Updated Free Microsoft AZ-400 Test Engine Questions with 329 Q&As [Q168-Q191]

Updated Free Microsoft AZ-400 Test Engine Questions with 329 Q&As

The Best Microsoft Azure AZ-400 Professional Exam Questions

NEW QUESTION 168
Your company uses Git as a source code control system for a complex app named App1.
You plan to add a new functionality to App1.
You need to design a branching model for the new functionality.
Which branch lifetime and branch time should you use in the branching model? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Branch lifetime: Short-lived
Branch type: Feature
Feature branches are used when developing a new feature or enhancement which has the potential of a development lifespan longer than a single deployment. When starting development, the deployment in which this feature will be released may not be known. No matter when the feature branch will be finished, it will always be merged back into the master branch.
References:
https://gist.github.com/digitaljhelms/4287848

 

NEW QUESTION 169
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You manage a project in Azure DevOps.
You need to prevent the configuration of the project from changing over time.
Solution: Implement Continuous Assurance for the project.
Does this meet the goal?

• A. No
• B. Yes

Answer: B

Explanation:
Explanation
The basic idea behind Continuous Assurance (CA) is to setup the ability to check for "drift" from what is considered a secure snapshot of a system. Support for Continuous Assurance lets us treat security truly as a
'state' as opposed to a 'point in time' achievement. This is particularly important in today's context when
'continuous change' has become a norm.
There can be two types of drift:
* Drift involving 'baseline' configuration: This involves settings that have a fixed number of possible states (often pre-defined/statically determined ones). For instance, a SQL DB can have TDE encryption turned ON or OFF...or a Storage Account may have auditing turned ON however the log retention period may be less than 365 days.
* Drift involving 'stateful' configuration: There are settings which cannot be constrained within a finite set of well-known states. For instance, the IP addresses configured to have access to a SQL DB can be any (arbitrary) set of IP addresses. In such scenarios, usually human judgment is initially required to determine whether a particular configuration should be considered 'secure' or not. However, once that is done, it is important to ensure that there is no "stateful drift" from the attested configuration. (E.g., if, in
* a troubleshooting session, someone adds the IP address of a developer machine to the list, the Continuous Assurance feature should be able to identify the drift and generate notifications/alerts or even trigger 'auto-remediation' depending on the severity of the change).
Reference:
https://azsk.azurewebsites.net/04-Continous-Assurance/Readme.html

 

NEW QUESTION 170
Your company has a project in Azure DevOps for a new application. The application will be deployed to several Azure virtual machines that run Windows Server 2016.
You need to recommend a deployment strategy for the virtual machines. The strategy must meet the following requirements:
* Ensure that the virtual machines maintain a consistent configuration.
* Minimize administrative effort to configure the virtual machines
What should you include in the recommendation?

• A. Deployment YAML and Azure pipeline stage templates
• B. Deployment YAML and Azure pipeline deployment groups
• C. Azure Resource Manager templates and the PowerShell Desired State Configuration (DSC) extension for Windows
• D. Azure Resource Manager templates and the Custom Script Extension for Windows

Answer: C

 

NEW QUESTION 171
Your company has an Azure subscription.
The company requires that all resource group in the subscription have a tag named organization set to a value of Contoso.
You need to implement a policy to meet the tagging requirement.
How should you complete the policy? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:
Box 1: " Microsoft.Resources/subscriptions/resourceGroups"
Box 2: "Deny",
Sample - Enforce tag and its value on resource groups
},
"policyRule": {
"if": {
"allOf": [
{
"field": "type",
"equals": "Microsoft.Resources/subscriptions/resourceGroups"
},
{
"not": {
"field": "[concat('tags[',parameters('tagName'), ']')]",
"equals": "[parameters('tagValue')]"
}
}
]
},
"then": {
"effect": "deny"
}
}
}
}
References:
https://docs.microsoft.com/en-us/azure/governance/policy/samples/enforce-tag-on-resource-groups

 

NEW QUESTION 172
To resolve the current technical issue, what should you do to the Register-AzureRmAutomationDscNode command?

• A. Add the AllowModuleOverwrite parameter.
• B. Replace the Register-AzureRmAutomationDscNode cmdlet with
  Register-AzureRmAutomationScheduledRunbook
• C. Change the value of the ConfigurationMode parameter.
• D. Add the DefaultProfile parameter.

Answer: C

Explanation:
Explanation
Change the ConfigurationMode parameter from ApplyOnly to ApplyAndAutocorrect.
The Register-AzureRmAutomationDscNode cmdlet registers an Azure virtual machine as an APS Desired State Configuration (DSC) node in an Azure Automation account.
Scenario: Current Technical Issue
The test servers are configured correctly when first deployed, but they experience configuration drift over time. Azure Automation State Configuration fails to correct the configurations.
Azure Automation State Configuration nodes are registered by using the following command.

References:
https://docs.microsoft.com/en-us/powershell/module/azurerm.automation/register-azurermautomationdscnode?vi

 

NEW QUESTION 173
Your company has a project in Azure DevOps.
You plan to create a release pipeline that will deploy resources by using Azure Resource Manager templates.
The templates will reference secrets stored in Azure Key Vault.
You need to recommend a solution for accessing the secrets stored in the key vault during deployments. The solution must use the principle of least privilege.
What should you include in the recommendation? To answer, drag the appropriate configurations to the correct targets. Each configuration may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Box 1: RBAC
Management plane access control uses RBAC.
The management plane consists of operations that affect the key vault itself, such as:
* Creating or deleting a key vault.
* Getting a list of vaults in a subscription.
* Retrieving Key Vault properties (such as SKU and tags).
* Setting Key Vault access policies that control user and application access to keys and secrets.
Box 2: RBAC
References:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-tutorial-use-key-vault

 

NEW QUESTION 174
You have a web app hosted on Azure App Service. The web app stores data in an Azure SQL database.
You need to generate an alert when there are 10,000 simultaneous connections to the database. The solution must minimize development effort.
Which option should you select in the Diagnostics settings of the database?

• A. Send to Log Analytics
• B. Archive to a storage account
• C. Stream to an event hub

Answer: A

Explanation:
ENABLE DIAGNOSTICS TO LOG ANALYTICS
This configuration is done PER DATABASE
1. Click on Diagnostics Settings and then Turn On Diagnostics

2. Select to Send to Log Analytics and select the Log Analytics workspace. For this sample I will selected only Errors

Reference:
https://techcommunity.microsoft.com/t5/azure-database-support-blog/azure-sql-db-and-log-analytics-better-together-part-1/ba-p/794833

 

NEW QUESTION 175
How should you configure the release retention policy for the investment planning applications suite? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Scenario: By default, all releases must remain available for 30 days, except for production releases, which must be kept for 60 days.
Box 1: Set the default retention policy to 30 days
The Global default retention policy sets the default retention values for all the build pipelines. Authors of build pipelines can override these values.
Box 2: Set the stage retention policy to 60 days
You may want to retain more releases that have been deployed to specific stages.
References: https://docs.microsoft.com/en-us/azure/devops/pipelines/policies/retention

 

NEW QUESTION 176
SIMULATION
You need to ensure that the https://contoso.com/statushook webhook is called every time a repository named az40010480345acr1 receives a new version of an image named dotnetapp.
To complete this task, sign in to the Microsoft Azure portal.

• A. * Sign in to the Azure portal.
  * Navigate to the container registry az40010480345acr1.
  * Under Services, select Webhooks.
  * Select the existing webhook https://contoso.com/statushook, and double-click on it to get its properties.
  * For Trigger actions select image push
  Example web hook:
  
• B. * Sign in to the Azure portal.
  * Navigate to the container registry az40010480345acr1.
  * Under Services, select Webhooks.
  * Select the existing webhook https://contoso.com/statushook, and double-click on it to get its properties.
  * For Trigger actions select image push
  Example web hook:
  

Answer: B

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/container-registry/container-registry-webhook
Topic 1, Overview
Existing Environment
Litware, Inc. an independent software vendor (ISV) Litware has a main office and five branch offices.
Application Architecture
The company' s primary application is a single monolithic retirement fund management system based on ASP.NE T web forms that use logic written in V8.NET. Some new sections of the application are written in C#.
Variations of the application are created for individual customers. Currently, there are more than 80 have code branches in the application's code base.
The application was developed by using Microsoft Visual Studio. Source code is stored in Team Foundation Server (TFS) in the main office. The branch offices access of the source code by using TFS proxy servers.
Architectural Issues
Litware focuses on writing new code for customers. No resources are provided to refactor or remove existing code. Changes to the code base take a long time, AS dependencies are not obvious to individual developers.
Merge operations of the code often take months and involve many developers. Code merging frequently introduces bugs that are difficult to locate and resolve.
Customers report that ownership costs of the retirement fund management system increase continually. The need to merge unrelated code makes even minor code changes expensive.
Requirements
Planned Changes
Litware plans to develop a new suite of applications for investment planning. The investment planning Applications will require only minor integration with the easting retirement fund management system.
The investment planning applications suite will include one multi-tier web application and two iOS mobile applications. One mobile application will be used by employees; the other will be used by customers.
Litware plans to move to a more agile development methodology. Shared code will be extracted into a series of package.
Litware has started an internal cloud transformation process and plans to use cloud based services whenever suitable.
Litware wants to become proactive m detecting failures, rather than always waning for customer bug reports.
Technical Requirements
The company's investment planning applications suite must meet the following technical requirements:
* New incoming connections through the firewall must be minimized.
* Members of a group named Developers must be able to install packages.
* The principle of least privilege must be used for all permission assignments
* A branching strategy that supports developing new functionality in isolation must be used.
* Members of a group named Team leaders must be able to create new packages and edit the permissions of package feeds
* Visual Studio App Center must be used to centralize the reporting of mobile application crashes and device types in use.
* By default, all App Center must be used to centralize the reporting of mobile application crashes and device types in use.
* Code quality and release quality are critical. During release, deployments must not proceed between stages if any active bugs are logged against the release.
* The mobile applications must be able to call the share pricing service of the existing retirement fund management system. Until the system is upgraded, the service will only support basic authentication over HUPS.
* The required operating system configuration tor the test servers changes weekly. Azure Automation State Configuration must be used to ensure that the operating system on each test servers configured the same way when the servers are created and checked periodically.
Current Technical
The test servers are configured correctly when first deployed, but they experience configuration drift over time. Azure Automation State Configuration fails to correct the configurations.
Azure Automation State Configuration nodes are registered by using the following command.

 

NEW QUESTION 177
You have a multi-tier application. The front end of the application is hosted in Azure App Service. You need to identify the average load times of the application pages. What should you use?

• A. Azure Advisor
• B. the diagnostics logs of the App Service
• C. Azure Application Insights
• D. the activity log of the App Service

Answer: C

 

NEW QUESTION 178
You need to implement Project6.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them m the correct order.

Answer:

Explanation:

Explanation

 

NEW QUESTION 179
You plan to use Terraform to deploy an Azure resource group.
You need to install the required frameworks to support the planned deployment.
Which two frameworks should you install? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

• A. Node.js
• B. Tiller
• C. Vault
• D. Yeoman
• E. Terratest

Answer: D,E

Explanation:
Explanation
You can use the combination of Terraform and Yeoman. Terraform is a tool for creating infrastructure on Azure. Yeoman makes it easy to create Terraform modules.
Terratest provides a collection of helper functions and patterns for common infrastructure testing tasks, like making HTTP requests and using SSH to access a specific virtual machine. The following list describes some of the major advantages of using Terratest:
* Convenient helpers to check infrastructure - This feature is useful when you want to verify your real infrastructure in the real environment.
* Organized folder structure - Your test cases are organized clearly and follow the standard Terraform module folder structure.
* Test cases are written in Go - Many developers who use Terraform are Go developers. If you're a Go developer, you don't have to learn another programming language to use Terratest.
* Extensible infrastructure - You can extend additional functions on top of Terratest, including Azure-specific features.
Reference:
https://docs.microsoft.com/en-us/azure/developer/terraform/create-base-template-using-yeoman
https://docs.microsoft.com/en-us/azure/developer/terraform/test-modules-using-terratest

 

NEW QUESTION 180
Your company has a project in Azure DevOps.
You plan to create a release pipeline that will deploy resources by using Azure Resource Manager templates.
The templates will reference secrets stored in Azure Key Vault.
You need to recommend a solution for accessing the secrets stored in the key vault during deployments. The solution must use the principle of least privilege.
What should you include in the recommendation? To answer, drag the appropriate configurations to the correct targets. Each configuration may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Box 1: A key Vault advanced access policy

Box 2: RBAC
Management plane access control uses RBAC.
The management plane consists of operations that affect the key vault itself, such as:
* Creating or deleting a key vault.
* Getting a list of vaults in a subscription.
* Retrieving Key Vault properties (such as SKU and tags).
* Setting Key Vault access policies that control user and application access to keys and secrets.
References:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-tutorial-use-key-vault

 

NEW QUESTION 181
You have an Azure DevOps organization named Contoso and an Azure subscription. The subscription contains an Azure virtual machine scale set named VMSS1 and an Azure Standard Load Balancer named LB1.
LB1 distributes incoming requests across VMSS1 instances.
You use Azure DevOps to build a web app named Appl and deploy App1 to VMSS1. App1 is accessible via HTTPS only and configured to require mutual authentication by using a client certificate.
You need to recommend a solution for implementing a health check of App1. The solution must meet the following requirements:
* Identify whether individual instances of VMSSl are eligible for an upgrade operation.
* Minimize administrative effort.
What should you include in the recommendation?

• A. an Azure Load Balancer health probe
• B. Azure Monitor autoscale
• C. the Application Health extension
• D. the Custom Script Extension

Answer: C

Explanation:
Topic 2, Case Study: 2Overview
Existing Environment
Contoso, Ltd. is a manufacturing company that has a main office in Chicago.
Requirements
Contoso plans to improve its IT development and operations processes implementing Azue DevOps principles.
Contoso has an Azure subscription and creates an Azure DevOPs organization.
The Azure DevOps organization includes:
* The Docker extension
* A deployment pool named Pool7 that contains 10 Azure virtual machines that run Windows Server
2016.
The Azure subscription contains an Azure Automation account.
Planned Changes
Contoso plans to create projects in Azure DevOps as shown in the following table.

Technical Requirements
Contoso identities the following technical requirements:
* Implement build agents rot Project 1.
* Whenever possible, use Azure resources
*Avoid using deprecated technologies
* Implement a code flow strategy for Project2 that will:
*Enable Team 2 to submit pull requests for Project2.
* Enable Team 2 to work independently on changes to a copy of Project?
* Ensure that any intermediary changes performed by Tram2 on a copy of Project2 will be subject to the same restrictions as the ones defied in the build policy of Project2.
* Whenever possible. Implement automation and minimize administrative effort.
* Implement Protect3, Project5, Project6, and Project7 based on the planned changes.
* Implement Project4 and configure the project to push Docker images to Azure Container Reentry.

 

NEW QUESTION 182
You need to create a notification if the peak average response time of an Azure web app named az400-9940427-main is more than five seconds when evaluated during a five-minute period. The notification must trigger the "https://contoso.com/notify" webhook.
To complete this task, sign in to the Microsoft Azure portal.

Answer:

Explanation:
See solution below.
Explanation
1. Open Microsoft Azure Portal
2. Log into your Azure account and go to App Service and look under Monitoring then you will see Alert.
3. Select Add an alert rule
4. Configure the alert rule as per below and click Ok.
Source: Alert on Metrics
Resource Group: az400-9940427-main
Resource: az400-9940427-main
Threshold: 5
Period: Over the last 5 minutes
Webhook: https://contoso.com/notify

References:
https://azure.microsoft.com/es-es/blog/webhooks-for-azure-alerts/

 

NEW QUESTION 183
You are creating a build pipeline in Azure Pipelines.
You define several tests that might fail due to third-party applications.
You need to ensure that the build pipeline completes successfully if the third-party applications are unavailable.
What should you do?

• A. Configure the build pipeline to use parallel jobs
• B. Increase the test pass percentage
• C. Configure flaky tests
• D. Add the Requirements quality widget to your dashboard

Answer: D

Explanation:
Explanation
Requirements traceability is the ability to relate and document two or more phases of a development process, which can then be traced both forward or backward from its origin. Requirements traceability help teams to get insights into indicators such as quality of requirements or readiness to ship the requirement. A fundamental aspect of requirements traceability is association of the requirements to test cases, bugs and code changes.
Reference:
https://docs.microsoft.com/en-us/azure/devops/pipelines/test/requirements-traceability

 

NEW QUESTION 184
You need to implement the code flow strategy for Project2 in Azure DevOps.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange in the correct order.

Answer:

Explanation:

1 - Create a repository
2 - Create a branch
3 - Add a build validation policy
References:
https://docs.microsoft.com/en-us/azure/devops/repos/git/manage-your-branches
Topic 1, Contoso
Existing Environment
Contoso, Ltd. is a manufacturing company that has a main office in Chicago.
Requirements
Contoso plans to improve its IT development and operations processes implementing Azue DevOps principles. Contoso has an Azure subscription and creates an Azure DevOPs organization.
The Azure DevOps organization includes:
The Docker extension
A deployment pool named Pool7 that contains 10 Azure virtual machines that run Windows Server 2016.
The Azure subscription contains an Azure Automation account.
Planned Changes
Contoso plans to create projects in Azure DevOps as shown in the following table.

Technical Requirements
Contoso identities the following technical requirements:
* Implement build agents rot Project 1.
* Whenever possible, use Azure resources
* Avoid using deprecated technologies
* Implement a code flow strategy for Project2 that will:
* Enable Team 2 to submit pull requests for Project2.
* Enable Team 2 to work independently on changes to a copy of Project?
* Ensure that any intermediary changes performed by Tram2 on a copy of Project2 will be subject to the same restrictions as the ones defied in the build policy of Project2.
* Whenever possible. Implement automation and minimize administrative effort.
* Implement Protect3, Project5, Project6, and Project7 based on the planned changes.
* Implement Project4 and configure the project to push Docker images to Azure Container Reentry.

 

NEW QUESTION 185
You mc configuring Azure DevOps build pipelines.
You plan to use hosted build agents.
Which build agent pool should you use to compile each application type? To answer, drag the appropriate built agent pools to the correct application types. Each butt agent pool may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

References: https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/v2-osx

 

NEW QUESTION 186
Your company is building a new web application.
You plan to collect feedback from pilot users on the features being delivered.
All the pilot users have a corporate computer that has Google Chrome and the Microsoft Test & Feedback extension installed. The pilot users will test the application by using Chrome.
You need to identify which access levels are required to ensure that developers can request and gather feedback from the pilot users. The solution must use the principle of least privilege.
Which access levels m Azure DevOps should you identify? To answer, select the appropriate options in the answer area NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Box 1: Basic
Assign Basic to users with a TFS CAL, with a Visual Studio Professional subscription, and to users for whom you are paying for Azure Boards & Repos in an organization.
Box 2: Stakeholder
Assign Stakeholders to users with no license or subscriptions who need access to a limited set of features.
Note:
You assign users or groups of users to one of the following access levels:
Basic: provides access to most features
VS Enterprise: provides access to premium features
Stakeholders: provides partial access, can be assigned to unlimited users for free References: https://docs.microsoft.com/en-us/azure/devops/organizations/security/access-levels?view=vsts

 

NEW QUESTION 187
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company uses Azure DevOps to manage the build and release processes for applications.
You use a Git repository for applications source control.
You need to implement a pull request strategy that reduces the history volume in the master branch.
Solution: You implement a pull request strategy that uses fast-forward merges.
Does this meet the goal?

• A. No
• B. Yes

Answer: A

Explanation:
Explanation
No fast-forward merge - This option merges the commit history of the source branch when the pull request closes and creates a merge commit in the target branch.
Reference:
https://docs.microsoft.com/en-us/azure/devops/repos/git/branch-policies

 

NEW QUESTION 188
You need to configure Azure Automation for the computers in Pool7.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them m the correct order.

Answer:

Explanation:

Explanation

 

NEW QUESTION 189
Your company uses Azure Artifacts for package management.
You need to configure an upstream source in Azure Artifacts for Python packages.
Which repository type should you use as an upstream source?

• A. third-party trusted Python
• B. npmjs.org
• C. PyPI
• D. Maven Central

Answer: C

Explanation:
Explanation
Get started with Python packages in Azure Artifacts
Create a feed
* Select Artifacts (in the left navigation of your Azure DevOps project).
* On the Artifacts page, select Create Feed.
* In the Create new feed dialog box:
* In the Name field, give the feed a name.
PyPI is the default repository name for twine, which is a tool for publishing Python packages.
Reference:
https://docs.microsoft.com/en-us/azure/devops/artifacts/quickstarts/python-packages

 

NEW QUESTION 190
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You integrate a cloud-hosted Jenkins server and a new Azure DevOps deployment.
You need Azure DevOps to send a notification to Jenkins when a developer commits changes to a branch in Azure Repos.
Solution: You add a trigger to the build pipeline.
Does this meet the goal?

• A. No
• B. Yes

Answer: A

Explanation:
You can create a service hook for Azure DevOps Services and TFS with Jenkins.
Reference:
https://docs.microsoft.com/en-us/azure/devops/service-hooks/services/jenkins

 

NEW QUESTION 191
......

Microsoft AZ-400: Preparation steps

If you fulfill the requirements for taking the exam, the next step is to commence your preparation in earnest. Therefore, to succeed, we recommend that you follow the steps listed below. Thus, you will get adequately prepared for your Microsoft AZ-400. Please consider making the following steps your heaven-sent plan:

• Spend time going through Azure whitepapers. They will help not only you with your performance but also with skills;
• Take practice tests and exam dumps.
• Take a training course. You can go for an instructor-led option or choose a self-study learning path;
• Visit the certification webpage to explore the details of the test;
• Find a reliable study guide that covers the content of the exam domains. You can also use periodicals and other books that contain information about the content;
• Use Microsoft documentations. You can find the links to these on the Microsoft Learning platform;

 

Try 100% Updated AZ-400 Exam Questions [2021]: https://www.actualcollection.com/AZ-400-exam-questions.html

Pass AZ-400 Exam - Real Questions & Answers: https://drive.google.com/open?id=1nsStRhh9Di2NHn2Rq7_fjn-EfKQXa7oU