Microsoft Certified Azure Fundamentals – Skills Measured

Exam AZ-900: Microsoft Azure Fundamentals

Describe Cloud Concepts (20-25%)

Identify the benefits and considerations of using cloud services

• identify the benefits of cloud computing, such as High Availability, Scalability, Elasticity,
  Agility, and Disaster Recovery
• identify the differences between Capital Expenditure (CapEx) and Operational
  Expenditure (OpEx)
• describe the consumption-based model

Manage role-based access control (RBAC)

• create a custom role
• provide access to Azure resources by assigning roles at different scopes
• interpret access assignments

Describe the differences between categories of cloud services

• describe the shared responsibility model
• describe Infrastructure-as-a-Service (IaaS),
• describe Platform-as-a-Service (PaaS)
• describe serverless computing
• describe Software-as-a-Service (SaaS)
• identify a service type based on a use case

Describe the differences between types of cloud computing

• define cloud computing
• describe Public cloud
• describe Private cloud
• describe Hybrid cloud
• compare and contrast the three types of cloud computing

Describe Core Azure Services (15-20%)

Describe the core Azure architectural components

• describe the benefits and usage of Regions and Region Pairs
• describe the benefits and usage of Availability Zones
• describe the benefits and usage of Resource Groups
• describe the benefits and usage of Subscriptions
• describe the benefits and usage of Management Groups
• describe the benefits and usage of Azure Resource Manager
• explain Azure resources

Describe core resources available in Azure

• describe the benefits and usage of Virtual Machines, Azure App Services, Azure
  Container Instances (ACI), Azure Kubernetes Service (AKS), and Windows Virtual Desktop
• describe the benefits and usage of Virtual Networks, VPN Gateway, Virtual Network
  peering, and Express Route
• describe the benefits and usage of Container (Blob) Storage, Disk Storage, File Storage,
  and storage tiers
• describe the benefits and usage of Cosmos DB, Azure SQL Database, Azure Database for
  MySQL, Azure Database for PostgreSQL, and SQL Managed Instance
• describe the benefits and usage of Azure Marketplace

Describe core solutions and management tools on Azure (10-15%)

Describe core solutions available in Azure

• describe the benefits and usage of Internet of Things (IoT) Hub, IoT Central, and Azure
  Sphere
• describe the benefits and usage of Azure Synapse Analytics, HDInsight, and Azure
  Databricks
• describe the benefits and usage of Azure Machine Learning, Cognitive Services and
  Azure Bot Service
• describe the benefits and usage of serverless computing solutions that include Azure
  Functions and Logic Apps
• describe the benefits and usage of Azure DevOps, GitHub, GitHub Actions, and Azure
  DevTest Labs

Describe Azure management tools

• describe the functionality and usage of the Azure Portal, Azure PowerShell, Azure CLI,
  Cloud Shell, and Azure Mobile App
• describe the functionality and usage of Azure Advisor
• describe the functionality and usage of Azure Resource Manager (ARM) templates
• describe the functionality and usage of Azure Monitor
• describe the functionality and usage of Azure Service Health

Describe general security and network security features (10-15%)

Describe Azure security features

• describe basic features of Azure Security Center, including policy compliance, security
  alerts, secure score, and resource hygiene
• describe the functionality and usage of Key Vault
• describe the functionality and usage of Azure Sentinel
• describe the functionality and usage of Azure Dedicated Hosts

Describe Azure network security

• describe the concept of defense in depth
• describe the functionality and usage of Network Security Groups (NSG)
• describe the functionality and usage of Azure Firewall
• describe the functionality and usage of Azure DDoS protection

Describe identity, governance, privacy, and compliance features (20-
25%)

Describe core Azure identity services

• explain the difference between authentication and authorization
• define Azure Active Directory
• describe the functionality and usage of Azure Active Directory
• describe the functionality and usage of Conditional Access, Multi-Factor Authentication
  (MFA), and Single Sign-On (SSO)

Describe Azure governance features

• describe the functionality and usage of Role-Based Access Control (RBAC)
• describe the functionality and usage of resource locks
• describe the functionality and usage of tags
• describe the functionality and usage of Azure Policy
• describe the functionality and usage of Azure Blueprints
• describe the Cloud Adoption Framework for Azure

Describe privacy and compliance resources

• describe the Microsoft core tenets of Security, Privacy, and Compliance
• describe the purpose of the Microsoft Privacy Statement, Product Terms site, and Data
  Protection Addendum (DPA)
• describe the purpose of the Trust Center
• describe the purpose of the Azure compliance documentation
• describe the purpose of Azure Sovereign Regions (Azure Government cloud services and
  Azure China cloud services)

Describe Azure cost management and Service Level Agreements (10-15%)

Describe methods for planning and managing costs

• identify factors that can affect costs (resource types, services, locations, ingress and
  egress traffic)
• identify factors that can reduce costs (reserved instances, reserved capacity, hybrid use
  benefit, spot pricing)
• describe the functionality and usage of the Pricing calculator and the Total Cost of
  Ownership (TCO) calculator
• describe the functionality and usage of Azure Cost Management

Describe Azure Service Level Agreements (SLAs) and service lifecycles

• describe the purpose of an Azure Service Level Agreement (SLA)
• identify actions that can impact an SLA (i.e. Availability Zones)
• describe the service lifecycle in Azure (Public Preview and General Availability)