Microsoft Azure Fundamentals Practice Test (AZ-900)
Use the form below to configure your Microsoft Azure Fundamentals Practice Test (AZ-900). The practice test can be configured to only include certain exam objectives and domains. You can choose between 5-100 questions and set a time limit.

Microsoft Azure Fundamentals AZ-900 Information
Microsoft Azure Fundamentals (AZ-900) Exam
The Microsoft Azure Fundamentals (AZ-900) certification is an entry-level credential for individuals who want to understand cloud computing and Microsoft Azure services. It is designed for beginners and does not require prior technical experience. This certification is ideal for business professionals, students, and those exploring cloud-related careers.
Exam Overview
The AZ-900 exam consists of 40 to 60 multiple-choice and multiple-response questions. Candidates have 60 minutes to complete the test. The exam costs $99 USD. A passing score is 700 on a scale of 1000. The exam is available in several languages, including English, Japanese, Chinese, German, and French.
Exam Content
The AZ-900 exam covers key cloud concepts, Azure architecture, services, security, governance, and pricing. Cloud concepts include basic cloud computing principles, deployment models, and benefits. Azure architecture focuses on core components such as regions, availability zones, and resource management. Azure services include compute, networking, storage, and databases. Security covers identity management, compliance, and best practices. Governance includes cost management and monitoring. Pricing covers Azure subscription models, cost factors, and service-level agreements.
Who Should Take This Exam?
This certification is suitable for individuals who want a foundational understanding of cloud computing and Microsoft Azure. It is designed for business professionals, sales and marketing teams, students, and IT beginners. It is also useful for those planning to earn higher-level Azure certifications.
How to Prepare
Candidates should review the Microsoft Learn AZ-900 learning path, which provides free study materials and interactive content. Microsoft offers online training courses and practice exams to help with preparation. Hands-on experience with Azure services using the free Azure trial can improve understanding.
Summary
The Microsoft Azure Fundamentals (AZ-900) certification is an excellent starting point for individuals interested in cloud computing. It provides a broad understanding of Azure services, security, and pricing. This certification helps professionals and students develop cloud skills and prepares them for more advanced Azure certifications.
Scroll down to see your responses and detailed results
Free Microsoft Azure Fundamentals AZ-900 Practice Test
Press start when you are ready, or press Change to modify any settings for the practice test.
- Questions: 15
- Time: Unlimited
- Included Topics:Cloud ConceptsAzure Architecture and ServicesAzure Management and Governance
Which security model requires verification of every user and device attempting to access resources, regardless of their location within or outside the network?
- You selected this option
Open network model
- You selected this option
Trust but verify model
- You selected this option
Perimeter-based security model
- You selected this option
Zero Trust model
Answer Description
The Zero Trust model operates on the principle that no user or device is trusted by default, regardless of their location. It requires continuous verification of identity and access rights before granting access to resources. The perimeter-based security model trusts users inside the network by default, which can lead to vulnerabilities. The 'Trust but verify' model implies some level of initial trust, which contradicts the Zero Trust principle. The open network model does not emphasize strict access controls, making it less secure.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are the main components of the Zero Trust model?
How does the Zero Trust model differ from traditional security models?
What technologies are commonly used to implement a Zero Trust model?
Which of the following best describes the Software as a Service model?
- You selected this option
A service where the cloud provider supplies and manages the software application, infrastructure, and middleware, while the customer only provides data and uses the software.
- You selected this option
An online service that allows individuals to write and send electronic letters via traditional postal systems.
- You selected this option
A service that provides virtual machines, storage, and networking resources over the internet, allowing customers to run any software, including operating systems and applications.
- You selected this option
A service where customers can deploy and manage their own applications while the provider manages the infrastructure, operating systems, and middleware components.
Answer Description
Software as a Service (SaaS) is a cloud computing offering that provides users with access to a vendor's cloud-based software. Users do not install applications on their local devices. Instead, the applications run on cloud-based servers, and users access the software via the web or an API. The vendor manages the infrastructure, middleware, application software, and application data. An example of a SaaS application is a web-based email service through which you can send and receive emails without having to manage the email server or client software. In contrast, the other options listed either fall under different service models, such as PaaS (where the environment, but not the applications, is managed by the provider) and IaaS (which provides virtualized computing resources over the internet), or are not related to cloud service models at all.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are some common examples of Software as a Service (SaaS) applications?
How does SaaS differ from other cloud service models like PaaS and IaaS?
What are the benefits of using SaaS for businesses?
Azure availability zones are virtual network segments used to isolate resources within a region.
- You selected this option
False
- You selected this option
True
Answer Description
This statement is false. Azure Availability Zones are physically separate datacenters within an Azure region, designed to provide high availability by protecting applications and data from datacenter failures.
They are not virtual network segments; virtual networks and subnets are used to segment and isolate network traffic.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are Azure Availability Zones?
How do Azure Availability Zones differ from virtual networks?
What are the benefits of using Azure Availability Zones?
An organization wants to deploy applications on a cloud environment that is dedicated to their use, while still maintaining the ability to rapidly scale resources. Which type of cloud model is most appropriate for this scenario?
- You selected this option
Private cloud
- You selected this option
Hybrid cloud
- You selected this option
Community cloud
- You selected this option
Public cloud
Answer Description
A private cloud is a cloud computing model where the infrastructure is dedicated exclusively to a single organization. It offers the benefits of scalability and flexibility while providing greater control over data security and compliance. This makes it ideal for organizations that require dedicated resources.
A public cloud provides services over the internet to multiple organizations and is not dedicated to one user.
A hybrid cloud combines elements of both public and private clouds, but the scenario specifies a dedicated environment, making the private cloud the most appropriate choice.
A community cloud is a computing model where infrastructure is shared by multiple organizations with similar needs and objectives. This contradicts the need for an environment dedicated to the organizations use.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are the main benefits of using a private cloud?
How does a private cloud differ from a public cloud in terms of scalability?
What scenarios would be best suited for using a hybrid cloud model?
A company wants to enforce access policies that consider factors like user location and device compliance status.
Which Microsoft Entra feature allows them to implement these access controls?
- You selected this option
Conditional Access
- You selected this option
Multi-Factor Authentication (MFA)
- You selected this option
Azure Information Protection
- You selected this option
Privileged Identity Management
Answer Description
Conditional Access in Microsoft Entra ID enables organizations to create policies that control user access based on various signals like location, device compliance, and risk detection. By using Conditional Access, the company can ensure that access to resources is granted only when specific conditions are met.
Privileged Identity Management manages and monitors access to privileged roles but doesn't enforce access policies based on signals.
Azure Information Protection classifies and protects documents and emails, not user access.
Multi-Factor Authentication (MFA) adds an extra layer of security but doesn't provide dynamic access controls based on factors like location or device compliance.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are the key components of Conditional Access in Microsoft Entra?
How does user location affect access controls in Conditional Access?
What is the difference between Conditional Access and Multi-Factor Authentication?
An organization needs to deploy multiple Azure resources in a consistent and repeatable manner using automation. They want their deployment configurations to be version-controlled and reusable across different environments. Which Azure feature should they use to accomplish this?
- You selected this option
Azure Resource Manager templates
- You selected this option
Azure Policy
- You selected this option
Azure Monitor
- You selected this option
Azure Portal
Answer Description
Azure Resource Manager (ARM) templates enable the automation of Azure resource deployment using declarative JSON files that define the infrastructure and configuration. This approach allows for consistent, repeatable deployments and supports version control systems, enhancing collaboration and change tracking.
Azure Policy helps enforce organizational standards and compliance.
Azure Portal is a web-based interface for manual resource management.
Azure Monitor is used for monitoring and analyzing the performance of resources.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are Azure Resource Manager (ARM) templates and how do they work?
How can I version control my ARM templates?
What are some best practices for using ARM templates?
A company plans to deploy a critical application in Azure that must comply with data residency regulations specific to the country it operates in. The company also wants to ensure business continuity by having a secondary region for disaster recovery. Which of the following would fulfill their compliance requirements and provide a disaster recovery solution?
- You selected this option
Deploy the application in a sovereign region and use its paired region for disaster recovery
- You selected this option
Deploy the application in a single region that is geographically closest to the company's headquarters, ignoring paired regions
- You selected this option
Deploy the application in any region, as all Azure regions are compliant with data residency regulations by default
- You selected this option
Deploy the application across multiple regions outside of the country for maximum global distribution
Answer Description
Sovereign regions are designed to ensure that data resides within a specific geographical location, complying with national regulations. Region pairs consist of two regions within the same geography, providing disaster recovery through replication. Therefore, deploying in a sovereign region with a paired region would meet both the compliance requirement and provide a disaster recovery solution.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are sovereign regions in Azure?
What is the significance of paired regions in Azure?
How do data residency regulations impact cloud deployments?
Which of the following is the BEST reason to use tags in Azure resources for cost management?
- You selected this option
To organize and group resources for detailed billing analysis
- You selected this option
To control access to resources based on user roles
- You selected this option
To monitor the performance and health of resources
- You selected this option
To enforce compliance policies across resources
Answer Description
Tags in Azure are used to logically organize and categorize resources by applying custom metadata in the form of key-value pairs. This is particularly useful for cost management, as it enables detailed billing analysis by grouping costs across resources that share the same tags. By using tags, organizations can track and analyze costs associated with specific projects, departments, or environments.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are Azure tags, and how do they work?
How can tagging assist in budget management within Azure?
Can I enforce policies based on tags in Azure?
Which Azure service is ideal for executing code in response to events, without the need to explicitly manage infrastructure, and scales automatically to handle millions of executions in seconds?
- You selected this option
Azure Virtual Machines
- You selected this option
Azure Logic Apps
- You selected this option
Azure Kubernetes Service (AKS)
- You selected this option
Azure Functions
Answer Description
Azure Functions is a serverless compute service that allows you to run event-triggered code without having to explicitly provision or manage infrastructure. It automatically scales based on demand and you are charged only for the compute resources used during the execution of your functions. Virtual Machines require management of the underlying infrastructure, whereas container services like Azure Kubernetes Service (AKS) also involve orchestration. Logic Apps, although used for automated workflows, are not primarily compute services and do not offer the same kind of execution model.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a serverless compute service?
How does Azure Functions scale automatically?
What are some use cases for Azure Functions?
You are an IT manager at a company planning to migrate its infrastructure to Microsoft Azure. Your team is concerned about maintaining regulatory compliance and effectively managing security in a cloud environment. Which of the following is a benefit of using Azure for your company's infrastructure?
- You selected this option
Azure's cloud environment makes it difficult to achieve compliance due to shared infrastructure.
- You selected this option
Azure requires additional third-party security tools to meet compliance needs.
- You selected this option
Azure provides security features and compliance tools that help organizations manage regulatory requirements.
- You selected this option
Azure leaves security and compliance responsibilities to the customer without support.
Answer Description
Azure provides integrated security features and compliance tools that help organizations manage and meet regulatory standards. By leveraging Azure's built-in capabilities, companies can enhance their security posture and simplify compliance management. The other options are incorrect because Azure does not leave customers without support for security and compliance, it does not make compliance more difficult due to shared infrastructure, nor does it require additional third-party tools to meet compliance needs.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are the integrated security features Azure provides?
How does Azure help with regulatory compliance?
What does shared infrastructure mean in the context of Azure?
A company needs an email service that their employees can access via the internet without the need to install or maintain any software or hardware. They want the provider to handle all aspects of the application, including updates and infrastructure. Which cloud service model best fits their needs?
- You selected this option
Adopt Platform as a Service to develop a custom email application.
- You selected this option
Subscribe to an email service provided entirely over the internet by a cloud provider.
- You selected this option
Purchase and maintain their own physical servers for the email service.
- You selected this option
Utilize Infrastructure as a Service to host and manage their own email servers.
Answer Description
Software as a Service (SaaS) is the appropriate model because it delivers fully managed applications over the internet. In this case, an email service provided as a SaaS solution allows the company to use the service without worrying about installing software, managing hardware, or handling updates—the cloud provider takes care of everything. Infrastructure as a Service (IaaS) would require the company to manage the operating systems and applications themselves, and Platform as a Service (PaaS) would require them to develop or deploy their own applications, which is more work than desired in this scenario.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What exactly is Software as a Service (SaaS)?
What are the differences between SaaS, IaaS, and PaaS?
Why would a company choose SaaS over managing their own servers?
An Azure administrator wants to prevent important virtual machines from being accidentally deleted or modified during routine maintenance. Which feature should they use to ensure these resources remain unaffected by changes?
- You selected this option
Role-Based Access Control (RBAC)
- You selected this option
Access Control (IAM)
- You selected this option
Resource Locks
- You selected this option
Azure Policy
Answer Description
Resource Locks can be applied to resources, resource groups, or subscriptions to prevent accidental deletion or modification. By applying a lock, even users with the necessary permissions must first remove the lock before they can perform the restricted operation. This ensures critical resources remain protected during maintenance or other operations.
Access Control (IAM) and Role-Based Access Control (RBAC) manage permissions but do not prevent users with sufficient privileges from modifying or deleting resources. Azure Policy helps enforce organizational standards and assess compliance but does not block modifications in real-time.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are Resource Locks in Azure?
How do I apply a Resource Lock in Azure?
Can you remove a Resource Lock once it's applied?
Which term refers to the model where users access and use computing resources over the internet, paying only for what they use?
- You selected this option
Cloud computing
- You selected this option
Edge computing
- You selected this option
Server virtualization
- You selected this option
Data mining
Answer Description
Cloud computing involves delivering various services over the internet, including servers, storage, databases, networking, software, analytics, and intelligence. Users can access these resources on-demand and pay only for what they consume, offering flexibility and cost-efficiency. The other options are different concepts: server virtualization is creating multiple virtual servers on a single physical server; data mining is analyzing large datasets to discover patterns; edge computing refers to processing data near the source of data generation to reduce latency.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are the main types of cloud computing services?
How does cloud computing ensure cost-efficiency?
What are the security measures in cloud computing?
An organization must meet strict regulatory requirements but lacks the resources to develop and maintain a comprehensive security infrastructure. Which benefit of cloud computing can help the organization address this challenge?
- You selected this option
Improved global accessibility and reach
- You selected this option
Ability to scale resources dynamically based on demand
- You selected this option
Reduced costs through pay-as-you-go pricing models
- You selected this option
Access to built-in security features and compliance certifications
Answer Description
Cloud providers like Azure offer built-in security features and maintain compliance certifications for various regulatory standards. By leveraging these services, organizations can access advanced security measures and easily meet compliance requirements without investing heavily in their own infrastructure. While scalability, global reach, and cost savings are benefits of cloud computing, they do not directly help with meeting strict regulatory requirements.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are built-in security features in cloud computing?
What are compliance certifications, and why are they important?
How can leveraging cloud services reduce the burden of security management?
You need to manage Azure resources using command-line tools, but you're on a computer where installing software is not possible. Which feature within the Azure portal allows you to run command-line tools like Azure CLI and Azure PowerShell directly from your web browser?
- You selected this option
Azure Resource Manager
- You selected this option
Azure Advisor
- You selected this option
Azure Portal Dashboard
- You selected this option
Azure Cloud Shell
Answer Description
Azure Cloud Shell provides an integrated, browser-accessible shell that allows you to run Azure CLI and Azure PowerShell commands without any local installation. It's a convenient tool for managing Azure resources from any device.
Azure Resource Manager is the deployment and management service for Azure but doesn't offer a command-line interface.
Azure Portal Dashboard is a graphical interface and doesn't support command-line operations.
Azure Advisor offers personalized recommendations to optimize your Azure resources but doesn't provide command-line capabilities.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Azure Cloud Shell?
How do I access Azure Cloud Shell?
What tools are available in Azure Cloud Shell?
Smashing!
Looks like that's it! You can go back and review your answers or click the button below to grade your test.