AZ-900 Preparation Details
Preparing for the AZ-900 Microsoft Azure Fundamentals Certificate exam? Don’t know where to start? This post is the Azure Fundamentals AZ-900 Certificate Study Guide (with links to each exam objective).
I have curated a detailed list of articles from Microsoft documentation for each objective of the AZ-900 exam. Please share the post within your circles so it helps them to prepare for the exam. You can also download the AZ-900 Study Guide PDF version.
AZ-900 Azure Fundamentals Online Course
| LinkedIn Learning (Free trial) | Exam Prep: Azure Fundamentals Path |
| Pluralsight | Microsoft Azure Fundamentals [Free trial] |
| Udemy (AZ-900 course) | Fundamentals of Azure Certification Course |
| Coursera (Specialization) | Azure Fundamentals Exam Prep Specialization |
AZ-900 Azure Fundamentals Practice Test
| Whizlabs Exam Questions | 5 Practice Tests (275 Q&A) + 35 section tests |
| Udemy Practice Tests | Azure Fundamentals Practice Test (250+ Qs) |
AZ-900 Azure Fundamentals Learning Material
| Amazon e-book (PDF) | Azure Fundamentals Exam Reference Book |
| Datacamp | Cloud Computing for Everyone |
Looking for AZ-900 Dumps? Read This!
Using az-900 exam dumps can get you permanently banned from taking any future Microsoft certificate exam. Read the FAQ page for more information. However, I strongly suggest you validate your understanding with practice questions.
Check out all the other Azure certificate study guides
Full Disclosure: Some of the links in this post are affiliate links. I receive a commission when you purchase through them.
Describe Cloud Concepts (20-25%)
Identify the Benefits and Considerations of Using Cloud Services
Identify the benefits of cloud computing such as High Availability, Scalability, Elasticity, Agility, and Disaster Recovery
Disaster Recovery vs. High Availability vs. Fault Tolerance
Cloud Elasticity vs Cloud Scalability
Watch here a wonderful lecture on Elasticity
Cloud Computing: Two Kinds of Agility
Test Your Knowledge of Cloud Concepts
Q] An application consists of a set of virtual machines hosted in a Virtual Network. In a month, the application has a load of around 20% for 3 weeks. During the last week, the load on the application is 80%.
Which of the following benefits of Azure Cloud would ensure the cost and efficiency of the underlying application infrastructure?
- High availability
- Elasticity
- Disaster recovery
- Fault tolerance
Explanation: You can do the following in this scenario:
Define a Virtual Machine Scale set in Azure and create an initial set of VMs to run for the first 3 weeks.
Then add a scaling policy to add more Virtual Machines to support the application during the last week. This is scaling out.
And, another scaling policy to remove extra VMs at the end of last week to save on costs. This is scaling in.
This concept is referred to as Elasticity which is defined as the extent to which a process can adapt to changes in workload by provisioning/de-provisioning resources automatically in a way that at every instant of time, the available resources closely match the ongoing demand.
Reference Link:
https://azure.microsoft.com/en-us/pricing/details/active-directory/
https://pablo-iorio.medium.com/elasticity-does-not-equal-scalability (See image for the difference between elasticity & scalability).
This question is part of the free AZ-900 Whizlabs practice test. A detailed explanation is given on my YouTube channel as well!
Identify the differences between Capital Expenditure (CapEx) and Operational Expenditure (OpEx)
Capital Expenditure (CapEx) and Operational Expenditure (OpEx)
Describe the consumption-based model
Describe the Differences between Categories of Cloud Services
Describe the shared responsibility model
Shared responsibility in the Azure cloud
Describe Infrastructure-as-a-Service (IaaS)
What is Infrastructure as a service (IaaS)?
Test Your Knowledge of Cloud Concepts
Q] A company is planning to create several Virtual Machines in Azure. Which of the following is the right category to which the Azure Virtual Machine belongs?
- Infrastructure as a service (IaaS)
- Platform as a service (PaaS)
- Software as a service (SaaS)
- Function as a service (FaaS)
Explanation: Well, all that has to do with physical infrastructure are IaaS.
Here, all the servers and storage, Networking firewalls, and data center belong to the IaaS category. That means services like Azure VMs, Azure Storage accounts, Azure Networking fall into IaaS.
SaaS and PaaS use IaaS components and are built on top of IaaS.
So, Infrastructure as a service (IaaS) is the correct answer.
Reference Link:
https://azure.microsoft.com/en-us/overview/what-is-iaas/
This question is part of the free AZ-900 Whizlabs practice test. A detailed explanation is given on my YouTube channel as well!
Describe Platform-as-a-Service (PaaS)
What is Platform as a service (PaaS)?
Describe serverless computing
An introduction to serverless technologies
Describe Software-as-a-Service (SaaS)
What is Software as a Service (SaaS)?
Identify a service type based on a use case
Describe the Differences between Types of Cloud Computing
Define cloud computing
Describe the public cloud
What is a public cloud in Microsoft Azure?
Describe private cloud
What is a private cloud – Definition?
Describe a hybrid cloud
Compare and contrast the three types of cloud computing
Describe Core Azure Services (15-20%)
Describe the Core Azure Architectural Components
Describe the benefits and usage of Regions and Region Pairs
Understand Datacenters and Regions in Azure
Describe the benefits and usage of Availability Zones
Understand Availability Zones in Azure
Describe the benefits and usage of Resource Groups
Describe the benefits and usage of Subscriptions
What is an Azure subscription?
Describe the benefits and usage of Management Groups
What are Azure Management Groups?
Describe the benefits and usage of Azure Resource Manager
What is Azure Resource Manager?
Explain Azure resources
Describe Core Resources Available in Azure
Describe the benefits and usage of Virtual Machines, Azure App Services, Azure
Container Instances (ACI), Azure Kubernetes Service (AKS), and Windows Virtual Desktop
Windows virtual machines in Azure
Azure App Service, What are they?
Azure Container Instances, What are they and their benefits?
Introduction to Azure Kubernetes Service (AKS)
Four compelling reasons to use Azure Kubernetes Service (AKS)
What is Windows Virtual Desktop?
Test Your Knowledge on Azure App Service Plans
Q] Your company uses Azure App Service to host its set of web applications. In case of need as per requirement, does Azure provides the ability to scale the platform automatically?
- Yes
- No
Explanation: Of course, you do have options for both scaling up and scaling out your app in Azure App Service.
You can scale up your app to get more CPU, memory, disk space by changing the pricing tier of the App Service plan that your app belongs to.
Upgrading your pricing tier brings in extra features like custom domains, certificates, staging slots, autoscaling, and more.
And within a set pricing tier, you can scale out to increase the number of VM instances that run your app.
So, the correct answer is ‘Yes.’
Reference Link:
https://azure.microsoft.com/en-us/pricing/details/active-directory/
This question is part of the free Whizlabs practice test. A detailed explanation is given on my YouTube channel as well!
Describe the benefits and usage of Virtual Networks, VPN Gateway, Virtual Network peering, and ExpressRoute
Azure Virtual Network Concepts and Benefits
What is Azure Virtual Private Network Gateway?
What is Azure Virtual Network Peering?
Describe the benefits and usage of Container (Blob) Storage, Disk Storage, File Storage, and storage tiers
What are Azure Blob Storage and its benefits?
Azure File Storage and its benefits
Azure Blob storage: hot, cool, and archive access tiers
Describe the benefits and usage of Cosmos DB, Azure SQL Database, Azure Database for MySQL, Azure Database for PostgreSQL, and SQL Managed Instance
Azure Cosmos DB and its key benefits
Azure SQL Database and its benefits
Microsoft Azure Database for MySQL
What is Azure Database for PostgreSQL?
What is Azure SQL Managed Instance?
YouTube: Know the differences between Azure SQL DB and Managed Instance
Describe the benefits and usage of Azure Marketplace
https://azuremarketplace.microsoft.com/en-us/about
TechTarget: definition/Microsoft-Azure-Marketplace
Describe Core Solutions and Management Tools on Azure (10-15%)
Describe Core Solutions Available in Azure
Describe the benefits and usage of Internet of Things (IoT) Hub, IoT Central, and Azure Sphere
What is the Internet of Things (IoT)?
What is Azure Internet of Things (IoT)?
Why Azure Sphere From Microsoft Is A Big Deal For The IoT Ecosystem?
Describe the benefits and usage of Azure Synapse Analytics, HDInsight, and Azure Databricks
What is Azure Synapse Analytics (formerly SQL DW)?
A technical overview of Azure data bricks
Describe the benefits and usage of Azure Machine Learning, Cognitive Services, and Azure Bot Service
A wiki article on artificial intelligence
What is Azure Machine Learning?
A look at different cognitive services and their APIs
Example: Build a ChatBot with Azure Bot Service
Describe the benefits and usage of serverless computing solutions that include Azure Functions and Logic Apps
Learn about serverless architectures
An introduction to Azure Functions
Describe the benefits and usage of Azure DevOps, GitHub, GitHub Actions, and Azure DevTest Labs
What Is GitHub, and What Is It Used For?
Describe Azure Management Tools
Describe the functionality and usage of the Azure Portal, Azure PowerShell, Azure CLI, Cloud Shell, and Azure Mobile App
Getting started with Azure PowerShell
About Mobile Apps in Azure App Service
Describe the functionality and usage of Azure Advisor
Describe the functionality and usage of Azure Resource Manager (ARM) templates
What are Azure Resource Manager (ARM) Templates and how they are used?
Describe the functionality and usage of Azure Monitor
Describe the functionality and usage of Azure Service Health
Amazon link (affiliate)
Describe General Security and Network Security Features (10-15%)
Describe Azure Security Features
Describe basic features of Azure Security Center, including policy compliance, security alerts, secure score, and resource hygiene
What is Azure Security Center?
Security alerts – a reference guide
Introduction to secure score in Azure Security Center
Security Center: Resource Security Hygiene
Improve your regulatory compliance
Describe the functionality and usage of Key Vault
Describe the functionality and usage of Azure Sentinel
Describe the functionality and usage of Azure Dedicated Hosts
Benefits & limitations of Azure Dedicated Hosts
Describe Azure Network Security
Describe the concept of defense in depth
Defense-in-depth security in Azure
Azure Essentials: Defense-in-depth security
Describe the functionality and usage of Network Security Groups (NSG)
How do Network Security Groups filter network traffic?
Describe the functionality and usage of Azure Firewall
List all the features of Azure Firewall
Describe the functionality and usage of Azure DDoS protection
Azure DDoS Protection Standard overview
Describe Identity, Governance, Privacy, and Compliance Features (20-25%)
Describe Core Azure Identity Services
Explain the difference between authentication and authorization
Medium Post: authentication-vs-authorization
Define Azure Active Directory
Definition of Azure Active Directory
Describe the functionality and usage of Azure Active Directory
Features of Azure Active Directory
Describe the functionality and usage of Conditional Access, Multi-Factor Authentication (MFA), and Single Sign-On (SSO)
Multi-factor Authentication in Azure
Test Your Knowledge on Azure Active Directory Plans
Q] A company is upgrading its current Azure AD Free plan to the Azure AD Premium P1 plan. Does Microsoft provide the same feature set for both plans?
- Yes
- No
Explanation: Well, Azure Active Directory comes in 4 editions—Free, Office 365 apps, Premium P1, and Premium P2.
When you sign up for a free Azure account, you get the Free edition of Azure Active Directory.
You can also choose to upgrade to the Premium P1 plan if you need premium features like Password protection, Conditional access, etc., which do not come in the free plan.
So, yes, the Azure Active Directory free plan and the Premium P1 Plan are quite different as the Premium plan has additional different feature sets.
Reference Link:
https://azure.microsoft.com/en-us/pricing/details/active-directory/
This question is part of the free Whizlabs practice test. A detailed explanation is given on my YouTube channel as well!
Describe Azure Governance Features
Describe the functionality and usage of Role-Based Access Control (RBAC)
Overview of Role-based Access Control
Describe the functionality and usage of resource locks
Lock Azure resources to prevent unexpected changes
Describe the functionality and usage of tags
Use tags to organize your Azure resources
Describe the functionality and usage of Azure Policy
Describe the functionality and usage of Azure Blueprints
Describe the Cloud Adoption Framework for Azure
What is the Microsoft Cloud Adoption Framework for Azure?
Describe Privacy and Compliance Resources
Describe the Microsoft core tenets of Security, Privacy, and Compliance
Seven Key Principles of Cloud Security and Privacy
Microsoft’s 6 key privacy principles
Compliance and Ethics at Microsoft
Compliance in the trusted cloud
Describe the purpose of the Microsoft Privacy Statement, Online Services Terms (OST), and Data Protection Amendment (DPA)
Microsoft Online Service Terms (OST)
Test Your Knowledge on Azure Identity & Governance
Q] A company wants to ensure that whenever users authenticate to Azure, they have to make use of Multi-Factor Authentication.
Which of the following can help them achieve this?
- Azure Service Trust Portal
- Azure Security Centre
- Azure DDoS protection
- Azure Privileged Identity Management
Explanation: You can use Privileged Identity Management (PIM) to enforce multi-factor authentication to activate any role. But, what exactly does PIM do?
Well, your organization has users who have lots of permissions to resources in Azure or Azure AD. PIM just makes sure that only the ones who really require access and only for the time they need the access get them.
In other words, PIM mitigates the risk of excessive or unnecessary permissions on resources. And, enforcing MFA is just one of the ways to do it.
So, Azure Privileged Identity Management is the right answer.
Option 2 is incorrect since the Azure Security Center is just a unified infrastructure security management system in Azure.
Reference Link:
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure
This question is part of the free Whizlabs practice test. A detailed explanation is given on my YouTube channel as well!
Describe the purpose of the Trust Center
Describe the purpose of the Azure compliance documentation
Azure compliance documentation
Describe the purpose of Azure Sovereign Regions (Azure Government cloud services and Azure China cloud services)
Available services in Azure government
Microsoft Azure operated by 21Vianet in China
Service availability and roadmaps in Azure China
Describe Azure Cost Management and Service Level Agreements (10-15%)
Describe Methods for Planning and Managing Costs
Identify factors that can affect costs (resource types, services, locations, ingress, and egress traffic)
Factors affecting costs in Azure
Pricing for inbound & outbound data traffic
Test Your Knowledge on Azure Cost Management
Q] A company has just set up an Azure virtual private connection between its on-premises network and the Azure virtual network. Does the company have to pay additional costs to transfer several gigabits of data from their on-premise network to Azure?
- Yes
- No
Explanation: On the Bandwidth Pricing page, it is mentioned that data transfers into Azure are free of cost.
Also, data transferred within an Azure region is not charged. Whereas data egress beyond a certain limit will cost you.
So, the correct answer is, No, the company doesn’t have to pay to transfer data from their on-premises network to Azure.
Reference Link:
https://azure.microsoft.com/en-us/pricing/details/bandwidth/
This question is part of the free Whizlabs practice test. You can find my detailed explanation on my YouTube channel as well.
Identify factors that can reduce costs (reserved instances, reserved capacity, hybrid use benefit, spot pricing)
Azure Reserved VM Instances (RIs)
Bring Windows Server licenses with Software Assurance to Azure
Use Spot VMs in Azure to lower your costs
Test your knowledge on Azure Costs
Q] A company currently has the following unused resources in its subscription.
- 10 user accounts, 5 user groups in Azure AD
- 10 public IP address and
- 10 network Interfaces
They want to reduce the costs of resources and decide to remove the user groups from Azure AD.
Would this fulfill the requirement?
- Yes
- No
Explanation:
Well, if you look at the pricing for Azure Active Directory, you can create up to 5,00,000 objects even in the free version of Azure AD. These objects include both users and groups.
So, removing user groups will not cut down the cost.
If you want to cut down the cost, then a better choice would be removing Public IP addresses, as each IP address is billed by the hour.
Reference Link:
https://azure.microsoft.com/en-in/pricing/details/active-directory/
https://azure.microsoft.com/en-in/pricing/details/ip-addresses/
This question is part of the free AZ-900 Whizlabs practice test. You can find my detailed explanation on my YouTube channel as well.
Describe the functionality and usage of the Pricing calculator and the Total Cost of Ownership (TCO) calculator
Microsoft Azure Pricing calculator
Estimate costs with the Azure pricing calculator
Total Cost of Ownership (TCO) Calculator
Estimate the Total Cost of Ownership with the Azure TCO calculator
Describe the functionality and usage of Azure Cost Management
What is Azure Cost Management?
Use Azure Cost Management for free
Test Your Knowledge on Azure Cost Management
Q] A company deploys a number of Azure resources in its subscription. They want to be informed if the cost of any resource goes beyond a certain threshold. Which of the following can help you achieve this?
- Create an alert in Azure Monitor.
- Create a budget in Azure Cost Management.
- Create an alert in Azure Advisor.
- Create a cost tag for the resource group.
Explanation: Azure Monitor Alerts notify you of any events or changes in metric values on Azure resources.
Azure Advisor alerts lets you receive recommendations on how to optimize your Azure deployments. So, they both don’t deal with Azure costs and billing.
Tags are used just for organizing Azure resources. They don’t have any alerting facility.
The obvious answer is to create a budget in Azure Cost Management, where you can set spending limits and receive alerts if the cost goes beyond the threshold.
For example, you can create a budget in your subscription at a particular scope, set a budget for a specific duration, and enter the budget amount. With the alerting feature, you can receive alerts if the spending reaches the threshold value.
Reference Link:
https://docs.microsoft.com/en-us/azure/cost-management/tutorial-acm-create-budgets
This question is part of the free Whizlabs practice test. A detailed explanation (with demo) is given on my YouTube channel as well!
Describe Azure Service Level Agreements (SLAs) and Service Lifecycles
Describe the purpose of an Azure Service Level Agreement (SLA)
https://azure.microsoft.com/en-in/support/legal/sla/summary/
https://azure.microsoft.com/en-gb/support/legal/sla/
Identify actions that can impact an SLA (i.e. Availability Zones)
Use availability zones to protect from datacenter level failures
Configure multiple VMs in an availability set for redundancy
SLAs for Azure Virtual Machines
Describe the service lifecycle in Azure (Public Preview and General Availability)
Understand service lifecycle in Azure
This brings us to the end of the AZ-900 Microsoft Azure Fundamentals Study Guide.
What do you think? Let me know in the comments section if I have missed out on anything. Also, I love to hear from you how your az-900 certification preparation is going on!
In case you are preparing for other Azure certification exams, check out the Azure study guide for those exams.
Follow Me to Receive Updates on AZ-900 Exam
Want to be notified as soon as I post? Subscribe to the RSS feed / leave your email address in the subscribe section. Share the article to your social networks with the below links so it can benefit others.
