Exam
70-534

Microsoft Azure logo

  • Published:
    February 26, 2015
  • Languages:
    English, Spanish, Chinese (Simplified), Chinese (Traditional), French, German, Japanese, Portuguese (Brazil), Russian
  • Audiences:
    IT professionals
  • Technology:
    Microsoft Azure
  • Credit toward certification:
    MCP, MCSA, MCSE, MCSD

Architecting Microsoft Azure Solutions

This exam has been retired

For currently available options, please see the Microsoft Certification exam list.

Watch an Exam Prep session from Microsoft Ignite 2017

Skills measured

This exam measures your ability to accomplish the technical tasks listed below. The percentages indicate the relative weight of each major topic area on the exam. The higher the percentage, the more questions you are likely to see on that content area on the exam. View video tutorials about the variety of question types on Microsoft exams.

Please note that the questions may test on, but will not be limited to, the topics described in the bulleted text.

Do you have feedback about the relevance of the skills measured on this exam? Please send Microsoft your comments. All feedback will be reviewed and incorporated as appropriate while still maintaining the validity and reliability of the certification process. Note that Microsoft will not respond directly to your feedback. We appreciate your input in ensuring the quality of the Microsoft Certification program.

If you have concerns about specific questions on this exam, please submit an exam challenge.

If you have other questions or feedback about Microsoft Certification exams or about the certification program, registration, or promotions, please contact your Regional Service Center.

Since the last exam update, Microsoft Azure has had significant technology changes, and we are updating the exam objectives to include them. As of November 22, 2016, this exam reflects these changes.

Note To ensure that they are aware of the latest updates, it is recommended that all individuals registering for this exam review this page several times before their scheduled exam.

IMPORTANT: Significant changes are in progress for this exam and its content. As a result, we are retiring this exam on December 31, 2017, and it will be replaced with a new exam (proposed exam number 535) that covers the new (but related) objective domain. This new exam will be available on November 30, 2017. You will no longer be able to register for exam 534 after that date.

All certifications earned by taking exam 534 will remain valid even after the exam has been retired. Because exam 535 will be a direct replacement, all certifications previously achieved with exam 534 will be met by taking exam 535 going forward.

You can preview the objective domain for 535 on its exam details page.

Design Azure Resource Manager (ARM) networking (5–10%)
  • Design Azure virtual networks
    • Extend on-premises; leverage Azure networking services: implement load balancing using Azure Load Balancer and Azure Traffic Manager; define DNS, DHCP, and IP addressing configuration; define static IP reservations; apply Network Security Groups (NSGs) and User Defined Routes (UDRs); deploy Azure Application Gateway
  • Describe Azure VPN and ExpressRoute architecture and design
    • Describe Azure point-to-site (P2S) and site-to-site (S2S) VPN, leverage Azure VPN and ExpressRoute in network architecture
Secure resources (20–25%)
  • Secure resources by using managed identities
    • Describe the differences between Active Directory on-premises and Azure Active Directory (Azure AD), programmatically access Azure AD using Graph API, secure access to resources from Azure AD applications using OAuth and OpenID Connect
  • Secure resources by using hybrid identities
    • Use SAML claims to authenticate to on-premises resources, describe AD Connect synchronization, implement federated identities using Active Directory Federation Services (ADFS)
  • Secure resources by using identity providers
    • Provide access to resources using identity providers, such as Microsoft account, Facebook, Google, and Yahoo!; manage identity and access by using Azure AD B2C; implement Azure AD B2B
  • Identify an appropriate data security solution
    • Identify security requirements for data in transit and data at rest; identify security requirements using Azure services, including Azure Storage Encryption, Azure Disk Encryption, and Azure SQL Database TDE
  • Design a role-based access control (RBAC) strategy
    • Secure resource scopes, such as the ability to create VMs and Azure Web Apps; implement Azure RBAC standard roles; design Azure RBAC custom roles
  • Manage security risks by using an appropriate security solution
    • Identify, assess, and mitigate security risks by using Azure Security Center, Operations Management Suite, and other services
Design an application storage and data access strategy (5–10%)
  • Design data storage
    • Design storage options for data, including Table Storage, SQL Database, DocumentDB, Blob Storage, MongoDB, and MySQL; design security options for SQL Database or Azure Storage
  • Select the appropriate storage option
    • Select the appropriate storage for performance, identify storage options for cloud services and hybrid scenarios with compute on-premises and storage on Azure
Design advanced applications (20–25%)
  • Create compute-intensive applications
    • Design high-performance computing (HPC) and other compute-intensive applications using Azure Services
  • Create long-running applications
    • Implement Azure Batch for scalable processing, design stateless components to accommodate scale, use Azure Scheduler
  • Integrate Azure services in a solution
    • Design Azure architecture using Azure services, such as Azure AD, Azure App Service, API Management, Azure Cache, Azure Search, Service Bus, Event Hubs, Stream Analytics, and IoT Hub; identify the appropriate use of Azure Machine Learning, big data, Azure Media Services, and Azure Search services
  • Implement messaging applications
    • Use a queue-centric pattern for development; select appropriate technology, such as Azure Storage Queues, Azure Service Bus queues, topics, subscriptions, and Azure Event Hubs
  • Implement applications for background processing
    • Implement Azure Batch for compute-intensive tasks, use Azure WebJobs to implement background tasks, use Azure Functions to implement event-driven actions, leverage Azure Scheduler to run processes at preset/recurring timeslots
  • Design connectivity for hybrid applications
    • Connect to on-premises data from Azure applications using Service Bus Relay, Hybrid Connections, or the Azure Web App virtual private network (VPN) capability; identify constraints for connectivity with VPN; identify options for joining VMs to domains or cloud services
Design Azure Web and Mobile Apps (5–10%)
  • Design Web Applications
    • Design Azure App Service Web Apps, design custom web API, offload long-running applications using WebJobs, secure Web API using Azure AD, design Web Apps for scalability and performance, deploy Azure Web Apps to multiple regions for high availability, deploy Web Apps, create App Service plans, design Web Apps for business continuity, configure data replication patterns, update Azure Web Apps with minimal downtime, back up and restore data, design for disaster recovery
  • Design Mobile Applications
    • Design Azure Mobile Services; consume Mobile Apps from cross-platform clients; integrate offline sync capabilities into an application; extend Mobile Apps using custom code; implement Mobile Apps using Microsoft .NET or Node.js; secure Mobile Apps using Azure AD; implement push notification services in Mobile Apps; send push notifications to all subscribers, specific subscribers, or a segment of subscribers
Design a management, monitoring, and business continuity strategy (20–25%)
  • Design a monitoring strategy
    • Identify the Microsoft products and services for monitoring Azure solutions; leverage the capabilities of Azure Operations Management Suite and Azure Application Insights for monitoring Azure solutions; leverage built-in Azure capabilities; identify third-party monitoring tools, including open source; describe Azure architecture constructs, such as availability sets and update domains, and how they impact a patching strategy; analyze logs by using the Azure Operations Management Suite
  • Describe Azure business continuity/disaster recovery (BC/DR) capabilities
    • Leverage the architectural capabilities of BC/DR, describe Hyper-V Replica and Azure Site Recovery (ASR), describe use cases for Hyper-V Replica and ASR
  • Design a disaster recovery strategy
    • Design and deploy Azure Backup and other Microsoft backup solutions for Azure, leverage use cases when StorSimple and System Center Data Protection Manager would be appropriate, design and deploy Azure Site recovery
  • Design Azure Automation and PowerShell workflows
    • Create a PowerShell script specific to Azure, automate tasks by using the Azure Operations Management Suite
  • Describe the use cases for Azure Automation configuration
    • Evaluate when to use Azure Automation, Chef, Puppet, PowerShell, or Desired State Configuration (DSC)
Architect an Azure Compute infrastructure (10–15%)
  • Design ARM Virtual Machines (VMs)
    • Design VM deployments leveraging availability sets, fault domains, and update domains in Azure; select appropriate VM SKUs
  • Design ARM template deployment
    • Author ARM templates; deploy ARM templates via the portal, PowerShell, and CL
  • Design for availability
    • Implement regional availability and high availability for Azure deployments

Preparation options

Online training
Instructor-led training
Exam prep video

Preparing for exam 70-534? Watch the online prep session.

Practice test
  • Take a Microsoft Official Practice Test for Exam 534
  • Beginning in April 2017, over time, practice tests will become available in multiple languages, including Spanish, Chinese (Simplified), Chinese (Traditional), French, German, Japanese, Portuguese (Brazil), and Russian. To see when a specific language is offered for this practice test, please check back.
From the community

Who should take this exam?

This exam is for candidates who are interested in validating their Microsoft Azure solution design skills. Candidates should know the features and capabilities of Azure services to be able to identify tradeoffs and make decisions for designing public and hybrid cloud solutions. Candidates who take this exam are expected to be able to define the appropriate infrastructure and platform solutions to meet the required functional, operational, and deployment requirements through the solution lifecycle.

Exam 70-532: Developing Microsoft Azure Solutions and Exam 70-533: Implementing Microsoft Azure Infrastructure Solutions are useful for candidates who want to validate their implementation experience across cloud projects, but they are not prerequisites for this exam.

More information about exams

Preparing for an exam

We recommend that you review this exam preparation guide in its entirety and familiarize yourself with the resources on this website before you schedule your exam. See the Microsoft Certification exam overview for information about registration, videos of typical exam question formats, and other preparation resources. For information on exam policies and scoring, see the Microsoft Certification exam policies and FAQs.

Note

This preparation guide is subject to change at any time without prior notice and at the sole discretion of Microsoft. Microsoft exams might include adaptive testing technology and simulation items. Microsoft does not identify the format in which exams are presented. Please use this preparation guide to prepare for the exam, regardless of its format. To help you prepare for this exam, Microsoft recommends that you have hands-on experience with the product and that you use the specified training resources. These training resources do not necessarily cover all topics listed in the "Skills measured" section.