AZ-304: Microsoft Azure Architect Design Introduction

AZ-304: Microsoft Azure Architect Design



Technology Workbook





















Document Control



Proposal Name


Microsoft Azure Architect Design

Document Version


Version 1

Document Release Date


20th February – 2021









Copyright © 2018 IPSpecialist LTD.

Registered in England and Wales

Company Registration No: 10883539

Registration Office at: Office 32, 19-21 Crawford Street, London W1H 1PJ, United Kingdom


All rights reserved. No part of this book may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without the written permission from IPSpecialist LTD, except for the inclusion of brief quotations in a review.



If you have any comments regarding the quality of this book, or otherwise alter it to better suit your needs, you can contact us through email at

Please make sure to include the book’s title and ISBN in your message.

About IPSpecialist




Our philosophy is to treat our customers like family. We want you to succeed, and we are willing to do everything possible to help you make it happen. We have the proof to back up our claims. We strive to accelerate billions of careers with great courses, accessibility, and affordability. We believe that continuous learning and knowledge evolution are the most important things to keep re-skilling and up-skilling the world.

Planning and creating a specific goal is where IPSpecialist helps. We can create a career track that suits your visions as well as develop the competencies you need to become a professional Network Engineer. We can also assist you with the execution and evaluation of your proficiency level, based on the career track you choose, as they are customized to fit your specific goals.

We help you STAND OUT from the crowd through our detailed IP training content packages.


Course Features:

     Self-Paced Learning

  • Learn at your own pace and in your own time

     Covers Complete Exam Blueprint

  • Prep-up for the exam with confidence

     Case Study Based Learning

  • Relate the content with real life scenarios 

     Subscriptions that Suits You

  • Get more and pay less with IPS subscriptions

     Career Advisory Services

  • Let the industry experts plan your career journey

     Virtual Labs to test your skills

  • With IPS vRacks, you can evaluate your exam preparations

     Practice Questions

  • Practice questions to measure your preparation standards

     On Request Digital Certification

  • On request digital certification from IPSpecialist LTD.



About the Authors:

This book has been compiled with the help of multiple professional engineers who specialize in different fields e.g. Networking, Security, Cloud, Big Data, IoT etc. Each engineer develops content in his/her own specialized field that is compiled to form a comprehensive certification guide.

About the Technical Reviewers:


Nouman Ahmed Khan

AWS-Architect, CCDE, CCIEX5 (R&S, SP, Security, DC, Wireless), CISSP, CISA, CISM, Nouman Ahmed Khan is a Solution Architect working with a major telecommunication provider in Qatar. He works with enterprises, mega-projects, and service providers to help them select the best-fit technology solutions. He also works as a consultant to understand customer business processes and helps select an appropriate technology strategy to support business goals. He has more than fourteen years of experience working in Pakistan/Middle-East & UK. He holds a Bachelor of Engineering Degree from NED University, Pakistan, and M.Sc. in Computer Networks from the UK.


Abubakar Saeed

Abubakar Saeed has more than twenty-five years of experience, managing, consulting, designing, and implementing large-scale technology projects, extensive experience heading ISP operations, solutions integration, heading Product Development, Pre-sales, and Solution Design. Emphasizing on adhering to Project timelines and delivering as per customer expectations, he always leads the project in the right direction with his innovative ideas and excellent management skills.


Syed Hanif Wasti  

Syed Hanif Wasti is a Computer Science graduate working professionally as a Technical Content Developer. He is a part of a team of professionals operating in the E-learning and digital education sector. He holds a Bachelor’s Degree in Computer Sciences from PAF-KIET, Pakistan and currently enrolled in the MS-CS program in Muhammad Ali Jinnah University, Karachi. He has completed training of MCP and CCNA. He has both the technical knowledge and industry sounding information, which he uses efficiently in his career. He previously worked as a Database and Network administrator and obtained a good experience in software development.



Uzair Ahmed

Uzair Ahmed is a professional technical content writer holding a Bachelor’s degree in Computer Science from PAF-KIET University. He has sound knowledge and industry experience in SIEM implementation, .NET development, machine learning, Artificial intelligence, Python and other programming and development platforms like React.JS Angular JS Laravel.


Free Resources:

With each workbook purchased, IPSpecialist offers free resources to our valuable customers.

For Additional Free resources please visit our website of IPSpecialist and register to avail the free courses or please contact us on:


Free Resources Include:

For Free Resources: Please visit our website and register to access your desired Resources Or contact us at:

Career Report: This report is a step-by-step guide for a novice who wants to develop his/her career in the field of computer networks. It answers the following queries:

  • What are the current scenarios and future prospects?
  • Is this industry moving towards saturation or are new opportunities knocking at the door?
  • What will the monetary benefits be?
  • Why to get certified?
  • How to plan and when will I complete the certifications if I start today?
  • Is there any career track that I can follow to accomplish specialization level?

Furthermore, this guide provides a comprehensive career path towards being a specialist in the field of networking and also highlights the tracks needed to obtain certification.

IPS Personalized Technical Support for Customers: Good customer service means helping customers efficiently, in a friendly manner. It is essential to be able to handle issues for customers and do your best to ensure they are satisfied. Providing good service is one of the most important things that can set our business apart from the others of its kind.

Great customer service will result in attracting more customers and attain maximum customer retention.

IPS offers personalized TECH support to its customers to provide better value for money. If you have any queries related to technology and labs, you can simply ask our technical team for assistance via Live Chat or Email.

Our Products


Technology Workbooks

IPSpecialist Technology workbooks are the ideal guides to developing the hands-on skills necessary to pass the exam. Our workbooks cover the official exam blueprint and explain the technology with real life case study based labs. The content covered in each workbook consists of individually focused technology topics presented in an easy-to-follow, goal-oriented, step-by-step approach. Every scenario features detailed breakdowns and thorough verifications to help you completely understand the task and associated technology.

We extensively used mind maps in our workbooks to visually explain the technology. Our workbooks have become a widely used tool to learn and remember the information effectively.



Our highly scalable and innovative virtualized lab platforms let you practice the IP Specialist Technology Workbook at your own time and your own place as per your convenience.


Quick Reference Sheets

Our quick reference sheets are a concise bundling of condensed notes of the complete exam blueprint. It is an ideal and handy document to help you remember the most important technology concepts related to the certification exam.


Practice Questions

IP Specialists’ Practice Questions are dedicatedly designed from a certification exam perspective. The collection of these questions from our technology workbooks are prepared keeping the exam blueprint in mind covering not only important but necessary topics as well. It’s an ideal document to practice and revise your certification.




Content at a glance


Chapter 01: Introduction to Azure

Chapter 02: Architect Network Infrastructure in Azure

Chapter 03: Explore relational data services in Azure…………….255

Chapter 04: Non-relational data offerings in Azure



About Our Products



Table of Contents

Chapter 01: Introduction to Azure


What is Cloud Computing?

Benefits of Cloud Computing

The Economy of Cloud Computing

Technical Terms

Types of Cloud Computing

Cloud Computing Deployments Models

What is Azure?

Azure Market Place

Global  Footprint

Azure Resource Manager (ARM)

Azure Services

How to Interact with Azure

Practice Questions:

Chapter 02: Architect Network Infrastructure in Azure


Azure Virtual Networks

Connect Your On-Premise Network To Microsoft Global Network

Connections using the VPN Gateway

High Availability and Fault Tolerance

Lab 2-01: Creating a Site-to-Site VPN

Connection using the ExpressRoute

Secure and Isolate Access to Azure Resources Using Security Groups and Service Endpoints

Network Security Group

Network Security Group Assignment and Evaluation

Application Security Groups

Lab 2-02: Creation of VNet and NSG

Demo of Creation of Application Security Group

Secure Network Access To Paas Services With Virtual Network Service Endpoints

Lab 2-03: Using Service Endpoints to Restrict Access

Distribute our Services Across Azure Virtual Networks

Virtual Network Features

When to Choose Virtual Network Peering?

Lab 2-04: Virtual Networks Peering by Using Azure CLI Commands

Improve Application Scalability and Resiliency By Using Azure Load Balancer

Azure Load Balancer

Internal and External Load Balancers

Configure the Public Load Balancer

Load Balancer and Remote Desktop Gateway

Load Balancer and Media Upload

Lab 2-05: Configure a Public Load Balancer

Internal Load Balancer

Application Gateway

Routing Traffic with Application Gateway

Load Balancing with Application Gateway

Application Gateway Components

Application Gateway Requirements

Application Gateway Options

Demo of Application Gateway

Design a Hybrid Network Architecture on Azure

Virtual Networks

Manage and Control Traffic Flow in Your Azure Deployment with Routes

Azure Routing

Network Virtual Appliance

Lab 2-06: Create custom routes, NVA, and VMs to route traffic through NVA

Practice Questions

Chapter 03: Explore relational data services in Azure

Lab 3-01: Azure Storage Account

Connect an App to Azure Storage:

Lab 3-02: Create a .NET Core application

Practice Questions

Chapter 04: Non-relational data offerings in Azure


Azure Table Storage

Lab 4-01: Create and View a Table Using the Azure Portal.

Azure Blob Storage

Lab 4-02: Create and View a Block Blob Using the Azure Portal

Azure File Storage

Lab 4-03: Create an Azure Storage File Share Using the Azure Portal

Azure Cosmos DB

Benefits using Azure Cosmos DB

Explore Provisioning and Deploying Non-Relational Data Services in Azure

What is Provisioning?

Provision Azure Cosmos DB

Lab 4-04: How to Provision a Cosmos DB Account

How to Create a Database and Container

Databases and containers are the primary resource consumers. Resources are allocated in terms of the storage space required to hold your databases and containers.

Provision Other Non-Relational Data Services

How to Create Storage Account

How to Provision Data Lake Storage in A Storage Account

How to Provision Blob Storage in a Storage Account

How to Provision File Storage in A Storage Account

Configuring Non-Relational Data Services

Configure Connectivity to Virtual Networks and On-Premises Computers

Configure Authentication

Configure Access Control

Configure Advanced Security

Configure Cosmos DB

Configure replication

Configure Consistency

Configure Storage Accounts

Manage Azure Cosmos DB

Performing Bulk Operations in Cosmos DB

Load Data Using the Cosmos DB Data Migration Tool

Configure Cosmos DB to Support Bulk Loading

Query Azure Cosmos DB

Understand the SQL API Query

Manage Azure Blob Storage

Upload a Blob to Azure Storage

Download a Blob from a Container

Delete a blob from a Container

Delete an Azure Storage Container

Manage Azure File storage

Upload Files

Download Files

Lab 4-05: Upload, Download, and Query Data in a Non-Relational Data Store



About Our Products

Microsoft Certifications

Microsoft Azure Certifications are industry-recognized credentials that validate your technical Cloud skills and expertise while assisting you in your career growth. These are one of the most valuable IT certifications right now since Azure has established an overwhelming growth rate in the public cloud market. Even with the presence of several tough competitors such as Amazon Web Services, Google Cloud Engine, and Rackspace, Azure is going to be the dominant public cloud platform today, with an astounding collection of proprietary services that continues to grow.

In this certification, we will discuss cloud concepts where we will learn the core benefits of using Azure like high availability, scalability, etc. We will talk about the Azure Architecture in which cloud resources are put together to work at best; Azure Compute where you will learn how to run applications in Azure; Networking in which the discussion is on how Azure resources communicate with each other; Storage, where you put all of your data and have different ways of storing it. We will also be covering Databases that are used for storage of data, its efficient retrieval as per demand, and to make sure that the users have the right access to the resources. Also, we will counter some complex scenarios with their solutions. We will have discussions on important topics like; Security, which makes Azure the best secure choice for your applications and functions; Privacy, Compliance and Trust that make sure how services ensure privacy and how you stay compliant with standards; As well as, Pricing in Azure to stay ahead on cost.

AZ-900 is the first certification of Microsoft Azure, which is the foundational certificate in Azure. After this certification, you can prove to the world that you are proficient and have the credibility to reach the highest point of your professional life.

Value of Azure Certifications

Microsoft places equal emphasis on sound conceptual knowledge of its entire platform, as well as on hands-on experience with the Azure infrastructure and its many unique and complex components and services.

For Individuals

  • Demonstrate your expertise in designing, deploying, and operating highly available, cost-effective, and secured applications on Microsoft Azure.
  • Gain recognition and visibility of your proven skills and proficiency with Azure.
  • Earn tangible benefits such as access to the Microsoft Certified Community, get invited to Microsoft Certification Appreciation Receptions and Lounges, obtain Microsoft Certification Practice Exam Voucher and Digital Badge for certification validation, Microsoft Certified Logo usage.
  • Foster credibility with your employer and peers.

For Employers

  • Identify skilled professionals to lead IT initiatives with Cloud technologies.
  • Reduce risks and costs to implement your workloads and projects on the Azure platform.
  • Increase customer satisfaction.

Types of Certification

Role-based Certification

  • Fundamental – Validates overall understanding of the Azure Cloud.
  • Associate– Technical role-based certifications. No pre-requisite required.
  • Expert– Highest level technical role-based certification.


About Microsoft Azure Architect Design


Exam Questions

Case study, short answer, repeated answer, MCQs

Number of Questions


Time to Complete

150 minutes

Exam Fee

165 USD


English, Japanese, Chinese (Simplified), Korean


The AZ-304: Microsoft Azure Architect Design exam validates the examinee’s ability to accomplish design monitoring; design identity and security; design data storage; design business continuity; and design infrastructure. Example concepts you should understand for this exam include:

      Design monitoring (10 – 15%)

      Design identity and security (25 – 30%)

      Design data storage (15 – 20%)

      Design business continuity (10 – 15%)

      Design infrastructure (25 – 30%)


Recommended Knowledge 

  • Recommend a solution for cost management and cost reporting
  • Recommend solutions to minimize costs
  • Determine levels and storage locations for logs
  • Plan for integration with monitoring tools including Azure Monitor and Azure Sentinel
  • Recommend a solution for single-sign on
  • Recommend a solution for authentication 
  • Recommend a solution for Conditional Access, including multi-factor authentication
  • Select an appropriate data platform based on requirements
  • Choose between storage tiers
  • Implement Azure Firewall Manager
  • Design and Azure Site Recovery solution
  • Identify resources that require high availability 
  • Identify storage types for high availability 
  • Determine appropriate compute technologies, including virtual machines, App Services, Service Fabric, Azure Functions, Windows Virtual Desktop, Batch, HPC and containers
  • Assess and interpret on-premises servers, data, and applications for migration
  • Select an appropriate data platform based on requirements
  • etc.

All the required information is included in this technology workbook.




Domain 1

Design Monitoring

Domain 2

Design Identity and Security

Domain 3

Design Data Storage

Domain 4

Design Business Continuity

Domain 5

Design Infrastructure


Scroll to Top