October 3, 2022

TheCyberThrone

Thinking Security ! Always

AZ-900 – Azure Cloud Fundamentals Study Guide

Introduction

The AZ-900 exam is the only exam needed to get the Azure Fundamentals certification, and an optional exam in all the other Azure Paths. This exam is designed for candidates looking to demonstrate foundational level knowledge of cloud services and how those services are provided with Microsoft Azure. The exam is intended for candidates with non-technical backgrounds, such as those involved in selling or purchasing cloud-based solutions and services or who have some involvement with cloud-based solutions and services, as well as those with a technical background who have a need to validate their foundational level knowledge around cloud services.

Exam Details: AZ-900

Exam Name                       Microsoft Azure Fundamentals

Exam Code                        AZ-900

Exam Duration                 60-80 minutes

Exam Format                    Multiple Choice and Multi-Response Questions

Exam Type                         Online and Proctored Exam

Number of Questions     40-60

Exam Fee                          $100 USD

Exam Language                English, Japanese, Chinese (Simplified), Korean

Pass Score                        700 (on a scale of 1-1000)

Exam Medium                  Pearson Vue or Certiport

After successfully passing the AZ-900, the candidate will gain the role of Microsoft Certified: Azure Fundamentals.

Advertisements

Topics Covered in the Azure AZ-900 Certification

The AZ-900 exam includes five major topics, with each focusing on different concepts in Azure identity. Each domain has a different weightage with a different set of subtopics

Describe Cloud Concepts (20-25%)

Identify the benefits and considerations of using cloud services

  • Identify the benefits of cloud computing, such as High Availability, Scalability, Elasticity,
  • Agility, and Disaster Recovery
  • Identify the differences between Capital Expenditure (Capex) and Operational Expenditure (Opex)
  • Describe the consumption-based model

Describe the differences between categories of cloud services

  • Describe the shared responsibility model
  • Describe infrastructure-as-a-service (IaaS),
  • Describe platform-as-a-service (PaaS)
  • Describe serverless computing
  • Describe software-as-a-service (SaaS)
  • Identify a service type based on a use case

Describe the differences between types of cloud computing

  • Define cloud computing
  • Describe public cloud
  • Describe private cloud
  • Describe hybrid cloud
  • Compare and contrast the three types of cloud computing

Describe Core Azure Services (15-20%)

Describe the core Azure architectural components

  • Describe the benefits and usage of Regions and Region Pairs
  • Describe the benefits and usage of Availability Zones
  • Describe the benefits and usage of Resource Groups
  • Describe the benefits and usage of Subscriptions
  • Describe the benefits and usage of Management Groups
  • Describe the benefits and usage of Azure Resource Manager
  • Explain Azure resources

Describe core resources available in Azure

  • Describe the benefits and usage of Virtual Machines, Azure App Services, Azure
  • Container Instances (ACI), Azure Kubernetes Service (AKS), and Azure Virtual Desktop
  • Describe the benefits and usage of Virtual Networks, VPN Gateway, Virtual Network Peering, and express route
  • Describe the benefits and usage of Container (Blob) Storage, Disk Storage, File Storage, and storage tiers
  • Describe the benefits and usage of Cosmos DB, Azure SQL Database, Azure Database for mysql, Azure Database for postgresql, and Azure SQL Managed Instance
  • Describe the benefits and usage of Azure Marketplace
Advertisements

Describe core solutions and management tools on Azure (10-15%)

Describe core solutions available in Azure

  • Describe the benefits and usage of Internet of Things (iot) Hub, iot Central, and Azure Sphere
  • Describe the benefits and usage of Azure Synapse Analytics, hdinsight, and Azure Databricks
  • Describe the benefits and usage of Azure Machine Learning, Cognitive Services and Azure Bot Service
  • Describe the benefits and usage of serverless computing solutions that include Azure Functions and Logic Apps
  • Describe the benefits and usage of Azure devops, github, github Actions, and Azure devtest Labs

Describe Azure management tools

  • Describe the functionality and usage of the Azure Portal, Azure powershell, Azure CLI, Cloud Shell, and Azure Mobile App
  • Describe the functionality and usage of Azure Advisor
  • Describe the functionality and usage of Azure Resource Manager (ARM) templates
  • Describe the functionality and usage of Azure Monitor
  • Describe the functionality and usage of Azure Service Health

Describe general security and network security features (10-15%)

Describe Azure security features

  • Describe basic features of Azure Security Center, including policy compliance, security alerts, secure score, and resource hygiene
  • Describe the functionality and usage of Azure Key Vault
  • Describe the functionality and usage of Azure Sentinel
  • Describe the functionality and usage of Azure Dedicated Hosts

Describe Azure network security

  • Describe the concept of defense in depth
  • Describe the functionality and usage of network security groups (nsg)
  • Describe the functionality and usage of azure firewall
  • Describe the functionality and usage of azure ddos protection

Describe identity, governance, privacy, and compliance features (15-20%)

Describe core Azure identity services

  • Explain the difference between authentication and authorization define Azure Active Directory
  • Describe the functionality and usage of Azure Active Directory
  • Describe the functionality and usage of Conditional Access, Multi-Factor Authentication (MFA), and Single Sign-On (SSO)

Describe Azure governance features

  • Describe the functionality and usage of Role-Based Access Control (RBAC)
  • Describe the functionality and usage of resource locks
  • Describe the functionality and usage of tags
  • Describe the functionality and usage of Azure Policy
  • Describe the functionality and usage of Azure Blueprints
  • Describe the Cloud Adoption Framework for Azure

Describe privacy and compliance resources

  • Describe the Microsoft core tenets of Security, Privacy, and Compliance
  • Describe the purpose of the Microsoft Privacy Statement, Online Services Terms (OST) and Data Protection Amendment (DPA)
  • Describe the purpose of the Trust Center
  • Describe the purpose of the Azure compliance documentation
  • Describe the purpose of Azure Sovereign Regions (Azure Government cloud services and Azure China cloud services)
Advertisements

Describe Azure cost management and Service Level Agreements (10-15%)

Describe methods for planning and managing costs

  • Identify factors that can affect costs (resource types, services, locations, ingress and egress traffic)
  • Identify factors that can reduce costs (reserved instances, reserved capacity, hybrid use benefit, spot pricing)
  • Describe the functionality and usage of the pricing calculator and the total cost of ownership (tco) calculator
  • Describe the functionality and usage of azure cost management

Describe Azure Service Level Agreements (SLAs) and service lifecycles

  • Describe the purpose of an Azure Service Level Agreement (SLA)
  • Identify actions that can impact an SLA (i.e. Availability Zones)
  • Describe the service lifecycle in Azure (Public Preview and General Availability)

Definitions and Elaborations

Part 1 – Cloud Concept

This part contains general knowledge about cloud computing e.g. what are the benefits of cloud, the differences types of cloud service offering, and the differences in cloud deployment models.

Technological benefits of cloud:

  • High Availability — The major cloud providers (Azure, AWS, GCP) have multiple data centres spread around throughout the world. Data and code stored in the cloud are copied to more than one data center. If anything happens to one data center, the data can be recovered from another data center.
  • Fault Tolerance — In case there is any fault in the application or infrastructure, the service can continue to work by moving the work to other healthy servers.
  • Disaster Discover — The data in the cloud can also get copied to other regions e.g. copy data from West US to East US. If there is natural disaster happened in West US and every data center goes down, the data center in East US will still have the copy of data.
  • Scalability — The application running in the cloud can expand its size when there are more users in the system.
  • Elasticity — The application running in the cloud can shrink its size when there are fewer users in the system. The users can also set automatic shutdown during the non-business hours to save money.

Business benefits of cloud:

  • Agility — Cloud allows the business to deliver IT system to customers faster. The machines in the cloud are ready for cloud users to spin up when they need and shut down when they are not required.
  • Economies of scale — Cloud is a shared pool of machines and services. As the number of customers grows, the cloud providers can lower the cost or increase quality of the services.
  • Capital Expenditure (CapEx) vs Operational Expenditure (OpEx) — Building a data center requires large capital investment for hardware as well as the facility. A data center will also require ongoing electricity and staffs cost for operation. By using cloud, the capital expenditure for building a data center is not required.
  • Consumption-based model (pay-as-you-go) — The cloud users only pay for what they need, by the duration they need.
Advertisements

Types of cloud service offering:

  • IaaS  — In this offering, the cloud providers offer barebone hardware in managed data center such as virtual machine or file storage. The cloud providers will take care of the physical infrastructure e.g. data center security or hardware repair, while the cloud users need to take care of server maintenance. For example, Azure VM allows the users to spin up new virtual machines in any size.
  • PaaS  — The cloud providers will take care of the servers. The cloud users only need to bring in application code or data. For example, Azure SQL Database is fully managed service by Azure that the users do not need to / cannot access anything beyond their data.
  • SaaS  — The cloud providers will take care of both servers and code. The cloud users only need to configure the software to suit their needs. For example, Office 365 allows the users to use Microsoft Office software suite.

Differences in cloud deployment model:

  • Public Cloud — When the companies decided to use all their servers from the cloud providers’ data center.
  • Private Cloud — When the companies decided to use all their servers on their own data center to replicate the cloud services e.g. offering self-service components.
  • Hybrid Cloud — When the companies decided to use some of the servers in their own data center, and some of the servers in public cloud.
  • Community Cloud – When companies uses and shares the resources with other companies in the group

Part 2 – Core Azure Services

This part contains the introduction to different services offering in Azure for each service category:

  • Compute — Azure Virtual Machine, Container, Kubernetes Service
  • Network — Azure Virtual Network, Load Balancer, VPN Gateway, Application Gateway, and Content Delivery Network
  • Internet of Things (IoT) — Azure IoT Hub, IoT Central
  • Big Data & Analytics — Azure HDInsight, Data Lake Analytics, Databricks
  • Artificial Intelligence — Azure ML, ML Studio
  • Serverless Computing — Azure Function, Logic Apps
  • Storage — Azure Blob Storage, Disk Storage, File Storage, Data Lake Storage
  • Database — Azure SQL DB, SQL DW, Cosmos DB
  • Management tools — Azure CLI, PowerShell, Portal, Advisor
  • Azure Marketplace — Azure service for deploying ready to use services by Azure or the 3rd party. Such as a package to install and setup R Studio

Part 3 – Security, Privacy, Compliance, and Trust in Azure

This part contains the security Azure provided for their services as well as Azure’s commitment in privacy and regulatory compliance.

Azure services for security in different areas:

  • Network Security — Azure Firewall, DDoS Protection, and Network Security Group
  • Authentication and Authorisation — Azure Activity Directory (AD)
  • Application Security — Azure Key Vault, Information Protection, Advanced Threat Protection
  • Resource Governance — Azure Policies & Initiatives, Role-Based Access Control (RBAC), Locks, Management Groups, Advisor
  • Monitoring & Reporting — Azure Monitor, Service Health
  • Privacy & Regulatory Compliance — Azure Government (for US governments), Germany (for EU’s GDPR regulation), Trust Center
Advertisements

Part 4 – Azure Pricing and Support

This part contains the information about different types of Azure subscription, cost factors of Azure services, tools for cost calculation, and the support plans in Azure.

Azure subscription types:

  • Free — New users will receive $200 credits to spend on any Azure products in the first 30 days. We will also receive free access to popular Azure products for the first 12 months, and the free access to free products forever. This type of subscript requires credit card details, but nothing will be charged until we decide to upgrade to pay-as-you-go subscription.
  • Pay-as-you-go (PAYG) — Charge monthly for the services used in the last billing period. This type is used by individuals and businesses.
  • Enterprise Agreement — Enterprises can make an agreement with Azure which would allow discounted price for software license and Azure services.
  • Student — Students will receive $100 credit to spend in the first 12 months. No credit card required for this subscription type, but the student email verification is required.

Cost Factors of Azure services:

  • Resource Types — Different Azure products will have different pricing e.g. Azure VM cost will be based on the virtual machine size, operating system, usage hours, and storage size. The users can turn off virtual machine temporarily to save usage hours cost, but the storage cost will always incur.
  • Subscription Types — Most users will pay the standard price, while the enterprise customers may have discounted or stable cost.
  • Locations — For some resource types, the cost will vary based on the server locations. For example, Azure VM in Japan data center might cost more than in US data center.
  • Inbound and Outbound traffic — Movement of data between different data center (availability zones) or regions might incur cost.

Tools for cost calculation for Azure

  • TCO Calculator — The service to compare the cloud cost with the Total Cost of Ownership e.g., how much you need to spend if you are to build the same infrastructure in your own data center.
  • Pricing Calculator — The website where the potential customers can plan their cost before moving to Azure cloud
  • Azure Cost Management — Azure free service which shows how much have we spent in this billing period, and provide the best practices to optimise the cost
  • Azure Advisor — Azure free service which provides the recommendations in high availability, security, performance, and cost based on Azure products we are using

Service Level Agreement (SLA)

  • SLA is the minimum time that Azure commits the service will be available to use. If the service is offline for longer time than SLA, Azure will provide credits for the customers.
  • Azure offers 99.9% SLA on most Azure products
  • There are some cases that the SLA can be increased. For example, Azure guarantees 99.99% SLA for the virtual machines that have more than one instance across more than one region.

Public Preview vs Private Preview features

  • Most new features in Azure will be launched as private preview for limited users, then public preview for all the users
  • After the feature has been thoroughly tested, it will be out of preview and become generally availability feature (GA).
  • Azure provides Preview Portal for the users to test out new features for Azure portal. For other features that are not related to the portal, the users can access them from standard Azure portal.

You are now ready for AZ-900!!!!

Advertisements

Candidates could not just start reading every book. They get to cover all topics in the SC-900 exam skills outline. You can get started with your preparations for the SC-900 exam without any difficulties by following the tips mentioned below:

Familiarize with the Exam

Candidates should understand all the topics covered in the exam skills outline for the SC-900 exam. As a result, they could identify suitable learning materials for each topic. This can save them a lot of effort in finding out the relevant resources for supporting their preparations.

Use Microsoft Learning

With a clear idea of all the details about the exam, you can look for moving to the next stage of the SC-900 preparation guide. You need credible learning resources for building a clear foundation for success in qualifying for the exam. Microsoft Learning gives official resources that can help in preparing for SC-900 with reflection on different aspects of Azure topics.

The official recommended learning paths for the AZ-900 exam on the official certification page give a prolific advantage to all learners. The learning paths are divided into different parts for helping you in flexible learning.

Learning paths recommended for the AZ-900 exam can improve your command over the fundamentals of Azure security, Compliance, and identity. With the help of Microsoft learning paths, candidates could discover the perfect start to their AZ-900 preparations.

Microsoft Official Study Guide

Go for Official Documentation Only

If you thought Microsoft only has learning paths, you need to think twice. The official Microsoft documentation about and identity gives the ideal tools for navigating the massive body of knowledge pertaining to the concepts.

The official documentation allows candidates to explore the technical content relevant to their AZ-900 study guide. The official Microsoft documentation also allows the flexibility of selecting resources according to roles, topics, products, job roles, and experience level.

Training Courses are Helpful

Candidates preparing for Microsoft Azure AZ-900 certification could also get the benefit of competitive advantage in their preparations through training courses. There are various professional certification training providers with a wide array of online courses. It is also essential to look for interactive exercises and engaging demo videos with the training courses to ensure a better quality of learning. Most important of all, choose a training course which allows you some room to breathe. It can be difficult to concentrate on your preparation when you must complete the course within a specific time.

Video Courses : Scott Duffy Rodrigues

Practice Tests Can Test You – Important!

It is true that practice is the key factor of success in professional certification exams. So, you need to make the most of practice tests for the AZ-900 exam for evaluating your preparations. Practice tests feature similar formats to the actual exam and encourage the confidence of candidates. Regular practice with practice tests for the AZ-900 exam can help candidates familiarize themselves with the exam format. They can also showcase how the candidates perform in different domains of the exam. Therefore, practice tests are always necessary to add the finishing touch to your preparation.

Practise Test : Whizlabs, Udemy

%d bloggers like this: