Download Microsoft.AZ-400.Dump4Pass.2024-03-06.264q.tqb

Download Exam

File Info

Exam Microsoft Azure DevOps Solutions
Number AZ-400
File Name Microsoft.AZ-400.Dump4Pass.2024-03-06.264q.tqb
Size 16 MB
Posted Mar 06, 2024
Download Microsoft.AZ-400.Dump4Pass.2024-03-06.264q.tqb

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase

Coupon: MASTEREXAM
With discount: 20%





Demo Questions

Question 1

Your company is building a new web application.    
You plan to collect feedback from pilot users on the features being delivered.    
All the pilot users have a corporate computer that has Google Chrome and the Microsoft Test & Feedback extension installed. The pilot users will test the application by using Chrome.    
You need to identify which access levels are required to ensure that developers can request and gather feedback from the pilot users. The solution must use the principle of least privilege.    
Which access levels in Azure DevOps should you identify? To answer, select the appropriate options in the answer area.    
NOTE: Each correct selection is worth one point. 


Correct answer: To work with this question, an Exam Simulator is required.
Explanation:
Box 1: Basic Assign Basic to users with a TFS CAL, with a Visual Studio Professional subscription, and to users for whom you are paying for Azure Boards & Repos in an organization.    Box 2: Stakeholder Assign Stakeholders to users with no license or subscriptions who need access to a limited set of features.    Note: You assign users or groups of users to one of the following access levels:   Basic: provides access to most features VS Enterprise: provides access to premium features Stakeholders: provides partial access, can be assigned to unlimited users for free   Reference: https://docs.microsoft.com/en-us/azure/devops/organizations/security/access-levels?view=vsts
Box 1: Basic 
Assign Basic to users with a TFS CAL, with a Visual Studio Professional subscription, and to users for whom you are paying for Azure Boards & Repos in an organization.  
  
Box 2: Stakeholder 
Assign Stakeholders to users with no license or subscriptions who need access to a limited set of features.  
  
Note: 
You assign users or groups of users to one of the following access levels: 
  
Basic: provides access to most features 
VS Enterprise: provides access to premium features 
Stakeholders: provides partial access, can be assigned to unlimited users for free 
  
Reference: 
https://docs.microsoft.com/en-us/azure/devops/organizations/security/access-levels?view=vsts



Question 2

Your company creates a web application.    
You need to recommend a solution that automatically sends to Microsoft Teams a daily summary of the exceptions that occur in the application.  
Which two Azure services should you recommend? Each correct answer presents part of the solution.  
NOTE: Each correct selection is worth one point.


  1. Azure Logic Apps
  2. Azure Pipelines
  3. Microsoft Visual Studio App Center
  4. Azure DevOps Project
  5. Azure Application Insights
Correct answer: AE
Explanation:
E: Exceptions in your live web app are reported by Application Insights.   Note: Periodical reports help keep a team informed on how their business critical services are doing. Developers, DevOps/SRE teams, and their managers can be productive with automated reports reliably delivering insights without requiring everyone to sign in the portal. Such reports can also help identify gradual increases in latencies, load or failure rates that may not trigger any alert rules.    A: You can programmatically query Application Insights data to generate custom reports on a schedule. The following options can help you get started quickly: Automate reports with Microsoft Flow  Automate reports with Logic Apps    Reference: https://docs.microsoft.com/en-us/azure/azure-monitor/app/asp-net-exceptions   https://docs.microsoft.com/en-us/azure/azure-monitor/app/automate-custom-reports
E: Exceptions in your live web app are reported by Application Insights. 
  
Note: Periodical reports help keep a team informed on how their business critical services are doing. Developers, DevOps/SRE teams, and their managers can be productive with automated reports reliably delivering insights without requiring everyone to sign in the portal. Such reports can also help identify gradual increases in latencies, load or failure rates that may not trigger any alert rules.  
  
A: You can programmatically query Application Insights data to generate custom reports on a schedule. The following options can help you get started quickly: 
  • Automate reports with Microsoft Flow  
  • Automate reports with Logic Apps  
  
Reference: 
https://docs.microsoft.com/en-us/azure/azure-monitor/app/asp-net-exceptions   
https://docs.microsoft.com/en-us/azure/azure-monitor/app/automate-custom-reports



Question 3

Your company hosts a web application in Azure. The company uses Azure Pipelines for the build and release management of the application.  
Stakeholders report that the past few releases have negatively affected system performance.  
You configure alerts in Azure Monitor.    
You need to ensure that new releases are only deployed to production if the releases meet defined performance baseline criteria in the staging environment first.  
What should you use to prevent the deployment of releases that fall to meet the performance baseline?


  1. an Azure Scheduler job
  2. a trigger
  3. a gate
  4. an Azure function
Correct answer: C
Explanation:
Scenarios and use cases for gates include: Quality validation. Query metrics from tests on the build artifacts such as pass rate or code coverage and deploy only if they are within required thresholds.    Use Quality Gates to integrate monitoring into your pre-deployment or post-deployment. This ensures that you are meeting the key health/performance metrics (KPIs) as your applications move from dev to production and any differences in the infrastructure environment or scale is not negatively impacting your KPIs.    Note: Gates allow automatic collection of health signals from external services, and then promote the release when all the signals are successful at the same time or stop the deployment on timeout. Typically, gates are used in connection with incident management, problem management, change management, monitoring, and external approval systems.    Reference: https://docs.microsoft.com/en-us/azure/azure-monitor/continuous-monitoring   https://docs.microsoft.com/en-us/azure/devops/pipelines/release/approvals/gates?view=azure-devops
Scenarios and use cases for gates include: 
  • Quality validation. Query metrics from tests on the build artifacts such as pass rate or code coverage and deploy only if they are within required thresholds.  
  
Use Quality Gates to integrate monitoring into your pre-deployment or post-deployment. This ensures that you are meeting the key health/performance metrics (KPIs) as your applications move from dev to production and any differences in the infrastructure environment or scale is not negatively impacting your KPIs.  
  
Note: Gates allow automatic collection of health signals from external services, and then promote the release when all the signals are successful at the same time or stop the deployment on timeout. Typically, gates are used in connection with incident management, problem management, change management, monitoring, and external approval systems.  
  
Reference: 
https://docs.microsoft.com/en-us/azure/azure-monitor/continuous-monitoring   
https://docs.microsoft.com/en-us/azure/devops/pipelines/release/approvals/gates?view=azure-devops



Question 4

You have a containerized solution that runs in Azure Container Instances. The solution contains a frontend container named App1 and a backend container named DB1. DB1 loads a large amount of data during startup.    
You need to verify that DB1 can handle incoming requests before users can submit requests to App1.  
What should you configure?


  1. a liveness probe 
  2. a performance log
  3. a readiness probe
  4. an Azure Load Balancer health probe
Correct answer: C
Explanation:
For containerized applications that serve traffic, you might want to verify that your container is ready to handle incoming requests. Azure Container Instances supports readiness probes to include configurations so that your container can't be accessed under certain conditions.    Incorrect Answers: A: Containerized applications may run for extended periods of time, resulting in broken states that may need to be repaired by restarting the container. Azure Container Instances supports liveness probes so that you can configure your containers within your container group to restart if critical functionality is not working.    Reference: https://docs.microsoft.com/en-us/azure/container-instances/container-instances-readiness-probe
For containerized applications that serve traffic, you might want to verify that your container is ready to handle incoming requests. Azure Container Instances supports readiness probes to include configurations so that your container can't be accessed under certain conditions.  
  
Incorrect Answers: 
A: Containerized applications may run for extended periods of time, resulting in broken states that may need to be repaired by restarting the container. Azure Container Instances supports liveness probes so that you can configure your containers within your container group to restart if critical functionality is not working.  
  
Reference: 
https://docs.microsoft.com/en-us/azure/container-instances/container-instances-readiness-probe



Question 5

You plan to provision a self-hosted Linux agent.    
Which authentication mechanism should you use to register the self-hosted agent?


  1. personal access token (PAT)
  2. SSH key
  3. Alternate credentials
  4. certificate
Correct answer: A
Explanation:
Note: PAT Supported only on Azure Pipelines and TFS 2017 and newer. After you choose PAT, paste the PAT token you created into the command prompt window. Use a personal access token (PAT) if your Azure DevOps Server or TFS instance and the agent machine are not in a trusted domain. PAT authentication is handled by your Azure DevOps Server or TFS instance instead of the domain controller.    Reference: https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/v2-linux
Note: PAT Supported only on Azure Pipelines and TFS 2017 and newer. After you choose PAT, paste the PAT token you created into the command prompt window. Use a personal access token (PAT) if your Azure DevOps Server or TFS instance and the agent machine are not in a trusted domain. PAT authentication is handled by your Azure DevOps Server or TFS instance instead of the domain controller.  
  
Reference: 
https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/v2-linux



Question 6

You are building a Microsoft ASP.NET application that requires authentication.  
You need to authenticate users by using Azure Active Directory (Azure AD).  
What should you do first?


  1. Assign an enterprise application to users and groups
  2. Create an app registration in Azure AD
  3. Configure the application to use a SAML endpoint
  4. Create a new OAuth token from the application
  5. Create a membership database in an Azure SQL database
Correct answer: B
Explanation:
Register your application to use Azure Active Directory. Registering the application means that your developers can use Azure AD to authenticate users and request access to user resources such as email, calendar, and documents.    Reference: https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/developer-guidance-for-integrating-applications
Register your application to use Azure Active Directory. Registering the application means that your developers can use Azure AD to authenticate users and request access to user resources such as email, calendar, and documents.  
  
Reference: 
https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/developer-guidance-for-integrating-applications



Question 7

You have an Azure DevOps organization named Contoso.    
You need to recommend an authentication mechanism that meets the following requirements:   
  • Supports authentication from Git.  
  • Minimizes the need to provide credentials during authentication.    
What should you recommend?


  1. personal access tokens (PATs) in Azure DevOps
  2. Alternate credentials in Azure DevOps
  3. user accounts in Azure Active Directory (Azure AD)
  4. managed identities in Azure Active Directory (Azure AD)
Correct answer: A
Explanation:
Personal access tokens (PATs) give you access to Azure DevOps and Team Foundation Server (TFS), without using your username and password directly.  These tokens have an expiration date from when they're created. You can restrict the scope of the data they can access. Use PATs to authenticate if you don't already have SSH keys set up on your system or if you need to restrict the permissions that are granted by the credential.    Incorrect Answers: B: Azure DevOps no longer supports Alternate Credentials authentication since the beginning of March 2, 2020. If you're still using Alternate Credentials, we [Microsoft] strongly encourage you to switch to a more secure authentication method (for example, personal access tokens).    Reference: https://docs.microsoft.com/en-us/azure/devops/repos/git/auth-overview
Personal access tokens (PATs) give you access to Azure DevOps and Team Foundation Server (TFS), without using your username and password directly.  
These tokens have an expiration date from when they're created. You can restrict the scope of the data they can access. Use PATs to authenticate if you don't already have SSH keys set up on your system or if you need to restrict the permissions that are granted by the credential.  
  
Incorrect Answers: 
B: Azure DevOps no longer supports Alternate Credentials authentication since the beginning of March 2, 2020. If you're still using Alternate Credentials, we [Microsoft] strongly encourage you to switch to a more secure authentication method (for example, personal access tokens).  
  
Reference: 
https://docs.microsoft.com/en-us/azure/devops/repos/git/auth-overview



Question 8

You have an application that consists of several Azure App Service web apps and Azure functions.  
You need to assess the security of the web apps and the functions.  
Which Azure feature can you use to provide a recommendation for the security of the application?  


  1. Security & Compliance in Azure Log Analytics
  2. Resource health in Azure Service Health
  3. Smart Detection in Azure Application Insights
  4. Compute & apps in Azure Security Center
Correct answer: D
Explanation:
Monitor compute and app services: Compute & apps include the App Services tab, which App services: list of your App service environments and current security state of each.    Recommendations  This section has a set of recommendations for each VM and computer, web and worker roles, Azure App Service Web Apps, and Azure App Service Environment that Security Center monitors. The first column lists the recommendation. The second column shows the total number of resources that are affected by that recommendation. The third column shows the severity of the issue.    Incorrect Answers: C: Smart Detection automatically warns you of potential performance problems, not security problems in your web application.   Reference: https://docs.microsoft.com/en-us/azure/azure-monitor/app/proactive-diagnostics
Monitor compute and app services: Compute & apps include the App Services tab, which App services: list of your App service environments and current security state of each.  
  
Recommendations  
This section has a set of recommendations for each VM and computer, web and worker roles, Azure App Service Web Apps, and Azure App Service Environment that Security Center monitors. The first column lists the recommendation. The second column shows the total number of resources that are affected by that recommendation. The third column shows the severity of the issue.  
  
Incorrect Answers: 
C: Smart Detection automatically warns you of potential performance problems, not security problems in your web application. 
  
Reference: 
https://docs.microsoft.com/en-us/azure/azure-monitor/app/proactive-diagnostics



Question 9

You need to ensure that an Azure web app named az400-9940427-main can retrieve secrets from an Azure key vault named az400-9940427-kv1 by using a system managed identity.    
The solution must use the principle of least privilege.  
To complete this task, sign in to the Microsoft Azure portal.


  1. See the explanation
Correct answer: A
Explanation:
1. In Azure portal navigate to the az400-9940427-main app.  2. Scroll down to the Settings group in the left navigation.  3. Select Managed identity.  4. Within the System assigned tab, switch Status to On. Click Save.              Reference: https://docs.microsoft.com/en-us/azure/app-service/overview-managed-identity
1. In Azure portal navigate to the az400-9940427-main app.  
2. Scroll down to the Settings group in the left navigation.  
3. Select Managed identity.  
4. Within the System assigned tab, switch Status to On. Click Save.  
        
    
Reference: 
https://docs.microsoft.com/en-us/azure/app-service/overview-managed-identity



Question 10

You create a Microsoft ASP.NET Core application.    
You plan to use Azure Key Vault to provide secrets to the application as configuration data.    
You need to create a Key Vault access policy to assign secret permissions to the application. The solution must use the principle of least privilege.  
Which secret permissions should you use?


  1. List only
  2. Get only
  3. Get and List
Correct answer: B
Explanation:
Application data plane permissions: Keys: sign Secrets: get   Reference: https://docs.microsoft.com/en-us/azure/key-vault/key-vault-secure-your-key-vault
Application data plane permissions: 
  • Keys: sign 
  • Secrets: get 
  
Reference: 
https://docs.microsoft.com/en-us/azure/key-vault/key-vault-secure-your-key-vault









CONNECT US

Facebook

Twitter

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!

Get Now!


HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files