Part 2 : Passed AZ-900. With a Score over 900. Section 1, 2 and 3

  • Describe cloud concepts (20–25%)
  • Describe core Azure services (15–20%)
  • Describe core solutions and management tools on Azure (10–15%)
  • Describe general security and network security features (10–15%)
  • Describe identity, governance, privacy, and compliance features (20–25%)
  • Describe Azure cost management and Service Level Agreements (10–15%)

Describe cloud concepts (20–25%)

Tip : This section has the most verbose questions from my experience in practice tests. Watch out for dis-tractors, questions with specific justification can only have the right answer. So subset or even 1st guess is always right.

Could Models

Advantages of Cloud Computing

  1. High Availability — No downtime
  2. HA = (Uptime/(Uptime + Downtime)) * 100
  3. Depends on SLA for each service
  4. Increase HA by running workloads on multiple Availability Zones
  5. Load Balancer — Evenly distributed traffic to multiple servers in one or more data centers. Routes the traffic to only available data centers with servers.

Scalability -

  1. Vertical — Increase computing capacity by adding RAM or CPU to one Virtual machine.
  2. Horizontal — increase computing capacity by adding instances of resources i.e virtual machines to your configuration.

Elasticity -

  1. Auto-scaling so applications always have the resources they need.
  2. Automatically increase or decrease capacity based on traffic, memory and computing power.

Agility -

  1. Deploy and configure quickly
  1. to indicate done via APIs and demand
  2. Geo-distribution
  3. Data centers around the globe

Disaster Recovery

  1. Backup services, data replication and geo distribution.
  2. Power outages, network failures, natural disaster, etc

Fault Tolerance

  1. This is to do with Uptime in case of faults in any model, how resilient is the system.

Consumption based Model

  1. End users only pay for the resources they use, based on real time constraints on billing

CapEx vs OpEx

  1. Capital Expenditure
  1. Own Infrastructure
  2. Big Initial Investment
  3. Lot of maintenance
  1. There is no upfront cost as you Pay-As-You-Go for a service or product as you use it.
  2. Rent Infrastructure
  3. No initial investment
  4. Operational team maintenance

Serverless Computing

  1. Eliminating the need to manage infrastructure.
  2. Tip: remember PSM. Provisions, Scales and Manages the infrastructure required to run the code.
  3. Invisible to the developer

Types of Cloud Computing

  1. Used exclusively by users from one business or organization. Either on-premises data centers or 3rd party providers.
  1. Combines public & private cloud by allowing data and application to be shared between them.

Exam Tip : Read up as much as you can. This is such a section where questions come from any and all corners.

Describe core Azure services (15–20%)

Compute services

  1. Azure Compute is an on-demand computing service for running cloud-based applications.
  2. Examples are Azure VMs, Azure Container Instances, App Service and Azure Functions.

Azure Virtual Machines (AVMs)

Tip: VP-MSN- short for Virtual Processor, Memory Storage and Networking resources.

Azure Batch — High Performance Computing batch jobs.

Containers and Kubernetes

Azure Functions

  1. Triggers used to perform response to an event (via REST request), timer or message.
  2. Choose the amount of memory & duration.

Azure App Service

  1. Build, deploy & Scale enterprise-grade apps.
  2. It is a PaaS
  3. It offers automatic scaling and high availability.
  4. Types


  1. Azure VPN Gateway
  1. Site-to-site connection (vNET to data center)
  2. Point-to-Site connection (device to vNET)
  3. Network-to-Network connection (vNET to vNET)
  1. Policy based VPNs
  1. IPSec tunnels are modelled as network interface or virtual tunnel interface. To be used when
  2. Connection between vNETs
  3. Point to site connections
  4. Multiple connections
  5. Co-existence with Azure Express Route gateway.
  6. Features
  1. Sizes
  1. For On-premise
  2. VPN device
  3. Public facing (internal-routable) IPv4 address
  1. Azure Express Route
  1. Microsoft Cloud Services
  2. MS Dynamics 365
  3. Azure Compute services such as VMs
  4. Azure Cloud services such as Azure CosmosDB and Azure Storage.
  5. Connectivity Models

Azure Virtual Network (vNET)


Isolation and Segmentation

Internet Communications

Communication between Azure resources

Communication with on-premises resources

Client computer initiates an encrypted VPN connection to Azure to connect to the Azure Virtual Network.

Route network traffic

Network Security Groups

Virtual Network Peering


Architectural Components and Service Guarantees

  1. US DoD Central, US Government Virginia, US Government Iowa, etc
  2. China East, China North, etc — Partnership with Microsoft 21vianet.
  3. T-Systems German data trustee German Central & German Northeast.
  1. Americas
  2. Europe
  3. Asia Pacific
  4. Middle east
  5. Africa
  1. Central US
  2. East US2
  3. West US2
  4. West Europe
  5. France Central
  6. North Europe
  7. Southeast asia
  1. AZ are physically separate data centers within an Azure region.
  1. AZ is primarily for VMs, managed disks, load balancers and SQL databases.

Azure region must have at least 3 AZs

What is region-pair

  1. Each Azure region is always paired with another region within same geography at least 300 miles away

Services would fail over to other regions in region-pair.

Resource Group

  1. Fundamental element of Azure platform
  2. Logical container for resources deployed on Azure.
  3. All resources must be in a resource group and resource can only be a member of a single resource group.

Logical Grouping

  1. Based on usage, type or location.

Azure Resource Manager

  1. It is a management layer.
  2. Create, update, delete, organize, manage, control and tag resources in AZ Subscription.
  3. Accessing using Azure Portal, Azure Powershell, Azure CLI, REST Clients.


  1. Management Groups — These groups help you manage access, policy and compliance for multiple subscriptions. All subscriptions in the management group automatically inherit the conditions applied to the management group.



  1. Billing boundary
  2. Access control boundary

Resource groups

Resources — Azure resource is a manageable item that’s available through Azure Virtual Machines (VMs), storage accounts, web apps, databases and virtual networks are all examples of resources.

Azure Storage

  1. Storage account — 500 TB. 2PB for US & Europe
  2. IaaS or/and PaaS
  3. SLA is upto 11 nines to 16 nines
  4. Storage Account -> Container -> Blob
  1. Standard — less critical
  2. Premium — Mission Critical
  3. Ultra — Data intensive

Blob storage — Object Serverless Storage

  1. Binary or text data in massive amounts
  2. Audio, Video, Images of 8TB
  3. Unstructured

Azure Files (Shared Volumes)

  1. Accessed via Server Message Block (SMB) and Network File System protocols.
  2. Shared Access Signature (SAS) token and SAS URI

Blob Access Tiers

  1. Hot -access tier — frequent access
  2. Cool — access tier — At Least 30 days
  3. Archive access tier — At Least 180 days

Describe core solutions and management tools on Azure (10–15%)

Core Services


Azure SQL

  1. Relational database based on MS SQL server database engine.
  2. PaaS (DBaaS — Structured)
  3. It enables both relational and non-relational structure such as graphs, JSON, spatial and XML.
  4. Migrations can be done via Azure Database Migration Service via Microsoft Data Migration Assistant.

Azure SQL Managed Instance

  1. Scalable cloud data service that provides the broadcast.
  2. It is PaaS
  3. SLA is 99.99% uptime.
  4. SQL DB does not have Cyrillic characters support but SQL Managed Instance does.
  5. Migration Process flow Discover -> Assess-> Migrate->CutOvers->Optimize

Azure database for MySQL

  1. LAMP — Linux Apache MySQL PHP
  2. Relational database service based on MySQL Community Edition database engine version 5.6, 5.7 & 8.0.
  3. SLA 99.99%
  4. Point in time restore to recover a server to an earlier state as far back as 35 days.

Azure Database for PostgreSQL

  1. Relational Database service based on community version of the open-source PostgreSQL database engine.
  2. High Availability
  3. Simple & Flexible Pricing
  4. Scale up or down as needed within seconds.
  5. Adjustable automatic backups and point-in-time restore for upto 35 days.
  6. Enterprise grade security of data at-rest (encryption on disk) and in-motion SSL encryption b/w client & server.

Azure Synapse Analytics (formerly Azure SQL Data Warehouse)

  1. Data warehousing + Big data analytics
  2. You query data on your terms by using either serverless or provisioned resources at scale.
  1. Big data analytics
  2. Massively Parallel Processing (MPP) of SQL Server data.
  3. Pipelines, Studio, Spark, Synapse SQL, Azure data lake Storage Gen 2

Azure HDInsights

  1. Extraction Transformation and Loading (ETL), data warehousing, machine learning and IoT.
  2. Apache Hadoop, Apache Kafka, Apache Storm and Machine Learning services.

Azure Databricks

  1. Open source
  2. Apache Spark based analytics
  3. Unlock insights from all your data and build artificial solutions
  4. Supports Python, Scala, R, Java and SQL. Also Tensor flow, PyTorch and scikit-learn.

IoT Hub, IoT Central & Sphere

  1. IoT enables devices to gather and then relay information
  2. Smart devices are equipped with sensors that collect data.

IoT Hub

IoT Central

Azure Sphere — Hardware and OS of the device to secure message sending.

  1. 3 parts

Azure Machine Learning, Cognitive Services and Bot service

  1. Deep Learning — modeled on a neutral network of the human mind, enabling it to discover learning and grow through experience.
  2. Machine Learning — data science technique using existing data to train a model, test it and then apply to model to forecast future outcomes.

Azure ML

Azure Cognitive Services

  1. Pre-trained models easily included by few lines of code to API.
  2. 4 categories

Azure Bot Service

  1. Bot Service is for a use case Virtual agents to communicate.
  2. Via text, speech and or interactive cards.

Azure DevOps, Github and GitHub Actions

  1. GitHub — Git is a decentralized source code management tool and Github is a hosted version of Git that serves as a remote.
  2. Toolchain — output of 1 tool is input to the next in the tool chain.

Azure DevTest Labs

  1. Anything you can deploy in Azure via a ARM template and pre-provisioned through Dev/Test Labs.

Management Tools

Azure Advisor — provides recommendations on

Azure Monitor

  1. Logs & Metrics — Application, OS, Resource, Subscription Tenant, Custom services and Real Time alerts.

Azure Service Health

  1. Health of Azure services, regions and resources
  3. Only major issues all small & big issues, & provides Root Cause Analysis
  4. Service issues, Planned Maintenance, Health advisories.


ARM Templates — JSON format templates are verified before any code is executed to ensure resources will be created correctly and connected correctly. Then orchestrates the operation in parallel.

Azure Functions (nano service & event-based)

  1. Service you may host a single method or function by using programming in the cloud that runs in response to an event.
  2. Atomic in nature
  3. C#, Python, Javascript, Typescript, Java and powershell.
  4. AF scale automatically and changes occur only when triggered.

Azure Logic Apps (PaaS)

  1. Low-code / no-code
  2. Enterprise Application Integration (EAI) with Azure logic apps you can choose connectors from galleries such as Salesforce, SAP, OracleDB and File Share.
  3. 200+ connectors
  4. Difference between Azure Functions and Azure Logic Apps
  5. AF pricing is based on the number of executions and running time of each execution.
  6. ALA pricing is based on the number of executions and the type of connectors that it utilizes.

Conclusion lets just say BEST OF LUCK. See you on the other side after you cross this bridge.




Have been working as a Techie for the past 15 years and excellence in domains such as IoT 4.0, BFSI, Telecom, e-com and more recently AI.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

DUCTF 2021 Write-ups

TestNet-Sponsorship for Everyone

Top 10 Insights from the 13th Annual State of Agile Report

Best Markdown Editor For Mac 2018

How to Convert HTML to PNG in Go

Anyswap-MPCNode Bug Report

How to automate attendance record with face recognition, Python and React

Aditya Naidu

Aditya Naidu

Have been working as a Techie for the past 15 years and excellence in domains such as IoT 4.0, BFSI, Telecom, e-com and more recently AI.

More from Medium

Let’s Connect!

Are Cyber Attacks A Hybrid System Of War In The World?

How to learn multiple languages in a short time?

Formal Analysis of Caleb Cole’s Trace (pink sheets)