Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertificationsAZ-900Exam Questions

Microsoft · Free Practice Questions · Last reviewed May 2026

AZ-900 Exam Questions and Answers

18real exam-style questions organised by domain, each with the correct answer highlighted and a plain-English explanation of why it's right — and why the others are wrong.

50 exam questions
60 min time limit
Pass: 700/1000 / 1000
3 exam domains
OverviewDomain BlueprintStudy GuideAll QuestionsSample by Domain
1. Describe cloud concepts2. Describe Azure architecture and services3. Describe Azure management and governance
1

Domain 1: Describe cloud concepts

All Describe cloud concepts questions
Q1
easyFull explanation →

A startup wants to deploy a web application that experiences unpredictable traffic spikes. They need to scale resources automatically without manual intervention. Which benefit of cloud computing directly addresses this requirement?

A

High availability

B

Elasticity

Elasticity enables automatic scaling of resources to match varying demand, making it the correct choice.

C

Disaster recovery

D

Fault tolerance

Why: Elasticity is the cloud computing benefit that enables resources to automatically scale out (add instances) during traffic spikes and scale in (remove instances) when demand drops, without manual intervention. This directly matches the startup's need to handle unpredictable traffic patterns by dynamically adjusting compute capacity, typically using services like Azure Virtual Machine Scale Sets or Azure App Service auto-scale rules.
Q2
easyFull explanation →

A retail company runs its e-commerce platform on a public cloud. During a major sale event, they want to ensure that the application remains accessible even if an entire data center fails. Which cloud computing concept does this describe?

A

Scalability

B

Elasticity

C

High availability

High availability is designed to minimize downtime and keep services running during component failures.

D

Disaster recovery

Why: Option C is correct because high availability ensures that the application remains accessible even if an entire data center fails, typically through redundant infrastructure across multiple availability zones. This is achieved by deploying the application in a load-balanced, multi-AZ configuration that automatically fails over to healthy instances, maintaining uptime despite a complete data center outage.
Q3
hardFull explanation →

A financial services company is evaluating a public cloud provider. They are concerned about the shared responsibility model for security. The company must ensure that their customer data is encrypted at rest and in transit. Under the shared responsibility model, which security control is the cloud provider typically responsible for?

A

Encrypting customer data at rest

B

Patching virtual machines

C

Physical network security

The cloud provider is responsible for the security of the physical network, including firewalls and infrastructure against physical threats.

D

Managing customer access policies

Why: Under the shared responsibility model, the cloud provider is responsible for the security OF the cloud, which includes physical network security such as protecting the data center perimeter, network infrastructure, and hardware. This is correct because physical security controls (e.g., access badges, surveillance, and network firewalls at the provider's edge) are entirely the provider's domain and cannot be delegated to the customer.
Q4
easyFull explanation →

A multinational corporation wants to reduce its carbon footprint by shifting workloads to the cloud. They want to understand how using a cloud provider's shared infrastructure contributes to sustainability. Which cloud computing concept is most directly related to this environmental benefit?

A

Broad network access

B

Resource pooling

Resource pooling enables sharing of resources among multiple customers, improving utilization and reducing waste.

C

On-demand self-service

D

Rapid elasticity

Why: Resource pooling is the cloud computing concept most directly related to sustainability because it allows a cloud provider to serve multiple customers from the same shared physical infrastructure. By dynamically allocating and reallocating resources based on demand, the provider maximizes utilization rates, reducing the total number of physical servers and data centers needed. This consolidation directly lowers energy consumption and carbon emissions per workload, which is the core environmental benefit of shifting to the cloud.
Q5
easyFull explanation →

A small business wants to move its accounting software to the cloud to avoid purchasing and maintaining physical servers. Which cloud service model would provide the accounting application as a ready-to-use service over the internet?

A

Infrastructure as a Service (IaaS)

B

Platform as a Service (PaaS)

C

Software as a Service (SaaS)

SaaS delivers ready-to-use software applications over the internet, such as accounting software.

D

Function as a Service (FaaS)

Why: Option C (SaaS) is correct because the business needs a ready-to-use accounting application delivered over the internet without managing underlying infrastructure. SaaS provides fully functional software accessed via a web browser, where the provider handles all maintenance, updates, and server management, aligning perfectly with the goal of avoiding physical server ownership.
Q6
mediumFull explanation →

A hospital is subject to strict data residency laws that require patient data to remain within the country's borders. They are considering using a public cloud provider. Which cloud deployment model would best meet this compliance requirement?

A

Public cloud

B

Private cloud

A private cloud is dedicated to a single organization, providing maximum control over data location and compliance.

C

Hybrid cloud

D

Community cloud

Why: A private cloud is dedicated to a single organization, allowing the hospital to deploy and manage infrastructure within its own data center or a colocation facility located within the country's borders. This ensures full control over data storage and processing, directly satisfying data residency laws that prohibit patient data from leaving the country. In contrast, public cloud providers may have data centers in multiple regions, making it harder to guarantee data never crosses borders.

Want more Describe cloud concepts practice?

Practice this domain
2

Domain 2: Describe Azure architecture and services

All Describe Azure architecture and services questions
Q1
mediumFull explanation →

A company is planning to migrate its on-premises applications to Azure. They have a mix of monolithic and microservices-based applications. Which Azure compute service should they choose for a microservices architecture that requires independent scaling and deployment of components?

A

Azure Functions

B

Azure App Service

C

Azure Kubernetes Service (AKS)

AKS provides container orchestration, enabling independent scaling, deployment, and management of microservices.

D

Azure Virtual Machines

Why: Azure Kubernetes Service (AKS) is the correct choice because it provides a managed Kubernetes orchestration platform designed specifically for microservices architectures. AKS enables independent scaling, deployment, and management of containerized components, which aligns with the requirement for decoupled services that can be updated or scaled individually without affecting the entire application.
Q2
mediumFull explanation →

A solutions architect is designing a storage solution for a large media company. The company needs to store video files that are accessed infrequently but must be retained for several years for compliance. Which two Azure storage options meet these requirements? (Select two.)

A

Blob Storage - Hot tier

B

Blob Storage - Cool tier

Cool tier is for infrequently accessed data with a lower storage cost, suitable for videos accessed occasionally.

C

Blob Storage - Archive tier

Archive tier is the lowest-cost option for data that is rarely accessed and requires long-term retention, perfect for compliance.

D

Azure Files - Premium tier

Why: Blob Storage Cool tier is correct because it is designed for data that is accessed infrequently but needs to be stored for at least 30 days, offering lower storage costs than the Hot tier while maintaining low-latency access. Blob Storage Archive tier is correct because it is the lowest-cost storage option for data that is rarely accessed and has a flexible retrieval time (hours), making it ideal for long-term compliance retention of video files.
Q3
hardFull explanation →

A developer is building a serverless application that requires integration with an on-premises SQL Server database for real-time data processing. The on-premises network is connected to Azure via a site-to-site VPN. Which Azure service would allow the function to securely access the on-premises database without exposing it to the public internet?

A

Azure Functions in Consumption plan

B

Azure Functions in Premium plan with VNet integration

Premium plan allows VNet integration, enabling secure access to on-premises resources over the VPN.

C

Azure SQL Database

D

Hybrid Connections

Why: Option B is correct because Azure Functions in the Premium plan supports VNet integration, allowing the function to securely access resources in a connected on-premises network via a site-to-site VPN without exposing the database to the public internet. The Consumption plan lacks VNet integration, and Azure SQL Database is a PaaS service, not a compute service for running serverless code.
Q4
mediumFull explanation →

A company is designing a multi-tier application on Azure. The web tier needs to scale out based on CPU usage, while the database tier requires high-performance storage for transactional data. Which combination of Azure services should they choose?

A

Azure Functions and Azure Cosmos DB

B

Azure App Service and Azure SQL Database

App Service provides autoscaling for web applications, and Azure SQL Database offers high-performance transactional storage with built-in scaling.

C

Azure Virtual Machine Scale Sets and Azure Files

D

Azure Kubernetes Service and Blob Storage

Why: Azure App Service provides built-in autoscaling based on metrics like CPU usage, making it ideal for the web tier that needs to scale out. Azure SQL Database offers high-performance, low-latency storage for transactional data with features like automatic indexing and in-memory OLTP, meeting the database tier's requirements.
Q5
mediumFull explanation →

A company is deploying a mission-critical application that must remain available even if a physical Azure datacenter within a region fails. The application will run on multiple virtual machines. Which Azure feature should they use to protect against this specific failure scenario?

A

Availability Zones

Availability Zones are physically separate locations within an Azure region that provide redundancy at the datacenter level.

B

Availability Sets

C

Virtual Machine Scale Sets

D

Azure Load Balancer

Why: Availability Zones are physically separate datacenters within an Azure region, each with independent power, cooling, and networking. By deploying VMs across multiple zones, the application remains available even if one entire datacenter fails. This directly addresses the requirement for protection against a physical datacenter failure within a region.
Q6
hardFull explanation →

A company deploys a web application on Azure App Service. During a marketing campaign, they expect traffic to double. The app uses a Standard tier App Service plan. They want to ensure that the additional load is handled without performance degradation while keeping costs minimal. Which action should they take?

A

Scale out the App Service plan by increasing the instance count.

Scaling out adds more VM instances to handle increased load, is cost-effective, and can be done manually or via autoscale.

B

Scale up the App Service plan to a Premium tier for more resources.

C

Enable autoscale on the existing plan to let Azure handle scaling automatically.

D

Deploy Azure CDN to cache static content.

Why: Scaling out (increasing instance count) for the Standard tier App Service plan allows the application to handle the doubled traffic by distributing requests across multiple instances, ensuring no performance degradation. This approach is cost-minimal because the Standard tier supports manual scale-out without requiring a tier upgrade, and you only pay for the additional instances while they are needed.

Want more Describe Azure architecture and services practice?

Practice this domain
3

Domain 3: Describe Azure management and governance

All Describe Azure management and governance questions
Q1
mediumFull explanation →

A company has multiple Azure subscriptions for different departments. They want to enforce consistent policies across all subscriptions regarding allowed virtual machine sizes and require compliance reporting. Which Azure feature should they use?

A

Azure Blueprints

B

Azure Resource Manager templates

C

Azure Policy

Azure Policy enforces rules on resources across subscriptions and provides compliance dashboards and reports.

D

Role-Based Access Control (RBAC)

Why: Azure Policy is the correct choice because it enables you to create, assign, and manage policies that enforce specific rules (such as allowed VM sizes) across multiple subscriptions. It provides built-in compliance reporting via the Compliance dashboard, showing which resources are non-compliant. Unlike Blueprints or ARM templates, Policy focuses solely on governance rules and does not deploy resources or define the environment's architecture.
Q2
mediumFull explanation →

A company uses Azure and wants to ensure that their IT team receives alerts when virtual machines are deallocated unexpectedly. Which Azure service should they use to create a rule that triggers an action when a VM is deallocated?

A

Azure Service Health

B

Azure Monitor

Azure Monitor with Activity Log alerts can notify you when VMs are deallocated.

C

Azure Advisor

D

Azure Policy

Why: Azure Monitor is the correct service because it provides a unified platform for collecting, analyzing, and acting on telemetry from Azure resources. By creating an alert rule in Azure Monitor with a signal type of 'Administrative' (Azure Activity Log), you can trigger an action group (e.g., email, SMS, webhook) specifically when a virtual machine is deallocated, as this event is logged as an administrative operation in the Activity Log.
Q3
mediumFull explanation →

A company needs to track and optimize costs across multiple Azure subscriptions. They want to allocate budgets and receive notifications when spending exceeds forecasted amounts. Which Azure tool should they use?

A

Azure Advisor

B

Azure Cost Management

Cost Management allows you to create budgets, monitor spending, and configure alerts when costs exceed thresholds.

C

Azure Policy

D

Azure Budgets

Why: Azure Cost Management is the correct tool because it provides native capabilities to track, analyze, and optimize cloud costs across multiple subscriptions. It allows you to set budgets, configure cost alerts, and receive notifications when actual or forecasted spending exceeds defined thresholds, directly addressing the requirement for budget allocation and proactive spending notifications.
Q4
hardFull explanation →

A global company wants to organize its Azure resources by department and project. They need to enforce cost allocation and apply governance policies consistently across all subscriptions. Which two Azure features should they use together? (Select two.)

A

Resource groups

B

Management groups

Management groups enable hierarchical organization of subscriptions for applying governance and policies.

C

Tags

Tags are key-value pairs that can categorize resources for cost allocation and reporting across departments.

D

Azure Policies

Why: Management groups (B) are correct because they provide a hierarchical structure above subscriptions, enabling consistent governance and policy assignment across multiple subscriptions. Tags (C) are correct because they allow you to attach metadata (e.g., department and project) to resources for cost allocation and organization. Together, management groups enforce policies at scale, while tags enable granular cost tracking and reporting.
Q5
easyFull explanation →

A company wants to ensure that all new Azure resources in a subscription are automatically tagged with a 'Department' tag. Which Azure service should they use to enforce this requirement?

A

Azure Policy

Azure Policy can enforce tags on resources by using built-in or custom policies that audit or require tags.

B

Azure Blueprints

C

Azure RBAC

D

Azure Resource Lock

Why: Azure Policy is correct because it allows you to create, assign, and manage policies that enforce specific rules on your Azure resources. In this scenario, you can use a built-in or custom policy definition to require a 'Department' tag on all new resources, and Azure Policy will automatically evaluate and enforce this rule during resource creation, preventing non-compliant resources from being provisioned.
Q6
mediumFull explanation →

A company has multiple Azure subscriptions for different departments. They want to receive budget alerts when spending in any subscription exceeds 80% of the allocated amount. Which Azure feature enables them to set up these alerts?

A

Azure Cost Management + Billing budgets

Budgets in Azure Cost Management allow you to set spending limits and configure alerts when thresholds are exceeded.

B

Azure Advisor

C

Azure Monitor

D

Azure Policy

Why: Azure Cost Management + Billing budgets allow you to create budget alerts based on actual or forecasted costs. You can set a budget amount and configure alerts to trigger when costs reach a specified percentage (e.g., 80%) of that budget. This directly meets the requirement to receive alerts when spending in any subscription exceeds 80% of the allocated amount.

Want more Describe Azure management and governance practice?

Practice this domain

Frequently asked questions

How many questions are on the AZ-900 exam?

The AZ-900 exam has 50 questions and must be completed in 60 minutes. The passing score is 700/1000.

What types of questions appear on the AZ-900 exam?

Conceptual questions on cloud models, Azure architecture, core services, security, governance, pricing, and support — no CLI or configuration required.

How are AZ-900 questions organised by domain?

The exam covers 3 domains: Describe cloud concepts, Describe Azure architecture and services, Describe Azure management and governance. Questions are weighted by domain — higher-weight domains appear more on your actual exam.

Are these the actual AZ-900 exam questions?

No. These are original exam-style practice questions written against the official Microsoft AZ-900 exam objectives. They are not copied from the real exam. Courseiva focuses on genuine understanding, not memorisation of braindumps.

Ready to practice all 60 AZ-900 questions?

Courseiva tracks your accuracy per domain and routes you toward weak areas automatically. Free, no account required.

Browse all AZ-900 questionsTake a timed practice test