Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

Certifications›AZ-900›Objectives›Describe Azure management and governance
Objective 3.0

Describe Azure management and governance

AZ-900 Practice Questions

Azure Management and Governance is the domain that covers how to organize, secure, and control your Azure resources at scale. Think of it as the 'operating system' for your cloud environment—it includes tools for managing multiple subscriptions, applying policies to enforce compliance, tracking costs, and ensuring your cloud stays secure and well-organized. For example, you might use Azure Policy to automatically block the creation of virtual machines in certain regions, or Azure Cost Management to set budgets and get alerts when spending exceeds a threshold. This domain is crucial because without proper governance, cloud environments can quickly become chaotic, expensive, and insecure. In real-world IT, a company might have hundreds of subscriptions and thousands of resources; governance tools help administrators maintain control, meet regulatory requirements, and optimize costs. On the AZ-900 exam, this domain tests your understanding of these management and governance services, not their deep technical implementation. You'll need to know what each service does, when to use it, and how they relate to each other. Common topics include Azure Blueprints, Azure Policy, Role-Based Access Control (RBAC), resource locks, tags, Azure Cost Management, and the Microsoft Cloud Adoption Framework. To study effectively, focus on the purpose and use cases of each service rather than memorizing steps. Use Microsoft's free documentation and the Azure portal to explore these tools in a trial subscription. Create a resource group, apply a policy, set up a budget, and assign roles—this hands-on practice will solidify your understanding and help you answer scenario-based questions on the exam.

Full Practice Test →All Objectives

What this objective tests

AZ-900 Describe Azure management and governance — Key Topics

Azure Management and Governance covers the tools and practices for organizing, securing, and controlling Azure resources, including Azure Policy, RBAC, resource locks, tags, cost management, and the Cloud Adoption Framework.

  • Azure Policy – creating and assigning policies to enforce compliance rules
  • Role-Based Access Control (RBAC) – assigning roles like Owner, Contributor, Reader to users/groups
  • Resource locks – preventing accidental deletion or modification of resources
  • Tags – organizing resources with metadata for cost tracking and management
  • Azure Cost Management – setting budgets, analyzing costs, and using pricing calculator
  • Azure Blueprints – packaging policies, RBAC, and resource groups for repeatable deployments

Common exam traps

Where candidates lose marks on Describe Azure management and governance

  • ⚠Confusing Azure Policy with Azure RBAC: Policy enforces rules on resources (e.g., 'must have a tag'), while RBAC controls who can access resources
  • ⚠Thinking resource locks prevent all changes: Read-only lock prevents modification but not deletion; Delete lock prevents deletion but allows modification
  • ⚠Assuming tags are inherited by default: Tags are not automatically inherited from resource groups to resources; you must apply them explicitly or use Azure Policy to enforce inheritance

AZ-900 Describe Azure management and governance — Practice Questions

30 questions from this objective

Question 2mediummultiple choice
Full question →

A company has multiple Azure subscriptions for different departments. They want to enforce consistent policies across all subscriptions regarding allowed virtual machine sizes and require compliance reporting. Which Azure feature should they use?

Question 3mediummultiple choice
Full question →

A company uses Azure and wants to ensure that their IT team receives alerts when virtual machines are deallocated unexpectedly. Which Azure service should they use to create a rule that triggers an action when a VM is deallocated?

Question 4mediummultiple choice
Full question →

A company needs to track and optimize costs across multiple Azure subscriptions. They want to allocate budgets and receive notifications when spending exceeds forecasted amounts. Which Azure tool should they use?

Question 5hardmulti select
Full question →

A global company wants to organize its Azure resources by department and project. They need to enforce cost allocation and apply governance policies consistently across all subscriptions. Which two Azure features should they use together? (Select two.)

Question 6easymultiple choice
Full question →

A company wants to ensure that all new Azure resources in a subscription are automatically tagged with a 'Department' tag. Which Azure service should they use to enforce this requirement?

Question 7mediummultiple choice
Full question →

A company has multiple Azure subscriptions for different departments. They want to receive budget alerts when spending in any subscription exceeds 80% of the allocated amount. Which Azure feature enables them to set up these alerts?

Question 8mediummultiple choice
Full question →

A company wants to ensure that whenever a new Azure subscription is created, it automatically inherits a set of baseline policies, role assignments, and resource groups. Which Azure tool should they use to package and deploy these governance components consistently?

Question 9mediummulti select
Full question →

A company uses Azure Resource Manager templates to deploy and manage infrastructure. They need to ensure that resources are deployed in a consistent, repeatable manner across environments. Which two benefits does using ARM templates provide? (Choose two.)

Question 10mediummultiple choice
Full question →

A company wants to deploy a standardized environment that includes Azure Policy assignments, RBAC roles, and resource group templates. They need to version these components and apply them to multiple subscriptions. Which Azure service should they use?

Question 11mediummultiple choice
Full question →

A company has multiple Azure subscriptions. The finance team needs to analyze spending trends and create budgets to prevent cost overruns. Which Azure tool should they use to visualize historical spending and set budget alerts?

Question 12hardmultiple choice
Full question →

A company uses Azure Policy to enforce that all virtual machines must be from an approved list of SKUs. They want to ensure that any non-compliant VMs that already exist are automatically remediated by changing the VM size to a compliant SKU. Which policy effect should they use?

Question 13mediummultiple choice
Full question →

A company has a critical Azure resource group that contains production resources. They want to ensure that no one can accidentally delete or modify the resources in this group, even if they have Contributor permissions. Which Azure feature should they use?

Question 14mediummultiple choice
Full question →

A company wants to receive notifications when Azure services in their region experience an outage or planned maintenance that might affect their resources. Which Azure service should they set up alerts for?

Question 15easymultiple choice
Full question →

A company wants to ensure that all Azure resources are tagged with a 'CostCenter' tag at creation time. If a resource is created without the tag, it should be automatically denied. Which Azure Policy effect should they use?

Question 16mediummultiple choice
Full question →

A company has multiple Azure subscriptions. The IT team wants to apply common policies and role assignments across all subscriptions automatically when a new subscription is created. Which Azure service should they use?

Question 17hardmultiple choice
Full question →

A company wants to track resource usage across departments and projects. They have multiple Azure subscriptions. They need to assign costs to specific departments based on resource usage. Which Azure feature enables them to view and analyze costs by resource tags?

Question 18hardmultiple choice
Read the full NAT/PAT explanation →

A company has a policy that requires all storage accounts to have secure transfer enabled. They want to automatically audit all existing storage accounts and enforce the setting on new ones. They also want to automatically fix non-compliant new storage accounts. Which Azure Policy effect combination should they use?

Question 19hardmultiple choice
Full question →

A company uses Azure Resource Manager templates to deploy infrastructure. They need to manage secrets such as database connection strings and passwords securely. Which Azure service should they use to store and retrieve these secrets during deployment?

Question 20mediummultiple choice
Full question →

A company manages multiple Azure subscriptions for different business units. They want to define a standard set of policies, such as allowed VM SKUs and required resource tags, and ensure these policies are always applied whenever a new subscription is created. Which Azure feature should they use to enforce governance at this level?

Question 21mediummultiple choice
Full question →

A company uses Azure Policy to require that all storage accounts must have blob soft delete enabled. They also want to automatically create a remediation task that fixes any existing non-compliant storage accounts. Which policy effect should they include in the policy definition to achieve automatic remediation?

Question 22mediummultiple choice
Full question →

A company has a policy that all Azure resources deployed to production subscriptions must be tagged with a 'CostCenter' tag. They want to automatically prevent the creation of any resource that does not include this tag. Which Azure Policy effect should they use in their policy definition?

Question 23hardmultiple choice
Full question →

A company wants to analyze historical spending data across all Azure subscriptions and set proactive budget alerts to prevent cost overruns. They also need to identify spending trends by resource type. Which Azure tool should they use to meet all these requirements?

Question 24easymultiple choice
Full question →

A company has an Azure policy requirement that all new resources in a specific resource group must have a 'Department' tag. If a resource is created without this tag, the tag should be automatically added with a default value of 'Finance'. Which Azure Policy effect should be used?

Question 25mediummultiple choice
Full question →

A company has multiple Azure subscriptions for different departments. The IT team wants to apply a common set of policies (e.g., allowed VM sizes) and assign the same role-based access control (RBAC) permissions across all subscriptions automatically. Which Azure feature should they use?

Question 26mediummultiple choice
Full question →

A company wants to track spending across different projects. They have multiple Azure subscriptions and need to assign costs to specific departments based on resource usage. Which Azure feature enables them to view and analyze costs by resource tags?

Question 27mediummultiple choice
Full question →

A company has multiple Azure subscriptions for different departments. The IT team wants to ensure that all resources in a specific subscription are only deployed in the 'West Europe' region. Which Azure feature should they use to enforce this restriction?

Question 28mediummultiple choice
Full question →

A company wants to track costs by department across multiple Azure subscriptions. They have tagged resources with 'Department' tags. However, some resources are missing tags. They want to see a report of costs grouped by department, including untagged resources. Which Azure tool should they use?

Question 29mediummultiple choice
Full question →

A company wants to enforce a naming convention for all Azure resources. For example, all resources must start with 'Contoso-'. They want to automatically audit and deny creation of resources that do not follow the naming convention. Which Azure Policy effect should they use?

Question 30hardmultiple choice
Full question →

A company uses Azure Blueprints to define a repeatable set of Azure resources and policies for new subscriptions. They want to ensure that when a new subscription is created, a specific role assignment is automatically applied. What should they include in the blueprint definition?

Question 31mediummultiple choice
Full question →

A company has a policy that all Azure resources must have an 'Owner' tag. They want to automatically add the 'Owner' tag with a value 'Default' to any resource created without it. Which Azure Policy effect should they use?

More Describe Azure management and governance questions available in the full practice test.

Continue Practising →
←

Previous objective

Describe Azure architecture and services

All AZ-900 Objectives

  • 1.Describe cloud concepts
  • 2.Describe Azure architecture and services
  • 3.Describe Azure management and governance