AZ-900 Exam Study Guide (Microsoft Azure Fundamentals)

AZ-900 Microsoft Azure Fundamentals Certificate Study Guide

AZ-900 Preparation Details

Preparing for the AZ-900 Microsoft Azure Fundamentals Certificate exam? Don’t know where to start? This post is the Azure Fundamentals AZ-900 Certificate Study Guide (with links to each exam objective).

I have curated a detailed list of articles from Microsoft documentation for each objective of the AZ-900 exam. Please share the post within your circles so it helps them to prepare for the exam. You can also download the AZ-900 Study Guide PDF version.

AZ-900 Azure Fundamentals Online Course

LinkedIn Learning (Free trial) Exam Prep: Azure Fundamentals Path
Pluralsight Microsoft Azure Fundamentals [Free trial]
Udemy (AZ-900 course)Fundamentals of Azure Certification Course
Coursera (Specialization)Azure Fundamentals Exam Prep Specialization

AZ-900 Azure Fundamentals Practice Test

Whizlabs Exam Questions 5 Practice Tests (275 Q&A) + 35 section tests
Udemy Practice Tests Azure Fundamentals Practice Test (250+ Qs)

AZ-900 Azure Fundamentals Learning Material

Amazon e-book (PDF) Azure Fundamentals Exam Reference Book
DatacampCloud Computing for Everyone

Looking for AZ-900 Dumps? Read This!

Using az-900 exam dumps can get you permanently banned from taking any future Microsoft certificate exam. Read the FAQ page for more information. However, I strongly suggest you validate your understanding with practice questions.

Check out all the other Azure certificate study guides

Full Disclosure: Some of the links in this post are affiliate links. I receive a commission when you purchase through them.

Describe Cloud Concepts (20-25%)

Identify the Benefits and Considerations of Using Cloud Services

Identify the benefits of cloud computing such as High Availability, Scalability, Elasticity, Agility, and Disaster Recovery

Disaster Recovery vs. High Availability vs. Fault Tolerance

Cloud Elasticity vs Cloud Scalability

Watch here a wonderful lecture on Elasticity

Cloud Computing: Two Kinds of Agility


Test Your Knowledge of Cloud Concepts

Q] An application consists of a set of virtual machines hosted in a Virtual Network. In a month, the application has a load of around 20% for 3 weeks. During the last week, the load on the application is 80%.

Which of the following benefits of Azure Cloud would ensure the cost and efficiency of the underlying application infrastructure?

  1. High availability
  2. Elasticity
  3. Disaster recovery
  4. Fault tolerance

Explanation: You can do the following in this scenario:

Define a Virtual Machine Scale set in Azure and create an initial set of VMs to run for the first 3 weeks.

Azure initial configuration VMSS

Then add a scaling policy to add more Virtual Machines to support the application during the last week. This is scaling out.

Virtual machine scale set scale out

And, another scaling policy to remove extra VMs at the end of last week to save on costs. This is scaling in.

VMSS Scale in

This concept is referred to as Elasticity which is defined as the extent to which a process can adapt to changes in workload by provisioning/de-provisioning resources automatically in a way that at every instant of time, the available resources closely match the ongoing demand.

Reference Link:

https://azure.microsoft.com/en-us/pricing/details/active-directory/

https://pablo-iorio.medium.com/elasticity-does-not-equal-scalability (See image for the difference between elasticity & scalability).

This question is part of the free AZ-900 Whizlabs practice test. A detailed explanation is given on my YouTube channel as well!


Identify the differences between Capital Expenditure (CapEx) and Operational Expenditure (OpEx)

Capital Expenditure (CapEx) and Operational Expenditure (OpEx)

Describe the consumption-based model

Consumption-based model

AZ-900 Exam Details and Tips

Describe the Differences between Categories of Cloud Services

Describe the shared responsibility model

Shared responsibility in the Azure cloud

Describe Infrastructure-as-a-Service (IaaS)

What is Infrastructure as a service (IaaS)?


Test Your Knowledge of Cloud Concepts

Q] A company is planning to create several Virtual Machines in Azure. Which of the following is the right category to which the Azure Virtual Machine belongs?

  1. Infrastructure as a service (IaaS)
  2. Platform as a service (PaaS)
  3. Software as a service (SaaS)
  4. Function as a service (FaaS)

Explanation: Well, all that has to do with physical infrastructure are IaaS.

Here, all the servers and storage, Networking firewalls, and data center belong to the IaaS category. That means services like Azure VMs, Azure Storage accounts, Azure Networking fall into IaaS.

Infrastructure as a Service

SaaS and PaaS use IaaS components and are built on top of IaaS.

So, Infrastructure as a service (IaaS) is the correct answer.

Reference Link:

https://azure.microsoft.com/en-us/overview/what-is-iaas/

This question is part of the free AZ-900 Whizlabs practice test. A detailed explanation is given on my YouTube channel as well!


Describe Platform-as-a-Service (PaaS)

What is Platform as a service (PaaS)?

Describe serverless computing

An introduction to serverless technologies

Describe Software-as-a-Service (SaaS)

What is Software as a Service (SaaS)?

Identify a service type based on a use case

Types of cloud services

Describe the Differences between Types of Cloud Computing

Define cloud computing

What is cloud computing?

Describe the public cloud

What is a public cloud in Microsoft Azure?

Describe private cloud

What is a private cloud – Definition?

Describe a hybrid cloud

What is a hybrid cloud?

Compare and contrast the three types of cloud computing

Cloud deployment models

Describe Core Azure Services (15-20%)

Describe the Core Azure Architectural Components

Describe the benefits and usage of Regions and Region Pairs

Understand Datacenters and Regions in Azure

Describe the benefits and usage of Availability Zones

Understand Availability Zones in Azure

Describe the benefits and usage of Resource Groups

Resource groups

Describe the benefits and usage of Subscriptions

What is an Azure subscription?

Describe the benefits and usage of Management Groups

What are Azure Management Groups?

Describe the benefits and usage of Azure Resource Manager

What is Azure Resource Manager?

Explain Azure resources

What is an Azure resource?

Describe Core Resources Available in Azure

Describe the benefits and usage of Virtual Machines, Azure App Services, Azure
Container Instances (ACI), Azure Kubernetes Service (AKS), and Windows Virtual Desktop

Windows virtual machines in Azure

Azure App Service, What are they?

Azure Container Instances, What are they and their benefits?

Introduction to Azure Kubernetes Service (AKS)

Four compelling reasons to use Azure Kubernetes Service (AKS)

What is Windows Virtual Desktop?


Test Your Knowledge on Azure App Service Plans

Q] Your company uses Azure App Service to host its set of web applications. In case of need as per requirement, does Azure provides the ability to scale the platform automatically?

  1. Yes
  2. No

Explanation: Of course, you do have options for both scaling up and scaling out your app in Azure App Service.

You can scale up your app to get more CPU, memory, disk space by changing the pricing tier of the App Service plan that your app belongs to.

Upgrading your pricing tier brings in extra features like custom domains, certificates, staging slots, autoscaling, and more.

azure app service plans upgrade

And within a set pricing tier, you can scale out to increase the number of VM instances that run your app.

Azure App Service plans

So, the correct answer is ‘Yes.’

Reference Link:

https://azure.microsoft.com/en-us/pricing/details/active-directory/

This question is part of the free Whizlabs practice test. A detailed explanation is given on my YouTube channel as well!


Describe the benefits and usage of Virtual Networks, VPN Gateway, Virtual Network peering, and ExpressRoute

Azure Virtual Network Concepts and Benefits

What is Azure Virtual Private Network Gateway?

What is Azure Virtual Network Peering?

What is Azure ExpressRoute?

Azure ExpressRoute benefits

Describe the benefits and usage of Container (Blob) Storage, Disk Storage, File Storage, and storage tiers

What are Azure Blob Storage and its benefits?

What is Azure Disk storage?

Benefits of managed disks

Azure File Storage and its benefits

Azure Blob storage: hot, cool, and archive access tiers

Describe the benefits and usage of Cosmos DB, Azure SQL Database, Azure Database for MySQL, Azure Database for PostgreSQL, and SQL Managed Instance

Azure Cosmos DB and its key benefits

Azure SQL Database and its benefits

Microsoft Azure Database for MySQL

What is Azure Database for PostgreSQL?

What is Azure SQL Managed Instance?

YouTube: Know the differences between Azure SQL DB and Managed Instance

Describe the benefits and usage of Azure Marketplace

https://azuremarketplace.microsoft.com/en-us/about

TechTarget: definition/Microsoft-Azure-Marketplace

Describe Core Solutions and Management Tools on Azure (10-15%)

Describe Core Solutions Available in Azure

Describe the benefits and usage of Internet of Things (IoT) Hub, IoT Central, and Azure Sphere

What is the Internet of Things (IoT)?

What is Azure Internet of Things (IoT)?

What is Azure IoT Hub?

What is Azure IoT Central?

What is Azure Sphere?

Why Azure Sphere From Microsoft Is A Big Deal For The IoT Ecosystem?

Describe the benefits and usage of Azure Synapse Analytics, HDInsight, and Azure Databricks

Understand What is Big Data?

What is Analytics?

What is Azure Synapse Analytics (formerly SQL DW)?

Azure HDInsight overview

A technical overview of Azure data bricks

Describe the benefits and usage of Azure Machine Learning, Cognitive Services, and Azure Bot Service

A wiki article on artificial intelligence

What is Azure Machine Learning?

A look at different cognitive services and their APIs

Example: Build a ChatBot with Azure Bot Service

Describe the benefits and usage of serverless computing solutions that include Azure Functions and Logic Apps

Learn about serverless architectures

An introduction to Azure Functions

Azure Logic Apps overview

Describe the benefits and usage of Azure DevOps, GitHub, GitHub Actions, and Azure DevTest Labs

What is Azure DevOps?

What Is GitHub, and What Is It Used For?

About GitHub Actions

Azure DevTest Labs overview

Azure certification Frequently Asked Questions

Describe Azure Management Tools

Describe the functionality and usage of the Azure Portal, Azure PowerShell, Azure CLI, Cloud Shell, and Azure Mobile App

Azure Portal overview

Getting started with Azure PowerShell

What is Azure CLI?

Overview of Azure Cloud Shell

About Mobile Apps in Azure App Service

Describe the functionality and usage of Azure Advisor

Introduction to Azure Advisor

Describe the functionality and usage of Azure Resource Manager (ARM) templates

What are Azure Resource Manager (ARM) Templates and how they are used?

Describe the functionality and usage of Azure Monitor

Azure Monitor overview

Describe the functionality and usage of Azure Service Health

What is Azure Service Health?

Microsoft Azure for dummies (AZ-900)

Amazon link (affiliate)

Describe General Security and Network Security Features (10-15%)

Describe Azure Security Features

Describe basic features of Azure Security Center, including policy compliance, security alerts, secure score, and resource hygiene

What is Azure Security Center?

Security alerts – a reference guide

Introduction to secure score in Azure Security Center

Security Center: Resource Security Hygiene

Improve your regulatory compliance

Describe the functionality and usage of Key Vault

About Azure Key Vault

Describe the functionality and usage of Azure Sentinel

What is Azure Sentinel?

Describe the functionality and usage of Azure Dedicated Hosts

Benefits & limitations of Azure Dedicated Hosts

Describe Azure Network Security

Describe the concept of defense in depth

Defense-in-depth security in Azure

Azure Essentials: Defense-in-depth security

Describe the functionality and usage of Network Security Groups (NSG)

Network security groups

How do Network Security Groups filter network traffic?

Describe the functionality and usage of Azure Firewall

What is Azure Firewall?

List all the features of Azure Firewall

Describe the functionality and usage of Azure DDoS protection

Azure DDoS Protection Standard overview

Describe Identity, Governance, Privacy, and Compliance Features (20-25%)

Describe Core Azure Identity Services

Explain the difference between authentication and authorization

Medium Post: authentication-vs-authorization

Define Azure Active Directory

Definition of Azure Active Directory

Describe the functionality and usage of Azure Active Directory

Features of Azure Active Directory

Describe the functionality and usage of Conditional Access, Multi-Factor Authentication (MFA), and Single Sign-On (SSO)

Usage of Conditional Access

Multi-factor Authentication in Azure

What is single sign-on (SSO)?


Test Your Knowledge on Azure Active Directory Plans

Q] A company is upgrading its current Azure AD Free plan to the Azure AD Premium P1 plan. Does Microsoft provide the same feature set for both plans?

  1. Yes
  2. No

Explanation: Well, Azure Active Directory comes in 4 editions—Free, Office 365 apps, Premium P1, and Premium P2.

When you sign up for a free Azure account, you get the Free edition of Azure Active Directory.

You can also choose to upgrade to the Premium P1 plan if you need premium features like Password protection, Conditional access, etc., which do not come in the free plan.

So, yes, the Azure Active Directory free plan and the Premium P1 Plan are quite different as the Premium plan has additional different feature sets.

Azure AD editions

Reference Link:

https://azure.microsoft.com/en-us/pricing/details/active-directory/

This question is part of the free Whizlabs practice test. A detailed explanation is given on my YouTube channel as well!


Describe Azure Governance Features

Describe the functionality and usage of Role-Based Access Control (RBAC)

Overview of Role-based Access Control

Describe the functionality and usage of resource locks

Lock Azure resources to prevent unexpected changes

Describe the functionality and usage of tags

Use tags to organize your Azure resources

Describe the functionality and usage of Azure Policy

Overview of Azure Policy

Describe the functionality and usage of Azure Blueprints

What are Azure Blueprints?

Describe the Cloud Adoption Framework for Azure

What is the Microsoft Cloud Adoption Framework for Azure?

Describe Privacy and Compliance Resources

Describe the Microsoft core tenets of Security, Privacy, and Compliance

Seven Key Principles of Cloud Security and Privacy

Microsoft’s 6 key privacy principles

Compliance and Ethics at Microsoft

Compliance in the trusted cloud

Describe the purpose of the Microsoft Privacy Statement, Online Services Terms (OST), and Data Protection Amendment (DPA)

Microsoft Privacy Statement

Microsoft Online Service Terms (OST)

Microsoft DPA documents


Test Your Knowledge on Azure Identity & Governance

Q] A company wants to ensure that whenever users authenticate to Azure, they have to make use of Multi-Factor Authentication.

Which of the following can help them achieve this?

  1. Azure Service Trust Portal
  2. Azure Security Centre
  3. Azure DDoS protection
  4. Azure Privileged Identity Management

Explanation: You can use Privileged Identity Management (PIM) to enforce multi-factor authentication to activate any role. But, what exactly does PIM do?

Well, your organization has users who have lots of permissions to resources in Azure or Azure AD. PIM just makes sure that only the ones who really require access and only for the time they need the access get them.

In other words, PIM mitigates the risk of excessive or unnecessary permissions on resources. And, enforcing MFA is just one of the ways to do it.

So, Azure Privileged Identity Management is the right answer.

Option 2 is incorrect since the Azure Security Center is just a unified infrastructure security management system in Azure.

Reference Link:

https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure

This question is part of the free Whizlabs practice test. A detailed explanation is given on my YouTube channel as well!


Describe the purpose of the Trust Center

Azure Trust Center Launched

Describe the purpose of the Azure compliance documentation

Azure compliance documentation

Describe the purpose of Azure Sovereign Regions (Azure Government cloud services and Azure China cloud services)

What is Azure Government?

Available services in Azure government

Microsoft Azure operated by 21Vianet in China

Service availability and roadmaps in Azure China

Describe Azure Cost Management and Service Level Agreements (10-15%)

Describe Methods for Planning and Managing Costs

Identify factors that can affect costs (resource types, services, locations, ingress, and egress traffic)

Factors affecting costs in Azure

Pricing for inbound & outbound data traffic


Test Your Knowledge on Azure Cost Management

Q] A company has just set up an Azure virtual private connection between its on-premises network and the Azure virtual network. Does the company have to pay additional costs to transfer several gigabits of data from their on-premise network to Azure?

  1. Yes
  2. No

Explanation: On the Bandwidth Pricing page, it is mentioned that data transfers into Azure are free of cost.

azure pricing page - bandwidth details

Also, data transferred within an Azure region is not charged. Whereas data egress beyond a certain limit will cost you.

data egress azure pricing

So, the correct answer is, No, the company doesn’t have to pay to transfer data from their on-premises network to Azure.

Reference Link:

https://azure.microsoft.com/en-us/pricing/details/bandwidth/

This question is part of the free Whizlabs practice test. You can find my detailed explanation on my YouTube channel as well.


Identify factors that can reduce costs (reserved instances, reserved capacity, hybrid use benefit, spot pricing)

Azure Reserved VM Instances (RIs)

What are Azure Reservations?

Reserved capacity pricing

Bring Windows Server licenses with Software Assurance to Azure

Use Spot VMs in Azure to lower your costs


Test your knowledge on Azure Costs

Q] A company currently has the following unused resources in its subscription.

  • 10 user accounts, 5 user groups in Azure AD
  • 10 public IP address and
  • 10 network Interfaces

They want to reduce the costs of resources and decide to remove the user groups from Azure AD.

Would this fulfill the requirement?

  1. Yes
  2. No

Explanation:

Well, if you look at the pricing for Azure Active Directory, you can create up to 5,00,000 objects even in the free version of Azure AD. These objects include both users and groups.

AZ-900 Azure AD Pricing

So, removing user groups will not cut down the cost.

If you want to cut down the cost, then a better choice would be removing Public IP addresses, as each IP address is billed by the hour.

Reference Link:

https://azure.microsoft.com/en-in/pricing/details/active-directory/

https://azure.microsoft.com/en-in/pricing/details/ip-addresses/

This question is part of the free AZ-900 Whizlabs practice test. You can find my detailed explanation on my YouTube channel as well.


Describe the functionality and usage of the Pricing calculator and the Total Cost of Ownership (TCO) calculator

Microsoft Azure Pricing calculator

Estimate costs with the Azure pricing calculator

Total Cost of Ownership (TCO) Calculator

Estimate the Total Cost of Ownership with the Azure TCO calculator

Describe the functionality and usage of Azure Cost Management

What is Azure Cost Management?

Use Azure Cost Management for free


Test Your Knowledge on Azure Cost Management

Q] A company deploys a number of Azure resources in its subscription. They want to be informed if the cost of any resource goes beyond a certain threshold. Which of the following can help you achieve this?

  1. Create an alert in Azure Monitor.
  2. Create a budget in Azure Cost Management.
  3. Create an alert in Azure Advisor.
  4. Create a cost tag for the resource group.

Explanation: Azure Monitor Alerts notify you of any events or changes in metric values on Azure resources.

Azure Advisor alerts lets you receive recommendations on how to optimize your Azure deployments. So, they both don’t deal with Azure costs and billing.

Tags are used just for organizing Azure resources. They don’t have any alerting facility.

The obvious answer is to create a budget in Azure Cost Management, where you can set spending limits and receive alerts if the cost goes beyond the threshold.

For example, you can create a budget in your subscription at a particular scope, set a budget for a specific duration, and enter the budget amount. With the alerting feature, you can receive alerts if the spending reaches the threshold value.

Reference Link:

https://docs.microsoft.com/en-us/azure/cost-management/tutorial-acm-create-budgets

This question is part of the free Whizlabs practice test. A detailed explanation (with demo) is given on my YouTube channel as well!


Describe Azure Service Level Agreements (SLAs) and Service Lifecycles

Describe the purpose of an Azure Service Level Agreement (SLA)

https://azure.microsoft.com/en-in/support/legal/sla/summary/

https://azure.microsoft.com/en-gb/support/legal/sla/

Identify actions that can impact an SLA (i.e. Availability Zones)

Use availability zones to protect from datacenter level failures

Configure multiple VMs in an availability set for redundancy

Managed disks

SLAs for Azure Virtual Machines

Describe the service lifecycle in Azure (Public Preview and General Availability)

Understand service lifecycle in Azure

This brings us to the end of the AZ-900 Microsoft Azure Fundamentals Study Guide.

What do you think? Let me know in the comments section if I have missed out on anything. Also, I love to hear from you how your az-900 certification preparation is going on!

In case you are preparing for other Azure certification exams, check out the Azure study guide for those exams.

Follow Me to Receive Updates on AZ-900 Exam


Want to be notified as soon as I post? Subscribe to the RSS feed / leave your email address in the subscribe section. Share the article to your social networks with the below links so it can benefit others.

Share the AZ-900 Study Guide in Your Network

You may also like

13 Comments

  1. Thanks for the questions you have shared. I got some confidence out of it because I was able to answer all of them and it boosts my confidence because I have just started to learn Azure.

  2. Thanks Ravi. This blog is really helpful. I cleared AZ 900 certification using your blog and also using Microsoft AZ 900.Fundamentals book wriiten by Jim Chesier

      1. Honestly, i am still not sure if i should appear for AZ-204 – Developer Cert. Meanwhile, planning to learn Python programming. Any suggestions or reference for Python ?