az-305-topics

View project on GitHub

AZ-305 Discussion Topics

Table of contents

Total number of questions: 331

01 - Design a governance solution (Learn module)

Governance (Unit)

whiteboard

  1. What is governance and why is it important? [doc]
    • Who would be asking for this in your company?
    • At which moment in time would you think about implementing governance?
    • What if you don’t implement it?
  2. How can you organize your resources? [doc]
  3. Where should I apply permissions for people to manage resources? [doc]
    • Think again about the hierarchy. Should your DBA be given permissions at the top of the management groups, or rather at the individual SQL databases?
    • What are the pro’s and con’s?

Management Groups (Unit)

whiteboard

  1. What are management groups and why should you consider implementing them? [doc]
  2. How many levels can management groups support? [doc]
    • Does it include the tenant root level?
  3. Should you go for a deeply nested hierarchy, or for a reasonably flat one? Why? [doc]
  4. Why should you consider a top-level management group? [doc]
  5. How would you organize your management groups? [doc]
    • By department/geography/product line/…
  6. How do you protect your management groups so that not everyone can create/update them? [doc]
    • Who can create them?
    • Who can assign a subscription to a management group?
    • Can I as a subscription owner move my subscription to another management group (and circumvent certain policies)?

Subscriptions (Unit)

whiteboard

  1. What is an Azure Subscription? [doc]
  2. How many subscriptions do you need across your organization? [doc]
    • Would you need one, or multiple?
  3. Who is responsible for paying the subscription?
    • Somebody’s got to pay $$$
    • Do you have agreement with key business stakeholders and are they willing to pay for the services?
  4. Which offer do I choose for my subscription? [doc]
    • Different customers, different prices…
  5. Are there any scale limits to my subscriptions? [doc]
    • Could be a reason to go for multiple subscription. Do you know which limits exists at the level of a subscription?
  6. I need to deploy 30000 VMs. How many subscriptions do I need?
    • Can you find the answer in the docs?
    • What would be your advice?
  7. Should my organization go for a centralized vs decentralized approach? [doc]
    • Who will be managing these subscriptions and resources within it?
    • Central IT or decentralize and let the business be agile?
    • Will you put everything under an enterprise agreement?
  8. We want to enforce common policies and role assignments across many subscriptions. What should we do? [doc]
  9. My developers want to setup sandboxes so they can experiment, but we want to isolate them from the production environment. What should we consider? [doc]
    • Developers! Developers! Developers!
    • It works on my machine!

Resource groups (Unit)

whiteboard

  1. What is a resource group? [doc]
  2. How should I group resources? (by type, location, workload, billing, department, lifecycle, …) [doc]
  3. I have a resource group in WESTEU. Can I deploy resources in NORTHEU? [doc]
    • Can I prevent his?
  4. Can I move resources between resource groups? [doc] [doc]
    • In case it’s not possible, what would be my approach?
  5. Can I nest resource groups?
    • Would this make sense to you?
  6. Can I deploy a resource in multiple resource groups?
    • for example - Azure Traffic Manager…
  7. Should I apply permissions and at what level?
    • Your DBA should get access to all SQL Databases. At which level or you going to assign RBAC?
    • What role?
    • Will you need a custom role?
  8. I don’t want anyone to delete my central Azure Firewall. What can I do? [doc]
    • Deleting my Azure Firewall would make my whole environment pretty useless!

Resource tags? (Unit)

whiteboard

  1. What’s the purpose of resource tags? [doc]
  2. How many tags can I apply to a resource? [doc]
    • What’s the maximum?
    • Should you go for the maximum?
  3. If I apply a tag at the level of a resource group, will it inherit down to the individual resource? [doc]
    • In case the answer is no, what would be the recommended solution?
  4. Can you come up with some examples where you could leverage tags on resources? [doc]
    • functional, classification, accounting, partnership, purpose
    • how could this fit in your company setup?
  5. Will you implement a chargeback or show back accounting system?
    • Will you need to associate resources with accounting information for departments, business groups, and teams in more detail than a simple subscription-level breakdown allows?
  6. Does tagging need to represent details such regulatory compliance requirements for a resource?
    • What about operational details such as uptime requirements, patching schedules, or security requirements?
  7. What can I do to enforce tagging [doc]
    • eg - cost center is required!
  8. Are there resources which do not support tagging? [doc]
    • Can you find one in the documentation?
  9. What tags will be required for all resources based on centralized IT policy? [doc]
    • What tags will be optional?
    • Are individual teams allowed to implement their own custom tagging schemes?

Azure Policy (Unit)

whiteboard

  1. What is an Azure Policy? [doc]
  2. At what level should you apply an Azure Policy? [doc]
    • Can you apply this to an individual resource?
  3. I have multiple Azure Policies to enforce. Any recommendations? [doc] [doc]
  4. When are Azure Policies evaluated? [doc] [doc] [doc]
    • Timing is everything!
  5. What should happen when the resource is not compliant against the policy? What are my options? [doc]
  6. Can I automatically remediate the resource to become compliant? [doc] [doc] [doc]
    • What technology could I use to support the remediation?
    • What do I need to think about?

RBAC (Role Based Access Control) (Unit)

whiteboard

  1. Who should I give access, and at what level? [doc]
    • Think again about the Database Administrator in your company.
    • Should everyone be an owner/contributor?
  2. Should I assign roles to users or groups? [doc]
    • How would this make my life easier?
  3. Should everyone be an owner/contributor? [doc]
    • Can I explicitly deny access?
    • I don’t trust my colleagues ;-)
  4. When should you create a custom role? [doc] [doc]
    • Azure has hundreds of roles out of the box…
  5. What happens if roles are overlapping? [doc]
    • I got assigned permissions at different levels… Now what?
  6. How to allow some users to control the virtual machines in an environment but prevent them from modifying networking and other resources in the same resource group or Azure subscription?
  7. Can you assign a role to a non-user? (aka service account?) [doc]
    • I want to make use of GitHub actions and automate the deployment of ARM templates…
  8. How does Azure Policy differ from RBAC? [doc]
    • What’s the purpose of each of these?

Azure Blueprints (Unit)

whiteboard

  1. What is an Azure Blueprint and why would I consider this? [doc]
  2. What elements are part of an Azure Blueprint?
    • Can I / Should I include ARM templates?
    • Are there alternatives?
  3. How do we enforce compliance? [doc]

02 - Design a compute solution (Learn module)

whiteboard

Virtual Machines (Unit)

whiteboard

  1. What could be reasons to choose for Virtual Machines instead of PaaS services? [doc]
  2. Who is responsible for your VM? Microsoft or the customer? [doc]
  3. Can you run any VM in any region? What about pricing? [doc]
  4. I need to run a database. Which VM size should I use? [doc]
  5. Managed disks versus unmanaged disks? [doc] [doc] [doc]
  6. I need to set up a Linux server with an Apache web server, a MySQL Database and PHP installed already on it. What are my options? [doc] [doc]
  7. Why should I consider creating my own disk images? [doc] [doc]

Virtual Machine Scale Sets (Unit)

whiteboard

  1. What are Virtual Machine Scale Sets? [doc]
  2. My VM Scale Set needs high availability. What are my options? [doc]
  3. I need to deploy my application to VM Scale Set. What are my options? [doc] [doc]

Azure Batch (Unit)

whiteboard

  1. What is Azure Batch? [doc]
  2. What are some use cases to consider Azure Batch? [doc] [doc] [doc] [doc] [doc]
  3. What is the difference between a batch Pool, Node and Job? [doc] [doc]

Azure App Service (Unit)

whiteboard

  1. What is it that I pay for with an Azure App Service? [doc] [doc]
  2. Why would I consider deployment slots? [doc]
  3. My developers have difficulties implementing authentication and authorization. Can App Service provide this capability? [doc]
  4. I want to run a web app implemented in Go (Golang) in Azure App Service but find out that this language is not supported. What are my options? [doc]
  5. What are WebJobs? Why would I use these or should I use something different? [doc] [doc]

Container Instances (Unit)

whiteboard

  1. What are Azure Container Instances and why should I use it? [doc]
  2. When/Why should I NOT use it? [doc] [doc]
  3. What are multi-container groups? [doc]
  4. Why should I consider containers instead of Virtual Machines? (isolation, operating system, deployment, persistent storage, fault tolerance) [doc]
  5. What is a Virtual Kubelet? [doc] [doc]

Azure Kubernetes (Unit)

whiteboard

  1. What is Azure Kubernetes? [doc]
  2. Who needs to manage the Kubernetes cluster? [doc]
  3. What do you pay for? [doc]
  4. Can you deploy multiple Virtual Machine sizes/types? [doc]
  5. What methods exist to scale your application running on AKS? [doc]
  6. How can I isolate certain workloads inside my AKS cluster? [doc] [doc]
  7. What technology can I use when my application requires persistent storage? [doc]
  8. What are 2 ways of synchronizing storage across clusters? [doc] [doc]
  9. Can my application running on AKS connect to on-premise resources? [doc]
  10. I’m concerned about vulnerabilities and outdated base images. What can I do about this? [doc] [doc]
  11. Can I deploy multiple AKS clusters across non-paired regions? [doc]

Azure Functions (Unit)

whiteboard

  1. Why would I consider Azure Functions? Do you have some scenarios? [doc] [doc] [doc]
  2. What do I pay for when using Serverless Functions? [doc]
  3. What are durable functions and why should I consider these? [doc] [doc]
  4. What are the different hosting plans available for Azure Functions and why should I choose for one over the other? [doc]
  5. Why would I consider to use a Premium plan for Azure Functions? [doc]

Logic Apps (Unit)

whiteboard

  1. Why would I consider Logic Apps? Do you have some scenarios? [doc] [doc] [doc] [doc] [doc]
  2. My application requires some complex business rules. Should I use Logic Apps? [doc]
  3. What do I pay for when using Logic Apps? [doc] [doc]
  4. Can I run a Logic App on a separate plan? Why would I do this? [doc]
  5. What are some differences between a Logic App and Durable Functions? [doc]

03 - Design a non-relational data storage solution (Learn module)

Data Storage (Unit)

whiteboard

  1. What is the difference between Structured/Unstructured/Semi-structured? [doc]
  2. What are your options for storing unstructured data in Azure? Why would you choose one over the other? [doc]

Azure Storage (Unit)

whiteboard

  1. When should you NOT choose a Standard General Purpose V2 storage account? [doc]
  2. How many storage accounts do you actually need? What should you consider? [doc]
  3. What does the SLA of 99.9% or 99.99% mean in relation to an Azure Storage account? [doc]
  4. Does replication between data centers and regions happen synchronous? [doc]
  5. Can I read from a secondary region? [doc]
  6. Under what circumstances can you have loss of data, even when replication has been setup? [doc]
  7. Can I switch between replication types? [doc]
  8. Will Microsoft fail over or is the customer who initiates the fail over to another region? [doc]
  9. Why would I consider the cool storage and archive storage tiers? [doc]
  10. How many hours can it take to rehydrate archived blobs? [doc]
  11. Why would I use immutable storage for Azure Storage? [doc] [doc]
  12. What is the difference between time-based retention policies and legal hold policies? [doc] [doc]
  13. Which data sets and policies would be most helpful in your organization?

Azure Files (Unit)

whiteboard

  1. When would you use Azure Files instead of Azure Blob storage? [doc]
  2. Which protocols are supported with Azure Files? [doc]
  3. What is file sync and why do you need it? [doc] [doc]
  4. Which file storage tiers exists and which one would you choose in the following scenarios [doc]
    • You have highly I/O-intensive workloads, with high throughput and low latency
    • You need storage optimized for general purpose file sharing scenarios such as team shares and Azure File Sync
    • You need cost-efficient storage optimized for online archive storage scenarios
    • You have transaction heavy workloads and applications that require file storage and backend storage
  5. Why would I consider Azure NetApp files? [doc] [doc]

Azure Disks (Unit)

whiteboard

  1. Azure offers Ultra-disk, Premium SSD, Standard SSD and Standard HDD disk types. What could be a valid scenario to choose one over the other? [doc]
  2. Why would I consider to change disk caching from None to ReadOnly or Read/Write? How should I configure these when implementing a SQL Server Database? [doc] [doc] [doc] [doc]
  3. Encryption types for Managed Azure Disks includes Azure Disk Encryption (ADE), Server-Side Encryption (SSE) and encryption at host. What’s the difference and should you combine these? [doc]
  4. What is the difference between an image and a snapshot? [doc] [doc]
  5. Can you share multiple disks across VM’s? [doc]
  6. How can you improve performance by implementing multiple disks? [doc]

Storage security (Unit)

whiteboard

  1. Why should I never hand out the Azure Storage Account Key? [doc]
  2. What is a Shared Access Signature and at which level can I create it? [doc]
  3. Should I protect my storage account at the network level? What are my options? [doc] [doc] [doc] [doc]
  4. Can I bring my own encryption key? How granular can I implement this? [doc] [doc] [doc]

04 - Design a data storage solution for relational data (Learn module)

Azure SQL Database (Unit)

whiteboard

  1. Azure SQL Database can be hosted in many ways. What could be my decision criteria? [doc]
  2. What are elastic pools? [doc]
  3. How can Elastic pools help you achieve vertical scaling? [doc]
  4. What is the difference between DTU and the vCore model? [doc] [doc]
  5. When should I consider the serverless compute tier for Azure SQL Database? [doc]
  6. Why would I choose for the Business Critical tier instead of the General Purpose Tier? [doc]
  7. Why would I consider the Hyperscale tier instead of a Dedicated pool in Azure Synapse Analytics? [doc] [doc]
  8. There are 2 types of horizontal scaling - sharding and read-scale-out. [doc] [doc]
  9. Azure SQL Database offers the following capabilities for recovering from an outage. Why would I choose for one over the other? [doc]
    • Active geo-replication
    • Auto-failover groups
    • Geo-restore
    • Zone-redundant databases
  10. What encryption mechanisms should I consider when data is at rest, in motion and in process [doc] [doc] [doc] [doc]
  11. Azure SQL Database supports SQL authencation and Azure Active Directory authentication. Why should I consider AAD authentication? [doc]

Azure SQL Edge (Unit)

whiteboard

  1. When would you consider to use Azure SQL Edge? [doc] [doc]
  2. What technology do you need to deploy Azure SQL Edge on? [doc] [doc]

Azure Cosmos DB (Unit)

  1. When would you consider to use Azure Cosmos DB? [doc] [doc]
  2. Table data can be stored as part of Azure Table Storage or inside Azure Cosmos DB. Why would you chose one over the other? [doc]
  3. How can you manage performance of an Azure Cosmos DB? [doc] [doc]

05 - Design a data integration solution (Learn module)

Azure Data Factory (Unit)

whiteboard

  1. Why would you consider Azure Data Factory over SSIS (SQL Server Integration Services)? [doc] [doc] [doc]
  2. What do you pay for when using Azure Data Factory? [doc] [doc]
  3. What component of Azure Data Factory would you consider to perform data transformations? What alternatives are there? [doc]
  4. What is a Self-Hosted Integration Runtime and why do you need it? [doc] [doc]

Azure Data Lake (Unit)

whiteboard

  1. Azure Data Lake is built on top of Azure Blob Storage. What does it add? [doc]
  2. Why would I choose for a Data Lake, instead of regular Blob Storage? What could be my decision criteria? [doc] [doc]
  3. Why would I choose for Blob Storage, instead of Data Lake? [doc] [doc]
  4. Why is it important to support RBAC down to the individual file level? [doc]
  5. I need to organize my Data Lake. What are some common approaches? [doc] [doc] [doc]

Azure Databricks (Unit)

whiteboard

  1. What is Azure Databricks and what is Apache Spark? [doc] [doc] [doc]
  2. Which role would be using Azure Databricks? [doc]
  3. When would you choose to implement Azure Databricks? [doc]

Azure Synapse Analytics (Unit)

whiteboard

  1. What is the difference between a serverless pool and a dedicated pool? [doc] [doc] [doc]
  2. What do I pay for with Synapse Analytics? [doc]
  3. Azure Synapse Analytics contains a component to set up pipelines and data flows, which is also part of Azure Data Factory. Why would I use this instead of ADF? [doc]
  4. Azure Synapse Analytics allows you to setup Spark Pools to process your data. Why would I consider this instead of Azure Databricks? [doc]
  5. What is Azure Synapse Link for Cosmos DB and what is the use case it tries to solve? [doc]

Strategy for hot/warm/cold data path (Unit)

whiteboard

  1. When to use Hot/Warm/Cold data path? [doc] [doc] [doc]

Azure Stream Analytics (Unit)

whiteboard

  1. When would you consider to use Azure Stream Analytics? (use cases) [doc] [doc] [doc] [doc]
  2. What is a streaming unit (SU)? [doc]
  3. What are the main components to setup in Azure Stream Analytics? [doc] [doc] [doc]

06 - Design an application architecture solution (Learn module)

Message and event scenarios (Unit)

whiteboard

  1. What is the difference between an event and a message and when would you choose for one over the other? [doc]
  2. Suppose you have a distributed application with a web service that authenticates users. When a user logs on, the web service notifies all the client applications so they can display that user’s status as “Online”. Is the login notification an example of a message or an event?
  3. Let’s suppose a user uploads a new song by using your mobile music-sharing app. The mobile app must send that song to a web API that runs in Azure. The mobile app expects that the web API stores the new song in the database and makes it available to other users. Is this an example of a message or an event?

Messaging solutions (Unit)

whiteboard

  1. What are Azure Storage Queues and Azure Service Bus Queues and how would you compare them? [doc]
  2. What is an Azure Service Bus Topic? [doc]
  3. What API do you use to interact with Azure Storage Queue? [doc]
  4. What can you do if the payload of a message is larger than 64 KB in size? [doc] [doc]

Event solutions (Event Hub and Event Grid) (Unit)

whiteboard

  1. What is Event Hub and how does it compare to Azure Event Grid? [doc] [doc] [doc]
  2. What is the main consideration for the ‘pull’ model provided by Event Hubs? [doc]
  3. How does Event Hub handle throughput? [doc]
  4. How much will you pay for storing 80GB of data per day in Event Hub? [doc]
  5. How does Event Hub relate to Kafka? [doc]
  6. What does Event Hub capture provide to you? Why is this important? [doc]
  7. What can you do if the payload of an event is larger than 256 KB? [doc]
  8. What is IoT Hub and what capabilities will it add over Event Hub? [doc] [doc]

Caching (Unit)

whiteboard

  1. When would you consider to use an Azure Cache for Redis? [doc]

API Management (Unit)

whiteboard

  1. Why would you introduce an API management solution as implemented by APIM? What are the benefits/use case cases? [doc] [doc] [doc]

Application lifecycle (Unit)

whiteboard

  1. What Infrastructure as Code (IaC) technique do you use to automate the provisioning of infrastructure? [doc] [doc] [doc] [doc] [doc] [doc]
  2. Why would you use ARM templates versus Bicep? [doc]
  3. Why would you use Azure DevOps instead of GitHub? [doc]
  4. Why would you use Terraform instead of ARM/Bicep? [doc]

Application configuration (Unit)

  1. What does Azure App Configuration offer to you? [doc]

07 - Design Authentication and Authorization Solutions (Learn module)

Identity and access management (Unit)

whiteboard

  1. What is the difference between AAD, AAD B2B and AAD B2C [doc] [doc]
  2. What is AADDS? [doc]

Azure Active Directory (Unit)

whiteboard

  1. What is Azure AD Connect and what is Azure AD Connect Cloud Sync? What could be a use case to use AAD Connect cloud sync? [doc] [doc]
  2. Is Azure AD Connect one-direction-only or does it support bi-directional replication? [doc] [doc] [doc]
  3. Does it make sense to deploy multiple AAD Tenants? Or should you stick with a single tenant? [doc] [doc]
  4. Why should you not synchronize accounts to Azure AD that have high privileges? [doc]
  5. Is Password Hash Synchronization safe to use? [doc]
  6. What is that SSO helps you to do? [doc]
  7. Should you centralize or de-centralize your identity management. Can you do both? [doc]

Azure Active Directory B2B (Unit)

whiteboard

  1. Why would you consider Azure AD B2B? [doc]
  2. When implementing Azure AD B2B, does your partner need to have AAD as well? What identity providers are supported? [doc]
  3. Can you enforce MFA for guest accounts, even when they do not have this configured? [doc]
  4. What is an Access Panel? [doc] [doc]
  5. Who can invite guests? Should you centralize / de-centralize? [doc] [doc] [doc] [doc]
  6. What is a self-service sign-up flow? Can you customize this? [doc]

Azure Active Directory B2C (Unit)

whiteboard

  1. Why would you consider Azure AD B2C? [doc] [doc]
  2. When implementing Azure AD B2C, does your client need to have AAD as well? What identity providers are supported? [doc]
  3. What is user flow? And can you customize the look and feel of the user interface? [doc]
  4. Where should I store custom user attributes? [doc]

Conditional access (Unit)

whiteboard

  1. What scenarios can you think of where conditional access would be beneficial? [doc]
  2. Why does conditional access provide more granular control over the MFA policies? [doc]
  3. You are not sure about the impact of changing a conditional access policy. What should you use? [doc]
  4. Which license do you need to use conditional access? [doc]
  5. You want to prevent people from using older legacy protocols like POP. However, your CEO is still using an old laptop/software. What are your options? [doc]

Identity protection (Unit)

whiteboard

  1. What’s the difference between sign-in risk and user risk? [doc]
  2. What are some common examples of sign-in risk and user risk? [doc]
  3. What should you do to enable break-the-glass/emergency access account? [doc]

Access reviews (Unit)

whiteboard

  1. What is an access review and why should you use it? [doc] [doc] [doc]
  2. What problem is it trying to solve? [doc]
  3. What license do you require? [doc]
  4. Who can conduct a review during an access review? [doc]

Service principals for applications (Unit)

whiteboard

  1. What is a managed identity and what is it trying to solve? [doc]
  2. What is the difference between a user assigned identity and a system managed identity? [doc]
  3. What is the Azure Instance Metadata Service, and why is it important in the context of managed identity? [doc] [doc]
  4. What is a service principal? [doc]
  5. Can you explain the relationship between application objects and service principals? [doc]
  6. Microsoft identity platform supports two types of permissions - delegated permissions and application permissions. What is used when? [doc]

Azure key vault (Unit)

whiteboard

  1. Why use Azure Key Vault? [doc]
  2. How many Azure Key Vaults do you require for your applications? [doc]
  3. What is the difference between a key and a secret in Azure Key Vault? [doc] [doc] [doc]
  4. What is the difference between a key and a certificate in Azure Key vault? [doc] [doc] [doc]
  5. Azure Key Vault has two service tiers - Standard and Premium. Why would you choose one over the other? [doc] [doc]
  6. How can you authenticate against Azure Key Vault? (2 supported modes) [doc] [doc]

08 - Design a solution to log and monitor Azure resources (Learn module)

Azure Monitor (Unit)

whiteboard

  1. Azure Monitor collects data automatically from a range of components. Can you share some examples/use cases?
  2. Example - you have experienced recently an Azure Storage Account Key leakage. How can you prevent this in future?

Log Analytics (Unit)

whiteboard

  1. How many Log Analytics resources do you need?
  2. Would you go for a centralized or decentralized approach? Hybrid?
  3. What do you pay for?
  4. What is the retention time for log data that has been ingested. Can you change this?
  5. How can you integrate logging data from Virtual Machines?
  6. What can you do to create a dashboard targeted towards business users, showing them some relevant metrics?
  7. You want to prevent users from accessing certain data in you Log Analytics workspace. Is this possible and how?
  8. Does Log Analytics have some rate limits applicable?
  9. How do you enforce capturing logging from your Azure resources into Log Analytics?

Azure workbooks and Azure Insights (Unit)

whiteboard

  1. What are Azure Workbooks?
  2. Why would you consider to implement an Azure Workbook?
  3. What is Azure Application Insights and what does it offer on top of Log Analytics?
  4. What can you use the monitor your Azure Kubernetes environment?

Azure Data Explorer (Unit)

whiteboard

  1. What is Azure Data Explorer?
  2. What do you pay for?

09 - Design a network infrastructure solution (Learn module)

Recommend a network architecture solution based on workload requirements (Unit)

whiteboard

  1. Why would you want to create multiple virtual networks, or create multiple subnets in your VNET? [doc] [doc]
  2. Why does it matter to apply a naming convention when creating virtual networks? [doc]
  3. Can you deploy resources across multiple regions in the same virtual network? [doc]
  4. How large should your virtual network’s address space be? [doc]
    • Why is important that virtual network address ranges do not overlap?
  5. What is the difference between a network virtual appliance (NVA) like a Firewall and a NSG Network Security Group? [doc] [doc]
  6. What is a hub and spoke topology and why would you consider it? What are the benefits/disadvantages? [doc]
    • What resources should become part of your hub, and what would you deploy into your spokes?
    • Should you allow spokes to communicate with each other directly? Why?

Design for on-premises connectivity to Azure virtual networks (Unit)

whiteboard

  1. Which Azure VPN Gateway SKU should you implement and why? [doc]
  2. What is the SLA offered by VPN Gateway and what is/is not included? How can you increase the SLA? [doc]
  3. Is traffic encrypted over the VPN Gateway? [doc]
  4. What can you do to troubleshoot your VPN connection? [doc]
  5. Why would you consider an Express Route? [doc]
  6. Can you use an Express route and combine it with a VPN Gateway? Why would you do this? [doc]
  7. What advantage brings Azure Virtual WAN to the table? [doc] [doc]

Design for Azure network connectivity services (Unit)

whiteboard

  1. When setting up peering between 2 virtual networks, is traffic encrypted? [doc] [doc]
  2. What do you pay for when using VNET Peering? [doc]
  3. Why would you consider implementing Virtual Network NAT (Network Address Translation)? [doc]
  4. Why would you consider overriding Azure’s default routing? How do you accomplish this? [doc]

Design for application delivery services (Unit)

whiteboard

  1. Why would you consider to use an Azure CDN Content Delivery Network. What problem does it solve? [doc]
  2. What possible sources should you consider for Azure CDN? [doc]
  3. What are the differences between Load Balancer, Traffic Manager, Application Gateway and Front Door? [doc] [doc]

Design for application protection services (Unit))

whiteboard

  1. Why would you want to go for Azure DDoS protection Standard instead of the default one? [doc]
  2. What would you pay for when using this service? [doc]
  3. What problem is it that Azure Private Link is trying to solve? [doc]
  4. What are the advantages and disadvantages of setting up Service Endpoints? [doc]
  5. What’s the difference between Network Security Groups and Application Security Groups [doc]
  6. What problem is it that Azure Bastion solves? [doc]
  7. How can you implement Just in Time Access? [doc] [doc]

10 - Design a business continuity solution (Learn module)

Backup and recovery (Unit)

whiteboard

  1. What is the difference between RTO and RPO? [doc] [doc] [doc]
  2. What are SLA’s and why does it matter? Who provides the SLA? [doc] [doc]
  3. How would you calculate the SLA? [doc]
  4. What is MTBF and MTTR and what would be appropriate values?
  5. How do you know that a service/application does (not) reach it’s SLA? [doc] [doc] [doc]
  6. Why do you need both disaster recovery and backup? [doc]
  7. Why would you test your disaster recovery?

Azure Backup (Unit)

whiteboard

  1. What can you backup with Azure Backup? [doc]
  2. What do you pay for? [doc]
  3. How much data can you store and for how long? [doc] [doc]
  4. What does it mean to have application consistent backups?
  5. Can you backup SQL databases with it? [doc]
  6. Does it store backups also across regions? Only the region pair or other regions? [doc]
  7. Why is it important to protect your Azure Backup? How can you accomplish this? [doc]

Azure blob backup and recovery (Unit)

whiteboard

  1. What are the features you can use with Azure Blob storage to be able to recover data without Azure Backup? [doc]
  2. Can you perform a Point-in-time restore on Azure Blob storage? [doc]
  3. Can you use Azure Backup to backup Azure Blob storage? Why would you use/not use this?
  4. Can you recover a deleted Azure Storage account? [doc]
  5. How many years can you configure immutable storage? [doc] [doc]

Azure Files backup and recovery (Unit)

whiteboard

  1. What are Azure Files snapshots? [doc]
  2. How would you automate file share backups? [doc]
  3. Why should you configure alerting and reporting provided by Azure Backup? [doc] [doc]
  4. Why would you want to perform an on-demand backup of a file share if it is also scheduled? [doc]

Azure virtual machine backup and recovery (Unit)

whiteboard

  1. What is the difference between snapshot tier and vault tier? [doc]

Azure SQL backup and recovery (Unit)

whiteboard

  1. How does Azure SQL perform backups and what’s the interval, RPO and RTO? [doc]
  2. What happens in case a region goes down? Can I restore to another region and who is responsible for this? [doc]

Azure Site Recovery (Unit)

whiteboard

  1. Why would you choose Azure Site Recovery over another (3rd-party) solution?
  2. Why would you combine Azure Site Recovery with Azure Backup?

11 - Design a migration solution (Learn module)

Evaluate migration with the Cloud Adoption Framework (Unit)

  1. Why would you consider migrating to Azure? [doc]
  2. What is the Microsoft Cloud Adoption Framework for Azure?
  3. Why should I use/not use this when considering a migration?

Describe the Azure Migration Framework (Unit)

  1. What are the 4 stages in the Azure Migration Framework?
    • What happens during each of these stages?
  2. Which strategy should you take when considering a migration?
  3. What is the difference between refactoring and rearchitecting?

Assess your workloads (Unit)

  1. Why would you consider Azure TCO Calculator?
  2. What kind of activities should be performed during the assesment phase?
  3. What is an Azure Migrate Project?
  4. What is the expected outcome of an Azure Migrate assesment?
  5. Why would you use DMA (Data Migration Assistant) and DMS (Data Migration Service)?
  6. Imagine you have 1000’s of VM’s to migrate. You want to take a phased approach and not migrate everything at once, but rather workload by workload. What tool would you use during the assement so you know the dependencies between machines?
  7. Why do I need to download an appliance in my Hyper-V/VMWare environment? [doc]
  8. What is the difference between agentless/agent-based dependency analysis? [doc] [doc]
  9. I don’t want to use an appliance. What are my options? [doc]
  10. Why does it make sense to keep the assement tool running for a longer period of time? [doc] [doc]

Compare migration tools (Unit)

  1. What tools should I consider to migrate a workload to Azure? [doc]
  2. What can you do with Azure Migrate (scenarios)? [doc]
  3. What is the Azure App Service Migration Assistant? [doc] [doc]
  4. What is the Azure Resource Mover? [doc]

Migrate your databases (Unit)

  1. What is the Azure Database Migration Service? [doc]
  2. Can you perform online migration with minimal downtime? [doc]
  3. Which prerequisites need to be in place before you can perform an online/offline migration? [doc]
  4. Which tool would you use to migrate the database schema? [doc]
  5. Which tool would you use to migrate the data? [doc]

Select an online storage migration tool (Unit)

  1. When would you use the Windows Storage Migration Service? [doc]
  2. When would you use Azure File Sync? [doc]

Select an offline storage migration tool (Unit)

  1. When would you use the Azure Import/Export service? [doc]
  2. When would you use Data Box? [doc]
  3. What other tools can you use to import/export moderate volumes of data? [doc]

pixel