Exam AZ-700: Designing and Implementing Microsoft Azure Networking Solutions
Exam AZ-700: Designing and Implementing Microsoft Azure Networking Solutions by Microsoft Azure requires the candidates to possess subject matter expertise in planning, implementing, and maintaining Azure networking solutions, comprising of hybrid networking, routing, connectivity, security, and private access to Azure services. Moreover, candidates for this exam should have expert Azure administration skills, along with experience and knowledge of networking, hybrid connections, and network security.
Prerequisites
Though there are no requirements to appear for this exam but to get certified, it is recommended for you to fulfill the following conditions:
- You should have expert Azure administration skills along with extensive experience and knowledge of hybrid connection, networking, and network security.
- Passing the exam
Target Audience
This exam is basically intended for the following people :
- Solution architects, security engineers, cloud administrators, application developers, and DevOps engineers.
- Junior professionals
- Candidates who wish to work in this field.
Scheduling/Rescheduling the exam
On certification detail pages, there’s a choice to register within the “Certification exams” section, and on the exam detail pages, the choice is within the “Schedule Exam” section.
Rescheduling/Cancellation
Microsoft temporarily waives the rescheduling and cancellation fee if candidates cancel their exams within 24 hours before the scheduled appointment. However, for rescheduling or canceling an appointment no charge will be applied at least 6 business days prior to your appointment. But, if a candidates cancel or reschedule an exam within 5 business days of your registered exam time then, a fee will be applied. Lastly, if a candidate failed to show up for an exam appointment or forgot to reschedule an appointment for at least 24 hours then they can forfeit your entire exam fee.
Exam details
Another very important thing to note is the exam pattern, the number of questions asked time allotted and other minor details. So, we have mentioned the important details of Exam AZ-700: Designing and Implementing Microsoft Azure Networking Solutions as follows:
- Exam Code- AZ-700
- Exam Language-English
- Type of questions-MCQs
- Registration fee-$165 USD*
For more details, visit Exam AZ-700: Designing and Implementing Microsoft Azure Networking Solutions FAQs
Exam AZ-700: Designing and Implementing Microsoft Azure Networking Solutions Course Outline
Furthermore, the syllabus of the exam has been categorized into various sections and subsections. So, let’s look into the various domains of the exam as follows:
Design and implement core networking infrastructure (25–30%)
Design and implement private IP addressing for Azure resources
- Plan and implement network segmentation and address spaces (Microsoft Documentation: Implement network segmentation patterns on Azure)
- Create a virtual network (VNet) (Microsoft Documentation: Create a virtual network using the Azure portal)
- Plan and configure subnetting for services, including VNet gateways, private endpoints, firewalls, application gateways, VNet-integrated platform services, and Azure Bastion (Microsoft Documentation: Integrate your app with an Azure virtual network, Create a site-to-site VPN connection in the Azure portal, Azure networking services overview)
- Plan and configure subnet delegation (Microsoft Documentation: What is subnet delegation, Add or remove a subnet delegation)
- Plan and configure shared or dedicated subnets
- Create a prefix for public IP addresses (Microsoft Documentation: Public IP address prefix)
- Choose when to use a public IP address prefix
- Plan and implement a custom public IP address prefix (bring your own IP) (Microsoft Documentation: Custom IP address prefix (BYOIP))
- Create a public IP address (Microsoft Documentation: Create, change, or delete an Azure public IP address)
- Associate public IP addresses to resources (Microsoft Documentation: Associate a public IP address to a virtual machine)
- Upgrade IP address SKU
Design and implement name resolution
- Design name resolution inside a VNet (Microsoft Documentation: Name resolution for resources in Azure virtual networks)
- Configure DNS settings for a VNet
- Design public DNS zones (Microsoft Documentation: Overview of DNS zones and records)
- Design private DNS zones (Microsoft Documentation: What is a private Azure DNS zone)
- Configure a public or private DNS zone (Microsoft Documentation: Azure Private Endpoint DNS configuration)
- Link a private DNS zone to a VNet (Microsoft Documentation: What is a virtual network link)
- Design and implement Azure DNS Private Resolver
Design and implement VNet connectivity and routing
- Design service chaining, including gateway transit (Microsoft Documentation: Virtual network peering, Configure VPN gateway transit for virtual network peering)
- Implement VNet peering
- Implement and manage virtual networks by using Azure Virtual Network Manager
- Design and implement user-defined routes (UDRs) (Microsoft Documentation: Virtual network traffic routing)
- Associate a route table with a subnet (Microsoft Documentation: Create, change, or delete a route table)
- Configure forced tunneling
- Diagnose and resolve routing issues (Microsoft Documentation: Diagnose a virtual machine routing problem)
- Design and implement Azure Route Server (Microsoft Documentation: What is Azure Route Server)
- Identify appropriate use cases for a network address translation (NAT) gateway
- Implement a NAT gateway (Microsoft Documentation: Create a NAT gateway using the Azure portal)
Monitor networks
- Configure monitoring, network diagnostics, and logs in Azure Network Watcher (Microsoft Documentation: What is Azure Network Watcher)
- Monitor and troubleshoot network health by using Azure Network Watcher
- Monitor and troubleshoot networks by using Azure Monitor Network Insights
- Activate and monitor distributed denial-of-service (DDoS) protection (Microsoft Documentation: What is Azure DDoS Protection)
- Evaluate network security recommendations identified by Microsoft Defender for Cloud Secure Score
- Evaluate network security recommendations identified by Microsoft Defender For Cloud Attack Path Analysis
- Identify network resources by using Microsoft Defender for Cloud Security Explorer
Design, implement, and manage connectivity services (20–25%)
Design, implement, and manage a site-to-site VPN connection
- Design a site-to-site VPN connection, including for high availability (Microsoft Documentation: Highly Available cross-premises and VNet-to-VNet connectivity)
- Select an appropriate VNet gateway stock-keeping unit (SKU) for site-to-site VPN requirements (Microsoft Documentation: What is Azure VPN Gateway)
- Implement a site-to-site VPN connection (Microsoft Documentation: Create a site-to-site VPN connection)
- Identify when to use a policy-based VPN versus a route-based VPN connection
- Create and configure a local network gateway
- Create and configure an IPsec/Internet Key Exchange (IKE) policy (Microsoft Documentation: Configure custom IPsec/IKE connection policies for S2S VPN and VNet-to-VNet: PowerShell)
- Create and configure a virtual network gateway
- Diagnose and resolve virtual network gateway connectivity issues
- Implement Azure Extended Network (Microsoft Documentation: Extend your on-premises subnets into Azure)
Design, implement, and manage a point-to-site VPN connection
- Select an appropriate virtual network gateway SKU for point-to-site VPN requirements
- Select and configure a tunnel type
- Select an appropriate authentication method
- Configure RADIUS authentication (Microsoft Documentation: Plan NPS as a RADIUS server, RADIUS authentication with Azure Active Directory)
- Configure authentication by using Microsoft Entra ID (Microsoft Documentation: Azure Active Directory authentication)
- Implement a VPN client configuration file (Microsoft Documentation: Configure the Azure VPN Client)
- Diagnose and resolve client-side and authentication issues
- Specify Azure requirements for Always On VPN
- Specify Azure requirements for Azure Network Adapter (Microsoft Documentation: Use Azure Network Adapter to connect a server to an Azure Virtual Network)
Design, implement, and manage Azure ExpressRoute
- Select an ExpressRoute connectivity model (Microsoft Documentation: ExpressRoute connectivity models)
- Select an appropriate ExpressRoute SKU and tier (Microsoft Documentation: ExpressRoute virtual network gateways)
- Design and implement ExpressRoute to meet requirements, including cross-region connectivity, redundancy, and disaster recovery (Microsoft Documentation: Designing for disaster recovery with ExpressRoute private peering, Designing for high availability with ExpressRoute)
- Design and implement ExpressRoute options, including Global Reach, FastPath, and ExpressRoute Direct (Microsoft Documentation: ExpressRoute FastPath, About ExpressRoute Direct, ExpressRoute Global Reach)
- Choose between private peering only, Microsoft peering only, or both
- Configure private peering
- Configure Microsoft peering (Microsoft Documentation: Create and modify peering for an ExpressRoute)
- Create and configure an ExpressRoute gateway (Microsoft Documentation: Configure a virtual network gateway for ExpressRoute)
- Connect a virtual network to an ExpressRoute circuit (Microsoft Documentation: Connect a virtual network to an ExpressRoute)
- Recommend a route advertisement configuration
- Configure encryption over ExpressRoute (Microsoft Documentation: ExpressRoute encryption)
- Implement Bidirectional Forwarding Detection (Microsoft Documentation: Configure BFD over ExpressRoute)
- Diagnose and resolve ExpressRoute connection issues (Microsoft Documentation: Verify ExpressRoute connectivity)
Design and implement an Azure Virtual WAN architecture
- Select a Virtual WAN SKU (Microsoft Documentation: What is Azure Virtual WAN)
- Design a Virtual WAN architecture, including selecting types and services
- Create a hub in Virtual WAN
- Choose an appropriate scale unit for each gateway type (Microsoft Documentation: Scaling Application Gateway v2 and WAF v2)
- Deploy a gateway into a Virtual WAN hub
- Configure virtual hub routing (Microsoft Documentation: How to configure virtual hub routing)
- Integrate a Virtual WAN hub with a third-party NVA for cloud connectivity
Design and implement application delivery services (15–20%)
Design and implement Azure Load Balancer and Azure Traffic Manager
- Map requirements to features and capabilities of Azure Load Balancer (Microsoft Documentation: What is Azure Load Balancer)
- Identify appropriate use cases for Azure Load Balancer
- Choose an Azure Load Balancer SKU and tier (Microsoft Documentation: Azure Load Balancer SKUs)
- Choose between public and internal load balancers
- Choose between regional and global load balancer
- Create and configure an Azure Load Balancer (Microsoft Documentation: Create a public load balancer to load balance VMs using the Azure portal)
- Implement Azure Traffic Manager
- Implement a gateway load balancer
- Implement a load balancing rule (Microsoft Documentation: Manage rules for Azure Load Balancer using the Azure portal)
- Create and configure inbound NAT rules (Microsoft Documentation: Create a single virtual machine inbound NAT rule using the Azure portal)
- Create and configure explicit outbound rules, including source network address translation (SNAT) (Microsoft Documentation: Use Source Network Address Translation (SNAT) for outbound connections)
Design and implement Azure Application Gateway
- Map requirements to features and capabilities of Azure Application Gateway (Microsoft Documentation: Azure Application Gateway features)
- Identify appropriate use cases for Azure Application Gateway
- Choose between manual and autoscale
- Create a back-end pool (Microsoft Documentation: Backend pool management)
- Configure health probes (Microsoft Documentation: Azure Load Balancer health probes)
- Configure listeners (Microsoft Documentation: Application Gateway listener configuration)
- Configure routing rules
- Configure HTTP settings (Microsoft Documentation: Application Gateway HTTP settings configuration)
- Configure Transport Layer Security (TLS) (Microsoft Documentation: Transport Layer Security (TLS) registry settings)
- Configure rewrite sets (Microsoft Documentation: Rewrite URL with Azure Application Gateway)
Design and implement Azure Front Door
- Map requirements to features and capabilities of Azure Front Door (Microsoft Documentation: What is Azure Front Door)
- Identify appropriate use cases for Azure Front Door
- Choose an appropriate tier
- Configure an Azure Front Door, including routing, origins, and endpoints (Microsoft Documentation: Origins and origin groups in Azure Front Door, What is Azure Front Door)
- Configure SSL termination and end-to-end SSL encryption (Microsoft Documentation: Overview of TLS termination and end to end TLS with Application Gateway)
- Configure caching
- Configure traffic acceleration (Microsoft Documentation: Load-balancing options)
- Implement rules, URL rewrite, and URL redirect (Microsoft Documentation: Creating Rewrite Rules for the URL Rewrite Module)
- Secure an origin by using Azure Private Link in Azure Front Door (Microsoft Documentation: Secure your Origin with Private Link in Azure Front Door Premium)
Design and implement private access to Azure services (10–15%)
Design and implement Azure Private Link service and Azure private endpoints
- Plan private endpoints
- Create private endpoints
- Configure access to private endpoints
- Create a Private Link service
- Integrate Private Link and Private Endpoint with DNS
- Integrate a Private Link service with on-premises clients
Design and implement service endpoints
- Choose when to use a service endpoint (Microsoft Documentation: Virtual Network service endpoints)
- Create service endpoints (Microsoft Documentation: Create, change, or delete service endpoint policy using the Azure portal)
- Configure service endpoint policies
- Configure access to service endpoints
Design and implement Azure network security services (15–20%)
Implement and manage network security groups
- Create a network security group (NSG) (Microsoft Documentation: Create, change, or delete a network security group)
- Associate an NSG to a resource
- Create an application security group (ASG) (Microsoft Documentation: Application security groups)
- Associate an ASG to a network interface card (NIC) (Microsoft Documentation: Create, change, or delete a network interface)
- Create and configure NSG rules
- Interpret NSG flow logs (Microsoft Documentation: Introduction to flow logs for network security groups)
- Validate NSG flow rules
- Verify IP flow
- Configure an NSG for remote server administration, including Azure Bastion (Microsoft Documentation: Working with NSG access and Azure Bastion)
Design and implement Azure Firewall and Azure Firewall Manager
- Map requirements to features and capabilities of Azure Firewall (Microsoft Documentation: Azure Firewall Standard features)
- Select an appropriate Azure Firewall SKU
- Design an Azure Firewall deployment (Microsoft Documentation: Deploy and configure Azure Firewall using the Azure portal)
- Create and implement an Azure Firewall deployment
- Configure Azure Firewall rules (Microsoft Documentation: What is Azure Firewall?)
- Create and implement Azure Firewall Manager policies (Microsoft Documentation: Azure Firewall Manager policy overview)
- Create a secure hub by deploying Azure Firewall inside an Azure Virtual WAN hub (Microsoft Documentation: Configure Azure Firewall in a Virtual WAN hub)
Design and implement a Web Application Firewall (WAF) deployment
- Map requirements to features and capabilities of WAF
- Design a WAF deployment (Microsoft Documentation: What is Azure Web Application Firewall on Azure Application Gateway?)
- Configure detection or prevention mode
- Configure rule sets for WAF on Azure Front Door (Microsoft Documentation: Create a Web Application Firewall policy on Azure Front Door)
- Configure rule sets for WAF on Application Gateway
- Implement a WAF policy (Microsoft Documentation: Create Web Application Firewall policies for Application Gateway)
- Associate a WAF policy
Preparation Guide for Exam AZ-700: Designing and Implementing Microsoft Azure Networking Solutions
It’s totally apt to say that the best preparation for tomorrow is the right use of resources today. So, for your convenience, we have compiled different study resources and series of preparation steps that can be followed to ace this exam.
Go through the exam objectives
Firstly, familiarize yourself with all the topics and subtopics of the exam. This will help you distribute your learning preparation. Remember, it’s not just the topics but the deep knowledge and practical application that will help you ace the exam. So, study the syllabus thoroughly and analyze it to plan and divide your learning accordingly.
Explore the details of exam
The next step towards preparing for the exam is to thoroughly undergo the small print of the exam including details about the sort and number of questions and also the time allotted. Hence, this helps you give a direction to your learning and analyze the time allotted to manage time well during the exam. Therefore, make sure that you are aware of all the minute details.
Study resources
- You can join online training programs regarding preparation for the exam which help you understand the concepts better. Microsoft provides free online course for the same.
- You can also enrol for instructor-led training program by Microsoft.
- Microsoft Documentation is the knowledge source that provides detailed information about the AZ-700 exam concepts. With the use of Microsoft Docs, you will get to know the different scales of different Azure services.
- Microsoft also provides learning platforms that cover different resources that are helpful for exam preparation. For the AZ-700 exam preparation, You may go to the official website of Microsoft for the necessary information about this certification.
Join study groups
Further, joining study groups and communities can also prove to be of great help. It is a platform that connects professionals and beginners which in a way helps you get your queries solved and also allows you to have healthy discussions with peers. Hence, joining these groups will help you stay updated.
Practice tests
Lastly, the most important step of preparation is practicing questions. This helps you not only evaluate your level of preparation but also helps you boost your confidence by attempting challenging questions. So, you can find various sample papers on the internet, the practice tests that we offer are definitely reliable. Moreover, we provide unique sets of professionally designed questions that greatly help to polish your knowledge.