid-networking/index 16 of 31
Azure AD Domain Services https://docs.microsoft.com/en-us/azure/active-directorydomain-services/active-directory-ds-overview Design security for mobile apps using AAD https://docs.microsoft.com/en-us/azure/app-servicemobile/app-service-mobile-auth 4.2 Secure resources by using identity providers Design solutions that use external or consumer identity providers such as Microsoft account https://docs.microsoft.com/en-us/azure/app-service/appservice-mobile-how-to-configure-microsoft-authentication Facebook https://docs.microsoft.com/en-us/azure/app-service/appservice-mobile-how-to-configure-facebook-authentication 17 of 31
Google https://docs.microsoft.com/en-us/azure/app-service/appservice-mobile-how-to-configure-google-authentication Yahoo https://docs.microsoft.com/en-us/azure/app-service/appservice-authentication-overview Azure AD B2C and Azure AD B2B https://docs.microsoft.com/en-us/azure/active-directoryb2c/active-directory-b2c-overview Design mobile apps using AAD B2C or AAD B2B https://docs.microsoft.com/en-us/azure/active-directory/ active-directory-b2b-what-is-azure-ad-b2b 4.3 Design a data security solution for Azure Services : 18 of 31
Azure Storage encryption https://docs.microsoft.com/en-us/azure/storage/common/ storage-service-encryption Azure Disk Encryption https://docs.microsoft.com/en-us/azure/security/azuresecurity-disk-encryption Azure SQL Database security capabilities https://docs.microsoft.com/en-us/azure/sql-database/sqldatabase-security-overview Azure Key Vault https://docs.microsoft.com/en-us/azure/key-vault/ Design for protecting secrets in ARM templates using Azure Key Vault https://docs.microsoft.com/en-us/azure/azure-resourcemanager/resource-manager-keyvault-parameter Design for protecting application secrets using Azure Key Vault https://docs.microsoft.com/en-us/rest/api/keyvault/aboutkeys--secrets-and-certificates 19 of 31
Design a solution for managing certificates using Azure Key Vault https://docs.microsoft.com/en-us/rest/api/keyvault/aboutkeys--secrets-and-certificates Design solutions that use Azure AD Managed Service Identity https://docs.microsoft.com/en-us/azure/active-directory/ msi-overview 4.4 Design a mechanism of governance and policies for administering Azure resources Azure RBAC standard roles and custom roles https://docs.microsoft.com/en-us/azure/active-directory/ role-based-access-built-in-roles https://docs.microsoft.com/en-us/azure/active-directory/ role-based-access-control-custom-roles Define an Azure RBAC strategy https://docs.microsoft.com/en-us/azure/active-directory/ role-based-access-control-what-is Azure resource policies https://docs.microsoft.com/en-us/azure/azure-resourcemanager/resource-manager-policy 20 of 31
Azure AD Privileged Identity Management https://docs.microsoft.com/en-us/azure/active-directory/ active-directory-privileged-identity-managementconfigure Design solutions that use Azure AD Managed Service Identity https://docs.microsoft.com/en-us/azure/active-directory/ msi-overview HSM-backed keys https://docs.microsoft.com/en-us/azure/key-vault/keyvault-hsm-protected-keys 4.5 Manage security risks by using an appropriate security solution Identify, assess, and mitigate security risks by using Azure Security Center https://docs.microsoft.com/en-us/azure/security-center/ 21 of 31
Operations Management Suite Security, Audit solutions, and other services https://docs.microsoft.com/en-us/azure/operationsmanagement-suite/oms-security-data-security Azure AD Identity Protection https://docs.microsoft.com/en-us/azure/active-directory/ active-directory-identityprotection Advanced Threat Detection https://docs.microsoft.com/en-us/azure/security/azurethreat-detection Determine an appropriate endpoint protection strategy https://docs.microsoft.com/en-us/azure/security-center/ security-center-install-endpoint-protection 5. Design Solutions by using Platform Services (10 15%) https://www.linkedin.com/learning/microsoft-azuredesign-advanced-applications?u=2125562 5.1 Design for Artificial Intelligence Services 22 of 31
the appropriate cognitive services https://docs.microsoft.com/en-us/ azure/#pivot=products&panel=cognitive Azure Bot Service https://docs.microsoft.com/en-us/bot-framework/azurebot-service-overview Azure Machine Learning https://docs.microsoft.com/en-us/azure/machine-learning/ preview/...and other categories that fall under cognitive AI 5.2 Design for IoT 23 of 31
Stream Analytics https://docs.microsoft.com/en-ca/azure/stream-analytics/ IoT Hubs https://docs.microsoft.com/en-ca/azure/iot-hub/ Event Hubs https://docs.microsoft.com/en-ca/azure/event-hubs/ Real-time analytics Time Series Insights https://docs.microsoft.com/en-ca/azure/time-seriesinsights/ IoT Edge https://azure.microsoft.com/en-ca/campaigns/iot-edge/ 24 of 31
Notification Hubs https://docs.microsoft.com/en-ca/azure/notification-hubs/ Event Grid https://docs.microsoft.com/en-us/azure/event-grid/ overview...and other categories that fall under IoT 5.3 Design messaging solution architectures Design a messaging architecture https://docs.microsoft.com/enus/azure/architecture/patterns/category/messaging 25 of 31
Azure Queue Storage https://docs.microsoft.com/en-us/azure/storage/queues/ storage-dotnet-how-to-use-queues Azure Service Bus https://docs.microsoft.com/en-us/azure/service-busmessaging/service-bus-fundamentals-hybrid-solutions Azure Event Hubs https://docs.microsoft.com/en-us/azure/event-hubs/eventhubs-what-is-event-hubs Event Grid https://docs.microsoft.com/en-ca/azure/notification-hubs/ Azure Relay https://docs.microsoft.com/en-us/azure/service-bus-relay/ relay-what-is-it Azure Functions https://docs.microsoft.com/en-us/azure/azure-functions/ 26 of 31
Azure Logic Apps https://docs.microsoft.com/en-us/azure/logic-apps/logicapps-what-are-logic-apps Design a push notification strategy for mobile apps https://docs.microsoft.com/en-us/azure/notification-hubs/ notification-hubs-push-notification-overview Design for performance 5.4 Design for media service solutions Define solutions using: Azure Media Services 27 of 31
Video indexer https://docs.microsoft.com/en-us/azure/cognitiveservices/video-indexer/video-indexer-overview Video API https://docs.microsoft.com/en-us/azure/cognitiveservices/video/home Computer Vision API https://docs.microsoft.com/en-us/azure/cognitiveservices/computer-vision/ Preview...and other media related services 6. Design for Operations (10 15%) https://www.linkedin.com/learning/microsoft-azuredesign-a-management-monitoring-and-businesscontinuity-strategy?u=2125562 28 of 31
6.1 Design an application monitoring and alerting strategy Determine the appropriate Microsoft products and services for monitoring applications on Azure Define solutions for analyzing logs and enabling alerts using Azure Log Analytics https://docs.microsoft.com/en-ca/azure/log-analytics/ Define solutions for analyzing performance metrics and enabling alerts using Azure Monitor https://docs.microsoft.com/en-us/azure/monitoring-anddiagnostics/monitoring-overview-azure-monitor Define a solution for monitoring applications and enabling alerts using Application Insights https://docs.microsoft.com/en-ca/azure/applicationinsights/ 6.2 Design a platform monitoring and alerting strategy 29 of 31
Determine the appropriate Microsoft products and services for monitoring Azure platform solutions Define a monitoring solution using: Azure Health https://docs.microsoft.com/en-ca/azure/service-health/ Azure Advisor https://docs.microsoft.com/en-ca/azure/advisor/ Activity Log https://docs.microsoft.com/en-us/azure/monitoring-anddiagnostics/monitoring-overview-activity-logs Define a monitoring solution for Azure Networks using Log Analytics and Network Watcher service https://docs.microsoft.com/en-us/azure/log-analytics/loganalytics-azure-networking-analytics https://docs.microsoft.com/en-ca/azure/network-watcher/ 30 of 31
Monitor security with Azure Security Center https://docs.microsoft.com/en-us/azure/security-center/ security-center-intro 6.3 Design an operations automation strategy : Azure Automation https://docs.microsoft.com/en-us/azure/automation/ automation-intro Chef https://docs.microsoft.com/en-us/azure/virtual-machines/ windows/chef-automation Puppet https://azure.microsoft.com/en-ca/resources/videos/ puppet-bringing-devops-to-the-enterprise/ 31 of 31
PowerShell https://docs.microsoft.com/en-us/azure/automation/ automation-first-runbook-textual-powershell Desired State Configuration (DSC) https://docs.microsoft.com/en-us/azure/automation/ automation-dsc-getting-started Event Grid https://docs.microsoft.com/en-us/azure/event-grid/ Azure Logic Apps https://docs.microsoft.com/en-us/azure/logic-apps/ Define a strategy for autoscaling Define a strategy for enabling periodic processes and tasks http://blog.paraleap.com/post/2011/05/23/auto-scalingstrategies-in-the-cloud https://docs.microsoft.com/en-us/azure/connectors/connectorsnative-recurrence 32 of 31