AZ-305 is a design exam, not a configuration exam. It does not ask whether you can click through the Azure portal to create a resource; it asks whether you can choose the right architecture when a scenario gives you requirements and constraints. That is the whole game. Across infrastructure, identity and governance, data, and business continuity, the questions hand you a situation - a budget, a security rule, an availability target, a performance need - and several designs that could work, and your task is to pick the one that meets the stated requirements rather than the one with the most features. This guide is a full, self-study course. It walks through each design area in depth, explains the Azure services and the trade-offs they represent, drills the case-study technique of reading for the binding constraint, and then turns all of it into a study plan and a final-preparation routine. It is original teaching material only, with no real or simulated exam questions, and you should confirm the current skills-measured list and format against Microsoft Learn before you book.
Chapter 1: Exam overview and how to use this guide
What AZ-305 measures
AZ-305 measures architectural judgement on Azure: the ability to translate business requirements into a design that balances cost, security, reliability, and performance. Passing it earns the Azure Solutions Architect Expert credential. The defining characteristic, and the thing your whole preparation should orient around, is that there is rarely a single “correct” service and often several that would function - the exam is testing whether you choose the one that fits the requirements the scenario set. A design that is more secure, more available, or more powerful than the requirement asks, at greater cost or complexity, is wrong here just as surely as one that falls short, because it fails to fit.
This is why the exam assumes real experience rather than book knowledge. It expects AZ-104-level administrator knowledge and genuine hands-on time, even though there is no longer a formal prerequisite, because you cannot reliably weigh Azure trade-offs you have never met in practice. The questions read like the decisions a working architect makes, and they reward the instincts that come from having designed and operated real Azure environments.
The shape of the exam, including case studies
The exam runs about 40 to 60 questions in roughly 120 minutes, with a pass mark of 700 / 1000 on Microsoft’s scaled scoring, so it is not a simple percentage of questions correct. The format mixes standard multiple-choice and multiple-response questions with case studies: a case study presents a detailed scenario - an organisation, its current estate, its requirements and constraints - followed by several questions that all draw on that same context. Case studies reward careful reading and punish skimming, because the right design for one requirement depends on details stated elsewhere in the scenario. Confirm the current question count, time, and format on Microsoft Learn, since Microsoft updates exams periodically.
The four design areas and their weights
Microsoft organises the exam into four design areas. The current official weight ranges (skills measured as of April 2026) are:
- Design infrastructure solutions (30-35%) - the heaviest. Compute, application architecture, migrations, and network solutions, designed for scale and resilience.
- Design identity, governance, and monitoring solutions (25-30%) - logging and monitoring, authentication and authorisation, and governance across management groups, subscriptions, and compliance.
- Design data storage solutions (20-25%) - relational, semi-structured, and unstructured data storage, plus data integration.
- Design business continuity solutions (15-20%) - backup and disaster recovery, and high availability.
Infrastructure is the largest area and deserves the most study, identity and governance is close behind and underpins every other design, and data and business continuity are smaller but test specific, high-value judgement. Because these are ranges rather than fixed percentages, treat them as a guide to emphasis and confirm the live numbers on Microsoft Learn before you book.
How to use this course
Read the chapters in order once. The infrastructure and identity/governance chapters establish the foundation - compute, networking, and the governance model - that the data and business-continuity chapters then build on, and the case-study technique chapter ties the reasoning together. The final chapters turn the content into a schedule, a final-preparation routine, and a description of exam day. Worked examples appear where a design trade-off is easy to misjudge; none are exam questions, they are teaching illustrations of how an architect reasons from a requirement to a design.
Chapter 2: Design infrastructure solutions (30-35%)
This is the largest area, covering compute, application architecture, migration, and networking. It is where the most marks live, so it warrants the most study, and its theme is choosing the platform and topology that fit a workload rather than reaching for a default.
What it is, and the compute and application choices
Infrastructure design starts with compute, and the exam expects you to choose between the models on the merits of the workload. Virtual machines give the most control and suit lift-and-shift or specialised software. Azure App Service is a managed platform for web applications, removing server management. Azure Kubernetes Service (AKS) runs containers at scale when you need orchestration. Azure Functions is serverless, billed per execution, and suits event-driven or intermittent work. The decision turns on how much control you need, how the workload scales, and how much operational burden you want to carry.
Application architecture is the second pillar: how the pieces of a solution communicate. The exam covers messaging and event-driven designs - decoupling components with queues and events through services like Azure Service Bus and Event Grid - along with API integration, caching for read-heavy applications, configuration management, and automated deployment. Networking is the third: virtual networks (VNets) and how they connect through peering, the hub-and-spoke topology for shared services, private endpoints for reaching Azure services over the Microsoft backbone instead of the public internet, and load-balancing and routing choices. Migration rounds it out, framed by Microsoft’s Cloud Adoption Framework: assessing on-premises servers, data, and applications with Azure Migrate and choosing whether to move them as-is (to infrastructure as a service) or modernise them onto managed platforms.
Why it matters
This area matters because the infrastructure choices set the cost, performance, and operational shape of everything above them, and getting them wrong is expensive to undo. The exam weights it most heavily because choosing the right compute model and network topology for a requirement is the most consequential architecture decision an Azure architect makes, and the one where over- or under-engineering does the most damage.
How to study it
Practise matching a workload description to a compute model and a network design. “Event-driven, runs occasionally, pay only when used” points to Functions; “managed web app without server upkeep” points to App Service; “containers needing orchestration and scale” points to AKS; “full OS control or legacy software” points to virtual machines. For networking, get the hub-and-spoke model and private endpoints clear, because they recur. As a teaching example: if a scenario needs an internal application to reach an Azure storage account without traffic traversing the public internet, the design answer is a private endpoint, which connects to the service privately over the Microsoft backbone, rather than opening a public path and trying to restrict it.
Common pitfalls
The first trap is defaulting to virtual machines out of familiarity when a managed or serverless platform would better fit the requirement for lower operational overhead. The second is under-reading the network requirement - missing that “no public internet exposure” calls for private endpoints, or that many workloads sharing services call for hub-and-spoke. The third is treating migration as a single lift-and-shift when the scenario’s emphasis on reducing long-term operational cost actually points to modernising onto managed services.
Chapter 3: Design identity, governance, and monitoring solutions (25-30%)
This area frames every other design, which is why it sits second by weight and why neglecting it costs marks across the whole exam. It covers who can access what, how an organisation keeps its Azure estate compliant and controlled, and how it sees what is happening.
What it is, and the identity and governance building blocks
Identity centres on Microsoft Entra (formerly Azure Active Directory), Azure’s identity and access service for authenticating users and applications. The exam expects you to recommend authentication and authorisation designs: conditional access policies that grant or block access based on signals such as user, device, location, and risk; hybrid identity that connects on-premises Active Directory with Entra so users have one identity across both; and solutions for managing secrets, certificates, and keys, typically through Azure Key Vault. Authorisation to Azure resources is governed by role-based access control (RBAC), granting permissions by assigning roles at a defined scope.
Governance is how an organisation keeps control as it grows. Management groups sit above subscriptions and let you apply policy and access across many subscriptions at once. Azure Policy enforces rules on resources - allowed regions, required tags, permitted services - to keep deployments compliant. Together with a sensible structure of management groups, subscriptions, and resource groups, and a tagging strategy, these form the governance model the exam asks you to design. Monitoring completes the area: Azure Monitor and Log Analytics provide observability, and the exam expects you to recommend a logging and monitoring solution suited to the scenario.
Why it matters
This area matters because identity and governance are the guardrails that make a large Azure estate safe and manageable, and because almost every other design decision assumes they are in place. A brilliant infrastructure design with no governance model is not an expert answer. The exam reflects this by weaving identity, access, and compliance considerations through scenarios in the other areas as well, so a firm grasp here pays off broadly.
How to study it
Make the governance hierarchy second nature: management groups contain subscriptions, RBAC grants access at a scope, and Azure Policy enforces rules at a scope - and questions hinge on applying the right one at the right level. Learn the identity tools by purpose: conditional access for risk-based access decisions, hybrid identity for one identity across on-premises and cloud, Key Vault for secrets and keys. As a teaching example: if an organisation needs to guarantee that no resource in any of its subscriptions can be deployed outside an approved set of regions, the design answer is an Azure Policy applied at a management group, because policy enforces rules across all the subscriptions beneath it, whereas configuring each subscription by hand would not bind future ones.
Common pitfalls
The first trap is confusing the governance tools - RBAC controls who can do something, Azure Policy controls what is allowed to exist, and a question will test that you know which solves the stated need. The second is applying controls at the wrong scope, such as a per-subscription fix when the requirement is organisation-wide and belongs at a management group. The third is treating identity as an afterthought; when a scenario describes access from varied devices or locations, conditional access is often the intended design, and missing it loses an otherwise reachable mark.
Chapter 4: Design data storage solutions (20-25%)
This area is about choosing the right place to keep data, given its shape and the requirements around it. It is smaller than the first two but tests precise judgement, because Azure offers many data services and the exam expects you to fit the service to the data rather than default to one.
What it is, and the data service choices
The exam splits data into broad shapes and asks you to recommend storage for each. For relational data - structured, with a schema and relationships - the choices include Azure SQL Database, a fully managed relational service for cloud-native applications, and Azure SQL Managed Instance, which offers near-full SQL Server compatibility for lift-and-shift migrations. You are also expected to recommend a service tier and compute tier, a scalability approach, and a data-protection solution. For semi-structured and unstructured data - documents, key-value pairs, files, blobs - the options include Azure Cosmos DB, a globally distributed, multi-model NoSQL database with tunable consistency, Table storage for simple key-value data, and Blob storage with its access tiers (hot, cool, archive) for objects and files. The exam expects you to balance features, performance, and cost, and to design for protection and durability. Data integration is the third strand: recommending solutions for moving and combining data and for data analysis.
Why it matters
This area matters because the data layer often determines an application’s performance, cost, and resilience more than the compute does, and because choosing the wrong data service is one of the hardest mistakes to reverse once an application depends on it. The exam rewards matching the service to the data’s shape and the scenario’s priorities - global distribution, strict consistency, lowest cost for rarely accessed data - rather than picking a familiar database for everything.
How to study it
Practise mapping a data description to a service. “Structured, relational, cloud-native” points to Azure SQL Database; “needs SQL Server compatibility for a migration” points to SQL Managed Instance; “globally distributed with low-latency reads and writes” points to Cosmos DB; “large objects, rarely accessed, lowest storage cost” points to Blob storage in a cool or archive tier. Learn the Blob access tiers and what each optimises, because tiering questions are common. As a teaching example: if a scenario stores large volumes of data that are accessed only occasionally and wants the lowest storage cost, the design answer is a cooler Blob storage access tier that trades higher retrieval cost for much lower storage cost, rather than keeping everything in the hot tier as if it were frequently read.
Common pitfalls
The first trap is forcing relational thinking onto non-relational data, or vice versa - choosing a SQL database for globally distributed document data that Cosmos DB suits better. The second is ignoring storage tiers and the cost trade-off they represent, which is exactly what tiering questions test. The third is overlooking the protection and durability requirement; when a scenario stresses resilience or recovery for data, the design must include the appropriate redundancy and backup, not just the base service.
Chapter 5: Design business continuity solutions (15-20%)
This is the smallest area but a dependable source of marks, because its concepts are well-defined and the questions are requirement-driven. It covers keeping systems available through failure and recovering them after a disaster.
What it is, and the continuity mechanisms
Business continuity rests on two ideas the exam tests precisely: high availability, keeping a system running despite component failures, and disaster recovery, restoring service after a major outage. High availability on Azure is built with redundancy across availability zones - physically separate locations within a region - and, for greater resilience, across regions, often using region pairs that Azure links for that purpose. Load balancing distributes traffic across healthy instances. For data, the exam expects high-availability designs for relational and non-relational stores alike.
Disaster recovery is framed by two objectives you must know cold. The Recovery Time Objective (RTO) is the maximum acceptable time to restore a system after an outage, and the Recovery Point Objective (RPO) is the maximum acceptable data loss, expressed as the age of the last recoverable data. Azure Backup provides backup and restore with recovery points, and Azure Site Recovery replicates workloads to another region and orchestrates failover. The design task is to choose mechanisms that meet the stated RTO and RPO at a sensible cost.
Why it matters
This area matters because availability and recoverability are often an organisation’s most important non-functional requirements, and because the cost of resilience rises steeply with how strict the targets are. The exam rewards matching the mechanism to the objective rather than over- or under-engineering: a near-zero RTO and RPO justify continuous replication and failover, while a tolerance of hours justifies a cheaper backup-and-restore approach. Knowing RTO and RPO and what they imply is the core skill.
How to study it
Anchor every continuity decision to the stated RTO and RPO. When a scenario gives tight objectives, the design needs replication and orchestrated failover, typically Azure Site Recovery across regions; when the objectives are relaxed, Azure Backup and restore may suffice at lower cost. Get the difference between availability zones (within a region, against a datacentre failure) and regions or region pairs (against a regional failure) clear, because questions test the scope of protection. As a teaching example: if a critical application must fail over to another region within minutes of a regional outage, the design answer is to replicate it with Azure Site Recovery to a paired region and orchestrate failover, rather than relying on periodic backups, which would restore too slowly to meet the RTO.
Common pitfalls
The first trap is confusing the scope of resilience - using availability zones, which protect against a datacentre failure, when the requirement is to survive a whole-region outage that needs a cross-region design. The second is treating backups as a recovery plan without checking the RPO; if only minutes of data loss are acceptable, infrequent backups fail the requirement. The third is over-engineering when the objectives are relaxed, proposing expensive multi-region replication where a stated, generous RTO and RPO make simpler backup-and-restore the better-fitting and cheaper design.
Chapter 6: The case-study technique and design judgement
The skill that most determines an AZ-305 result is reading a scenario for its binding constraint and choosing the design that meets it - and doing so under the particular demands of the case-study format. This chapter is that technique.
Read for the binding constraint
Every scenario sets a priority, and that priority is what makes one workable design better than the others. So read the whole scenario - in a case study, the whole context, not just the immediate question - and identify the constraint that binds: is it cost, security, availability, or performance? That word or requirement is your rubric. Once you have it, the question changes from “which of these designs would work?” to “which of these designs works and best satisfies this constraint?”, which is a cleaner question with usually one defensible answer. The “best” answer is the one that meets the stated requirements, never automatically the most feature-rich or most powerful option.
Work the case-study format deliberately
Case studies bundle several questions onto one detailed scenario, and the trap is answering each question in isolation. The right requirement for one question often sits in a detail stated for the scenario as a whole - a compliance rule mentioned once, a budget limit, an existing on-premises system. So read the full context first, note the requirements and constraints, and then answer each question against that complete picture. Watch the time the format costs: a case study takes longer to absorb than a standalone question, so budget for the reading rather than being surprised by it. Practising the case-study format until the reading-then-answering rhythm is familiar is the difference between finishing comfortably and running short.
Reason from requirement to service
Between two designs that both function, choose by the constraint and by Azure’s Well-Architected principles - reliability, security, cost, operational excellence, and performance. As a teaching example of the pattern: when a scenario stresses lowest cost for a workload with a known, modest load, the design that right-sizes and uses a cost-efficient tier beats a more powerful, more expensive one that would also run, because the binding constraint is cost and the cheaper-fitting design honours it without breaking the other requirements. Training this reasoning on practice scenarios, rather than memorising service facts, is what builds the judgement the exam rewards.
Chapter 7: Study plan and timeline
With the design areas and the case-study technique understood, the work is pacing them on top of the experience this exam assumes. Three things drive the plan: your starting level, the area weights, and the need to practise designing for requirements rather than memorising features.
Be honest about the starting line
AZ-305 is an expert exam that assumes AZ-104-level administrator knowledge and real hands-on Azure experience. With that base, a focused two months of study is a common and reasonable target: an intensive six weeks at roughly twelve hours a week for those who can push, or a ten-week balanced run at around eight hours a week for most. If you are not yet at administrator level, the right move is to build AZ-104 knowledge and genuine hands-on time first, because the case studies are hard to navigate without the experience to recognise the trade-offs they describe. Trying to learn Azure administration and pass an architecture exam at once stretches both too thin.
Work the areas, weighting infrastructure and identity
Spread your hours across all four areas, weighting the two largest - infrastructure (30-35%) and identity, governance, and monitoring (25-30%) - while giving real time to data storage (20-25%) and a solid pass over business continuity (15-20%). A balanced nine- to ten-week shape works through one area at a time: infrastructure first as the heaviest, then identity and governance, then data storage and business continuity together, then case-study drills and full-length timed practice. Throughout, ground the designs in experience where you can: build a hub-and-spoke network, apply an Azure Policy at a management group, set up a private endpoint, so the patterns are familiar rather than theoretical. To turn whichever timeline you pick into dated weeks for your own start date, use the free study-plan generator.
Practise designing for requirements, and keep case studies in the rotation
Because the exam is won on judgement, practise choosing designs for stated requirements from early on, not just at the end, and keep case-study questions in the rotation throughout rather than saving them for the final week. For each scenario, practise the technique deliberately: find the binding constraint, eliminate the designs that break it, and articulate why the survivor best fits. Use the free Microsoft Learn practice assessment to calibrate where you stand. If you are weighing AZ-305 against the equivalent AWS architecture path before committing, the AZ-305 versus AWS Solutions Architect Professional comparison sets out how the two architect tracks differ in scope and focus.
Chapter 8: Final preparation, exam day, and format
Final preparation
In the last week or two, shift toward full-length, timed practice that includes case studies, treating each session as both a stamina run and a diagnosis. Note which design area leaks marks and which kind of trade-off you misread, then go back and shore up the reasoning rather than only re-reading service descriptions. Use the Microsoft Learn practice assessment to calibrate, and aim to be scoring comfortably above 700 / 1000 on fresh material before you book. Build that from genuine understanding and practice; the exam rewards design judgement, and there is no shortcut around having reasoned through many scenarios.
Prerequisites and renewal
There is no formal prerequisite - passing AZ-305 alone earns the Solutions Architect Expert credential - but AZ-104-level knowledge and real Azure experience are genuinely assumed, and the case studies are hard without them. Confirm the current skills-measured list, question count, time, and fee (indicatively around US$165) on Microsoft Learn before you book, since Microsoft updates these. Unlike many credentials, this one is valid for one year and renews free through a short online assessment on Microsoft Learn, so set a reminder to renew before it lapses rather than re-sitting the full exam.
Exam day and format
On the day, you face around 40 to 60 questions in about 120 minutes, including case studies, taken at a test centre or through online proctoring, with the pass mark at 700 / 1000. Apply the technique you practised: read each scenario - and each case study’s full context - for the constraint that binds, eliminate the designs that break it, and choose the one that best meets the stated requirements rather than the most feature-rich option. Budget time for the case-study reading so it does not surprise you, and answer each of a case study’s questions against the complete scenario, not in isolation. Having practised at full length with case studies until the reading-then-deciding rhythm feels ordinary, the format will be familiar rather than daunting, which is exactly the advantage the weeks of design practice were meant to build.