Early Experts Study Guide for Microsoft Specialist Certification Exam 70-534, Architecting Microsoft Azure Solutions

Disclaimer: This exam study guide is not intended as a replacement for formal training on Microsoft Azure.

Microsoft Specialist in Azure

This exam study guide is intended as a study reference tool to assist experienced architects with preparing for Microsoft Specialist certification via Exam 70-534, Architecting Microsoft Azure Solutions.

Exam 70-534 is one of three exams that can be successfully passed to complete Microsoft Specialist certification on Microsoft Azure. Other exams in this Microsoft Specialist series include:

Only one exam listed above (70-532 or 70-533 or 70-534) needs to be passed to attain Microsoft Specialist certification on Microsoft Azure.

About this Exam Study Guide

This exam guide presents the target exam objectives within each of the above objective domains in a checklist format to provide an easy method for experienced exam candidates to quickly self-assess their general exam preparedness and also provide specific study resources to help candidates address knowledge gap areas prior to attempting this exam. These are the same study resources that I personally used to prepare for Exams 70-534, 70-533 and 70-532 myself, so I’ve already taken time to proof and review each and every resource.

Of course, you may have your own suggestions for improvements – feel free to email me or connect with me online. I’d love to hear your feedback!

About Exam 70-534

Who should take Exam 70-534?

This exam is for candidates who are interested in validating their Microsoft Azure solution design skills. Candidates should know the features and capabilities of Azure services to be able to identify tradeoffs and make decisions for designing public and hybrid cloud solutions. Candidates who take this exam are expected to be able to define the appropriate infrastructure (IaaS) and platform solutions (PaaS) to meet the required functional, operational, and deployment requirements through the solution lifecycle.

Exam 70-532: Developing Microsoft Azure Solutions and Exam 70-533: Implementing Microsoft Azure Infrastructure Solutions are useful for candidates who also want to validate their implementation experience across cloud projects, but they are not prerequisites for this exam.

Which skills does Exam 70-534 target?

Exam 70-534 targets the following six (6) certification objective domains:

  • Design Microsoft Azure infrastructure and networking (15-20%)
  • Secure resources (15-20%)
  • Design an application storage and data access strategy (15-20%)
  • Design an advanced application (15-20%)
  • Design websites (15-20%)
  • Design a management, monitoring and business continuity strategy (15-20%)

Exam Format and Question Types

Microsoft certification exams may use a variety of exam question formats to test related skills. If you haven't taken a Microsoft certification exam recently, be sure to review the following information to get a better understanding of each question format that may be used for your exam.

Additional Study Resources for Exams 70-532 and 70-533

In addition to the exam preparation resources for Exam 70-534 in this study guide, you will find these additional resources helpful if you are also planning to prepare for Exam 70-532, Developing Microsoft Azure Solutions and/or Exam 70-533, Implementing Microsoft Azure Solutions.

Additional study resources for Exam 70-532

Additional study resources for Exam 70-533

Getting Started

If you’ve not already done so, you’ll need an active Microsoft Azure subscription to gain the most value from this exam study guide. Many of the resources below involve hands-on activities, and having access to Azure is key to mastery of the associated skills.

Activate a Microsoft Azure subscription

If you don’t currently have an active Microsoft Azure subscription, you can obtain one for free via our Microsoft Azure free trial subscription program.

Formal Training on Microsoft Azure

If you’re completely new to Microsoft Azure, you may wish to complete a formal training program to build foundational knowledge before leveraging this Exam Study Guide. Foundational training on Microsoft Azure is available via:

In addition to foundational training, an online training course that specifically targets this exam is also available on Microsoft Virtual Academy.

Using this Exam Study Guide

When you're ready to begin preparing for your certification exam, I'd recommend following this strategy to use your time as productively as possible:

  1. Review each objective listed below at a high-level under each objective domain.
  2. Check-off exam objectives for which you already feel that you have sufficient knowledge.
  3. For the remaining exam objectives, review the linked study resources.
  4. As you progress, check-off each exam objective when you've completed the linked study resources
  5. After all exam objectives have been checked-off, you're ready to schedule your exam!

1. Design Microsoft Azure infrastructure and networking (15–20%)

1.1 Describe how Azure uses Global Foundation Services (GFS) datacenters.

☐ Understand Azure datacenter architecture, regional availability, and high availability

1.2 Design Azure virtual networks.

Deploy Azure Active Directory

Extend on-premises Active Directory

Design Azure Virtual Networks

Define static IP reservations

Understand ACLs and Network Security Groups

1.3 Design Azure Compute.

Design applications using Azure IaaS virtual machines (VMs) IaaS and PaaS roles.

Understand availability sets, fault domains, and update domains in Azure

Differentiate between virtual machine classifications

1.4 Describe Azure virtual private network (VPN) and ExpressRoute.

Azure site-to-site (S2S) VPN

Azure ExpressRoute

Azure point-to-site (P2S) VPN

1.5 Describe Azure services.

Understand Azure Services, at a high level

Azure load balancing options, including Traffic Manager

Azure Media Services

Azure Content Delivery Network (CDN)

Azure Cache

Azure Service Bus

Azure Active Directory (Azure AD)

Multi-Factor Authentication

2. Secure resources (15–20%)

2.1 Secure resources by using managed identities.

Describe the differences between Active Directory on-premises and Azure AD

Programmatically access Azure AD using Graph API

Secure access to resources from Azure AD applications using OAuth and OpenID Connect

2.2 Secure resources by using hybrid identities.

Use SAML claims to authenticate to on-premises resources

Implement federated identities using Azure Access Control service (ACS) and Active Directory Federation Services (ADFS)

2.3 Secure resources by using identity providers

Provide access to resources using identity providers, such as Microsoft account, Facebook, Google, and Yahoo!

2.4 Identify an appropriate data security solution

Use the appropriate Access Control List (ACL), and identify security requirements for data in transit and data at rest

2.5 Design a role-based access control strategy

Secure resource scopes, such as the ability to create VMs and websites

3. Design an application storage and data access strategy (15–20%)

3.1 Design storage options for data, including the following technologies:

Azure Storage Options

Azure SQL Database

Azure DocumentDB



3.2 Design security options for data, including:

SQL Database

Azure Storage

3.3 Design applications with Mobile Services using .NET and JavaScript backends

Create Azure Mobile Services

Consume Mobile Services from cross-platform clients

Integrate offline sync capabilities into an application

Extend Mobile Services using custom code

Secure Mobile Services using Azure AD

3.4 Design applications that use notifications

Implement push notification services in Mobile Services

Send push notifications to all subscribers, specific, or a segment of subscribers

3.5 Design applications that use a web API

Implement a custom web API

Scale using Azure Websites

Offload long-running applications using WebJobs

Secure a web API using Azure AD

3.6 Design a data access strategy for hybrid applications.

Service Bus Relay

BizTalk Hybrid Connections

VPN capability of Azure Websites

Identify constraints for connectivity with VPN

Identify options for joining VMs to domains or cloud services

3.7 Design a media solution.

Understand key components of Media Services, including streaming capabilities, video on-demand capabilities, and monitoring services

4. Design an advanced application (15–20%)

4.1 Create compute-intensive applications.

Design high-performance computing (HPC) and other compute-intensive applications using Azure Services

4.2 Create long-running applications.

Implement worker roles for scalable processing with stateless components

4.3 Select the appropriate storage option.

Identify storage options for cloud services

Use a queue-centric pattern for development

Select the appropriate storage for performance

Design hybrid scenarios with compute on-premises and storage on Azure

Differentiate between cloud services and VMs interacting with storage service and SQL Database

4.4 Integrate Azure services in a solution with the following technologies:

Azure Machine Learning

Big Data

Azure Media Services

Azure Search

5. Design websites (15–20%)

5.1 Design websites for scalability and performance

Create and Deploy Azure Websites

Create websites using Visual Studio

Globally scale websites

Debug websites

Understand supported languages

Differentiate between websites to VMs and cloud services

5.2 Deploy websites

Implement Azure Site Extensions

Create packages

Hosting plans and Resource Groups

Deployment slots

Publishing options

5.3 Design websites for business continuity

Scale up and scale out using Azure Websites and SQL Database

Configure data replication patterns

Update websites with minimal downtime

Backup and restore data

Design websites across multiple regions for high availability and disaster recovery

Design the data tier

6. Design a management, monitoring, and business continuity strategy (15–20%)

6.1 Evaluate hybrid and Azure-hosted architectures for Microsoft System Center deployment.

Understand, at an architectural level, which components are supported in Azure

Describe design considerations for managing Azure resources with System Center

Understand which scenarios would dictate a hybrid scenario

6.2 Design a monitoring strategy.

Identify the Microsoft products and services for monitoring Azure solutions

Understand the capabilities of System Center for monitoring an Azure solution

Understand built-in Azure capabilities

Describe use cases for Operations Manager, Global Service Monitor, and Application Insights

Identify third-party monitoring tools, including open source

Describe the use cases for Windows Software Update Services (WSUS), Configuration Manager, and custom solutions

Describe the Azure architecture constructs, such as availability groups and update domains, and how they impact a patching strategy

6.3 Describe Azure business continuity/disaster recovery (BC/DR) capabilities.

Understand the architectural capabilities of BC/DR

Describe Hyper-V Replica and Azure Site Recovery (ASR) and associated use cases

6.4 Design a disaster recovery strategy.

Design and deploy Azure Backup and other Microsoft backup solutions for Azure

Understand use cases when StorSimple and System Center Data Protection Manager would be appropriate

6.5 Design Azure Automation and PowerShell workflows.

Create a PowerShell script specific to Azure

6.6 Describe the use cases for Azure Automation configuration.

Understand when to use Azure Automation, Chef, Puppet, PowerShell, or Desired State Configuration (DSC)

Scheduling your Exam

When you’re ready to take your exam, you can schedule to take it as an online proctored exam or at a Pearson VUE exam testing facility worldwide.

For other questions regarding Microsoft certification exams and exam policies, visit the Microsoft Learning Exam policies and FAQ page.

Good luck with your exam preparation!