Design for identity and security (20-25%)

Design identity management
- choose an identity management approach
- design an identity delegation strategy
- design an identity repository
- design self-service identity management
- design user and persona provisioning
- define personas
- define roles
- recommend appropriate access control strategy
Design authentication
- choose an authentication approach
- design a single-sign on approach
- design for IPSec authentication
- design for logon authentication
- design for multi-factor authentication
- design for network access authentication
- design for remote authentication
Design authorization
- choose an authorization approach
- define access permissions and privileges
- design secure delegated access
- recommend when and how to use API Keys
Design for risk prevention for identity
- design a risk assessment strategy
- evaluate agreements involving services or products from vendors and contractors
- update solution design to address and mitigate changes to existing security policies, standards, guidelines and procedures
Design a monitoring strategy for identity and security
- design for alert notifications
- design an alert and metrics strategy
- recommend authentication monitors

Design a data platform solution (15-20%)

Design a data management strategy
- choose between managed and unmanaged data store
- choose between relational and non-relational databases
- design a data auditing strategy
- design a data caching strategy
- identify data attributes
- recommend database service tier sizing
- design a data retention policy
- design for data availability
- design for data consistency
- design for data durability
- design a data warehouse strategy
Design a data protection strategy
- recommend geographic data storage
- design an encryption strategy for data at rest
- design an encryption strategy for data in transmission
- design an encryption strategy for data in use
- design a scalability strategy for data
- design secure access to data
- design a data loss prevention (DLP) policy
Design and document data flows
- identify data flow requirements
- create a data flow diagram
- design a data flow to meet business requirements
- design data flow solutions
- design a data import and export strategy
Design a monitoring strategy for the data platform
- design for alert notifications
- design an alert and metrics strategy
- monitor Azure Data Factory pipelines

Design a business continuity strategy (10-15%)

Design a site recovery strategy
- design a recovery solution
- design a site recovery replication policy
- design for site recovery capacity
- design for storage replication
- design site failover and failback
- design the site recovery network
- recommend recovery objectives (Azure, on-prem, hybrid, Recovery Time Objective (RTO), Recovery Level Objective (RLO), Recovery Point Objective (RPO))
- identify resources that require site recovery
- identify supported and unsupported workloads
- recommend a geographical distribution strategy
Design for high availability
- design for application redundancy
- design for autoscaling
- design for data center and fault domain redundancy
- design for network redundancy
- identify resources that require high availability
- identify storage types for high availability
- design a disaster recovery strategy for individual workloads
- design failover/failback scenarios
- document recovery requirements
- identify resources that require backup
- recommend a geographic availability strategy
Design a data archiving strategy
- recommend storage types and methodology for data archiving
- identify business compliance requirements for data archiving
- identify requirements for data archiving
- identify SLA(s) for data archiving

Design for deployment, migration, and integration (10-15%)

Design deployments
- design a compute deployment strategy
- design a container deployment strategy
- design a data platform deployment strategy
- design a messaging solution deployment strategy
- design a storage deployment strategy
- design a web app and service deployment strategy
Design migrations
- recommend a migration strategy
- design data import/export strategies during migration
- determine the appropriate application migration method
- determine the appropriate data transfer method
- determine the appropriate network connectivity method
- determine migration scope, including redundant, related, trivial, and outdated data
- determine application and data compatibility
Design an API integration strategy
- design an API gateway strategy
- determine policies for internal and external consumption of APIs
- recommend a hosting structure for API management

Design an infrastructure strategy (15-20%)

Design a storage strategy
- design a storage provisioning strategy
- design storage access strategy
- identify storage requirements
- recommend a storage solution
- recommend storage management tools
Design a compute strategy
- design a compute provisioning strategy
- design a secure compute strategy
- determine appropriate compute technologies
- design an Azure HPC environment
- identify compute requirements
- recommend management tools for compute
Design a networking strategy
- design a network provisioning strategy
- design a network security strategy
- determine appropriate network connectivity technologies
- identify networking requirements
- recommend network management tools
- recommend network security solutions
Design a monitoring strategy for infrastructure
- design for alert notifications
- design an alert and metrics strategy

Microsoft Study Guide

Exam requirements