• Home
  • Articles
  • [Q277-Q301] Ensure Success With Updated Verified AZ-400 Exam Dumps [2024]

[Q277-Q301] Ensure Success With Updated Verified AZ-400 Exam Dumps [2024]

Share

Ensure Success With Updated Verified AZ-400 Exam Dumps [2024]

Exam Materials for You to Prepare & Pass AZ-400 Exam.


The Microsoft AZ-400 exam consists of 40-60 multiple-choice and multiple-response questions, which have to be completed within two hours. The cost of the exam is $165 USD, and there is a 15% discount available for Microsoft Certified Professionals (MCPs). The passing score for the exam is 700 out of 1000 points.

 

NEW QUESTION # 277
You have a GitHub repository that is integrated with Azure Boards Azure Boards has a work item that has the number 715.
You need to ensure that when you commit source code in GitHub, the work item is updated automatically.
What should you include in the commit comments?

  • A. the URL of the work item
  • B. AB#715
  • C. =715
  • D. @714

Answer: C


NEW QUESTION # 278
You are designing a strategy to monitor the baseline metrics of Azure virtual machines that run Windows Server. You need to collect detailed data about the processes running in the guest operating system. Which two agents should you deploy? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

  • A. the Dependency agent
  • B. the Azure Log Analytics agent
  • C. the Azure Network Watcher Agent for Windows
  • D. the Telegraf agent

Answer: A,B

Explanation:
The following table provide a quick comparison of the Azure Monitor agents for Windows.

Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/agents-overview


NEW QUESTION # 279
You have an application that consists of several Azure App Service web apps and Azure functions.
You need to access the security of the web apps and the functions.
Which Azure features can you use to provide a recommendation for the security of the application?

  • A. Compute & apps in Azure Security Center
  • B. Resource health in Azure Service Health
  • C. Smart Detection in Azure Application Insights
  • D. Security & Compliance in Azure Log Analytics

Answer: A

Explanation:
Monitor compute and app services: Compute & apps include the App Services tab, which App services: list of your App service environments and current security state of each.
Recommendations
This section has a set of recommendations for each VM and computer, web and worker roles, Azure App Service Web Apps, and Azure App Service Environment that Security Center monitors. The first column lists the recommendation. The second column shows the total number of resources that are affected by that recommendation. The third column shows the severity of the issue.


NEW QUESTION # 280
You have an Azure subscription that uses Azure Automation State Configuration to manage the configuration of virtual machines.
You need to identify which nodes are noncompliant.
How should you complete the query? To answer, drag the appropriate values to the correct targets. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation
Graphical user interface, text Description automatically generated

https://learn.microsoft.com/fr-fr/azure/automation/automation-dsc-diagnostics


NEW QUESTION # 281
Your company deploys applications in Docker containers.
You want to detect known exploits in the Docker images used to provision the Docker containers.
You need to integrate image scanning into the application lifecycle. The solution must expose the exploits as early as possible during the application lifecycle.
What should you configure?

  • A. manual tasks performed during the planned phase and the deployment phase
  • B. a task executed in the continuous deployment pipeline and a scheduled task against a running production container
  • C. a task executed in the continuous integration pipeline and a scheduled task that analyzes the production container
  • D. a task executed in the continuous integration pipeline and a scheduled task that analyzes the image registry

Answer: D

Explanation:
Explanation/Reference:
Explanation:
You can use the Docker task to sign into ACR and then use a subsequent script to pull an image and scan the container image for vulnerabilities.
Use the docker task in a build or release pipeline. This task can be used with Docker or Azure Container registry.
Incorrect Answers:
C: We should not wait until deployment. We want to detect the exploits as early as possible.
D: We should wait until the image is in the product container. We want to detect the exploits as early as possible.
References: https://docs.microsoft.com/en-us/azure/devops/articles/security-validation-cicd-pipeline?
view=vsts


NEW QUESTION # 282
You use Get for source control. You have an app named Appt.
In the main branch. you need to restore the third most recent revision of a file named App.exe.config .
How should you complete command?

Answer:

Explanation:

Explanation:


NEW QUESTION # 283
Your company has an Azure DevOps project,
The source code for the project is stored in an on-premises repository and uses on an on-premises build server.
You plan to use Azure DevOps to control the build process on the build server by using a self-hosted agent.
You need to implement the self-hosted agent.
You download and install the agent on the build server.
Which two actions should you perform next? Each correct answer presents part of the solution.

  • A. From Azure, create a shared access signature (SAS).
  • B. From the build server, run config.cmd.
  • C. From the build server, create a certificate, and then upload the certificate to Azure Key Vault.
  • D. From DevOps, create a personal access token (PAT).
  • E. From the build server, create a certificate, and then upload the certificate to Azure Storage.

Answer: B,E

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/certificate


NEW QUESTION # 284
Your company uses a Git source-code repository.
You plan to implement GitFlow as a workflow strategy.
You need to identify which branch types are used for production code and preproduction code in the strategy.
Which branch type should you identify for each code type? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://medium.com/@patrickporto/4-branching-workflows-for-git-30d0aaee7bf


NEW QUESTION # 285
Your company has an Azure subscription.
The company requires that all resource group in the subscription have a tag named organization set to a value of Contoso.
You need to implement a policy to meet the tagging requirement.
How should you complete the policy? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/governance/policy/samples/enforce-tag-on-resource-groups


NEW QUESTION # 286
You have an Azure DevOps project that contains a release pipeline and a Git repository.
When a new code revision is committed to the repository, a build and release is triggered.
You need to ensure that release information for the pipeline is added automatically to the work items associated to the Get commit.
What should you do?

  • A. Modify the post-deployment conditions for the last stage of the pipeline.
  • B. Modify the Integrations options for the pipeline.
  • C. Modify the service hooks for the project.
  • D. Add an agentless job to the pipeline.

Answer: C

Explanation:
Explanation
Service hooks in Azure DevOps allow you to trigger actions in other tools based on events that occur in your Azure DevOps project. To automatically add release information to work items associated with a Get commit, you would need to configure a service hook that listens for commit events in your Get repository, and then sends the release information to the appropriate work items.
Here's the steps you can follow to set up a service hook for this purpose:
In your Azure DevOps project, navigate to the project settings by clicking on the gear icon in the top right corner of the page.
Select "Service Hooks" from the left-hand menu.
Click on the "New Subscription" button to create a new service hook.
In the "Event" drop-down menu, select "Code pushed" to trigger the service hook when a new code revision is committed to the repository.
In the "Actions" section, select the action that you want to take place when the service hook is triggered.
For example, you might use the "Link work items to commits" action to automatically associate work items with the relevant commits.
Configure the remaining settings as needed, and then click on the "Create" button to create the service hook.
You can find more information on Service hooks in Azure DevOps by following this link
https://docs.microsoft.com/en-us/azure/devops/service-hooks/overview?view=azure-devops


NEW QUESTION # 287
You are building an application that has the following assets:
* Source code
* Logs from automated tests and builds
* Large and frequently updated binary assets
* A common library used by multiple applications
Where should you store each asset? To answer, drag the appropriate Azure services to the correct assets. Each service may be used once. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Box 1: Azure Repos
Box 2: Azure Artifacts
Use Azure Artifacts to create, host, and share packages with your team.
Box 3: Azure Pipelines
In the pipeline view you can see all the stages and associated tests. The view provides a summary of the test results Box 4: Azure Storage Reference:
https://docs.microsoft.com/en-us/azure/devops/repos/get-started/what-is-repos
https://azure.microsoft.com/en-us/services/devops/artifacts/
https://docs.microsoft.com/en-us/azure/devops/pipelines/test/review-continuous-test-results-after-build


NEW QUESTION # 288
You need to configure access to Azure DevOps Agent pools to meet the forwarding requirements:
* Use a project agent pool when authoring build release pipelines.
* View the agent pool and agents of the organization.
* Use the principle of least privilege.
Which role memberships are required for the Azure 0e%Oos organization and the project? To answer, drag the appropriate role membership to the correct targets. Each role membership may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to content NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:
References:
https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/pools-queues


NEW QUESTION # 289
Your company plans to implement a new compliance strategy that will require all Azure web apps to be backed up every five hours.
You need to back up an Azure web app named az400-11566895-main every five hours to an Azure Storage account in your resource group.
To complete this task, sign in to the Microsoft Azure portal.

Answer:

Explanation:
See solution below.
Explanation
With the storage account ready, you can configure backs up in the web app or App Service.
* Open the App Service az400-11566895-main, which you want to protect, in the Azure Portal and browse to Settings > Backups. Click Configure and a Backup Configuration blade should appear.
* Select the storage account.
* Click + to create a private container. You could name this container after the web app or App Service.
* Select the container.
* If you want to schedule backups, then set Scheduled Backup to On and configure a schedule: every five hours
* Select your retention. Note that 0 means never delete backups.
* Decide if at least one backup should always be retained.
* Choose if any connected databases should be included in the web app backup.
* Click Save to finalize the backup configuration.

Reference:
https://petri.com/backing-azure-app-service


NEW QUESTION # 290
You have an Azure Repos repository named repo1.
You need to clone repo1. The solution must clone only a directory named src/web.
How should you complete the script? To answer, drag the appropriate values to the correct targets,Each value may be used once, more than once, or not at all. You may need to drag the spirt bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point

Answer:

Explanation:


NEW QUESTION # 291
You have a web app hosted on Azure App Service. The web app stores data in an Azure SQL database.
You need to generate an alert when there are 10,000 simultaneous connections to the database. The solution must minimize deve4opment effort.
Which option should you select in the Diagnostics settings of the database?

  • A. Send to Log Analytics
  • B. Archive to m storage account
  • C. Stream to an event hub

Answer: A

Explanation:
ENABLE DIAGNOSTICS TO LOG ANALYTICS
This configuration is done PER DATABASE
1. Click on Diagnostics Settings and then Turn On Diagnostics

2. Select to Send to Log Analytics and select the Log Analytics workspace. For this sample I will selected only Errors

Reference:
https://techcommunity.microsoft.com/t5/azure-database-support-blog/azure-sql-db-and-log-analytics-better- together-part-1/ba-p/794833


NEW QUESTION # 292
You need to ensure that the https://contoso.com/statushook webhook is called every time a repository named az40010480345acr1 receives a new version of an image named dotnetapp.
To complete this task, sign in to the Microsoft Azure portal.

Answer:

Explanation:
See solution below.
Explanation
* Sign in to the Azure portal.
* Navigate to the container registry az40010480345acr1.
* Under Services, select Webhooks.
* Select the existing webhook https://contoso.com/statushook, and double-click on it to get its properties.
* For Trigger actions select image push
Example web hook:

Reference:
https://docs.microsoft.com/en-us/azure/container-registry/container-registry-webhook


NEW QUESTION # 293
You are building a Microsoft ASP.NET application that requires authentication. You need to authenticate users by using Azure Active Directory (Azure AD). What should you do first?

  • A. Assign an enterprise application to users and groups.
  • B. Configure the application to use a SAML endpoint.
  • C. Create a new OAuth token from the application.
  • D. Create an app registration in Azure AD.
  • E. Create a membership database in an Azure SQL database.

Answer: D

Explanation:
Register your application to use Azure Active Directory. Registering the application means that your developers can use Azure AD to authenticate users and request access to user resources such as email, calendar, and documents.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/developer-guidance-for-integrating-applications


NEW QUESTION # 294
You need to recommend a procedure to implement the build agent for Project1.
Which three actions should you recommend be performed in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation:

Explanation

Scenario:

Step 1: Sign in to Azure Develops by using an account that is assigned the Administrator service connection security role.
Note: Under Agent Phase, click Deploy Service Fabric Application. Click Docker Settings and then click Configure Docker settings. In Registry Credentials Source, select Azure Resource Manager Service Connection. Then select your Azure subscription.
Step 2: Create a personal access token..
A personal access token or PAT is required so that a machine can join the pool created with the Agent Pools (read, manage) scope.
Step 3: Install and register the Azure Pipelines agent on an Azure virtual machine.
By running a Azure Pipeline agent in the cluster, we make it possible to test any service, regardless of type.
References:
https://docs.microsoft.com/en-us/azure/service-fabric/service-fabric-tutorial-deploy-container-app-with-cicd-vsts
https://mohitgoyal.co/2019/01/10/run-azure-devops-private-agents-in-kubernetes-clusters/


NEW QUESTION # 295
You need to implement the code flow strategy for Project2 in Azure DevOps.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange in the correct order.

Answer:

Explanation:

Explanation

Step 1: Create a repository
A Git repository, or repo, is a folder that you've told Git to help you track file changes in. You can have any number of repos on your computer, each stored in their own folder.
Step 2: Create a branch
Branch policies help teams protect their important branches of development. Policies enforce your team's code quality and change management standards.
Step 3: Add a build validation policy
When a build validation policy is enabled, a new build is queued when a new pull request is created or when changes are pushed to an existing pull request targeting this branch. The build policy then evaluates the results of the build to determine whether the pull request can be completed.
Scenario:
Implement a code flow strategy for Project2 that will:
Enable Team2 to submit pull requests for Project2.
Enable Team2 to work independently on changes to a copy of Project2.
Ensure that any intermediary changes performed by Team2 on a copy of Project2 will be subject to the same restrictions as the ones defined in the build policy of Project2.

References: https://docs.microsoft.com/en-us/azure/devops/repos/git/manage-your-branches


NEW QUESTION # 296
You are configuring an Azure DevOps deployment pipeline. The deployed application will authenticate to a web service by using a secret stored in an Azure key vault.
You need to use the secret in the deployment pipeline.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation:

Explanation
Creating a service principal
Creating a key vault
Check the Azure Pipeline


NEW QUESTION # 297
You need to create a virtual machine template in an Azure DevTest Labs environment named az400-9940427-dtl1. The template must be based on Windows Server 2016 Datacenter. Virtual machines created from the template must include the selenium tool and the Google Chrome browser.
To complete this task, sign in to the Microsoft Azure portal.

Answer:

Explanation:
see the answer below
Explanation:
1. Open Microsoft Azure Portal
2. Select All Services, and then select DevTest Labs in the DEVOPS section.

3. From the list of labs, select the az400-9940427-dtl1 lab
4. On the home page for your lab, select + Add on the toolbar.
5. Select the Windows Server 2016 Datacenter base image for the VM.
6. Select automation options at the bottom of the page above the Submit button.
7. You see the Azure Resource Manager template for creating the virtual machine.
8. The JSON segment in the resources section has the definition for the image type you selected earlier.
Reference:
https://docs.microsoft.com/bs-cyrl-ba/azure//lab-services/devtest-lab-vm-powershell


NEW QUESTION # 298
Your company has an on-premises Bitbucket Server that is used for Git-based source control. The server is protected by a firewall that blocks inbound Internet traffic.
You plan to use Azure DevOps to manage the build and release processes.
Which two components are required to integrate Azure DevOps and Bitbucket? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  • A. a Microsoft-hosted agent
  • B. an External Git service connection
  • C. a deployment group
  • D. service hooks
  • E. a self-hosted agent

Answer: B,E

Explanation:
Explanation/Reference:
Explanation:
E: GitLab CI/CD can be used with GitHub or any other Git server such as BitBucket. Instead of moving your entire project to GitLab, you can connect your external repository to get the benefits of GitLab CI/CD.
Note: When a pipeline uses a remote, 3rd-party repository host such as Bitbucket Cloud, the repository is configured with webhooks that notify Azure Pipelines Server or TFS when code has changed and a build should be triggered. Since on-premises installations are normally protected behind a firewall, 3rd-party webhooks are unable to reach the on-premises server. As a workaround, you can use the External Git repository type which uses polling instead of webhooks to trigger a build when code has changed.
References: https://docs.microsoft.com/en-us/azure/devops/pipelines/repos/pipeline-options-for-git Testlet 1 Case Study This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other question on this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next sections of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question on this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.
Application Architecture
The company’s primary application is a single monolithic retirement fund management system based on ASP.NET web forms that use logic written in VB.NET. Some new sections of the application are written in C#.
Variations of the application are created for individual customers. Currently, there are more than 80 live code branches in the application’s code base.
The application was developed by using Microsoft Visual Studio. Source code is stored in Team Foundation Server (TFS) in the main office. The branch offices access the source code by using TFS proxy servers.
Architectural Issues
Litware focuses on writing new code for customers. No resources are provided to refactor or remove existing code. Changes to the code base take a long time, as dependencies are not obvious to individual developers.
Merge operations of the code often take months and involve many developers. Code merging frequently introduces bugs that are difficult to locate and resolve.
Customers report that ownership costs of the retirement fund management system increase continually.
The need to merge unrelated code makes even minor code changes expensive.
Customers report that bug reporting is overly complex.
Planned changes
Litware plans to develop a new suite of applications for investment planning. The investment planning applications will require only minor integration with the existing retirement fund management system.
The investment planning applications suite will include one multi-tier web application and two iOS mobile application. One mobile application will be used by employees; the other will be used by customers.
Litware plans to move to a more agile development methodology. Shared code will be extracted into a series of packages.
Litware has started an internal cloud transformation process and plans to use cloud-based services whenever suitable.
Litware wants to become proactive in detecting failures, rather than always waiting for customer bug reports.
Technical requirements
The company’s investment planning applications suite must meet the following requirements:
New incoming connections through the firewall must be minimized.

Members of a group named Developers must be able to install packages.

The principle of least privilege must be used for all permission assignments.

A branching strategy that supports developing new functionality in isolation must be used.

Members of a group named Team Leaders must be able to create new packages and edit the

permissions of package feeds.
Visual Studio App Center must be used to centralize the reporting of mobile application crashes and

device types in use.
By default, all releases must remain available for 30 days, except for production releases, which must

be kept for 60 days.
Code quality and release quality are critical. During release, deployments must not proceed between

stages if any active bugs are logged against the release.
The mobile applications must be able to call the share pricing service of the existing retirement fund

management system. Until the system is upgraded, the service will only support basic authentication over HTTPS.
The required operating system configuration for the test servers changes weekly. Azure Automation

State Configuration must be used to ensure that the operating system on each test server is configured the same way when the servers are created and checked periodically.
Current Technical Issue
The test servers are configured correctly when first deployed, but they experience configuration drift over time. Azure Automation State Configuration fails to correct the configurations.
Azure Automation State Configuration nodes are registered by using the following command.


NEW QUESTION # 299
You have a private distribution group that contains provisioned and unprovisioned devices.
You need to distribute a new iOS application to the distribution group by using Microsoft Visual Studio App Center.
What should you do?

  • A. Create an active subscription in App Center Test.
  • B. Generate a new .p12 file for each device.
  • C. Add the device owner to the collaborators group.
  • D. Select Register devices and sign my app.

Answer: D

Explanation:
The following diagram displays the entire app re-signing flow in App Center.

Reference:
https://docs.microsoft.com/hu-hu/appcenter/distribution/auto-provisioning


NEW QUESTION # 300
Your company plans to implement a new compliance strategy that will require all Azure web apps to be backed up every five hours.
You need to back up an Azure web app named az400-11566895-main every five hours to an Azure Storage account in your resource group.
To complete this task, sign in to the Microsoft Azure portal.

Answer:

Explanation:
See solution below.
Explanation:
With the storage account ready, you can configure backs up in the web app or App Service.
* Open the App Service az400-11566895-main, which you want to protect, in the Azure Portal and browse to Settings > Backups. Click Configure and a Backup Configuration blade should appear.
* Select the storage account.
* Click + to create a private container. You could name this container after the web app or App Service.
* Select the container.
* If you want to schedule backups, then set Scheduled Backup to On and configure a schedule: every five hours
* Select your retention. Note that 0 means never delete backups.
* Decide if at least one backup should always be retained.
* Choose if any connected databases should be included in the web app backup.
* Click Save to finalize the backup configuration.

Reference:
https://petri.com/backing-azure-app-service


NEW QUESTION # 301
......


Microsoft AZ-400 certification exam is an excellent opportunity for professionals to validate their skills and knowledge in DevOps practices and Microsoft technologies. It is a popular certification among individuals who want to enhance their career in software development, operations, testing, and project management. By achieving this certification, candidates can demonstrate their proficiency in designing and implementing DevOps solutions using Azure DevOps and other Microsoft technologies.

 

Updated AZ-400 Certification Exam Sample Questions: https://www.passleadervce.com/Microsoft-Azure/reliable-AZ-400-exam-learning-guide.html

Pass Your AZ-400 Exam at the First Try with 100% Real Exam: https://drive.google.com/open?id=11a0vD6m-_fTKeR_J7F3fHo323VHUlc0n

Related Articles

more
Microsoft AZ-400 Certification Practice Exam