Preparation Guide for AZ-700 Designing and Implementing Microsoft Azure Networking Solutions Certification
I just toke my AZ-700 Designing and Implementing Microsoft Azure Networking Solutions exam (available since the 21th of july 21 in beta) and it is time now to share my preparation notes for those who are interested to pass this exam and get certified.
This article is just one another preparation guide to Microsoft exam AZ-700 but I hope it will be useful. You will find here : 5 Powerpoint presentations (around 500 slides), a lot of URL with content to read and understand and links to practice with hands on labs.
Even you don’t plan to take the exam, all this content is really interesting to read and understand if you want to discover and improve your knowledge on networking on Azure.
Before starting studying, you must know very well what this certification is about and what are the prerequisites.
The topics included in this exam are the following:
- Design, Implement, and Manage Hybrid Networking (10% to 15%)
- Design and Implement Core Networking Infrastructure (20% to 25%)
- Design and Implement Routing (25% to 30%)
- Secure and Monitor Networks (15% to 20%)
- Design and Implement Private Access to Azure Services (10% to 15%)
More details : https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4PaHw
If you want to check your knowledge before starting your study, you can explore my Azure Networking Mindmap to verify if you need to spend more time on specific subjects (click on image to display a full screen SVG file more readable)
Design, Implement, and Manage Hybrid Networking (10% to 15%)
Design, implement, and manage a site-to-site VPN connection
Highly Available cross-premises and VNet-to-VNet connectivity
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-highlyavailable
Azure VN Gateway SKU
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpngateways#gwsku
About cryptographic requirements and Azure VPN gateways
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-compliance-crypto
About VPN devices and IPsec/IKE parameters for Site-to-Site VPN Gateway connections
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpn-devices
https://docs.microsoft.com/en-us/azure/vpn-gateway/tutorial-site-to-site-portal
Troubleshooting: An Azure site-to-site VPN connection cannot connect and stops working
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-troubleshoot-site-to-site-cannot-connect
Design, implement, and manage a point-to-site VPN connection
About Point-to-Site VPN
https://docs.microsoft.com/en-us/azure/vpn-gateway/point-to-site-about
Configure a Point-to-Site VPN connection using Azure certificate authentication
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-point-to-site-resource-manager-portal
Create an Azure Active Directory tenant for P2S OpenVPN protocol connections
https://docs.microsoft.com/en-us/azure/vpn-gateway/openvpn-azure-ad-tenant
Azure VPN Client
https://www.microsoft.com/en-us/p/azure-vpn-client/9np355qt2sqb?activetab=pivot:overviewtab
Design, implement, and manage Azure ExpressRoute
What is Azure ExpressRoute?
https://docs.microsoft.com/en-us/azure/expressroute/expressroute-introduction
ExpressRoute connectivity partners and peering locations
https://docs.microsoft.com/en-us/azure/expressroute/expressroute-locations
About ExpressRoute Direct
https://docs.microsoft.com/en-us/azure/expressroute/expressroute-erdirect-about
How to configure ExpressRoute Direct
https://docs.microsoft.com/en-us/azure/expressroute/expressroute-howto-erdirect
ExpressRoute Premium
https://docs.microsoft.com/en-us/azure/expressroute/expressroute-faqs#expressroute-premium
ExpressRoute FastPath
https://docs.microsoft.com/en-us/azure/expressroute/about-fastpath
ExpressRoute circuits and peering
https://docs.microsoft.com/en-us/azure/expressroute/expressroute-circuit-peerings
Microsoft peering
https://docs.microsoft.com/en-us/azure/expressroute/expressroute-howto-routing-portal-resource-manager#to-create-microsoft-peering
What is an Autonomous System Number (ASN)?
https://blog.stackpath.com/autonomous-system-number/
Azure Private peering
https://docs.microsoft.com/en-us/azure/expressroute/expressroute-howto-routing-portal-resource-manager#private
Configure a virtual network gateway for ExpressRoute
https://docs.microsoft.com/en-us/azure/expressroute/expressroute-howto-add-gateway-portal-resource-manager
Connect a virtual network to an ExpressRoute circuit
https://docs.microsoft.com/en-us/azure/expressroute/expressroute-howto-linkvnet-portal-resource-manager
ExpressRoute encryption
https://docs.microsoft.com/en-us/azure/expressroute/expressroute-about-encryption
Configure MACsec on ExpressRoute Direct ports
https://docs.microsoft.com/en-us/azure/expressroute/expressroute-howto-macsec
Configure BFD over ExpressRoute
https://docs.microsoft.com/en-us/azure/expressroute/expressroute-bfd
Troubleshooting network performance
https://docs.microsoft.com/en-us/azure/expressroute/expressroute-troubleshooting-network-performance
Design and Implement Core Networking Infrastructure (20% to 25%)
Design and implement private IP addressing for Vnets
What is Azure Virtual Network?
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-overview
Quickstart: Create a virtual network using PowerShell
https://docs.microsoft.com/en-us/azure/virtual-network/quick-create-powershell
What is Azure Firewall?
https://docs.microsoft.com/en-us/azure/firewall/overview
Deploy and configure Azure Firewall using Azure CLI
https://docs.microsoft.com/en-us/azure/firewall/deploy-cli
What is subnet delegation?
https://docs.microsoft.com/en-us/azure/virtual-network/subnet-delegation-overview
Design and implement name resolution
Overview of DNS zones and records
https://docs.microsoft.com/en-us/azure/dns/dns-zones-records
Buy a custom domain name for Azure App Service
https://docs.microsoft.com/en-us/azure/app-service/manage-custom-dns-buy-domain
Azure DNS FAQ
https://docs.microsoft.com/en-us/azure/dns/dns-faq
Azure Private DNS zone
https://docs.microsoft.com/en-us/azure/dns/private-dns-privatednszone
Create Private DNS Zone
https://docs.microsoft.com/en-us/azure/dns/private-dns-getstarted-cli
Design and implement cross-VNet connectivity design public DNS zones
Virtual network peering
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-peering-overview
Create, change, or delete a virtual network peering
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-manage-peering
VNet peering requirement and constraint
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-manage-peering#requirements-and-constraints
Design and implement an Azure Virtual WAN architecture
What is Azure Virtual WAN?
https://docs.microsoft.com/en-us/azure/virtual-wan/virtual-wan-about
Migrate to Azure Virtual WAN
https://docs.microsoft.com/en-us/azure/virtual-wan/migrate-from-hub-spoke-topology
Global transit network architecture and Virtual WAN
https://docs.microsoft.com/en-us/azure/virtual-wan/virtual-wan-global-transit-network-architecture
Connect a VPN Gateway (virtual network gateway) to Virtual WAN
https://docs.microsoft.com/en-us/azure/virtual-wan/connect-virtual-network-gateway-vwan
About virtual hub routing
https://docs.microsoft.com/en-us/azure/virtual-wan/about-virtual-hub-routing
https://docs.microsoft.com/en-us/azure/virtual-wan/how-to-virtual-hub-routing
Design and Implement Routing (25% to 30%)
Design, implement, and manage VNet routing design a site-to-site VPN connection for high availability
Virtual network traffic routing
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-udr-overview
Reserved Ip Adresses
https://en.wikipedia.org/wiki/Reserved_IP_addresses
IANA-Reserved IPv4 Prefix for Shared Address Space
https://datatracker.ietf.org/doc/html/rfc6598
Routing example (to check if you understand everything)
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-udr-overview#routing-example
Create, change, or delete a route table
https://docs.microsoft.com/en-us/azure/virtual-network/manage-route-table
az network vnet subnet
https://docs.microsoft.com/en-us/cli/azure/network/vnet/subnet?view=azure-cli-latest
Diagnose a virtual machine routing problem
https://docs.microsoft.com/en-us/azure/virtual-network/diagnose-network-routing-problem
Design and implement an Azure Load Balancer choose between public and internal
What is Azure Load Balancer?
https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-overview
Azure Load Balancer SKUs
https://docs.microsoft.com/en-us/azure/load-balancer/skus
Build cross region solution on existing Azure Load Balancer
https://docs.microsoft.com/en-us/azure/load-balancer/cross-region-overview#build-cross-region-solution-on-existing-azure-load-balancer
Load balancing rule
https://docs.microsoft.com/en-us/azure/load-balancer/components#load-balancing-rules
Inbound NAT Rules
https://docs.microsoft.com/en-us/azure/load-balancer/components#inbound-nat-rules
Outbound rules
https://docs.microsoft.com/en-us/azure/load-balancer/components#outbound-rules
Design and implement Azure Application Gateway
Application Gateway FAQ
https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-faq
Feature comparison between v1 SKU and v2 SKU
https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-autoscaling-zone-redundant#differences-from-v1-sku
Scaling Application Gateway and WAF v2
https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-autoscaling-zone-redundant#scaling-application-gateway-and-waf-v2
Autoscaling and Zone-redundant Application Gateway v2
https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-autoscaling-zone-redundant
Application Gateway components
https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-components
Rewrite HTTP headers and URL with Application Gateway
https://docs.microsoft.com/en-us/azure/application-gateway/rewrite-http-headers-url
Application Gateway HTTP settings configuration
https://docs.microsoft.com/en-us/azure/application-gateway/configuration-http-settings
Overview of TLS termination and end to end TLS with Application Gateway
https://docs.microsoft.com/en-us/azure/application-gateway/ssl-overview
Implement Azure Front Door
What is Azure Front Door Standard/Premium (Preview)?
https://docs.microsoft.com/en-us/azure/frontdoor/standard-premium/overview
Azure Front Door Standard/Premium (Preview) Health probe monitoring
https://docs.microsoft.com/en-us/azure/frontdoor/standard-premium/concept-health-probes
Front Door routing methods
https://docs.microsoft.com/en-us/azure/frontdoor/front-door-routing-methods
What is Rules Engine for Azure Front Door?
https://docs.microsoft.com/en-us/azure/frontdoor/front-door-rules-engine
Implement an Azure Traffic Manager profile
What is Traffic Manager?
https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-overview
Traffic Manager routing methods
https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-routing-methods
Design and implement an Azure Virtual Network NAT
What is Virtual Network NAT?
https://docs.microsoft.com/en-us/azure/virtual-network/nat-gateway/nat-overview
Secure and Monitor Networks (15% to 20%)
Design, implement, and manage an Azure Firewall deployment
What is Azure Firewall?
https://docs.microsoft.com/en-us/azure/firewall/overview
Deploy and configure Azure Firewall and policy using the Azure portal
https://docs.microsoft.com/en-us/azure/firewall/tutorial-firewall-deploy-portal-policy
Network Virtual Appliance in an Azure Virtual WAN hub
https://docs.microsoft.com/en-us/azure/virtual-wan/about-nva-hub
Implement and manage network security groups (NSGs)
https://docs.microsoft.com/en-us/azure/virtual-network/network-security-groups-overview
Virtual network service tags
https://docs.microsoft.com/en-us/azure/virtual-network/service-tags-overview
Application Security Group
https://docs.microsoft.com/en-us/azure/virtual-network/network-security-groups-overview#application-security-groups
Read NSG flow logs
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-read-nsg-flow-logs
Troubleshoot NSG configuration using IP Flow Verify
https://azure.microsoft.com/en-gb/resources/videos/troubleshoot-nsg-configuration-using-ip-flow-verify/
Implement a Web Application Firewall (WAF) deployment
https://docs.microsoft.com/en-us/azure/web-application-firewall/
What is Azure Web Application Firewall?
https://docs.microsoft.com/en-us/azure/web-application-firewall/overview
Azure Web Application Firewall on Azure Front Door
https://docs.microsoft.com/en-us/azure/web-application-firewall/afds/afds-overview
Monitor Network
Azure Monitor Network Insights
https://docs.microsoft.com/en-us/azure/azure-monitor/insights/network-insights-overview
Network Connectivity Monitoring with Connection Monitor
https://docs.microsoft.com/en-us/azure/network-watcher/connection-monitor-overview
Create a monitor in Connection Monitor by using the Azure portal
https://docs.microsoft.com/en-us/azure/network-watcher/connection-monitor-create-using-portal
Install monitoring agents
https://docs.microsoft.com/en-us/azure/network-watcher/connection-monitor-overview#install-monitoring-agents
Design and Implement Private Access to Azure Services (10% to 15%)
Design and implement Azure Private Link service and Azure Private Endpoint
What is Azure Private Link service?
https://docs.microsoft.com/en-us/azure/private-link/private-link-service-overview
Quickstart: Create a Private Link service using Azure CLI
https://docs.microsoft.com/en-us/azure/private-link/create-private-link-service-cli
What is Azure Private Endpoint?
https://docs.microsoft.com/en-us/azure/private-link/private-endpoint-overview
Private link resource
https://docs.microsoft.com/en-us/azure/private-link/private-endpoint-overview#private-link-resource
Azure Private Endpoint DNS configuration
https://docs.microsoft.com/en-us/azure/private-link/private-endpoint-dns
Design and implement service endpoints
Virtual Network service endpoints
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-service-endpoints-overview
Tutorial: Restrict network access to PaaS resources with virtual network service endpoints using the Azure portal
https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-restrict-network-access-to-resources
Services Tags
https://docs.microsoft.com/en-us/azure/virtual-network/service-tags-overview
VNet endpoint policies
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-service-endpoints-overview#vnet-service-endpoint-policies
Virtual network service endpoint policies for Azure Storage
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-service-endpoint-policies-overview
Create, change, or delete service endpoint policy using the Azure portal
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-service-endpoint-policies-portal
Azure Virtual Network frequently asked questions (FAQ) – Service Endpoint
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-faq#virtual-network-service-endpoints
Configure VNet integration for dedicated platform as a service (PaaS) services
configure App Service for regional VNet integration
Integrate your app with an Azure virtual network
https://docs.microsoft.com/en-us/azure/app-service/web-sites-integrate-with-vnet
Use an App Service Environment
https://docs.microsoft.com/en-us/azure/app-service/environment/using-an-ase#app-access
Last be not least, I found very good lab material to practice :
Hope this preparation guide will be useful for you. Don’t hesitate to post a comment or send me a message on Twitter @squastana or on LinkedIn
https://www.linkedin.com/in/stanislasquastana/
Last but not least, don’t forget to spend time on http://microsoft.com/learn where you can find additional materials to prepare your certification.