You are building an ASP.NET Core application. You plan to create an application utilization baseline by capturing telemetry data. You need to add code to the application to capture the telemetry data. The solution must minimize the costs of storing the telemetry data. Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point
Sampling is a feature in Azure Application Insights. It is the recommended way to reduce telemetry traffic, data costs, and storage costs, while preserving a statistically correct analysis of application data. The Application Insights SDK for ASP.NET Core supports both fixed-rate and adaptive sampling. Adaptive sampling is enabled by default. D: For adaptive sampling: The volume is adjusted automatically to keep within a specified maximum rate of traffic, and is controlled via the setting MaxTelemetryItemsPerSecond. If the application produces a low amount of telemetry, such as when debugging or due to low usage, items won't be dropped by the sampling processor as long as volume is below MaxTelemetryItemsPerSecond. Note: In ApplicationInsights.config, you can adjust several parameters in the AdaptiveSamplingTelemetryProcessor node. The figures shown are the default values: <MaxTelemetryItemsPerSecond>5</MaxTelemetryItemsPerSecond> Reference: https://docs.microsoft.com/en-us/azure/azure-monitor/app/sampling
Question 102
HOTSPOT - You have an application named App1 that has a custom domain of app.contoso.com. You create a test in Azure Application Insights as shown in the following exhibit. Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point. Hot Area:
Box 1: every five minutes at a random location Test frequency: Sets how often the test is run from each test location. With a default frequency of five minutes and five test locations, your site is tested on average every minute. Box 2: Parse dependent requests: Test requests images, scripts, style files, and other files that are part of the web page under test. The recorded response time includes the time taken to get these files. The test fails if any of these resources cannot be successfully downloaded within the timeout for the whole test. Reference: https://docs.microsoft.com/en-us/azure/azure-monitor/app/monitor-web-app-availability
Question 103
You have a build pipeline in Azure Pipelines that occasionally fails. You discover that a test measuring the response time of an API endpoint causes the failures. You need to prevent the build pipeline from failing due to the test. Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
D: You can mark or unmark a test as flaky based on analysis or context, by choosing Flaky. To configure flaky test management, choose Project settings, and select Test management in the Pipelines section. B: Slide the On/Off button to On. Reference: https://docs.microsoft.com/en-us/azure/devops/pipelines/test/flaky-test-management
Question 104
Your company hosts a web application in Azure. The company uses Azure Pipelines for the build and release management of the application. Stakeholders report that the past few releases have negatively affected system performance. You configure alerts in Azure Monitor. You need to ensure that new releases are only deployed to production if the releases meet defined performance baseline criteria in the staging environment first. What should you use to prevent the deployment of releases that fall to meet the performance baseline?
Scenarios and use cases for gates include: - Quality validation. Query metrics from tests on the build artifacts such as pass rate or code coverage and deploy only if they are within required thresholds. Use Quality Gates to integrate monitoring into your pre-deployment or post-deployment. This ensures that you are meeting the key health/performance metrics (KPIs) as your applications move from dev to production and any differences in the infrastructure environment or scale is not negatively impacting your KPIs. Note: Gates allow automatic collection of health signals from external services, and then promote the release when all the signals are successful at the same time or stop the deployment on timeout. Typically, gates are used in connection with incident management, problem management, change management, monitoring, and external approval systems. Reference: https://docs.microsoft.com/en-us/azure/azure-monitor/continuous-monitoring https://docs.microsoft.com/en-us/azure/devops/pipelines/release/approvals/gates?view=azure-devops
Question 105
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You manage a project in Azure DevOps. You need to prevent the configuration of the project from changing over time. Solution: Perform a Subscription Health scan when packages are created. Does this meet the goal?
Instead implement Continuous Assurance for the project. Note: The Subscription Security health check features in AzSK contains a set of scripts that examines a subscription and flags off security issues, misconfigurations or obsolete artifacts/settings which can put your subscription at higher risk. Reference: https://azsk.azurewebsites.net/04-Continous-Assurance/Readme.html
Question 106
DRAG DROP - Your company has a project in Azure DevOps. You plan to create a release pipeline that will deploy resources by using Azure Resource Manager templates. The templates will reference secrets stored in Azure Key Vault. You need to recommend a solution for accessing the secrets stored in the key vault during deployments. The solution must use the principle of least privilege. What should you include in the recommendation? To answer, drag the appropriate configurations to the correct targets. Each configuration may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point. Select and Place:
Box 1: RBAC - Management plane access control uses RBAC. The management plane consists of operations that affect the key vault itself, such as: - Creating or deleting a key vault. - Getting a list of vaults in a subscription. - Retrieving Key Vault properties (such as SKU and tags). - Setting Key Vault access policies that control user and application access to keys and secrets. Box 2: RBAC - References: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-tutorial-use-key-vault
Question 107
Your company uses the following resources: - Windows Server 2019 container images hosted in an Azure Container Registry. - Azure virtual machines that run the latest version of Ubuntu - An Azure Log Analytics workspace - Azure Active Directory (Azure AD) - An Azure key vault For which two resources can you receive vulnerability assessments in Azure Security Center? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
B: Azure Security Center includes Azure-native, advanced threat protection for Azure Key Vault, providing an additional layer of security intelligence. C: When Security Center discovers a connected VM without a vulnerability assessment solution deployed, it provides the security recommendation "A vulnerability assessment solution should be enabled on your virtual machines". Ubuntu supported versions: 12.04 LTS, 14.04 LTS, 15.x, 16.04 LTS, 18.04 LTS Reference: https://docs.microsoft.com/en-us/azure/security-center/deploy-vulnerability-assessment-vm
Question 108
You use Azure Pipelines to manage build pipelines, GitHub to store source code, and Dependabot to manage dependencies. You have an app named App1. Dependabot detects a dependency in App1 that requires an update. What should you do first to apply the update?
DependaBot is a useful tool to regularly check for dependency updates. By helping to keep your project up to date, DependaBot can reduce technical debt and immediately apply security vulnerabilities when patches are released. How does DependaBot work? 1. DependaBot regularly checks dependencies for updates 2. If an update is found, DependaBot creates a new branch with this upgrade and Pull Request for approval 3. You review the new Pull Request, ensure the tests passed, review the code, and decide if you can merge the change Reference: https://samlearnsazure.blog/2019/12/20/github-using-dependabot/
Question 109
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You manage a project in Azure DevOps. You need to prevent the configuration of the project from changing over time. Solution: Add a code coverage step to the build pipelines. Does this meet the goal?
Instead implement Continuous Assurance for the project. Reference: https://azsk.azurewebsites.net/04-Continous-Assurance/Readme.html
Question 110
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You manage a project in Azure DevOps. You need to prevent the configuration of the project from changing over time. Solution: Implement Continuous Integration for the project. Does this meet the goal?
Instead implement Continuous Assurance for the project. Reference: https://azsk.azurewebsites.net/04-Continous-Assurance/Readme.html
