Exam
70-533

Microsoft Azure

  • Published:
    September 4, 2014
  • Languages:
    English, Spanish, Chinese (Simplified), Chinese (Traditional), French, German, Japanese, Portuguese (Brazil), Russian
  • Audiences:
    IT professionals
  • Technology:
    Microsoft Azure
  • Credit toward certification:
    MCP, MCSA, MCSE

Implementing Microsoft Azure Infrastructure Solutions

* Pricing does not reflect any promotional offers or reduced pricing for Microsoft Imagine Academy program members, Microsoft Certified Trainers, and Microsoft Partner Network program members. Pricing is subject to change without notice. Pricing does not include applicable taxes. Please confirm exact pricing with the exam provider before registering to take an exam.

Effective May 1, 2017, the existing cancellation policy will be replaced in its entirety with the following policy: Cancelling or rescheduling your exam within 5 business days of your registered exam time is subject to a fee. Failing to show up for your exam appointment or not rescheduling or cancelling your appointment at least 24 hours prior to your scheduled appointment forfeits your entire exam fee.

video

Watch an online prep session

Skills measured

This exam measures your ability to accomplish the technical tasks listed below. The percentages indicate the relative weight of each major topic area on the exam. The higher the percentage, the more questions you are likely to see on that content area on the exam. View video tutorials about the variety of question types on Microsoft exams.

Please note that the questions may test on, but will not be limited to, the topics described in the bulleted text.

Do you have feedback about the relevance of the skills measured on this exam? Please send Microsoft your comments. All feedback will be reviewed and incorporated as appropriate while still maintaining the validity and reliability of the certification process. Note that Microsoft will not respond directly to your feedback. We appreciate your input in ensuring the quality of the Microsoft Certification program.

If you have concerns about specific questions on this exam, please submit an exam challenge.

If you have other questions or feedback about Microsoft Certification exams or about the certification program, registration, or promotions, please contact your Regional Service Center.

Since the last exam update, Microsoft Azure has had significant technology changes, and we are updating the exam objectives to include them. As of November 22, 2016, this exam reflects these changes.

Note To ensure that they are aware of the latest updates, it is recommended that all individuals registering for this exam review this page several times before their scheduled exam.

Note There are exam updates effective as of October 12, 2017. To learn more about these changes and how they affect the skills measured, please download and review the Exam 533 change document.

Design and Implement Azure App Service Apps (10-15%)
  • Deploy Web Apps
    • Define deployment slots; roll back deployments; implement pre- and postdeployment actions; create, configure, and deploy packages; create App Service plans; migrate Web Apps between App Service plans; create a Web App within an App Service plan; determine when to use App Service Environment (ASE); select and use appropriate deployment methods including Git, FTP, and cloud services
  • Configure Web Apps
    • Define and use app settings, connection strings, handlers, and virtual directories; configure certificates and custom domains; configure SSL bindings and runtime configurations; manage Web Apps by using Azure PowerShell and Azure-CLI; manage App Service backups; configure authentication and authorization for Web Apps
  • Configure diagnostics, monitoring, and analytics
    • Retrieve diagnostics data; view streaming logs; configure endpoint monitoring; configure alerts; configure diagnostics; use remote debugging; monitor Web App resources
  • Configure Web Apps for scale and resilience
    • Configure auto-scale using built-in and custom schedules; configure by metric; change the size of an instance; configure Traffic Manager
Create and manage Azure Resource Manager Virtual Machines (20–25%)
  • Deploy workloads on Azure Resource Manager (ARM) virtual machines (VMs)
    • Identify workloads that can and cannot be deployed; run workloads, including Microsoft and Linux; create VMs; connect to a Windows/Linux VM
  • Perform configuration management
    • Automate configuration management by using PowerShell Desired State Configuration (DSC) and VM Agent (custom script extensions); enable remote debugging
  • Design and implement VM storage
    • Configure disk caching; plan storage capacity; configure operating system disk redundancy; configure shared storage using Azure File service; configure georeplication; encrypt disks; implement ARM VMs with Standard and Premium Storage
  • Monitor ARM VMs
    • Configure ARM VM monitoring; configure alerts; configure diagnostic and monitoring storage location
  • Manage ARM VM availability
    • Configure multiple ARM VMs in an availability set for redundancy; configure each application tier into separate availability sets; combine the Load Balancer with availability sets; configure fault domains and update domains
  • Scale ARM VMs
    • Scale up and scale down VM sizes; deploy ARM VM Scale Sets (VMSS); configure ARM VMSS auto-scale
  • Manage Containers with Azure Container Services (ACS)
    • Deploy a Kubernetes cluster in ACS; create and manage container images; sScale applications using Docker, DC/OS, Swarm, or Kubernetes; configure for open-source tooling; migrate container workloads to and from Azure; monitor Kubernetes by using Microsoft Operations Management Suite (OMS); implement Azure Container Registry
Design and Implement a Storage Strategy (10-15%)
  • Implement Azure storage blobs and Azure files
    • Identify appropriate blob type for specific storage requirements; read data; change data; set metadata on a container; store data using block and page blobs; stream data using blobs; access blobs securely; implement async blob copy; configure Content Delivery Network (CDN); design blob hierarchies; configure custom domains; scale blob storage; manage SMB file storage
  • Manage access
    • Create and manage shared access signatures, use stored access policies, regenerate keys; encrypt keys by using Azure Key Vault integration
  • Configure diagnostics, monitoring, and analytics
    • Set retention policies and logging levels, analyze logs
  • Implement storage encryption
    • Encrypt data as written to Azure Storage by using Azure Storage Service Encryption (SSE); implement encrypted and role-based security for data managed by Azure Data Lake Store
Implement virtual networks (15–20%)
  • Configure virtual networks connectivity
    • Deploy a VM into a virtual network; configure external and internal load balancing; implement Application Gateway; design subnets; configure static, public, and private IP addresses; set up Network Security Groups (NSGs), DNS at the virtual network level, HTTP and TCP health probes, public IPs, User Defined Routes (UDRs), firewall rules, and direct server return; connect VNets by virtual network peering; configure VMs using a configuration management tool such as Puppet or Chef
  • Design and implement multi-site or hybrid network connectivity
    • Choose the appropriate solution between ExpressRoute, site-to-site, and pointto-site; choose the appropriate gateway; identify supported devices and software VPN solutions; identify networking prerequisites; configure virtual networks and multi-site virtual networks; implement virtual network peering and service chaining; implement hybrid connections to access on-premises data sources, leverage S2S VPNs to connect to on-premises infrastructure
  • Configure ARM VM networking
    • Configure static IP addresses, Network Security Groups (NSGs), DNS, User Defined Routes (UDRs), external and internal load balancing with HTTP and TCP health probes, public IPs, firewall rules, and direct server return; design and implement Application Gateway
  • Design and implement a communication strategy
    • Implement Hybrid Connections to access data sources on-premises; leverage S2S VPN to connect to an on-premises infrastructure
Design and Deploy ARM Templates (10-15%)
  • Implement ARM templates
    • Author ARM templates; create ARM templates to deploy multiple ARM Resource Providers resources of different types with count loops and Marketplace items; deploy templates with PowerShell, Azure CLI, Azure Portal and REST API
  • Control access
    • Leverage service principles with ARM authentication, use Azure Active Directory Authentication with ARM, set management policies, lock resources
  • Design role-based access control (RBAC)
    • Secure resource scopes, such as the ability to create VMs and Azure Web Apps; implement Azure role-based access control (RBAC) standard roles; design Azure RBAC custom roles
Manage Azure Security, and Recovery Services (25-30%)
  • Manage data protection and security compliance
    • Create and import encryption keys with Key Vault; automate tasks for SSL/TLS certificates; prevent and respond to security threats with Azure Security Center; Configure single sign-on with SaaS applications using federation and password based; add users and groups to applications; revoke access to SaaS applications; configure access; configure federation with public consumer identity providers such as Facebook and Google
  • Implement recovery services
    • Create a backup vault; deploy a backup agent; backup and restore data, using of snapshots and Geo-replication for recovery; Implement DR as service, Deploy ASR agent, ASR Configuration & best practices
Manage Azure Operations (5-10%)
  • Enhance cloud management with automation
    • Implement PowerShell runbooks; integrate Azure Automation with Web Apps; create and manage PowerShell Desired State Configurations (DSC); import DSC resources; generate DSC node configurations; monitor and automatically update machine configurations with Azure Automation DSC
  • Collect and analyze data generated by resources in cloud and on-premises environments
    • Collect and search across data sources from multiple systems; build custom visualizations; visualize Azure resources across multiple subscriptions; transform Azure activity data and managed resource data into an insight with flexible search queries; monitor system updates and malware status; track server configuration changes by using Azure Log Analytics
Manage Azure Identities (5-10%)
  • Monitor on-premises identity infrastructure and synchronization services with Azure AD Connect Health
    • Monitor AD FS proxy and web application proxy servers; setup email notifications for critical alerts; generate utilization reports; monitor Sync Engine; monitor domain controllers; monitor replication
  • Manage domains with Azure Active Directory Domain Services
    • Join Azure virtual machines to a domain, securely administer domain-joined virtual machines by using Group Policy; migrate on-premises apps to Azure; handle traditional directory-aware apps along with SaaS apps
  • Integrate with Azure Active Directory (Azure AD)
    • Implement Azure AD Connect and single sign-on with on-premises Windows Server 2012 R2; add custom domains; monitor Azure AD, MFA, config Windows 10 with Azure AD domain join; Implement Azure AD integration in web and desktop applications; leverage Microsoft Graph API
  • Implement Azure AD B2C and Azure AD B2B
    • Create an Azure AD B2C Directory; register an application; implement social identity provider authentication; enable multi-factor authentication; set up selfservice password reset; implement B2B collaboration; configure partner users; integrate with application

Preparation options

Instructor-led training
Exam prep video

Preparing for exam 70-533? Watch the online prep session here.

Practice test

Take a Microsoft Official Practice Test for Exam 533

Beginning in April 2017, over time, practice tests will become available in multiple languages, including Spanish, Chinese (Simplified), Chinese (Traditional), French, German, Japanese, Portuguese (Brazil), and Russian. To see when a specific language is offered for this practice test, please check back.

From the community

Follow @MSLearning

Who should take this exam?

Candidates for this exam implement infrastructure solutions in Microsoft Azure. Candidates have experience implementing and monitoring cloud and hybrid solutions as well as supporting application lifecycle management.

More information about exams

Preparing for an exam

We recommend that you review this exam preparation guide in its entirety and familiarize yourself with the resources on this website before you schedule your exam. See the Microsoft Certification exam overview for information about registration, videos of typical exam question formats, and other preparation resources. For information on exam policies and scoring, see the Microsoft Certification exam policies and FAQs.

Note

This preparation guide is subject to change at any time without prior notice and at the sole discretion of Microsoft. Microsoft exams might include adaptive testing technology and simulation items. Microsoft does not identify the format in which exams are presented. Please use this preparation guide to prepare for the exam, regardless of its format. To help you prepare for this exam, Microsoft recommends that you have hands-on experience with the product and that you use the specified training resources. These training resources do not necessarily cover all of the topics listed in the "Skills measured" section.