The latest Microsoft AZ-400 Designing and Implementing Microsoft DevOps Solutions certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Microsoft AZ-400 Designing and Implementing Microsoft DevOps Solutions exam and earn Microsoft AZ-400 Designing and Implementing Microsoft DevOps Solutions certification.
Exam Question 41
Your company has a project in Azure DevOps.
You need to ensure that when there are multiple builds pending deployment, only the most recent build is deployed.
What should you use?
A. deployment conditions
B. deployment queue settings
C. release gates
D. pull request triggers
Correct Answer:
B. deployment queue settings
Answer Description:
The options you can choose for a queuing policy are:
- Number of parallel deployments
If you specify a maximum number of deployments, two more options appear:
- Deploy all in sequence
- Deploy latest and cancel the others: Use this option if you are producing releases faster than builds, and you only want to deploy the latest build.
Incorrect Answers: Release gates allow automatic collection of health signals from external services, and then promote the release when all the signals are successful at the same time or stop the deployment on timeout. Typically, gates are used in connection with incident management, problem management, change management, monitoring, and external approval systems.
References:
Microsoft Docs > Add stages, dependencies, conditions
Exam Question 42
Your company develops a client banking application that processes a large volume of data.
Code quality is an ongoing issue for the company. Recently, the code quality has deteriorated because of an increase in time pressure on the development team.
You need to implement static code analysis.
During which phase should you use static code analysis?
A. integration testing
B. staging
C. production release
D. build
Correct Answer:
A. integration testing
Answer Description:
The Secure Development Lifecycle (SDL) Guidelines recommend that teams perform static analysis during the implementation phase of their development cycle.
Note: The company should focus in particular on the implementation of DevOps tests to assess the quality of the software from the planning stage to the implementation phase of the project.
References:
Microsoft Security Code Analysis
Exam Question 43
Your company is building a new solution in Java.
The company currently uses a SonarQube server to analyze the code of .NET solutions.
You need to analyze and monitor the code quality of the Java solution.
Which task types should you add to the build pipeline?
A. Grunt
B. Chef
C. Maven
D. Gulp
Correct Answer:
C. Maven
Answer Description:
SonarQube is a set of static analyzers that can be used to identify areas of improvement in your code. It allows you to analyze the technical debt in your project and keep track of it in the future. With Maven and Gradle build tasks, you can run SonarQube analysis with minimal setup in a new or existing Azure DevOps Services build task.
References:
Microsoft Docs > Use SonarQube with Azure DevOps or Team Foundation Server (TFS) for Java development
Exam Question 44
You have 50 Node.js-based projects that you scan by using WhiteSource. Each project includes Package.json, Package-lock.json, and Npm-shrinkwrap.json files.
You need to minimize the number of libraries reports by WhiteSource to only the libraries that you explicitly reference.
What should you do?
A. Configure the File System Agent plug-in.
B. Add a devDependencies section to Package-lock.json.
C. Configure the Artifactory plug-in.
D. Delete Package-lock.json.
Correct Answer:
B. Add a devDependencies section to Package-lock.json.
Answer Description:
Separate Your Dependencies: Within your package.json file be sure you split out your npm dependencies between devDependencies and (production) dependencies. The key part is that you must then make use of the –production flag when installing the npm packages. The –production flag will exclude all packages defined in the devDependencies section.
References:
Microsoft Docs > Manage your open source usage and security as reported by your CI/CD pipeline
Exam Question 45
Your company deploys applications in Docker containers.
You want to detect known exploits in the Docker images used to provision the Docker containers.
You need to integrate image scanning into the application lifecycle. The solution must expose the exploits as early as possible during the application lifecycle.
What should you configure?
A. a task executed in the continuous integration pipeline and a scheduled task that analyzes the image registry
B. manual tasks performed during the planning phase and the deployment phase
C. a task executed in the continuous deployment pipeline and a scheduled task against a running production container
D. a task executed in the continuous integration pipeline and a scheduled task that analyzes the production container
Correct Answer:
A. a task executed in the continuous integration pipeline and a scheduled task that analyzes the image registry
Answer Description:
You can use the Docker task to sign into ACR and then use a subsequent script to pull an image and scan the container image for vulnerabilities.
Use the docker task in a build or release pipeline. This task can be used with Docker or Azure Container registry.
Incorrect Answers:
- We should not wait until deployment. We want to detect the exploits as early as possible.
- We should wait until the image is in the product container. We want to detect the exploits as early as possible.
References:
Microsoft Docs > Learn how to add continuous security validation to your CI/CD pipeline
Exam Question 46
Your company uses Azure DevOps for the build pipelines and deployment pipelines of Java-based projects.
You need to recommend a strategy for managing technical debt.
Which two actions should you include in the recommendation? Each correct answer presents part of the solution.
A. Configure post-deployment approvals in the deployment pipeline.
B. Configure pre-deployment approvals in the deployment pipeline.
C. Integrate Azure DevOps and SonarQube.
D. Integrate Azure DevOps and Azure DevTest Labs.
Correct Answer:
B. Configure pre-deployment approvals in the deployment pipeline.
C. Integrate Azure DevOps and SonarQube.
Answer Description:
Implement Continuous Delivery
Exam Question 47
You plan to create a release pipeline that will deploy Azure resources by using Azure Resource Manager templates. The release pipeline will create the following resources:
- Two resource groups
- Four Azure virtual machines in one resource group
- Two Azure SQL databases in other resource group
You need to recommend a solution to deploy the resources.
Solution: Create a main template that will deploy the resources in one resource group and a nested template that will deploy the resources in the other resource group.
Does this meet the goal?
A. Yes
B. No
Correct Answer:
B. No
Answer Description:
Use two linked templates, instead of the nested template.
References:
Microsoft Docs > Using linked and nested templates when deploying Azure resources
Exam Question 48
You plan to create a release pipeline that will deploy Azure resources by using Azure Resource Manager templates. The release pipeline will create the following resources:
- Two resource groups
- Four Azure virtual machines in one resource group
- Two Azure SQL databases in other resource group
You need to recommend a solution to deploy the resources.
Solution: Create a main template that has two linked templates, each of which will deploy the resources in its respective group.
Does this meet the goal?
A. Yes
B. No
Correct Answer:
A. Yes
Answer Description:
To deploy your solution, you can use either a single template or a main template with many related templates. The related template can be either a separate file that is linked to from the main template, or a template that is nested within the main template.
References:
Microsoft Docs > Using linked and nested templates when deploying Azure resources
Exam Question 49
Your company has a project in Azure DevOps for a new web application.
The company uses ServiceNow for change management.
You need to ensure that a change request is processed before any components can be deployed to the production environment.
What are two ways to integrate ServiceNow into the Azure DevOps release pipeline? Each correct answer presents a complete solution.
A. Define a deployment control that invokes the ServiceNow REST API.
B. Define a pre-deployment gate before the deployment to the Prod stage.
C. Define a deployment control that invokes the ServiceNow SOAP API.
D. Define a post-deployment gate after the deployment to the QA stage.
Correct Answer:
B. Define a pre-deployment gate before the deployment to the Prod stage.
D. Define a post-deployment gate after the deployment to the QA stage.
Answer Description:
In this example, a release of a website is created by collecting specific versions of two builds (artifacts), each from a different build pipeline. The release is first deployed to a Dev stage and then forked to two QA stages in parallel. If the deployment succeeds in both the QA stages, the release is deployed to Prod ring 1 and then to Prod ring 2. Each production ring represents multiple instances of the same website deployed at various locations around the globe.
References:
Microsoft Docs > elease pipelines
Exam Question 50
You have an approval process that contains a condition. The condition requires that releases be approved by a team leader before they are deployed.
You have a policy stating that approvals must occur within eight hours.
You discover that deployment fail if the approvals take longer than two hours.
You need to ensure that the deployments only fail if the approvals take longer than eight hours.
Solution: From Post-deployment conditions, you modify the Time between re-evaluation of gates option.
Does this meet the goal?
A. Yes
B. No
Correct Answer:
B. No
Answer Description:
Use a gate From Pre-deployment conditions instead.
References:
Microsoft Docs > Release deployment control using gates