Azure exams (revised and revised version)

    At the event in September 2018, it was announced that new examinations of the AZ - *** series had appeared, and the 70-53 * series had gone into oblivion.

    The description was already here in my earlier article . But since then, much has changed and this article includes changes from December 2018, March 2019, April 2019, which are also not taken into account in those articles.

    In this article , there will be a list of resources for preparing for submission on Azure Dev / Infra / Architecture.

    What has fundamentally changed?

    • The complete replacement of existing exams with new ones is certainly a significant change, but it did not impress me.
    • For architectures, there are 2 exams instead of one; this generally does not change much, because To obtain an architect’s certificate, you must pass both. It just became more exams.
    • Exam for Azure DevOps (ex VSTS, ex VSO) and Azure Security Technologies
    • The biggest innovation was the addition of the practical part (in many, but not all. For example, in az-203, az-301 was not added), where they give you access to the real Azure portal, give you a real subscription, the account from which to work and several tasks to be completed. This is just super since exams began to test a person’s practical skills.
      • From personal experience of change, if you have experience with Azure, then the laboratory part makes the change easier, not harder because You may not immediately remember the correct answer to the question, but in the practical part, looking at setting up the environment in Azure, you will find it.

    Azure for Dummies, or AZ-900

    The AZ-900 was announced much later than the rest, but I believe that this is the first thing to be done. The AZ-900 contains all the basic Azure questions without being tied to technical roles (developer / architect / itpro). Examples: what is CAPEX / OPEX, public / private / hybrid cloud, how does billing work, who owns the data, in 2 words you need to be able to explain a couple of dozen basic services, what is the difference between public data centers and data centers Azure in Germany / China / US GOV, etc. And at the output you can even get a basic certificate.

    Finally, an exam appeared for people who are too early to take something serious or do not need at all, but at the same time they need a certificate of sanity that they are familiar with the topic. In my humble opinionThis exam must be passed to all managers and sellers who are participating in projects related to Azure . This is such a way to make sure that people understand what they are doing. It is also not a sin for technical roles to pass this at the very beginning of their path to certification, as the exam covers questions on several dozens of basic services (what is this and why), and at the same time gives general overviews of the platform, which are usually overlooked.

    After you master the exam, you can think whether it is worth “surrendering” or not further, because each exam requires serious preparation work.

    Az-103 Infrastructure (itpro / or fashionable devops)

    AZ-103 is asked about how and what can be done in Azure (create a machine, access resources, subscriptions, resource groups, work with azure active directory objects, networks, etc.). True, several topics were removed on: “Azure AD Identity Protection and Enterprise State Roaming; configure self-service password reset; implement conditional access policies; manage multiple directories; perform an access review ”,“ Implement Azure load balancer ”,“ Monitor and troubleshoot virtual networking ”,“ Integrate on premises network with Azure virtual network ”,“ Managed role based access control (RBAC) ”,“ Implement multi-factor authentication ( MFA) ”and slightly expanded the“ Implement and manage hybrid identities ”section

    AZ-203 Development

    The AZ-203 exam is asked about Web Apps , SQL Database , Functions , AKS , CosmosDB , Logic Apps , Event Grid , API Management , etc. I believe that this is the right set of services that reflects the current state of Azure.

    AZ-203 has enough problems
    1. Why did Batch Services get into the exam? Is it really impossible to live without a number crusher (WebJobs / Functions is enough if you do not need Compute Intensive operations).
    2. Why should developers ask about virtual disk encryption through azure key vault (configure Azure Disk Encryption for VMs)? This is an infrastructure issue, and partly security. But to development, this has an extremely weak relationship.
    3. The sections on API Apps are also quite controversial. Why ask about Swagger / OpenAPI in the Azure exam, I don’t understand. This is a useful thing without Azure. I would transfer questions about Swagger / OpenAPI to the Logic App section, which would have closed the topic without loss and would, in my opinion, be more logical.
    4. Why Microsoft's Mobile Apps in 2019 is also not clear to me. Microsoft lost the fight for its mobile platform, and when you do not have your own mobile platform, then services for its support are not in demand. But they are included in the core exam.

      • I really like the instructions for setting up the Notification Hub for Android, which reads as follows: "before creating the Notification Hub for Android, create Firebase (which can send notifications to Android / IOS for free)."
      • Why ask about Mobile Apps and not ask about Visual Studio Mobile Center?
    5. Claim Based / Role based authorization is a question about Asp.Net Core and stands out from the general series since in the same Node, this is implemented differently, but you need to know the code (Microsoft has been trying to make its services cross-platform in recent years) and is not directly related to Azure.
    6. Why, in the monitoring section, ask about Load Testing (which is based on Azure DevOps Load Testing) if it is deprecated and will be decommissioned in 2020 already .
    7. Why Azure Storage Queue is needed in 2019 is also not clear.
      Let's take a simple case:
      In Azure Service Bus, for 1 million messages, each 256kb each has to pay 5 cents (east us).
      1mln * 4kb / 1024 (up to megabytes) / 1024 (up to gigabytes) / 2 operations (one message to insert and one to receive is 2 operations)
      This is 2GB for $ 0.05. A message can be up to 256kb, which will make it either cheaper or for a larger amount of money.

      The cost of 2 GB in Storage Queue is $ 0.09.
      Therefore, the question arises, but in 2019, what is the scenario for using Azure storage queue? If they are more expensive, a more serious decision ?!

    What is now is much better / fresher than what was in the 70-532 exam from 2015 to 2018 (And if not for the fraud of those who passed the AZ-200/201/202, then everything would be very not bad at all.)


    There are 2 such exams; for passing both, a Solution Architect certificate is issued. In my opinion, passing one without the other is a rather strange undertaking, because these are 2 points of view on the same thing.

    I would not say that there is a one-to-one mirror correspondence between them. For example, in 301, the word compute in the corresponding section may mean azure batch, aks, and vmss. At the same time, 300 will have a clear separation into 3 different parts (parallel processing, containers, vms).

    I see no reason to list here the services that you need to know since you need to know not only the services, but also how they are interconnected and when to use what. And also because the list is very long, and the full version is not even on the pages with exams description. The architect must know the subject broadly (and the developer deeply).

    I repeat once again: I recommend taking both exams and preparing for them in parallel .

    Azure DevOps on Azure Services

    AZ-400 Microsoft Azure DevOps Solutions is focused on a very wide range of issues. The exam requires, on the one hand, understanding processes and methodologies (work with work item, planning, etc.), and on the other, knowing how to manage project dependencies, how to collect code, publish, how to use external utilities for code analysis, how to get feedback from the user through tula, etc.

    Personal opinion
    Personally, I would make the exam look like AZ-30 * (divided into 2 parts: processes & practice / craft part of the work of devops) because it's like the difference between scrum master and devops engineers. But the authors know better.

    To obtain the Azure DevOps Engineer Expert Certificate , you must first obtain a certificate for either development or administration .

    • If you want certification specifically for Azure / Cloud, then everything is fine for you. I would recommend to hand over the AZ-203 first, as in it you will get an overview of some Azure services, and already in AZ-400 a whole section about Azure Kubernetes Services, Azure Container Registry, ARM, Azure CLI in the context of publication.
    • Well, if you want to give an exam, but publish not in Azure , then you still have to familiarize yourself with Azure . You still have no choice, because On December 31, 2018, Microsoft withdrew all 3 TFS exams and now either the Cloud version or nothing.

    Azure Security Engineer

    The Az-500 is an exam that came out in April 2019 and it follows that Microsoft does certifications and exams that match the roles that can be on the Cloud.

    Some questions from az-102 related to Azure Active Directory Security such as just in time access, etc. migrated to it. On the other hand, things related to daily work with AAD appeared, for example: user management, creating OAuth applications, transferring subscriptions to another owner. And besides, setting up the collection of security logs (clicking the enable checkbox on many different servos) in Azure Monitor / Log Analytics.
    Personal opinion
    Because I have not yet gone to take this exam and there are no materials for preparation yet, there are a lot of questions for the exam.
    • According to the list of questions, a person should know which logs to include in which services. There are many services, and it is not clear at what level the services themselves need to know in order to understand what errors and security risks can get there. Just pressing a button is not a problem, but understanding what it protects from and understanding the data that it will give out is a completely different skill level.
    • There were a lot of claims to the AZ-400 (DevOps) that the engineer should know a lot, external to Azure sessions. The same will happen in Az-500. For example: "implement vulnerability management for containers". In Azure, the integration of ACR with Aqua should be implied. But Aqua is not an Azure product, it is an external service. Those. exam, already on external products.

    Data Platform Exams

    I can’t call myself a great specialist in data analysis and even more so in artificial intelligence, but my understanding of the difference in exams is as follows:

    • DP-100 Data Science Solutions - This exam describes no questions about Azure. This is rather a general, methodological exam.
    • DP-200 / DP-201 is about storing and processing data in Azure (Azure Data Solution). It includes both general and specific SQL Azure, CosmosDB, SQL DWH, etc.
    • AI-100 - here everything is more or less clear, because AI is not about storage or a large volume, but about analysis methods that are based on machine learning (not just - took a bunch of sources, cleaned, aggregated, merged into DWH)

    But this is only my understanding, as a person who is interested, but is not deep in the subject.

    Also popular now: