Microsoft AZ-400 Braindump 2021

NEW QUESTION 1
HOTSPOT
How should you confrere the release retention policy for the investment planning depletions suite? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Every request made against a storage service must be authorized, unless the request is for a blob or container resource that has been made available for public or signed access. One option for authorizing a request is by using Shared Key. Scenario: The mobile applications must be able to call the share pricing service of the existing retirement fund management system. Until the system is upgraded, the service will only support basic authentication over HTTPS.
The investment planning applications suite will include one multi-tier web application
and two iOS mobile application. One mobile application will be used by employees; the other will be used by customers.
References: https://docs.microsoft.com/en-us/rest/api/storageservices/authorizewith- shared-key

NEW QUESTION 2
DRAG DROP
You need to configure Azure Automation for the computer in Group7.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Step 1: Create a Desired State Configuration (DSC) configuration file that has an extension of .ps1.
Step 2: Run the Import-AzureRmAutomationDscConfiguration Azure Powershell cmdlet
The Import-AzureRmAutomationDscConfiguration cmdlet imports an APS Desired State Configuration (DSC) configuration into Azure Automation. Specify the path of an APS script that contains a single DSC configuration.
Example:
PS C:>Import-AzureRmAutomationDscConfiguration -AutomationAccountName "Contoso17"-ResourceGroupName "ResourceGroup01" -SourcePath "C:DSCclient.ps1" -Force
This command imports the DSC configuration in the file named client.ps1 into the Automation account named Contoso17. The command specifies the Force parameter. If there is an existing DSC configuration, this command replaces it. Step 3: Run the Start-AzureRmAutomationDscCompilationJob Azure Powershell
cmdlet
The Start-AzureRmAutomationDscCompilationJob cmdlet compiles an APS Desired State Configuration (DSC) configuration in Azure Automation.
References:
https://docs.microsoft.com/en-us/powershell/module/azurerm.automation/importazurermautomationdscconfiguration https://docs.microsoft.com/en-us/powershell/module/azurerm.automation/startazurermautomationdsccompilationjob

NEW QUESTION 3
You use Azure Artifacts to host NuGet packages that you create.
You need to make one of the packages available to anonymous users outside your organization. The solution must minimize the number of publication points. What should you do?

• A. Create a new feed for the package
• B. Publish the package to a public NuGet repository.
• C. Promote the package to a release view.
• D. Change the feed URL of the packag

Answer: A

Explanation:
Azure Artifacts introduces the concept of multiple feeds that you can use to organize and control access to your packages.
Packages you host in Azure Artifacts are stored in a feed. Setting permissions on the feed allows you to share your packages with as many or as few people as your scenario requires.
Feeds have four levels of access: Owners, Contributors, Collaborators, and Readers.
References: https://docs.microsoft.com/en-us/azure/devops/artifacts/feeds/feedpermissions? view=vsts&tabs=new-nav

NEW QUESTION 4
Your company is concerned that when developers introduce open source libraries, it creates licensing compliance issues.
You need to add an automated process to the build pipeline to detect when common open source libraries are added to the code base.
What should you use?

• A. PDM
• B. OWASPZAP
• C. WhiteSource
• D. Jenkins

Answer: C

NEW QUESTION 5
DRAG DROP
You need to use Azure Automation Sure Configuration to manage the ongoing consistency of virtual machine configurations.
Which five actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in
the correct order.
NOTE: More than one order of answer choices in correct. You writ receive credit for any of the orders you select.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Step 1: Assign the node configuration.
You create a simple DSC configuration that ensures either the presence or absence of the Web-Server Windows Feature (IIS), depending on how you assign nodes. Step 2: Upload a configuration to Azure Automation State Configuration.
You import the configuration into the Automation account. Step 3: Compiling a configuration into a node configuration Compiling a configuration in Azure Automation
Before you can apply a desired state to a node, a DSC configuration defining that state must be compiled into one or more node configurations (MOF document), and placed on the Automation DSC Pull Server.
Step 4: Onboard the virtual machines to Azure State Configuration Onboarding an Azure VM for management with Azure Automation State Configuration
Step 5: Check the compliance status of the node.
Viewing reports for managed nodes. Each time Azure Automation State Configuration performs a consistency check on a managed node, the node sends a status report back to the pull server. You can view these reports on the page for that node.
On the blade for an individual report, you can see the following status information for the corresponding consistency check:
The report status ¡X whether the node is "Compliant", the configuration "Failed", or the node is "Not Compliant" (when the node is in ApplyandMonitor mode and the machine is not in the desired state).
References: https://docs.microsoft.com/en-us/azure/automation/automation-dscgetting- started

NEW QUESTION 6
You need to recommend a Docker container build strategy that meets the following requirements
¡E Minimizes image sues
¡E Minimizes the security surface area of the final image What should you include m the recommendation?

• A. multi-stage builds
• B. single-stage builds
• C. PowerShell Desired State Configuration (DSC)
• D. Docker Swarm

Answer: A

Explanation:
Multi-stage builds are a new feature requiring Docker 17.05 or higher on the daemon and client. Multistage builds are useful to anyone who has struggled to optimize Dockerfiles while keeping them easy to read and maintain. References: https://docs.docker.com/develop/develop-images/multistage-build/

NEW QUESTION 7
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an approval process that contains a condition. The condition requires that releases be approved by a team leader before they are deployed.
You have a policy stating that approvals must occur within eight hours.
You discover that deployment fail if the approvals take longer than two hours. You need to ensure that the deployments only fail if the approvals take longer than eight hours.
Solution: From Pre-deployment conditions, you modify the Time between reevaluation of gates option.
Does this meet the goal?

• A. Yes
• B. No

Answer: A

Explanation:
Gates allow automatic collection of health signals from external services, and then promote the release when all the signals are successful at the same time or stop the deployment on timeout. Typically, gates are used in connection with incident management, problem management, change management, monitoring, and external approval systems.
References: https://docs.microsoft.com/enus/ azure/devops/pipelines/release/approvals/gates
Approvals and gates give you additional control over the start and completion of the deployment pipeline. Each stage in a release pipeline can be configured with predeployment and post-deployment conditions that can include waiting for users to
manually approve or reject deployments, and checking with other automated systems until specific conditions are verified.

NEW QUESTION 8
Note: This question Is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to ft. As a result these questions will not appear in the review screen.
You company has a prefect in Azure DevOps for a new web application. You need to ensure that when code is checked in, a build runs automatically.
Solution: From the Triggers tab of the build pipeline, you selected Batch changes while a build is in progress
Does this meet the goal?

• A. Yes
• B. No

Answer: B

NEW QUESTION 9
Note: This question n part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution
After you answer a question in this section, you will NOT be able to return to it. As a result these questions will not appear in the review screen.
You have an approval process that contains a condition. The condition requires that releases be approved by a team leader before they are deployed.
You have a policy stating that approvals must occur within eight hours.
You discover that deployments fail if the approvals lake longer than two hours. You need to ensure that the deployments only fail if the approvals take longer than eight hours.
Solution: From Pre-deployment conditions, you modify the Timeout setting for predeployment approvals.
Does this meet the goal?

• A. Yes
• B. No

Answer: B

Explanation:
Use a gate instead of an approval instead.
References: https://docs.microsoft.com/enus/ azure/devops/pipelines/release/approvals/gates

NEW QUESTION 10
HOTSPOT
Your company is creating a suite of three mobile applications.
You need to control access to the application builds. The solution must be managed at the organization level
What should you use? To answer, select the appropriate options m the answer area. NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Box 1: Microsoft Visual Studio App Center distribution Groups
Distribution Groups are used to control access to releases. A Distribution Group represents a set of users that can be managed jointly and can have common access to releases. Example of Distribution Groups can be teams of users, like the QA Team or External Beta Testers or can represent stages or rings of releases, such as Staging.
Box 2: Shared
Shared distribution groups are private or public distribution groups that are shared across multiple apps in a single organization. Shared distribution groups eliminate the need to replicate distribution groups across multiple apps.
Note: With the Deploy with App Center Task in Visual Studio Team Services, you can deploy your apps from Azure DevOps (formerly known as VSTS) to App Center. By deploying to App Center, you will be able to distribute your builds to your users. References: https://docs.microsoft.com/en-us/appcenter/distribution/groups

NEW QUESTION 11
Your company has an on-premises Bitbucket Server that is used for Git-based source control. The server is protected by a firewall that blocks inbound Internet traffic.
You plan to use Azure DevOps to manage the build and release processes Which two components are required to integrate Azure DevOps and Bitbucket? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one port.

• A. an External Git service connection
• B. a Microsoft hosted agent
• C. service hooks
• D. a self- hosted agent
• E. a deployment M group

Answer: AD

Explanation:
When a pipeline uses a remote, 3rd-party repository host such as Bitbucket Cloud, the repository is configured with webhooks that notify Azure Pipelines Server or TFS when code has changed and a build should be triggered. Since on-premises installations are normally protected behind a firewall, 3rd-party webhooks are unable to reach the on-premises server. As a workaround, you can use the External Git repository type which uses polling instead of webhooks to trigger a build when code has changed.
References: https://docs.microsoft.com/enus/ azure/devops/pipelines/repos/pipeline-options-for

NEW QUESTION 12
DRAG DROP
Your company has four projects. The version control requirements for each project are shown in the following table.

You plan to use Azure Repos for all the projects.
Which version control system should you use for each project? To answer, drag the appropriate version control systems to the correct projects. Each version control system may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Box 1: Team Foundation Version Control
TFVC lets you apply granular permissions and restrict access down to a file level. Box 2: Git
Git is the default version control provider for new projects. You should use Git for version control in your projects unless you have a specific need for centralized version control features in TFVC.
Box 3: Subversion
Note: Xcode is an integrated development environment (IDE) for macOS containing a suite of software development tools developed by Apple
Box 4: Git
Note: Perforce: Due to its multitenant nature, many groups can work on versioned files. The server tracks changes in a central database of MD5 hashes of file content, along with descriptive meta data and separately retains a master repository of file versions that can be verified through the hashes.
References: https://searchitoperations.techtarget.com/definition/Perforce-Software
https://docs.microsoft.com/en-us/azure/devops/repos/git/share-your-code-in-gitxcode https://docs.microsoft.com/en-us/azure/devops/repos/tfvc/overview

NEW QUESTION 13
You have a brand policy in a project in Azure DevOps. The policy requires that code always builds successfully.
You need to ensure that a specific user can always merge change to the master branch, even if the code fails to compile. The solution must use the principle of least privilege.
What should you do?

• A. From the Security setting of the repository, modify the access control tor the user.
• B. From the Security settings of the branch, modify the access control for the user.
• C. Add the user to the Build Administrators group,
• D. Add the user to the Project Administrators group

Answer: B

Explanation:
In some cases, you need to bypass policy requirements so you can push changes to the branch directly or complete a pull request even if branch policies are not satisfied. For these situations, grant the desired permission from the previous list to a user or group. You can scope this permission to an entire project, a repo, or a single branch. Manage this permission along the with other Git permissions. References: https://docs.microsoft.com/en-us/azure/devops/repos/git/branchpolicies

NEW QUESTION 14
Your company builds a multi tier web application.
>You use Azure DevOps and host the production application on Azure virtual machines.
Your team prepares an Azure Resource Manager template of the virtual machine that you mil use to test new features.
You need to create a staging environment in Azure that meets the following requirements:
¡E Minimizes the cost of Azure hosting
¡E Provisions the virtual machines automatically
¡E Use* the custom Azure Resource Manager template to provision the virtual machines
What should you do?

• A. In Azure DevOps, configure new tasks in the release pipeline to create and delete the virtual machines m Azure DevTest Labs.
• B. From Azure Cloud Shell, run Azure PowerShell commands to create and delete the new virtual machines in a staging resource group.
• C. In Azure DevOps, configure new tasks in the release pipeline to deploy to Azure Cloud Services.
• D. In Azure Cloud Shell, run Azure CLI commands to create and delete the new virtual machines in a staging resource group.

Answer: A

Explanation:
You can use the Azure DevTest Labs Tasks extension that's installed in Azure DevOps to easily integrate your CI/CD build-and-release pipeline with Azure DevTest Labs. The extension installs three tasks:
„hCreate a VM
„hCreate a custom image from a VM
„hDelete a VM
The process makes it easy to, for example, quickly deploy a "golden image" for a specific test task and then delete it when the test is finished.
References: https://docs.microsoft.com/en-us/azure/lab-services/devtest-labintegrate- ci-cd-vsts

NEW QUESTION 15
Your company creates a web application.
You need to recommend a solution that automatically sends to Microsoft Teams a dairy summary of the exceptions that occur m the application.
Which two Azure services should you recommend? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

• A. Microsoft Visual Studio App Center
• B. Azure DevOps Project
• C. Azure Logic Apps
• D. Azure Pipelines
• E. Azure Application Insights

Answer: CE

Explanation:
References:
https://docs.microsoft.com/en-us/azure/azure-monitor/app/asp-net-exceptions https://docs.microsoft.com/en-us/azure/azure-monitor/app/automate-custom-reports

NEW QUESTION 16
DRAG DROP
You need to implement the code flow strategy for Project2 in Azure DevOps. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange in the correct order.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Step 1: Create a repository
A Git repository, or repo, is a folder that you've told Git to help you track file changes in. You can have any number of repos on your computer, each stored in their own folder.
Step 2: Create a branch
Branch policies help teams protect their important branches of development. Policies enforce your team's code quality and change management standards. Step 3: Add a build validation policy
When a build validation policy is enabled, a new build is queued when a new pull request is created or when changes are pushed to an existing pull request targeting this branch. The build policy then evaluates the results of the build to determine whether the pull request can be completed.
Scenario:
Implement a code flow strategy for Project2 that will: Enable Team2 to submit pull requests for Project2.
Enable Team2 to work independently on changes to a copy of Project2.
Ensure that any intermediary changes performed by Team2 on a copy of Project2
will be subject to the same restrictions as the ones defined in the build policy of Project2.

References: https://docs.microsoft.com/en-us/azure/devops/repos/git/manage-yourbranches

NEW QUESTION 17
DRAG DROP
You need to recommend project metrics for dashboards in Azure DevOps. Which chart widgets should you recommend for each metric? To answer, drag the
appropriate chart widgets to the correct metrics. Each chart widget may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

Box 1: Lead time
Lead time measures the total time elapsed from the creation of work items to their completion.
Box 2: Cycle time
Cycle time measures the time it takes for your team to complete work items once they begin actively working on them.
Box 3: Burndown
Burndown charts focus on remaining work within a specific time period. Incorrect Answers:
Velocity provides a useful metric for these activities: Support sprint planning
Forecast future sprints and the backlog items that can be completed
A guide for determining how well the team estimates and meets their planned
commitments References:
https://docs.microsoft.com/en-us/azure/devops/report/dashboards/velocityguidance? view=vsts
https://docs.microsoft.com/en-us/azure/devops/report/dashboards/cycle-time-andlead- time?view=vsts
https://docs.microsoft.com/en-us/azure/devops/report/dashboards/configureburndown- burnup-widgets?view=vsts

NEW QUESTION 18
You use Azure SQL Database Intelligent Insights and Azure Application Insights foe monitoring.
You need to write ad-hoc Queries against the monitoring data. Which Query language should you use?

• A. PL/pgSQL
• B. Transact-SQL
• C. Azure Log Analytics
• D. PL/SQL

Answer: C

Explanation:
Data analysis in Azure SQL Analytics is based on Log Analytics language for your custom querying and reporting.
References: https://docs.microsoft.com/en-us/azure/azure-monitor/insights/azure-sql

NEW QUESTION 19
HOTSPOT
Your company uses Team Foundation Server 2013 (TFS 2013). You plan to migrate to Azure DevOps.
You need to recommend a migration strategy that meets the following requirements:
„hPreserves the dates of Team Foundation Version Control changesets
„hPreserves the changes dates of work items revisions
„hMinimizes migration effort
„hMigrates all TFS artifacts
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Box 1: Upgrade TFS to the most recent RTM release.
One of the major prerequisites for migrating your Team Foundation Server database is to get your database schema version as close as possible to what is currently deployed in Azure Devops Services.
Box 2: Use the TFS Database Import Service
In Phase 3 of your migration project, you will work on upgrading your Team Foundation Server to one of the supported versions for the Database Import Service in Azure Devops Services.
References: Team Foundation Server to Azure Devops Services Migration Guide

NEW QUESTION 20
unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution
After you answer a question in this section, you will NOT be able to return to it. As a result these questions will not appear in the review screen.
You integrate a cloud-hosted Jenkins server and a new Azure DevOps deployment. You need Azure DevOps to send a notification to Jenkins when a developer commits
changes to a branch in Azure Repos.
Solution: You create a service hook subscription that uses the build completed event Does this meet the goal?

• A. Yes
• B. No

Answer: A

NEW QUESTION 21
Your company deploys applications m Docket containers.
You want to detect known explogts in the Docket images used to provision the Docker containers.
You need to integrate image scanning into the application lifecycle. The solution must expose the explogts as early as possible during the application lifecycle. What should you configure?

• A. a task executed in the continuous deployment pipeline and a scheduled task against a running production container.
• B. a task executed in the continuous integration pipeline and a scheduled task that analyzes the production container.
• C. a task executed in the continuous integration pipeline and a scheduled task that analyzes the image registry
• D. manual tasks performed during the planning phase and the deployment phase

Answer: C

Explanation:
You can use the Docker task to sign into ACR and then use a subsequent script to pull an image and scan the container image for vulnerabilities.
Use the docker task in a build or release pipeline. This task can be used with Docker
or Azure Container registry.
References: https://docs.microsoft.com/en-us/azure/devops/articles/securityvalidation- cicd-pipeline?view=vsts

NEW QUESTION 22
......