ExamGecko
Search Search Login
Home Home / Microsoft / AZ-400

Microsoft AZ-400 Practice Test - Questions Answers, Page 17

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

SIMULATION Task 8 Initialize the default main branch, if it does not exist already. In Project 1, you need to create a new Azure Pipelines YAML pipeline by using the ASP.NET template. The pipeline must use Azure Repos as the hosting platform and must be created in a new branch named azure-pipelines.
SIMULATION Task 3 You need to create a new team dashboard named Dashboard1 for the default project team of Project1. The dashboard must display the members of the team
You are building a Microsoft ASP.NET application that requires authentication. You need to authenticate users by using Azure Active Directory (Azure AD). What should you do first?
SIMULATION Task 7 Initialize the default main branch, if it does not exist already In the User 1-42147509 organization, you need to install the Microsoft Security DevOps extension. Next, create a new starter pipeline named starter1 that will use the following starter code. Ensure that starter! includes a task that executes the extension and uses the following input*: * Command: run * Policy aruredevops * Publish: true Save the pipeline to a new branch named starter
HOTSPOT You use Azure Pipelines to manage the build and deployment of apps. You are planning the release strategies for a new app. You need to choose strategies for the following scenarios: Releases will be made available to users who are grouped by their tolerance for software faults. Code will be deployed to enable functionality that will be available in later releases of the app. When a new release occurs, the existing deployment will remain active to minimize recovery time if a return to the previous version is required. Which strategy should you choose for each scenario? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
SIMULATION You plan to deploy a website that will be hosted in two Azure regions. You need to create an Azure Traffic Manager profile named az40011566895n1-tm in a resource group named RG1lod11566895. The solution must ensure that users will always connect to a copy of the website that is in the same country. To complete this task, sign in to the Microsoft Azure portal.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have an Azure pipeline that is used to deploy a web app. The pipeline includes a test suite named TestSuite1. TestSuite1 is used to validate the operations of the web app. TestSuite1 fails intermittently. You identify that the failures are unrelated to changes in the source code and execution environment. You need to minimize troubleshooting effort for the TestSuite1 failures. Solution: You increase code coverage. Does this meet the goal?
Your company has a release pipeline in an Azure DevOps project. You plan to deploy to an Azure Kubernetes Services (AKS) cluster by using the Helm package and deploy task. You need to install a service in the AKS namespace for the planned deployment. Which service should you install?
DRAG DROP You have a project in Azure DevOps. You need to associate an automated test to a test case. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
You have an Azure DevOps organization named Contoso. You need to recommend an authentication mechanism that meets the following requirements: Supports authentication from Git Minimizes the need to provide credentials during authentication What should you recommend?

Question 161

Report
Export
Collapse

You have an Azure DevOps project that contains a build pipeline. The build pipeline uses approximately 50 open source libraries. You need to ensure that all the open source libraries comply with your company's licensing standards. Which service should you use?

A.
NuGet
A.
NuGet
Answers
B.
Maven
B.
Maven
Answers
C.
Black Duck
C.
Black Duck
Answers
D.
Helm
D.
Helm
Answers
Suggested answer: C

Explanation:

Secure and Manage Open Source Software

Black Duck helps organizations identify and mitigate open source security, license compliance and code-quality risks across application and container portfolios. Black Duck Hub and its plugin for Team Foundation Server (TFS) allows you to automatically find and fix open source security vulnerabilities during the build process, so you can proactively manage risk. The integration allows you to receive alerts and fail builds when any Black Duck Hub policy violations are met.

Note: WhiteSource would also be a good answer, but it is not an option here.

Reference: https://marketplace.visualstudio.com/items?itemName=black-duck-software.hub-tfs

Question 162

Report
Export
Collapse

Your company develops an app for iOS. All users of the app have devices that are members of a private distribution group in Microsoft Visual Studio App Center. You plan to distribute a new release of the app.

You need to identify which certificate file you require to distribute the new release from App Center. Which file type should you upload to App Center?

A.
.cer
A.
.cer
Answers
B.
.pfx
B.
.pfx
Answers
C.
.p12
C.
.p12
Answers
D.
.pvk
D.
.pvk
Answers
Suggested answer: C

Explanation:

A successful IOS device build will produce an ipa file. In order to install the build on a device, it needs to be signed with a valid provisioning profile and certificate. To sign the builds produced from a branch, enable code signing in the configuration pane and upload a provisioning profile (.mobileprovision) and a valid certificate (.p12), along with the password for the certificate.

Reference:

https://docs.microsoft.com/en-us/appcenter/build/xamarin/ios/

Question 163

Report
Export
Collapse

SIMULATION

You need to prepare a network security group (NSG) named az400-9940427-nsg1 to host an Azure DevOps pipeline agent. The solution must allow only the required outbound port for Azure DevOps and deny all other inbound and outbound access to the Internet.

To complete this task, sign in to the Microsoft Azure portal.

A.
See solution below.
A.
See solution below.
Answers
Suggested answer: A

Explanation:

1. Open Microsoft Azure Portal and Log into your Azure account.

2. Select network security group (NSG) named az400-9940427-nsg1

3. Select Settings, Outbound security rules, and click Add

4. Click Advanced

5. Change the following settings:

Destination Port range: 8080

Protocol. TCP

Action: Allow

Note: By default, Azure DevOps Server uses TCP Port 8080.

Reference:

https://robertsmit.wordpress.com/2017/09/11/step-by-step-azure-network-security-groups-nsg-security-center-azure-nsg-network/

https://docs.microsoft.com/en-us/azure/devops/server/architecture/required-ports?view=azure-devops

Question 164

Report
Export
Collapse

HOTSPOT

You have a project in Azure DevOps that has three teams as shown in the Teams exhibit. (Click the Teams tab.)

You create a new dashboard named Dash1.

You configure the dashboard permissions for the Control project as shown in the Permissions exhibit. (Click the Permissions tab.)

All other permissions have the default values set.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.


Question 164
Correct answer: Question 164

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/devops/report/dashboards/charts-dashboard-permissions-access

Question 165

Report
Export
Collapse

DRAG DROP

Your company has a project in Azure DevOps.

You plan to create a release pipeline that will deploy resources by using Azure Resource Manager templates. The templates will reference secrets stored in Azure Key Vault.

You need to recommend a solution for accessing the secrets stored in the key vault during deployments. The solution must use the principle of least privilege.

What should you include in the recommendation? To answer, drag the appropriate configurations to the correct targets. Each configuration may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.


Question 165
Correct answer: Question 165

Explanation:

https://docs.microsoft.com/en-us/azure/key-vault/general/secure-your-key-vault

Question 166

Report
Export
Collapse

DRAG DROP

You need to configure access to Azure DevOps agent pools to meet the following requirements:

Use a project agent pool when authoring build or release pipelines.

View the agent pool and agents of the organization.

Use the principle of least privilege.

Which role memberships are required for the Azure DevOps organization and the project? To answer, drag the appropriate role memberships to the correct targets. Each role membership may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.


Question 166
Correct answer: Question 166

Explanation:

References: https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/pools-queues?view=azure-devops&tabs=yaml%2Cbrowser

Question 167

Report
Export
Collapse

DRAG DROP

Your company has an Azure subscription named Subscription1. Subscription1 is associated to an Azure Active Directory tenant named contoso.com.

You need to provision an Azure Kubernetes Services (AKS) cluster in Subscription1 and set the permissions for the cluster by using RBAC roles that reference the identities in contoso.com.

Which three objects should you create in sequence? To answer, move the appropriate objects from the list of objects to the answer area and arrange them in the correct order.


Question 167
Correct answer: Question 167

Explanation:

Step 1: Create an AKS cluster

Step 2: a system-assigned managed identity

To create an RBAC binding, you first need to get the Azure AD Object ID.

1. Sign in to the Azure portal.

2. In the search field at the top of the page, enter Azure Active Directory.

3. Click Enter.

4. In the Manage menu, select Users.

5. In the name field, search for your account.

6. In the Name column, select the link to your account.

7. In the Identity section, copy the Object ID.

Step 3: a RBAC binding

Reference:

https://docs.microsoft.com/en-us/azure/developer/ansible/aks-configure-rbac

Question 168

Report
Export
Collapse

HOTSPOT

You manage build and release pipelines by using Azure DevOps. Your entire managed environment resides in Azure.

You need to configure a service endpoint for accessing Azure Key Vault secrets. The solution must meet the following requirements:

Ensure that the secrets are retrieved by Azure DevOps.

Avoid persisting credentials and tokens in Azure DevOps.

How should you configure the service endpoint? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 168
Correct answer: Question 168

Explanation:

Box 1: Azure Pipelines service connection

Box 2: Managed Service Identity Authentication

The managed identities for Azure resources feature in Azure Active Directory (Azure AD) provides Azure services with an automatically managed identity in Azure AD. You can use the identity to authenticate to any service that supports Azure AD authentication, including Key Vault, without any credentials in your code.

Reference:

https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/deploy/azure-key-vault

https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview

Question 169

Report
Export
Collapse

HOTSPOT

Your company is creating a suite of three mobile applications.

You need to control access to the application builds. The solution must be managed at the organization level.

What should you use? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 169
Correct answer: Question 169

Explanation:

Box 1: Microsoft Visual Studio App Center distribution Groups

Distribution Groups are used to control access to releases. A Distribution Group represents a set of users that can be managed jointly and can have common access to releases. Example of Distribution Groups can be teams of users, like the QA Team or External Beta Testers or can represent stages or rings of releases, such as Staging.

Box 2: Shared

Shared distribution groups are private or public distribution groups that are shared across multiple apps in a single organization. Shared distribution groups eliminate the need to replicate distribution groups across multiple apps.

Note: With the Deploy with App Center Task in Visual Studio Team Services, you can deploy your apps from Azure DevOps (formerly known as VSTS) to App Center. By deploying to App Center, you will be able to distribute your builds to your users.

References: https://docs.microsoft.com/en-us/appcenter/distribution/groups

Question 170

Report
Export
Collapse

DRAG DROP

You use GitHub Enterprise Server as a source code repository.

You create an Azure DevOps organization named Contoso.

In the Contoso organization, you create a project named Project1.

You need to link GitHub commits, pull requests, and issues to the work items of Project1. The solution must use OAuth-based authentication.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.


Question 170
Correct answer: Question 170

Explanation:

Step 1: From Developer settings in GitHub Enterprise Server, register a new OAuth app.

If you plan to use OAuth to connect Azure DevOps Services or Azure DevOps Server with your GitHub Enterprise Server, you first need to register the application as an OAuth App

Step 2: Organization settings in Azure DevOps, add an OAuth configuration

Register your OAuth configuration in Azure DevOps Services.

Note:

1. Sign into the web portal for Azure DevOps Services.

2. Add the GitHub Enterprise Oauth configuration to your organization.

3. Open Organization settings>Oauth configurations, and choose Add Oauth configuration.

4. Fill in the form that appears, and then choose Create.

Step 3: From Project Settings in Azure DevOps, add a GitHub connection.

Connect Azure DevOps Services to GitHub Enterprise Server

Choose the Azure DevOps logo to open Projects, and then choose the Azure Boards project you want to configure to connect to your GitHub Enterprise repositories.

Choose (1) Project Settings, choose (2) GitHub connections and then (3) Click here to connect to your GitHub Enterprise organization.

Reference:

https://docs.microsoft.com/en-us/azure/devops/boards/github/connect-to-github

Total 482 questions
Go to page: of 49
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms