Prepare for the Microsoft AZ-900 certification exam with Thomas Mitchell, a 25-year veteran of the IT industry, and BEST-SELLING instructor on Udemy in the Microsoft Azure space.
AZ-900 Exam-Prep Bootcamp
Azure Fundamentals Course Details
Azure Fundamentals Course Details
The purpose of this course is to prepare you for the AZ-900 certification exam. All video lectures in this course are entirely FREE.
52 FREE Video Lectures
Learning Material: 5+ Hours
Flashcard Learning
Section 1: Basic Cloud Computing Concepts
An Intro to Cloud Computing (05:01)
In this lecture, I’ll cover how cloud computing provides scalable, on-demand IT services over the internet, eliminating large upfront costs and complex infrastructure management. You’ll learn about the flexibility of scaling resources to meet demand efficiently and how major cloud providers offer secure, high-performance data centers worldwide. We’ll also touch on the cost benefits, including paying only for what you use, and the strategic advantages of improved disaster recovery and security measures.
The Shared-Responsibility Model (02:13)
In this lecture, I introduce The Shared Responsibility Model, which is crucial for understanding the division of security tasks between a cloud provider and the customer in public cloud services. You’ll learn how responsibilities differ across various cloud service models—Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS)—as well as in on-premises data centers.
Cloud Models and Their Use Cases (03:09)
In this lecture, we’ll explore the three primary cloud deployment models: public, private, and hybrid clouds, each with distinct characteristics and use cases. I’ll explain how public clouds like Microsoft Azure offer services over the internet with no capital expenditure and pay-as-you-go pricing, while private clouds provide exclusive resources with full control but require hardware investment and maintenance. Finally, we’ll delve into hybrid clouds, which blend both models for optimal flexibility, allowing organizations to tailor their cloud environment to specific security, compliance, and legal requirements.
The Consumption-Based Model (01:02)
In this lecture, I’ll discuss the consumption-based model utilized by cloud service providers, where customers pay only for the resources they use, avoiding upfront costs and eliminating the need to manage infrastructure. I’ll highlight the model’s flexibility, which allows for scaling up or down as needed, ensuring that you only pay for additional resources when required and can cease payments once they’re no longer needed.
The Benefits of Cloud Computing (05:25)
In this lecture, we’ll explore how cloud services surpass traditional on-prem data centers. Cloud computing offers high availability, seamless scalability both vertically and horizontally, and elasticity for auto-scaling during demand surges. We’ll also delve into the agility for rapid deployment, geo-distribution for global reach, and robust disaster recovery capabilities. Additionally, I’ll highlight the financial advantages of shifting from capital expenditures (CapEx) with upfront costs to operational expenditures (OpEx), aligning with the consumption-based model of the cloud, reducing the financial burden and enhancing the flexibility for businesses.
Cloud Pricing Models (04:02)
In this lecture, we’ll discuss Azure’s three primary pricing models: Pay-As-You-Go for flexibility and no upfront costs, Reserved Instances for cost savings on long-term commitments, and Spot Pricing for cost-effective use of Azure’s unused capacity with potential for interrupted services.
Section 2: Cloud Service Types
Infrastructure-as-a-Service (06:00)
In this lecture, we’ll explore Infrastructure as a Service (IaaS), a cloud computing model that provides scalable compute, storage, and networking resources. We’ll examine how IaaS can reduce infrastructure costs and enhance scalability for businesses. Common use cases such as Lift-and-Shift migrations, testing and development, and high-performance computing will also be discussed.
Platform-as-a-Service (03:57)
In this lecture, we explore Platform as a Service (PaaS), which provides a cloud-based environment for developing, deploying, and managing applications. PaaS includes infrastructure components like servers and storage, as well as development tools and middleware, all managed by the cloud provider. We’ll examine how PaaS facilitates the entire web application lifecycle, simplifying the complexities of software licensing and hardware management for developers.
Software-as-a-Service (03:16)
In this lecture, we discuss Software as a Service (SaaS), where users access cloud-based applications over the Internet, such as email and office tools, typically through a subscription model. SaaS offers a complete software solution managed by the service provider, enabling organizations to utilize applications without significant upfront costs or maintenance responsibilities.
Flashcard Study
The purpose of Flashcard Study quiz yourself, in flash-card fashion, to ensure you’ve retained the information covered in this section. If you can correctly answer all of the flashcard questions below, it means you have a firm grasp of the topics covered in this section.
Section 3: Core Architectural Components
Understanding Azure Regions and Regional Pairs (07:05)
In this lecture, we explore how Microsoft Azure’s infrastructure spans globally across various regions, each comprising interconnected data centers within a specific geographical area. Users select a region when deploying resources, which affects the available features and services. Azure also employs region pairs for resilience, ensuring service availability and facilitating recovery and updates in a staggered fashion across paired regions.
Availability Zones in Azure (03:04)
In this lecture, I cover Availability Zones in Azure, which are physically separate data centers within an Azure region, each with their own power, cooling, and networking to ensure that services remain available even if one zone experiences an outage. I highlight the importance of these zones in maintaining high availability for mission-critical applications, despite the additional cost for duplicating services and data across zones. Availability Zones provide a robust strategy against data center failures within a region, ensuring operational continuity.
Are You Enjoying the Course So Far?
Azure Resources and Resource Groups (05:22)
In this lecture, I introduce Azure Resources and Resource Groups, emphasizing that before deploying resources such as virtual machines, storage accounts, or databases, one must first create a resource group. I explain that a resource group is a container holding related resources for an Azure solution, which cannot be nested but can be used for organized management and applying role-based access control. It’s crucial to remember for the exam that resources are the deployable items in Azure, and they must be managed within resource groups based on organizational logic, lifecycle, or function.
Understanding Azure Subscriptions (05:30)
In this lecture, I cover the fundamentals of Azure subscriptions, emphasizing that they are essential for accessing Azure products and services and defining how resources are used, managed, and billed. I highlight that subscriptions act as both billing and access control boundaries, enabling precise management of costs and permissions. Furthermore, I discuss organizing multiple subscriptions into invoice sections through billing profiles to cater to diverse organizational needs.
Management Groups in Azure (05:21)
In this lecture, I cover how Azure Management Groups streamline governance across multiple subscriptions by organizing them into a hierarchical structure that centralizes policy and access management. I emphasize that all subscriptions within a management group automatically inherit governance conditions applied to the management group, simplifying large-scale management. It’s crucial to recognize that all subscriptions in a management group must trust the same Azure AD tenant to function cohesively within this hierarchy.
Flashcard Study
The purpose of Flashcard Study quiz yourself, in flash-card fashion, to ensure you’ve retained the information covered in this section. If you can correctly answer all of the flashcard questions below, it means you have a firm grasp of the topics covered in this section.
Section 4: Core Azure Compute Services and Products
An Intro to Azure Compute (06:09)
In this lecture, I delve into Azure Compute, Microsoft’s on-demand service for cloud applications, offering scalable compute resources like storage, CPUs, memory, and networking. I cover various compute solutions including Azure Virtual Machines, VM Scale Sets, Container Instances, App Service, and Functions, emphasizing their role in development, application hosting, and data center extension. I highlight the flexibility and cost-effectiveness of these services, where users pay only for the resources they use, available within minutes.
HANDS-ON LAB: Create a Windows VM in Azure
In this interactive, hands-on Azure simulation, you will be guided through the process of provisioning a new Windows virtual machine via the Azure Portal. The new VM, called Server01, will be deployed into an existing resource group, called MyResourceGroup. You will let Azure auto-create a virtual network for the new virtual machine. During the creation of the VM, you will also create and attach a data disk to the virtual machine.
Since this lab involves interactive tasks in a simulated Azure portal, it’s best to perform the lab from a desktop or laptop.
HANDS-ON LAB: Deploy a VM Scale Set
This lab simulation has been excerpted from my VM Scale Set Lunch-n-Learn course. In it, you’ll use the Azure portal to deploy and configure a VM scale set, using an Ubuntu operating system image.
Since this lab involves interactive tasks in a simulated Azure portal, it’s best to perform the lab from a desktop or laptop.
ACI vs AKS (02:45)
In this lecture, we examine Azure Container Instances (ACI) and Azure Kubernetes Service (AKS), highlighting that ACI is ideal for simple, isolated container scenarios such as task automation, while AKS is recommended for comprehensive container orchestration needs, like service discovery, auto-scaling, and application upgrades. Azure manages the operational overhead for AKS, allowing users to focus on agent nodes, with deployment options available through various Azure tools.
HANDS-ON LAB: Create an Azure Container Instance
In this Azure simulation, you will be guided through the process of creating a basic hello-world container instance.
Since this lab involves interactive tasks in a simulated Azure portal, it’s best to perform the lab from a desktop or laptop.
HANDS-ON LAB: Create an Azure Web App
In this Azure simulation, you will be guided through the process of creating a basic Web App in Azure, using the Azure Portal.
Since this lab involves interactive tasks in a simulated Azure portal, it’s best to perform the lab from a desktop or laptop.
Azure Virtual Desktop (02:43)
In this lecture, I cover Azure Virtual Desktop, a cloud-based service that offers desktop and app virtualization with multi-session capabilities for Windows, reducing costs through pooled resources. I emphasize its tight integration with Azure Active Directory for enhanced security and its ability to scale dynamically, making it a cost-effective and flexible solution. Users can access the virtual desktop from any device securely, which is essential for the AZ-900 exam understanding.
Key Azure Management Tools (06:34)
In this lecture, I cover the essential Azure management tools available to optimize and manage your Azure resources. From the interactive Azure Portal for day-to-day operations to automation with Azure PowerShell and Azure CLI, as well as on-the-go management with the Azure mobile app, and guidance through Azure Advisor, I introduce the tools and their unique functions to enhance your Azure management experience.
Section 5: Core Azure Network Services and Products
Getting Started with Azure Virtual Networks (11:41)
In this lecture, I discuss the essentials of Azure virtual networks, including setting up a network’s private IP address space, subnets, and enabling secure communications between Azure resources and on-premises networks. I highlight the connectivity options such as VPNs and ExpressRoute, and emphasize the importance of understanding user-defined routes and network security for the exam. I also stress the significance of regions and subscriptions in the scope of virtual networks and their key capabilities like isolation, segmentation, and internet communication.
HANDS-ON LAB: Create a vNet in Azure
In this interactive, hands-on Azure simulation, you will be guided through the creation of a virtual network called MyNewVnet. You will configure a vNet address space, two subnets, and address ranges for each new subnet.
Since this lab involves interactive tasks in a simulated Azure portal, it’s best to perform the lab from a desktop or laptop.
vNet Peering (03:15)
In this lecture, I cover how vNet Peering in Azure provides seamless connectivity between two or more virtual networks, making them appear as one for communication purposes. I explain that Azure supports both virtual network peering within the same region and global virtual network peering across different regions, ensuring low-latency, secure, and high-bandwidth connections.
An Intro to Azure DNS (03:52)
In this lecture, we delve into Azure DNS, which is Microsoft’s scalable, highly available domain name system service that operates on Azure’s global infrastructure. We’ll explore its features, including integration with Azure Resource Manager for enhanced security and management, as well as its support for both external and Azure-specific DNS management. Additionally, we discuss its support for private DNS domains within Azure virtual networks and the use of alias records for seamless resource referencing.
Azure DNS Private Resolver (02:33)
In this lecture, I introduce the Azure DNS Private Resolver, a service that facilitates queries to Azure DNS private zones from on-premises environments and the other way around, without needing virtual machine-based DNS servers. This fully managed service requires an Azure virtual network and utilizes inbound and outbound endpoints for processing DNS queries, leveraging a configured DNS forwarding rule set.
Azure VPN Gateways (07:46)
In this lecture, we delve into the Azure VPN Gateway, which establishes secure, encrypted connections between various networks over the internet. I explain how it connects on-premises data centers and individual devices to Azure’s virtual networks, as well as linking virtual networks to each other. We also cover the different types of VPN gateways – policy-based and route-based – and the importance of choosing the right SKU for required capabilities.
Azure ExpressRoute (05:57)
In this lesson, I delve into how Express Route allows you to extend your on-premises network into the Microsoft Cloud through a private connection facilitated by a third-party provider, bypassing the public internet. This approach offers enhanced reliability, speed, and security for accessing various Microsoft Cloud services, including Azure and Microsoft 365.
Private Links and Private Endpoints (04:47)
In this lecture, I explain how Azure Private Link allows secure access to Azure PaaS services and customer-owned services via Private Endpoints within your virtual network, bypassing public internet exposure. I emphasize that Private Endpoints utilize a private IP from your virtual network to create a secure and private connection to services like Azure Storage or SQL Database. Additionally, I highlight the benefits of Azure Private Link in securely migrating workloads to Azure and protecting against data leakage by limiting connections to specific service instances.
20-Minute Tech Talk: Azure Bastion Explained (Optional)
This tech talk offers an insightful look into Azure Bastion, a powerful tool within Azure’s networking capabilities, providing a secure, manageable, and efficient way to access Azure VMs remotely. While this knowledge is not required for completing the AZ-900 course, it provides valuable additional learning for anyone interested in the practical applications and benefits of Azure Bastion in real-world scenarios.
Flashcard Study
The purpose of Flashcard Study quiz yourself, in flash-card fashion, to ensure you’ve retained the information covered in this section. If you can correctly answer all of the flashcard questions below, it means you have a firm grasp of the topics covered in this section.
Section 6: Core Azure Storage Services and Products
An Intro to Azure Storage Accounts (04:28)
In this lecture, I introduce Azure Storage Accounts, which serve as containers for all your Azure Storage data objects such as blobs, file shares, queues, tables, and disks, accessible globally via HTTP or HTTPS. I detail various storage account types like standard general-purpose v2 and premium options, each supporting different services and redundancy levels, with Microsoft recommending certain types for specific performance needs or scenarios. Additionally, I highlight the importance of understanding each type’s supported services, redundancy options, and use cases for exam preparation.
A Look at Azure Blobs (04:48)
In this lecture, I delve into Azure Blob storage, which is Microsoft’s object storage solution for handling large amounts of unstructured data like text, images, and videos, ideal for a wide range of scenarios from content serving to data backup and analytics. I cover how objects in Blob storage are accessible through various methods like HTTP/HTTPS, Azure’s APIs, and client libraries, and I also discuss the integration with Azure Data Lake Storage Gen2 for big data analytics. Lastly, I highlight the different storage tiers—Hot, Cool, and Archive—each optimized for different usage patterns and cost considerations.
HANDS-ON LAB: Create and Use Azure Blob Storage
In this Azure simulation, you will be guided through the process of provisioning blob storage in an Azure storage account. You’ll also create an SAS for it and test access.
Since this lab involves interactive tasks in a simulated Azure portal, it’s best to perform the lab from a desktop or laptop.
A Look at Azure Files (07:02)
In this lesson on Azure Files, we dive into the fully managed cloud file share service accessible via SMB and NFS protocols, suitable for concurrent use by cloud and on-premises machines. We discuss its capability to enhance performance through Azure File Sync and how it aids in replacing on-prem file servers, facilitating lift-and-shift migrations, and containerization of applications. Lastly, I highlight the integration with on-prem Active Directory for authentication and the ease it brings to cloud development and the management of application settings and logs.
A Look at Azure Queues (02:17)
In this lecture, I cover Azure Queue Storage, a service designed for storing large numbers of messages, enabling communication between components of a distributed application. The queues, which can contain millions of messages up to 64 KB each, are managed through a URL and housed within a storage account, facilitating scalable app communication. My focus is to convey the significance of Azure Queue Storage in ensuring robust and scalable inter-component messaging in distributed systems.
A Look at Azure Table Storage (03:47)
In this lecture, I cover Azure Table Storage, a service for storing structured NoSQL data in the cloud, offering a key-attribute, schemaless design for adaptable and cost-effective data access. It’s ideal for handling large, flexible datasets without complex relationships, providing efficient querying and scalability for web-scale applications. Azure Table Storage supports easy data retrieval with clustered indexes and integration with .NET libraries via OData and LINQ queries.
Azure Managed Disks (09:53)
In this lecture, I’m covering Azure Managed Disks, detailing block level storage volumes for Azure VMs and how Azure manages these disks. I examine various disk types—Ultra Disks, Premium SSDs, Standard SSDs, and HDDs—each with unique performance characteristics suited for different workloads. Additionally, I discuss the scalability and availability of managed disks, and outline the three main disk roles: Data Disk, OS Disk, and Temporary Disk.
LRS Redundancy vs ZRS Redundancy (08:29)
In this lesson, I delve into the key differences between locally redundant storage (LRS) and zone redundant storage (ZRS) within Azure’s platform, where multiple copies of data ensure resilience against a wide array of failures. I discuss the considerations for choosing between LRS, which replicates data within a single data center, and ZRS, which spans across multiple data centers within a region, each offering different levels of durability and cost. I also highlight the importance of understanding how these redundancy options impact data availability and application requirements, particularly in the context of governance and high availability needs.
GRS Redundancy vs GZRS Redundancy (06:32)
In this lesson, I explain the concepts of geo-redundant storage (GRS) and geo-zone-redundant storage (GZRS), highlighting their roles in ensuring data durability across distant Azure regions, especially in the event of regional disruptions. I distinguish between GRS and GZRS based on the replication method in the primary region, while both use locally redundant storage (LRS) in the secondary region. I also introduce Read-Access GRS (RA-GRS) and Read-Access GZRS (RA-GZRS), which allow read access to the replicated data even if the primary region is down, ensuring continuous availability.
Flashcard Study
The purpose of Flashcard Study quiz yourself, in flash-card fashion, to ensure you’ve retained the information covered in this section. If you can correctly answer all of the flashcard questions below, it means you have a firm grasp of the topics covered in this section.
Section 7: Moving and Migrating Data in Azure
Moving Files in Microsoft Azure (03:51)
In this lecture, I cover the tools for moving or migrating files within Microsoft Azure, specifically highlighting AzCopy, a command-line utility, and Storage Explorer, a standalone application. I discuss the need for authorization credentials for using AzCopy and the versatility of Storage Explorer in managing Azure storage data across various operating systems.
Azure File Sync (03:51)
In this lecture, I discuss Azure File Sync, a service designed to centralize organizational file shares in Azure Files while maintaining the flexibility and performance of traditional file servers. I highlight the benefits of Cloud Tiering, which keeps frequently accessed files local and moves infrequently accessed data to the cloud, optimizing storage costs and ensuring rapid data access. Additionally, I examine Azure File Sync’s role in facilitating distributed access and simplifying cloud-based backup strategies across global office networks.
Azure Migrate (04:53)
In this lecture, we’ll delve into Azure Migrate, a comprehensive platform that simplifies assessing and migrating on-premises servers, infrastructure, applications, and data to Microsoft Azure. Azure Migrate serves as a centralized hub and offers a range of tools, including Azure Migrate: Discovery and Assessment, Azure Migrate: Server Migration, Data Migration Assistant, Azure Database Migration Service, Movere, Web App Migration Assistant, and Azure Data Box. These tools collectively enable organizations to discover, assess, and execute migrations to Azure, ensuring a seamless transition to the cloud.
Flashcard Study
The purpose of Flashcard Study quiz yourself, in flash-card fashion, to ensure you’ve retained the information covered in this section. If you can correctly answer all of the flashcard questions below, it means you have a firm grasp of the topics covered in this section.
Section 8: Identity, Access, and Security in Azure
Understanding Azure Active Directory (06:04)
In this lesson, I will introduce Azure Active Directory (now called Microsoft Entra ID), a cloud-based identity and access management service used by IT administrators, application developers, and subscribers to services like Microsoft 365 and Azure. We’ll explore the various Azure AD licenses, including Free, Premium P1, Premium P2, and Office 365 apps, each offering different features and capabilities. Key terms related to Azure AD will be explained, and we’ll touch on important features like application management, authentication, hybrid identity, reporting, and privileged identity management.
Understanding Azure AD Domain Services (05:45)
In this lecture, we’ll explore Azure Active Directory Domain Services (now called Microsoft Entra Domain Services), which is a managed version of an on-prem Active Directory hosted in the cloud. Azure ADDS offers features like domain join, group policy, LDAP, Kerberos, and NTLM authentication. It integrates with Azure AD and can synchronize users and groups, making it compatible with both cloud-only Azure AD tenants and those synchronized with on-prem Active Directory. Azure ADDS simplifies user management, supports Windows integrated authentication, and provides high availability with multiple domain controllers.
An Introduction to Azure AD B2B (03:45)
In this lecture, we’ll explore Azure Active Directory B2B, also known as business-to-business collaboration. Azure AD B2B enables sharing applications and services with external users from different organizations while maintaining control over data. It offers a simple invitation and redemption process, and guest users can use their own identity management solutions, eliminating administrative overhead. Additionally, licensing considerations are discussed, allowing organizations to invite guest users based on their Azure AD edition.
HANDS-ON LAB: Adding a Guest User to Azure AD
As an administrator, you can easily add guest users to your organization in the Azure portal. In this Azure simulation, you will be guided through the process of adding a guest user in Azure AD.
Since this lab involves interactive tasks in a simulated Azure portal, it’s best to perform the lab from a desktop or laptop.
An Introduction to Azure AD B2C (01:40)
In this lesson, I’ll introduce you to Azure Active Directory B2C (Azure AD B2C), a business-to-consumer identity service that enables customers to log in to applications using their preferred social, enterprise, or local accounts. Azure AD B2C offers a white-label authentication solution, allowing customization of the user experience to align with your brand. It uses standards-based authentication protocols like OpenID Connect, OAuth 2.0, and SAML and can be used with most modern and off-the-shelf applications.
HANDS-ON LAB: Creating an Azure AD B2C Tenant
In this Azure simulation, you will be guided through the process of creating an Azure AD B2C tenant.
Since this lab involves interactive tasks in a simulated Azure portal, it’s best to perform the lab from a desktop or laptop.
SSPR, MFA, and Passwordless in Azure AD (05:01)
In this lesson, we’ll explore Azure Active Directory authentication, focusing on enhancing the end-user experience. We’ll cover self-service password reset, multi-factor authentication, password protection, and passwordless authentication. Azure AD authentication involves various methods to make authentication smoother for both end-users and help desk support.
Azure AD Conditional Access (04:08)
In this lecture, I’ll cover Conditional Access in Azure AD, a feature that enhances security by allowing us to control access to apps and data based on specific conditions. We can create policies that consider factors like user, location, device, application, and risk to automate access decisions. Signals such as user/group membership, location, device state, application, risk, and user risk help tailor policies, while access controls determine whether to grant access or request additional verification. It’s important to note that Conditional Access is available in paid Azure AD editions.
Azure AD Role Based Access Control (04:14)
In this lecture, I cover Azure AD Role-Based Access Control (RBAC), which enables me to manage permissions for Azure AD Resource Management effectively. I explain the concept of built-in roles, such as global administrator, user administrator, and billing administrator, which provide specific permissions for different administrative tasks. Additionally, I discuss the flexibility of creating custom roles by defining role permissions and assigning them to users, all within the RBAC framework.
The Zero-Trust Methodology (04:47)
In this lesson, I cover the Zero-Trust methodology, which revolves around the assumption that everything in the environment is connected to an open and untrusted network. This approach challenges the traditional trust-based model and strengthens security by adding multifactor authentication, limiting device access, and applying three key principles: verify explicitly, least privileged access, and assume breach. Additionally, I discuss the six foundational pillars of the Zero-Trust model: identities, devices, applications, data, infrastructure, and networks, which collectively enforce security policies and protect against various threats.
Understanding Defense in Depth (03:01)
In this lecture, I cover the concept of defense in depth, which is a multi-layered security approach that aims to protect data and systems. It involves various layers of security, including physical security, identity and access controls, perimeter security, network security, the compute layer, application layer, and data layer. Additionally, I discuss the CIA model, which stands for confidentiality, integrity, and availability, as a framework to consider security trade-offs in protecting sensitive data and ensuring data correctness and accessibility.
What is Defender for Cloud? (05:04)
In this lecture, I cover Microsoft’s Defender for Cloud, a versatile tool for enhancing security posture and threat protection. It integrates various Microsoft Defender plans to safeguard resources in Azure, hybrid environments, and across multiple cloud platforms. Defender for Cloud offers comprehensive defenses, continuous assessment, and a Secure Score to help organizations track and improve their security posture while efficiently managing security recommendations and alerts.
Flashcard Study
The purpose of Flashcard Study quiz yourself, in flash-card fashion, to ensure you’ve retained the information covered in this section. If you can correctly answer all of the flashcard questions below, it means you have a firm grasp of the topics covered in this section.
Section 9: Governance and Compliance in Azure
Azure Governance Methodologies (08:50)
In this lecture, I’ll cover Azure governance methodologies, including Azure Policy, policy initiatives, role-based access control (RBAC), resource locks, and Azure Blueprints. Azure Policy helps enforce rules and standards across resources, automatically remediating non-compliant resources. Policy initiatives group policy definitions for easier management. RBAC grants fine-grained access permissions, allowing users to perform specific tasks, while resource locks prevent accidental resource deletion or modification.
Privacy, Compliance, and Data Protection Standards (08:11)
In this lecture, I cover various compliance terms and requirements, as well as services in Microsoft Azure that address privacy, compliance, and data protection. These services include the Microsoft Privacy Statement, Trust Center, Service Trust Portal, Compliance Manager, Azure Government services, and Azure China 21Vianet. Microsoft offers robust compliance processes, including CJIS, CSA STAR certification, GDPR, HIPAA, and NIST compliance, among others, to help organizations adhere to regulations and standards.
Section 10: Azure Cost Management
Planning and Managing Costs (12:42)
In this lecture, we’re going to review the different ways that you can purchase Azure products and services. We’ll also take a look at the different factors that affect costs. Later on, in this lecture, I’ll explain the role that zones play in billing. We’ll also look at the pricing calculator and the TCO calculator.
We’ll round things out with strategies for minimizing costs and how to use the Azure Cost Management tool.
DEMO: Use the Azure Pricing Calculator (05:29)
In this brief demonstration, I’m going to show you how to get some price estimates using the Azure pricing calculator. For this exercise here, I’ll deploy an A2 VM with a dual core CPU, three and a half gigs of RAM, and 135 gig of temporary storage.
DEMO: Use the Azure TCO Calculator (05:41)
In this quick demonstration, I’m going to show you how to use the Azure TCO Calculator. This tool differs from the Pricing Calculator because it provides cost estimates that reflect the impact of migrating your on-premises resources to Microsoft Azure. Essentially, it demonstrates the potential cost savings you can achieve by moving to Azure.
Monitoring and Reporting in Azure (08:49)
In this lecture, I cover the importance of tags in Azure for organizing resources, Azure Monitor for collecting and analyzing telemetry data, and Azure Service Health for personalized guidance during service issues. Tags are used to categorize resources, while Azure Monitor helps monitor and analyze application performance and resource health. Azure Service Health provides real-time information and notifications about service availability and issues, enhancing visibility and support.
Did You Enjoy The Course?
I hope you’ve enjoyed the course! If you’d like to pay what you think is a fair price for the learning experience I’ve provided, click the Pay What’s Fair button below.
This same exact course sells for roughly $13.99 on Udemy. Of that $13.99, I usually get to keep around $5.17. In other words, Udemy gets 63% and I get to keep 37%.
As a THANK YOU for your support, you’ll get the complete workbook, 150+ practice questions with complete explanations, and you’ll get all 600+ course slides so if you wish to study offline, you can do so more effectively!
Still Prefer Udemy?
This entire AZ-900 bootcamp, along with all these resources above, are also available on Udemy.