7/26/2019 70-534_OD

1/3

Exam 70-534: Architecting Microsoft Azure Solutions

The Microsoft Azure environment is constantly evolving. This document includes the most recent updates to

Exam 70-534 that address both deprecated and new technologies and processes. These changes are effective

as of March 10, 2016.

Skills measured

1. Design Microsoft Azure Infrastructure and Networking (15-20%)

1.1. Describe how Azure uses Global Foundation Services (GFS) datacenters

Understand Azure datacenter architecture, regional availability, and high availability

1.2. Design Azure virtual networks, networking services, DNS, DHCP, and IP addressing configuration

Extend on-premises Active Directory, deploy Active Directory, define static IP reservations, understand Network

Security Groups; design resource groups

1.3. Design Azure compute

Design Azure virtual machines (VMs) and VM architecture for IaaS and PaaS; understand availability sets, fault

domains, and update domains in Azure; differentiate between machine classifications

1.4. Describe Azure VPN and ExpressRoute architecture and design

Describe Azure P2S and S2S VPN, understand the architectural differences between Azure VPN and

ExpressRoute

1.5. Describe Azure services

Understand at a high level Azure Load Balancing options, including Traffic Manager, Azure Media Services,CDN, Azure Active Directory (Azure AD), Azure Cache, Multi-Factor Authentication, and Service Bus

2. Secure Resources (15-20%)

2.1. Secure resources by using managed identities

Describe the differences between Active Directory on-premises and Azure AD, programmatically access Azure

AD using Graph API, secure access to resources from Azure AD applications using OAuth and OpenID Connect

2.2. Secure resources by using hybrid identities

Use SAML claims to authenticate to on-premises resources, describe DirSync synchronization, implement

federated identities using Active Directory Federation Services (AD FS)

2.3. Secure resources by using identity providers

Provide access to resources using identity providers such as Microsoft account, Facebook, Google, and Yahoo;

manage identity and access by using Azure Active Directory B2C

2.4. Identify an appropriate data security solution

Use the appropriate Network Security Group, identify security requirements for data in transit and data at rest;

identify, assess, and mitigate security risks by using Azure Operations Management Suite

7/26/2019 70-534_OD

2/3

2.5. Design a role-based access control strategy

Secure resource scopes such as the ability to create VMs and Azure WebsitesWeb Apps

3. Design an Application Storage and Data Access Strategy (15-20%)

3.1. Design data storage

Design storage options for data including Table Storage, SQL Database, DocumentDB, Blob Storage, MongoDB

and MySQL, design security options for SQL Database or Azure Storage; identify the appropriate VM type and

size for a solution

3.2. Design applications that use mobile services Mobile Apps

Create Azure Mobile Services, consume Mobile ServicesApps from cross-platform clients, integrate offline sync

capabilities into an application, extend MobileServices Apps using custom code, implement Mobile Services

Apps using Microsoft .NET or Node.js, secure Mobile Services Apps using Azure AD

3.3. Design applications that use notifications

Implement push notification services in Mobile Services Apps, send push notifications to all subscribers, specificsubscribers, or a segment of subscribers

3.4. Design applications that use a web API

Implement a custom web API, scale using Azure WebsitesWeb Apps, offload long-running applications using

WebJobs, secure a web API using Azure AD

3.5. Design a data access strategy for hybrid applications

Connect to on-premises data from Azure applications using Service Bus Relay, Biztalk Hybrid Connections, or

Azure Web Apps virtual private network (VPN) capability, identify constraints for connectivity with VPN,

identify options for joining VMs to domains or cloud services

3.6.

Design a media solution

Describe Media Services, understand key components of Media Services including streaming capabilities, video

on-demand capabilities, and monitoring services

4. Design an Advanced Application (15-20%)

4.1. Create compute-intensive applications

Design high-performance computing (HPC) and other compute-intensive applications using Azure Services

4.2. Create long-running applications

Implement worker roles for scalable processing, design stateless components to accommodate scale

4.3. Select the appropriate storage option

Use a queue-centric pattern for development, select the appropriate storage for performance, identify storage

options for cloud services and hybrid scenarios with compute on-premises and storage on Azure, differentiate

between cloud services and VMs interacting with Azure Storage and SQL Database

4.4. Integrate Azure services in a solution

Identify the appropriate use of Azure Machine Learning, Big Data, AzureMedia Services, and AzureSearch

services

7/26/2019 70-534_OD

3/3

5. Design Azure WebsitesWeb Apps(15-20%)

5.1. Design Azure WebsitesWeb Apps for scalability and performance

Globally scale Azure WebsitesWeb Apps, create Azure WebsitesWeb Apps using Microsoft Visual Studio,

debug Azure WebsitesWeb Apps, understand supported languages, differentiate between Azure Websites

Web Apps to VMs and cloud services

5.2. Deploy Azure WebsitesWeb Apps

Implement Azure Site Extensions, create packages, Hosting plansApp service plans, deployment slots, resource

groups, publishing options, Web Deploy, and FTP locations and settings

5.3. Design Azure WebsitesWeb Apps for business continuity

Scale up and scale out using Azure WebsitesWeb Apps and SQL Database, configure data replication patterns,

update Azure WebsitesWeb Apps with minimal downtime, back up and restore data, design for disaster

recovery, deploy Azure WebsitesWeb Apps to multiple regions for high availability, design the data tier

6. Design a Management, Monitoring, and Business Continuity Strategy (15-20%)

6.1. Evaluate hybrid and Azure-hosted architectures for Microsoft System Center deployment

Understand at an architectural level which components are supported in Azure; describe design considerations

for managing Azure resources with System Center; understand which scenarios would dictate a hybrid scenario

6.2. Design a monitoring strategy

Identify the Microsoft products and services for monitoring Azure solutions; understand the capabilities of

System Center for monitoring an Azure solution, understand built-in Azure capabilities, identify third-party

monitoring tools including open source; describe use cases for Operations Manager, Global Service Monitor,

and Application Insights; describe the use cases for Windows Software Update Services (WSUS), Configuration

Manager, and custom solutions, describe the Azure architecture constructs such as availability sets and update

domains and how they impact a patching strategy; analyze logs by using the Azure Operations Management

Suite

6.3. Describe business continuity/disaster recovery (BC/DR) by using Azure

Understand the architectural capabilities of BC/DR, describe Hyper-V Replica and Azure Site Recovery (ASR),

describe use cases for Hyper-V Replica and ASR

6.4. Design a disaster recovery strategy

Design and deploy Azure Backup and other Microsoft backup solutions for Azure; understand use cases when

StorSimple and System Center Data Protection Manager would be appropriate; design and deploy Azure Site

recovery

6.5. Design Azure Automation and PowerShell workflows

Create a PowerShell script specific to Azure; automate tasks by using the Azure Operations Management Suite

6.6. Describe the use cases for Azure Automation configuration

Understand when to use Azure Automation, Chef, Puppet, PowerShell, or Desired State Configuration (DSC)