Microsoft Microsoft Certifications AZ-400 Questions & Answers

• Question 31:

  You manage source control by using GitHub.

  You have a file named Data.txt that contains sensitive data. A user pushes Data.txt to a repository.

  You need to purge the file from the repository.

  Which two commands can you use? Each correct answer presents a complete solution.

  NOTE: Each correct solution is worth one point.

  A. git checkout git reset -hard -pathspec data.txt

  B. git checkout git clean -d data.txt --force

  C. bfg --delete-files data.txt git push --force

  D. git rm data.txt git push --force

  E. git filter-repo --invert-paths --path data.txt git push origin --force --all

  F. git revert -edit data.txt git push -force

  Correct Answer: C

• Question 32:

  Your company uses Azure DevOps for the build pipelines and deployment pipelines of Java-based projects.

  You need to recommend a strategy for managing technical debt.

  Which action should you include in the recommendation?

  A. Configure post-deployment approvals in the deployment pipeline.

  B. Integrate Azure DevOps and SonarQube.

  C. Integrate Azure DevOps and Azure DevTest Labs.

  Correct Answer: B

  You can manage technical debt with SonarQube and Azure DevOps. Note: Technical debt is the set of problems in a development effort that make forward progress on customer value inefficient. Technical debt saps productivity by making code hard to understand, fragile, time-consuming to change, difficult to validate, and creates unplanned work that blocks progress. Unless they are managed, technical debt can accumulate and hurt the overall quality of the software and the productivity of the development team in the long term SonarQube an open source platform for continuous inspection of code quality to perform automatic reviews with static analysis of code to: Detect Bugs Code Smells Security Vulnerabilities Centralize Quality What's covered in this lab

  Reference: https://azuredevopslabs.com/labs/vstsextend/sonarqube/

• Question 33:

  Your company is building a new solution in Java.

  The company currently uses a SonarQube server to analyze the code of .NET solutions.

  You need to analyze and monitor the code quality of the Java solution.

  Which task types should you add to the build pipeline?

  A. Gradle

  B. CocoaPods

  C. Grunt

  D. Gulp

  Correct Answer: A

  SonarQube is a set of static analyzers that can be used to identify areas of improvement in your code. It allows you to analyze the technical debt in your project and keep track of it in the future. With Maven and Gradle build tasks, you can run

  SonarQube analysis with minimal setup in a new or existing Azure DevOps

  Services build task.

  Prepare Analysis Configuration task, to configure all the required settings before executing the build.

  This task is mandatory.

  In case of .NET solutions or Java projects, it helps to integrate seamlessly with MSBuild, Maven and Gradle tasks.

  Incorrect Answers:

  B: CocoaPods is the dependency manager for Swift and Objective-C Cocoa projects. Note: There are several versions of this question in the exam. The question can have three correct answers: MSBuild Maven Gradle The question can also have different incorrect options, including: Chef Octopus xCODE Reference: https://docs3.sonarqube.org/latest/analysis/scan/sonarscanner-for-azure-devops/ https://docs.microsoft.com/en-us/azure/devops/java/sonarqube?view=azure-devops

• Question 34:

  You have an Azure subscription that contains an Azure Kubernetes Service (AKS) instance named AKS1.

  You collect and analyze metrics for AKS1 by using the Azure Monitor managed service for Prometheus.

  You need to analyze the performance of AKS1.

  Which query language should you use?

  A. PL/SQL

  B. PromQL

  C. SparkQL

  D. KQL

  Correct Answer: B

• Question 35:

  You have an Azure App Service app named App1.

  You need to identify when App1 was offline. The solution must minimize administrative effort.

  Which troubleshooting category in App Service diagnostics should you use?

  A. Navigator

  B. Configuration and Management

  C. Diagnostic Tools

  D. Availability and Performance

  Correct Answer: D

• Question 36:

  Your company is concerned that when developers introduce open source libraries, it creates licensing compliance issues.

  You need to add an automated process to the build pipeline to detect when common open source libraries are added to the code base.

  What should you use?

  A. OWASP ZAP

  B. Jenkins

  C. Code Style

  D. WhiteSource Bolt

  Correct Answer: D

  WhiteSource provides WhiteSource Bolt, a lightweight open source security and management solution developed specifically for integration with Azure DevOps and Azure DevOps Server.

  Note: WhiteSource is the leader in continuous open source software security and compliance management. WhiteSource integrates into your build process, irrespective of your programming languages, build tools, or development

  environments. It works automatically, continuously, and silently in the background, checking the security, licensing, and quality of your open source components against WhiteSource constantly-updated definitive database of open source

  repositories.

  Note:

  There are several versions of this question in the exam. The question has two possible correct answers:

  1.

  Black Duck

  2.

  WhiteSource Bolt

  Other incorrect answer options you may see on the exam include the following:

  1.

  Microsoft Visual SourceSafe

  2.

  PDM

  3.

  SourceGear

  4.

  SourceGear Vault

  Reference:

  https://www.azuredevopslabs.com/labs/vstsextend/whitesource/

• Question 37:

  DRAG DROP

  You have an Azure Key Vault that contains an encryption key named key1.

  You plan to create a Log Analytics workspace that will store logging data.

  You need to encrypt the workspace by using key1.

  Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

  Select and Place:

  

  Correct Answer:

  

• Question 38:

  DRAG DROP

  You have an Azure subscription that contains a project in Azure DevOps named Project1. You have three Azure Active Directory (Azure AD) users that require access to Project1 as shown in the following table.

  

  You need to ensure that the users have the appropriate permissions. The solution must use the principle of least privilege.

  To which permission group in Azure DevOps should you add each user? To answer, drag the appropriate permission groups to the correct users. Each permission group may be used once, more than once, or not at all. You may need to drag

  the split bar between panes or scroll to view content.

  NOTE: Each correct selection is worth one point.

  Select and Place:

  

  Correct Answer:

  

• Question 39:

  DRAG DROP

  You have a GitHub repository named repo1 that stores the code of an app named App1.

  You need deploy a workflow for repo1 by using GitHub Actions. The solution must meet the following requirements:

  Scan on pushes to the main branch.

  Scan on pull requests to the main branch.

  Scan on pull requests to any branch that has a prefix of releases/.

  Scan all the files in the subdirectories of the src directory.

  Exclude scanning of markdown files.

  How should you complete the code? To answer, drag the appropriate values to the correct targets. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.

  Select and Place:

  

  Correct Answer:

  

  Explanation:

  Box 1: - 'releases/**'

  Scan on pull requests to any branch that has a prefix of releases/.

  Note: You can use special characters in path, branch, and tag filters.

  *: Matches zero or more characters, but does not match the / character. For example, Octo* matches Octocat.

  **: Matches zero or more of any character.

  Box 2: - 'src/**'

  Scan all the files in the subdirectories of the src directory.

  Use the paths filter when you want to include file path patterns or when you want to both include and exclude file path patterns.

  Box 3: - '**/*.md'

  Exclude scanning of markdown files.

  Use the paths-ignore filter when you only want to exclude file path patterns.

  Reference:

  https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions

  https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet

• Question 40:

  DRAG DROP

  Your company has a project in Azure DevOps named Project1.

  All the developers at the company have Windows 10 devices.

  You need to create a Git repository for Project1. The solution must meet the following requirements:

  1.

  Support large binary files.

  2.

  Store binary files outside of the repository.

  3.

  Use a standard Git workflow to maintain the metadata of the binary files by using commits to the repository.

  Select and Place:

  

  Correct Answer: