Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Free Resources

Difficulty IndexLearn — Free ChaptersIT GlossaryFree Tools & LabsStudy GuidesCareer RoadmapsBrowse by VendorCisco Command ReferenceCCNA Scenarios

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertificationsAZ-900Flashcards
Free — No Signup RequiredMicrosoft· Updated 2026

AZ-900 Flashcards — Free Microsoft Azure Fundamentals AZ-900 Study Cards

Reinforce AZ-900 concepts with active-recall study cards covering all 3 blueprint domains. Each card shows the question on the front and the correct answer with a full explanation on the back.

1031+ study cards3 domains coveredActive recall methodFull explanations included
Start 30-card session50-card shuffle
Exam OverviewPractice TestMock ExamStudy GuideFlashcards

Study Sessions

AZ-900 Flashcards

Pick a session size:

⚡Quick 10📝20 Cards🎯30 Cards📊50 Cards💪100 Cards
1,031+ cards · All free

Domains

Describe cloud concepts
Describe Azure architecture and services
Describe Azure management and governance

How to use AZ-900 flashcards effectively

Flashcards work through active recall — the process of retrieving information from memory rather than passively re-reading it. Research consistently shows that active recall produces stronger, longer-lasting memory than re-reading study guides. For AZ-900 preparation, this means flashcards are one of the highest-return study tools available.

Attempt recall first

Read the AZ-900 question on each card, pause, and attempt to formulate the answer in your own words before revealing. This retrieval attempt — even if wrong — dramatically strengthens memory compared to immediately reading the answer.

Review wrong cards again

When you get a card wrong, note it and add it back to your review pile. Spaced repetition — seeing difficult cards more frequently — is the mechanism that makes flashcard study far more efficient than linear reading.

Study by domain

Group your AZ-900 flashcard sessions by domain for the first 3–4 weeks. Master one domain before moving to the next. In the final week, shuffle all cards together to test cross-domain recall — which is what the real AZ-900 exam requires.

Short sessions beat marathon reviews

20–30 flashcard cards per session, done daily, produces better retention than a single 200-card marathon session. Five short daily sessions per week over 4 weeks gives you over 400 total card reviews — enough to reliably pass AZ-900.

AZ-900 flashcard preview

Sample cards from the AZ-900 flashcard bank. Read the question, think of the answer, then read the explanation below.

1

A startup wants to deploy a web application that experiences unpredictable traffic spikes. They need to scale resources automatically without manual intervention. Which benefit of cloud computing directly addresses this requirement?

Describe cloud concepts

Elasticity

Elasticity is the cloud computing benefit that enables resources to automatically scale out (add instances) during traffic spikes and scale in (remove instances) when demand drops, without manual intervention. This directly matches the startup's need to handle unpredictable traffic patterns by dynamically adjusting compute capacity, typically using services like Azure Virtual Machine Scale Sets or Azure App Service auto-scale rules.

2

A company is planning to migrate its on-premises applications to Azure. They have a mix of monolithic and microservices-based applications. Which Azure compute service should they choose for a microservices architecture that requires independent scaling and deployment of components?

Describe Azure architecture and services

Azure Kubernetes Service (AKS)

Azure Kubernetes Service (AKS) is the correct choice because it provides a managed Kubernetes orchestration platform designed specifically for microservices architectures. AKS enables independent scaling, deployment, and management of containerized components, which aligns with the requirement for decoupled services that can be updated or scaled individually without affecting the entire application.

3

A company has multiple Azure subscriptions for different departments. They want to enforce consistent policies across all subscriptions regarding allowed virtual machine sizes and require compliance reporting. Which Azure feature should they use?

Describe Azure management and governance

Azure Policy

Azure Policy is the correct choice because it enables you to create, assign, and manage policies that enforce specific rules (such as allowed VM sizes) across multiple subscriptions. It provides built-in compliance reporting via the Compliance dashboard, showing which resources are non-compliant. Unlike Blueprints or ARM templates, Policy focuses solely on governance rules and does not deploy resources or define the environment's architecture.

4

A company uses Azure and wants to organize all their virtual machines, databases, and storage accounts into logical containers for management and billing purposes. Which Azure component should they use to group these resources?

Resource Group

Resource Groups are logical containers in Azure that allow you to group related resources such as virtual machines, databases, and storage accounts for unified management, monitoring, and billing. By placing resources in the same resource group, you can apply lifecycle operations (e.g., delete, tag) and cost tracking across all members. This directly matches the requirement to organize resources for management and billing purposes.

5

A company uses multiple Azure subscriptions for different departments. The finance team wants to monitor spending across all subscriptions and receive automated email alerts when a subscription's actual spending reaches 80% of its monthly budget. The team does not want to write custom scripts or use external tools. Which Azure feature should they use?

Azure Cost Management + Budgets

Azure Cost Management + Budgets is the correct feature because it allows you to create budgets at the subscription or resource group level, set alert thresholds (e.g., 80% of actual spend), and configure automated email notifications when the threshold is met—all without custom scripts or external tools. This directly addresses the finance team's requirement to monitor spending across multiple subscriptions and receive alerts.

6

A company wants to ensure that all Azure resources are tagged with a 'CostCenter' tag at creation time. If a resource is created without the tag, it should be automatically denied. Which Azure Policy effect should they use?

A) deny

The 'deny' effect is correct because it actively blocks any resource creation request that does not include the required 'CostCenter' tag. Azure Policy with the 'deny' effect evaluates the resource against the policy rule at creation or update time and rejects the request if the condition is not met, ensuring compliance before the resource is provisioned.

7

A company uses Azure Blueprints to define a repeatable set of Azure resources and policies for new subscriptions. They want to ensure that when a new subscription is created, a specific role assignment is automatically applied. What should they include in the blueprint definition?

A role assignment artifact

Azure Blueprints allow you to define artifacts that are applied to new subscriptions. A role assignment artifact is the correct choice because it directly assigns a specific Azure RBAC role to a user, group, or service principal at the subscription scope, ensuring the role is automatically applied when the blueprint is assigned to a new subscription.

8

A company uses Azure Policy to enforce governance. They want to prevent users from creating virtual machines of the Standard_DS3_v2 SKU in their subscription, and they also want to log any attempt to create such a VM (whether successful or not) for audit purposes. What is the minimum number of Azure Policy assignments required to meet both requirements?

Two – assign one policy definition with the Deny effect and another with the Audit effect.

Option C is correct because Azure Policy can only enforce a single effect per policy definition. To both deny the creation of Standard_DS3_v2 VMs and log all attempts (successful or denied) for audit, you need two separate policy assignments: one with the Deny effect to block the action, and another with the Audit effect to log the attempt. A single policy cannot combine both effects, as each definition is limited to one effect type.

9

A company wants to ensure that all Azure resources are tagged with metadata such as 'Environment' and 'Department'. They have created an Azure Policy that appends the required tags and their values when a resource is created. However, they notice that some resources created before the policy assignment are missing tags. They want to automatically add those tags without manual effort. What should they do?

Create a new policy with DeployIfNotExists effect

Option B is correct because the DeployIfNotExists (DINE) policy effect can automatically remediate non-compliant resources, including those created before the policy assignment. When combined with a managed identity, DINE triggers a deployment task that adds the required tags without manual intervention, addressing the gap left by the 'append' effect which only acts on new resources.

10

A company uses Azure SQL Database for a web application. They need to ensure that the database can automatically scale to handle sudden spikes in traffic without downtime. Which feature should they enable?

Serverless compute

Serverless compute for Azure SQL Database automatically scales compute resources based on workload demand and pauses the database during idle periods, charging only for consumed resources. This enables handling sudden traffic spikes without downtime because the service dynamically adjusts the vCore count and memory within a configurable range, ensuring continuous availability during bursts.

11

A company uses Azure to host multiple virtual machines and virtual networks. The network team is responsible for configuring and maintaining virtual networks, subnets, and network security groups. The company wants to ensure that the network team can manage these network resources but cannot modify or delete virtual machines. Which Azure built-in role should the company assign to the network team?

Network Contributor

The Network Contributor role grants full management permissions for network resources, including virtual networks, subnets, and network security groups, but does not allow modification or deletion of virtual machines. This aligns exactly with the requirement to restrict the network team to network resources only.

12

A company wants to ensure their application remains available even if an entire Azure region experiences an outage. Which Azure feature should they implement?

Region pairs

Region pairs are designed to provide resilience against a complete Azure region outage by pairing each region with another region in the same geography (e.g., East US paired with West US). If one region fails, Azure can fail over services like storage (GRS) and SQL Database (Geo-Replication) to the paired region, ensuring application availability. This is the only option that protects against an entire region failure, as it leverages physically separate datacenters with independent power, cooling, and networking.

13

A company wants to view a consolidated list of all Azure resources across multiple subscriptions and query them using Kusto Query Language (KQL). Which Azure tool should they use?

Azure Resource Graph

Azure Resource Graph is the correct tool because it provides a powerful, queryable view of all Azure resources across multiple subscriptions using Kusto Query Language (KQL). It allows you to explore, discover, and analyze resource properties and relationships at scale, making it ideal for consolidated inventory and governance queries.

14

A global company creates a new Azure subscription for each major project. To ensure compliance and consistency, the governance team needs a single, versioned, auditable package that, when assigned to a subscription, automatically deploys a standard set of Azure Policy assignments, role assignments, a resource group structure, and a pre-configured virtual network. The solution must allow these packages to be updated centrally and have changes tracked for auditing. Which Azure service should the governance team use?

Azure Blueprints

Azure Blueprints is the correct service because it provides a single, versioned, auditable package that can be assigned to a subscription to orchestrate the deployment of Azure Policy assignments, role assignments, resource groups, and resource templates (like a virtual network). Blueprints support versioning and central update management, with changes tracked in the blueprint definition history for auditing. This aligns exactly with the requirement for a governance team to enforce compliance and consistency across subscriptions.

15

A company wants to enforce a naming convention for all Azure resources. For example, all resources must start with 'Contoso-'. They want to automatically audit and deny creation of resources that do not follow the naming convention. Which Azure Policy effect should they use?

Deny

The Deny effect is correct because it actively prevents the creation of Azure resources that do not match the defined naming convention rule, such as requiring all resources to start with 'Contoso-'. This effect evaluates the resource against the policy rule during deployment and rejects the request with a 403 Forbidden status if the condition is not met, ensuring compliance before the resource is created.

16

A company wants to ensure that its cloud resources are available even if a major disaster occurs in one region. They plan to deploy resources in two different geographic locations. Which cloud computing characteristic does this scenario primarily address?

D) Disaster recovery

Option D (Disaster recovery) is correct because the scenario explicitly describes deploying resources in two different geographic locations to ensure availability despite a major regional disaster. Disaster recovery (DR) focuses on restoring services and data after a catastrophic failure, often using paired regions (e.g., Azure paired regions) to provide geo-redundancy and failover capabilities. This goes beyond simple uptime guarantees to address full recovery from region-level outages.

17

A company wants to segregate their Azure resources into logical groups based on department and environment. They also want to apply access control and management at these group levels. Which Azure construct should they use?

Resource groups

Resource groups are logical containers in Azure that allow you to group related resources (e.g., VMs, databases, storage) by department and environment. They enable you to apply access control via Azure RBAC and management policies (e.g., tags, locks) at the group level, ensuring consistent governance across all resources within the group.

18

A financial services company runs a critical trading application in its on-premises data center. The company is migrating some workloads to Azure and requires a dedicated, private network connection between its on-premises network and Azure. The connection must not use the public internet, must provide consistent latency and higher bandwidth than a typical internet-based VPN, and must be backed by a service-level agreement (SLA) for availability. Which Azure service should the company use to meet these requirements?

ExpressRoute

ExpressRoute is the correct choice because it provides a dedicated, private connection between on-premises networks and Azure that bypasses the public internet entirely. This ensures consistent latency, higher bandwidth options (up to 100 Gbps), and a financially backed SLA of at least 99.95% availability, meeting all the stated requirements for a critical trading application.

19

A company wants to query all Azure resources across multiple subscriptions to find all storage accounts without encryption enabled. They need to use a powerful query language to filter and join data. Which Azure tool should they use?

Azure Resource Graph

Azure Resource Graph (ARG) is the correct tool because it provides a powerful, Kusto Query Language (KQL)-based query engine that can explore Azure resources across multiple subscriptions, resource groups, and management groups. It allows you to filter, project, and join resource data (e.g., find all storage accounts where encryption is disabled) using a single query, making it ideal for cross-subscription resource discovery and compliance checks.

20

A company wants to ensure that their cloud provider's physical data centers are located in specific geographic areas to comply with data residency requirements. Which cloud concept is this related to?

Data sovereignty

Data sovereignty is the concept that data is subject to the laws and regulations of the country or region where it is physically stored. By ensuring their cloud provider's data centers are located in specific geographic areas, the company is directly addressing data sovereignty requirements to comply with local data residency laws, such as GDPR in Europe or the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada.

21

A financial services firm uses a hybrid cloud strategy. They run customer-facing applications in a public cloud and store sensitive customer data in an on-premises data center to meet regulatory compliance. The firm wants to allow its applications in the public cloud to securely access the on-premises data when needed. Which cloud deployment model best describes this setup?

Hybrid cloud

Option C is correct because the scenario describes a hybrid cloud deployment model, which combines a public cloud (for customer-facing applications) with an on-premises private cloud (for sensitive data storage) and enables secure connectivity between them, typically through VPN or dedicated circuits like Azure ExpressRoute. This allows the firm to meet regulatory compliance by keeping sensitive data on-premises while leveraging public cloud scalability for applications.

Study all 1031+ AZ-900 cards

AZ-900 flashcards by domain

The AZ-900 flashcard bank covers all 3 official blueprint domains published by Microsoft. Cards are distributed proportionally, so domains with higher exam weight have more cards.

Domain Coverage

Describe cloud concepts

~1 cards

Describe Azure architecture and services

~1 cards

Describe Azure management and governance

~1 cards

Flashcards vs practice tests: which is better for AZ-900?

Both flashcards and practice questions are evidence-based study tools. The difference is in what they train:

Flashcards — concept retention

Best for memorising definitions, acronyms, protocol behaviours, command syntax, and conceptual distinctions. Use flashcards to build the foundational vocabulary that AZ-900 questions assume you know.

Best in: weeks 1–3

Practice tests — application

Best for applying concepts to realistic scenarios, eliminating distractors, and building exam stamina.AZ-900 questions test scenario reasoning — not just recall — so practice tests are essential.

Best in: weeks 3–6

The most effective AZ-900 study plan combines both: use flashcards for the first 2–3 weeks to build conceptual foundations, then shift to practice tests and mock exams in the final 2–3 weeks to apply and benchmark that knowledge. Most candidates who pass on their first attempt use both tools.

AZ-900 flashcards — frequently asked questions

Are the AZ-900 flashcards free?

Yes. Courseiva provides free AZ-900 flashcards across all official exam domains. Every card includes the correct answer and a full explanation of why it is right and why the distractors are wrong. The platform also includes topic-based practice, mock exams, and readiness tracking — no account required.

How many AZ-900 flashcards are on Courseiva?

Courseiva has 1031+ original AZ-900 flashcards across all 3 exam blueprint domains. New cards are added regularly as the question bank grows. All cards are written by certified engineers against the official Microsoft exam objectives.

How are Courseiva flashcards different from Anki or Quizlet?

Courseiva flashcards are purpose-built for IT certification exams. Unlike generic flashcard platforms where content quality varies, every Courseiva card is mapped to the official AZ-900 exam blueprint, written by engineers who hold the certification, and includes a full explanation of the correct answer and why the distractors are wrong. This explanation quality is what separates genuine learning from rote memorisation.

Can I use AZ-900 flashcards offline?

Courseiva is a web platform — an internet connection is required. For offline study, we recommend creating free Courseiva account, using the platform in your browser, and using your device's offline capabilities if your browser supports offline web apps.

Free forever · No credit card required

Track your AZ-900 flashcard progress

Save your results, see which domains need more work, and get spaced repetition recommendations — all free.

Sign Up Free

Free forever · Every certification included

Start Studying

⚡Quick 10 cards📝20-card session🎯30-card session📊50-card shuffle💪100-card marathon

Also Study With

Practice TestMock ExamStudy GuideExam Domains

Related Flashcards

AZ-104SC-900AI-900DP-900MS-900

Related Flashcard Sets

AZ-104

Azure Administrator

SC-900

Security Fundamentals

AI-900

AI Fundamentals

DP-900

Data Fundamentals

MS-900

M365 Fundamentals

Browse all certifications →