New and Valid for 100% Passing Ensure Microsoft DevOps Solutions AZ-400 Dumps from Lead4Pass: https://www.leads4pass.com/az-400.html (355 Q&As),
Lead4Pass offers both AZ-400 VCE Dumps and AZ-400 PDF Dumps for Preparing for the Microsoft DevOps Solutions AZ-400 Exam, 100% Valid and 100% Passing Guarantee.
More, you can download the latest Lead4Pass AZ-400 Exam Dumps Online for FREE: https://drive.google.com/file/d/1Bss5ZFfk-N_REyjaP1Eekdhg2H_-4SPP/
Free Microsoft DevOps Solutions AZ-400 exam questions and answers
QUESTION 1
SIMULATION
You need to configure a virtual machine named VM1 to securely access stored secrets in an Azure Key Vault named
az400-11566895-kv.
To complete this task, sign in to the Microsoft Azure portal.
Correct Answer: See solution below.
QUESTION 2
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might have more than one correct solution,
while
others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear in the review screen.
You plan to update the Azure DevOps strategy of your company.
You need to identify the following issues as they occur during the company\\’s development process:
1.
Licensing violations
2.
Prohibited libraries
Solution: You implement automated security testing.
Does this meet the goal?
A. Yes
B. No
Correct Answer: B
Instead use implement continuous integration.
Note: WhiteSource is the leader in continuous open source software security and compliance management.
WhiteSource integrates into your build process, irrespective of your programming languages, build tools, or
development environments. It works automatically, continuously, and silently in the background, checking the security,
licensing, and quality of your open source components against WhiteSource constantly-updated definitive database of
open source repositories.
Reference: https://azuredevopslabs.com/labs/vstsextend/whitesource/
QUESTION 3
SIMULATION
You need to ensure that the https://contoso.com/statushook webhook is called every time a repository named
az40010480345acr1 receives a new version of an image named dotnetapp.
To complete this task, sign in to the Microsoft Azure portal.
Correct Answer: See solution below.
1.
Sign in to the Azure portal.
2.
Navigate to the container registry az40010480345acr1.
3.
Under Services, select Webhooks.
4.
Select the existing webhook https://contoso.com/statushook, and double-click on it to get its properties.
5.
For Trigger actions select image push
Example web hook: Reference: https://docs.microsoft.com/en-us/azure/container-registry/container-registry-webhook
QUESTION 4
Your company uses Azure DevOps.
Only users who have accounts in Azure Active Directory can access the Azure DevOps environment.
You need to ensure that only devices that are connected to the on-premises network can access the Azure DevOps
environment.
What should you do?
A. Assign the Stakeholder access level all users.
B. In Azure Active Directory, configure risky sign-ins.
C. In Azure DevOps, configure Security in Project Settings.
D. In Azure Active Directory, configure conditional access.
Correct Answer: D
Conditional Access is a capability of Azure Active Directory. With Conditional Access, you can implement automated
access control decisions for accessing your cloud apps that are based on conditions.
Conditional Access policies are enforced after the first-factor authentication has been completed.
References:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview
QUESTION 5
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might have more than one correct solution,
while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear in the review screen.
You manage a project in Azure DevOps.
You need to prevent the configuration of the project from changing over time.
Solution: Implement Continuous Assurance for the project.
Does this meet the goal?
A. Yes
B. No
Correct Answer: A
The basic idea behind Continuous Assurance (CA) is to setup the ability to check for “drift” from what is considered a
secure snapshot of a system. Support for Continuous Assurance lets us treat security truly as a \\’state\\’ as opposed to
a \\’point in time\\’ achievement. This is particularly important in today\\’s context when \\’continuous change\\’ has
become a norm.
There can be two types of drift:
1.
Drift involving \\’baseline\\’ configuration: This involves settings that have a fixed number of possible states (often predefined/statically determined ones). For instance, a SQL DB can have TDE encryption turned ON or OFF…or a Storage
Account may have auditing turned ON however the log retention period may be less than 365 days.
2.
Drift involving \\’stateful\\’ configuration: There are settings which cannot be constrained within a finite set of well-known
states. For instance, the IP addresses configured to have access to a SQL DB can be any (arbitrary) set of IP
addresses. In such scenarios, usually human judgment is initially required to determine whether a particular
configuration should be considered \\’secure\\’ or not. However, once that is done, it is important to ensure that there is
no “stateful drift” from the attested configuration. (E.g., if, in a troubleshooting session, someone adds the IP address of
a developer machine to the list, the Continuous Assurance feature should be able to identify the drift and generate
notifications/ alerts or even trigger \\’auto-remediation\\’ depending on the severity of the change).
Reference: https://azsk.azurewebsites.net/04-Continous-Assurance/Readme.html
QUESTION 6
SIMULATION
You need to create and configure an Azure Storage account named az400lod11566895stor in a resource group named
RG1lod11566895 to store the boot diagnostics for a virtual machine named VM1.
To complete this task, sign in to the Microsoft Azure portal.
Correct Answer: See solution below.
QUESTION 7
You have a private project in Azure DevOps.
You need to ensure that a project manager can create custom work item queries to report on the project\\’s progress.
The solution must use the principle of least privilege. To which security group should you add the project manager?
A. Project Collection Administrators
B. Reader
C. Project Administrators
D. Contributor
Correct Answer: C
QUESTION 8
You have a containerized solution that runs in Azure Container Instances. The solution contains a frontend container
named App1 and a backend container named DB1. DB1 loads a large amount of data during startup.
You need to verify that DB1 can handle incoming requests before users can submit requests to Appl.
What should you configure?
A. a Iiveness probe
B. an Azure Load Balancer health probe
C. a readiness probe
D. a performance log
Correct Answer: C
For containerized applications that serve traffic, you might want to verify that your container is ready to handle incoming requests. Azure Container Instances supports readiness probes to include configurations so that your container can\\’t be accessed under certain conditions.
Reference: https://docs.microsoft.com/en-us/azure/container-instances/container-instances-readiness-probe
QUESTION 9
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might have more than one correct solution,
while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear in the review screen.
Your company has a project in Azure DevOps for a new web application.
You need to ensure that when code is checked in, a build runs automatically.
Solution: From the Triggers tab of the build pipeline, you select Enable continuous integration.
Does this meet the goal?
A. Yes
B. No
Correct Answer: B
In Visual Designer you enable continuous integration (CI) by:
1.
Select the Triggers tab.
2.
Enable Continuous integration.
A continuous integration trigger on a build pipeline indicates that the system should automatically queue a new build
whenever a code change is committed.
References: https://docs.microsoft.com/en-us/azure/devops/pipelines/get-started-designer
QUESTION 10
DRAG DROP
You are configuring Azure Pipelines for three projects in Azure DevOps as shown in the following table.
Which version control system should you recommend for each project? To answer, drag the appropriate version control systems to the correct projects. Each version control system may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:
Correct Answer:
Project1:Git in Azure Repos
Project2: Github Enterprise
GitHub Enterprise is the on-premises version of GitHub.com. GitHub Enterprise includes the same great set of features
as GitHub.com but packaged for running on your organization\\’s local network. All repository data is stored on
machines
that you control, and access is integrated with your organization\\’s authentication system (LDAP, SAML, or CAS).
Project3: Bitbucket cloud
One downside, however, is that Bitubucket does not include support for SVN but this can be easily amended migrating
the SVN repos to Git with tools such as SVN Mirror for Bitbucket .
Note: SVN is a centralized version control system.
Incorrect Answers:
Bitbucket:
Bitbucket comes as a distributed version control system based on Git.
Note: A source control system, also called a version control system, allows developers to collaborate on code and track
changes. Source control is an essential tool for multi-developer projects.
Our systems support two types of source control: Git (distributed) and Team Foundation Version Control (TFVC). TFVC
is a centralized, client-server system. In both Git and TFVC, you can check in files and organize files in folders,
branches, and repositories.
References:
https://www.azuredevopslabs.com/labs/azuredevops/yaml/
https://enterprise.github.com/faq
QUESTION 11
You have a multi-tier application. The front end of the application is hosted in Azure App Service.
You need to identify the average load times of the application pages.
What should you use?
A. Azure Application Insights
B. the activity log of the App Service
C. the diagnostics logs of the App Service
D. Azure Advisor
Correct Answer: A
Application Insights will tell you about any performance issues and exceptions, and help you find and diagnose the root causes.
Application Insights can monitor both Java and ASP.NET web applications and services, WCF services. They can be
hosted on-premises, on virtual machines, or as Microsoft Azure websites.
On the client side, Application Insights can take telemetry from web pages and a wide variety of devices including iOS,
Android, and Windows Store apps.
Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/app/web-monitor-performance
QUESTION 12
You have an Azure DevOps organization named Contoso and an Azure subscription.
You use Azure DevOps to build a containerized app named App1 and deploy App1 to an Azure container instance
named ACI1.
You need to restart ACI1 when App1 stops responding.
What should you do?
A. Add a liveness probe to the YAML configuration of App1.
B. Add a readiness probe to the YAML configuration of App1.
C. Use Connection Monitor in Azure Network Watcher.
D. Use IP flow verify in Azure Network Watcher.
Correct Answer: B
For containerized applications that serve traffic, you might want to verify that your container is ready to handle incoming requests. Azure Container Instances supports readiness probes to include configurations so that your container can\\’t be accessed under certain conditions. The readiness probe behaves like a Kubernetes readiness probe. For example, a container app might need to load a large data set during startup, and you don\\’t want it to receive requests during this time.
YAML is used to setup a liveness probe.
Reference: https://docs.microsoft.com/en-us/azure/container-instances/container-instances-readiness-probe
QUESTION 13
Your company uses Azure DevOps to manage the build and release processes for applications. You use a Git
repository for applications source control. You plan to create a new branch from an existing pull request. Later, you plan to merge the new branch and the target branch of the pull request.
You need to use a pull request action to create the new branch. The solution must ensure that the branch uses only a
portion of the code in the pull request.
Which pull request action should you use?
A. Set as default branch
B. Approve with suggestions
C. Cherry-pick
D. Reactivate
E. Revert
Correct Answer: C
Cherry-pick a pull request
To copy changes made in a pull request to another branch in your repo, follow these steps:
In a completed pull request, select Cherry-pick, or for an active pull request, select Cherry-pick from the … menu. Cherrypicking a pull request in this way creates a new branch with the copied changes. Merge into a target branch in a second pull request. In Target branch, enter the branch you want to merge the copied changes. In Case Study: branch name,enter a new branch to contain the copied changes, then select Cherry-pick.
Select Create pull request to merge the topic branch into the target branch to complete the cherry-pick.
Reference:
https://docs.microsoft.com/en-us/azure/devops/repos/git/pull-requests
Continue to follow to get more free updates…
Trying the Lead4Pass AZ-400 Dumps in VCE and PDF for Your First Attempt and 100% Passing: https://www.leads4pass.com/az-400.html (355 Q&As, VCE, and PDF)
More, download new Lead4Pass AZ-400 Exam Dumps for FREE: https://drive.google.com/file/d/1Bss5ZFfk-N_REyjaP1Eekdhg2H_-4SPP/
