My notes on the AZ-301 certification Exam
The AZ-301 is one of the two required exams to achieve the Azure Solutions Architect Expert certification.
Contrary to the AZ-300 which has lab based exercises on the actual Azure portal this one is scenario based with multiple options questions. Similar to the old MCSE certification exams.
That doesn’t make it easy, again. If the person is not familiar with Azure, no luck. There must be theoretical and practical experience to pass it.
Looking at the official guide which can be found here: https://www.microsoft.com/en-us/learning/azure-solutions-architect.aspx – There’s plenty of questions related to, at least in my exam:
- Identity
- create and configure storage account
- manage access keys
- implement Azure storage replication
Create and configure a Virtual Machine (VM) for Windows and Linux
- configure high availability
- configure monitoring, networking, storage, and virtual machine size
- deploy and configure scale sets
Automate deployment of Virtual Machines (VMs)
- Modify Azure Resource Manager template
- configure location of new VMs
- configure VHD template
- deploy from template
- save a deployment as an Azure Resource Manager template
- deploy Windows and Linux VMs
Implement and manage hybrid identities
Manage Azure Active Directory (AD)
- add custom domains
- configure Azure AD Identity Protection, Azure AD Join, and Enterprise State Roaming
- configure self-service password reset
- implement conditional access policies
Create connectivity between virtual networks
- create and configure VNET peering
- create and configure VNET to VNET
Note: Make sure you understand why on-premise IP addressing must be different to the one in an Azure tenant
Migrate servers to Azure
- migrate by using Azure Site Recovery
- migrate using P2V
- configure storage
- create a backup vault
- prepare source and target environments
- backup and restore data
- deploy Azure Site Recovery agent
Configure serverless computing
- manage a Logic App resource
- manage Azure Function app settings
- manage Event Grid
- manage Service Bus
Note: Get to understand the differences between the Service Bus and the Event Grid
Design and develop apps that run in containers
- configure diagnostic settings on resources
- create a container image by using a Docker file
- create an Azure Kubernetes Service
- publish an image to the Azure Container Registry
Note: Make sure to understand well the current container offering in the platform. It’s not a big topic with many questions but when to use which service is fundamental.
Create and deploy apps
Create web apps by using PaaS
Note: Have a clear understanding of what a webjob is and when would you use one.
- implement OAuth2 authentication
Note: What OAuth2 is and what scenarios have a need of it
Implement secure data solutions
- encrypt and decrypt data at rest and in transit
- encrypt data with Always Encrypted
Note: Understand when yo use encryption in storage accounts and SQL PaaS
- recommend recovery objectives (e.g., Azure, on-prem, hybrid, Recovery Time Objective (RTO), Recovery Level Objective (RLO), Recovery Point Objective (RPO))
Note: Understand the SLAs of the services covered in the exam: VM’s, Scale Sets, Availability Sets, SQL PaaS, Storage accounts, Traffic Manager, Application Gateway
Also, Understand why the Azure Application Gateway can be used as a reverse proxy
I studied over 6-8 hours a week during a month, 40 hours to prepare this exam on top of the experience worked for me.