DRAG DROP - You have an Azure subscription that contains a project in Azure DevOps named Project1. You have three Azure Active Directory (Azure AD) users that require access to Project1 as shown in the following table. You need to ensure that the users have the appropriate permissions. The solution must use the principle of least privilege. To which permission group in Azure DevOps should you add each user? To answer, drag the appropriate permission groups to the correct users. Each permission group may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.
Question 192
You plan to create a GitHub workflow that will use GitHub Actions. The actions will require a 256-KB secret. You need to recommend a solution to store and encrypt the secret. The secret value must be accessible only to the workflow. The solution must minimize administrative effort What should you recommend?
Question 193
Your company uses Azure DevOps and Microsoft Azure Active Directory (Azure AD), part of Microsoft Entra. Only users who have accounts in Azure AD can access the Azure DevOps environment. You need to ensure that only devices that are connected to the on-premises network can access the Azure DevOps environment. What should you do?
Question 194
You have an Azure subscription that contains four Azure virtual machines. You need to configure the virtual machines to use a single identity. The solution must meet the following requirements: • Ensure that the credentials for the identity are managed automatically. • Support granting privileges to the identity. Which type of identity should you use?
Question 195
HOTSPOT - You have an Azure subscription that contains an Azure key vault named Vault1, an Azure pipeline named Pipeline1, and an Azure SQL database named DB1. Pipeline1 is used to deploy an app that will authenticate to DB1 by using a password. You need to store the password in Vault1. The solution must ensure that the password can be accessed by Pipeline1. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Question 196
You have a GitHub repository that contains multiple workflows and a secret stored at the environment level. You need to ensure that the secret can be used by all the workflows. What should you do first?
Question 197
DRAG DROP - You have a GitHub organization that contains three users named User1, User2, and User3. You have a project that contains a repository named repo1. You need to configure permissions for repo1. The solution must meet the following requirements: • Ensure that User1 can actively push to repo1. • Ensure that User2 can manage issues and pull requests for repo1. • Ensure that User3 can manage repo1. • Prevent User3 from accessing sensitive data in repo1. Which role should you assign to each user? To answer, drag the appropriate roles to the correct users. Each role may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.
Question 198
You have an Azure key vault named KV1 and three web servers. You plan to deploy an app named App1 to the web servers. You need to ensure that App1 can retrieve a secret from KV1. The solution must meet the following requirements: • Minimize the number of permission grants required. • Follow the principle of least privilege. What should you include in the solution?
Question 199
You are designing the development process for your company. You need to recommend a solution for continuous inspection of the company's code base to locate common code patterns that are known to be problematic. What should you include in the recommendation?
SonarCloud is a cloud service offered by SonarSource and based on SonarQube. SonarQube is a widely adopted open source platform to inspect continuously the quality of source code and detect bugs, vulnerabilities and code smells in more than 20 different languages. Note: The SonarCloud Azure DevOps extension brings everything you need to have your projects analyzed on SonarCloud very quickly. Incorrect Answers: A: Test plans are used to group together test suites and individual test cases. This includes static test suites, requirement-based suites, and query-based suites. Reference: https://docs.travis-ci.com/user/sonarcloud/ https://sonarcloud.io/documentation/integrations/vsts/
Question 200
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. The lead developer at your company reports that adding new application features takes longer than expected due to a large accumulated technical debt. You need to recommend changes to reduce the accumulated technical debt. Solution: You recommend reducing the code coupling and the dependency cycles? Does this meet the goal?
Instead reduce the code complexity. Note: Technical debt is the accumulation of sub-optimal technical decisions made over the lifetime of an application. Eventually, it gets harder and harder to change things: it's the 'sand in the gears' that sees IT initiatives grind to a halt. Reference: https://dzone.com/articles/fight-through-the-pain-how-to-deal-with-technical https://www.devopsgroup.com/blog/five-ways-devops-helps-with-technical-debt/
