Azure Certification
Path 2026

Conceptos cloud (IaaS / PaaS / SaaS · CapEx vs OpEx · shared responsibility model) · Servicios core de Azure (Regiones, AZs, Resource Groups, ARM) · Compute (VMs, App Service, Azure Functions, Container Instances, AKS básico) · Storage (Blob, File, Queue, Table, Disk) · Redes (VNet, VPN Gateway, ExpressRoute, Load Balancer, CDN, DNS) · Bases de datos (SQL Database, Cosmos DB, Azure Database for PostgreSQL/MySQL) · Identidad (Azure AD/Entra ID: usuarios, grupos, RBAC, MFA, SSO) · Gestión y gobierno (Azure Policy, Management Groups, Cost Management, Azure Advisor, Blueprints, Tags) · Monitoreo (Azure Monitor, Log Analytics, Service Health) · SLA y ciclo de vida de servicios

Conceptos de IA/ML (aprendizaje supervisado, no supervisado, reinforcement learning · regresión, clasificación, clustering) · Responsible AI (fairness, reliability, privacy, inclusivity, transparency, accountability) · Computer Vision en Azure (Azure AI Vision: análisis de imágenes, OCR, Face API, Video Indexer) · NLP (Azure AI Language: análisis de sentimiento, extracción de entidades, traducción, QA) · Generative AI (Azure OpenAI Service: GPT, DALL-E, Copilot) · Azure Machine Learning (autoML, designer, fundamentos sin código) · Azure AI Search (cognitive search, índices, knowledge mining)

Conceptos de datos (datos relacionales vs no relacionales vs analíticos · OLTP vs OLAP · batch vs streaming) · Bases de datos relacionales en Azure (Azure SQL Database, Azure Database for PostgreSQL/MySQL: conceptos de tablas, claves, joins, índices) · Datos no relacionales (Azure Cosmos DB: modelos API JSON, Table, Cassandra; Azure Blob Storage: jerarquía de contenedores) · Analytics en Azure (Azure Synapse Analytics: fundamentos de Data Warehouse, Spark pools; HDInsight; Azure Databricks básico; Azure Data Factory: pipelines, linked services) · Visualización (Power BI: datasets, informes, dashboards, publicación) · Real-time analytics (Azure Stream Analytics, Event Hubs, Azure Data Explorer básico)

Conceptos de seguridad (Zero Trust model, defense in depth, CIA triad, shared responsibility) · Microsoft Entra ID / Azure AD (identidades, RBAC, PIM, Conditional Access, MFA, SSPR, B2B/B2C, Managed Identities) · Autenticación y autorización (OAuth 2.0, OIDC, SAML 2.0 básico) · Microsoft Defender (Defender for Cloud: secure score, recommendations; Defender XDR: endpoints, identidad, email) · Microsoft Sentinel (SIEM/SOAR: workbooks, analytics rules, incidents) · Azure compliance (Azure Policy, Blueprints, Microsoft Purview: compliance portal, sensitivity labels, DLP, eDiscovery) · Privacy (GDPR, ISO 27001, SOC: Azure Trust Center, Privacy Statement)

Identidad y gobierno (Entra ID: usuarios, grupos, RBAC, Management Groups, Azure Policy, resource locks, Cost Management, Blueprints, Tags) · Storage (Storage Accounts: tipos, replicación GRS/LRS/ZRS, lifecycle management, Azure File Sync, SAS tokens, acceso con Managed Identity) · Compute (VMs: sizing, availability sets/zones, extensions, Azure VM Scale Sets; Azure App Service Plans; Azure Container Instances; AKS conceptos) · Networking (VNets, subnets, NSGs, ASGs, UDRs, VNet Peering, VPN Gateway P2S/S2S, ExpressRoute básico, Azure Load Balancer, Application Gateway, Azure DNS, Private DNS Zones, Network Watcher) · Monitoreo y backup (Azure Monitor: métricas, alertas, Log Analytics workspace, diagnostic settings; Azure Backup: Recovery Services Vault, políticas de backup; Azure Site Recovery básico)

Compute (Azure Functions: triggers HTTP/Timer/Queue/Blob/Service Bus, bindings, Durable Functions: orchestrators, activities; App Service: deployment slots, autoscale, WebJobs; Container Apps: KEDA, scaling rules; Container Registry: ACR Tasks) · Storage y datos (Blob Storage: tiers, lifecycle, client-side encryption; Cosmos DB SDK: CRUD, consistency levels, change feed; Azure Cache for Redis: estrategias de caché, TTL; Azure Table Storage) · Integración (Service Bus: queues vs topics/subscriptions, sessions, DLQ; Event Grid: topics, subscriptions, event filtering; Event Hubs: particiones, consumer groups, Capture) · Seguridad (Key Vault: secrets, keys, certificates; Managed Identity en código; App registrations: OAuth2 flows; MSAL para Python) · Monitoreo (Application Insights: SDK, custom telemetry, distributed tracing, availability tests; Azure Monitor: structured logs con OpenTelemetry) · API Management (products, policies, subscriptions, rate limiting, backend mTLS)

Identidad y acceso (Entra ID avanzado: Conditional Access policies, PIM con just-in-time access, access reviews, Managed Identities, App registrations + permisos de API, B2B/B2C, Entra ID Protection: sign-in risk, user risk) · Plataforma segura (Azure Policy: remediation, compliance, exclusions; Management Group SCPs; Resource Locks; Defender for Cloud: security policies, compliance dashboard, workflow automation; Microsoft Sentinel: analytics rules KQL, workbooks, playbooks SOAR, data connectors) · Compute seguro (NSG + ASG + Azure Firewall: DNAT rules, network rules, app rules; Azure DDoS Protection: Basic vs Standard; Azure Bastion: host seguro sin RDP/SSH expuestos; Just-in-Time VM access) · Storage seguro (SAS tokens: service SAS, account SAS, user delegation SAS; Private Endpoints para Storage; Customer-Managed Keys con Key Vault; Azure AD auth para blobs) · Aplicaciones seguras (Key Vault: access policies vs RBAC; certificados TLS; secretos rotación automática; App Gateway WAF: OWASP Core Rule Set, custom rules, exclusions)

Diseño de VNets (CIDR planning, subnets, IPv4/IPv6 dual-stack, VNet Peering global, Service Endpoints vs Private Endpoints) · Hybrid networking (VPN Gateway: Active-Active, zone-redundant SKUs, BGP; ExpressRoute: circuits, peering types private/Microsoft/public, FastPath, Global Reach, coexistencia VPN+ER) · Azure Virtual WAN (arquitectura hub-and-spoke a escala, routing policies, secured hubs con Azure Firewall) · Routing (UDRs, BGP, Route Server, Next Hop) · Load balancing (Azure Load Balancer: Standard SKU, health probes, HA ports; Application Gateway v2: WAF, autoscaling, routing rules, URL-based, multi-site; Azure Front Door: global load balancing, WAF global, origin groups, health probes; Traffic Manager: routing methods) · Firewall y seguridad (Azure Firewall Premium: TLS inspection, IDPS, URL filtering, Firewall Policy; Azure DDoS Protection Standard) · DNS avanzado (Private DNS Zones, DNS Private Resolver: inbound/outbound endpoints, ruleset)

Azure OpenAI Service (despliegue de modelos GPT-4o/GPT-4/DALL-E/Whisper, completion vs chat completion, system prompts, function calling, RAG con On Your Data, fine-tuning, content filtering) · Azure AI Services (multi-service vs single-service resources, keys + Entra auth) · Azure AI Vision (Image Analysis 4.0: object detection, captioning, OCR, smart crop; Custom Vision: classification + detection) · Azure AI Language (CLU: conversational language understanding, orchestration workflow; Question Answering: knowledge bases, active learning; Sentiment + Opinions + Key Phrase; Text Classification custom) · Azure AI Speech (STT, TTS, speaker recognition, custom speech models, speech translation) · Azure AI Translator (neural MT, custom translators, document translation) · Azure AI Search (indexers, skillsets cognitivos, vectorización, hybrid search, semantic ranker) · Responsible AI (content safety API, fairness, reliability, transparency, privacy) · Azure AI Foundry (ex Azure ML Studio): deployment de modelos, model catalog, prompt flows

Azure Data Factory (pipelines: activities, linked services, datasets, triggers, integration runtime; Mapping Data Flows: transformaciones visuales, debug, particionamiento; Control Flow: ForEach, IfCondition, Until, Error Handling) · Azure Synapse Analytics (dedicated SQL pools: distribution hash/round-robin/replicate, statistics, indexes; serverless SQL pool: OPENROWSET, views sobre data lake; Spark pools: notebooks PySpark, Spark SQL; pipelines integradas) · Azure Data Lake Storage Gen2 (hierarchical namespace, ACLs, ABAC, lifecycle management, Azure Hierarchical Namespace) · Azure Databricks (clusters, notebooks Python/Scala, Delta Lake: ACID, time travel, merge; Unity Catalog: governance a nivel de tabla/columna) · Azure Stream Analytics (jobs: input IoT Hub/Event Hubs, queries SQL-like, output sinks, windowing functions: tumbling/hopping/session; checkpointing) · Azure Event Hubs (namespaces, particiones, consumer groups, Capture a ADLS, Schema Registry) · DP-203 enfatiza: diseño de esquemas optimizados para Synapse, pipeline de datos a escala, seguridad con Private Endpoints y Managed VNet, coste-eficiencia

Azure Machine Learning workspace (compute: clusters, compute instances, serverless; environments: Docker base images, conda specs; datastores y data assets; MLflow tracking integrado) · Preparación de datos ML (feature engineering en Python con pandas/scikit-learn; data labeling; Azure ML Datasets) · Entrenamiento de modelos (jobs: command jobs, sweep jobs hyperparameter tuning; training en local vs cluster; frameworks: scikit-learn, PyTorch, TensorFlow) · MLflow en Azure ML (autologging, custom logging, model registry, model signatures) · Optimización de hiperparámetros (Bayesian, Grid, Random; early termination: bandit, median stopping) · Responsible AI dashboard (fairness: disparate impact; interpretabilidad: SHAP; counterfactuals; error analysis) · Despliegue (online endpoints: managed vs Kubernetes, blue/green deployment; batch endpoints: scoring script, parallelization) · Pipelines de ML (Azure ML Pipelines: steps, inputs/outputs, caching; Designer: drag-and-drop) · AutoML (classification, regression, forecasting; featurization, primary metric, guardrails)

Azure SQL Database (tiers: General Purpose vs Business Critical vs Hyperscale; vCores vs DTU; elastic pools; serverless tier: auto-pause, autopause delay; geo-replication vs failover groups; backup y PITR) · Azure SQL Managed Instance (full SQL Server compatibility, native VNet injection, Business Critical failover, link feature para migración) · Azure Database for PostgreSQL Flexible Server (high availability: zone-redundant + same-zone; read replicas; autoscale IOPS; Pgbouncer connection pooling; Azure extensions) · Azure Database for MySQL Flexible Server (idem PostgreSQL: HA, replicas, connection pooling) · Performance tuning (Query Store, Query Performance Insight; Index recommendations; Automatic Tuning: auto index, auto plan correction; Intelligent Query Processing) · Seguridad en BD (Microsoft Defender for SQL: ATP alerts, vulnerability assessment; Azure AD auth; Always Encrypted; TDE; Dynamic Data Masking; Row-Level Security; Advanced Threat Protection) · Monitoreo (Azure Monitor Metrics, Diagnostic Logs, Log Analytics, Database Watcher) · Migración (Azure Database Migration Service: offline vs online migration; Data Migration Assistant)

Microsoft Fabric arquitectura (OneLake: almacenamiento unificado; Fabric capacities; lakehouses: Delta tables, shortcuts a ADLS Gen2/S3; warehouses: T-SQL sobre Fabric; Real-Time Intelligence: Eventhouse, KQL Database, eventstreams) · Ingesta y orquestación (Fabric Data Factory: pipelines, dataflows Gen2; Copy activity; Fabric notebooks con PySpark: Spark 3.x, Delta Lake — merge, upsert, time travel; Fabric job scheduler) · Transformaciones con PySpark (DataFrames, schema enforcement, partitioning strategies, Z-ordering en Delta tables; incremental processing con watermarks; broadcast joins) · Medallion architecture en Fabric (Bronze/Silver/Gold en Lakehouse; VACUUM y OPTIMIZE; incremental loads) · DirectLake mode (conceptos para data engineers: cómo estructurar Delta tables para óptimo rendimiento en DirectLake; parquet columnar alignment; partitioning guidelines) · Seguridad Fabric (workspace roles; item permissions; row-level security en Lakehouse; column-level security; sensitivity labels de Purview para datasets) · Monitoreo (Fabric Capacity Metrics app; Spark monitoring; pipeline run history; alerts en Fabric)

Microsoft Fabric para analytics (lakehouses, warehouses, Fabric capacities, OneLake consolidation; Fabric trial vs paid capacity; workspace governance) · Semantic models avanzados (Power BI en Fabric: star schema design, composite models; DAX avanzado: CALCULATE, FILTER, variables, time intelligence — YTD, SAMEPERIODLASTYEAR, PREVIOUSYEAR, DATEADD; row-level security estática y dinámica; field parameters; calculation groups) · Dataflows Gen2 (conectores Power Query M, transformaciones, incremental refresh, output destinations: Lakehouse o Warehouse; staged vs non-staged) · DirectLake mode (cuándo usar DirectLake vs DirectQuery vs Import; fallback a DirectQuery; partitioning guidelines para DirectLake; framing) · Power BI en Fabric (deployment pipelines dev/test/prod; large dataset format; incremental refresh; aggregations; composite models; paginated reports; scorecards) · Data Activator (Reflex objects: triggers, conditions, actions desde Power BI visuals y Eventhouse; alerting patterns) · Governance con Purview (sensitivity labels en semantic models; endorsement: promoted vs certified; lineage view; impact analysis) · Semantic Link (python-semantic-link: leer semantic models desde notebooks, ejecutar DAX desde Python, escribir datos de vuelta al Lakehouse)

Identidad y gobierno (Entra ID: diseño de tenant multi-forest, External Identities B2B/B2C; RBAC custom roles; Management Groups + Policy inheritance; Azure Blueprints vs Bicep; CAF: landing zones, governance; Well-Architected Framework: reliability, security, performance, cost, operational excellence) · Diseño de compute (AKS: node pools, autoscaler, ingress, GitOps; Service Fabric; Azure Batch para HPC; trade-offs App Service vs Container Apps vs AKS) · Diseño de almacenamiento (Storage Account performance tiers; Azure NetApp Files; Elastic SAN; trade-offs NoSQL vs relacional vs analítico para un caso de uso dado) · Diseño de redes (topology hub-and-spoke vs Virtual WAN; routing entre zonas; Azure Front Door + Application Gateway combinados; cross-region replication) · Diseño de continuidad (Availability Zones vs Sets; Azure Site Recovery: RTO/RPO targets; multi-region active-passive vs active-active; Chaos Studio) · Diseño de migración (Azure Migrate: discovery, assessment, server migration; App Service Migration Assistant; Database Migration Service; Cloud Adoption Framework R-strategies: Rehost, Replatform, Refactor, Rearchitect, Rebuild, Replace) · Diseño de integración (API Management: tiers, policies, self-hosted gateway; Event Grid vs Service Bus vs Event Hubs: decision framework; Logic Apps vs Azure Functions vs Durable Functions)

Source control (Azure Repos: branching strategies — trunk-based vs GitFlow vs GitHub Flow; pull request policies; branch protection; CODEOWNERS; Git large file storage; migración desde SVN/TFS) · CI/CD (Azure Pipelines: YAML multi-stage pipelines, templates reusables, library groups, variable groups, environments con approvals/gates; GitHub Actions: workflows, secrets, composite actions, reusable workflows; comparativa AzDO vs GitHub) · Dependency management (Azure Artifacts: feeds npm/NuGet/PyPI/Maven, upstream sources, retention policies; Dependabot integration) · IaC (Bicep: modules, scopes, conditions; Terraform en Azure: remote state en Azure Storage, Workspaces; ARM templates vs Bicep decision; Azure Developer CLI: azd init/up/down) · Testing estratégico (shift-left: tests unitarios en pipeline, SAST con GitHub Advanced Security + Defender for DevOps, DAST, chaos testing) · Observabilidad DevOps (Application Insights SDK: custom events, distributed tracing, sampling; Azure Monitor Workbooks; SLO/SLI/Error Budget; deployment frequency DORA) · Seguridad DevOps (SAST: CodeQL; SCA: Dependabot alerts; container scanning: Defender for Containers; secret scanning: GitHub Advanced Security; SBOM generation) · Feature management (Azure App Configuration: feature flags, key-value settings, geo-replication; progressive delivery)

Planificación AVD (host pools: pooled vs personal; workspace design; application groups: remote desktop vs RemoteApp; sizing de session hosts: GPU vs general purpose; FSLogix profile containers: Azure Files vs Azure NetApp Files) · Implementación (deployment vía ARM/Bicep; Windows 10/11 multisession; session host image management: Azure Compute Gallery, Shared Image Gallery; auto-scaling plan: schedule-based + load-based; Azure AD join vs hybrid AD join) · Redes AVD (RDP Shortpath: managed network + public network; Private Link para AVD; QoS políticas de red; Azure Firewall AVD traffic; Teams optimización para AVD; latency troubleshooting) · Identidad y acceso (Entra ID Conditional Access para AVD; RBAC roles: Desktop Virtualization Contributor, User, etc.; MFA enforcement; Intune integration para compliance) · Monitoreo y operaciones (Azure Monitor for AVD: diagnostics, Log Analytics workspace, workbook; Session diagnostics; Connection Quality metrics; AVD Insights dashboard; Windows Event Logs) · Optimización (RDS Sizing guidelines; MSIX App Attach vs AppX; OneDrive KFM; Start VM on Connect; drain mode maintenance; session host autoscale) · Licencias (Windows 10/11 Enterprise multisession eligibility; M365 licensing requirements; cost management AVD)

Arquitectura SAP en Azure (instancias certificadas SAP HANA: M-series, Mv2-series; SAP HANA Large Instances; SAP NetWeaver en Azure VMs: ABAP stack vs Java stack; SAP S/4HANA, SAP BW/4HANA en Azure) · Alta disponibilidad SAP (HANA System Replication: sync/sync mem/async; Linux HA: Pacemaker + STONITH; Windows Server Failover Clustering para SAP ASCS/ERS; Azure Load Balancer Standard para SAP cluster; Azure Site Recovery para SAP DR) · Networking SAP (Proximity Placement Groups para baja latencia HANA; Accelerated Networking obligatorio en HANA hosts; ExpressRoute para conectividad on-premises; VNet design para SAP tiers: app + DB + management) · Storage SAP (Azure Premium SSD v2 y Ultra Disk para HANA data + log volumes; NFS via Azure NetApp Files para /sapmnt y /hana/shared; Azure Files para transport directory) · Backup SAP (Azure Backup for SAP HANA: Backint agent; HANA backup catalog; snapshot-based via Azure Backup) · Migración SAP a Azure (Homogeneous vs Heterogeneous System Copy; SWPM; SAP R3load; Azure Migrate para SAP; deployment con SAP Deployment Automation Framework — SDAF) · SAP RISE on Azure: integración con servicios nativos, networking con RISE VNet, acceso compartido a ADLS

Azure Cosmos DB Core (API para NoSQL: containers, items, partitioning — logical vs physical partitions, partition key selection para evitar hot partitions; RU/s: provisioned vs autoscale, serverless; consistency levels: Strong, Bounded Staleness, Session, Consistent Prefix, Eventual — trade-offs de latencia/throughput/consistency) · SDK Python (azure-cosmos: CRUD operations, point reads vs queries, continuation tokens para paginación, bulk executor; CosmosClient, DatabaseProxy, ContainerProxy; UpsertItem vs CreateItem) · Indexing (default indexing policy: all paths; composite indexes; spatial indexes; range vs hash; index exclusions para reducir RU/s; TTL por container y por item) · Change Feed (change feed processor: lease container, delegate function; change feed pull model; order of delivery; use cases: event sourcing, cache invalidation, data migration) · Multi-region y HA (multi-region writes: conflict resolution — last-writer-wins, merge procedures; read regions; automatic failover; SLA 99.999%; geo-redundancy) · APIs alternativas (API para MongoDB: wire compatibility, index creation; API para Apache Cassandra: keyspaces, tables; API para Gremlin: graph traversal; API para Table: compatible con Azure Table Storage) · Seguridad (RBAC para datos: built-in roles — Cosmos DB Built-in Data Reader/Contributor; Managed Identity para acceso sin connection strings; firewall de IP; Private Endpoint; CMK con Key Vault) · Performance (request units optimization; caching con Redis; query optimization — prefer point reads; cross-partition queries cost; analytical store: HTAP con Azure Synapse Link)