Updated Sep-2021 Test Engine to Practice Test for AZ-400 Exam Questions and Answers!
Microsoft Azure DevOps Solutions Certification Sample Questions and Practice Exam
NEW QUESTION 15
You mc configuring Azure DevOps build pipelines.
You plan to use hosted build agents.
Which build agent pool should you use to compile each application type? To answer, drag the appropriate built agent pools to the correct application types. Each butt agent pool may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Box 1: Hosted macOS
Hosted macOS pool (Azure Pipelines only): Enables you to build and release on macOS without having to configure a self-hosted macOS agent. This option affects where your data is stored.
Box 2: Hosted
Hosted pool (Azure Pipelines only): The Hosted pool is the built-in pool that is a collection of Microsoft-hosted agents.
NEW QUESTION 16
You need to create an instance of Azure Application Insights named az400-9940427-main and configure the instance to receive telemetry data from an Azure web app named az400-9940427-main.
To complete this task, sign in to the Microsoft Azure portal.
Answer:
Explanation:
Step 1: Create an instance of Azure Application Insights
1. Open Microsoft Azure Portal
2. Log into your Azure account, Select Create a resource > Developer tools > Application Insights.
3. Enter the following settings, and then select Review + create.
Name: az400-9940427-main
Step 2: Configure App Insights SDK
1. Open your ASP.NET Core Web App project in Visual Studio > Right-click on the AppName in the Solution Explorer > Select Add > Application Insights Telemetry.
2. Click the Get Started button
3. Select your account and subscription > Select the Existing resource you created in the Azure portal > Click Register.
Reference:
https://docs.microsoft.com/bs-latn-ba/azure/azure-monitor/learn/dotnetcore-quick-start?view=vs-2017
NEW QUESTION 17
You have an Azure DevOps organization named Contoso and art Azure subscription The subscription contains an Azure virtual machine scale set named VMSS1 that is configured for autoscaling.
You use Azure DevOps to build a web app named Appl and deploy Appl to VMSS1. Appl is used heavily and has usage patterns that vary on a weekly basis.
You need to recommend a solution to detect an abnormal rise in the rate of failed requests to Appl. The solution must minimize administrative effort.
What should you include in the recommendation?
- A. the Smart Detection feature m Azure Application Insights
- B. the Failures feature in Azure Application Insights
- C. an Azure Service Health alert
- D. an Azure Monitor alert that uses an Azure Log Analytics query
Answer: A
Explanation:
After setting up Application Insights for your project, and if your app generates a certain minimum amount of data, Smart Detection of failure anomalies takes 24 hours to learn the normal behavior of your app, before it is switched on and can send alerts.
Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/app/proactive-failure-diagnostics
NEW QUESTION 18
You need to create an instance of Azure Application Insights named az400-9940427-main and configure the instance to receive telemetry data from an Azure web app named az400-9940427-main.
To complete this task, sign in to the Microsoft Azure portal.
Answer:
Explanation:
See solution below.
Explanation
Step 1: Create an instance of Azure Application Insights
1. Open Microsoft Azure Portal
2. Log into your Azure account, Select Create a resource > Developer tools > Application Insights.
3. Enter the following settings, and then select Review + create.
Name: az400-9940427-main
Step 2: Configure App Insights SDK
4. Open your ASP.NET Core Web App project in Visual Studio > Right-click on the AppName in the Solution Explorer > Select Add > Application Insights Telemetry.
5. Click the Get Started button
6. Select your account and subscription > Select the Existing resource you created in the Azure portal > Click Register.
References:
https://docs.microsoft.com/bs-latn-ba/azure/azure-monitor/learn/dotnetcore-quick-start?view=vs-2017
NEW QUESTION 19
You add the virtual machines as managed nodes in Azure Automation State Configuration.
You need to configure the managed computers in Pool7.
What should you do next?
- A. Modify the ConfigurationMode property of the Local Configuration Manager (LCM).
- B. Install PowerShell Core.
- C. Modify the RefreshMode property of the Local Configuration Manager (LCM).
- D. Run the Register-AzureRmAutomationDscNodeAzure Powershell cmdlet.
Answer: D
Explanation:
The Register-AzureRmAutomationDscNode cmdlet registers an Azure virtual machine as an APS Desired State Configuration (DSC) node in an Azure Automation account.
Scenario: The Azure DevOps organization includes:
The Docker extension
A deployment pool named Pool7 that contains 10 Azure virtual machines that run Windows Server 2016
References: https://docs.microsoft.com/en-us/powershell/module/azurerm.automation/register- azurermautomationdscnode Implement DevOps Development Processes Question Set 3
NEW QUESTION 20
Your company has a project in Azure DevOps.
You plan to create a release pipeline that will deploy resources by using Azure Resource Manager templates.
The templates will reference secrets stored in Azure Key Vault.
You need to recommend a solution for accessing the secrets stored in the key vault during deployments. The solution must use the principle of least privilege.
What should you include in the recommendation? To answer, drag the appropriate configurations to the correct targets. Each configuration may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Box 1: RBAC
Management plane access control uses RBAC.
The management plane consists of operations that affect the key vault itself, such as:
* Creating or deleting a key vault.
* Getting a list of vaults in a subscription.
* Retrieving Key Vault properties (such as SKU and tags).
* Setting Key Vault access policies that control user and application access to keys and secrets.
Box 2: RBAC
References:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-tutorial-use-key-vault
NEW QUESTION 21
You plan to use Azure Kubernetes Service (AKS) to host containers deployed from images hosted in a Docker Trusted Registry.
You need to recommend a solution for provisioning and connecting to AKS. The solution must ensure that AKS is RBAC-enaWed and uses a custom service principal.
Which three commands should you recommend be run in sequence? To answer, move the appropriate commands from the list of commands to the answer area and arrange them in the coned order.
Answer:
Explanation:
Explanation
Step 1 : az acr create
An Azure Container Registry (ACR) can also be created using the new Azure CLI.
az acr create
--name <REGISTRY_NAME>
--resource-group <RESOURCE_GROUP_NAME>
--sku Basic
Step 2: az ad sp create-for-rbac
Once the ACR has been provisioned, you can either enable administrative access (which is okay for testing) or you create a Service Principal (sp) which will provide a client_id and a client_secret.
az ad sp create-for-rbac
--scopes
/subscriptions/<SUBSCRIPTION_ID>/resourcegroups/<RG_NAME>/providers/Microsoft.ContainerRegistry/re
--role Contributor
--name <SERVICE_PRINCIPAL_NAME>
Step 3: kubectl create
Create a new Kubernetes Secret.
kubectl create secret docker-registry <SECRET_NAME>
--docker-server <REGISTRY_NAME>.azurecr.io
--docker-email <YOUR_MAIL>
--docker-username=<SERVICE_PRINCIPAL_ID>
--docker-password <YOUR_PASSWORD>
References:
https://thorsten-hans.com/how-to-use-private-azure-container-registry-with-kubernetes
NEW QUESTION 22
You have an existing project in Azure DevOps.
You plan to integrate GitHub as the repository for the project
You need to ensure that Azure Pipelines runs under the Azure Pipelines identity Which authentication mechanism should you use?
- A. OAuth
- B. Azure Active Directory (Azure AD)
- C. GitHubApp
- D. personal access token (PAT)
Answer: C
Explanation:
GitHub App uses the Azure Pipelines identity.
Reference:
https://docs.microsoft.com/en-us/azure/devops/pipelines/repos/github
NEW QUESTION 23
Your company plans to deploy an application to the following endpoints:
* Ten virtual machines hosted in Azure.
* Ten virtual machines hosted in an on-premises data center environment All the virtual machines have the- Azure Pipelines agent.
You need to implement a release strategy for deploying the application to the endpoints.
What should you recommend using to deploy the application to the endpoints? To answer, drag the appropriate components to the correct endpoint.
Each component may be used once, more than once, or not at all. You may need to drag the split bar between panes or soon to view content NOTE: Each correct selection n worth one point.
Answer:
Explanation:
Explanation
Box 1: A deployment group
When authoring an Azure Pipelines or TFS Release pipeline, you can specify the deployment targets for a job using a deployment group.
If the target machines are Azure VMs, you can quickly and easily prepare them by installing the Azure Pipelines Agent Azure VM extension on each of the VMs, or by using the Azure Resource Group Deployment task in your release pipeline to create a deployment group dynamically.
Box 2: A deployment group
References: https://docs.microsoft.com/en-us/azure/devops/pipelines/release/deployment-groups
NEW QUESTION 24
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an approval process that contains a condition. The condition requires that releases be approved by a team leader before they are deployed.
You haw a pokey stating that approvals must occur within eight hours.
You discover that deployments only if the approvals take longer than two hours.
You need to ensure that the deployments only fail if the approvals take longer than hours.
Solution From Post -deployment conditions, you modify the Timeout setting for post-deployment approvals.
Does this meet the goal?
- A. Yes
- B. NO
Answer: B
NEW QUESTION 25
You currently use JIRA, Jenkins, and Octopus as part of your DevOps processes.
You plan to use Azure DevOps to replace these tools.
Which Azure DevOps service should you use to replace each tool? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
JIRA: Release pipelines
Atlassian's Jira Software is a popular application that helps teams to plan, track, and manage software releases, whereas Octopus Deploy helps teams automate their development and operations processes in a fast, repeatable, and reliable manner. Together, they enable teams to get better end-to-end visibility into their software pipelines from idea to production.
Jenkins: Repos
One way to integrate Jenkins with Azure Pipelines is to run CI jobs in Jenkins separately. This involves configuration of a CI pipeline in Jenkins and a web hook in Azure DevOps that invokes the CI process when source code is pushed to a repository or a branch.
Octopus: Build pipelines
References:
https://octopus.com/blog/octopus-jira-integration
https://www.azuredevopslabs.com/labs/vstsextend/jenkins/
NEW QUESTION 26
You need to find and isolate shared code. The shared code will be maintained in a series of packages.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Explanation:
Explanation
Step 1: Create a dependency graph for the application
By linking work items and other objects, you can track related work, dependencies, and changes made over time. All links are defined with a specific link type. For example, you can use Parent/Child links to link work items to support a hierarchical tree structure. Whereas, the Commit and Branch link types support links between work items and commits and branches, respectively.
Step 2: Group the related components.
Packages enable you to share code across your organization: you can compose a large product, develop multiple products based on a common shared framework, or create and share reusable components and libraries.
Step 3: Assign ownership to each component graph
References:
https://docs.microsoft.com/en-us/azure/devops/boards/queries/link-work-items-support-traceability?view=azure-
https://docs.microsoft.com/en-us/visualstudio/releasenotes/tfs2017-relnotes
NEW QUESTION 27
You need to implement Project6.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them m the correct order.
Answer:
Explanation:
1 - Open the release pipline editor.
2 - Enable Gates.
3 - Add Query Work Item.
Explanation:
Scenario: Implement Project3, Project5, Project6, and Project7 based on the planned changes
Step 1: Open the release pipeline editor.
In the Releases tab of Azure Pipelines, select your release pipeline and choose Edit to open the pipeline editor.
Step 2: Enable Gates.
Choose the pre-deployment conditions icon for the Production stage to open the conditions panel. Enable gates by using the switch control in the Gates section.
Step 3: Add Query Work items.
Choose + Add and select the Query Work Items gate.
Configure the gate by selecting an existing work item query.
Note: A case for release gate is:
Incident and issues management. Ensure the required status for work items, incidents, and issues. For example, ensure deployment occurs only if no priority zero bugs exist, and validation that there are no active incidents takes place after deployment.
References:
https://docs.microsoft.com/en-us/azure/devops/pipelines/release/deploy-using-approvals?view=azure-devops#configure-gate
NEW QUESTION 28
Your team uses an agile development approach.
You need to recommend a branching strategy for the team's Git repository. The strategy must meet the
following requirements.
Provide the ability to work on multiple independent tasks in parallel.
Ensure that checked-in code remains in a releasable state always.
Ensure that new features can be abandoned at any time.
Encourage experimentation.
What should you recommend?
- A. a single long-running branch
- B. multiple long-running branches
- C. a single fork per team member
- D. a single-running branch with multiple short-lived topic branches
Answer: D
Explanation:
Topic: branches, however, are useful in projects of any size. A topic branch is a short-lived branch that you create and use for a single particular feature or related work. This is something you've likely never done with a VCS before because it's generally too expensive to create and merge branches. But in Git it's common to create, work on, merge, and delete branches several times a day.
Reference:
https://git-scm.com/book/en/v2/Git-Branching-Branching-Workflows
NEW QUESTION 29
Where should the build and release agents for the investment planning applications suite run?
To answer, select the appropriate options in the answer area NOTE: Each correct selection is worth one point.
Answer:
Explanation:
see the answer below in explanation.
Explanation
NEW QUESTION 30
You are deploying a server application that will run on a Server Core installation of Windows Server 2019.
You create an Azure key vault and a secret.
You need to use the key vault to secure API secrets for third-party integrations.
Which three actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
D18912E1457D5D1DDCBD40AB3BF70D5D
- A. Configure RBAC for the key vault.
- B. Configure a Key Vault access policy.
- C. Deploy an Azure Desired State Configuration (DSC) extension.
- D. Modify the application to access the key vault.
- E. Deploy a virtual machine that uses a system-assigned managed identity.
Answer: B,D,E
Explanation:
BE: An app deployed to Azure can take advantage of Managed identities for Azure resources, which allows the app to authenticate with Azure Key Vault using Azure AD authentication without credentials (Application ID and Password/Client Secret) stored in the app.
Select Add Access Policy.
Open Secret permissions and provide the app with Get and List permissions.
Select Select principal and select the registered app by name. Select the Select button.
Select OK.
Select Save.
Deploy the app.
References:
https://docs.microsoft.com/en-us/aspnet/core/security/key-vault-configuration
https://docs.microsoft.com/en-us/azure/key-vault/general/tutorial-net-virtual-machine
NEW QUESTION 31
You use Azure Pipelines to automate Continuous Integration/Continuous Deployment (CI/CD) for an Azure web app named WebApp1.
You configure an Azure Monitor alert that is triggered when WebApp1 generates an error.
You need to configure the alert to forward details of the error to a third-party system. The solution must minimize administrative effort.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Explanation:
1 - Create an Azure logic app.
2 - Select the HTTP request trigger.
3 - Updated the action group in Azure Monitor.
Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/alerts/action-groups-logic-app
NEW QUESTION 32
Your company builds a multi tier web application.
>You use Azure DevOps and host the production application on Azure virtual machines.
Your team prepares an Azure Resource Manager template of the virtual machine that you mil use to test new features.
You need to create a staging environment in Azure that meets the following requirements:
* Minimizes the cost of Azure hosting
* Provisions the virtual machines automatically
* Use* the custom Azure Resource Manager template to provision the virtual machines
What should you do?
- A. From Azure Cloud Shell, run Azure PowerShell commands to create and delete the new virtual machines in a staging resource group.
- B. In Azure DevOps, configure new tasks in the release pipeline to create and delete the virtual machines m Azure DevTest Labs.
- C. In Azure DevOps, configure new tasks in the release pipeline to deploy to Azure Cloud Services.
- D. In Azure Cloud Shell, run Azure CLI commands to create and delete the new virtual machines in a staging resource group.
Answer: B
Explanation:
You can use the Azure DevTest Labs Tasks extension that's installed in Azure DevOps to easily integrate your CI/CD build-and-release pipeline with Azure DevTest Labs. The extension installs three tasks:
* Create a VM
* Create a custom image from a VM
* Delete a VM
The process makes it easy to, for example, quickly deploy a "golden image" for a specific test task and then delete it when the test is finished.
References:
https://docs.microsoft.com/en-us/azure/lab-services/devtest-lab-integrate-ci-cd-vsts
NEW QUESTION 33
You plan to use Azure Kubernetes Service (AKS) to host containers deployed from images hosted in a Docker Trusted Registry.
You need to recommend a solution for provisioning and connecting to AKS. The solution must ensure that AKS is RBAC-enaWed and uses a custom service principal.
Which three commands should you recommend be run in sequence? To answer, move the appropriate commands from the list of commands to the answer area and arrange them in the coned order.
Answer:
Explanation:
Explanation
Step 1 : az acr create
An Azure Container Registry (ACR) can also be created using the new Azure CLI.
az acr create
--name <REGISTRY_NAME>
--resource-group <RESOURCE_GROUP_NAME>
--sku Basic
Step 2: az ad sp create-for-rbac
Once the ACR has been provisioned, you can either enable administrative access (which is okay for testing) or you create a Service Principal (sp) which will provide a client_id and a client_secret.
az ad sp create-for-rbac
--scopes
/subscriptions/<SUBSCRIPTION_ID>/resourcegroups/<RG_NAME>/providers/Microsoft.ContainerRegistry/re
--role Contributor
--name <SERVICE_PRINCIPAL_NAME>
Step 3: kubectl create
Create a new Kubernetes Secret.
kubectl create secret docker-registry <SECRET_NAME>
--docker-server <REGISTRY_NAME>.azurecr.io
--docker-email <YOUR_MAIL>
--docker-username=<SERVICE_PRINCIPAL_ID>
--docker-password <YOUR_PASSWORD>
References:
https://thorsten-hans.com/how-to-use-private-azure-container-registry-with-kubernetes
NEW QUESTION 34
You are creating a container for an ASP.NET Core app.
You need to create a Dockerfile file to build the image. The solution must ensure that the size of the image is minimized.
How should you configure the file? To answer, drag the appropriate values to the correct targets. Each value must be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
Box 1: microsoft.com/dotnet/sdk:2.3
The first group of lines declares from which base image we will use to build our container on top of. If the local system does not have this image already, then docker will automatically try and fetch it. The mcr.microsoft.com/dotnet/core/sdk:2.1 comes packaged with the .NET core 2.1 SDK installed, so it's up to the task of building ASP .NET core projects targeting version 2.1 Box 2: dotnet restore The next instruction changes the working directory in our container to be /app, so all commands following this one execute under this context.
COPY *.csproj ./
RUN dotnet restore
Box 3: microsoft.com/dotnet/2.2-aspnetcore-runtime
When building container images, it's good practice to include only the production payload and its dependencies in the container image. We don't want the .NET core SDK included in our final image because we only need the .NET core runtime, so the dockerfile is written to use a temporary container that is packaged with the SDK called build-env to build the app.
Reference:
https://docs.microsoft.com/de-DE/virtualization/windowscontainers/quick-start/building-sample-app
NEW QUESTION 35
......
Certification dumps Microsoft Azure AZ-400 guides - 100% valid: https://www.verifieddumps.com/AZ-400-valid-exam-braindumps.html
100% Pass Your AZ-400 Microsoft Azure DevOps Solutions at First Attempt with VerifiedDumps: https://drive.google.com/open?id=1ZeSUDbdYuvlGN7RcaV-B3D6sVAB3iKlL
