Designing and Implementing Microsoft DevOps Solutions
Exam Details
Exam Code
:AZ-400
Exam Name
:Designing and Implementing Microsoft DevOps Solutions
Certification
:Role-based
Vendor
:Microsoft
Total Questions
:614 Q&As
Last Updated
:Nov 04, 2024
Microsoft Role-based AZ-400 Questions & Answers
Question 1:
DRAG DROP
You have a tenant in Microsoft Azure Active Directory (Azure AD), part of Microsoft Entra. The tenant contains three groups named Group1, Group2, and Group3.
You create a new project in Azure DevOps named Project1.
You need to secure the service connections for Project1. The solution must meet the following requirements:
1.
The members of Group1 must be able to share and unshare a service connection with other projects.
2.
The members of Group2 must be able to rename a service connection and update the description.
3.
The members of Group3 must be able to use the service connection within build or release pipelines.
4.
The principle of least privilege must be followed.
Which permission should you grant to each group? To answer, drag the appropriate permissions to the correct groups. Each permission may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:
Correct Answer:
Box 1: Organization-level Administrator
The members of Group1 must be able to share and unshare a service connection with other projects.
Add members to the Project Collection Administrators group
When you create an organization, you become a member of the Project Collection Administrators group. This group has the authority to manage the organization's settings, policies, and processes. It can also create and manage all the
projects and extensions in the organization.
Incorrect:
* Project-level Administrators Add members to the Project Administrators group The person who creates a project is automatically added as a member to the Project Administrators group. Members of this group have permissions to manage project configuration, repositories, pipeline resources, teams, and all project-level permissions.
It's always a good idea to have more than one person who has administrative privileges. To add a user to this group, see Change permissions at the project level, Add members to the Project Administrators group.
Grant or restrict permissions
Permissions are managed at the following three levels and through role-based assignments.
object
project
organization or collection
As a member of the Project Administrators group, you can grant or restrict permissions for all objects and at the project-level. To delegate specific tasks to others, we recommend that you add them to a built-in or custom security group, or add
them to a specific role.
Box 2: Creator
The members of Group2 must be able to rename a service connection and update the description.
You can create, view, use, and manage a service connection based on your assigned user roles.
Role Creator
Members of this role can create the service connection in the project. Contributors are added as members by default
Box 3: User
The members of Group3 must be able to use the service connection within build or release pipelines.
Role User
Members of this role can use the service connection when authoring build or release pipelines or authorize yaml pipelines.
You plan to use Azure DevOps in development processes.
You identify the following issues with the existing development processes:
1.
Frequent discovery of bugs in production
2.
Increasing detection of bugs by customers
3.
Slow resolution of bugs and slow resumption of production
You need to implement Key Performance Indicators (KPIs) to track each issue.
Which KPI should you implement for each issue? To answer, drag the appropriate KPIs to the correct issues. Each KPI may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:
Correct Answer:
Box 1: Defect Escape Rate Defect Escape Rate
-What percentage of defects are being found in production?
Box 2: Bug Report Rates Bug Report Rates
-You don't want customers finding bugs in your code.
-Is the amount they are finding increasing or decreasing?
Box 3: Application Failure Rates
Application Failure Rates
How often do application failures occur, such as configuration failures, performance timeouts, etc?
Incorrect:
* Deployment Failure Rates
-How often do deployments (and/or applications) fail?
Question 3:
DRAG DROP
You use Semantic Versioning (SemVer) as a dependency versioning strategy.
You perform changes to code as shown in the following table.
Which part of the version should you increment for each change? To answer, drag the appropriate parts to the correct changes. Each part may be used once, more than once, or not at all. You may need to drag the split bar between panes or
scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:
Correct Answer:
Box 1: Minor New functionality: Yes Change: Minor
Minor version Y (x.Y.z | x > 0) MUST be incremented if new, backward compatible functionality is introduced to the public API.
Note: Given a version number MAJOR.MINOR.PATCH, increment the:
MAJOR version when you make incompatible API changes MINOR version when you add functionality in a backward compatible manner PATCH version when you make backward compatible bug fixes Additional labels for pre-release and build metadata are available as extensions to the MAJOR.MINOR.PATCH format.
Box 2: Major New functionality: Yes Change: Significant
Major version zero (0.y.z) is for initial development. Anything MAY change at any time. The public API SHOULD NOT be considered stable.
Box 3: Patch New functionality: No Change: Minor
Patch version Z (x.y.Z | x > 0) MUST be incremented if only backward compatible bug fixes are introduced. A bug fix is defined as an internal change that fixes incorrect behavior.
Question 4:
DRAG DROP
You have a GitHub repository named repo1 that stores the code of an app named App1. You need deploy a workflow for repo1 by using GitHub Actions. The solution must meet the following requirements:
1.
Scan on pushes to the main branch.
2.
Scan on pull requests to the main branch.
3.
Scan on pull requests to any branch that has a prefix of releases/.
4.
Scan all the files in the subdirectories of the src directory.
How should you complete the code? To answer, drag he appropriate values to the correct targets. Each value may be used once, more than once, or not at all.
Select and Place:
Correct Answer:
Box 1: -'releases/**'
Scan on pull requests to any branch that has a prefix of releases/.
Scan on pull requests to the main branch.
For example, a workflow with the following trigger will only run when the workflow named Build runs on a branch whose name starts with releases/:
on: workflow_run: workflows: ["Build"] types: [requested] branches:
-'releases/**'
Box 2: -'src/**'
Scan all the files in the subdirectories of the src directory.
Box 3: '*.md'
Use the paths-ignore filter when you only want to exclude file path patterns. You cannot use both the paths and paths-ignore filters for the same event in a workflow.
Question 5:
DRAG DROP
You have a project in Azure DevOps named Project that has a release pipeline in Azure Pipeline named ReleaseP1.
You need to ensure that when a new release is generated for ReleaseP1, a new release note document is created. The release notes must contain new features and bug fixes.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
NOTE: More than one order of answer choices is correct. You will receive credit for any of the correct orders you select.
Select and Place:
Correct Answer:
Step 1: Create a personal access token (PAT)
1.
Setup a PAT Token
2.
Secure Access to Tokens
3.
Create Pipeline
4.
Combining with the Azure CLI
To support this, we’ll also need:
A service-connection from Azure DevOps to Azure (a Service Principal with access to our Azure Subscription) (Step 2)
Step 2: Create a service principal
Step 3: Create a PowerShell task in ReleaseP1 that writes the retrieved data to a markdown file.
Question 6:
DRAG DROP
You use an Azure pipeline to build a .NET app that has NuGet dependencies.
You need to ensure that the pipeline caches required NuGet packages.
How should you configure the pipeline? To answer, drag the appropriate values to the correct targets. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
We'll need to create a pipeline variable to point to the location of our packages on the agent running the pipeline.
In this example, the content of the packages.lock.json will be hashed to produce a dynamic cache key. This ensures that every time the file is modified, a new cache key is generated.
You have a web app named App1 that uses Application Insights in Azure Monitor.
You need to compare the hourly CPU usage of App1 from the last 24 hours. The solution must include a graph that has a threshold line at 75 percent.
How should you complete the query? To answer, drag the appropriate values to the correct targets. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:
Correct Answer:
Box 1: bin(TimeGenerated, 1h)
Reference line
A reference line can help you easily identify whether the metric exceeded a specific threshold. To add a line to a chart, extend the dataset by adding a constant column:
Perf
| where TimeGenerated > ago(1d)
| where CounterName == "% Processor Time"
| summarize avg(CounterValue), percentiles(CounterValue, 50, 95) by bin(TimeGenerated, 1h)
You have an Azure Pipelines application CI/CD pipeline named Pipeline1.
You need to add OWASP ZAP testing to Pipeline1.
Which four actions should you add to Pipeline1 in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:
Correct Answer:
Step 1: Start the container How will you be able to test your app? First, you need to run your application which was containerized before in detached mode on a specific port so that the Owasp Zap scanner can perform attacks on that port and scan your app
Step 2: Run the baseline Then run Owasp Zap container. Be careful NOT to run it in detached mode
Here, as can be seen it runs a Full Scan which runs the ZAP spider against the target. This means that the script performs “real attacks” and can run for a long period of time. Not ideally suited for CI, but is a useful tool for release-gates.
You can change the scan type to Baseline Scan by changing zap-full-scan.py to zap-baseline.py in the code above. Baseline Scan runs the ZAP spider against the target for 1 minute, meaning that the script doesn't perform any “real attacks”.
This scan runs on the pool agent. That is why you needed to run your application on this host in order for Owasp to scan it via the container port.
Step 3: Run an active scan
Step 4: Report the results
We need a PowerShell script to convert the report file
The ZAP scanner includes several reporting options. None of which are useful to teams. With the help of powershell script below, we will be able to obtain a much more useful report.
Last but not least, add a Publish Test Results task to convert the report file into Nunit format
-task: PublishTestResults@2 displayName: 'Publish Test Results' inputs:
testResultsFormat: 'NUnit'
testResultsFiles: 'converted_report.xml'
Reference:
Question 9:
DRAG DROP
You are implementing a new project in Azure DevOps.
You need to assess the performance of the project. The solution must identify the following metrics:
How long it takes to complete a work item
The percentage of defects found in production
Which DevOps KPI should you review for each metric? To answer, drag the appropriate KPIs to the correct metrics. Each KPI may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to
view content.
NOTE: Each correct selection is worth one point.
Select and Place:
Correct Answer:
Question 10:
DRAG DROP
You have a web app named App1 that uses Application Insights in Azure Monitor.
You need to compare the hourly CPU usage of App1 from the last 24 hours. The solution must include a graph that has a threshold line at 75 percent.
How should you complete the query? To answer, drag the appropriate values to the correct targets. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:
Correct Answer:
Box 1: bin(TimeGenerated, 1h)
Reference line
A reference line can help you easily identify whether the metric exceeded a specific threshold. To add a line to a chart, extend the dataset by adding a constant column:
Perf
| where TimeGenerated > ago(1d)
| where CounterName == "% Processor Time"
| summarize avg(CounterValue), percentiles(CounterValue, 50, 95) by bin(TimeGenerated, 1h)
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Microsoft exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your AZ-400 exam preparations and Microsoft certification application, do not hesitate to visit our Vcedump.com to find your solutions here.