Practice Free AZ-400 Exam Online Questions
You use a Git repository in Azure Repos to manage the source code of a web application. Developers commit changes directly to the master branch.
You need to implement a change management procedure that meets the following requirements:
✑ The master branch must be protected, and new changes must be built in the feature branches first.
✑ Changes must be reviewed and approved by at least one release manager before each merge.
✑ Changes must be brought into the master branch by using pull requests.
What should you configure in Azure Repos?
- A . branch policies of the master branch
- B . Services in Project Settings
- C . Deployment pools in Project Settings
- D . branch security of the master branch
A
Explanation:
Branch policies help teams protect their important branches of development. Policies enforce your team’s
code quality and change management standards.
Reference: https://docs.microsoft.com/en-us/azure/devops/repos/git/branch-policies
You have an Azure key vault named KV1 and three web servers. You plan to deploy an app named App1 to the web server. You need to ensure that App1 can retrieve a secret from KV1.
The solution must meet the following requirements:
• Minimize the number of permission grants required
• Follow the principle of least privilege.
What should you include in the solution?
- A . role-based access control (RBAQ permissions
- B . a system-assigned managed identity
- C . a user-assigned managed identity
- D . a service principal
You have an Azure key vault named KV1 and three web servers. You plan to deploy an app named App1 to the web server. You need to ensure that App1 can retrieve a secret from KV1.
The solution must meet the following requirements:
• Minimize the number of permission grants required
• Follow the principle of least privilege.
What should you include in the solution?
- A . role-based access control (RBAQ permissions
- B . a system-assigned managed identity
- C . a user-assigned managed identity
- D . a service principal
You have an existing project in Azure DevOps.
You plan to integrate GitHub as the repository for the project
You need to ensure that Azure Pipelines runs under the Azure Pipelines identity.
Which authentication mechanism should you use?
- A . GitHubApp
- B . OAuth
- C . personal access token (PAT)
- D . Azure Active Directory (Azure AD)
A
Explanation:
GitHub App uses the Azure Pipelines identity.
Reference: https://docs.microsoft.com/en-us/azure/devops/pipelines/repos/github
SIMULATION
You plane to store signed images in an Azure Container Registry instance named az4009940427acr1.
You need to modify the SKU for az4009940427acr1 to support the planned images. The solution must minimize costs.
To complete this task, sign in to the Microsoft Azure portal.
You have an Azure subscription. The subscription contains virtual machines that run either Windows Server or Linux.
You plan to use Prometheus to monitor performance metrics.
You need to integrate Prometheus and Azure Monitor.
Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
- A . Install a Prometheus server on a Windows virtual machine in Azure.
- B . On each virtual machine, expose the metrics endpoint.
- C . On each virtual machine, enable the Azure Diagnostics extension.
- D . On each virtual machine, enable the containerized agent for Azure Monitor.
- E . Expose a virtual network service endpoint for Azure Storage.
- F . Install a Prometheus server on a Linux virtual machine in Azure.
You plan to share packages that you wrote, tested, validated, and deployed by using Azure Artifacts.
You need to release multiple builds of each package by using a single feed. The solution must limit the release of packages that are in development.
What should you use?
- A . global symbols
- B . local symbols
- C . upstream sources
- D . views
C
Explanation:
Views enable you to share subsets of the NuGet, npm, Maven, Python and Universal Packages package-versions in your feed with consumers. A common use for views is to share package versions that have been tested, validated, or deployed but hold back packages still under development and packages that didn’t meet a quality bar.
https://docs.microsoft.com/en-us/azure/devops/artifacts/concepts/views?view=azure-devops
You have an Azure DevOps organization named Contoso, an Azure DevOps project named Project1, an Azure subscription named Sub1, and an Azure key vault named vault1.
You need to ensure that you can reference the values of the secrets stored in vault1 in all the pipelines of
Project1. The solution must prevent the values from being stored in the pipelines.
What should you do?
- A . Create a variable group in Project1.
- B . Add a secure file to Project1.
- C . Modify the security settings of the pipelines.
- D . Configure the security policy of Contoso.
A
Explanation:
Use a variable group to store values that you want to control and make available across multiple pipelines.
Reference:
https://docs.microsoft.com/en-us/azure/devops/pipelines/library/variable-groups
https://docs.microsoft.com/en-us/azure/devops/pipelines/library/variable-groups?view=azure-devops&tabs=yaml#link-secrets-from-an-azure-key-vault
You have an Azure DevOps organization named Contoso, an Azure DevOps project named Project1, an Azure subscription named Sub1, and an Azure key vault named vault1.
You need to ensure that you can reference the values of the secrets stored in vault1 in all the pipelines of
Project1. The solution must prevent the values from being stored in the pipelines.
What should you do?
- A . Create a variable group in Project1.
- B . Add a secure file to Project1.
- C . Modify the security settings of the pipelines.
- D . Configure the security policy of Contoso.
A
Explanation:
Use a variable group to store values that you want to control and make available across multiple pipelines.
Reference:
https://docs.microsoft.com/en-us/azure/devops/pipelines/library/variable-groups
https://docs.microsoft.com/en-us/azure/devops/pipelines/library/variable-groups?view=azure-devops&tabs=yaml#link-secrets-from-an-azure-key-vault
SIMULATION
You manage a website that uses an Azure SQL Database named db1 in a resource group named RG1lod11566895.
You need to modify the SQL database to protect against SQL injection.
To complete this task, sign in to the Microsoft Azure portal.