Download Microsoft.AZ-400.Dump4Pass.2024-01-16.182q.vcex

Download Exam

File Info

Exam Microsoft Azure DevOps Solutions
Number AZ-400
File Name Microsoft.AZ-400.Dump4Pass.2024-01-16.182q.vcex
Size 10 MB
Posted Jan 16, 2024
Download Microsoft.AZ-400.Dump4Pass.2024-01-16.182q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase

Coupon: MASTEREXAM
With discount: 20%





Demo Questions

Question 1

You are building a Microsoft ASP.NET application that requires authentication.  
You need to authenticate users by using Azure Active Directory (Azure AD).  
What should you do first?


  1. Assign an enterprise application to users and groups
  2. Create an app registration in Azure AD
  3. Configure the application to use a SAML endpoint
  4. Create a new OAuth token from the application
  5. Create a membership database in an Azure SQL database
Correct answer: B
Explanation:
Register your application to use Azure Active Directory. Registering the application means that your developers can use Azure AD to authenticate users and request access to user resources such as email, calendar, and documents.    Reference: https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/developer-guidance-for-integrating-applications
Register your application to use Azure Active Directory. Registering the application means that your developers can use Azure AD to authenticate users and request access to user resources such as email, calendar, and documents.  
  
Reference: 
https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/developer-guidance-for-integrating-applications



Question 2

You need to ensure that an Azure web app named az400-9940427-main can retrieve secrets from an Azure key vault named az400-9940427-kv1 by using a system managed identity.    
The solution must use the principle of least privilege.  
To complete this task, sign in to the Microsoft Azure portal.


  1. See the explanation
Correct answer: A
Explanation:
1. In Azure portal navigate to the az400-9940427-main app.  2. Scroll down to the Settings group in the left navigation.  3. Select Managed identity.  4. Within the System assigned tab, switch Status to On. Click Save.              Reference: https://docs.microsoft.com/en-us/azure/app-service/overview-managed-identity
1. In Azure portal navigate to the az400-9940427-main app.  
2. Scroll down to the Settings group in the left navigation.  
3. Select Managed identity.  
4. Within the System assigned tab, switch Status to On. Click Save.  
        
    
Reference: 
https://docs.microsoft.com/en-us/azure/app-service/overview-managed-identity



Question 3

You have an Azure Resource Manager template that deploys a multi-tier application.    
You need to prevent the user who performs the deployment from viewing the account credentials and connection strings used by the application.  
What should you use?


  1. Azure Key Vault
  2. a Web.config file
  3. an Appsettings.json file
  4. an Azure Storage table
  5. an Azure Resource Manager parameter file
Correct answer: A
Explanation:
When you need to pass a secure value (like a password) as a parameter during deployment, you can retrieve the value from an Azure Key Vault. You retrieve the value by referencing the key vault and secret in your parameter file. The value is never exposed because you only reference its key vault ID. The key vault can exist in a different subscription than the resource group you are deploying to.    Reference: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-keyvault-parameter
When you need to pass a secure value (like a password) as a parameter during deployment, you can retrieve the value from an Azure Key Vault. You retrieve the value by referencing the key vault and secret in your parameter file. The value is never exposed because you only reference its key vault ID. The key vault can exist in a different subscription than the resource group you are deploying to.  
  
Reference: 
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-keyvault-parameter



Question 4

Your company plans to implement a new compliance strategy that will require all Azure web apps to be backed up every five hours.    
You need to back up an Azure web app named az400-11566895-main every five hours to an Azure Storage account in your resource group.  
To complete this task, sign in to the Microsoft Azure portal.


  1. See the explanatiob
Correct answer: A
Explanation:
With the storage account ready, you can configure backs up in the web app or App Service.  1. Open the App Service az400-11566895-main, which you want to protect, in the Azure Portal and browse to Settings > Backups. Click Configure and a Backup  Configuration blade should appear.  2. Select the storage account.  3. Click + to create a private container. You could name this container after the web app or App Service.  4. Select the container.  5. If you want to schedule backups, then set Scheduled Backup to On and configure a schedule: every five hours 6. Select your retention. Note that 0 means never delete backups.  7. Decide if at least one backup should always be retained.  8. Choose if any connected databases should be included in the web app backup.  9. Click Save to finalize the backup configuration.            Reference: https://petri.com/backing-azure-app-service
With the storage account ready, you can configure backs up in the web app or App Service.  
1. Open the App Service az400-11566895-main, which you want to protect, in the Azure Portal and browse to Settings > Backups. Click Configure and a Backup  
Configuration blade should appear.  
2. Select the storage account.  
3. Click + to create a private container. You could name this container after the web app or App Service.  
4. Select the container.  
5. If you want to schedule backups, then set Scheduled Backup to On and configure a schedule: every five hours 
6. Select your retention. Note that 0 means never delete backups.  
7. Decide if at least one backup should always be retained.  
8. Choose if any connected databases should be included in the web app backup.  
9. Click Save to finalize the backup configuration.  
        
  
Reference: 
https://petri.com/backing-azure-app-service



Question 5

Your company has an Azure subscription named Subscription1. Subscription1 is associated to an Azure Active Directory tenant named contoso.com.    
You need to provision an Azure Kubernetes Services (AKS) cluster in Subscription1 and set the permissions for the cluster by using RBAC roles that reference the identities in contoso.com.    
Which three objects should you create in sequence? To answer, move the appropriate objects from the list of objects to the answer area and arrange them in the correct order.  


Correct answer: To work with this question, an Exam Simulator is required.
Explanation:
Step 1: Create an AKS cluster   Step 2: a system-assigned managed identity To create an RBAC binding, you first need to get the Azure AD Object ID.  1. Sign in to the Azure portal.  2. In the search field at the top of the page, enter Azure Active Directory.  3. Click Enter.  4. In the Manage menu, select Users.  5. In the name field, search for your account.  6. In the Name column, select the link to your account.  7. In the Identity section, copy the Object ID.            Step 3: a RBAC binding Reference:   https://docs.microsoft.com/en-us/azure/developer/ansible/aks-configure-rbac
Step 1: Create an AKS cluster 
  
Step 2: a system-assigned managed identity 
To create an RBAC binding, you first need to get the Azure AD Object ID.  
1. Sign in to the Azure portal.  
2. In the search field at the top of the page, enter Azure Active Directory.  
3. Click Enter.  
4. In the Manage menu, select Users.  
5. In the name field, search for your account.  
6. In the Name column, select the link to your account.  
7. In the Identity section, copy the Object ID.  
  
        
Step 3: a RBAC binding 
Reference:   
https://docs.microsoft.com/en-us/azure/developer/ansible/aks-configure-rbac



Question 6

You manage build and release pipelines by using Azure DevOps. Your entire managed environment resides in Azure.    
You need to configure a service endpoint for accessing Azure Key Vault secrets. The solution must meet the following requirements:   
  • Ensure that the secrets are retrieved by Azure DevOps.  
  • Avoid persisting credentials and tokens in Azure DevOps.    
How should you configure the service endpoint? To answer, select the appropriate options in the answer area.    
NOTE: Each correct selection is worth one point. 


Correct answer: To work with this question, an Exam Simulator is required.
Explanation:
Box 1: Azure Pipelines service connection   Box 2: Managed Service Identity Authentication The managed identities for Azure resources feature in Azure Active Directory (Azure AD) provides Azure services with an automatically managed identity in Azure AD. You can use the identity to authenticate to any service that supports Azure AD authentication, including Key Vault, without any credentials in your code.    Reference: https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/deploy/azure-key-vault   https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview
Box 1: Azure Pipelines service connection   
Box 2: Managed Service Identity Authentication 
The managed identities for Azure resources feature in Azure Active Directory (Azure AD) provides Azure services with an automatically managed identity in Azure AD. You can use the identity to authenticate to any service that supports Azure AD authentication, including Key Vault, without any credentials in your code.  
  
Reference: 
https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/deploy/azure-key-vault   
https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview



Question 7

You have an Azure DevOps organization named Contoso, an Azure DevOps project named Project1, an Azure subscription named Sub1, and an Azure key vault named vault1.    
You need to ensure that you can reference the values of the secrets stored in vault1 in all the pipelines of Project1. The solution must prevent the values from being stored in the pipelines.    
What should you do?


  1. Create a variable group in Project1.
  2. Add a secure file to Project1.
  3. Modify the security settings of the pipelines.
  4. Configure the security policy of Contoso.
Correct answer: A
Explanation:
Use a variable group to store values that you want to control and make available across multiple pipelines.    Reference: https://docs.microsoft.com/en-us/azure/devops/pipelines/library/variable-groups
Use a variable group to store values that you want to control and make available across multiple pipelines.  
  
Reference: 
https://docs.microsoft.com/en-us/azure/devops/pipelines/library/variable-groups



Question 8

You use WhiteSource Bolt to scan a Node.js application.    
The WhiteSource Bolt scan identifies numerous libraries that have invalid licenses. The libraries are used only during development and are not part of a production deployment.    
You need to ensure that WhiteSource Bolt only scans production dependencies.    
Which two actions should you perform? Each correct answer presents part of the solution.    
NOTE: Each correct selection is worth one point.


  1. Run npm install and specify the --production flag.
  2. Modify the WhiteSource Bolt policy and set the action for the licenses used by the development tools to Reassign.
  3. Modify the devDependencies section of the project’s Package.json file.
  4. Configure WhiteSource Bolt to scan the node_modules directory only.
Correct answer: AD
Explanation:
A: To resolve NPM dependencies, you should first run "npm install" command on the relevant folders before executing the plugin. C: All npm packages contain a file, usually in the project root, called package.json – this file holds various metadata relevant to the project. This file is used to give information to npm that allows it to identify the project as well as handle the project's dependencies. It can also contain other metadata such as a project description, the version of the project in a particular distribution, license information, even configuration data – all of which can be vital to both npm and to the end users of the package.    Reference: https://whitesource.atlassian.net/wiki/spaces/WD/pages/34209870/NPM+Plugin   https://nodejs.org/en/knowledge/getting-started/npm/what-is-the-file-package-json
A: To resolve NPM dependencies, you should first run "npm install" command on the relevant folders before executing the plugin. 
C: All npm packages contain a file, usually in the project root, called package.json – this file holds various metadata relevant to the project. This file is used to give information to npm that allows it to identify the project as well as handle the project's dependencies. It can also contain other metadata such as a project description, the version of the project in a particular distribution, license information, even configuration data – all of which can be vital to both npm and to the end users of the package.  
  
Reference: 
https://whitesource.atlassian.net/wiki/spaces/WD/pages/34209870/NPM+Plugin   
https://nodejs.org/en/knowledge/getting-started/npm/what-is-the-file-package-json



Question 9

You have a project in Azure DevOps that has three teams as shown in the Teams exhibit. (Click the Teams tab.)  
        
    
You create a new dashboard named Dash1.    
You configure the dashboard permissions for the Contoso project as shown in the Permissions exhibit. (Click the Permissions tab.)  
  
        
  
All other permissions have the default values set.    
For each of the following statements, select Yes if the statement is true. Otherwise, select No.    
NOTE: Each correct selection is worth one point. 


Correct answer: To work with this question, an Exam Simulator is required.
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/devops/report/dashboards/charts-dashboard-permissions-access
Reference: 
https://docs.microsoft.com/en-us/azure/devops/report/dashboards/charts-dashboard-permissions-access



Question 10

Your company is concerned that when developers introduce open source libraries, it creates licensing compliance issues.    
You need to add an automated process to the build pipeline to detect when common open source libraries are added to the code base.  
What should you use?


  1. Microsoft Visual SourceSafe
  2. Code Style
  3. Black Duck
  4. Jenkins
Correct answer: C
Explanation:
Secure and Manage Open Source Software  Black Duck helps organizations identify and mitigate open source security, license compliance and code-quality risks across application and container portfolios.  Black Duck Hub and its plugin for Team Foundation Server (TFS) allows you to automatically find and fix open source security vulnerabilities during the build process, so you can proactively manage risk. The integration allows you to receive alerts and fail builds when any Black Duck Hub policy violations are met.    Note: There are several versions of this question in the exam. The question has two possible correct answers: Black Duck  WhiteSource Bolt    Other incorrect answer options you may see on the exam include the following: OWASP ZAP  PDM  SourceGear  SourceGear Vault    Reference: https://marketplace.visualstudio.com/items?itemName=black-duck-software.hub-tfs
Secure and Manage Open Source Software  
Black Duck helps organizations identify and mitigate open source security, license compliance and code-quality risks across application and container portfolios.  
Black Duck Hub and its plugin for Team Foundation Server (TFS) allows you to automatically find and fix open source security vulnerabilities during the build process, so you can proactively manage risk. The integration allows you to receive alerts and fail builds when any Black Duck Hub policy violations are met.  
  
Note: 
There are several versions of this question in the exam. The question has two possible correct answers: 
  • Black Duck  
  • WhiteSource Bolt  
  
Other incorrect answer options you may see on the exam include the following: 
  • OWASP ZAP  
  • PDM  
  • SourceGear  
  • SourceGear Vault  
  
Reference: 
https://marketplace.visualstudio.com/items?itemName=black-duck-software.hub-tfs









CONNECT US

Facebook

Twitter

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!

Get Now!


HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files