AZ-400 | Microsoft AZ-400 Secret 2021

NEW QUESTION 1
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen
Your company has a project in Azure DevOps for a new web application. You need to ensure that when code is checked in, a build runs automatically.
Solution: From the Continuous deployment trigger settings of the release pipeline, you enable the Pull request trigger setting.
Does the meet the goal?

• A. Yes
• B. No

Answer: B

Explanation:
In Visual Designer you enable continuous integration (CI) by:
„hSelect the Triggers tab.
„hEnable Continuous integration. References:
https://docs.microsoft.com/en-us/azure/devops/pipelines/get-started-designer

NEW QUESTION 2
You use Azure SQL Database Intelligent Insights and Azure Application Insights foe monitoring.
You need to write ad-hoc Queries against the monitoring data. Which Query language should you use?

• A. PL/pgSQL
• B. Transact-SQL
• C. Azure Log Analytics
• D. PL/SQL

Answer: C

Explanation:
Data analysis in Azure SQL Analytics is based on Log Analytics language for your custom querying and reporting.
References: https://docs.microsoft.com/en-us/azure/azure-monitor/insights/azure-sql

NEW QUESTION 3
DRAG DROP
Your company has four projects. The version control requirements for each project are shown in the following table.

You plan to use Azure Repos for all the projects.
Which version control system should you use for each project? To answer, drag the appropriate version control systems to the correct projects. Each version control system may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Box 1: Team Foundation Version Control
TFVC lets you apply granular permissions and restrict access down to a file level. Box 2: Git
Git is the default version control provider for new projects. You should use Git for version control in your projects unless you have a specific need for centralized version control features in TFVC.
Box 3: Subversion
Note: Xcode is an integrated development environment (IDE) for macOS containing a suite of software development tools developed by Apple
Box 4: Git
Note: Perforce: Due to its multitenant nature, many groups can work on versioned files. The server tracks changes in a central database of MD5 hashes of file content, along with descriptive meta data and separately retains a master repository of file versions that can be verified through the hashes.
References: https://searchitoperations.techtarget.com/definition/Perforce-Software
https://docs.microsoft.com/en-us/azure/devops/repos/git/share-your-code-in-gitxcode https://docs.microsoft.com/en-us/azure/devops/repos/tfvc/overview

NEW QUESTION 4
Your company develops an app for OS. All users of the app have devices that are members of a private distribution group in Microsoft Visual Studio App Center. You plan to distribute a new release of the app.
You need to identify which certificate file you require to distribute the new release from App Center.
Which file type should you upload to App Center?

• A. .cer
• B. .pvk
• C. .pfx
• D. .p12

Answer: D

NEW QUESTION 5
Your company uses Service Now for incident management. You develop an application that runs on Azure.
The company needs to generate a ticket in Service Now when the application fails to authenticate.
Which Azure Log Analytics solution should you use?

• A. Automation & Control
• B. IT Service Management Connector (ITSM)
• C. Application lmiQ.hu Connector
• D. insight & Analytics

Answer: B

Explanation:
The IT Service Management Connector (ITSMC) allows you to connect Azure and a supported IT Service Management (ITSM) product/service.
ITSMC supports connections with the following ITSM tools:
„hServiceNow
„hSystem Center Service Manager
„hProvance
„hCherwell
With ITSMC, you can
„hCreate work items in ITSM tool, based on your Azure alerts (metric alerts, Activity Log alerts and Log Analytics alerts).
„hOptionally, you can sync your incident and change request data from your ITSM tool to an Azure Log Analytics workspace.
References: https://docs.microsoft.com/en-us/azure/azure-monitor/platform/itsmcoverview

NEW QUESTION 6
Your company has a project in Azure DevOps for a new web application. The company uses Service Now for change management.
You need to ensure that a change request is processed before any components can be deployed to the production environment.
What are two ways to integrate into the Azure DevOps release pipeline? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

• A. Define a deployment control that invokes the Service Now SOAP API.
• B. Define a post deployment gate after the deployment to the QA stage.
• C. Define a deployment control that invokes the ServiceNow REST API.
• D. Define a pre deployment gate before the deployment to the Prod stag

Answer: BD

Explanation:
An example of a release pipeline that can be modeled through a release pipeline in shown below:

In this example, a release of a website is created by collecting specific versions of two builds (artifacts), each from a different build pipeline. The release is first deployed to a Dev stage and then forked to two QA stages in parallel. If the deployment succeeds in both the QA stages, the release is deployed to Prod ring 1 and then to Prod ring 2. Each production ring represents multiple instances of the same website deployed at various locations around the globe.
References: https://docs.microsoft.com/en-us/azure/devops/pipelines/release

NEW QUESTION 7
You are automating the build process for a Java-based application by using Azure DevOps.
You need to add code coverage testing and publish the outcomes to the pipeline. What should you use?

• A. Cobertura
• B. Bullseye Coverage
• C. MSTest
• D. Coverlet

Answer: A

Explanation:
Use Publish Code Coverage Results task in a build pipeline to publish code coverage results to Azure Pipelines or TFS, which were produced by a build in Cobertura or JaCoCo format.
References: https://docs.microsoft.com/enus/azure/devops/pipelines/tasks/test/publish-code-coverage-results

NEW QUESTION 8
You have 50 Node.js-based projects that you scan by using WhiteSource. Each project includes Package.json, Package-lock.json, and Npm-shrinkwrap.json files. You need to minimize the number of libraries reports by WhiteSource to only the libraries that you explicitly reference.
What should you do?

• A. Configure the File System Agent plug in.
• B. Delete Package lock.json.
• C. Configure the Artifactory plug-in.
• D. Add a devDependencies section to Package-lock.jso

Answer: D

Explanation:
Separate Your Dependencies
Within your package.json file be sure you split out your npm dependencies between devDependencies and (production) dependencies. The key part is that you must then make use of the --production flag when installing the npm packages. The -- production flag will exclude all packages defined in the devDependencies section. References:
https://blogs.msdn.microsoft.com/visualstudioalmrangers/2021/06/08/manage-youropen- source-usage-and-security-as-reported-by-your-cicd-pipeline/

NEW QUESTION 9
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an approval process that contains a condition. The condition requires that releases be approved by a team leader before they are deployed.
You have a policy stating that approvals must occur within eight hours.
You discover that deployment fail if the approvals take longer than two hours. You need to ensure that the deployments only fail if the approvals take longer than eight hours.
Solution: From Pre-deployment conditions, you modify the Time between reevaluation of gates option.
Does this meet the goal?

• A. Yes
• B. No

Answer: A

Explanation:
Gates allow automatic collection of health signals from external services, and then promote the release when all the signals are successful at the same time or stop the deployment on timeout. Typically, gates are used in connection with incident management, problem management, change management, monitoring, and external approval systems.
References: https://docs.microsoft.com/enus/ azure/devops/pipelines/release/approvals/gates
Approvals and gates give you additional control over the start and completion of the deployment pipeline. Each stage in a release pipeline can be configured with predeployment and post-deployment conditions that can include waiting for users to
manually approve or reject deployments, and checking with other automated systems until specific conditions are verified.

NEW QUESTION 10
unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution
After you answer a question in this section, you will NOT be able to return to it. As a result these questions will not appear in the review screen.
You integrate a cloud-hosted Jenkins server and a new Azure DevOps deployment. You need Azure DevOps to send a notification to Jenkins when a developer commits
changes to a branch in Azure Repos.
Solution: You create a service hook subscription that uses the build completed event Does this meet the goal?

• A. Yes
• B. No

Answer: A

NEW QUESTION 11
HOTSPOT
You have a project Azure DevOps.
You plan to create a build pipeline that will deploy resources by using Azure Resource Manager templates. The templates will reference secretes stored in Azure Key Vault.
Yu need to ensure that you can dynamically generate the resource ID of the key vault during template deployment.
What should you include in the template? To answer, select eh appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 12
DRAG DROP
You are implementing a package management solution for a Node.js application by using Azure Artifacts.
You need to configure the development environment to connect to the package repository. The solution must minimize the likelihood that credentials will be leaked. Which file should you use to configure each connection? To answer, drag the appropriate files to the correct connections. Each file may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 13
HOTSPOT
Your company uses Team Foundation Server 2013 (TFS 2013). You plan to migrate to Azure DevOps.
You need to recommend a migration strategy that meets the following requirements:
„hPreserves the dates of Team Foundation Version Control changesets
„hPreserves the changes dates of work items revisions
„hMinimizes migration effort
„hMigrates all TFS artifacts
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Box 1: Upgrade TFS to the most recent RTM release.
One of the major prerequisites for migrating your Team Foundation Server database is to get your database schema version as close as possible to what is currently deployed in Azure Devops Services.
Box 2: Use the TFS Database Import Service
In Phase 3 of your migration project, you will work on upgrading your Team Foundation Server to one of the supported versions for the Database Import Service in Azure Devops Services.
References: Team Foundation Server to Azure Devops Services Migration Guide

NEW QUESTION 14
Your company uses Azure DevOps for the build pipelines and deployment pipelines of Java based projects. You need to recommend a strategy for managing technical debt.
Which two actions should you include in the recommendation? Each correct answer presents part of the solution
NOTE: Each correct selection is worth one point.

• A. Integrate Azure DevOps and SonarQube.
• B. Integrates Azure DevOPs and Azure DevTest Labs.
• C. Configure post-deployment approvals in the deployment pipeline.
• D. Configure pre-deployment approvals in the deployment pipelin

Answer: AC

NEW QUESTION 15
Your company builds a multi tier web application.
>You use Azure DevOps and host the production application on Azure virtual machines.
Your team prepares an Azure Resource Manager template of the virtual machine that you mil use to test new features.
You need to create a staging environment in Azure that meets the following requirements:
¡E Minimizes the cost of Azure hosting
¡E Provisions the virtual machines automatically
¡E Use* the custom Azure Resource Manager template to provision the virtual machines
What should you do?

• A. In Azure DevOps, configure new tasks in the release pipeline to create and delete the virtual machines m Azure DevTest Labs.
• B. From Azure Cloud Shell, run Azure PowerShell commands to create and delete the new virtual machines in a staging resource group.
• C. In Azure DevOps, configure new tasks in the release pipeline to deploy to Azure Cloud Services.
• D. In Azure Cloud Shell, run Azure CLI commands to create and delete the new virtual machines in a staging resource group.

Answer: A

Explanation:
You can use the Azure DevTest Labs Tasks extension that's installed in Azure DevOps to easily integrate your CI/CD build-and-release pipeline with Azure DevTest Labs. The extension installs three tasks:
„hCreate a VM
„hCreate a custom image from a VM
„hDelete a VM
The process makes it easy to, for example, quickly deploy a "golden image" for a specific test task and then delete it when the test is finished.
References: https://docs.microsoft.com/en-us/azure/lab-services/devtest-labintegrate- ci-cd-vsts

NEW QUESTION 16
Your company develops a client banking application that processes a large volume of data.
Code quality is an ongoing issue for the company. Recently, the code quality has deteriorated because of an increase in time pressure on the development team. You need to implement static code analysis.
During which phase should you use static code analysis?

• A. build
• B. production release
• C. staging
• D. integration testing

Answer: B

NEW QUESTION 17
Your company hosts a web application in Azure. The company uses Azure Pipelines for the build and release management of the application.
Stakeholders report that the past few releases have negatively affected system performance.
You configure alerts in Azure Monitor.
You need to ensure that new releases are only deployed to production if the releases meet defined performance baseline criteria in the staging environment first What should you use to prevent the deployment of releases that fail to meet the performance baseline?

• A. a trigger
• B. an Azure function
• C. a gate
• D. an Azure Scheduler job

Answer: C

NEW QUESTION 18
You have an Azure Resource Manager template that deploys a multi-tier application. You need to prevent the user who performs the deployment from viewing the account credentials and connection strings used by the application.
What should you use?

• A. an Azure Resource Manager parameter file
• B. an Azure Storage table
• C. an Appsettings.json files
• D. Azure Key Vault
• E. a Web.config file

Answer: D

Explanation:
When you need to pass a secure value (like a password) as a parameter during deployment, you can retrieve the value from an Azure Key Vault. You retrieve the value by referencing the key vault and secret in your parameter file. The value is never exposed because you only reference its key vault ID. The key vault can exist in a different subscription than the resource group you are deploying to. References: https://docs.microsoft.com/en-us/azure/azure-resourcemanager/ resource-manager-keyvault-parameter

NEW QUESTION 19
DRAG DROP
You plan to use Azure Kubernetes Service (AKS) to host containers deployed from images hosted in a Docker Trusted Registry.
You need to recommend a solution for provisioning and connecting to AKS. The solution must ensure that AKS is RBAC-enaWed and uses a custom service principal.
Which three commands should you recommend be run in sequence? To answer, move the appropriate commands from the list of commands to the answer area and arrange them in the coned order.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 20
DRAG DROP
You mc configuring Azure DevOps build pipelines. You plan to use hosted build agents.
Which build agent pool should you use to compile each application type? To answer, drag the appropriate built agent pools to the correct application types. Each butt agent pool may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Box 1: Hosted macOS
Hosted macOS pool (Azure Pipelines only): Enables you to build and release on macOS without having to configure a self-hosted macOS agent. This option affects where your data is stored.
Box 2: Hosted
Hosted pool (Azure Pipelines only): The Hosted pool is the built-in pool that is a collection of Microsoft-hosted agents.
Incorrect Answers:
Default pool: Use it to register self-hosted agents that you've set up.
Hosted Windows Container pool (Azure Pipelines only): Enabled you to build and release inside Windows containers. Unless you're building using containers, Windows builds should run in the Hosted VS2021 or Hosted pools.
References: https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/v2-osx

NEW QUESTION 21
HOTSPOT
Your company is building a new web application.
You plan to collect feedback from pilot users on the features being delivered. All the pilot users have a corporate computer that has Google Chrome and the Microsoft Test & Feedback extension installed. The pilot users will test the application by using Chrome.
You need to identify which access levels are required to ensure that developers can request and gather feedback from the pilot users. The solution must use the principle of least privilege.
Which access levels m Azure DevOps should you identify? To answer, select the
appropriate options in the answer area
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Box 1: Basic
Assign Basic to users with a TFS CAL, with a Visual Studio Professional subscription, and to users for whom you are paying for Azure Boards & Repos in an organization.
Box 2: Stakeholder
Assign Stakeholders to users with no license or subscriptions who need access to a limited set of features.
Note:
You assign users or groups of users to one of the following access levels: Basic: provides access to most features
VS Enterprise: provides access to premium features
Stakeholders: provides partial access, can be assigned to unlimited users for free References: https://docs.microsoft.com/enus/ azure/devops/organizations/security/access-levels?view=vsts

NEW QUESTION 22
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You plan to create a release pipeline that will deploy Azure resources by using Azure Resource Manager templates. The release pipeline will create the following resources:
„hTwo resource groups
„hFour Azure virtual machines in one resource group
„hTwo Azure SQL databases in other resource group
You need to recommend a solution to deploy the resources.
Solution: Create two standalone templates, each of which will deploy the resources in its respective group.
Does this meet the goal?

• A. Yes
• B. No

Answer: B

Explanation:
Use a main template and two linked templates.
References: https://docs.microsoft.com/en-us/azure/azure-resourcemanager/ resource-group-linked-templates

NEW QUESTION 23
You need to recommend a Docker container build strategy that meets the following requirements
¡E Minimizes image sues
¡E Minimizes the security surface area of the final image What should you include m the recommendation?

• A. multi-stage builds
• B. single-stage builds
• C. PowerShell Desired State Configuration (DSC)
• D. Docker Swarm

Answer: A

Explanation:
Multi-stage builds are a new feature requiring Docker 17.05 or higher on the daemon and client. Multistage builds are useful to anyone who has struggled to optimize Dockerfiles while keeping them easy to read and maintain. References: https://docs.docker.com/develop/develop-images/multistage-build/

NEW QUESTION 24
......