NICF - MICROSOFT AZURE ARCHITECT DESIGN (SF)

NICF - MICROSOFT AZURE ARCHITECT DESIGN (SF)

Funded
Course Duration
32.0 hr(s)
Mode of Assessment

Participants will be required to complete a web-based assessment during class. 

Who Should Attend

This course is for IT Professionals with expertise in designing and implementing solutions running on Microsoft Azure. They should have broad knowledge of IT operations, including networking, virtualization, identity, security, business continuity, disaster recovery, data platform, budgeting, and governance. Azure Solution Architects use the Azure Portal and as they become more adept they use the Command Line Interface. Candidates must have expert-level skills in Azure administration and have experience with Azure development processes and DevOps processes.

Course Overview

NTUC LearningHub Course Code: NICF041

Microsoft Course Code: AZ-304T00-A

TPGateway Course Code: TGS-2019503195 (F2F)

 

This course is for IT Professionals with expertise in designing and implementing solutions running on Microsoft Azure. They should have broad knowledge of IT operations, including networking, virtualization, identity, security, business continuity, disaster recovery, data platform, budgeting, and governance. Azure Solution Architects use the Azure Portal and as they become more adept they use the Command Line Interface. Candidates must have expert-level skills in Azure administration and have experience with Azure development processes and DevOps processes.

Participants will learn to:

  • Manage security and identity within the context of Azure, multiple SaaS services available in Azure for integration into existing Azure solutions.
  • Compare and contrast various database options on Azure, identify data streaming options for large-scale data ingest, and identify longer-term data storage options.
  • Deploy an ARM template to a resource group, author a complex deployment using the Azure Building Blocks tools and integrate an API or Logic App with the API Management service.
  • Describe DNS and IP strategies for VNETs in Azure, compare connectivity options for ad-hoc and hybrid connectivity, distribute network traffic across multiple loads using load balancers, and design a hybrid connectivity scenario between cloud and on-premise.

Next available schedule

Course Objectives

After completing this course, students will be able to:

  • Integrate their existing solutions with external identity providers using Azure AD B2B or B2C
  • Design a hybrid identity solution
  • Determine when to use advanced features of Azure AD such as Managed Service Identity, MFA and Privileged Identity Management
  • Secure application secrets using Key Vault
  • Secure application data using SQL Database and Azure Storage features
  • Detail the various APIs available in Cognitive Services
  • Identify when to use the Face API, Speech API or Language Understanding (LUIS) service
  • Describe the relationship to Bot Framework and Azure Bot Services
  • Determine the ideal pricing option for Azure Storage based on a solutions requirements
  • Identify performance thresholds for the Azure Storage service
  • Determine the type of Storage blobs to use for specific solution components
  • Use the Azure Files service for SMB operations
  • Identify solutions that could benefit from the use of StorSimple physical or virtual devices
  • Compare and contrast monitoring services for applications, the Azure platform, and networking
  • Design an alert scheme for a solution hosted in Azure
  • Select the appropriate backup option for infrastructure and data hosted in Azure
  • Automate the deployment of future resources for backup recovery or scaling purposes.
  • Create a resource group
  • Add resources to a resource group
  • Deploy an ARM template to a resource group Integrate an API or Logic App with the API Management service
  • Design an App Service Plan or multi-region deployment for high performance and scale
  • Integrate an API or Logic App with the API Management service
  • Design an App Service Plan or multi-region deployment for high performance and scale
  • Describe various patterns pulled from the Cloud Design Patterns
  • Distribute network traffic across multiple loads using load balancers
  • Design a hybrid connectivity scenario between cloud and on-premise
  • Design an availability set for one or more virtual machines
  • Describe the differences between fault and update domains
  • Author a VM Scale Set ARM template

Pre-requisites

Successful Azure Architects begin this role with experience on operating systems, virtualization, cloud infrastructure, storage structures, networking, applications and databases.

  • Understanding of on-premises virtualization technologies, including: VMs, virtual networking, and virtual hard disks.
  • Understanding of network configuration, including TCP/IP, Domain Name System (DNS), virtual private networks (VPNs), firewalls, and encryption technologies.
  • Understanding of Active Directory concepts, including domains, forests, domain controllers, replication, Kerberos protocol, and Lightweight Directory Access Protocol (LDAP).
  • Understanding of resilience and disaster recovery, including backup and restore operations.
  • Understanding of Applications development and APIs.
  • Understanding of Databases, both SQL such as MS SQL, MySQL or Postgres, and Non-SQL databases like MongoDB.
  • Understanding of decoupling Applications and services, for example, Queues, tables, Cache.
  • Understanding of Security concepts to protect your environment, like encryption at rest, encryption in transit, SSL, TLS.

This course will be conducted as a Virtual Live Class (VLC) via Zoom platform.  Participants must have a laptop or a desktop with “Zoom Client for Meetings” installed.  This can be downloaded from https://zoom.us/download

Minimum Specs

Recommended Specs

Processor / CPU

1.6 GHz or faster, 2-core Intel Core i3 or equivalent

1.8 GHz, 2-core Intel Core i3 or equivalent

Memory

4 GB RAM

8 GB RAM

Hard Disk

10 GB available storage space

Display

1280 x 768 screen resolution

Graphics

2GB Graphics Card

Others

  • Internet Connection: Wired or Wireless broadband (min 10 mbps)
  • Speakers and Microphone: built-in or USB plug-in or wireless Bluetooth
  • Webcam: built-in or USB plug-in

Software

  • Zoom

Course Outline

Module 1: Managing Security & Identity for Azure Solutions

This module discusses both security and identity within the context of Azure. For security, this module reviews the various options for monitoring security, the options available for securing data and the options for securing application secrets. For identity, this module focuses specifically on Azure Active Directory (Azure AD) and the various features available such as Multi-Factor Authentication (MFA), Managed Service Identity, Azure AD Connect, ADFS and Azure AD B2B/B2C.

Lab: Securing Secrets in Azure

After completing this module, students will be able to:

  • Integrate their existing solutions with external identity providers using Azure AD B2B or B2C
  • Design a hybrid identity solution
  • Determine when to use advanced features of Azure AD such as Managed Service Identity, MFA and Privileged Identity Management
  • Secure application secrets using Key Vault
  • Secure application data using SQL Database and Azure Storage features

Module 2: Integrating SaaS Services Available on the Azure Platform

This module introduces multiple SaaS services available in Azure that are available for integration into existing Azure solutions. These services include Cognitive Services, Bot Service, Machine Learning and Media Services.

Lab: Deploying Service Instances as Components of Overall Azure Solutions

After completing this module, students will be able to:

  • Detail the various APIs available in Cognitive Services
  • Identify when to use the Face API, Speech API or Language Understanding (LUIS) service

Module 3: Backing Azure Solutions with Azure Storage

This module describes how many Azure services use the Azure Storage service as a backing store for other application solution in Azure. The module dives into critical considerations when using Azure Storage as a supplemental service for an all-up Azure solution.

After completing this module, students will be able to:

  • Determine the ideal pricing option for Azure Storage based on a solutions requirements
  • Identify performance thresholds for the Azure Storage service
  • Determine the type of Storage blobs to use for specific solution components
  • Use the Azure Files service for SMB operations
  • Identify solutions that could benefit from the use of StorSimple physical or virtual devices

Module 4: Comparing Database Options in Azure

This module compares the various relational and non-relational data storage options available in Azure. Options are explored as groups such as relational databases (Azure SQL Database, MySQL, and PostgreSQL on Azure), non-relational (Azure Cosmos DB, Storage Tables), streaming (Stream Analytics) and storage (Data Factory, Data Warehouse, Data Lake).

Lab: Deploying Database Instances in Azure

After completing this module, students will be able to:

  • Compare and contrast monitoring services for applications, the Azure platform, and networking
  • Identify data streaming options for large-scale data ingest
  • Identify longer-term data storage options

Module 5: Monitoring & Automating Azure Solutions

This module covers the monitoring and automation solutions available after an Azure solution has been architected, designed and possibly deployed. The module reviews services that are used to monitor individual applications, the Azure platform, and networked components. This module also covers automation and backup options to enable business-continuity scenarios for solutions hosted in Azure.

Lab: Deploying Configuration Management Solutions to Azure

After completing this module, students will be able to:

  • Compare and contrast monitoring services for applications, the Azure platform, and networking
  • Design an alert scheme for a solution hosted in Azure
  • Select the appropriate backup option for infrastructure and data hosted in Azure. Automate the deployment of future resources for backup recovery or scaling purposes

Module 6: Deploying Resources with Azure Resource Manager

This module establishes a basic understanding of Azure Resource Manager and the core concepts of deployments, resources, templates, resource groups, and tags. The module will dive deeply into the automated deployment of resources using ARM templates.

Lab: Deploying Resources with Azure Resource Manager

After completing this module, students will be able to:

  • Create a resource group
  • Add resources to a resource group
  • Deploy an ARM template to a resource group
  • Filter resources using tags
  • Author a complex deployment using the Azure Building Blocks tools

Module 7: Creating Managed Server Applications in Azure

This module describes how solutions can leverage serverless application hosting services in Azure to host web applications, REST APIs, integration workflows and HPC workloads without the requirement to manage specific server resources. The module focuses on App Services-related components such as Web Apps, API Apps, Mobile Apps, Logic Apps, and Functions.

Lab: Deploying Managed Containerized Workloads to Azure

After completing this module, students will be able to:

  • Select between hosting application code or containers in an App Service instance
  • Describe the differences between API, Mobile, and Web Apps
  • Integrate an API or Logic App with the API Management service
  • Design an App Service Plan or multi-region deployment for high performance and scale

Module 8: Authoring Serverless Applications in Azure

This module describes how solutions can leverage serverless application hosting services in Azure to host web applications, REST APIs, integration workflows and HPC workloads without the requirement to manage specific server resources. The module focuses on App Services-related components such as Web Apps, API Apps, Mobile Apps, Logic Apps, and Functions.

Lab: Deploying Serverless Workloads to Azure

After completing this module, students will be able to:

  • Select between hosting application code or containers in an App Service instance
  • Describe the differences between API, Mobile, and Web Apps
  • Integrate an API or Logic App with the API Management service
  • Design an App Service Plan or multi-region deployment for high performance and scale

Module 9: Application Architecture Patterns in Azure

This module introduces, and reviews common Azure patterns and architectures as prescribed by the Microsoft Patterns & Practices team. Each pattern is grouped into performance, resiliency, and scalability categories and described in the context of similar patterns within the category.

After completing this module, students will be able to:

  • Locate and reference the Cloud Design Patterns documentation
  • Locate and reference the Azure Architecture Center
  • Describe various patterns pulled from the Cloud Design Patterns

Module 10: Building Azure IaaS-Based Server Applications (ADSK)

This module identifies workloads that are ideally deployed using Infrastructure-as-a-Service services in Azure. The module focuses on the VM Scale Sets and Virtual Machine services in Azure and how to best deploy workloads to these services using best practices and features such as Availability Sets.

Lab: Building Azure IaaS-Based Server Applications

After completing this module, students will be able to:

  • Design an availability set for one or more virtual machines
  • Describe the differences between fault and update domains
  • Author a VM Scale Set ARM template
  • Join a virtualized machine to a domain either in Azure or on a hybrid network

Module 11: Networking Azure Application Components

This module describes the various networking and connectivity options available for solutions deployed on Azure. The module explores connectivity options ranging from ad-hoc connections to long-term hybrid connectivity scenarios. The module also discusses some of the performance and security concerns related to balancing workloads across multiple compute instances, connecting on-premise infrastructure to the cloud and creating gateways for on-premise data.

Lab: Deploying Network Infrastructure for Use in Azure Solutions

After completing this module, students will be able to:

  • Describe DNS and IP strategies for VNETs in Azure
  • Compare connectivity options for ad-hoc and hybrid connectivity
  • Distribute network traffic across multiple loads using load balancers
  • Design a hybrid connectivity scenario between cloud and on-premise

Module 12: Integrating Azure Solution Components Using Messaging Services

This module describes and compares the integration and messaging services available for solutions hosted on the Azure platform. Messaging services described include Azure Storage Queues, Service Bus Queues, Service Bus Relay, IoT Hubs, Event Hubs, and Notification Hubs. Integration services include Azure Functions and Logic Apps.

Lab: Integrating Azure Solution Components using Messaging Services

After completing this module, students will be able to:

  • Compare Storage Queues to Service Bus Queues
  • Identify when to use Azure Functions or Logic Apps for integration components in a solution
  • Describe the differences between IoT Hubs, Event Hubs and Time Series Insights

Certificate Obtained and Conferred by

  • Certificate of Completion from Microsoft

Upon meeting at least 75% attendance and passing the assessment(s), participants will receive Certificate of Completion from Microsoft/NTUC LearningHub.

  • Statement of Attainment from SkillsFuture Singapore (SSG)

Upon meeting at least 75% attendance and passing the assessment(s), Statement of Attainment (SOAs) will be issued by SkillsFuture Singapore (SSG) to certify that the participant has achieved the following Competency Standard(s):

    • Security Architecture (ICT-DES-3004-1.1)

  • External Certification Exam

Upon passing Exam AZ-303 and AZ-304, participant will receive Microsoft Certified: Azure Solutions Architect Expert certification from Microsoft

Additional Details

Medium of Instruction: English

Trainer:Trainee Ratio is 1:16

Mode of Delivery: Virtual Live Class (VLC) via Zoom

As this is a government subsidised programme, the entire training programme will be video recorded for audit purposes by the relevant funding agency. To ascertain their presence, Trainees / Participants are required to

  • Turn on web camera to show real-time video, as opposed to using a profile picture / video for the entirety of the training and assessment session.
  • Ensure that their faces are fully visible (not just the forehead / eyebrows)
  • Use their full name as per NRIC / Passport as their Screen Name on Zoom

Courseware: Microsoft Official Curriculum

Labs: Microsoft Virtual Labs

Price

Course Fee: $2,400.00 before GST / $2,568.00 with GST

For Classes commencing until 31st Dec 2021

Individual Sponsored

Company Sponsored

Non-SME

SME

Before GST

With GST

Before GST

With GST

Before GST

With GST

Full Course Fee (For International Students)

$2,400.00

$2,568.00

$2,400.00

$2,568.00

$2,400.00

$2,568.00

Promo Course Fee (valid until 31 Dec 2021 by class start date)

$1,812.15

$1,939.00

$1,812.15

$1,939,00

$1,812.15

$1,939.00

For Singapore Citizens and PRs
(after 50% funding capped at $15/hr)

$1,332.15

$1,459.00

$1,332.15

$1,459.00

$212.15

$339.00

For Singapore Citizens aged 40 years and above
(after 90% funding capped at $50/hr)

$212.15

$339.00

$212.15

$339.00

$212.15

$339.00

For Classes commencing on or after 1st Jan 2022

Individual Sponsored

Company Sponsored

Non-SME

SME

Before GST

With GST

Before GST

With GST

Before GST

With GST

For International Students (Full Course Fee)

$750.00

$802.50

$750.00

$802.50

$750.00

$802.50

For Singapore Citizens and PRs
(after 50% funding)

$375.00

$427.50

$375.00

$427.50

*$225.00

*$277.50

For Singapore Citizens aged 40 years and above
(after 70% funding)

$225.00

$277.50

$225.00

$277.50

$225.00

$277.50

*After 70% ­­­­funding for SME-sponsored Singaporeans and PRs under Enhanced Training Support for SMEs (ETSS) scheme

Funding Eligibility Criteria:

Individual Sponsored Trainee

Company Sponsored Trainee

  • Singapore Citizens or Singapore Permanent Residents
  • Trainee must achieve at least 75% attendance
  • Trainee must pass all prescribed tests / assessments, and attain 100% competency
  • NTUC LearningHub reserves the right to claw back the funded amount from trainee if he/she did not meet the eligibility criteria
  • Singapore Citizens or Singapore Permanent Residents
  • Trainee must achieve at least 75% attendance
  • Trainee must pass all prescribed tests / assessments, and attain 100% competency
  • NTUC LearningHub reserves the right to claw back the funded amount from the employer if trainee did not meet the eligibility criteria

Remarks:

Individual Sponsored Trainee

Company Sponsored Trainee

SkillsFuture Credit:

  • Eligible Singapore Citizens can use their SkillsFuture Credit to offset course fee payable after funding

PSEA:

  • Eligible Singapore Citizens can use their Post-Secondary Education Account (PSEA) funds to offset course fee payable after funding

UTAP:

  • NTUC Members can enjoy up to 50% funding (capped at $250 per year) under Union Training Assistance Programme (UTAP)

Absentee Payroll (AP) Funding:

  • $4.50 per hour, capped at $100,000 per enterprise per calendar year
  • AP funding will be computed based on the actual number of training hours attended by the trainee
  • Note: Courses / Modules under Professional Conversion Programme (PCP) will not be eligible for AP funding claim.

Terms and conditions apply. NTUC LearningHub reserve the right to make changes or improvements to any of the products described in this document without prior notice.

Prices are subject to other LHUB miscellaneous fees

What Others Also Enrolled In