December/2019 Braindump2go AZ-400 Dumps with PDF and VCE New Updated Today! Following are some new AZ-400 Exam Questions,
New Question
Note: This question is part of a ser les of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question m this section, you will NOT be able to return to it As a result, these questions will not appear m the review screen
You integrate a cloud-hosted Jenkins server and a new Azure Dev Ops deployment.
You need Azure Dev Ops lo send a notification to Jenkins when a developer commits changes to a branch in Azure Repos.
Solution: You create an email subscription to an Azure DevOps notification.
Does this meet the goal?
A. Yes
B. NO
Answer: B
Explanation:
You can create a service hook for Azure DevOps Services and TFS with Jenkins.
References:
https://docs.microsoft.com/en-us/azure/devops/service-hooks/services/jenkins
New Question
Your company develops an app for OS. All users of the app have devices that are members of a private distribution group in Microsoft Visual Studio App Center.
You plan to distribute a new release of the app.
You need to identify which certificate file you require to distribute the new release from App Center.
Which file type should you upload to App Center?
A. .cer
B. .pvk
C. .pfx
D. .p12
Answer: D
Explanation:
A successful IOS device build will produce an ipa file. In order to install the build on a device, it needs to be signed with a valid provisioning profile and certificate. To sign the builds produced from a branch, enable code signing in the configuration pane and upload a provisioning profile (.mobileprovision) and a valid certificate (.p12), along with the password for the certificate.
References:
https://docs.microsoft.com/en-us/appcenter/build/xamarin/ios/
New Question
Your company hosts a web application in Azure. The company uses Azure Pipelines for the build and release management of the application.
Stakeholders report that the past few releases have negatively affected system performance.
You configure alerts in Azure Monitor.
You need to ensure that new releases are only deployed to production if the releases meet defined performance baseline criteria in the staging environment first
What should you use to prevent the deployment of releases that fail to meet the performance baseline?
A. a trigger
B. an Azure function
C. a gate
D. an Azure Scheduler job
Answer: C
Explanation:
Scenarios and use cases for gates include:
Quality validation. Query metrics from tests on the build artifacts such as pass rate or code coverage and deploy only if they are within required thresholds.
Use Quality Gates to integrate monitoring into your pre-deployment or post-deployment. This ensures that you are meeting the key health/performance metrics (KPIs) as your applications move from dev to production and any differences in the infrastructure environment or scale is not negatively impacting your KPIs.
Note: Gates allow automatic collection of health signals from external services, and then promote the release when all the signals are successful at the same time or stop the deployment on timeout. Typically, gates are used in connection with incident management, problem management, change management, monitoring, and external approval systems.
References:
https://docs.microsoft.com/en-us/azure/azure-monitor/continuous-monitoring
https://docs.microsoft.com/en-us/azure/devops/pipelines/release/approvals/gates?view=azure-devops
New Question
Your company is building a mobile app that targets Android devices and OS devices. Your team uses Azure DevOps to manage all work items and release cycles. You need to recommend a solution to perform the following tasks
– Collect crash reports for issue analysis
– Distribute beta releases to your testers.
– Get user feedback on the functionality of new apps.
What should you include in the recommendation?
A. Jenkins integration
B. Azure Application Insights widgets
C. the Microsoft Test & Feedback extension
D. Microsoft Visual Studio App Center integration
Answer: C
Explanation:
The “Exploratory Testing” extension is now “Test & Feedback” and is now Generally Available.
Anyone can now test web apps and give feedback, all directly from the browser on any platform: Windows, Mac, or Linux. Available for Google Chrome and Mozilla Firefox (required version 50.0 or above) currently. Support for Microsoft Edge is in the pipeline and will be enabled once Edge moves to a Chromium-compatible web platform.
References:
https://marketplace.visualstudio.com/items?itemName=ms.vss-exploratorytesting-web
New Question
Your company is building a new solution in Java.
The company currently uses a SonarQube server to analyze the code of .NET solutions.
You need to analyze and monitor the code quality of the Java solution.
Which task types should you add to the build pipeline?
A. Octopus
B. Chef
C. Maven
D. Grunt
Answer: C
Explanation:
SonarQube is a set of static analyzers that can be used to identify areas of improvement in your code. It allows you to analyze the technical debt in your project and keep track of it in the future. With Maven and Gradle build tasks, you can run SonarQube analysis with minimal setup in a new or existing Azure DevOps Services build task.
References:
https://docs.microsoft.com/en-us/azure/devops/java/sonarqube?view=azure-devops
New Question
Your company has a project in Azure DevOps.
You need to ensure that when there are multiple builds pending deployment only the most recent build is deployed.
What should you use?
A. deployment queue settings
B. deployment conditions
C. release gates
D. pull request triggers
Answer: A
Explanation:
The options you can choose for a queuing policy are:
Number of parallel deployments
If you specify a maximum number of deployments, two more options appear:
– Deploy all in sequence
– Deploy latest and cancel the others: Use this option if you are producing releases faster than builds, and you only want to deploy the latest build.
References:
https://docs.microsoft.com/en-us/azure/devops/pipelines/process/stages?tabs=classic&view=azure-devops#queuing-policies
New Question
Your company develops a client banking application that processes a large volume of data.
Code quality is an ongoing issue for the company. Recently, the code quality has deteriorated because of an increase in time pressure on the development team.
You need to implement static code analysis.
During which phase should you use static code analysis?
A. build
B. production release
C. staging
D. integration testing
Answer: D
Explanation:
The Secure Development Lifecycle (SDL) Guidelines recommend that teams perform static analysis during the implementation phase of their development cycle.
Note: The company should focus in particular on the implementation of DevOps tests to assess the quality of the software from the planning stage to the implementation phase of the project.
References:
https://secdevtools.azurewebsites.net/
New Question
You have a GitHub repository.
You create a new repository in Azure DevOps.
You need to recommend a procedure to clone the repository from GitHub to Azure DevOps.
What should you recommend?
A. Create a webhook.
B. Create a service connection for GitHub.
C. From Import a Git repository, click Import
D. Create a pull request.
E. Create a personal access token in Azure DevOps.
Answer: C
Explanation:
You can import an existing Git repo from GitHub, Bitbucket, GitLab, or other location into a new or empty existing repo in your project in Azure DevOps.
Import into a new repo
1. Select Repos, Files.
2. From the repo drop-down, select Import repository.
3. If the source repo is publicly available, just enter the clone URL of the source repository and a name for your new Git repository.
References:
https://docs.microsoft.com/en-us/azure/devops/repos/git/import-git-repository?view=azure-devops
New Question
Your company is concerned that when developers introduce open source libraries, it creates licensing compliance issues.
You need to add an automated process to the build pipeline to detect when common open source libraries are added to the code base.
What should you use?
A. PDM
B. OWASPZAP
C. WhiteSource
D. Jenkins
Answer: C
Explanation:
WhiteSource is the leader in continuous open source software security and compliance management. WhiteSource integrates into your build process, irrespective of your programming languages, build tools, or development environments. It works automatically, continuously, and silently in the background, checking the security, licensing, and quality of your open source components against WhiteSource constantly-updated deļ¬nitive database of open source repositories.
Azure DevOps integration with WhiteSource Bolt will enable you to:
1. Detect and remedy vulnerable open source components.
2. Generate comprehensive open source inventory reports per project or build.
3. Enforce open source license compliance, including dependenciesā licenses.
4. Identify outdated open source libraries with recommendations to update.
Note: Black duck would also be a good answer, but it is not an option here.
References: https://www.azuredevopslabs.com/labs/vstsextend/WhiteSource/
New Question
Your company has a project in Azure DevOps for a new application. The application will be deployed to several Azure virtual machines that run Windows Server 2016.
You need to recommend a deployment strategy for the virtual machines. The strategy must meet the following requirements:
– Ensure that the virtual machines maintain a consistent configuration.
– Minimize administrative effort to configure the virtual machines
What should you include in the recommendation?
A. Deployment YAML and Azure pipeline stage templates
B. Azure Resource Manager templates and the Custom Script Extension for Windows
C. Azure Resource Manager templates and the PowerShell Desired State Configuration (DSC) extension
for Windows
D. Deployment YAML and Azure pipeline deployment groups\
Answer: C
Explanation:
The Custom Script Extension downloads and executes scripts on Azure virtual machines. This extension is useful for post deployment configuration, software installation, or any other configuration or management tasks. Scripts can be downloaded from Azure storage or GitHub, or provided to the Azure portal at extension run time. The Custom Script Extension integrates with Azure Resource Manager templates, and can be run using the Azure CLI, PowerShell, Azure portal, or the Azure Virtual Machine REST API.
Incorrect Answers:
B: YAML doesn’t work with Azure pipeline deployment groups.
References:
https://docs.microsoft.com/en-us/azure/virtual-machines/extensions/custom-script-windows
New Question
Drag and Drop Question
You are implementing a package management solution for a Node.js application by using Azure Artifacts.
You need to configure the development environment to connect to the package repository. The solution must minimize the likelihood that credentials will be leaked. Which file should you use to configure each connection? To answer, drag the appropriate files to the correct connections. Each file may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
All Azure Artifacts feeds require authentication, so you’ll need to store credentials for the feed before you can install or publish packages. npm uses .npmrc configuration files to store feed URLs and credentials. Azure DevOps Services recommends using two .npmrc files.
Feed registry information: The .npmrc file in the project
One .npmrc should live at the root of your git repo adjacent to your project’s package.json. It should contain a “registry” line for your feed and it should not contain credentials since it will be checked into git.
Credentials: The .npmrc file in the user’s home folder
On your development machine, you will also have a .npmrc in $home for Linux or Mac systems or $env.HOME for win systems. This .npmrc should contain credentials for all of the registries that you need to connect to. The NPM client will look at your project’s .npmrc, discover the registry, and fetch matching credentials from $home/.npmrc or $env.HOME/.npmrc.
References:
https://docs.microsoft.com/en-us/azure/devops/artifacts/npm/npmrc?view=azure-devops&tabs=windows
1.|2019 Latest Braindump2go AZ-400 Exam Dumps (VCE & PDF) Instant Download:
https://www.braindump2go.com/az-400.html
2.|2019 Latest Braindump2go AZ-400 Exam Questions & Answers Instant Download:
https://drive.google.com/drive/folders/1kLhX5N_Pt_noAKZD50xUpnSEA5Tt62TZ?usp=sharing