AZ-900 Exam Preparation Notes

Key Topics Covered in Session

Azure Kubernetes Service (AKS): For managing and scaling container-based applications.
Azure DevOps: For CI/CD pipelines and managing code repositories.
Azure App Service: Hosting and managing web applications, REST APIs, and mobile backends.

Microsoft Defender for Cloud: Monitors Azure and on-premises resources, provides threat protection, supports secure score.
- **Key Features: ** Monitors all services, responds rapidly to threats, allows Just-in-Time (JIT) VM access.
Azure Firewall: Cloud-native firewall for threat protection, scalable, stateful, can block/allow traffic based on rules.
**Azure Network Security Group (NSG): ** Basic network access control based on IPs and protocols.
Application Security Group: For configuring network security as an extension of the application structure.
Azure Key Vault: Centralized cloud location for storing and managing secrets, keys, and certificates securely.
Multi-Factor Authentication (MFA): Provides an extra layer of security for user identity verification.
Conditional Access: Enforces organizational policies based on conditions like user identity and IP.
Azure Sentinel: SIEM for collecting and analyzing security data from various sources.

ExpressRoute: Create private connections between Microsoft data centers and on-premises infrastructure.
**VPN Types: ** Site-to-Site, Point-to-Site, Virtual Network.
- Point-to-Site VPN: Secure connection between user device and Azure network.

Azure Cost Management: Tools for monitoring, allocating, and optimizing Azure costs.
- **Key Features: ** Cost tracking, budgets, cost distribution, and cost recommendations.
**Data Ingress/Egress: ** Understanding data transfer costs is crucial.
- Data Ingress: Data entering Azure – usually free.
- Data Egress: Data leaving Azure – usually incurs costs.
Azure Pricing Calculator: Tool for estimating costs of Azure services.
Total Cost of Ownership (TCO) Calculator: Compare on-premises costs to Azure migration costs.
Azure Reservations: Saves cost when committing to Azure resources for 1 or 3 years.
Understanding Costs: Charges applicable based on VM size, region, and resource type.

Public Cloud, Private Cloud, Hybrid Cloud: Different usage and control models for cloud resources.
Capex vs. Opex: Understanding upfront costs (Capex) vs. ongoing costs (Opex).
Free Account and Usage Limits: Understanding Azure free tier limits and potential usage in production.

Azure Monitor: For monitoring Azure resources and creating alerts.
Azure Advisor: Provides recommendations for cost, security, and performance optimization.
Azure Policy: Enforces organizational standards to maintain compliance.
Azure Resource Manager (ARM) Templates: For automating resource deployment.

**Azure Storage Account Types: ** Blob, File, Queue, Table.
**Access Tiers: ** Hot, Cool, and Archive tiers for data based on access frequency.
Azure Data Lake Analytics: For handling and transforming large datasets.

Focus Areas: Security services, networking, understanding billing and pricing models.
Use of Multiple Exam Preparation Resources: Videos, documentation, and practice tests.
Handling Exam Variations: Understanding concept-based questions, relational questions around services like network security, VPN, firewalls, and disaster recovery.