Azure Fundamentals Preparation Guide

As the name suggests, this is most basic exam in the list of Azure Cloud exams. If you have been in IT industry for some time and know the fundamentals of cloud, you are golden.

Additionally, if you hold a cloud certification for other cloud providers, it will be easy for you to get this one. However, if you are new to all this, do not worry. Below I’ve described my one-day preparation for this certification.

Before I start, our company sponsored the one day training and the trainer was from Microsoft. Let’s get started.

First and foremost, check out this link on the Microsoft site that has the outline of the exam. As per Microsoft, the content of AZ-900 exam will be updated on May 28, 2020. The new format is much more streamlined and categorized. The topics that are covered in the exams are:

Describe cloud concepts (15-20%)Understand cloud concepts (20-25%)
Describe core Azure services (30-35%)Understand core Azure services (15-20%)
Describe security, privacy, compliance, and trust (25-30%)Understand Identity, Governance, Privacy and Compliance Features (20-25%)
Describe Azure pricing and support (20-25%)Understand Azure Pricing and Support (10-15%) 
Understand General Security and Network Security Features (10-15%)
Understand Core Solutions and Management Tools on Azure (10-15%)
Table of Comparison for AZ-900

Now in my opinion, regardless of the new or old format, the preparation materials should not change that much. Let us break down each section further to help you understand the changes.

Cloud Concepts

The basic cloud concepts that you will be tested on include:

  1. Benefits and considerations of using cloud services,
  2. Differences between Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS) and Software-as-a-Service (SaaS),
  3. Differences between public, private and hybrid cloud models

Going forward, Microsoft has added two important topics under these sections – one is more emphasis on the shared responsibility model and others to identify a service type based on a use case. This can potentially mean the user can expect a few scenario-based questions based on these two changes.

Core Azure services

The concepts that you will be tested on include:

  1. Azure architectural components 
  2. Core workload products available in Azure 
  3. Solutions available on Azure
  4. Azure management tools 

The #3, and #4 point above have been combined as one and moved to their own section in the new model. Refer to the change table above (Describe Core Solutions and Management Tools on Azure) . However, in my opinion nothing new is added from materials standpoint.

Identity, Governance, Privacy and Compliance Features

The concepts that you will be tested on include:

  1. Core Azure identity services
  2. Azure governance features
  3. Privacy and compliance resources

Azure Pricing and Support 

The concepts that you will be tested on include:

  1. Methods for planning and management of costs 
  2. Azure Service Level Agreements (SLAs) and service lifecycles 

Core Solutions and Management Tools on Azure (New Section)

The concepts that you will be tested on include:

  1. Core solutions available on Azure 
  2. Azure management tools

General Security and Network Security Features (New Section)

The concepts that you will be tested on include:

  1. Azure security features
  2. Azure network security

Important Pointers for the AZ-900 Exam

  • The cost of the current AZ-900 exam is $99. The exam is one hour and the number of questions usually vary between 41-45.
  • There are a number of Yes/No questions and of course multiple-choice questions.
  • There is a set of drag and drop type questions which you have match the Azure services to what they offer.

I took practice exams at for extra practice and they do help. If you are well prepared, you will have plenty of time to spare and re-look at the answers. Below are some of the important pointers that one needs to be aware of:

  1. Economies of scale: This is the ability to reduce costs and gain efficiency when operating at a larger scale in comparison to operating at a smaller scale.
  2. Expenditure Model
    • Capital Expenditure (CapEx): This is the spending of money on physical infrastructure up front, and then deducting that expense from your tax bill over time.
    • Operational Expenditure (OpEx): This is spending money on services or products now and being billed for them now. There is no up-front cost, you pay for a service or product as you use it and you can deduct this expense from your tax bill in the same year.
  3. Shared responsibility model ensures cloud workloads are run securely and in a well-managed way.
    • IaaS: With IaaS, you rent IT infrastructure servers and virtual machines (VMs), storage, networks, and operating systems from a cloud provider on a pay-as-you-go basis.
    • PaaS: The goal of PaaS is to help create an application as quickly as possible without having to worry about managing the underlying infrastructure.
    • SaaS: This is software that is centrally hosted and managed for the end customer.
  4. Azure compute: This is an on-demand computing service for running cloud-based applications. It provides computing resources such as disks, processors, memory, networking and operating systems.
    • Azure Virtual machines (VMs): are software emulations of physical computers. They include a virtual processor, memory, storage, and networking resources.
    • Virtual machine scale sets: Azure compute resource that you can use to deploy and manage a set of identical VMs.
    • App services: You can quickly build, deploy, and scale enterprise-grade web, mobile, and API apps running on any platform.
    • Azure Functions: are ideal when you’re concerned only about the code running your service and not the underlying platform or infrastructure.
    • Azure Container Instances offers the fastest and simplest way to run a container in Azure without having to manage any virtual machines or adopt any additional services.
    • Azure Kubernetes Service (AKS) is a complete orchestration service for containers with distributed architectures and large volumes of containers.
  5. Azure Networking
    • Azure Virtual Network enables many types of Azure resources such as Azure VMs to securely communicate with each other, the internet, and on-premises networks.
    • Azure Load Balancer can provide scale for your applications and create high availability for your services.
    • A VPN gateway is a specific type of virtual network gateway that is used to send encrypted traffic between an Azure Virtual Network and an on-premises location over the public internet.
    • Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications.
    • Content Delivery Network (CDN) is a distributed network of servers that can efficiently deliver web content to users.
  6. Azure Storage and Database:
    • Azure Blob storage is Microsoft’s object storage solution for the cloud. Blob storage is optimized for storing massive amounts of unstructured data, such as text or binary data.
    • Azure Files enables you to set up highly available network file shares that can be accessed by using the standard Server Message Block (SMB) protocol.
    • The Azure Queue service is used to store and retrieve messages.
    • Microsoft Azure Cosmos DB is a globally distributed database service that enables you to elastically and independently scale throughput and storage across any number of Azure’s geographic regions.
    • Azure SQL Database is a relational database as a service (DaaS) based on the latest stable version of Microsoft SQL Server database engine.
    • The Azure Database Migration Service is a fully managed service designed to enable seamless migrations from multiple database sources to Azure data platforms with minimal downtime (online migrations).
  7. Azure Marketplace is a service on Azure that helps connect end users with Microsoft partners, independent software vendors (ISVs), and start-ups that are offering their solutions and services, which are optimized to run on Azure.
  8. IoT Central is a fully managed global IoT software as a service (SaaS) solution that makes it easy to connect, monitor, and manage your IoT assets at scale.
  9. Azure IoT Hub is a managed service hosted in the cloud that acts as a central message hub for bi-directional communication between your IoT application and the devices it manages.
  10. Azure Big Data and Analytics:
    • Azure SQL Data Warehouse is a cloud-based Enterprise Data Warehouse (EDW) that leverages MPP to run complex queries quickly across petabytes of data.
    • Azure HDInsight is a fully managed, open-source analytics service for enterprises.
    • Azure Data Lake Analytics is an on-demand analytics job service that simplifies big data.
  11. Azure Machine Learning service provides a cloud-based environment you can use to develop, train, test, deploy, manage, and track machine learning models.
  12. Azure Machine Learning Studio is a collaborative, drag-and-drop visual workspace where you can build, test, and deploy machine learning solutions without needing to write code.
  13. Logic Apps is a cloud service that helps you automate and orchestrate tasks, business processes, and workflows when you need to integrate apps, data, systems, and services across enterprises or organizations.
  14. Azure Event Grid allows you to easily build applications with event-based architectures.
  15. Azure DevOps Services provides development collaboration tools including high-performance pipelines, free private Git repositories, configurable Kanban boards, and extensive automated and cloud-based load testing.
  16. Azure Lab Services is a service that helps developers and testers quickly create environments in Azure, while minimizing waste and controlling cost.
  17. Azure Management Tools
    • The Azure portal is a public website that you can access with any web browser.
    • Azure PowerShell is a module that you add to Windows PowerShell or PowerShell Core that enables you to connect to your Azure subscription and manage resources.
    • Azure CLI is a cross-platform command-line program that connects to Azure and executes administrative commands on Azure resources.
    • Azure Cloud Shell is a browser-based scripting environment in your portal.
    • Azure mobile app allows you to access, manage, and monitor all your Azure accounts and resources from your iOS or Android phone or tablet.
    • Azure Representational State Transfer (REST) APIs are service endpoints that support sets of HTTP operations (methods), which provide create, retrieve, update, or delete access to the service’s resources.
  18. Azure Advisor is a free service built into Azure that provides recommendations on high availability, security, performance, and cost.
  19. Azure Cost Management: Cost Management is an Azure product that provides a set of tools for monitoring, allocating, and optimizing your Azure costs.
    • Azure Pricing Calculator: The Pricing Calculator is a tool that helps you estimate the cost of Azure products
    • Total Cost of Ownership Calculator: The Total Cost of Ownership Calculator is a tool that you use to estimate cost savings you can realize by migrating to Azure.
  20. Service Level Agreement (SLA): The SLA defines performance targets for an Azure product or service.
    • Composite SLA: Multiply the SLAs together. To determine a composite SLA you multiply the individual SLAs together.
  21. Azure subscription: Azure subscription is a logical unit of Azure services that links to an Azure account.
    • The Developer support plan does not offer 24×7 access to Support Engineers by email and phone.
    • Pay in advance: Azure Reservations offers discounted prices if you pay in advance. To get a discount, you reserve products and resources by paying in advance. You can prepay for one or three year’s use of certain Azure resources.
  22. Azure Services Availability:
    • Public Preview: Public Preview means that an Azure feature is available to all Azure customers for evaluation purposes.
    • Private Preview: This means that an Azure feature is available to certain Azure customers for evaluation purposes.
    • General Availability (GA): GA is a feature released to all Azure customers.
  23. Defense in depth: This is a strategy that employs a series of mechanisms to slow the advance of an attack aimed at acquiring unauthorized access to data. The common principles used to define a security posture are confidentiality, integrity, and availability, known collectively as CIA.

A good resource and a cheat sheet of Azure services from the Microsoft website is below.

List of Services from Microsoft Website

If you can remember all of the above points, you are good to appear and hopefully pass the AZ-900 exam in the first attempt. Remember to have a good night rest before the exam and don’t overthink about this exam. Good Luck!

Have questions? Participate in discussions on our Forums. Click here.

Author: Haman Sharma is a life long learner and you can connect with him on LinkedIn.

Announcement from ReviewNPrep: Our marketplace is now live. Check out the Practice exams from Azure here.