Up To The Minute AZ-400 Item Pool 2021

NEW QUESTION 1
DRAG DROP
You need to configure Azure Automation for the computers in Pool7.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them m the correct order.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 2
DRAG DROP
You have an Azure Kubermets Service (AKS) implementation that is RBAC-enabled You plan to use Azure Container Instances as a hosted development environment to run containers in the AKS implementation.
You need to conjure Azure Container Instances as a hosted environment for running me containers in AKS. Which three actions should you perform m sequence?
To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Step 1: Create a YAML file.
If your AKS cluster is RBAC-enabled, you must create a service account and role binding for use with Tiller. To create a service account and role binding, create a file named rbac-virtual-kubelet.yaml
Step 2: Run kubectl apply.
Apply the service account and binding with kubectl apply and specify your rbacvirtual- kubelet.yaml file.
Step 3: Run helm init.
Configure Helm to use the tiller service account: helm init --service-account tiller
You can now continue to installing the Virtual Kubelet into your AKS cluster. References: https://docs.microsoft.com/en-us/azure/aks/virtual-kubelet

NEW QUESTION 3
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You plan to create a release pipeline that will deploy Azure resources by using Azure Resource Manager templates. The release pipeline will create the following resources:
„hTwo resource groups
„hFour Azure virtual machines in one resource group
„hTwo Azure SQL databases in other resource group
You need to recommend a solution to deploy the resources.
Solution: Create two standalone templates, each of which will deploy the resources in its respective group.
Does this meet the goal?

• A. Yes
• B. No

Answer: B

Explanation:
Use a main template and two linked templates.
References: https://docs.microsoft.com/en-us/azure/azure-resourcemanager/ resource-group-linked-templates

NEW QUESTION 4
Note: This question part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the staled goals. Some question sets might have more than one correct solution, whale others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to It. As a result, these questions will not appear in the review screen.
You integrate a cloud-hosted Jenkins server and a new Azure DevOps depsoyment. You need Azure DevOps to send a notification to Jenkins when a developer commits changes to a branch in Azure Repos.
Solution: You add a trigger to the build pipeline. Does this meet the goal?

• A. Yes
• B. NO

Answer: B

Explanation:
You can create a service hook for Azure DevOps Services and TFS with Jenkins. References:
https://docs.microsoft.com/en-us/azure/devops/service-hooks/services/jenkins

NEW QUESTION 5
DRAG DROP
You need to increase the security of your team's development process.
Which type of security tool should you recommend for each stage of the development process? To answer, drag the appropriate security toots to the correct stages. Each security tool may be used once, more than once, or not at all. You may
need to drag the split bar between panes or scroll to view content NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Box 1: Threat modeling
Threat modeling¡¦s motto should be, ¡§The earlier the better, but not too late and never ignore.¡¨
Box 2: Static code analysis
Validation in the CI/CD begins before the developer commits his or her code. Static code analysis tools in the IDE provide the first line of defense to help ensure that security vulnerabilities are not introduced into the CI/CD process.
Box 3: Penetration testing
Once your code quality is verified, and the application is deployed to a lower environment like development or QA, the process should verify that there are not any security vulnerabilities in the running application. This can be accomplished by executing automated penetration test against the running application to scan it for vulnerabilities.
References: https://docs.microsoft.com/en-us/azure/devops/articles/securityvalidation- cicd-pipeline?view=vsts

NEW QUESTION 6
DRAG DROP
You plan to use Azure Kubernetes Service (AKS) to host containers deployed from images hosted in a Docker Trusted Registry.
You need to recommend a solution for provisioning and connecting to AKS. The solution must ensure that AKS is RBAC-enaWed and uses a custom service principal.
Which three commands should you recommend be run in sequence? To answer, move the appropriate commands from the list of commands to the answer area and arrange them in the coned order.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 7
You use Azure SQL Database Intelligent Insights and Azure Application Insights foe monitoring.
You need to write ad-hoc Queries against the monitoring data. Which Query language should you use?

• A. PL/pgSQL
• B. Transact-SQL
• C. Azure Log Analytics
• D. PL/SQL

Answer: C

Explanation:
Data analysis in Azure SQL Analytics is based on Log Analytics language for your custom querying and reporting.
References: https://docs.microsoft.com/en-us/azure/azure-monitor/insights/azure-sql

NEW QUESTION 8
You have 50 Node.js-based projects that you scan by using WhiteSource. Each project includes Package.json, Package-lock.json, and Npm-shrinkwrap.json files. You need to minimize the number of libraries reports by WhiteSource to only the libraries that you explicitly reference.
What should you do?

• A. Configure the File System Agent plug in.
• B. Delete Package lock.json.
• C. Configure the Artifactory plug-in.
• D. Add a devDependencies section to Package-lock.jso

Answer: D

Explanation:
Separate Your Dependencies
Within your package.json file be sure you split out your npm dependencies between devDependencies and (production) dependencies. The key part is that you must then make use of the --production flag when installing the npm packages. The -- production flag will exclude all packages defined in the devDependencies section. References:
https://blogs.msdn.microsoft.com/visualstudioalmrangers/2021/06/08/manage-youropen- source-usage-and-security-as-reported-by-your-cicd-pipeline/

NEW QUESTION 9
Your company has an on-premises Bitbucket Server that is used for Git-based source control. The server is protected by a firewall that blocks inbound Internet traffic.
You plan to use Azure DevOps to manage the build and release processes Which two components are required to integrate Azure DevOps and Bitbucket? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one port.

• A. an External Git service connection
• B. a Microsoft hosted agent
• C. service hooks
• D. a self- hosted agent
• E. a deployment M group

Answer: AD

Explanation:
When a pipeline uses a remote, 3rd-party repository host such as Bitbucket Cloud, the repository is configured with webhooks that notify Azure Pipelines Server or TFS when code has changed and a build should be triggered. Since on-premises installations are normally protected behind a firewall, 3rd-party webhooks are unable to reach the on-premises server. As a workaround, you can use the External Git repository type which uses polling instead of webhooks to trigger a build when code has changed.
References: https://docs.microsoft.com/enus/ azure/devops/pipelines/repos/pipeline-options-for

NEW QUESTION 10
Your company is building a mobile app that targets Android devices and OS devices. Your team uses Azure DevOps to manage all work items and release cycles. You need to recommend a solution to perform the following tasks
¡E Collect crash reports for issue analysis
¡E Distribute beta releases to your testers.
¡E Get user feedback on the functionality of new apps. What should you include in the recommendation?

• A. Jenkins integration
• B. Azure Application Insights widgets
• C. the Microsoft Test & Feedback extension
• D. Microsoft Visual Studio App Center integration

Answer: D

NEW QUESTION 11
Your company develops a client banking application that processes a large volume of data.
Code quality is an ongoing issue for the company. Recently, the code quality has deteriorated because of an increase in time pressure on the development team. You need to implement static code analysis.
During which phase should you use static code analysis?

• A. build
• B. production release
• C. staging
• D. integration testing

Answer: B

NEW QUESTION 12
HOTSPOT
Your company is building a new web application.
You plan to collect feedback from pilot users on the features being delivered. All the pilot users have a corporate computer that has Google Chrome and the Microsoft Test & Feedback extension installed. The pilot users will test the application by using Chrome.
You need to identify which access levels are required to ensure that developers can request and gather feedback from the pilot users. The solution must use the principle of least privilege.
Which access levels m Azure DevOps should you identify? To answer, select the
appropriate options in the answer area
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Box 1: Basic
Assign Basic to users with a TFS CAL, with a Visual Studio Professional subscription, and to users for whom you are paying for Azure Boards & Repos in an organization.
Box 2: Stakeholder
Assign Stakeholders to users with no license or subscriptions who need access to a limited set of features.
Note:
You assign users or groups of users to one of the following access levels: Basic: provides access to most features
VS Enterprise: provides access to premium features
Stakeholders: provides partial access, can be assigned to unlimited users for free References: https://docs.microsoft.com/enus/ azure/devops/organizations/security/access-levels?view=vsts

NEW QUESTION 13
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has a project in Azure DevOps for a new web application. You need to ensure that when code is checked in, a build runs automatically.
Solution: From the Pre-deployment conditions settings of the release pipeline, you select After stage.
Does this meet the goal?

• A. Yes
• B. No

Answer: B

Explanation:
Instead, In Visual Designer you enable continuous integration (CI) by:
„hSelect the Triggers tab.
„hEnable Continuous integration. References:
https://docs.microsoft.com/en-us/azure/devops/pipelines/get-started-designer

NEW QUESTION 14
Your company . concerned that when developers introduce open source Libraries, it creates licensing compliance issues.
You need to add an automated process to the build pipeline to detect when common open source libraries are added to the code base.
What should you use?

• A. Code Style
• B. Microsoft Visual SourceSafe
• C. Black Duck
• D. Jenkins

Answer: C

Explanation:
Secure and Manage Open Source Software
Black Duck helps organizations identify and mitigate open source security, license compliance and code-quality risks across application and container portfolios. Black Duck Hub and its plugin for Team Foundation Server (TFS) allows you to automatically find and fix open source security vulnerabilities during the build process, so you can proactively manage risk. The integration allows you to receive alerts and fail builds when any Black Duck Hub policy violations are met.
Note: WhiteSource would also be a good answer, but it is not an option here. References:
https://marketplace.visualstudio.com/items?itemName=black-duck-software.hub-tfs

NEW QUESTION 15
You plan to create an image that will contain a .NET Core application.
You have a Dockerfile file that contains the following code. (Line numbers are included for reference only.)

You need to ensure that the image is as small as possible when the image is built. Which line should you modify in the file?

• A. 1
• B. 3
• C. 4
• D. 7

Answer: A

Explanation:
Multi-stage builds (in Docker 17.05 or higher) allow you to drastically reduce the size of your final image, without struggling to reduce the number of intermediate layers and files.
With multi-stage builds, you use multiple FROM statements in your Dockerfile. Each FROM instruction can use a different base, and each of them begins a new stage of the build. You can selectively copy artifacts from one stage to another, leaving behind everything you don¡¦t want in the final image.
References: https://docs.docker.com/develop/develop-images/multistage-build/#usemulti- stage-builds

NEW QUESTION 16
You use Azure Artifacts to host NuGet packages that you create.
You need to make one of the packages available to anonymous users outside your organization. The solution must minimize the number of publication points. What should you do?

• A. Create a new feed for the package
• B. Publish the package to a public NuGet repository.
• C. Promote the package to a release view.
• D. Change the feed URL of the packag

Answer: A

Explanation:
Azure Artifacts introduces the concept of multiple feeds that you can use to organize and control access to your packages.
Packages you host in Azure Artifacts are stored in a feed. Setting permissions on the feed allows you to share your packages with as many or as few people as your scenario requires.
Feeds have four levels of access: Owners, Contributors, Collaborators, and Readers.
References: https://docs.microsoft.com/en-us/azure/devops/artifacts/feeds/feedpermissions? view=vsts&tabs=new-nav

NEW QUESTION 17
Your company uses Azure DevOps for the build pipelines and deployment pipelines of Java based projects. You need to recommend a strategy for managing technical debt.
Which two actions should you include in the recommendation? Each correct answer presents part of the solution
NOTE: Each correct selection is worth one point.

• A. Integrate Azure DevOps and SonarQube.
• B. Integrates Azure DevOPs and Azure DevTest Labs.
• C. Configure post-deployment approvals in the deployment pipeline.
• D. Configure pre-deployment approvals in the deployment pipelin

Answer: AC

NEW QUESTION 18
HOTSPOT
How should you configure the filters for the Project5 trigger? To answer, select the appropriate option in the answer area.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

Scenario:

References: https://docs.microsoft.com/en-us/azure/devops/pipelines/build/triggers

NEW QUESTION 19
You need to recommend a Docker container build strategy that meets the following requirements
¡E Minimizes image sues
¡E Minimizes the security surface area of the final image What should you include m the recommendation?

• A. multi-stage builds
• B. single-stage builds
• C. PowerShell Desired State Configuration (DSC)
• D. Docker Swarm

Answer: A

Explanation:
Multi-stage builds are a new feature requiring Docker 17.05 or higher on the daemon and client. Multistage builds are useful to anyone who has struggled to optimize Dockerfiles while keeping them easy to read and maintain. References: https://docs.docker.com/develop/develop-images/multistage-build/

NEW QUESTION 20
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an approval process that contains a condition. The condition requires that releases be approved by a team leader before they are deployed.
You haw a pokey stating that approvals must occur within eight hours.
You discover that deployments only if the approvals take longer than two hours. You need to ensure that the deployments only fail if the approvals take longer than hours.
Solution From Post -deployment conditions, you modify the Timeout setting for post-deployment approvals.
Does this meet the goal?

• A. Yes
• B. NO

Answer: B

NEW QUESTION 21
......