Who is this exam for?
The AZ-900 is designed for anyone who wants to demonstrate foundational knowledge of cloud concepts and Microsoft Azure. It’s one of the most popular starting points for a career in cloud — whether you’re an IT administrator, developer, or even in a non-technical role looking to understand what Azure can do.
You don’t need hands-on Azure experience to pass this exam, but some familiarity with IT concepts (like networking, storage, and security basics) will help.
Exam Quick Facts
| Detail | Value |
|---|---|
| Exam Code | AZ-900 |
| Title | Microsoft Azure Fundamentals |
| Level | Fundamentals |
| Pass Score | 700 / 1000 |
| Duration | 45 minutes |
| Questions | ~40–60 (multiple choice, drag-and-drop) |
| Cost | $99 USD (varies by region) |
| Scheduling | Pearson VUE / Certiport (students) |
| Skills Updated | January 14, 2026 |
Official Learning Paths
Complete these three Microsoft Learn paths to cover the full syllabus:
- 📘 Describe cloud concepts — Cloud computing models, benefits, service types
- 📘 Describe Azure architecture and services — Core components, compute, networking, storage, identity
- 📘 Describe Azure management and governance — Cost management, governance, deployment tools, monitoring
📖 Study Resources
| Resource | Link |
|---|---|
| 📝 Official Exam Page | Microsoft Learn — AZ-900 |
| 📖 Official Study Guide | Microsoft Study Guide |
| 🎯 Free Practice Assessment | Start Practice Assessment |
| 🧪 Hands-on Labs (GitHub) | AZ-900 Labs |
| 🖥️ Exam Sandbox | Try the exam interface |
| 🎬 Exam Readiness Zone | Video prep series |
| 📺 John Savill’s AZ-900 Cram | YouTube — 3.5hr cram |
Skills at a Glance
| Skill Area | Weight |
|---|---|
| Describe cloud concepts | 25–30% |
| Describe Azure architecture and services | 35–40% |
| Describe Azure management and governance | 30–35% |
Skills Measured — with Microsoft Learn Links
Every objective below links directly to the Microsoft Learn page that covers it. Click any link to dive into that topic. The objectives are grouped into three domains, weighted by how much of the exam they represent.
Describe cloud concepts (25–30%)
This domain tests your understanding of what cloud computing is, why organisations use it, and how different cloud models (public, private, hybrid) and service types (IaaS, PaaS, SaaS) work. If you’re new to cloud, start here — it builds the vocabulary you’ll need for everything else.
Describe cloud computing
Cloud computing is the delivery of computing services over the internet. This section covers the fundamental models, how pricing works, and the shared responsibility between you and the cloud provider.
- Define cloud computing
- Describe the shared responsibility model
- Define cloud models, including public, private, and hybrid
- Identify appropriate use cases for each cloud model
- Describe the consumption-based model
- Compare cloud pricing models
- Describe serverless
Describe the benefits of using cloud services
Why move to the cloud? This section covers the key benefits that organisations gain — from high availability and scalability to better security and governance. Expect questions that test whether you understand why a benefit matters, not just its name.
- Describe the benefits of high availability and scalability in the cloud
- Describe the benefits of reliability and predictability in the cloud
- Describe the benefits of security and governance in the cloud
- Describe the benefits of manageability in the cloud
Describe cloud service types
IaaS, PaaS, and SaaS are the three main ways cloud services are delivered. Understanding the difference — and when to use each — is a key exam topic. Think of it as: IaaS gives you the building blocks, PaaS gives you a ready platform, and SaaS gives you the finished application.
- Describe infrastructure as a service (IaaS)
- Describe platform as a service (PaaS)
- Describe software as a service (SaaS)
- Identify appropriate use cases for each cloud service type (IaaS, PaaS, and SaaS)
Describe Azure architecture and services (35–40%)
This is the largest domain on the exam. It covers Azure’s physical and logical infrastructure — how resources are organised, what compute and networking services are available, how storage works, and how identity and security are handled. Spend the most time here.
Describe the core architectural components of Azure
Azure is built on a global network of datacenters organised into regions and availability zones. Resources are grouped into resource groups, which live inside subscriptions, which can be organised under management groups. Understanding this hierarchy is essential.
- Describe Azure regions, region pairs, and sovereign regions
- Describe availability zones
- Describe Azure datacenters
- Describe Azure resources and resource groups
- Describe subscriptions
- Describe management groups
- Describe the hierarchy of resource groups, subscriptions, and management groups
Describe Azure compute and networking services
Compute is where your workloads run — from full virtual machines to lightweight serverless functions. Networking connects them all together. You’ll need to understand the main compute options (VMs, containers, App Service, Functions) and networking concepts (VNets, subnets, VPN Gateway, ExpressRoute).
- Compare compute types, including containers, virtual machines, and functions
- Describe virtual machine options, including Azure virtual machines, Azure Virtual Machine Scale Sets, availability sets, and Azure Virtual Desktop
- Describe the resources required for virtual machines
- Describe application hosting options, including web apps, containers, and virtual machines
- Describe virtual networking, including the purpose of Azure virtual networks, Azure virtual subnets, peering, Azure DNS, Azure VPN Gateway, and ExpressRoute
- Define public and private endpoints
Describe Azure storage services
Azure offers multiple storage types for different needs — blobs for unstructured data, files for shared folders, queues for messaging, and tables for NoSQL data. You’ll also need to know about redundancy options (how Azure keeps your data safe across datacenters) and tools for moving data into Azure.
- Compare Azure Storage services
- Describe storage tiers
- Describe redundancy options
- Describe storage account options and storage types
- Identify options for moving files, including AzCopy, Azure Storage Explorer, and Azure File Sync
- Describe migration options, including Azure Migrate and Azure Data Box
Describe Azure identity, access, and security
Security is woven into every part of Azure. This section covers how identity works (Microsoft Entra ID, formerly Azure AD), authentication methods (SSO, MFA, passwordless), access control (RBAC), and security concepts like Zero Trust and defense-in-depth. These topics often appear in scenario-based questions.
- Describe directory services in Azure, including Microsoft Entra ID and Microsoft Entra Domain Services
- Describe authentication methods in Azure, including single sign-on (SSO), multifactor authentication (MFA), and passwordless
- Describe external identities in Azure
- Describe Microsoft Entra Conditional Access
- Describe Azure role-based access control (RBAC)
- Describe the concept of Zero Trust
- Describe the purpose of the defense-in-depth model
- Describe the purpose of Microsoft Defender for Cloud
Describe Azure management and governance (30–35%)
This domain covers the tools and features you use to manage costs, enforce policies, deploy resources, and monitor your Azure environment. It’s about keeping things organised, compliant, and under control — the kind of tasks every Azure administrator deals with daily.
Describe cost management in Azure
Cloud costs can spiral quickly if you’re not paying attention. Azure provides tools to estimate, track, and optimise spending. You should understand what factors affect cost (region, resource type, data transfer) and how to use the pricing calculator and Azure Cost Management.
- Describe factors that can affect costs in Azure
- Explore the pricing calculator
- Describe cost management capabilities in Azure
- Describe the purpose of tags
Describe features and tools in Azure for governance and compliance
Governance ensures your Azure environment stays compliant with your organisation’s policies. Azure Policy lets you enforce rules, resource locks prevent accidental deletion, and Microsoft Purview helps with data governance and compliance.
- Describe the purpose of Microsoft Purview in Azure
- Describe the purpose of Azure Policy
- Describe the purpose of resource locks
Describe features and tools for managing and deploying Azure resources
Azure gives you multiple ways to manage and deploy resources — from the visual Azure portal to command-line tools (Azure CLI, PowerShell) to infrastructure-as-code with ARM templates. Azure Arc extends Azure management to resources outside of Azure, including on-premises and other clouds.
- Describe the Azure portal
- Describe Azure Cloud Shell, including Azure Command-Line Interface (CLI) and Azure PowerShell
- Describe the purpose of Azure Arc
- Describe infrastructure as code (IaC)
- Describe Azure Resource Manager (ARM) and ARM templates
Describe monitoring tools in Azure
Once your resources are running, you need to know how they’re performing. Azure Advisor gives you personalised recommendations, Azure Service Health tells you about platform-level issues, and Azure Monitor provides detailed metrics, logs, and alerts for everything in your environment.