© Copyright Microsoft Corporation. All rights reserved.

FOR USE ONLY AS PART OF VIRTUAL TRAINING DAYS PROGRAM. THESE MATERIALS ARE NOT AUTHORIZED FOR
DISTRIBUTION, REPRODUCTION OR OTHER USE BY NON-MICROSOFT PARTIES.
AZ-900
Module 01:
Cloud
concepts
 Cloud providers include
Microsoft, Amazon, and Google
 Economies of scale

• Less expensive
• More efficient
• Pass benefits on
Public cloud
 Owned by cloud services or hosting provider.
 Provides resources and services to multiple
organizations and users.
 Accessed via secure network connection
(typically over the internet).
Hybrid cloud
Public cloud: • No capital expenditures to scale up.
• Applications can be quickly provisioned and deprovisioned.
• Organizations pay only for what they use.

Organizations have complete control over resources.

Private cloud: Organizations have complete control over security.

• Most flexibility.
• Organizations determine where to run their applications.
Hybrid cloud:
• Organizations control security, compliance, or
legal requirements.
 IaaS PaaS SaaS

• The most flexible cloud • Focus on application • Pay-as-you-go pricing

service. development. model.
• You configure and • Platform management is • Users pay for the
manage the hardware handled by the cloud software they use on a
for your application. provider. subscription model.
of it as “Pizza as a Service”
© Copyright Microsoft Corporation. All rights reserved.
FOR USE ONLY AS PART OF VIRTUAL TRAINING DAYS PROGRAM. THESE MATERIALS ARE NOT AUTHORIZED FOR
DISTRIBUTION, REPRODUCTION OR OTHER USE BY NON-MICROSOFT PARTIES.
AZ-900
Module 02:
Core Azure services
Worldwide there are 54 regions
representing 140 countries
Dublin, Ireland
 Region Region
North Central US South Central US
East US West US
West US 2 West Central US
US East 2 Central US
Canada Central Canada East
North Europe West Europe
UK West UK South

Germany Central Germany Northeast

South East Asia East Asia

East China North China
Japan East Japan West
Australia Southeast Australia East
India South India Central
Brazil South
South Central US
(Primary)
 Azure Region

Availability Zone 1 Availability Zone 2

Availability Zone 3
Virtual
Machine
Services

• Azure VMs
• VM scale sets
• App services
• Functions
 Containers vs Virtual Machines

Application Application Application

Runtime Runtime Runtime

Application Application Application
Operating Operating Operating
System System System Runtime Runtime Runtime

Hypervisor Container Runtime

Operating System Operating System

Bare Metal Bare Metal

Virtual Machines Containers

Container Services
Azure Network Services

• Azure Virtual Network

• Azure Load Balancer
• VPN Gateway
• Azure Application Gateway
• Content Delivery Network
• VNet Peering
Secure point-to-site • POC Efforts
connectivity • Small scale deployments
• Connect from anywhere

Secure site-to-site • Connect to Azure compute

VPN connectivity from on-premises or another
Azure region

• Private connectivity from your

ExpressRoute private on-premises data center to
connectivity Azure virtual networks and
PaaS Services

• In-region VNet-to-VNet connectivity

VNet Peering • Direct VM-to-VM connectivity
within region • Peer VNets for routing and transit
 Schema Data relationships Examples
Structured data Adheres to a schema, Storable in relational Sensor data and
with the same data database tables, financial data.
fields or properties. with rows and
columns.
Semi-structured Has an ad hoc schema Non-relational or Books, blogs, JSON,
data with less organized NoSQL data, not HTML documents.
fields and properties. storable in tables, rows
and column.

Unstructured data Has no designated Non-relational or blob PDFs, JPGs, videos.

schema or data data, with no
structure. restrictions on the
kinds of data blobs
contain.
 Disks Files Containers Tables Queues
• Persistent disks for • SMB and REST • Unstructured data • NoSQL data store • Store and retrieve
Azure IaaS VMs. access. – text or binary. - structured data. messages.
• Premium Storage. • Access from • Block Blobs. • Dynamic scaling • Highly scalable.
• Disks option: SSD anywhere. • Page Blobs. based on load. • Messages can be
based, high IOPS, • Secure access. • Append Blobs. • Scales to processed
low latency. petabytes of data. asynchronously.
• Lift and shift • Fast key/value
operations. lookups.

Built on an unified distributed storage system

Durability, Encryption at rest, Strongly consistent replication, fault tolerance, auto load-balancing
Azure Marketplace
URL to manage VMs? URL to manage Web
App? What Azure Management tools can you use
If you have Windows laptop? ALL
If you have Ubuntu laptop? ALL
If you have Mac book? ALL
If you have an Android tablet/laptop? Azure Portal or Cloud Shell
If you have iPhone? App or Portal
Linux with Azure CLI tools installed, can you run a PowerShell script? NO
MacOS with PowerShell Core installed, can you run a PowerShell script? YES
(don’t be confused by Windows PowerShell, it is not the same as Azure
PowerShell)
•

• Get proactive, actionable, and personalized best practice

recommendations.
• Improve the performance, security, and availability of your
resources.
• Identify opportunities to reduce your Azure costs.
© Copyright Microsoft Corporation. All rights reserved.
FOR USE ONLY AS PART OF VIRTUAL TRAINING DAYS PROGRAM. THESE MATERIALS ARE NOT AUTHORIZED FOR
DISTRIBUTION, REPRODUCTION OR OTHER USE BY NON-MICROSOFT PARTIES.
AZ-900
Module 03:
Security,
privacy,
compliance, and
trust
Defense in depth
Physical Security
 A layered approach to Identity & Access Perimeter
securing computer systems.
 Provides multiple levels of
protection. Network
 Attacks against one layer are Compute
isolated from subsequent
Application
layers.
Data
Shared security
Responsibility On-Premises IaaS PaaS SaaS

 Migrating from customer- Data governance and

Rights Management
Customer Customer Customer Customer

controlled to cloud-based Client endpoints Customer Customer Customer Customer

datacenters shifts the Account and access Customer Customer Customer Customer
management
responsibility for security. Identity and directory Customer Customer Microsoft/ Microsoft/
 Security becomes a shared infrastructure Customer Customer
Application Customer Customer Microsoft/ Microsoft
concern between cloud Customer
providers and customers. Network controls Customer Customer Microsoft/ Microsoft
Customer
Operating system Customer Customer Microsoft Microsoft

Physical hosts Customer Microsoft Microsoft Microsoft

Physical network Customer Microsoft Microsoft Microsoft

Physical datacenter Customer Microsoft Microsoft Microsoft

✔️
Create a policy
definition Assign the definition Review the
to resources evaluation results
 Azure
Active Directory

Azure
subscription
User Apps User groups

Resource group

Resource group
 Lock Types Read Update Delete
CanNotDelete Yes Yes No
ReadOnly Yes No No
 OR

owner: joe
department: cost-center: marketing
marketing
environment: production
 Use variants of Azure Monitor for resources (containers, virtual
Analyze
machines, etc.), with Azure Application Insights for applications.
Azure Alerts can respond proactively to critical conditions
Respond identified in your monitor data and use Auto-scale with Azure
Monitor Metrics.
Use Azure Monitor data to create interactive
Visualize
visualizations, charts, and tables with Power BI.
Integrate Azure Monitor with other systems to build customized
Integrate
solutions to suit your needs and requirements.
CJIS (Criminal Justice Information HIPAA (Health Insurance Portability
Services ) and Accountability Act)

CSA STAR Certification ISO/IEC 27018

General Data Protection National Institute of Standards and

Regulation (GDPR) Technology (NIST)
© Copyright Microsoft Corporation. All rights reserved.
FOR USE ONLY AS PART OF VIRTUAL TRAINING DAYS PROGRAM. THESE MATERIALS ARE NOT AUTHORIZED FOR
DISTRIBUTION, REPRODUCTION OR OTHER USE BY NON-MICROSOFT PARTIES.
AZ-900T0x
Module 04:
Azure pricing
and support
Pricing and purchasing

It depends.
• Enterprise
• CSP
• Web direct

Pricing factors
• Resource type
• Service
• Region
 Perform Perform cost analyses. Use the Azure Pricing and TCO calculators.

Monito Monitor usage with Azure Advisor. Implement recommendations.

Use spending limits. Use via free trial customers and some credit-based
r Use Azure subscriptions.

Use Use Azure Reservations and Azure Hybrid Benefit (HUB).

Choose low-cost locations and regions. If possible, use low-cost

Choose locations.

Keep Keep up-to-date with the latest Azure customer and subscription offers.
Apply tags to identify cost owners. Identify usage owners with tags.
Apply
 Basic Developer Standard Professional Direct Premier
Substantial
Available to all Trial and non- Production
Business-critical dependence
Scope Microsoft production workload
dependence across
Azure accounts environments environments
multiple
products

Technical Business hours 24x7 access to 24x7 access to 24x7 access to

Support access to Support Support Engineers Support Engineers Support Engineers
Engineers via via email and via email and via email and
email phone phone phone

Onboarding
Technical
services, service
Operations account
reviews, Azure
Support manager-led
Advisor
service reviews
consultations
and reporting
 Downtime Downtime
SLA
per month per year

99.9% 43.2 minutes 8.76 hours

99.95 21.6 minutes 4.38 hours

52.56
99.99 4.32 minutes
minutes
 Composite SLA

.9995 * .9999
= 99.94%
Private Preview Public PreviewGenerally Available