[March-2023]Free Downloading AZ-400 Dumps in Braindump2go[Q209-Q250]

March/2023 Latest Braindump2go AZ-400 Exam Dumps with PDF and VCE Free Updated Today! Following are some new AZ-400 Real Exam Questions!

QUESTION 209
You use Azure Pipelines to manage project builds and deployments.
You plan to use Azure Pipelines for Microsoft Teams to notify the legal team when a new build is ready for release.
You need to configure the Organization Settings in Azure DevOps to support Azure Pipelines for Microsoft Teams.
What should you turn on?

A. Third-party application access via OAuth
B. Azure Active Directory Conditional Access Policy Validation
C. Alternate authentication credentials
D. SSH authentication

Answer: A
Explanation:
The Azure Pipelines app uses the OAuth authentication protocol, and requires Third-party application access via OAuth for the organization to be enabled.
To enable this setting, navigate to Organization Settings > Security > Policies, and set the Third-party application access via OAuth for the organization setting to On.
Reference:
https://docs.microsoft.com/en-us/azure/devops/pipelines/integrations/microsoft-teams

QUESTION 210
Your company implements an Agile development methodology.
You plan to implement retrospectives at the end of each sprint.
Which three questions should you include? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. Who performed well?
B. Who should have performed better?
C. What could have gone better?
D. What went well?
E. What should we try next?

Answer: CDE
Explanation:
During the Sprint Retrospective, the team discusses:
What went well in the Sprint
What could be improved
What will we commit to improve in the next Sprint
https://www.scrum.org/resources/what-is-a-sprint-retrospective

QUESTION 211
Your company uses Azure Artifacts for package management.
You need to configure an upstream source in Azure Artifacts for Python packages.
Which repository type should you use as an upstream source?

A. npmjs.org
B. PyPI
C. Maven Central
D. third-party trusted Python

Answer: B
Explanation:
Get started with Python packages in Azure Artifacts
Create a feed
1. Select Artifacts (in the left navigation of your Azure DevOps project).
2. On the Artifacts page, select Create Feed.
3. In the Create new feed dialog box:
4. In the Name field, give the feed a name.
PyPI is the default repository name for twine, which is a tool for publishing Python packages.
Reference:
https://docs.microsoft.com/en-us/azure/devops/artifacts/quickstarts/python-packages

QUESTION 212
Your company uses Azure DevOps to manage the build and release processes for applications.
You use a Git repository for applications source control.
You plan to create a new branch from an existing pull request. Later, you plan to merge the new branch and the target branch of the pull request.
You need to use a pull request action to create the new branch. The solution must ensure that the branch uses only a portion of the code in the pull request.
Which pull request action should you use?

A. Set as default branch
B. Approve with suggestions
C. Cherry-pick
D. Reactivate
E. Revert

Answer: C
Explanation:
Cherry-pick a pull request
To copy changes made in a pull request to another branch in your repo, follow these steps:
1. In a completed pull request, select Cherry-pick, or for an active pull request, select Cherry-pick from the … menu. Cherry-picking a pull request in this way creates a new branch with the copied changes.
Merge into a target branch in a second pull request.
2. In Target branch, enter the branch you want to merge the copied changes.
3. In Topic branch name, enter a new branch to contain the copied changes, then select Cherry-pick.
4. Select Create pull request to merge the topic branch into the target branch to complete the cherry-pick.
Reference:
https://docs.microsoft.com/en-us/azure/devops/repos/git/pull-requests

QUESTION 213
You have an Azure DevOps organization named Contoso that contains a project named Project1.
You provision an Azure key vault named Keyvault1.
You need to reference Keyvault1 secrets in a build pipeline of Project1.
What should you do first?

A. Add a secure file to Project1.
B. Create an XAML build service.
C. Create a variable group in Project1.
D. Configure the security policy of Contoso.

Answer: C
Explanation:
Variable groups store values and secrets that you might want to be passed into a YAML pipeline or make available across multiple pipelines. You can share and use variable groups in multiple pipelines in the same project.
Link an existing Azure key vault to a variable group and map selective vault secrets to the variable group.
Reference:
https://docs.microsoft.com/en-us/azure/devops/pipelines/library/variable-groups?view=azure-devops&tabs=yaml

QUESTION 214
You are designing a build pipeline in Azure Pipelines.
The pipeline requires a self-hosted agent. The build pipeline will run once daily and will take 30 minutes to complete.
You need to recommend a compute type for the agent. The solution must minimize costs.
What should you recommend?

A. an Azure Kubernetes Service (AKS) cluster
B. Azure Container Instances
C. an Azure virtual machine scale set
D. Azure virtual machines

Answer: B
Explanation:
If your pipelines are in Azure Pipelines, then you’ve got a convenient option to run your jobs using a Microsoft-hosted agent. With Microsoft-hosted agents, maintenance and upgrades are taken care of for you. Each time you run a pipeline, you get a fresh virtual machine. The virtual machine is discarded after one use. Microsoft-hosted agents can run jobs directly on the VM or in a container.
Note: You can try a Microsoft-hosted agent for no charge.
Reference:
https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/hosted

QUESTION 215
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You plan to update the Azure DevOps strategy of your company.
You need to identify the following issues as they occur during the company’s development process:
– Licensing violations
– Prohibited libraries
Solution: You implement continuous deployment.
Does this meet the goal?

A. Yes
B. No

Answer: B
Explanation:
Instead implement continuous integration.
Note: WhiteSource is the leader in continuous open source software security and compliance management. WhiteSource integrates into your build process, irrespective of your programming languages, build tools, or development environments. It works automatically, continuously, and silently in the background, checking the security, licensing, and quality of your open source components against WhiteSource constantly-updated definitive database of open source repositories.
Reference:
https://azuredevopslabs.com/labs/vstsextend/whitesource/

QUESTION 216
Your company has an Azure DevOps project.
The source code for the project is stored in an on-premises repository and uses on an on-premises build server.
You plan to use Azure DevOps to control the build process on the build server by using a self-hosted agent.
You need to implement the self-hosted agent.
You download and install the agent on the build server.
Which two actions should you perform next? Each correct answer presents part of the solution.

A. From Azure, create a shared access signature (SAS).
B. From the build server, create a certificate, and then upload the certificate to Azure Storage.
C. From the build server, create a certificate, and then upload the certificate to Azure Key Vault.
D. From DevOps, create a personal access token (PAT).
E. From the build server, run config.cmd.

Answer: DE
Explanation:
After agent is install, we need to execute PS C:\agent> .\config.cmd and we need a PAT.
Reference:
https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/v2-windows?view=azure-devops

QUESTION 217
You have an Azure subscription that contains an Azure Active Directory (Azure AD) tenant.
You are configuring a build pipeline in Azure Pipelines that will include a task named Task1. Task1 will authenticate by using an Azure AD service principal.
Which three values should you configure for Task1? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. the tenant ID
B. the subscription ID
C. the client secret
D. the app ID
E. the object ID

Answer: ABD
Explanation:
Create an Azure Resource Manager service connection with an existing service principal
AB: Enter the information about your service principal into the Azure subscription dialog textboxes:
Tenant ID
Subscription ID
Subscription name
Service principal ID
Either the service principal client key or, if you have selected Certificate, enter the contents of both the certificate and private key sections of the *.pem file.
D: To deploy to a specific Azure resource, the task will need additional data about that resource.
If you’re using the classic editor, select data you need. For example, the App service name.
If you’re using YAML, then go to the resource in the Azure portal, and then copy the data into your code.
For example, to deploy a web app, you would copy the name of the App Service into the WebAppName value.
Reference:
https://docs.microsoft.com/en-us/azure/devops/pipelines/library/connect-to-azure

QUESTION 218
You need to execute inline testing of an Azure DevOps pipeline that uses a Docker deployment model. The solution must prevent the results from being published to the pipeline.
What should you use for the inline testing?

A. a single stage Dockerfile
B. an Azure Kubernetes Service (AKS) pod
C. a multi-stage Dockerfile
D. a Docker Compose file

Answer: C
Explanation:
Build and test with a multi-stage Dockerfile: build and tests execute inside the container using a multi-stage Docker file, as such test results are not published back to the pipeline.
Reference:
https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/test/publish-test-results?view=azure-devops&tabs=trx%2Cyaml

QUESTION 219
You need to configure GitHub to use Azure Active Directory (Azure AD) for authentication.
What should you do first?

A. Create a conditional access policy in Azure AD.
B. Register GitHub in Azure AD.
C. Create an Azure Active Directory B2C (Azure AD B2C) tenant.
D. Modify the Security settings of the GitHub organization.

Answer: B
Explanation:
When you connect to a Git repository from your Git client for the first time, the credential manager prompts for credentials. Provide your Microsoft account or Azure AD credentials.
Note: Git Credential Managers simplify authentication with your Azure Repos Git repositories. Credential managers let you use the same credentials that you use for the Azure DevOps Services web portal.
Credential managers support multi-factor authentication through Microsoft account or Azure Active Directory (Azure AD). Besides supporting multi-factor authentication with Azure Repos, credential managers also support two-factor authentication with GitHub repositories.
Reference:
https://docs.microsoft.com/en-us/azure/devops/repos/git/set-up-credential-managers

QUESTION 220
You have a project in Azure DevOps named Project1. Project1 contains a pipeline that builds a container image named Image1 and pushes Image1 to an Azure container registry named ACR1. Image1 uses a base image stored in Docker Hub.
You need to ensure that Image1 is updated automatically whenever the base image is updated.
What should you do?

A. Enable the Azure Event Grid resource provider and subscribe to registry events.
B. Add a Docker Hub service connection to Azure Pipelines.
C. Create and run an Azure Container Registry task.
D. Create a service hook in Project1.

Answer: C
Explanation:
ACR Tasks supports automated container image builds when a container’s base image is updated, such as when you patch the OS or application framework in one of your base images.
Reference:
https://docs.microsoft.com/en-us/azure/container-registry/container-registry-tutorial-base-image-update

QUESTION 221
You have a free tier of an Azure DevOps organization named Contoso. Contoso contains 10 private projects. Each project has multiple jobs with no dependencies.
You frequently run the jobs on five self-hosted agents but experience long build times and frequently queued builds.
You need to minimize the number of queued builds and the time it takes to run the builds.
What should you do?

A. Configure the pipelines to use the Microsoft-hosted agents.
B. Register additional self-hosted agents.
C. Purchase self-hosted parallel jobs.
D. Purchase Microsoft-hosted parallel jobs.

Answer: C
Explanation:
As the number of queued builds and releases exceeds the number of parallel jobs you have, your build and release queues will grow longer. When you find the queue delays are too long, you can purchase additional parallel jobs as needed.
Reference:
https://docs.microsoft.com/en-us/azure/devops/pipelines/licensing/concurrent-jobs?view=azure-devops&tabs=self-hosted#how-much-do-parallel-jobs-cost

QUESTION 222
You have an Azure DevOps project that contains a build pipeline. The build pipeline uses approximately 50 open source libraries.
You need to ensure that all the open source libraries comply with your company’s licensing standards.
Which service should you use?

A. Ansible
B. Maven
C. WhiteSource Bolt
D. Helm

Answer: C
Explanation:
WhiteSource provides WhiteSource Bolt, a lightweight open source security and management solution
developed specifically for integration with Azure DevOps and Azure DevOps Server.
Note: WhiteSource is the leader in continuous open source software security and compliance management. WhiteSource integrates into your build process, irrespective of your programming languages, build tools, or development environments. It works automatically, continuously, and silently in the background, checking the security, licensing, and quality of your open source components against WhiteSource constantly-updated definitive database of open source repositories.
Note: Blackduck would also be a good answer, but it is not an option here.
Reference:
https://www.azuredevopslabs.com/labs/vstsextend/whitesource/

QUESTION 223
Your company develops an application named App1 that is deployed in production.
As part of an application update, a new service is being added to App1. The new service requires access to an application named App2 that is currently in development.
You need to ensure that you can deploy the update to App1 before App2 becomes available. You must be able to enable the service in App1 once App2 is deployed.
What should you do?

A. Implement a feature flag.
B. Create a fork in the build.
C. Create a branch in the build.
D. Implement a branch policy.

Answer: A
Explanation:
Feature flags support a customer-first DevOps mindset, to enable (expose) and disable (hide) features in a solution, even before they are complete and ready for release.
Incorrect Answers:
C: Branch policies are an important part of the Git workflow and enable you to:
Isolate work in progress from the completed work in your master branch
Guarantee changes build before they get to master
Reference:
https://docs.microsoft.com/en-us/azure/devops/migrate/phase-features-with-feature-flags

QUESTION 224
You are designing the security validation strategy for a project in Azure DevOps.
You need to identify package dependencies that have known security issues and can be resolved by an update.
What should you use?

A. Octopus Deploy
B. Jenkins
C. Gradle
D. SonarQube

Answer: D
Explanation:
SonarQube is an open-source platform developed by SonarSource for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities on 20+ programming languages.

QUESTION 225
You have a private distribution group that contains provisioned and unprovisioned devices.
You need to distribute a new iOS application to the distribution group by using Microsoft Visual Studio App Center.
What should you do?

A. Generate a new .p12 file for each device.
B. Create an unsigned build.
C. Register the devices on the Apple Developer portal.
D. Create an active subscription in App Center Test.

Answer: C
Explanation:
When releasing an iOS app signed with an ad-hoc or development provisioning profile, you must obtain tester’s device IDs (UDIDs), and add them to the provisioning profile before compiling a release. When you enable the distribution group’s Automatically manage devices setting, App Center automates the before mentioned operations and removes the constraint for you to perform any manual tasks. As part of automating the workflow, you must provide the user name and password for your Apple ID and your production certificate in a .p12 format.
App Center starts the automated tasks when you distribute a new release or one of your testers registers a new device. First, all devices from the target distribution group will be registered, using your Apple ID, in your developer portal and all provisioning profiles used in the app will be generated with both new and existing device ID. Afterward, the newly generated provisioning profiles are downloaded to App Center servers.
Reference:
https://docs.microsoft.com/en-us/appcenter/distribution/groups

QUESTION 226
Your company uses the following resources:
– Windows Server 2019 container images hosted in an Azure Container Registry.
– Azure virtual machines that run the latest version of Ubuntu
– An Azure Log Analytics workspace
– Azure Active Directory (Azure AD)
– An Azure key vault
For which two resources can you receive vulnerability assessments in Azure Security Center? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. the Azure Log Analytics workspace
B. the Azure key vault
C. the Azure virtual machines that run the latest version of Ubuntu
D. Azure Active Directory (Azure AD)
E. The Windows Server 2019 container images hosted in the Azure Container Registry.

Answer: CE
Explanation:
Follow recommendations from Azure Security Center on performing vulnerability assessments on your Azure virtual machines, container images, and SQL servers.
Security Center also offers vulnerability analysis for your:
SQL databases – see Explore vulnerability assessment reports in the vulnerability assessment dashboard
Azure Container Registry images – see Use Azure Defender for container registries to scan your images for vulnerabilities
Reference:
https://docs.microsoft.com/en-us/azure/security-center/features-paas
https://docs.microsoft.com/en-us/security/benchmark/azure/security-control-vulnerability-management
https://docs.microsoft.com/en-us/azure/security-center/deploy-vulnerability-assessment-vm

QUESTION 227
You have a private project in Azure DevOps.
You need to ensure that a project manager can create custom work item queries to report on the project’s progress. The solution must use the principle of least privilege.
To which security group should you add the project manager?

A. Reader
B. Project Collection Administrators
C. Project Administrators
D. Contributor

Answer: D
Explanation:
Contributors have permissions to contribute fully to the project code base and work item tracking. The main permissions they don’t have or those that manage or administer resources.
Reference:
https://docs.microsoft.com/en-us/azure/devops/organizations/security/permissions

QUESTION 228
You use Azure Pipelines to manage build pipelines, GitHub to store source code, and Dependabot to manage dependencies.
You have an app named App1.
Dependabot detects a dependency in App1 that requires an update.
What should you do first to apply the update?

A. Create a pull request.
B. Approve the pull request.
C. Create a branch.
D. Perform a commit.

Answer: B
Explanation:
DependaBot is a useful tool to regularly check for dependency updates. By helping to keep your project up to date, DependaBot can reduce technical debt and immediately apply security vulnerabilities when patches are released. How does DependaBot work?
1. DependaBot regularly checks dependencies for updates
2. If an update is found, DependaBot creates a new branch with this upgrade and Pull Request for approval
3. You review the new Pull Request, ensure the tests passed, review the code, and decide if you can merge the change
Reference:
https://samlearnsazure.blog/2019/12/20/github-using-dependabot/

QUESTION 229
You are integrating Azure Pipelines and Microsoft Teams.
You install the Azure Pipelines app in Microsoft Teams.
You have an Azure DevOps organization named Contoso that contains a project name Project1.
You subscribe to Project1 in Microsoft Teams.
You need to ensure that you only receive events about failed builds in Microsoft Teams.
What should you do first?

A. From Microsoft Teams, run @azure pipelines subscribe https://dev.azure.com/Contoso/Project1.
B. From Azure Pipelines, add a Publish Build Artifacts task to Project1.
C. From Microsoft Teams, run @azure pipelines subscriptions.
D. From Azure Pipelines, enable continuous integration for Project1.

Answer: C
Explanation:
Using filters effectively to customize subscriptions
When a user subscribes to any pipeline, a few subscriptions are created by default without any filters being applied. Often, users have the need to customize these subscriptions. For example, users may want to get notified only when builds fail or when deployments are pushed to a production environment. The Azure Pipelines app supports filters to customize what you see in your channel.
Run the @Azure Pipelines subscriptions command
Select View all subscriptions. In the list of subscriptions, if there is a subscription that is unwanted or should be modified (Example: creating noise in the channel), select Remove
Scroll down and select the Add subscription button
Select the required pipeline and the event
Select the appropriate filters and save
Reference:
https://docs.microsoft.com/en-us/azure/devops/pipelines/integrations/microsoft-teams?view=azure-devops

QUESTION 230
You have an Azure DevOps organization named Contoso and an Azure subscription.
You use Azure DevOps to build and deploy a web app named App1. Azure Monitor is configured to generate an email notification in response to alerts generated whenever App1 generates a server-side error.
You need to receive notifications in Microsoft Teams whenever an Azure Monitor alert is generated.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. Create an Azure Monitor workbook.
B. Create an Azure logic app that has an HTTP request trigger.
C. Create an Azure logic app that has an Azure DevOps trigger.
D. Modify an action group in Azure Monitor.
E. Modify the Diagnostics settings in Azure Monitor.

Answer: BD
Explanation:
In Azure Monitor action group configure a webhook, the url of the webhook must be the url (trigger) of the Logic App. In the Logic App you can use the Team connector to send a message to a Teams channel.
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/action-groups-logic-app

QUESTION 231
You have a Microsoft ASP.NET Core web app in Azure that is accessed worldwide.
You need to run a URL ping test once every five minutes and create an alert when the web app is unavailable from specific Azure regions. The solution must minimize development time.
What should you do?

A. Create an Azure Monitor Availability metric and alert.
B. Create an Azure Application Insights availability test and alert.
C. Write an Azure function and deploy the function to the specific regions.
D. Create an Azure Service Health alert for the specific regions.

Answer: B
Explanation:
There are three types of Application Insights availability tests:
URL ping test: a simple test that you can create in the Azure portal.
Multi-step web test
Custom Track Availability Tests
Note: After you’ve deployed your web app/website, you can set up recurring tests to monitor availability and responsiveness. Azure Application Insights sends web requests to your application at regular intervals from points around the world. It can alert you if your application isn’t responding, or if it responds too slowly.
You can set up availability tests for any HTTP or HTTPS endpoint that is accessible from the public internet. You don’t have to make any changes to the website you’re testing. In fact, it doesn’t even have to be a site you own. You can test the availability of a REST API that your service depends on.
Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/app/monitor-web-app-availability#create-a-url-ping-test

QUESTION 232
You are designing a strategy to monitor the baseline metrics of Azure virtual machines that run Windows Server.
You need to collect detailed data about the processes running in the guest operating system.
Which two agents should you deploy? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. the Telegraf agent
B. the Azure Log Analytics agent
C. the Azure Network Watcher Agent for Windows
D. the Dependency agent

Answer: BD
Explanation:
The following table provide a quick comparison of the Azure Monitor agents for Windows.

Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/agents-overview

QUESTION 233
You configure an Azure Application Insights availability test.
You need to notify the customer services department at your company by email when availability is degraded.
You create an Azure logic app that will handle the email and follow up actions.
Which type of trigger should you use to invoke the logic app?

A. an HTTPWebhook trigger
B. an HTTP trigger
C. a Request trigger
D. an ApiConnection trigger

Answer: C
Explanation:
It uses the Action “When an HTTP request is received” and defines it as HTTP Request trigger. But this is a Request Trigger and not an HTTP Trigger.
You have to consider that http trigger is used only for outbound requests from the logic app. You can’t use it for Inbound http requests. For those you have to use Request Trigger.
https://docs.microsoft.com/en-us/azure/app-service/tutorial-send-email?tabs=dotnet
https://docs.microsoft.com/en-us/azure/connectors/connectors-native-reqres

QUESTION 234
You have an Azure DevOps organization named Contoso and an Azure subscription.
You use Azure DevOps to build a containerized app named App1 and deploy App1 to an Azure container instance named ACI1.
You need to restart ACI1 when App1 stops responding.
What should you do?

A. Add a liveness probe to the YAML configuration of App1.
B. Add a readiness probe to the YAML configuration of App1.
C. Use Connection Monitor in Azure Network Watcher.
D. Use IP flow verify in Azure Network Watcher.

Answer: A
Explanation:
Azure Container Instances supports liveness probes so that you can configure your containers within your container group to restart if critical functionality is not working.
Reference:
https://docs.microsoft.com/en-us/azure/container-instances/container-instances-liveness-probe

QUESTION 235
Drag and Drop Question
You manage the Git repository for a large enterprise application.
During the development of the application, you use a file named Config.json.
You need to prevent Config.json from being committed to the source control whenever changes to the application are committed.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation:
Step 1: Add Config.json to the .gitignore file
Each line in the .gitignore excludes a file or set of files that match a pattern.
Example:
# ignore a single file
Config.json
Step 2: Run the git add .gitignore command
At the initial commit we want basically move from Untracked to Staged, for staging we have to indicate which file we want to move or specify a pattern.

Step 3: Run the git commit command
This will add it to the repository.
Reference:
http://hermit.no/how-to-find-the-best-gitignore-for-visual-studio-and-azure-devops/
https://geohernandez.net/how-to-add-an-existing-repository-into-azure-devops-repo-with-git/

QUESTION 236
Drag and Drop Question
You are deploying a new application that uses Azure virtual machines.
You plan to use the Desired State Configuration (DSC) extension on the virtual machines.
You need to ensure that the virtual machines always have the same Windows feature installed.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation:
Step 1: Create a PowerShell configuration file
You create a simple PowerShell DSC configuration file.
Step 2: Load the file to Azure Blob storage
Package and publish the module to a publically accessible blob container URL
Step 3: Configure the DSC extension on the virtual machines
Reference:
https://docs.microsoft.com/en-us/azure/virtual-machines/extensions/dsc-overview
https://docs.microsoft.com/en-us/azure/virtual-machines/extensions/custom-script-windows

QUESTION 237
Drag and Drop Question
You need to deploy Internet Information Services (IIS) to an Azure virtual machine that runs Windows Server 2019.
How should you complete the Desired State Configuration (DSC) configuration script? To answer, drag the appropriate values to the correct locations. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:
Box 1: Configuration
The following example shows a simple example of a configuration.
configuration IISInstall
{
node “localhost”
{
WindowsFeature IIS
{
Ensure = “Present”

Name = “Web-Server”
}
}
}
Box 2: WindowsFeature
Reference:
https://docs.microsoft.com/en-us/azure/virtual-machines/extensions/dsc-overview

QUESTION 238
Drag and Drop Question
You are building an application that has the following assets:
– Source code
– Logs from automated tests and builds
– Large and frequently updated binary assets
– A common library used by multiple applications
Where should you store each asset? To answer, drag the appropriate Azure services to the correct assets. Each service may be used once. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:
Box 1: Azure Repos
Box 2: Azure Artifacts
Use Azure Artifacts to create, host, and share packages with your team.
Box 3: Azure Pipelines
In the pipeline view you can see all the stages and associated tests. The view provides a summary of the test results
Box 4: Azure Storage
Reference:
https://docs.microsoft.com/en-us/azure/devops/repos/get-started/what-is-repos
https://azure.microsoft.com/en-us/services/devops/artifacts/
https://docs.microsoft.com/en-us/azure/devops/pipelines/test/review-continuous-test-results-after-build

QUESTION 239
Drag and Drop Question
You have several Azure virtual machines that run Windows Server 2019.
You need to identify the distinct event IDs of each virtual machine as shown in the following table.

How should you complete the Azure Monitor query? To answer, drag the appropriate values to the correct locations. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:
You can use makelist to pivot data by the order of values in a particular column. For example, you may want to explore the most common order events take place on your machines. You can essentially pivot the data by the order of EventIDs on each machine.
Example:
Event
| where TimeGenerated > ago(12h)
| order by TimeGenerated desc
| summarize makelist(EventID) by Computer
Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/log-query/advanced-aggregations

QUESTION 240
Hotspot Question
You have a project in Azure DevOps that has three teams as shown in the Teams exhibit. (Click the Teams tab.)

You create a new dashboard named Dash1.
You configure the dashboard permissions for the Control project as shown in the Permissions exhibit. (Click the Permissions tab.)

All other permissions have the default values set.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:
Box 1: No
According to the configuration in the second screenshot, Delete dashboards permission is disabled.
Box 2: Yes
Everyone can view a dashboard.
Box 3: Yes
Only project administrators can manage dashboards.
By default, all team members have permissions to create and edit dashboards for their teams.
https://docs.microsoft.com/en-us/azure/devops/report/dashboards/dashboard-permissions?view=azure-devops

QUESTION 241
You have an existing project in Azure DevOps.
You plan to integrate GitHub as the repository for the project.
You need to ensure that Azure Pipelines runs under the Azure Pipelines identity.
Which authentication mechanism should you use?

A. personal access token (PAT)
B. GitHub App
C. Azure Active Directory (Azure AD)
D. OAuth

Answer: B
Explanation:
GitHub App uses the Azure Pipelines identity.
Incorrect Answers:
A: Personal access token and OAuth use your personal GitHub identity.
Reference:
https://docs.microsoft.com/en-us/azure/devops/pipelines/repos/github

QUESTION 242
You plan to provision a self-hosted Linux agent.
Which authentication mechanism should you use to register the self-hosted agent?

A. personal access token (PAT)
B. SSH key
C. Alternate credentials
D. certificate

Answer: A
Explanation:
Note: PAT Supported only on Azure Pipelines and TFS 2017 and newer. After you choose PAT, paste the PAT token you created into the command prompt window. Use a personal access token (PAT) if your Azure DevOps Server or TFS instance and the agent machine are not in a trusted domain. PAT authentication is handled by your Azure DevOps Server or TFS instance instead of the domain controller.
Reference:
https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/v2-linux

QUESTION 243
You are building a Microsoft ASP.NET application that requires authentication.
You need to authenticate users by using Azure Active Directory (Azure AD).
What should you do first?

A. Assign an enterprise application to users and groups
B. Create an app registration in Azure AD
C. Configure the application to use a SAML endpoint
D. Create a new OAuth token from the application
E. Create a membership database in an Azure SQL database

Answer: B
Explanation:
Register your application to use Azure Active Directory. Registering the application means that your developers can use Azure AD to authenticate users and request access to user resources such as email, calendar, and documents.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/developer-guidance-for-integrating-applications

QUESTION 244
You plan to create in Azure DevOps. Multiple developers will work on the project. The developers will work offline frequently and will require access to the full project history while they are offline.
Which version control solution should you use?

A. Team Foundation Version Control
B. Git
C. TortoiseSVN
D. Subversion

Answer: B
Explanation:
Git history: File history is replicated on the client dev machine and can be viewed even when not connected to the server. You can view history in Visual Studio and on the web portal.
Note: Azure Repos supports two types of version control: Git and Team Foundation Version Control (TFVC).
Incorrect Answers:
A: Team Foundation Version Control: File history is not replicated on the client dev machine and so can be viewed only when you’re connected to the server.
Reference:
https://docs.microsoft.com/en-us/azure/devops/repos/tfvc/comparison-git-tfvc

QUESTION 245
You have the following Azure policy.

You assign the policy to the Tenant root group.
What is the effect of the policy?

A. prevents all http traffic to existing Azure Storage accounts
B. ensures that all traffic to new Azure Storage accounts is encrypted
C. prevents HTTPS traffic to new Azure Storage accounts when the accounts are accessed over the Internet
D. ensures that all data for new Azure Storage accounts is encrypted at rest

Answer: B
Explanation:
During evaluation of existing resources, resources that match a deny policy definition are marked as non-compliant.
https://docs.microsoft.com/en-us/azure/governance/policy/concepts/effects#denytraffic.

QUESTION 246
You have a build pipeline in Azure Pipelines that uses different jobs to compile an application for 10 different architectures.
The build pipeline takes approximately one day to complete.
You need to reduce the time it takes to execute the build pipeline.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. Move to a blue/green deployment pattern
B. Create a deployment group
C. Increase the number of parallel jobs
D. Reduce the size of the repository
E. Create an agent pool

Answer: CE
Explanation:
Question: I need more hosted build resources. What can I do?
Answer: The Azure Pipelines pool provides all Azure DevOps organizations with cloud-hosted build agents and free build minutes each month. If you need more Microsoft-hosted build resources, or need to run more jobs in parallel, then you can either:
– Host your own agents on infrastructure that you manage.
– Buy additional parallel jobs.
Reference:
https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/pools-queues

QUESTION 247
You are creating a build pipeline in Azure Pipelines.
You define several tests that might fail due to third-party applications.
You need to ensure that the build pipeline completes successfully if the third-party applications are unavailable.
What should you do?

A. Configure the build pipeline to use parallel jobs
B. Configure flaky tests
C. Increase the test pass percentage
D. Add the Requirements quality widget to your dashboard

Answer: B
Explanation:
Flaky tests present a barrier to finding real problems, since the failures often don’t relate to the changes being tested. A flaky test is a test that provides different outcomes, such as pass or fail, even when there are no changes in the source code or execution environment.
Reference:
https://docs.microsoft.com/en-us/azure/devops/pipelines/test/flaky-test-management?view=azure-devops

QUESTION 248
Your company is building a new solution in Java.
The company currently uses a SonarQube server to analyze the code of .NET solutions.
You need to analyze and monitor the code quality of the Java solution.
Which task types should you add to the build pipeline?

A. Gradle
B. Chef
C. Grunt
D. Gulp

Answer: A
Explanation:
SonarQube is a set of static analyzers that can be used to identify areas of improvement in your code. It allows you to analyze the technical debt in your project and keep track of it in the future. With Maven and Gradle build tasks, you can run SonarQube analysis with minimal setup in a new or existing Azure DevOps Services build task.
Prepare Analysis Configuration task, to configure all the required settings before executing the build.
– This task is mandatory.
– In case of .NET solutions or Java projects, it helps to integrate seamlessly with MSBuild, Maven and Gradle tasks.
Note: There are several versions of this question in the exam. The question can have three correct answers:
– MSBuild
– Maven
– Gradle
The question can also have different incorrect options, including:
– Chef
– Octopus
– xCODE
Reference:
https://docs3.sonarqube.org/latest/analysis/scan/sonarscanner-for-azure-devops/
https://docs.microsoft.com/en-us/azure/devops/java/sonarqube?view=azure-devops

QUESTION 249
You are designing a configuration management solution to support five apps hosted on Azure App Service. Each app is available in the following three environments: development, test, and production.
You need to recommend a configuration management solution that meets the following requirements:
– Supports feature flags
– Tracks configuration changes from the past 30 days
– Stores hierarchically structured configuration values
– Controls access to the configurations by using role-based access control (RBAC) permission
– Stores shared values as key/value pairs that can be used by all the apps
Which Azure service should you recommend as the configuration management solution?

A. Azure Cosmos DB
B. Azure App Service
C. Azure App Configuration
D. Azure Key Vault

Answer: C
Explanation:
The Feature Manager in the Azure portal for App Configuration provides a UI for creating and managing the feature flags that you use in your applications.
App Configuration offers the following benefits:
A fully managed service that can be set up in minutes
Flexible key representations and mappings
Tagging with labels
Point-in-time replay of settings
Dedicated UI for feature flag management
Comparison of two sets of configurations on custom-defined dimensions
Enhanced security through Azure-managed identities
Encryption of sensitive information at rest and in transit
Native integration with popular frameworks
App Configuration complements Azure Key Vault, which is used to store application secrets.
Reference:
https://docs.microsoft.com/en-us/azure/azure-app-configuration/overview

QUESTION 250
You have a containerized solution that runs in Azure Container Instances. The solution contains a frontend container named App1 and a backend container named DB1. DB1 loads a large amount of data during startup.
You need to verify that DB1 can handle incoming requests before users can submit requests to App1.
What should you configure?

A. a liveness probe
B. a performance log
C. a readiness probe
D. an Azure Load Balancer health probe

Answer: C
Explanation:
For containerized applications that serve traffic, you might want to verify that your container is ready to handle incoming requests. Azure Container Instances supports readiness probes to include configurations so that your container can’t be accessed under certain conditions.
Incorrect Answers:
A: Containerized applications may run for extended periods of time, resulting in broken states that may need to be repaired by restarting the container. Azure Container Instances supports liveness probes so that you can configure your containers within your container group to restart if critical functionality is not working.
Reference:
https://docs.microsoft.com/en-us/azure/container-instances/container-instances-readiness-probe


Resources From:

1.2023 Latest Braindump2go AZ-400 Exam Dumps (PDF & VCE) Free Share:
https://www.braindump2go.com/az-400.html

2.2023 Latest Braindump2go AZ-400 PDF and AZ-400 VCE Dumps Free Share:
https://drive.google.com/drive/folders/1kLhX5N_Pt_noAKZD50xUpnSEA5Tt62TZ?usp=sharing

Free Resources from Braindump2go,We Devoted to Helping You 100% Pass All Exams!