Determine workload requirements (10-15%)

Gather information and requirements

  • identify compliance requirements
  • identify identity and access management infrastructure
  • identify service-oriented architectures
  • identify accessibility requirements
  • identify availability requirements
  • identify capacity planning and scalability requirements
  • identify deploy-ability requirements
  • identify configurability
  • identify governance requirements
  • identify maintainability requirements
  • identify security requirements
  • identify sizing requirements
  • recommend changes during project execution
  • evaluate products and services to align with solution
  • create testing scenarios

Optimize consumption strategy

  • optimize app service costs
  • optimize compute costs
  • optimize identity costs
  • optimize network costs
  • optimize storage costs

Design an auditing and monitoring strategy

  • define logical groupings (tags) for resources to be monitored
  • determine levels and storage locations for logs
  • plan for integration with monitoring tools
  • recommend appropriate monitoring tool(s) for a solution
  • specify mechanism for event routing and escalation
  • design auditing for compliance requirements
  • design auditing policies and traceability requirements

Design for identity and security (20-25%)

Design identity management

  • choose an identity management approach
  • design an identity delegation strategy
  • design an identity repository
  • design self-service identity management
  • design user and persona provisioning
  • define personas
  • define roles
  • recommend appropriate access control strategy

Design authentication

  • choose an authentication approach
  • design a single-sign on approach
  • design for IPSec authentication
  • design for logon authentication
  • design for multi-factor authentication
  • design for network access authentication
  • design for remote authentication

Design authorization

  • choose an authorization approach
  • define access permissions and privileges
  • design secure delegated access
  • recommend when and how to use API Keys

Design for risk prevention for identity

  • design a risk assessment strategy
  • evaluate agreements involving services or products from vendors and contractors
  • update solution design to address and mitigate changes to existing security policies, standards, guidelines and procedures

Design a monitoring strategy for identity and security

  • design for alert notifications
  • design an alert and metrics strategy
  • recommend authentication monitors

Design a data platform solution (15-20%)

Design a data management strategy

  • choose between managed and unmanaged data store
  • choose between relational and non-relational databases
  • design a data auditing strategy
  • design a data caching strategy
  • identify data attributes
  • recommend database service tier sizing
  • design a data retention policy
  • design for data availability
  • design for data consistency
  • design for data durability
  • design a data warehouse strategy

Design a data protection strategy

  • recommend geographic data storage
  • design an encryption strategy for data at rest
  • design an encryption strategy for data in transmission
  • design an encryption strategy for data in use
  • design a scalability strategy for data
  • design secure access to data
  • design a data loss prevention (DLP) policy

Design and document data flows

  • identify data flow requirements
  • create a data flow diagram
  • design a data flow to meet business requirements
  • design data flow solutions
  • design a data import and export strategy

Design a monitoring strategy for the data platform

  • design for alert notifications
  • design an alert and metrics strategy
  • monitor Azure Data Factory pipelines

Design a business continuity strategy (10-15%)

Design a site recovery strategy

  • design a recovery solution
  • design a site recovery replication policy
  • design for site recovery capacity
  • design for storage replication
  • design site failover and failback
  • design the site recovery network
  • recommend recovery objectives (Azure, on-prem, hybrid, Recovery Time Objective (RTO), Recovery Level Objective (RLO), Recovery Point Objective (RPO))
  • identify resources that require site recovery
  • identify supported and unsupported workloads
  • recommend a geographical distribution strategy

Design for high availability

  • design for application redundancy
  • design for autoscaling
  • design for data center and fault domain redundancy
  • design for network redundancy
  • identify resources that require high availability
  • identify storage types for high availability
  • design a disaster recovery strategy for individual workloads
  • design failover/failback scenarios
  • document recovery requirements
  • identify resources that require backup
  • recommend a geographic availability strategy

Design a data archiving strategy

  • recommend storage types and methodology for data archiving
  • identify business compliance requirements for data archiving
  • identify requirements for data archiving
  • identify SLA(s) for data archiving

Design for deployment, migration, and integration (10-15%)

Design deployments

  • design a compute deployment strategy
  • design a container deployment strategy
  • design a data platform deployment strategy
  • design a messaging solution deployment strategy
  • design a storage deployment strategy
  • design a web app and service deployment strategy

Design migrations

  • recommend a migration strategy
  • design data import/export strategies during migration
  • determine the appropriate application migration method
  • determine the appropriate data transfer method
  • determine the appropriate network connectivity method
  • determine migration scope, including redundant, related, trivial, and outdated data
  • determine application and data compatibility

Design an API integration strategy

  • design an API gateway strategy
  • determine policies for internal and external consumption of APIs
  • recommend a hosting structure for API management

Design an infrastructure strategy (15-20%)

Design a storage strategy

  • design a storage provisioning strategy
  • design storage access strategy
  • identify storage requirements
  • recommend a storage solution
  • recommend storage management tools

Design a compute strategy

  • design a compute provisioning strategy
  • design a secure compute strategy
  • determine appropriate compute technologies
  • design an Azure HPC environment
  • identify compute requirements
  • recommend management tools for compute

Design a networking strategy

  • design a network provisioning strategy
  • design a network security strategy
  • determine appropriate network connectivity technologies
  • identify networking requirements
  • recommend network management tools
  • recommend network security solutions

Design a monitoring strategy for infrastructure

  • design for alert notifications
  • design an alert and metrics strategy

Learning Path & Reference: