최신 AZ-400 무료덤프 - Microsoft Designing and Implementing Microsoft DevOps Solutions
Your company has an Azure subscription.
The company requires that all resource group in the subscription have a tag named organization set to a value of Contoso.
You need to implement a policy to meet the tagging requirement.
How should you complete the policy? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
The company requires that all resource group in the subscription have a tag named organization set to a value of Contoso.
You need to implement a policy to meet the tagging requirement.
How should you complete the policy? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
정답:
Explanation:
Box 1: " Microsoft.Resources/subscriptions/resourceGroups"
Box 2: "Deny",
Sample - Enforce tag and its value on resource groups
},
"policyRule": {
"if": {
"allOf": [
{
"field": "type",
"equals": "Microsoft.Resources/subscriptions/resourceGroups"
},
{
"not": {
"field": "[concat('tags[',parameters('tagName'), ']')]",
"equals": "[parameters('tagValue')]"
}
}
]
},
"then": {
"effect": "deny"
}
}
}
}
References:
https://docs.microsoft.com/en-us/azure/governance/policy/samples/enforce-tag-on-resource-groups
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You plan to update the Azure DevOps strategy of your company.
You need to identify the following issues as they occur during the company's development process:
* Licensing violations
* Prohibited libraries
Solution: You implement automated security testing.
Does this meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You plan to update the Azure DevOps strategy of your company.
You need to identify the following issues as they occur during the company's development process:
* Licensing violations
* Prohibited libraries
Solution: You implement automated security testing.
Does this meet the goal?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
You plan to onboard 10 new developers.
You need to recommend a development environment that meets the following requirements:
* Integrates with GitHub
* Provides integrated debugging tools
* Supports remote workers and hot-desking environments
* Supports developers who use browsers, tablets, and Chromebooks
What should you recommend?
You need to recommend a development environment that meets the following requirements:
* Integrates with GitHub
* Provides integrated debugging tools
* Supports remote workers and hot-desking environments
* Supports developers who use browsers, tablets, and Chromebooks
What should you recommend?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)
You have an Azure pipeline that is used to deploy an app named App1.
You need to ensure that new versions of App1 are released only if they exceed performance baselines. The solution must minimize administrative effort.
What should you configure?
You need to ensure that new versions of App1 are released only if they exceed performance baselines. The solution must minimize administrative effort.
What should you configure?
정답: A
You create a Microsoft ASP.NET Core application.
You plan to use Azure Key Vault to provide secrets to the application as configuration data.
You need to create a Key Vault access policy to assign secret permissions to the application. The solution must use the principle of least privilege.
Which secret permissions should you use?
You plan to use Azure Key Vault to provide secrets to the application as configuration data.
You need to create a Key Vault access policy to assign secret permissions to the application. The solution must use the principle of least privilege.
Which secret permissions should you use?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
You need to perform the GitHub code migration. The solution must support the planned changes for the DevOps environment.
What should you use?
What should you use?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)
You have a multi-tier application. The front end of the application is hosted in Azure App Service.
You need to identify the average load times of the application pages.
What should you use?
You need to identify the average load times of the application pages.
What should you use?
정답: C
설명: (DumpTOP 회원만 볼 수 있음)
You have an Azure subscription that uses Azure Monitor and contains a Log Analytics workspace.
You have an encryption key.
You need to configure Azure Monitor to use the key to encrypt log data
You have an encryption key.
You need to configure Azure Monitor to use the key to encrypt log data
정답:
Explanation:
Task 3
You need to ensure that an Azure Web App named az400-38443478-matn supports rolling upgrades The solution must ensure that only 10 percent of users who connect to az400-38443478 main use updated versions of the app. The solution must minimize administrative effort.
You need to ensure that an Azure Web App named az400-38443478-matn supports rolling upgrades The solution must ensure that only 10 percent of users who connect to az400-38443478 main use updated versions of the app. The solution must minimize administrative effort.
정답:
See the solution below in explanation.
Explanation:
To ensure that your Azure Web App named az400-38443478-main supports rolling upgrades and only 10 percent of users connect to the updated version of the app, you can use deployment slots with the following steps:
* Create a Deployment Slot:
* Navigate to the Azure Portal.
* Go to your Web App az400-38443478-main.
* Select Deployment slots in the menu.
* Click on Add Slot.
* Name the slot (e.g., staging) and if needed, clone settings from the production slot.
* Configure the Traffic Percentage:
* In the Deployment Slots menu, you will see a column for Traffic %.
* Set the traffic percentage to 10% for the staging slot1.
* This will route only 10% of the traffic to the updated version of the app in the staging slot.
* Deploy the Updated App to the Staging Slot:
* Deploy your updated application to the staging slot.
* Test the application in the staging slot to ensure it's working as expected.
* Complete the Rolling Upgrade:
* Once you're satisfied with the performance and stability of the app in the staging slot, you can gradually increase the percentage of traffic until you're ready to swap with the production slot.
* To swap slots, go to the Deployment slots menu and click on Swap with the production slot.
By using deployment slots, you can achieve rolling upgrades with minimal administrative effort, as it allows you to test the new version on a subset of users before fully releasing it. Remember to adjust the traffic percentage and monitor the application's performance throughout the process.
Explanation:
To ensure that your Azure Web App named az400-38443478-main supports rolling upgrades and only 10 percent of users connect to the updated version of the app, you can use deployment slots with the following steps:
* Create a Deployment Slot:
* Navigate to the Azure Portal.
* Go to your Web App az400-38443478-main.
* Select Deployment slots in the menu.
* Click on Add Slot.
* Name the slot (e.g., staging) and if needed, clone settings from the production slot.
* Configure the Traffic Percentage:
* In the Deployment Slots menu, you will see a column for Traffic %.
* Set the traffic percentage to 10% for the staging slot1.
* This will route only 10% of the traffic to the updated version of the app in the staging slot.
* Deploy the Updated App to the Staging Slot:
* Deploy your updated application to the staging slot.
* Test the application in the staging slot to ensure it's working as expected.
* Complete the Rolling Upgrade:
* Once you're satisfied with the performance and stability of the app in the staging slot, you can gradually increase the percentage of traffic until you're ready to swap with the production slot.
* To swap slots, go to the Deployment slots menu and click on Swap with the production slot.
By using deployment slots, you can achieve rolling upgrades with minimal administrative effort, as it allows you to test the new version on a subset of users before fully releasing it. Remember to adjust the traffic percentage and monitor the application's performance throughout the process.
You have a public GitHub repository named Public1.
A commit is made to Public1. The commit contains a pattern that matches a regular expression.
Who is notified first when the commit is made?
A commit is made to Public1. The commit contains a pattern that matches a regular expression.
Who is notified first when the commit is made?
정답: A
Your company is concerned that when developers introduce open source libraries, it creates licensing compliance issues.
You need to add an automated process to the build pipeline to detect when common open source libraries are added to the code base.
What should you use?
You need to add an automated process to the build pipeline to detect when common open source libraries are added to the code base.
What should you use?
정답: D
You need to recommend a procedure to implement the build agent for Project1.
Which three actions should you recommend be performed in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Which three actions should you recommend be performed in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
정답:
Explanation:
Scenario:
Step 1: Sign in to Azure Develops by using an account that is assigned the Administrator service connection security role.
Note: Under Agent Phase, click Deploy Service Fabric Application. Click Docker Settings and then click Configure Docker settings. In Registry Credentials Source, select Azure Resource Manager Service Connection. Then select your Azure subscription.
Step 2: Create a personal access token..
A personal access token or PAT is required so that a machine can join the pool created with the Agent Pools (read, manage) scope.
Step 3: Install and register the Azure Pipelines agent on an Azure virtual machine.
By running a Azure Pipeline agent in the cluster, we make it possible to test any service, regardless of type.
References:
https://docs.microsoft.com/en-us/azure/service-fabric/service-fabric-tutorial-deploy-container-app-with-cicd- vsts
https://mohitgoyal.co/2019/01/10/run-azure-devops-private-agents-in-kubernetes-clusters/
You have a private distribution group that contains provisioned and unprovisioned devices.
You need to distribute a new iOS application to the distribution group by using Microsoft Visual Studio App Center.
What should you do?
You need to distribute a new iOS application to the distribution group by using Microsoft Visual Studio App Center.
What should you do?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)
Task 7
Initialize the default main branch, if it does not exist already
In the User 1-42147509 organization, you need to install the Microsoft Security DevOps extension.
Next, create a new starter pipeline named starter1 that will use the following starter code.
Ensure that starter! includes a task that executes the extension and uses the following input*:
* Command: run
* Policy aruredevops
* Publish: true
Save the pipeline to a new branch named starter
Initialize the default main branch, if it does not exist already
In the User 1-42147509 organization, you need to install the Microsoft Security DevOps extension.
Next, create a new starter pipeline named starter1 that will use the following starter code.
Ensure that starter! includes a task that executes the extension and uses the following input*:
* Command: run
* Policy aruredevops
* Publish: true
Save the pipeline to a new branch named starter
정답:
See the solution below in explanation.
Explanation:
Step 1: Initialize the Default Main Branch
* Navigate to Azure DevOps:
* Go to Azure DevOps and sign in with your credentials.
* Select Your Project:
* Choose Project1 from your list of projects.
* Initialize the Main Branch:
* Go to Repos > Files.
* If the main branch does not exist, you will see an option to initialize it. Click on Initialize and follow the prompts to create the main branch1.
Step 2: Install the Microsoft Security DevOps Extension
* Navigate to Extensions:
* In Azure DevOps, click on the Shopping Bag icon in the top right corner and select Browse Marketplace.
* Search for the Extension:
* Search for Microsoft Security DevOps.
* Install the Extension:
* Click on Get it free.
* Select your organization (User1-42147509) and click Install.
* Follow the prompts to complete the installation2.
Step 3: Create a New Starter Pipeline
* Navigate to Pipelines:
* Go to Pipelines > New pipeline.
* Select the Repository:
* Choose Azure Repos Git and select the relevant repository.
* Configure the Pipeline:
* Select Starter pipeline and replace the default YAML with the following starter code:
trigger:
- starter
pool:
vmImage: 'windows-latest'
steps:
- task: MicrosoftSecurityDevOps@1
inputs:
command: 'run'
policy: 'azuredevops'
publish: true
* Save the Pipeline:
* Click on Save and enter starter as the branch name.
* Click on Save and run to save the pipeline to the new branch named starter3.
By following these steps, you will have successfully initialized the main branch, installed the Microsoft Security DevOps extension, and created a new starter pipeline named starter1 that includes the specified task
Explanation:
Step 1: Initialize the Default Main Branch
* Navigate to Azure DevOps:
* Go to Azure DevOps and sign in with your credentials.
* Select Your Project:
* Choose Project1 from your list of projects.
* Initialize the Main Branch:
* Go to Repos > Files.
* If the main branch does not exist, you will see an option to initialize it. Click on Initialize and follow the prompts to create the main branch1.
Step 2: Install the Microsoft Security DevOps Extension
* Navigate to Extensions:
* In Azure DevOps, click on the Shopping Bag icon in the top right corner and select Browse Marketplace.
* Search for the Extension:
* Search for Microsoft Security DevOps.
* Install the Extension:
* Click on Get it free.
* Select your organization (User1-42147509) and click Install.
* Follow the prompts to complete the installation2.
Step 3: Create a New Starter Pipeline
* Navigate to Pipelines:
* Go to Pipelines > New pipeline.
* Select the Repository:
* Choose Azure Repos Git and select the relevant repository.
* Configure the Pipeline:
* Select Starter pipeline and replace the default YAML with the following starter code:
trigger:
- starter
pool:
vmImage: 'windows-latest'
steps:
- task: MicrosoftSecurityDevOps@1
inputs:
command: 'run'
policy: 'azuredevops'
publish: true
* Save the Pipeline:
* Click on Save and enter starter as the branch name.
* Click on Save and run to save the pipeline to the new branch named starter3.
By following these steps, you will have successfully initialized the main branch, installed the Microsoft Security DevOps extension, and created a new starter pipeline named starter1 that includes the specified task
You manage code by using GitHub.
You need to ensure that repository owners are notified if a new vulnerable dependency or malware is found in their repository.
What should you do?
You need to ensure that repository owners are notified if a new vulnerable dependency or malware is found in their repository.
What should you do?
정답: D
You use Get for source control.
You need to optimize the performance of a repository. The solution must meet the following requirements:
* Permanently remove all items referenced only in the ref log.
* Remove history that is NOT in any current branch.
How should you complete the command? To answer, select the appropriate options in the answer area.
You need to optimize the performance of a repository. The solution must meet the following requirements:
* Permanently remove all items referenced only in the ref log.
* Remove history that is NOT in any current branch.
How should you complete the command? To answer, select the appropriate options in the answer area.
정답:
Explanation:
You have a GitHub Enterprise account.
You need to enable push protection for secret scanning of the account repositories.
What should you do first?
You need to enable push protection for secret scanning of the account repositories.
What should you do first?
정답: A
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You plan to create a release pipeline that will deploy Azure resources by using Azure Resource Manager templates. The release pipeline will create the following resources:
Two resource groups
Four Azure virtual machines in one resource group
Two Azure SQL databases in other resource group
You need to recommend a solution to deploy the resources.
Solution: Create a single standalone template that will deploy all the resources.
Does this meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You plan to create a release pipeline that will deploy Azure resources by using Azure Resource Manager templates. The release pipeline will create the following resources:
Two resource groups
Four Azure virtual machines in one resource group
Two Azure SQL databases in other resource group
You need to recommend a solution to deploy the resources.
Solution: Create a single standalone template that will deploy all the resources.
Does this meet the goal?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You manage a project in Azure DevOps.
You need to prevent the configuration of the project from changing over time.
Solution: Perform a Subscription Health scan when packages are created.
Does this meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You manage a project in Azure DevOps.
You need to prevent the configuration of the project from changing over time.
Solution: Perform a Subscription Health scan when packages are created.
Does this meet the goal?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
You company uses Azure DevOps to deploy infrastructures to Azure.
Pipelines are developed by using YAML.
You execute a pipeline and receive the results in the web portal for Azure Pipelines as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Pipelines are developed by using YAML.
You execute a pipeline and receive the results in the web portal for Azure Pipelines as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
정답:
Explanation:
Reference:
https://dev.to/rajikaimal/azure-devops-ci-cd-yaml-pipeline-4glj