Archives de la catégorie ‘Azure Certifications’

[Azure New Certification 2020 !] AZ-304 Microsoft Azure Architect Design

Publié: 18/02/2020 dans Azure Certifications, Azure Training, Microsoft Azure
Tags:, , , , , , , ,
0

Introduction

Le nouvel examen de certification AZ-304 Microsoft Azure Architect Design vous permet de tester et valider vos compétences/votre expertise en tant que « Architecte Solutions Azure | Azure Solutions Architect ».

Note importante : l’examen AZ-304 n’est pas encore disponible, et sera disponible officiellement à partir de Mars/Avril 2020. Il remplacera l’examen de certification AZ-301 (Microsoft Azure Architect Design). Consultez cette page pour en savoir plus.

 

Publics concernés cette nouvelle Certification ?

La certification AZ-304 « Microsoft Azure Architecture Design » est destinée aux Architectes Cloud /Architectes Azure /Architectes Solutions Azure intervenant sur des projets d’Audit /Conseil /Design /Architecture /Sécurisation d’infrastructures Azure.

Lors de cet examen, vous serez évaluez sur un ensemble de compétences (transverses) dans les domaines suivants :

  • Administration Azure
  • Développement Azure
  • DevOps.

Il est recommandé d’avoir des connaissances solides (Expert Level) dans au moins un de ces 3 domaines d’expertise.

 

Objectifs de l’examen de certification AZ-304

La liste des domaines de compétences /services /composants Azure sur lesquels vous serez évaluez lors de l’examen de certification AZ-304 est détaillée ci-dessous. Le % de chaque domaine de compétences représente le nombre de questions pendant l’examen :

 

Design Monitoring (10-15%)
  • Design for cost optimization
    • recommend a solution for cost management and cost reporting
    • recommend solutions to minimize costs
  • Design a solution for logging and monitoring
    • determine levels and storage locations
    • plan for integration with monitoring tools including Azure Monitor and Azure Sentinel
    • recommend appropriate monitoring tool(s) for a solution
    • choose a mechanism for event routing and escalation
    • recommend a logging solution for compliance requirements
    • NOTE: resource-specific monitoring. This objective should ONLY cover the all-up holistic monitoring strategy

 

Design Identity and Security (25-30%)
  • Design authentication
    • recommend a solution for single-sign on
    • recommend a solution for authentication
    • recommend a solution for Conditional Access, including multi-factor authentication
    • recommend a solution for network access authentication
    • recommend a solution for a hybrid identity including Azure AD Connect and Azure AD Connect Health
    • recommend a solution for user self-service
    • recommend and implement a solution for B2B integration
    • NOTE: federation with ADFS
  • Design authentication
    • choose an authentication approach
    • recommend a hierarchical structure that included management groups, subscriptions and resource groups
    • recommend an access management solution including RBAC policies, access reviews, Privileged Identity Management (PIM), Azure AD Identity Protection, Just In Time (JIT) access
  • Design governance
    • recommend a strategy for tagging
    • recommend a solution for using Azure Policy
    • recommend a solution for using Azure Blueprint
  • Design security for applications
    • recommend a solution that included KeyVault
      • what can be stored in KeyVault
      • KeyVault operations
      • KeyVault regions
    • recommend a solution that includes Azure AD Management Identities
    • recommend a solution for integrating applications into Azure AD

 

Design Data Storage (15-20%)
  • Design a solution for databases
    • select an appropriate data platform based on requirements
    • recommend database service tier sizing
    • recommend a solution for database scalability
    • recommend a solution for encrypting data at rest, data in transmission, and data in use
    • NOT: data caching
    • NOT: MariaDB, PostgreSQL, MySQL
  • Design data integration
    • recommend a data flow to meet business requirements
    • recommend a solution for data integration, including Azure Data Factory, Azure Databricks, Azure Data Lake, Azure Synapse Analytics
  • Select an appropriate storage account
    • choose between storage tiers
    • recommend a storage access solution
    • recommend storage management tools

 

Design Business Continuity (10-15%)
  • Design a solution for backup and recovery
    • recommend a recovery solution for Azure hybrid and on-premises workloads that meets recovery objectives (RTO, RLO, RPO)
    • design an Azure Site Recovery solution
      • recommend a site recovery replication policy
      • recommend a solution for site recovery capacity
      • recommend a solution for site failover and fallback (planned / unplanned)
      • recommend a solution for the site recovery network
    • recommend a solution for recovery in different regions
    • recommend a solution for Azure Backup management
    • design a solution for data archiving and retention
      • recommend storage types and methodology for data archiving
      • identify business compliance requirements for data archiving
      • identity requirements for data archiving
      • identify SLA(s) for data archiving
      • recommend a data retention policy
  • Design for high availability
    • recommend a solution for application and workload redundancy, including compute, database, and storage
    • recommend a solution for autoscaling
    • identify resources that require high availability
    • identify storage types for high availability
    • recommend a solution for geo-redundancy of workloads

 

Design Infrastructure (25-20%)
  • Design a compute solution
    • recommend a solution for compute provisioning
    • determine appropriate compute technologies, including virtual machines, App Services, Service Fabric, Azure Functions, Windows Virtual Desktop, and containers
    • recommend a solution for containers
      • AKS versus ACI and the configuration of each one
    • recommend a solution for automating compute management
    • NOT: monitoring, backups, recovery, availability, security, storage; VMWare
  • Design a network solution
    • recommend a solution for network addressing and name resolution
    • recommend a solution for network provisioning
    • recommend a solution for network security
      • private endpoints
      • firewalls
      • gateways
      • etc.
    • recommend a solution for network connectivity to the Internet, on-premises networks, and other Azure virtual networks
    • recommend a solution for automating network management
    • recommend a solution for load balancing and traffic routing
  • Design an application architecture
    • recommend a microservices architecture including Event Grid, Event Hubs, Service Bus, Storage Queues, Logic Apps, Azure Functions, and webhooks
    • recommend an orchestration solution for deployment of applications including ARM templates, Logic Apps, or Azure Functions
      • select an automation method
      • choose which resource or lifecycle steps will be automated
      • design integration with other sources such as an ITSM solution
      • recommend a solution for monitoring automation
    • recommend a solution for API integration
      • design an API gateway strategy
      • determine policies for internal and external consumption for APIs
      • recommend a hosting structure for API management
      • recommend when and how to use API Keys
  • Design migrations
    • assess and interpret on-premises servers, data, and applications for migration
    • recommend a solution for migrating applications and VMs
    • recommend a solution for migration of databases
      • determine migration scope, including redundant, related, trivial, and outdated data

 

Pour afficher la liste complète des objectifs de l’examen, veuillez consulter le PDF officiel des objectifs de l’examen AZ-301 de Microsoft. Actuellement, il est publié dans le même document que les objectifs AZ-301, jusqu’à la sortie officielle de l’examen AZ-304 prévue fin Mars /début Avril 2020.

 

Cours /Formations pour Azure Architect Design AZ-304

Comme mentionné précédemment, l’examen de certification AZ-304 verra le jour qu’à partir de fin Mars /début Avril 2020, aucune formation /guide de préparation n’est dipsonible au moment de la rédaction du présent post.

Je publierai (courant les mois à venir) un autre post avec tous les liens utiles /cours /formations pouvant vous aider à préparer cette nouvelle certification Azure.

 

A bientôt,