This is a new certification track introduced by Microsoft for the Azure Networking space. Once AZ 700 exam is cleared, you can gain a “Microsoft Certified: Azure Network Engineer Associate” certificate.
In this blog, I will take you through the exam content and also share my experience in participating in the Beta Program of this AZ 700 exam.
What is Beta Exam?
When an exam comes to market for the first time, in order to validate the quality of the exam, approximately 400 candidates will be taking the exam prior to the exam goes live. If you are one among the 400 participants, then you are taking this exam as Beta. There are a couple of perks that come along with taking the exam when it is in the Beta stage. You can get up to an 80% discount on taking this exam when it is in the Beta stage. But the results of the examination will not be published soon after the exam. You will need to wait 10 days post the exam is live to get your score. Watch this announcement blob for any new Beta exams. If you take the exam with an 80% discount and once rescoring is done, you will receive another 25% discount on your next exam. This 25% discount will be sent to the registered email address. When your exam is in the Beta stage, you will not have any materials to prepare and if you pass you will earn a certification.
Exam Details:
You will have to answer 59 objective type questions in a span of 150 minutes. You will have 40+ objective-based questions and once that is completed, you will have 2 to 3 case studies. You will not be able to go back and review after each case study. In the case study, there will be a requirement section, architecture section, VNET implementation section. Go through the architecture and requirements first before reading the questions.
Az-700 Skill Measure:
- Design, Implement and Manage Hybrid Networking (10% to 15%)
- Design and Implement Core Networking Infrastructure (20% to 25%)
- Design and Implement Routing (25% to 30%)
- Secure and Monitor Networks (15% to 20%)
- Design and Implement Private Access to Azure Services (10% to 15%)
1. Design, Implement and Manage Hybrid Networking (10% to 15%)
This section contains 3 sub-divisions.
- Design, Implement, manage a Site to Site connection
- Design, Implement, manage a point to Site connection
- Design, Implement, manage an Express Route
As a part of this section, you need to concentrate on the design aspect for which you need to know the SKU details of VPN, Express route gateways and also SKU details of the Circuit. When it comes to Point to Site, make sure you prepare the different types of protocol available and different types of authentications available. Reading through the troubleshooting doc of Point to Site will come in handy. Also read through the multi-site VPN configurations, routing of P2S with it comes to Windows users vs other users.
2. Design and Implement Core Networking Infrastructure (20% to 25%)
This section has 4 sub-divisions.
- Design and implement private IP addressing for VNets
- Design and implement name resolution
- Design and implement cross-VNet connectivity
- Design and implement an Azure Virtual WAN architecture
To crack this section, understand the VNET services like Service endpoints, VNET integrated platforms, DNS – private and public, VNET peering, and finally read through the vWAN SKUs and services. When it comes to DNS, make sure you understand the VNET linking, auto-registration feature.
3. Design and Implement Routing (25–30%)
This section has 6 sub-divisions.
- Design, implement and manage VNet routing
- Design and implement an Azure Load Balancer
- Design and implement Azure Application Gateway
- Implement Azure Front Door
- Implement an Azure Traffic Manager profile
- Design and implement an Azure Virtual Network NAT
This section is very important as it covers up to 30% of your exam questions. Understanding of Routing preferences like UDR, System routes, BGP, VPN route, Express Route routes, etc and see which route takes precedence. Learn about Load balancer SKUs, Application gateway and load balancer’s components and uses. Azure Front door’s components, custom domain validations, finally traffic manager’s routing methods. Also read through the advantage of using Virtual Network Nat and how it helps in reducing the SNAT port exhaustion issue.
4. Secure and Monitor Networks (15–20%)
This section has 4 sub-divisions.
- Design, implement and manage an Azure Firewall deployment
- Implement and manage network security groups (NSGs)
- Implement a Web Application Firewall (WAF) deployment
- Monitor networks
Azure Firewall is a security device in Azure and you need to know how to deploy this Firewall and configure the DNAT, Network rule, Application Rule in the Firewall and also how to send traffic from VM to Firewall using Route table. The next important section is Network Security Rules. In the case study, you can see questions related to Network Security Groups as you need to map with the requirement and answer the questions. With the Web Application Firewall, you need to know about how to create a WAF policy, apply rules. What are managed rules and custom rules?
5. Design and Implement Private Access to Azure Services (10–15%)
In this section we have 3 sub-divisions:
- Design and implement Azure Private Link service and Azure Private Endpoint
- Design and implement service endpoints
- Configure VNet integration for a dedicated platform as a service (PaaS) services
In this section you need to learn about VNET integration of Web App – there are 2 integrations, one is via a gateway and the other is via Service Endpoints. Learn about Private Endpoint and Service Endpoints implementation and limitations. Note that Service Endpoints can be used to connect to PAAS service from the VNET which is in the same region.
Hope this information is useful. Try to participate in the Beta program if avail 80% discount after preparing yourself for the exam.
All the best!