Microsoft AZ-400 Exam Practice Test Instant Access

Question 1

You need to execute inline testing of an Azure DevOps pipeline that uses a Docker deploymentmodel. The solution must prevent the results from being published to the pipeline.

What should you use for the inline testing?

Aa single stage Dockerfile

Ban Azure Kubernetes Service (AKS) pod

Ca multi-stage Dockerfile

Da Docker Compose file

Answer : D

'Build and test with a multi-stage Dockerfile: build and tests execute inside the container using a multi-stage Docker file, as such test results are not published back to the pipeline.'https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/test/publish-test-results?view=azure-devops&tabs=trx%2Cyaml

Question 2

Your company creates a web application.

You needto recommend a solution that automatically sends to Microsoft Teams a daily summary of the exceptions that occur in the application.

Which two Azure services should you recommend? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

AAzure Logic Apps

BAzure Pipelines

CMicrosoft Visual Studio App Center

DAzure DevOps Project

EAzure Application Insights

Answer : A, E

E: Exceptions in your live web app are reported by Application Insights.

Note: Periodical reports help keep a team informed on how their business critical services are doing. Developers, DevOps/SRE teams, and their managers can be productive with automated reports reliably

delivering insights without requiring everyone to signin the portal. Such reports can also help identify gradual increases in latencies, load or failure rates that may not trigger any alert rules.

A: You can programmatically query Application Insights data to generate custom reports on a schedule. The following options can help you get started quickly:

Automate reports with Microsoft Flow

Automate reports with Logic Apps

https://docs.microsoft.com/en-us/azure/azure-monitor/app/asp-net-exceptions

https://docs.microsoft.com/en-us/azure/azure-monitor/app/automate-custom-reports

Question 3

Your company develops an application named App1 that is deployed in production.

As part of an application update, a new service is being added to App1. The new service requires access to an application named App2 that is currently in development.

You need to ensure that you can deploy the update to App1 before App2 becomes available. You mustbe able to enable the service in App1 once App2 is deployed.

What should you do?

ACreate a branch in the build.

BImplement a branch policy.

CCreate a fork in the build.

DImplement a feature flag.

Answer : D

https://docs.microsoft.com/en-us/azure/devops/migrate/phase-features-with-feature-flags

Question 4

You have an existing project in Azure DevOps.

You plan to integrate GitHub as the repository for the project

You need to ensure that Azure Pipelines runs under the Azure Pipelines identity

Which authentication mechanism should you use?

AGitHubApp

BOAuth

Cpersonal access token (PAT)

DAzure Active Directory (Azure AD)

Answer : A

GitHub App uses the Azure Pipelines identity.

https://docs.microsoft.com/en-us/azure/devops/pipelines/repos/github

Question 5

: 213

You have an Azure subscription that contains an Azure Active Directory (Azure AD) tenant.

You are configuring a build pipeline in Azure Pipelines that will include a task named Task1. Task1 will authenticate by using an Azure AD service principal.

Which three values should you configure for Task1? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Athe object ID

Bthe tenant ID

Cthe app ID

Dthe client secret

Ethe subscription ID

Answer : B, C, D

https://docs.microsoft.com/en-us/azure/devops/pipelines/library/connect-to-azure

Question 6

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution thatmight meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions willnot appear in the review screen.

You manage a project in Azure DevOps.

You need to prevent the configuration of the project from changing over time.

Solution: Implement Continuous Assurance for the project.

Does this meet the goal?

AYes

BNo

Answer : A

The basic idea behind Continuous Assurance (CA) is to setup the ability to check for 'drift' from what is considered a secure snapshot of a system. Support for Continuous Assurance lets us treat security truly as a 'state' as opposed to a'point in time' achievement. This is particularly important in today's context when 'continuous change' has become a norm.

There can be two types of drift:

Drift involving 'baseline' configuration: This involves settings that have a fixed number of possible states (often pre-defined/statically determined ones). For instance, a SQL DB can have TDE encryption turned ON or OFF...or a Storage Account may have auditing turned ON however the log retention period may be less than 365 days.

Drift involving 'stateful' configuration: There are settings which cannot be constrained within a finite set of well-known states. For instance, the IP addresses configured to have access to a SQL DB can be any (arbitrary) set of IP addresses. In such scenarios, usually human judgment is initially required to determine whether a particular configuration should be considered 'secure' or not. However, once that is done, it is important to ensure that there is no 'stateful drift' from the attested configuration. (E.g., if, in a troubleshooting session, someone adds the IP address of a developer machine to the list, the Continuous Assurance feature should be able to identify the drift and generate notifications/alerts or even trigger 'auto-remediation' depending on the severity of thechange).

https://azsk.azurewebsites.net/04-Continous-Assurance/Readme.html

Question 7

SIMULATION

Task 11

You need to create a new artifact feed named artifact_feed.

Only 10 versions of the packages must be retained, and downloaded packages must be retained for 90 days.

ASee explanation below

Answer : A

Task 11: Create an Artifact Feed with Specific Retention Policies

Step 1: Navigate to Artifacts

In your Azure DevOps Project (Project1), click on the Artifacts section in the left menu.

Step 2: Create a New Feed

Click on the + New feed button.

In the Name field, enter:

nginx

Copy

artifact_feed

Choose the visibility of the feed:

Project scoped (only accessible to Project1).

Or Organization scoped (accessible across your Azure DevOps organization).

Leave other settings at default unless you have specific permissions or upstream sources.

Click Create.

This creates a new feed named artifact_feed.

Step 3: Configure Retention Policies

In the Artifacts section, click on the feed named artifact_feed to open its details page.

In the top-right corner, click on the three dots (...) and select Feed settings.

Step 4: Set the Maximum Number of Versions to Retain

In the Feed settings page, find the Retention policies section.

Set Maximum number of versions per package to:

Copy

Click Save.

This ensures that only the latest 10 versions of any package are retained in the feed.

Step 5: Set the Downloaded Package Retention Period

In the Feed settings page, under Retention policies, find Downloaded package retention.

Set Number of days to retain downloaded packages to:

Copy

Click Save.

This ensures that downloaded packages will be retained in the cache for 90 days before deletion.

Microsoft Designing and Implementing Microsoft DevOps Solutions AZ-400 Exam Practice Test