Win IT Exam with Last Dumps 2025

Microsoft AZ-400 Exam

Page 42/54
Viewing Questions 411 420 out of 535 Questions
77.78%

Question 411
You use a Git repository in Azure Repos to manage the source code of a web application. Developers commit changes directly to the master branch.
You need to implement a change management procedure that meets the following requirements:
- The master branch must be protected, and new changes must be built in the feature branches first.
- Changes must be reviewed and approved by at least one release manager before each merge.
- Changes must be brought into the master branch by using pull requests.
What should you configure in Azure Repos?



Branch policies help teams protect their important branches of development. Policies enforce your team's code quality and change management standards.
Reference:
https://docs.microsoft.com/en-us/azure/devops/repos/git/branch-policies

Question 412
You are making use of Azure DevOps to automate the build process for a Java-based application.
You are required to include code coverage testing and publish the results to the pipeline.
Which two of the following tools could you use?



Use Publish Code Coverage Results task in a build pipeline to publish code coverage results to Azure Pipelines or TFS, which were produced by a build in Cobertura or JaCoCo format.
Incorrect Answers:
B. If you're building on Linux or macOS, you can use Coverlet or a similar tool to collect code coverage metrics. Code coverage results can be published to the server by using the Publish Code Coverage Results task. To leverage this functionality, the coverage tool must be configured to generate results in Cobertura or JaCoCo coverage format.
D. Coverage.py is used for Python, not for Java.
References:
https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/test/publish-code-coverage-results

Question 413
HOTSPOT -
You are finalizing a release in GitHub.
You need to apply the following labels to the release:
- Name
- Email
- Release v3.0
- Release date
How should you complete the git command? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
AZ-400_413Q.png related to the Microsoft AZ-400 Exam
Image AZ-400_413R.png related to the Microsoft AZ-400 Exam



Box 1; tag -
Tagging. Like most VCSs, Git has the ability to tag specific points in a repository's history as being important. Typically, people use this functionality to mark release points (v1.0, v2.0 and so on).
Box 2: -a -
Creating an annotated tag in Git is simple. The easiest way is to specify -a when you run the tag command:
Example:
$ git tag -a v1.4 -m "my version 1.4"
Box 3: -m -
Reference:
https://git-scm.com/book/en/v2/Git-Basics-Tagging

Question 414
You have a project in Azure DevOps. You have an Azure Resource Group deployment project in Microsoft Visual Studio that is checked in to the Azure DevOps project.
You need to create a release pipeline that will deploy resources by using Azure Resource Manager templates. The solution must minimize administrative effort.
Which task type should you include in the solution?



There are two different ways to deploy templates to Azure DevOps Services. Both methods provide the same results, so choose the one that best fits your workflow.
1. Add a single step to your build pipeline that runs the PowerShell script that's included in the Azure Resource Group deployment project (Deploy-
AzureResourceGroup.ps1). The script copies artifacts and then deploys the template.
2. Add multiple Azure DevOps Services build steps, each one performing a stage task.
The first option has the advantage of using the same script used by developers in Visual Studio and providing consistency throughout the lifecycle.
Reference:
https://docs.microsoft.com/en-us/azure/vs-azure-tools-resource-groups-ci-in-vsts

Question 415
Your company has an Azure DevOps environment that can only be accessed by Azure Active Directory users
You are instructed to make sure that the Azure DevOps environment can only be accessed from devices connected to the company's on-premises network.
Which of the following actions should you take?



Conditional Access is a capability of Azure Active Directory. With Conditional Access, you can implement automated access control decisions for accessing your cloud apps that are based on conditions.
Conditional Access policies are enforced after the first-factor authentication has been completed.
References:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview


Question 416
DRAG DROP -
Your company has a project in Azure DevOps.
You plan to create a release pipeline that will deploy resources by using Azure Resource Manager templates. The templates will reference secrets stored in Azure
Key Vault.
You need to recommend a solution for accessing the secrets stored in the key vault during deployments. The solution must use the principle of least privilege.
What should you include in the recommendation? To answer, drag the appropriate configurations to the correct targets. Each configuration may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:
AZ-400_416Q.jpg related to the Microsoft AZ-400 Exam
Image AZ-400_416R.jpg related to the Microsoft AZ-400 Exam



Box 1: An Azure Key Vault access policy
AZ-400_416E.jpg related to the Microsoft AZ-400 Exam
Box 2: RBAC -
Management plane access control uses RBAC.
The management plane consists of operations that affect the key vault itself, such as:
- Creating or deleting a key vault.
- Getting a list of vaults in a subscription.
- Retrieving Key Vault properties (such as SKU and tags).
- Setting Key Vault access policies that control user and application access to keys and secrets.
Reference:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-tutorial-use-key-vault

Question 417
HOTSPOT -
How should you configure the filters for the Project5 trigger? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
AZ-400_417Q.png related to the Microsoft AZ-400 Exam
Image AZ-400_417R.png related to the Microsoft AZ-400 Exam



Scenario:
AZ-400_417E.png related to the Microsoft AZ-400 Exam
References:
https://docs.microsoft.com/en-us/azure/devops/pipelines/build/triggers

Question 418
DRAG DROP -
As part of your application build process, you need to deploy a group of resources to Azure by using an Azure Resource Manager template located on GitHub.
Which three action should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:
AZ-400_418Q.png related to the Microsoft AZ-400 Exam
Image AZ-400_418R.png related to the Microsoft AZ-400 Exam



Step 1: Create a release pipeline
You need to create a new pipeline.
You can integrate Azure Resource Manager templates (ARM templates) with Azure Pipelines for continuous integration and continuous deployment (CI/CD).
Step 2: Add an Azure Resource Group Deployment task
Step 3: Set the template parameters
Reference:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/add-template-to-azure-pipelines

Question 419
You are in the process of creating a new Java application.
You analyze the code of .NET applications via a SonarQube server.
You are preparing to add a task type to the build pipeline that will allow you to analyze and monitor the code quality of the Java application.
Which two of the following task types could you use?



SonarQube is a set of static analyzers that can be used to identify areas of improvement in your code. It allows you to analyze the technical debt in your project and keep track of it in the future. With Maven and Gradle build tasks, you can run SonarQube analysis with minimal setup in a new or existing Azure DevOps
Services build task.
Reference:
https://docs.microsoft.com/en-us/azure/devops/java/sonarqube?view=azure-devops

Question 420
DRAG DROP -
You need to configure Azure Automation for the computers in Group7.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:
AZ-400_420Q.png related to the Microsoft AZ-400 Exam
Image AZ-400_420R.png related to the Microsoft AZ-400 Exam



Step 1: Create a Desired State Configuration (DSC) configuration file that has an extension of .ps1.
Step 2: Run the Import-AzureRmAutomationDscConfiguration Azure Powershell cmdlet
The Import-AzureRmAutomationDscConfiguration cmdlet imports an APS Desired State Configuration (DSC) configuration into Azure Automation. Specify the path of an APS script that contains a single DSC configuration.
Example:
PS C:\>Import-AzureRmAutomationDscConfiguration -AutomationAccountName "Contoso17"-ResourceGroupName "ResourceGroup01" -SourcePath "C:\DSC\client.ps1" -Force
This command imports the DSC configuration in the file named client.ps1 into the Automation account named Contoso17. The command specifies the Force parameter. If there is an existing DSC configuration, this command replaces it.
Step 3: Run the Start-AzureRmAutomationDscCompilationJob Azure Powershell cmdlet
The Start-AzureRmAutomationDscCompilationJob cmdlet compiles an APS Desired State Configuration (DSC) configuration in Azure Automation.
References:
https://docs.microsoft.com/en-us/powershell/module/azurerm.automation/import-azurermautomationdscconfiguration
https://docs.microsoft.com/en-us/powershell/module/azurerm.automation/start-azurermautomationdsccompilationjob