AZ-900 Microsoft Azure Fundamentals Exam Study Guide

The AZ-900 Microsoft Azure Fundamentals certification exam is intended for individuals who want to have a foundational knowledge when venturing into the Cloud. Although the AZ-900 test is the easiest to achieve among all the Azure certification exams, you still need to learn and properly understand the concepts on cloud computing, and know the basics on the Azure services.

In the Microsoft Azure Fundamentals Exam (or AZ-900 for short), questions will test your ability to:

  • Describe Cloud Concepts
  • Describe Core Azure Services
  • Describe Security, Privacy, Compliance, and Trust
  • Describe Azure Pricing Service Level Agreements and Lifecycles

Given the scope of the exam above, you should also be familiar with the concepts of compute, storage, networking, application support, and application development. This guide aims to help you pass your exam on your first try.

Study Materials

The primary study materials that you can use for your review are: Azure Fundamentals Learning Path, Azure Documentation, Tutorials Dojo’s Azure Cheat Sheets, and our AZ-900 Practice Exams.

IT Certification Category (English)728x90

Having an Azure account will help you better understand the concepts written within the documentations, since the exam itself contains different types of questions (multiple-choice, statement, drag and drop, hotspot, and dropdown) to test your knowledge on these services.

Additional details regarding your AZ-900 exam can be found in this Azure Exam Skills Outline.

To learn more about each of the AZ-900 exam domains, you can take these free training materials from the Microsoft site:

  1. Explore Microsoft Azure cloud concepts – learn and understand the fundamentals of the Azure platform.
  2. Distinguish Microsoft Azure Core Services – explore the core products, solutions, and different management tools available in Azure.
  3. Examine Microsoft Azure security, privacy, compliance, and trust – study the basics of how you can secure your network connectivity, the difference between authentication and authorization, and various security tools to protect your account.
  4. Review Microsoft Azure pricing, service level agreements, and lifecycles – explore the factors that affect your cost when using Azure services.

Azure Services to Focus On

Azure offers extensive documentations and various learning paths for all of their services. Knowing the basic concepts and Azure services will help you easily pass the AZ-900 exam, which can pave the way towards a rewarding career in cloud computing. I suggest that you read Tutorials Dojo’s Azure Cheat Sheets, which provide bullet-point summaries of the most important concepts about the different Azure services. 

Concepts that you need to focus on:

  1. Cloud Concepts – You should be able to understand the various concepts in cloud computing, such as benefits, economies of scale, deployment models, and types of cloud services.
  2. Compute – Study the different types of compute services, and their use cases.
  3. Storage – Azure offers many types of storage services, depending on your needs. Understand what these types are and how they differ from each other.
  4. Network – This is the fundamental building block in launching your resources. Study the different types of networking services and the features each of them supports.
  5. Security – Understand how you can secure your account in Azure. You also need to know the various security services that you can use in different scenarios. 

Aside from these, you should know the differences between Azure Portal, CLI, Powershell, and Cloud Shell. It’s also important to familiarize yourself with the portal’s interface since there are questions that show an image of the portal and ask you to select the answer that matches the image.

Validate Your Knowledge

After going through the training and reading materials we gave above, we recommend taking a practice exam first before booking your AZ-900 exam. Tutorials Dojo offers a top-notch set of AZ-900 Microsoft Azure Fundamentals practice tests. Combined with our study guide and cheat sheets eBook, we’re confident that these will help you pass the exam.

AZ-900 Microsoft Azure Fundamentals Practice Exam Tutorials Dojo

Sample Practice Test Questions:

Question 1

A company is planning to deploy its suite of enterprise applications to Microsoft Azure, where each application has several dependencies and subcomponents. The company must also control and manage the patching activities of the underlying operating system of the servers.

What type of cloud deployment solution should you recommend?

  1. Infrastructure as a Service (laaS)
  2. Platform as a Service (PaaS)
  3. Software as a Service (SaaS)
  4. Functions as a service (FaaS)

Correct Answer: 1

Infrastructure as a service (IaaS) is an instant computing infrastructure, provisioned, and managed over the internet. It’s one of the types of cloud services, along with software as a service (SaaS), platform as a service (PaaS), and serverless.

IaaS quickly scales up and down with demand, letting you pay only for what you use. It helps you avoid the expense and complexity of buying and managing your own physical servers and other datacenter infrastructure. Each resource is offered as a separate service component, and you only need to rent a particular one for as long as you need it.

A cloud computing service provider, such as Azure, manages the infrastructure, while you purchase, install, configure, and manage your own software — operating systems, middleware, and applications.

You can also use the Azure Virtual Machines, which is an Infrastructure as a Service (IaaS), to host the suite of enterprise applications and manage the patching activities of the underlying operating system of the servers.

Therefore, the correct answer is: Infrastructure as a Service (laaS).

Platform as a Service (PaaS) is incorrect because this is a type of cloud service that allows you to focus on developing your applications and services by letting the cloud service provider handle the administrative tasks of the underlying application infrastructure. It doesn’t allow the customers to control and manage the patching activities of the underlying operating system of the servers.

Software as a Service (SaaS) is incorrect because this cloud service type just allows customers to connect to and use its cloud-based apps over the Internet, and not deploy their custom applications. Just like PaaS, it doesn’t allow the customers to control and manage the patching activities of the underlying operating system of the servers that you use.

Function as a Service (FaaS) is incorrect because this is simply an event-driven serverless compute platform. The underlying servers are abstracted and not accessible to the end-user.

References:
https://azure.microsoft.com/en-au/overview/what-is-iaas
https://azure.microsoft.com/en-au/overview/what-is-azure/iaas/#overview
https://docs.microsoft.com/en-us/learn/modules/principles-cloud-computing/5-types-of-cloud-services
https://docs.microsoft.com/en-us/azure/security/fundamentals/paas-deployments

Azure Cloud Service Models Cheat Sheet:
https://tutorialsdojo.com/azure-cloud-service-models/

Question 2

Which of the following is a cloud-based security solution that leverages your on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization?

  1. Azure AD Connect Health
  2. Azure Advanced Threat Protection (ATP)
  3. Azure Information Protection
  4. Azure Service Health

Correct Answer: 2

Azure Advanced Threat Protection (ATP) is a cloud-based security solution that leverages your on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization.

Azure ATP enables SecOp analysts and security professionals struggling to detect advanced attacks in hybrid environments to:

  • Monitor users, entity behavior, and activities with learning-based analytics
  • Protect user identities and credentials stored in Active Directory
  • Identify and investigate suspicious user activities and advanced attacks throughout the kill chain
  • Provide clear incident information on a simple timeline for fast triage

Azure ATP monitors and analyzes user activities and information across your network, such as permissions and group membership, creating a behavioral baseline for each user. Azure ATP then identifies anomalies with adaptive built-in intelligence, giving you insights into suspicious activities and events, revealing the advanced threats, compromised users, and insider threats facing your organization. Azure ATP’s proprietary sensors monitor organizational domain controllers, providing a comprehensive view for all user activities from every device.

Azure ATP provides you invaluable insights on identity configurations and suggested security best-practices. Through security reports and user profile analytics, Azure ATP helps dramatically reduce your organizational attack surface, making it harder to compromise user credentials and advance an attack. Azure ATP’s visual Lateral Movement Paths help you quickly understand exactly how an attacker can move laterally inside your organization to compromise sensitive accounts and assists in preventing those risks in advance. Azure ATP security reports help you identify users and devices that authenticate using clear-text passwords and provide additional insights to improve your organizational security posture and policies.

Hence, the correct answer is: Azure Advanced Threat Protection (ATP).

Azure AD Connect Health is incorrect because this is simply a Microsoft tool designed to meet and accomplish your hybrid identity goals such as password hash synchronization, pass-through authentication, federation integration, synchronization, and health monitoring. It doesn’t leverage on your on-premises Active Directory signals either.

Azure Information Protection is incorrect because this is just a service that is primarily used to helps organizations label and classify their sensitive documents and emails.

Azure Service Health is incorrect because this service only provides personalized guidance and support when issues in Azure services affect your resources. This is not a cloud-based security solution that leverages your on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization.

References:
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/what-is-atp
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-architecture

Azure Advanced Threat Protection (ATP) Cheat Sheet:
https://tutorialsdojo.com/azure-advanced-threat-protection-atp/

You should get some rest before the day of your exam and review any notes that you have written down. Since the AZ-900 exam is not composed of scenario-based questions and case studies, the exam itself should be straightforward.

All the best!

Pass your AWS Certifications on your First Try with the Tutorials Dojo Portal

Tutorials Dojo portal

Our Bestselling AWS Certified Solutions Architect Associate Practice Exams

AWS Certified Solutions Architect Associate Practice Exams

Enroll Now – Our AWS Practice Exams with 95% Passing Rate

AWS Practice Exams Tutorials Dojo

Tutorials Dojo Study Guide and Cheat Sheets eBooks

Tutorials Dojo Study Guide and Cheat Sheets-2

FREE Intro to Cloud Computing for Beginners

FREE AWS Practice Test Samplers

Browse Other Courses

Generic Category (English)300x250

Recent Posts