AZ-305 Overview — Format, What’s Tested & How to Prepare

Exam snapshot

• Exam: AZ-305 — Designing Microsoft Azure Infrastructure Solutions
• Role: Azure solutions architect (design + trade-offs, not day-to-day admin clicks)
• Format: mostly scenario-based multiple choice/multiple response, plus case sets and drag-and-drop
• Passing: scaled score 700 (0–1000)
• Prereq for the Expert cert: you typically need Azure Administrator Associate (AZ-104) as well (cert requirement, not a prerequisite to sit AZ-305)

How to use this hub: skim this page, then study the Syllabus objective-by-objective. Keep the Cheatsheet open for architecture pickers, and validate readiness with Practice under timed conditions.

Skills measured (by domain)

Microsoft’s published weighting (subject to change):

1. Design identity, governance, and monitoring solutions (25–30%)
2. Design data storage solutions (20–25%)
3. Design business continuity solutions (15–20%)
4. Design infrastructure solutions (30–35%)

What’s actually hard on AZ-305

• Competing requirements: “secure” vs “cheap” vs “global” vs “low-latency” vs “simple ops” (you must pick trade-offs explicitly).
• BCDR math and choices: RTO/RPO, zone vs region failures, active-active vs active-passive, and the operational cost of each.
• Identity + network intersections: private endpoints, conditional access, managed identities, and “who can access what” across tenants and networks.
• Service selection under nuance: SQL Database vs Managed Instance vs SQL on VM; AKS vs App Service vs Functions; Event Grid vs Event Hubs vs Service Bus.
• Governance at scale: landing-zone structure, policy initiatives, management groups/subscriptions, and cost allocation via tagging/budgets.

Readiness checklist (quick self-test)

• I can choose identity patterns (Entra ID, B2B, managed identities) and explain least-privilege authorization (RBAC/PIM/custom roles).
• I can design logging/monitoring (Azure Monitor + Log Analytics + diagnostic settings) and alerting for SLOs.
• I can pick the right data service (relational vs NoSQL vs blob/files) and design protection, scalability, and cost controls.
• I can translate RTO/RPO into a concrete backup/DR design per workload tier.
• I can design network connectivity (VPN/ExpressRoute, Private Link, DNS) and choose the right ingress/LB (Front Door vs App Gateway vs Load Balancer).
• I can propose a migration plan using Cloud Adoption Framework and Azure Migrate tooling.

Study plan (4–6 weeks, part-time)

Week 1 — Governance + Identity
Management groups/subscriptions, RBAC/PIM, policies/initiatives, Key Vault/managed identities.

Week 2 — Monitoring + Reliability basics
Azure Monitor & Log Analytics design, diagnostics routing, alert strategies, SLOs, Service Health.

Week 3 — Data services
Relational service choice and tiers, Cosmos DB patterns, storage redundancy, lifecycle, durability.

Week 4 — Infrastructure & networking
Compute decision-making (VM/AKS/App Service/Functions), hub-spoke/vWAN, Private Link, LB/routing.

Weeks 5–6 — BCDR + review
RTO/RPO design, DR patterns, runbooks/testing, then full practice mocks and remediation sprints.

Exam-day tactics

• Restate constraints first: availability target, compliance, latency, region scope, budget.
• Prefer simplest workable designs: managed services, fewer moving parts, automation-friendly.
• Eliminate unsafe answers: those that violate least privilege, expose private data, or ignore failure domains.
• Think in tiers: “critical” workloads get multi-zone/multi-region; others get simpler resilience.

Continue to the next step

• Objectives by domain: Syllabus →
• High-yield architecture pickers: Cheatsheet →
• Timed drills & mocks: Practice →