CERT//OPS — Dabinder Udhan

// MISSION BRIEFING

Operational Overview

TARGET: H-1B SPONSORSHIP · CLOUD SECURITY ADMIN/ENGINEER · ACTIVE CERT: AZ-900

Active Cert

AZ-900

Azure Fundamentals

Exam Countdown

—

Set target date below

Total Certs

4+1

Core + SC-900 optional

Target Role

Cloud Sec

Admin · Engineer · H-1B

// AZ-900 EXAM TARGET DATE

// MISSION TIMELINE — QUICK VIEW

■ ACTIVE ■ NEXT ■ FUTURE ■ OPTIONAL

// MISSION PLAN

Certification Roadmap

18-WEEK TRACK · OPTIMIZED FOR H-1B SPONSORSHIP · CLOUD SECURITY ADMIN

// 18-WEEK SCHEDULE

Weeks	Cert	Focus Areas	Target

// H-1B STRATEGIC RATIONALE

Phase 01

AZ-900

Fastest cert available. Builds Azure vocabulary needed for AZ-104 + AZ-500. Required prerequisite signal to employers. 2–3 weeks to complete.

Phase 02

AZ-104

Most H-1B job postings explicitly list Azure Administrator. Core differentiator over other IT candidates. Validates your GMI daily work.

Phase 03

Security+

Vendor-neutral. DoD 8570 compliant. Single most recognized cert by H-1B sponsors across MSPs, consulting, and defense. Opens every door.

Phase 04

AZ-500

Cloud Security Engineer — a genuine shortage role. Strong H-1B sponsorship motivation for employers. The closer. Highest impact cert in stack.

// EXAM INTELLIGENCE

AZ-900 Study Guide

AZURE FUNDAMENTALS · 40–60 QS · 45 MIN · PASS: 700/1000 · $99 USD · JOHN SAVILL TRACK

// Generates printable PDF of all notes, domains & flashcards

// EXAM DOMAINS

DOM 01

Cloud Concepts

25–30%

Cloud Models

Public — shared infrastructure, globally managed by provider
Private — dedicated, on-prem or hosted, org-controlled
Hybrid — combination; workloads span both

Service Types (IaaS / PaaS / SaaS)

IaaS = Virtual Machines (you manage OS and up)
PaaS = App Service (you manage code and data)
SaaS = Microsoft 365 (you manage users only)

Cloud Benefits

High Availability — uptime despite failures
Scalability — adjust resources to demand
Elasticity — automatic scaling on metrics
Reliability — fault-tolerant design
Predictability — consistent performance + cost

Shared Responsibility Model

IaaS: MS manages physical; you manage OS, runtime, data
PaaS: MS manages OS + runtime; you manage data + apps
SaaS: MS manages everything; you manage users + access

CapEx vs OpEx

CapEx = upfront hardware investment (on-prem)
OpEx = pay-as-you-go (cloud = OpEx)
Cloud shifts spending from capital to operational

⚠ Exam Traps

Reliability ≠ Predictability — tested as distinct terms
Elasticity = automatic; Scalability = manual or auto
Hybrid ≠ multi-cloud — know the difference

DOM 02

Azure Architecture & Services

35–40% — HEAVIEST

Compute

VMs — IaaS, full control, scale sets for auto-scaling
App Service — PaaS web/API hosting
Azure Functions — serverless, event-driven
AKS — managed Kubernetes
Azure Container Instances — quick containers, no orchestration
Azure Virtual Desktop — cloud-hosted Windows desktop

Storage

Blob — unstructured data (images, video, backups)
Azure Files — cloud SMB/NFS file shares
Queue — message queuing for decoupled apps
Table — NoSQL key-value store
Tiers: Hot / Cool / Cold / Archive
Redundancy: LRS · ZRS · GRS · GZRS

Networking

VNets + subnets — private cloud networking
VNet Peering — connect VNets
VPN Gateway — encrypted tunnel over internet
ExpressRoute — private dedicated line (not internet)
Azure DNS, CDN, Load Balancer, App Gateway
Azure Firewall + DDoS Protection

Databases

Azure SQL Database — PaaS relational (managed)
Azure SQL Managed Instance — near-100% SQL Server compat
Cosmos DB — globally distributed NoSQL, multi-model
Azure DB for MySQL / PostgreSQL — open-source PaaS
Azure Cache for Redis — in-memory caching

Architecture Hierarchy

Management Groups → Subscriptions → Resource Groups → Resources
Regions = groups of datacenters in close proximity
Availability Zones = separate physical DCs in a region
Availability Sets = fault domains + update domains in a DC
Region Pairs = DR failover partner regions
Azure Arc = manage hybrid/multi-cloud from Azure

⚠ Key Distinctions

Functions = serverless (not VMs or containers)
ExpressRoute = private, NOT over public internet
Cosmos DB = globally distributed, NOT just NoSQL
ACI = no orchestration; AKS = managed Kubernetes
Availability Zone ≠ Availability Set — very different

DOM 03

Management & Governance

30–35% — MOST SKIPPED

Identity & Security

Microsoft Entra ID (formerly Azure AD)
SSO · MFA · Passwordless authentication
Conditional Access — if/then policy engine
Entra Domain Services — cloud-managed AD DS
Zero Trust — verify explicitly, least privilege, assume breach
Microsoft Defender for Cloud — security posture

Governance Tools

Azure Policy — enforce rules across resources
RBAC — control who can do what to which resources
Resource Locks — ReadOnly or Delete locks
Azure Blueprints — repeatable environment templates
Microsoft Purview — data governance + compliance
Service Trust Portal — compliance documentation

Cost Management

Pricing Calculator — estimate cost before deploying
TCO Calculator — compare on-prem vs cloud cost
Cost Management + Billing — monitor actual spending
Cost factors: region, service tier, bandwidth, reservations
Reserved Instances — commit 1-3 yr for up to 72% discount

Management Tools

Azure Portal — web UI
Azure CLI + PowerShell — scripted management
Azure Cloud Shell — browser-based CLI
Azure Monitor — metrics, logs, alerts
Azure Advisor — personalized recommendations
ARM Templates / Bicep — Infrastructure as Code

⚠ Critical Distinctions

Policy = enforce rules · RBAC = control access (different)
Azure Monitor = observe · Advisor = recommend
TCO Calculator ≠ Pricing Calculator (different purpose)
ReadOnly lock prevents changes; Delete lock prevents deletion only

✓ Your GMI Advantage

Entra ID — you manage this daily for multiple clients
Conditional Access — live production experience
RBAC in M365 — real-world admin context
Focus extra study on: cost tools + ARM/Bicep + Purview

// 3-WEEK EXECUTION PLAN

Week	Domain	Tasks	Practice Qs
WEEK 1	Cloud Concepts	MS Learn modules · Draw shared responsibility by hand · John Savill video series	30 / day
WEEK 2	Architecture & Services	MS Learn compute/storage/networking · 30 min Azure Portal exploration · free account	40 / day
WEEK 3	Governance + Full Prep	Cost tools · Azure Policy · RBAC · 2× full timed practice exams · target 80%+	2 full exams

// RECOMMENDED RESOURCES

📘

Microsoft Learn — AZ-900 Learning Path

Official, free, 2026-updated. Primary source.

FREE

▶

John Savill — AZ-900 Full Course (YouTube)

Currently watching. Best free video resource.

ACTIVE

📋

Official AZ-900 Study Guide — Microsoft

Full skills measured breakdown. Download before exam week.

FREE

☁

Azure Free Account — $200 Credit

Browse portal 30 min. Makes scenario Qs significantly easier.

FREE

🧠

MSCertQuiz — 500 Practice Questions

Harder than real exam. 40 free questions, no sign-up required.

FREE TIER

Microsoft Virtual Training Days offer FREE AZ-900 exam vouchers ($99 value). Attend a 2-day event, get your voucher. Check Microsoft Events before registering to pay.

// FIELD INTELLIGENCE — JOHN SAVILL COURSE

Field Notes

COPILOT NOTES FROM EACH VIDEO · ORGANIZED BY MODULE

// MODULE 01 · VIDEO 2

Benefits of High Availability & Scalability in the Cloud

SOURCE: JOHN SAVILL PLAYLIST · COPILOT NOTES

Exam-Ready Notes

Cloud Capacity & Agility

On-prem capacity limited by hardware you buy upfront
Cloud capacity is global, massive, instantly available
Azure: 100s of services — VMs, containers, databases, AI
Pay only for what you consume (per second billing)
Can change VM sizes, migrate architectures cheaply

Azure Regions

Regions = groups of datacenters in close proximity
Distributed worldwide for low latency + compliance + resilience
Place services near customers or across regions for redundancy

High Availability (HA)

Ensures services stay running during failures
Azure resources have financially backed SLAs
Achieved by distributing across: servers → racks → DCs → Availability Zones
Always keep at least 2 instances for HA

Disaster Recovery (DR)

Protects against full regional failures (not just DC failures)
Workloads fail over to a distant region (hundreds of km away)
DR strategy depends on RTO (time) and RPO (data loss tolerance)

Scalability vs Elasticity

Scalability — adjust resources to match demand (manual or auto)
Elasticity — automatic scaling based on metrics (CPU%, queue depth)
Both ensure cost efficiency and performance

Vertical vs Horizontal Scaling

Vertical = increase CPU/RAM of one instance → requires downtime
Horizontal = add/remove instances → no downtime, cloud-preferred
Horizontal aligns with HA — min 2 instances always running

Quick Revision Sheet

Core Concepts

Cloud = global capacity
Regions = distributed DCs
Agility = pay-as-you-go
HA = multi-instance across zones
DR = failover to distant region

Scaling

Scalability = adjust to demand
Elasticity = automatic scaling
Horizontal > vertical (no downtime)
Min 2 instances for HA

Key Numbers

HA: at least 2 instances
DR regions: hundreds of km apart
Azure billing: per second

Flashcards — Click to Reveal

Q: What limits on-premises capacity?

A: Physical hardware you own — fixed upfront investment.

// TAP TO REVEAL

Q: What is an Azure region?

A: A group of datacenters in close geographic proximity.

// TAP TO REVEAL

Q: What is high availability?

A: Keeping services running despite failures by distributing across multiple instances and zones — backed by SLAs.

// TAP TO REVEAL

Q: What is disaster recovery and how does it differ from HA?

A: DR handles full regional failures (hundreds of km failover). HA handles local failures within a region.

// TAP TO REVEAL

Q: Vertical vs. horizontal scaling?

A: Vertical = bigger single machine (causes downtime). Horizontal = more machines (preferred, no downtime).

// TAP TO REVEAL

Q: What is elasticity?

A: Automatic scaling based on demand metrics like CPU% or queue depth — ensures cost efficiency and performance.

// TAP TO REVEAL

Practice Questions

Q1.Which cloud benefit allows you to change VM sizes without penalty?

Agility / Pay-as-you-go — you consume resources and can change or stop at any time without upfront commitment.

Q2.What is the purpose of Availability Zones?

Provide high availability by isolating failures across physically separate datacenters within the same region.

Q3.What scenario requires disaster recovery instead of high availability?

A full regional outage. HA protects against individual server/DC failures. DR protects against an entire Azure region going down.

Q4.Why is horizontal scaling preferred in cloud environments?

No downtime required, supports high availability (always 2+ instances), and aligns with cloud-native architectures.

Q5.What does elasticity automatically adjust?

The number of running instances based on workload demand metrics (CPU%, queue depth, etc.).

More modules will appear here as you paste Copilot notes from each John Savill video. Each video gets its own collapsible module with notes, flashcards, revision sheet, and practice questions.

// CERTIFICATION REGISTRY

All Certifications

CLICK TO EXPAND EXAM DETAILS · DOMAIN WEIGHTS · TIPS

// FOCUS PROTOCOL

Pomodoro Timer

STUDY IN FOCUSED BLOCKS · SESSION TRACKING

25:00

FOCUS

SESSIONS TODAY: 0

// MISSION LOG

Study Log

TRACK EACH STUDY SESSION · PERSISTS ACROSS VISITS

// LOG ENTRY

// SESSION HISTORY

// CLAUDE-POWERED INTELLIGENCE

AI Tutor

ASK ANY AZ-900 CONCEPT · GET AN INSTANT EXPERT EXPLANATION

// QUICK PROMPTS

// QUERY INPUT

// CERTIFICATION READINESS TEST

Exam Simulator

40 QUESTIONS · 45 MINUTE TIMER · DOMAIN-WEIGHTED · SCORE REPORT ON COMPLETION

// EXAM BRIEFING

AZ-900 Mock Exam

40

QUESTIONS

45:00

TIME LIMIT

700

PASS SCORE /1000

3

DOMAINS

Questions are weighted by domain: ~28% Cloud Concepts · ~38% Architecture & Services · ~34% Management & Governance. Read every word carefully — Microsoft exams are precise.

// JOHN SAVILL · AZ-900 FULL COURSE

Video Tracker

TRACK YOUR PROGRESS THROUGH THE PLAYLIST · MARK COMPLETE AS YOU GO

// COURSE PROGRESS

0 / 0

VIDEOS COMPLETED

TIME REMAINING

—

COURSE COMPLETION0%