You dont have javascript enabled! Please enable it!

Passed AZ-304 Exam: Microsoft Azure Architect Design #MicrosoftLearn

9 Min. Read

In this article, I would share my experience and impressions to help you prepare and tackle the new AZ-304 – Microsoft Azure Architect Design exam successfully.


Microsoft is keeping evolving its learning programs to help you and your career keep pace with today’s demanding IT environments. The new updated role-based certifications will help you to keep pace with today’s business requirements. Microsoft Learning is constantly evolving its learning program to better offer what you need to skill up, prove your expertise to employers and peers, and get the recognition—and opportunities—you’ve earned.

In January 2020, Microsoft announced new updates to several Azure and Data certifications which were released in March 2020. The certifications that you earned are not changing, but the exams required to earn the certifications are changed.

CertificationOld ExamNew ExamExpected Release
Microsoft Certified: Azure Administrator Associate AZ-103AZ-104March, 2020
Microsoft Certified: Azure Developer AssociateAZ-203AZ-204February 20, 2020
Microsoft Certified: Azure Solutions ArchitectAZ-300 & AZ-301AZ-303 & AZ-304June, 2020

Last year, I passed the AZ-302 transition exam to earn the Microsoft Certified Azure Solutions Architect Expert. I decided to update my skills and take the new AZ-304 since Microsoft introduced a lot of new topics. I did the beta exam on August 10, 2020, and by the end of the exam, I received a message that the result won’t be available until two weeks after the exam’s live publication date. Additionally, you should receive the printed score report by email within eight weeks after the exam’s live publication date.

Please make sure to check how to prepare for the AZ-303 exam before you take the AZ-304 exam.

To get the Microsoft Certified: Azure Solutions Architect Expert certification, you are required to pass the AZ-303 Microsoft Azure Architect Technologies certification, and the AZ-304 Microsoft Azure Architect Design certification as shown in the learning path below:

Passed AZ-304 Exam: Microsoft Azure Architect Design #MicrosoftLearn 2

I am so happy and grateful now that I passed the AZ-304 exam – Microsoft Azure Architect Design. I figured that I would share my experience and impressions in this article to help you prepare and tackle this exam successfully.

During Ignite in September 2020, Microsoft released the AZ-304 for the public, and yesterday I received the result with Passing Score including the performance by exam section as follows:

Passed AZ-304 Exam: Microsoft Azure Architect Design #MicrosoftLearn 3

This will give you a detailed report to know in which area you need to develop your skills further, this will also reflect your strength which is obvious to me Design Business Continuity at 100% where my area of expertise ;)

In this exam, I got around 67 questions in total (58 multiple-choice questions and 2 case studies), and the total time for this exam is 180 minutes (3 hours) so you have enough time to finish it. However, Azure exams are getting tougher, and the AZ-304 is more difficult than the AZ-303 exam, so you need to prepare very well.

The questions do pretty much match the list of skills measured below.

Exam Profile Audience

This course is for IT Professionals with expertise in designing and implementing solutions running on Microsoft Azure. They should have a broad knowledge of IT operations, including networking, virtualization, identity, security, business continuity, disaster recovery, data platform, budgeting, and governance. Azure Solution Architects use the Azure Portal and as they become more adept they use the Command Line Interface.

The candidates for this exam must have intermediate-level skills in Azure administration and have experience with Azure development processes and DevOps processes.


Successful Azure Solution Architects start this role with experience in operating systems, virtualization, cloud infrastructure, storage structures, governance, and networking. You should have:

  • Understanding of on-premises virtualization technologies, including VMs, virtual networking, and virtual hard disks.
  • Understanding of network configuration, including TCP/IP, Domain Name System (DNS), virtual private networks (VPNs), firewalls, and encryption technologies.
  • Understanding of Active Directory concepts, including domains, forests, domain controllers, replication, and Kerberos protocol.
  • Understanding of resilience and disaster recovery, including backup and restore operations.

You should have a minimum of 12 months of hands-on experience with Azure, and a strong understanding of core Azure services, Azure workloads, security, monitoring, and governance. You should also have experience in using PowerShell, the Command Line Interface (CLI), Azure Portal, and ARM templates.

Skills measured on this exam

This exam measures your ability to accomplish the technical topics listed below based on the latest update from Microsoft.

Design Monitoring (10-15%)

Design for cost optimization

  • Recommend a solution for cost management and cost reporting
  • Recommend solutions to minimize costs

Design a solution for logging and monitoring

  • Determine levels and storage locations for logs
  • Plan for integration with monitoring tools including Azure Monitor and Azure Sentinel
  • Recommend appropriate monitoring tool(s) for a solution
  • Choose a mechanism for event routing and escalation
  • Recommend a logging solution for compliance requirements

Design Identity and Security (25-30%)

Design authentication

  • Recommend a solution for single sign-on
  • Recommend a solution for authentication
  • Recommend a solution for Conditional Access, including multi-factor authentication
  • Recommend a solution for network access authentication
  • Recommend a solution for a hybrid identity including Azure AD Connect and Azure AD Connect Health
  • Recommend a solution for user self-service
  • Recommend and implement a solution for B2B integration

Design authorization

  • Choose an authorization approach
  • Recommend a hierarchical structure that includes management groups, subscriptions and resource groups
  • Recommend an access management solution including RBAC policies, access reviews, role assignments, physical access, Privileged Identity Management (PIM), Azure AD Identity Protection, Just In Time (JIT) VM access

Design governance

  • Recommend a strategy for tagging
  • Recommend a solution for using Azure Policy
  • Recommend a solution for using Azure Blueprint

Design security for applications

  • Recommend a solution that includes KeyVault
    • What can be stored in KeyVault
    • KeyVault operations
    • KeyVault regions
  • Recommend a solution that includes Azure AD Managed Identities
  • Recommend a solution for integrating applications into Azure AD

Design Data Storage (15-20%)

Design a solution for databases

  • Select an appropriate data platform based on requirements
  • Recommend database service tier sizing
  • Recommend a solution for database scalability
  • Recommend a solution for encrypting data at rest, data in transmission, and data in use

Design data integration

  • Recommend a data flow to meet business requirements
  • Recommend a solution for data integration, including Azure Data Factory, Azure Data Bricks, Azure Data Lake, Azure Synapse Analytics

Select an appropriate storage account

  • Choose between storage tiers
  • Recommend a storage access solution
  • Recommend storage management tools

Design Business Continuity (10-15%)

Design a solution for backup and recovery

  • Recommend a recovery solution for Azure hybrid and on-premises workloads that meet recovery objectives (RTO, RPO)
  • Design and Azure Site Recovery solution
    • recommend a site recovery replication policy
    • recommend a solution for site recovery capacity
    • recommend a solution for site failover and failback (planned/unplanned)
    • recommend a solution for the site recovery network
  • Recommend a solution for recovery in different regions
  • Recommend a solution for Azure Backup management
  • Design a solution for data archiving and retention
    • recommend storage types and methodology for data archiving
    • identify business compliance requirements for data archiving
    • identify requirements for data archiving
    • identify SLAs for data archiving
    • recommend a data retention policy

Design for high availability

  • Recommend a solution for application and workload redundancy, including compute, database, and storage
  • Recommend a solution for autoscaling
  • Identify resources that require high availability
  • Identify storage types for high availability
  • Recommend a solution for geo-redundancy of workloads

Design Infrastructure (25-30%)

Design a compute solution

  • Recommend a solution for compute provisioning
  • Determine appropriate compute technologies, including virtual machines, App Services, Service Fabric, Azure Functions, Windows Virtual Desktop, and containers
  • Recommend a solution for containers
    • AKS versus ACI and the configuration of each one
  • Recommend a solution for automating compute management

Design a network solution

  • Recommend a solution for network addressing and name resolution
  • Recommend a solution for network provisioning
  • Recommend a solution for network security
    • Private endpoints
    • Firewalls
    • Gateways
  • Recommend a solution for network connectivity to the Internet, on-premises networks, and other Azure virtual networks
  • Recommend a solution for automating network management
  • Recommend a solution for load balancing and traffic routing

Design an application architecture

  • Recommend a micro-services architecture including Event Grid, Event Hubs, Service Bus, Storage Queues, Logic Apps, Azure Functions, and webhooks
  • Recommend an orchestration solution for the deployment of applications including ARM templates, Logic Apps, or Azure Functions
    • select an automation method
    • choose which resources or life-cycle steps will be automated
    • design integration with other sources such as an ITSM solution
    • recommend a solution for monitoring automation
  • Recommend a solution for API integration
    • design an API gateway strategy
    • determine policies for internal and external consumption of APIs
    • recommend a hosting structure for API management
    • recommend when and how to use API Keys

Design migrations

  • Assess and interpret on-premises servers, data, and applications for migration
  • Recommend a solution for migrating applications and VMs
  • Recommend a solution for migration of databases
    • determine migration scope, including redundant, related, trivial, and outdated data

Lessons Learned

As announced by Microsoft Worldwide learning due to the pandemic situation, it appears they have suspended performance-based lab questions given their need to reserve Azure capacity for paying customers. So you better get your exams registered as soon as possible to take advantage of this situation. The biggest subjects areas that I saw on AZ-304 are identity, security, storage, and business continuity. So you need to prepare and be an expert on those subjects.

Overall, I think Microsoft Worldwide Learning is doing a good job of gradually shaping these exams to reflect real-world Azure practice scenarios. The AZ-304 objective domain is more logically organized now compare to the previous AZ-300 and AZ-301 exams.

Exam Preparation

Practice, practice, and read… I cannot stress enough that hands-on experience and understanding all the concepts will help you to pass this exam.

Microsoft Learn – Study Resources

To prepare for this exam, I use the new Microsoft Learn which is a great resource and provides self-paced skills training on a variety of Azure Architect topics. I highly recommend checking the following modules:

Microsoft Documentation – Study Resources

Links to relevant reading from the official Microsoft documentation for each skill tested in the AZ-304 exam are listed below to help you prepare:


Governance and Compliance

Azure Administration

Virtual Networking

Inter-site Connectivity

Network Traffic Management

Azure Storage

Azure Virtual Machines

Serverless Computing

Data Protection


Practice and Lab

The key success to pass this exam is to work with Microsoft Azure on daily basis. You can create your free Azure account today and start practicing the AZ-304 labs by following the step by step instructions below:

Instructor-led virtual training

If you prefer an instructor-led training course, Microsoft released the AZ-304T00-A course (4 days). This course teaches Azure Architect Design how to translate business requirements into secure, scalable, and reliable solutions. Lessons include design considerations related to logging, cost analysis, authentication and authorization, governance, security, storage, high availability, and migration. This role requires decisions in multiple areas that affect an overall design solution.

If you prefer to get prepare for this exam with Microsoft MCT instructor-led virtual training, you can get in contact with me here.

Skills gained

By preparing and passing the AZ-304 exam, you will gain the following skills:

  • Recommend solutions to minimize costs.
  • Recommend a solution for Conditional Access, including multi-factor authentication.
  • Recommend a solution for a hybrid identity including Azure AD Connect and Azure AD Connect.
  • Recommend a solution for using Azure Policy.
  • Recommend a solution that includes KeyVault.
  • Recommend a solution that includes Azure AD Managed Identities.
  • Recommend a storage access solution.
  • Design an Azure Site Recovery solution.
  • Recommend a solution for autoscaling.
  • Recommend a solution for containers.
  • Recommend a solution for network security.
  • Recommend a solution for migrating applications and VMs.
  • Recommend a solution for the migration of databases.


Bypassing the AZ-304 – Microsoft Azure Architect Design, and the AZ-303 – Microsoft Azure Architect Technologies, you will earn the Microsoft Azure Solutions Architect Expert certificate. The certification is valid only for 2 years.

Passed AZ-304 Exam: Microsoft Azure Architect Design #MicrosoftLearn 4

I hope you enjoyed my AZ-304 certification experience and exam preparation. Did I miss any link, or do you have any recommended AZ-304 Microsoft Azure Architect Design Certification exam study resources? Please let me know in the comment section below.

If you are planning to take this exam… I wish you all the best and Happy Studying!!!

Thank you for reading my blog.

If you have any questions or feedback, please leave a comment.

-Charbel Nemnom-

Photo of author
About the Author
Charbel Nemnom
Charbel Nemnom is a Senior Cloud Architect, Swiss Certified ICT Security Expert, Certified Cloud Security Professional (CCSP), Certified Information Security Manager (CISM), Microsoft Most Valuable Professional (MVP), and Microsoft Certified Trainer (MCT). He has over 20 years of broad IT experience serving on and guiding technical teams to optimize the performance of mission-critical enterprise systems with extensive practical knowledge of complex systems build, network design, business continuity, and cloud security.

Related Posts


Passed AZ-303 Exam: Microsoft Azure Architect Technologies #MicrosoftLearn

Azure Active Directory Free Webinar


5 thoughts on “Passed AZ-304 Exam: Microsoft Azure Architect Design #MicrosoftLearn”

Leave a comment...

  1. Hi Charbel,
    Thank you very much for sharing your experiene and suggestions.
    I have booked my exam date for Az-304 in Oct 2021. I don’t have any hands on experience in Azure, Also I didn’t give Az-303 exam. But it is ok to give the AZ-304 directly? Please suggest how to proceed. How much time do you think is need to prepare for the exam.?

  2. Hello Charan, thanks for your comment. To be honest, I don’t recommend going on that path, especially that you don’t have any hands-on experience in Azure. That does not mean that you need a lot of hands-on experience. I recommend you to study and sit first for the AZ-104 exam and then jump to AZ-304 or AZ-303 exam. In between, you can’t become an Azure Architect without passing the AZ-104 exam first. Here is the study guide for the AZ-104 exam. In regards to time, October 2021 is fair if you dedicated at least 1 or 2 hours per day of study starting today. Looking forward to hearing back from you when you pass the exam. Good Luck!

  3. Hi Charbel,
    I am planning to take my exam next month, I have been working as Solution Architect where I use Azure services to design my solution. However, I am not an infrastructure solution architect. I have around one year of experience working with Azure service but not hands-on. I recently passed Azure Fundamentals as well. How many hours of study is required to clear this exam?

  4. Hello Yogesh, thanks for the comment and the interest in preparing and passing the Azure Solution Architect exam.
    Did you study and pass the AZ-303 exam first? Here is my study guide for the AZ-303 exam. I highly recommend starting with the AZ-303 then the AZ-304 exam. The AZ-304 is more difficult than the AZ-303 exam, so you need to prepare very well.
    If you dedicate 1.5 to 2 hours per day (daily) for the next 3 months, you should be well prepared and sit for the AZ-303/AZ-304 exams.
    Good luck and let me know if you pass. Thanks!

Let me know what you think, or ask a question...

error: Alert: The content of this website is copyrighted from being plagiarized! You can copy from the 'Code Blocks' in 'Black' by selecting the Code. Thank You!