Microsoft Exam 70-535 (Architecting Microsoft Azure Solutions) in a nutshell!- Key topics Secure Resources

These are the sub-topics that you have to cover in the Secure Resources topic of exam Exam 70-535 (Architecting Microsoft Azure Solutions). This sub-topic should cover 20%-25% of the exam.

For the complete list of the seven topics, please refer to the first post of this series :

That is entitled: Microsoft Exam 70-535 (Architecting Microsoft Azure Solutions) in a nutshell!

•       Design an identity solution

•       Design AD Connect synchronization; design federated identities using Active Directory Federation Services (AD FS); design solutions for Multi-Factor Authentication (MFA); design an architecture using Active Directory on-premises and Azure Active Directory (AAD); determine when to use Azure AD Domain Services; design security for Mobile Apps using AAD

•       Secure resources by using identity providers

•       Design solutions that use external or consumer identity providers such as Microsoft account, Facebook, Google, and Yahoo; determine when to use Azure AD B2C and Azure AD B2B; design mobile apps using AAD B2C or AAD B2B

•       Design a data security solution

•       Design data security solutions for Azure services; determine when to use Azure Storage encryption, Azure Disk Encryption, Azure SQL Database security capabilities, and Azure Key Vault; design for protecting secrets in ARM templates using Azure Key Vault; design for protecting application secrets using Azure Key Vault; design a solution for managing certificates using Azure Key Vault; design solutions that use Azure AD Managed Service Identity

•       Design a mechanism of governance and policies for administering Azure resources

•       Determine when to use Azure RBAC standard roles and custom roles; define an Azure RBAC strategy; determine when to use Azure resource policies; determine when to use Azure AD Privileged Identity Management; design solutions that use Azure AD Managed Service Identity; determine when to use HSM-backed keys

•       Manage security risks by using an appropriate security solution

•       Identify, assess, and mitigate security risks by using Azure Security Center, Operations Management Suite Security and Audit solutions, and other services; determine when to use Azure AD Identity Protection; determine when to use Advanced Threat Detection; determine an appropriate endpoint protection strategy 

Microsoft Exam 70-535 (Architecting Microsoft Azure Solutions) in a nutshell!- Key topics of Design-Azure-Resource-Manager-ARM-Networking

These are the sub-topics that you have to cover in the Design-Azure-Resource-Manager-ARM-Networking topic of exam Exam 70-535 (Architecting Microsoft Azure Solutions). This sub-topic should cover 5-10% of the exam.

For the complete list of the seven topics, please refer to the first post of this series :

That is entitled: Microsoft Exam 70-535 (Architecting Microsoft Azure Solutions) in a nutshell!

• Design Azure virtual networks

•Design solutions that use Azure networking services: design for load balancing using Azure Load Balancer and Azure Traffic Manager; define DNS, DHCP, and IP strategies; determine when to use Azure Application Gateway; determine when to use multi-node application gateways, Traffic Manager and load balancers

•

• Design external connectivity for Azure Virtual Networks

•Determine when to use Azure VPN, ExpressRoute and Virtual Network Peering architecture and design; determine when to use User Defined Routes (UDRs); determine when to use VPN gateway site-to-site failover for ExpressRoute 

•

• Design security strategies

•Determine when to use network virtual appliances; design a perimeter network (DMZ); determine when to use a Web Application Firewall (WAF), Network Security Group (NSG), and virtual network service tunneling

•

• Design connectivity for hybrid applications

•Design connectivity to on-premises data from Azure applications using Azure Relay Service, Azure Data Management Gateway for Data Factory, Azure On-Premises Data Gateway, Hybrid Connections, or Azure Web App’s virtual private network (VPN) capability; identify constraints for connectivity with VPN; identify options for joining VMs to domains

Microsoft Exam 70-535 (Architecting Microsoft Azure Solutions) in a nutshell!

Many People are asking  and searching for the new Microsoft Exam 70-535: 

Architecting Microsoft Azure Solutions that is still in A version and B is still not released.

Few important points to know:

• In its current version is coming in one only language which is English. 
• The exam is coming is an adaptive exam that comes with couple of cases and each cases has some applied questions. Your answers to one case determine the next case you get.
• Based on being an adaptive exam, means that once you leave one case you will not be able to return it back. This applies because the second case has been decided based on the answers of the previous case so, changing the answers of the first case may lead to changing the second case that you already have answered already which could create a lot of miss during the exam. that is why, this is already disabled and not possible initially.
• The exam is based on seven pillars of knowledge. Here are they and some key points under each of them:

• Design Azure Resource Manager (ARM) networking.

• Secure Resources.

• Design an application storage and data access strategy.

• Design advanced applications.

• Design Azure Web and Mobile Apps.

• Design a management, monitoring, and business continuity strategy.

• Architect an Azure Compute infrastructure.

Please note that The exam 70-534 includes main 6 topics. The 70-535 includes 7 topics. The main topics are different.

The 70-535 includes more features to study like CosmosDB, DMZ, WAF, AAD, Azure Key Vault, Event Grid and more.

in the The following posts I will speak about the content topics that you should be aware of in each of the seven pillar topics.