Practice Free AZ-400 Exam Online Questions
SIMULATION
Task 7
You need to prepare a network security group (NSG) named az400 38443478 nsgl to host an Azure
DevOps pipeline agent. The solution must allow only the required outbound port for Azure DevOps and deny all other inbound and outbound access to the Internet
Navigate to the Azure Portal.
Go toNetwork Security Groupsand click on+ Create.
Fill in the details, including the nameaz400-38443478-nsg1, and create the NSG.
ConfigureOutbound Security Rules:
Once the NSG is created, go to its settings.
Navigate toOutbound security rules.
Click on+ Addto create a new rule.
Set theDestination port rangesto443, which is the required port for Azure DevOps12.
Set theProtocoltoTCP.
Set theActiontoAllow.
Assign aPrioritynumber (e.g.,100) that does not conflict with existing rules. Provide a meaningfulNamefor the rule (e.g.,AllowAzureDevOps). Configure Default Rules to Deny All Other Traffic:
In the sameOutbound security rulessection, edit the default rule to deny all traffic.
Change theActiontoDenyfor the rule with the lowest priority (highest number).
Ensure that this rule applies to all protocols, source and destination IP ranges, and port ranges.
Associate the NSG with the Appropriate Resource:
Associate the NSGwith the subnet or network interface of the virtual machine or resource where the Azure DevOps pipeline agent will be hosted.
By following these steps, you will ensure that the Azure DevOps pipeline agent can communicate with Azure DevOps services over the required port while blocking all other inbound and outbound Internet access, adhering to the principle of least privilege and security best practices.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You manage a project in Azure DevOps.
You need to prevent the configuration of the project from changing over time.
Solution: Add a code coverage step to the build pipelines.
Does this meet the goal?
- A . Yes
- B . No
B
Explanation:
Instead implement Continuous Assurance for the project.
Reference: https://azsk.azurewebsites.net/04-Continous-Assurance/Readme.html
DRAG DROP
You have a project in Azure DevOps named Project1 that contains two Azure DevOps pipelines named Pipeline1 and Pipeline2.
You need to ensure that Pipeline1 can deploy code successfully to an Azure web app named webapp1. The solution must ensure that Pipeline2 does not have permission to webapp1.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/devops/pipelines/library/connect-to-azure?view=azure-devops
You use Azure Pipelines to build and release application code, The pipelines include validation tests that must be completed successfully before deployment proceeds from the test stage to production.
You discover inconsistent test outcomes for the same source code.
You need to validate the test logic.
What should you do?
- A . Decrease the test pass rate.
- B . Configure a parallel test runner.
- C . Enable flaky test detection.
- D . Install the Analytics extension.
You use Azure Pipelines to build and release application code, The pipelines include validation tests that must be completed successfully before deployment proceeds from the test stage to production.
You discover inconsistent test outcomes for the same source code.
You need to validate the test logic.
What should you do?
- A . Decrease the test pass rate.
- B . Configure a parallel test runner.
- C . Enable flaky test detection.
- D . Install the Analytics extension.
You use Azure Pipelines to build and release application code, The pipelines include validation tests that must be completed successfully before deployment proceeds from the test stage to production.
You discover inconsistent test outcomes for the same source code.
You need to validate the test logic.
What should you do?
- A . Decrease the test pass rate.
- B . Configure a parallel test runner.
- C . Enable flaky test detection.
- D . Install the Analytics extension.
You use Azure Pipelines to build and release application code, The pipelines include validation tests that must be completed successfully before deployment proceeds from the test stage to production.
You discover inconsistent test outcomes for the same source code.
You need to validate the test logic.
What should you do?
- A . Decrease the test pass rate.
- B . Configure a parallel test runner.
- C . Enable flaky test detection.
- D . Install the Analytics extension.
Your company is concerned that when developers introduce open source libraries, it creates licensing compliance issues.
You need to add an automated process to the build pipeline to detect when common open source libraries are added to the code base.
What should you use?
- A . SourceGear Vault
- B . Jenkins
- C . Microsoft Visual SourceSafe
- D . WhiteSource Bolt
D
Explanation:
WhiteSource provides WhiteSource Bolt, a lightweight open source security and management solution developed specifically for integration with Azure DevOps and Azure DevOps Server.
Note: WhiteSource is the leader in continuous open source software securityand compliance management. WhiteSource integrates into your build process, irrespective of your programming languages, build tools, or development environments. It works automatically, continuously, and silently in the background, checking the security, licensing, and quality of your open source components against WhiteSource constantly-updated definitive database of open source repositories.
Reference: https://www.azuredevopslabs.com/labs/vstsextend/whitesource/
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an approval process that contains a condition. The condition requires that releases be approved by a team leader before they are deployed.
You have a policy stating that approvals must occur within eight hours.
You discover that deployment fail if the approvals take longer than two hours.
You need to ensure that the deployments only fail if the approvals take longer than eight hours.
Solution: From Pre-deployment conditions, you modify the Time between re-evaluation of gates
option.
Does this meet the goal?
- A . Yes
- B . No
B
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/devops/pipelines/release/approvals/gates
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an approval process that contains a condition. The condition requires that releases be approved by a team leader before they are deployed.
You have a policy stating that approvals must occur within eight hours.
You discover that deployment fail if the approvals take longer than two hours.
You need to ensure that the deployments only fail if the approvals take longer than eight hours.
Solution: From Pre-deployment conditions, you modify the Time between re-evaluation of gates
option.
Does this meet the goal?
- A . Yes
- B . No
B
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/devops/pipelines/release/approvals/gates