Key AZ-305 terms in plain English. This exam is about design judgement, so understanding what each concept is for - and the trade-off it represents - matters more than memorising definitions.
| Term | Definition |
|---|---|
| Solutions Architect Expert | The expert-level Azure credential earned by passing AZ-305, certifying you can design Azure solutions. |
| Microsoft Entra | Azure’s identity and access service (formerly Azure Active Directory) for authenticating users and applications. |
| Conditional access | A policy feature in Microsoft Entra that grants or blocks access based on signals such as user, device, location and risk. |
| Hybrid identity | An identity model that connects on-premises Active Directory with Microsoft Entra so users have one identity across both. |
| Azure Policy | A governance service that enforces rules on resources, such as allowed regions or required tags, to keep deployments compliant. |
| RBAC | Role-Based Access Control: granting permissions by assigning roles to users, groups or identities at a defined scope. |
| Management group | A container above subscriptions used to apply governance, policy and access across many subscriptions at once. |
| Subscription | A billing and management boundary in Azure that groups resources and applies limits and policies. |
| Hub-and-spoke | A network topology with a central hub VNet for shared services and peered spoke VNets for workloads. |
| Private endpoint | A network interface that connects privately to an Azure service over the Microsoft backbone, avoiding the public internet. |
| Azure Migrate | A service for assessing and migrating on-premises servers, databases and apps to Azure. |
| Availability zone | A physically separate location within an Azure region, used to design for high availability against datacentre failure. |
| Region pair | Two linked Azure regions used together for resilience and disaster recovery. |
| Azure SQL Database | A managed relational database service for cloud-native applications. |
| SQL Managed Instance | A managed SQL service offering near-full SQL Server compatibility for lift-and-shift migrations. |
| Cosmos DB | A globally distributed, multi-model NoSQL database with tunable consistency. |
| Azure Backup | A service for backing up and restoring Azure (and on-premises) data and workloads. |
| Azure Site Recovery | A disaster-recovery service that replicates workloads to another region and orchestrates failover. |
| RTO | Recovery Time Objective: the maximum acceptable time to restore a system after an outage. |
| RPO | Recovery Point Objective: the maximum acceptable amount of data loss, expressed as the age of the last recoverable data. |
| High availability | Designing a system to keep running despite component failures, typically with redundancy across zones or regions. |
| Disaster recovery | The plan and tooling to restore service in another location after a major outage. |
| Well-Architected Framework | Microsoft’s set of design principles (reliability, security, cost, operational excellence, performance) for evaluating architectures. |
| Landing zone | A pre-configured, governed Azure environment that provides a secure, scalable foundation for workloads. |