Why This Cheat Sheet Matters for AZ-305
This cheat sheet covers the most important Azure Networking concepts tested on the AZ-305 (Azure Solutions Architect Expert) certification exam. It contains 2 sections with 8 key points that you should memorize before exam day. Design network architectures including hub-spoke, Virtual WAN, private connectivity, and network security. Use this as a quick-reference guide during your final review sessions.
Network Topologies
- Hub-spoke: central hub VNet with shared services; spokes for workloads.
- Virtual WAN: Microsoft-managed hub for large-scale branch and VNet connectivity.
- ExpressRoute for private, high-bandwidth, low-latency connections.
- VPN Gateway for encrypted cross-premises connectivity over the internet.
Network Security
- Azure Firewall: centralized, stateful firewall with threat intelligence.
- Application Gateway + WAF for Layer 7 protection of web apps.
- Private Link/Private Endpoint: access PaaS services over private IP.
- DDoS Protection Standard for volumetric attack mitigation.
Practice Networking Questions
Put your knowledge to the test with practice questions.
Azure Quick Reference Tips
Azure services follow consistent naming patterns that help with exam recall. Resource Manager (ARM) templates use JSON, while Bicep provides a cleaner DSL for infrastructure as code. Remember that Azure resources are organised in a hierarchy: Management Groups → Subscriptions → Resource Groups → Resources.