[October-2020]Full Version AZ-400 PDF Exam Dumps AZ-400 240Q for Free Download[Q209-Q230]
2020/October Latest Braindump2go AZ-400 Exam Dumps with PDF and VCE Free Updated Today! Following are some new AZ-400 Real Exam Questions!
QUESTION 209
You use Azure Pipelines to manage project builds and deployments.
You plan to use Azure Pipelines for Microsoft Teams to notify the legal team when a new build is ready for release.
You need to configure the Organization Settings in Azure DevOps to support Azure Pipelines for Microsoft Teams.
What should you turn on?
A. Third-party application access via OAuth
B. Azure Active Directory Conditional Access Policy Validation
C. Alternate authentication credentials
D. SSH authentication
Answer: A
Explanation:
The Azure Pipelines app uses the OAuth authentication protocol, and requires Third-party application access via OAuth for the organization to be enabled.
To enable this setting, navigate to Organization Settings > Security > Policies, and set the Third-party application access via OAuth for the organization setting to On.
Reference:
https://docs.microsoft.com/en-us/azure/devops/pipelines/integrations/microsoft-teams
QUESTION 210
Your company implements an Agile development methodology.
You plan to implement retrospectives at the end of each sprint.
Which three questions should you include? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. Who performed well?
B. Who should have performed better?
C. What could have gone better?
D. What went well?
E. What should we try next?
Answer: BCE
Explanation:
Sprint retrospective meetings
The sprint retrospective meeting typically occurs on the last day of the sprint, after the sprint review meeting. In this meeting, your team explores its execution of Scrum and what might need tweaking.
Based on discussions, your team might decide to change one or more processes to improve its own effectiveness, productivity, quality, and satisfaction. This meeting and the resulting improvements are critical to the agile principle of self-organization.
Look to address these areas during your team sprint retrospectives:
Issues that affected your team’s general effectiveness, productivity, and quality.
Elements that impacted your team’s overall satisfaction and project flow.
What happened to cause incomplete backlog items? What actions will the team take to prevent these issues in the future?
Reference:
https://docs.microsoft.com/en-us/azure/devops/boards/sprints/best-practices-scrum
QUESTION 211
Your company uses Azure Artifacts for package management.
You need to configure an upstream source in Azure Artifacts for Python packages.
Which repository type should you use as an upstream source?
A. npmjs.org
B. PyPI
C. Maven Central
D. third-party trusted Python
Answer: B
Explanation:
Get started with Python packages in Azure Artifacts
Create a feed
1. Select Artifacts (in the left navigation of your Azure DevOps project).
2. On the Artifacts page, select Create Feed.
3. In the Create new feed dialog box:
4. In the Name field, give the feed a name.
PyPI is the default repository name for twine, which is a tool for publishing Python packages.
Reference:
https://docs.microsoft.com/en-us/azure/devops/artifacts/quickstarts/python-packages
QUESTION 212
Your company uses Azure DevOps to manage the build and release processes for applications.
You use a Git repository for applications source control.
You plan to create a new branch from an existing pull request. Later, you plan to merge the new branch and the target branch of the pull request.
You need to use a pull request action to create the new branch. The solution must ensure that the branch uses only a portion of the code in the pull request.
Which pull request action should you use?
A. Set as default branch
B. Approve with suggestions
C. Cherry-pick
D. Reactivate
E. Revert
Answer: C
Explanation:
Cherry-pick a pull request
To copy changes made in a pull request to another branch in your repo, follow these steps:
1. In a completed pull request, select Cherry-pick, or for an active pull request, select Cherry-pick from the … menu. Cherry-picking a pull request in this way creates a new branch with the copied changes.
Merge into a target branch in a second pull request.
2. In Target branch, enter the branch you want to merge the copied changes.
3. In Topic branch name, enter a new branch to contain the copied changes, then select Cherry-pick.
4. Select Create pull request to merge the topic branch into the target branch to complete the cherry-pick.
Reference:
https://docs.microsoft.com/en-us/azure/devops/repos/git/pull-requests
QUESTION 213
You have an Azure DevOps organization named Contoso that contains a project named Project1.
You provision an Azure key vault named Keyvault1.
You need to reference Keyvault1 secrets in a build pipeline of Project1.
What should you do first?
A. Add a secure file to Project1.
B. Create an XAML build service.
C. Create a variable group in Project1.
D. Configure the security policy of Contoso.
Answer: D
Explanation:
Before this will work, the build needs permission to access the Azure Key Vault. This can be added in the Azure Portal.
Open the Access Policies in the Key Vault and add a new one. Choose the principle used in the DevOps build.
Reference:
https://docs.microsoft.com/en-us/azure/devops/pipelines/release/azure-key-vault
QUESTION 214
You are designing a build pipeline in Azure Pipelines.
The pipeline requires a self-hosted agent. The build pipeline will run once daily and will take 30 minutes to complete.
You need to recommend a compute type for the agent. The solution must minimize costs.
What should you recommend?
A. an Azure Kubernetes Service (AKS) cluster
B. Azure Container Instances
C. an Azure virtual machine scale set
D. Azure virtual machines
Answer: B
Explanation:If your pipelines are in Azure Pipelines, then you’ve got a convenient option to run your jobs using a Microsoft-hosted agent. With Microsoft-hosted agents, maintenance and upgrades are taken care of for you. Each time you run a pipeline, you get a fresh virtual machine. The virtual machine is discarded after one use. Microsoft-hosted agents can run jobs directly on the VM or in a container.
Note: You can try a Microsoft-hosted agent for no charge.
Reference:
https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/hosted
QUESTION 215
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You plan to update the Azure DevOps strategy of your company.
You need to identify the following issues as they occur during the company’s development process:
– Licensing violations
– Prohibited libraries
Solution: You implement continuous deployment.
Does this meet the goal?
A. Yes
B. No
Answer: B
Explanation:Instead implement continuous integration.
Note: WhiteSource is the leader in continuous open source software security and compliance management. WhiteSource integrates into your build process, irrespective of your programming languages, build tools, or development environments. It works automatically, continuously, and silently in the background, checking the security, licensing, and quality of your open source components against WhiteSource constantly-updated definitive database of open source repositories.
Reference:
https://azuredevopslabs.com/labs/vstsextend/whitesource/
QUESTION 216
Your company has an Azure DevOps project,
The source code for the project is stored in an on-premises repository and uses on an on-premises build server.
You plan to use Azure DevOps to control the build process on the build server by using a self-hosted agent.
You need to implement the self-hosted agent.
You download and install the agent on the build server.
Which two actions should you perform next? Each correct answer presents part of the solution.
A. From Azure, create a shared access signature (SAS).
B. From the build server, create a certificate, and then upload the certificate to Azure Storage.
C. From the build server, create a certificate, and then upload the certificate to Azure Key Vault.
D. From DevOps, create a personal access token (PAT).
E. From the build server, run config.cmd.
Answer: BE
Explanation:
B: Make sure you install your self-signed ssl server certificate into the OS certificate store.
E: When you have a self-signed SSL certificate for your on-premises TFS server, make sure to configure the Git we shipped to allow that self-signed SSL certificate.
Enable git to use SChannel during configure with 2.129.0 or higher version agent Pass –gituseschannel during agent configuration
./config.cmd –gituseschannel
Reference:
https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/certificate
QUESTION 217
You have an Azure subscription that contains an Azure Active Directory (Azure AD) tenant.
You are configuring a build pipeline in Azure Pipelines that will include a task named Task1. Task1 will authenticate by using an Azure AD service principal.
Which three values should you configure for Task1? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. the tenant ID
B. the subscription ID
C. the client secret
D. the app ID
E. the object ID
Answer: ABD
Explanation:
Create an Azure Resource Manager service connection with an existing service principal
AB: Enter the information about your service principal into the Azure subscription dialog textboxes:
Tenant ID
Subscription ID
Subscription name
Service principal ID
Either the service principal client key or, if you have selected Certificate, enter the contents of both the certificate and private key sections of the *.pem file.
D: To deploy to a specific Azure resource, the task will need additional data about that resource.
If you’re using the classic editor, select data you need. For example, the App service name.
If you’re using YAML, then go to the resource in the Azure portal, and then copy the data into your code.
For example, to deploy a web app, you would copy the name of the App Service into the WebAppName value.
Reference:
https://docs.microsoft.com/en-us/azure/devops/pipelines/library/connect-to-azure
QUESTION 218
You need to execute inline testing of an Azure DevOps pipeline that uses a Docker deployment model. The solution must prevent the results from being published to the pipeline.
What should you use for the inline testing?
A. a single stage Dockerfile
B. an Azure Kubernetes Service (AKS) pod
C. a multi-stage Dockerfile
D. a Docker Compose file
Answer: D
Explanation:
Use Docker when running integration tests with Azure Pipelines.
Reference:
https://crossprogramming.com/2019/12/27/use-docker-when-running-integration-tests-with-azure-pipelines.html
QUESTION 219
You need to configure GitHub to use Azure Active Directory (Azure AD) for authentication.
What should you do first?
A. Create a conditional access policy in Azure AD.
B. Register GitHub in Azure AD.
C. Create an Azure Active Directory B2C (Azure AD B2C) tenant.
D. Modify the Security settings of the GitHub organization.
Answer: B
Explanation:
When you connect to a Git repository from your Git client for the first time, the credential manager prompts for credentials. Provide your Microsoft account or Azure AD credentials.
Note: Git Credential Managers simplify authentication with your Azure Repos Git repositories. Credential managers let you use the same credentials that you use for the Azure DevOps Services web portal.
Credential managers support multi-factor authentication through Microsoft account or Azure Active Directory (Azure AD). Besides supporting multi-factor authentication with Azure Repos, credential managers also support two-factor authentication with GitHub repositories.
Reference:
https://docs.microsoft.com/en-us/azure/devops/repos/git/set-up-credential-managers
QUESTION 220
You have a project in Azure DevOps named Project1. Project1 contains a pipeline that builds a container image named Image1 and pushes Image1 to an Azure container registry named ACR1. Image1 uses a base image stored in Docker Hub.
You need to ensure that Image1 is updated automatically whenever the base image is updated.
What should you do?
A. Enable the Azure Event Grid resource provider and subscribe to registry events.
B. Add a Docker Hub service connection to Azure Pipelines.
C. Create and run an Azure Container Registry task.
D. Create a service hook in Project1.
Answer: C
Explanation:
ACR Tasks supports automated container image builds when a container’s base image is updated, such as when you patch the OS or application framework in one of your base images.
Reference:
https://docs.microsoft.com/en-us/azure/container-registry/container-registry-tutorial-base-image-update
QUESTION 221
You have a free tier of an Azure DevOps organization named Contoso. Contoso contains 10 private projects. Each project has multiple jobs with no dependencies.
You frequently run the jobs on five self-hosted agents but experience long build times and frequently queued builds.
You need to minimize the number of queued builds and the time it takes to run the builds.
What should you do?
A. Configure the pipelines to use the Microsoft-hosted agents.
B. Register additional self-hosted agents.
C. Purchase self-hosted parallel jobs.
D. Purchase Microsoft-hosted parallel jobs.
Answer: D
Explanation:
When the free tier is no longer sufficient, you can pay for additional capacity per parallel job.
Note: Microsoft-hosted CI/CD
If you want to run your jobs on machines that Microsoft manages, use Microsoft-hosted parallel jobs. Your jobs run on our pool of Microsoft-hosted agents.
We provide a free tier of service by default in every organization.
Reference:
https://docs.microsoft.com/en-us/azure/devops/pipelines/licensing/concurrent-jobs
QUESTION 222
You have an Azure DevOps project that contains a build pipeline. The build pipeline uses approximately 50 open source libraries.
You need to ensure that all the open source libraries comply with your company’s licensing standards.
Which service should you use?
A. Ansible
B. Maven
C. WhiteSource Bolt
D. Helm
Answer: C
Explanation:
WhiteSource provides WhiteSource Bolt, a lightweight open source security and management solution
developed specifically for integration with Azure DevOps and Azure DevOps Server.
Note: WhiteSource is the leader in continuous open source software security and compliance management. WhiteSource integrates into your build process, irrespective of your programming languages, build tools, or development environments. It works automatically, continuously, and silently in the background, checking the security, licensing, and quality of your open source components against WhiteSource constantly-updated definitive database of open source repositories.
Note: Blackduck would also be a good answer, but it is not an option here.
Reference:
https://www.azuredevopslabs.com/labs/vstsextend/whitesource/
QUESTION 223
Your company develops an application named App1 that is deployed in production.
As part of an application update, a new service is being added to App1. The new service requires access to an application named App2 that is currently in development.
You need to ensure that you can deploy the update to App1 before App2 becomes available. You must be able to enable the service in App1 once App2 is deployed.
What should you do?
A. Implement a feature flag.
B. Create a fork in the build.
C. Create a branch in the build.
D. Implement a branch policy.
Answer: A
Explanation:
Feature flags support a customer-first DevOps mindset, to enable (expose) and disable (hide) features in a solution, even before they are complete and ready for release.
Incorrect Answers:
C: Branch policies are an important part of the Git workflow and enable you to:
Isolate work in progress from the completed work in your master branch
Guarantee changes build before they get to master
Reference:
https://docs.microsoft.com/en-us/azure/devops/migrate/phase-features-with-feature-flags
QUESTION 224
You are designing the security validation strategy for a project in Azure DevOps.
You need to identify package dependencies that have known security issues and can be resolved by an update.
What should you use?
A. Octopus Deploy
B. Jenkins
C. Gradle
D. SonarQube
Answer: A
Explanation:
Incorrect Answers:
B: Jenkins is a popular open-source automation server used to set up continuous integration and delivery (CI/CD) for your software projects.
D: SonarQube is a set of static analyzers that can be used to identify areas of improvement in your code. It allows you to analyze the technical debt in your project and keep track of it in the future.
Reference:
https://octopus.com/docs/packaging-applications
QUESTION 225
You have a private distribution group that contains provisioned and unprovisioned devices.
You need to distribute a new iOS application to the distribution group by using Microsoft Visual Studio App Center.
What should you do?
A. Generate a new .p12 file for each device.
B. Create an unsigned build.
C. Register the devices on the Apple Developer portal.
D. Create an active subscription in App Center Test.
Answer: C
Explanation:
When releasing an iOS app signed with an ad-hoc or development provisioning profile, you must obtain tester’s device IDs (UDIDs), and add them to the provisioning profile before compiling a release. When you enable the distribution group’s Automatically manage devices setting, App Center automates the before mentioned operations and removes the constraint for you to perform any manual tasks. As part of automating the workflow, you must provide the user name and password for your Apple ID and your production certificate in a .p12 format.
App Center starts the automated tasks when you distribute a new release or one of your testers registers a new device. First, all devices from the target distribution group will be registered, using your Apple ID, in your developer portal and all provisioning profiles used in the app will be generated with both new and existing device ID. Afterward, the newly generated provisioning profiles are downloaded to App Center servers.
Reference:
https://docs.microsoft.com/en-us/appcenter/distribution/groups
QUESTION 226
Your company uses the following resources:
– Windows Server 2019 container images hosted in an Azure Container Registry.
– Azure virtual machines that run the latest version of Ubuntu
– An Azure Log Analytics workspace
– Azure Active Directory (Azure AD)
– An Azure key vault
For which two resources can you receive vulnerability assessments in Azure Security Center? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. the Azure Log Analytics workspace
B. the Azure key vault
C. the Azure virtual machines that run the latest version of Ubuntu
D. Azure Active Directory (Azure AD)
E. The Windows Server 2019 container images hosted in the Azure Container Registry.
Answer: BC
Explanation:
B: Azure Security Center includes Azure-native, advanced threat protection for Azure Key Vault, providing an additional layer of security intelligence.
C: When Security Center discovers a connected VM without a vulnerability assessment solution deployed, it provides the security recommendation “A vulnerability assessment solution should be enabled on your virtual machines”.
Ubuntu supported versions: 12.04 LTS, 14.04 LTS, 15.x, 16.04 LTS, 18.04 LTS Reference:
https://docs.microsoft.com/en-us/azure/security-center/deploy-vulnerability-assessment-vm
QUESTION 227
You have a private project in Azure DevOps.
You need to ensure that a project manager can create custom work item queries to report on the project’s progress. The solution must use the principle of least privilege.
To which security group should you add the project manager?
A. Reader
B. Project Collection Administrators
C. Project Administrators
D. Contributor
Answer: D
Explanation:
Contributors have permissions to contribute fully to the project code base and work item tracking. The main permissions they don’t have or those that manage or administer resources.
Reference:
https://docs.microsoft.com/en-us/azure/devops/organizations/security/permissions
QUESTION 228
You use Azure Pipelines to manage build pipelines, GitHub to store source code, and Dependabot to manage dependencies.
You have an app named App1.
Dependabot detects a dependency in App1 that requires an update.
What should you do first to apply the update?
A. Create a pull request.
B. Approve the pull request.
C. Create a branch.
D. Perform a commit.
Answer: B
Explanation:
DependaBot is a useful tool to regularly check for dependency updates. By helping to keep your project up to date, DependaBot can reduce technical debt and immediately apply security vulnerabilities when patches are released. How does DependaBot work?
1. DependaBot regularly checks dependencies for updates
2. If an update is found, DependaBot creates a new branch with this upgrade and Pull Request for approval
3. You review the new Pull Request, ensure the tests passed, review the code, and decide if you can merge the change
Reference:
https://samlearnsazure.blog/2019/12/20/github-using-dependabot/
QUESTION 229
You are integrating Azure Pipelines and Microsoft Teams.
You install the Azure Pipelines app in Microsoft Teams.
You have an Azure DevOps organization named Contoso that contains a project name Project1.
You subscribe to Project1 in Microsoft Teams.
You need to ensure that you only receive events about failed builds in Microsoft Teams.
What should you do first?
A. From Microsoft Teams, run @azure pipelines subscribe https://dev.azure.com/Contoso/Project1.
B. From Azure Pipelines, add a Publish Build Artifacts task to Project1.
C. From Microsoft Teams, run @azure pipelines subscriptions.
D. From Azure Pipelines, enable continuous integration for Project1.
Answer: A
Explanation:
To start monitoring all pipelines in a project, use the following command inside a channel:
@azure pipelines subscribe [project url]
The project URL can be to any page within your project (except URLs to pipelines).
For example:
@azure pipelines subscribe https://dev.azure.com/myorg/myproject/
Reference:
https://docs.microsoft.com/en-us/azure/devops/pipelines/integrations/microsoft-teams
QUESTION 230
You have an Azure DevOps organization named Contoso and an Azure subscription.
You use Azure DevOps to build and deploy a web app named App1. Azure Monitor is configured to generate an email notification in response to alerts generated whenever App1 generates a server-side error.
You need to receive notifications in Microsoft Teams whenever an Azure Monitor alert is generated.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. Create an Azure Monitor workbook.
B. Create an Azure logic app that has an HTTP request trigger.
C. Create an Azure logic app that has an Azure DevOps trigger.
D. Modify an action group in Azure Monitor.
E. Modify the Diagnostics settings in Azure Monitor.
Answer: CD
Explanation:
https://dirteam.com/dave/2019/05/14/getting-azure-devops-tasks-in-to-do-with-flow/
Resources From:
1.2020 Latest Braindump2go AZ-400 Exam Dumps (PDF & VCE) Free Share:
https://www.braindump2go.com/az-400.html
2.2020 Latest Braindump2go AZ-400 PDF and AZ-400 VCE Dumps Free Share:
https://drive.google.com/drive/folders/1kLhX5N_Pt_noAKZD50xUpnSEA5Tt62TZ?usp=sharing
3.2020 Free Braindump2go AZ-400 PDF Download:
https://www.braindump2go.com/free-online-pdf/AZ-400-Dumps(219-229).pdf
https://www.braindump2go.com/free-online-pdf/AZ-400-PDF-Dumps(208-218).pdf
https://www.braindump2go.com/free-online-pdf/AZ-400-VCE-Dumps(230-240).pdf
Free Resources from Braindump2go,We Devoted to Helping You 100% Pass All Exams!