[October-2020]Full Version AZ-400 Dumps (VCE and PDF) AZ-400 240Q for Free Download[Q209-Q230] October 20, 2020 lead2pass 2020/October Latest Braindump2go AZ-400 Exam Dumps with PDF and VCE Free Updated Today! Following are some new AZ-400 Real Exam Questions! QUESTION 209You use Azure Pipelines to manage project builds and deployments.You plan to use Azure Pipelines for Microsoft Teams to notify the legal team when a new build is ready for release.You need to configure the Organization Settings in Azure DevOps to support Azure Pipelines for Microsoft Teams.What should you turn on? A. Third-party application access via OAuthB. Azure Active Directory Conditional Access Policy ValidationC. Alternate authentication credentials D. SSH authentication Answer: AExplanation:The Azure Pipelines app uses the OAuth authentication protocol, and requires Third-party application access via OAuth for the organization to be enabled. To enable this setting, navigate to Organization Settings > Security > Policies, and set the Third-party application access via OAuth for the organization setting to On.Reference:https://docs.microsoft.com/en-us/azure/devops/pipelines/integrations/microsoft-teams QUESTION 210Your company implements an Agile development methodology.You plan to implement retrospectives at the end of each sprint.Which three questions should you include? Each correct answer presents part of the solution.NOTE: Each correct selection is worth one point. A. Who performed well?B. Who should have performed better?C. What could have gone better?D. What went well?E. What should we try next? Answer: BCEExplanation:Sprint retrospective meetingsThe sprint retrospective meeting typically occurs on the last day of the sprint, after the sprint review meeting. In this meeting, your team explores its execution of Scrum and what might need tweaking.Based on discussions, your team might decide to change one or more processes to improve its own effectiveness, productivity, quality, and satisfaction. This meeting and the resulting improvements are critical to the agile principle of self-organization.Look to address these areas during your team sprint retrospectives:Issues that affected your team’s general effectiveness, productivity, and quality.Elements that impacted your team’s overall satisfaction and project flow.What happened to cause incomplete backlog items? What actions will the team take to prevent these issues in the future?Reference:https://docs.microsoft.com/en-us/azure/devops/boards/sprints/best-practices-scrum QUESTION 211Your company uses Azure Artifacts for package management.You need to configure an upstream source in Azure Artifacts for Python packages.Which repository type should you use as an upstream source? A. npmjs.orgB. PyPIC. Maven CentralD. third-party trusted Python Answer: BExplanation:Get started with Python packages in Azure ArtifactsCreate a feed1. Select Artifacts (in the left navigation of your Azure DevOps project).2. On the Artifacts page, select Create Feed.3. In the Create new feed dialog box:4. In the Name field, give the feed a name.PyPI is the default repository name for twine, which is a tool for publishing Python packages.Reference:https://docs.microsoft.com/en-us/azure/devops/artifacts/quickstarts/python-packages QUESTION 212Your company uses Azure DevOps to manage the build and release processes for applications.You use a Git repository for applications source control.You plan to create a new branch from an existing pull request. Later, you plan to merge the new branch and the target branch of the pull request.You need to use a pull request action to create the new branch. The solution must ensure that the branch uses only a portion of the code in the pull request.Which pull request action should you use? A. Set as default branchB. Approve with suggestionsC. Cherry-pickD. ReactivateE. Revert Answer: CExplanation:Cherry-pick a pull requestTo copy changes made in a pull request to another branch in your repo, follow these steps:1. In a completed pull request, select Cherry-pick, or for an active pull request, select Cherry-pick from the … menu. Cherry-picking a pull request in this way creates a new branch with the copied changes.Merge into a target branch in a second pull request.2. In Target branch, enter the branch you want to merge the copied changes.3. In Topic branch name, enter a new branch to contain the copied changes, then select Cherry-pick.4. Select Create pull request to merge the topic branch into the target branch to complete the cherry-pick.Reference:https://docs.microsoft.com/en-us/azure/devops/repos/git/pull-requests QUESTION 213You have an Azure DevOps organization named Contoso that contains a project named Project1.You provision an Azure key vault named Keyvault1.You need to reference Keyvault1 secrets in a build pipeline of Project1.What should you do first? A. Add a secure file to Project1.B. Create an XAML build service.C. Create a variable group in Project1.D. Configure the security policy of Contoso. Answer: DExplanation:Before this will work, the build needs permission to access the Azure Key Vault. This can be added in the Azure Portal.Open the Access Policies in the Key Vault and add a new one. Choose the principle used in the DevOps build.Reference:https://docs.microsoft.com/en-us/azure/devops/pipelines/release/azure-key-vault QUESTION 214You are designing a build pipeline in Azure Pipelines.The pipeline requires a self-hosted agent. The build pipeline will run once daily and will take 30 minutes to complete.You need to recommend a compute type for the agent. The solution must minimize costs.What should you recommend? A. an Azure Kubernetes Service (AKS) clusterB. Azure Container InstancesC. an Azure virtual machine scale setD. Azure virtual machines Answer: BExplanation:If your pipelines are in Azure Pipelines, then you’ve got a convenient option to run your jobs using a Microsoft-hosted agent. With Microsoft-hosted agents, maintenance and upgrades are taken care of for you. Each time you run a pipeline, you get a fresh virtual machine. The virtual machine is discarded after one use. Microsoft-hosted agents can run jobs directly on the VM or in a container.Note: You can try a Microsoft-hosted agent for no charge.Reference:https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/hosted QUESTION 215Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.You plan to update the Azure DevOps strategy of your company.You need to identify the following issues as they occur during the company’s development process:– Licensing violations– Prohibited librariesSolution: You implement continuous deployment.Does this meet the goal? A. YesB. No Answer: BExplanation:Instead implement continuous integration.Note: WhiteSource is the leader in continuous open source software security and compliance management. WhiteSource integrates into your build process, irrespective of your programming languages, build tools, or development environments. It works automatically, continuously, and silently in the background, checking the security, licensing, and quality of your open source components against WhiteSource constantly-updated definitive database of open source repositories.Reference:https://azuredevopslabs.com/labs/vstsextend/whitesource/ QUESTION 216Your company has an Azure DevOps project,The source code for the project is stored in an on-premises repository and uses on an on-premises build server.You plan to use Azure DevOps to control the build process on the build server by using a self-hosted agent.You need to implement the self-hosted agent.You download and install the agent on the build server.Which two actions should you perform next? Each correct answer presents part of the solution. A. From Azure, create a shared access signature (SAS).B. From the build server, create a certificate, and then upload the certificate to Azure Storage.C. From the build server, create a certificate, and then upload the certificate to Azure Key Vault.D. From DevOps, create a personal access token (PAT).E. From the build server, run config.cmd. Answer: BEExplanation:B: Make sure you install your self-signed ssl server certificate into the OS certificate store.E: When you have a self-signed SSL certificate for your on-premises TFS server, make sure to configure the Git we shipped to allow that self-signed SSL certificate.Enable git to use SChannel during configure with 2.129.0 or higher version agent Pass –gituseschannel during agent configuration./config.cmd –gituseschannelReference:https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/certificate QUESTION 217You have an Azure subscription that contains an Azure Active Directory (Azure AD) tenant.You are configuring a build pipeline in Azure Pipelines that will include a task named Task1. Task1 will authenticate by using an Azure AD service principal.Which three values should you configure for Task1? Each correct answer presents part of the solution.NOTE: Each correct selection is worth one point. A. the tenant IDB. the subscription IDC. the client secretD. the app IDE. the object ID Answer: ABDExplanation:Create an Azure Resource Manager service connection with an existing service principalAB: Enter the information about your service principal into the Azure subscription dialog textboxes:Tenant IDSubscription IDSubscription nameService principal IDEither the service principal client key or, if you have selected Certificate, enter the contents of both the certificate and private key sections of the *.pem file.D: To deploy to a specific Azure resource, the task will need additional data about that resource.If you’re using the classic editor, select data you need. For example, the App service name.If you’re using YAML, then go to the resource in the Azure portal, and then copy the data into your code.For example, to deploy a web app, you would copy the name of the App Service into the WebAppName value.Reference:https://docs.microsoft.com/en-us/azure/devops/pipelines/library/connect-to-azure QUESTION 218You need to execute inline testing of an Azure DevOps pipeline that uses a Docker deployment model. The solution must prevent the results from being published to the pipeline.What should you use for the inline testing? A. a single stage DockerfileB. an Azure Kubernetes Service (AKS) podC. a multi-stage DockerfileD. a Docker Compose file Answer: DExplanation:Use Docker when running integration tests with Azure Pipelines.Reference:https://crossprogramming.com/2019/12/27/use-docker-when-running-integration-tests-with-azure-pipelines.html QUESTION 219You need to configure GitHub to use Azure Active Directory (Azure AD) for authentication.What should you do first? A. Create a conditional access policy in Azure AD.B. Register GitHub in Azure AD.C. Create an Azure Active Directory B2C (Azure AD B2C) tenant.D. Modify the Security settings of the GitHub organization. Answer: BExplanation:When you connect to a Git repository from your Git client for the first time, the credential manager prompts for credentials. Provide your Microsoft account or Azure AD credentials.Note: Git Credential Managers simplify authentication with your Azure Repos Git repositories. Credential managers let you use the same credentials that you use for the Azure DevOps Services web portal.Credential managers support multi-factor authentication through Microsoft account or Azure Active Directory (Azure AD). Besides supporting multi-factor authentication with Azure Repos, credential managers also support two-factor authentication with GitHub repositories.Reference:https://docs.microsoft.com/en-us/azure/devops/repos/git/set-up-credential-managers QUESTION 220You have a project in Azure DevOps named Project1. Project1 contains a pipeline that builds a container image named Image1 and pushes Image1 to an Azure container registry named ACR1. Image1 uses a base image stored in Docker Hub.You need to ensure that Image1 is updated automatically whenever the base image is updated.What should you do? A. Enable the Azure Event Grid resource provider and subscribe to registry events.B. Add a Docker Hub service connection to Azure Pipelines.C. Create and run an Azure Container Registry task.D. Create a service hook in Project1. Answer: CExplanation:ACR Tasks supports automated container image builds when a container’s base image is updated, such as when you patch the OS or application framework in one of your base images.Reference:https://docs.microsoft.com/en-us/azure/container-registry/container-registry-tutorial-base-image-update QUESTION 221You have a free tier of an Azure DevOps organization named Contoso. Contoso contains 10 private projects. Each project has multiple jobs with no dependencies.You frequently run the jobs on five self-hosted agents but experience long build times and frequently queued builds.You need to minimize the number of queued builds and the time it takes to run the builds.What should you do? A. Configure the pipelines to use the Microsoft-hosted agents.B. Register additional self-hosted agents.C. Purchase self-hosted parallel jobs.D. Purchase Microsoft-hosted parallel jobs. Answer: DExplanation:When the free tier is no longer sufficient, you can pay for additional capacity per parallel job.Note: Microsoft-hosted CI/CDIf you want to run your jobs on machines that Microsoft manages, use Microsoft-hosted parallel jobs. Your jobs run on our pool of Microsoft-hosted agents.We provide a free tier of service by default in every organization.Reference:https://docs.microsoft.com/en-us/azure/devops/pipelines/licensing/concurrent-jobs QUESTION 222You have an Azure DevOps project that contains a build pipeline. The build pipeline uses approximately 50 open source libraries.You need to ensure that all the open source libraries comply with your company’s licensing standards.Which service should you use? A. AnsibleB. MavenC. WhiteSource BoltD. Helm Answer: CExplanation:WhiteSource provides WhiteSource Bolt, a lightweight open source security and management solutiondeveloped specifically for integration with Azure DevOps and Azure DevOps Server.Note: WhiteSource is the leader in continuous open source software security and compliance management. WhiteSource integrates into your build process, irrespective of your programming languages, build tools, or development environments. It works automatically, continuously, and silently in the background, checking the security, licensing, and quality of your open source components against WhiteSource constantly-updated definitive database of open source repositories.Note: Blackduck would also be a good answer, but it is not an option here.Reference:https://www.azuredevopslabs.com/labs/vstsextend/whitesource/ QUESTION 223Your company develops an application named App1 that is deployed in production.As part of an application update, a new service is being added to App1. The new service requires access to an application named App2 that is currently in development.You need to ensure that you can deploy the update to App1 before App2 becomes available. You must be able to enable the service in App1 once App2 is deployed.What should you do? A. Implement a feature flag.B. Create a fork in the build.C. Create a branch in the build.D. Implement a branch policy. Answer: AExplanation:Feature flags support a customer-first DevOps mindset, to enable (expose) and disable (hide) features in a solution, even before they are complete and ready for release.Incorrect Answers:C: Branch policies are an important part of the Git workflow and enable you to:Isolate work in progress from the completed work in your master branchGuarantee changes build before they get to masterReference:https://docs.microsoft.com/en-us/azure/devops/migrate/phase-features-with-feature-flags QUESTION 224You are designing the security validation strategy for a project in Azure DevOps.You need to identify package dependencies that have known security issues and can be resolved by an update.What should you use? A. Octopus DeployB. JenkinsC. GradleD. SonarQube Answer: AExplanation:Incorrect Answers:B: Jenkins is a popular open-source automation server used to set up continuous integration and delivery (CI/CD) for your software projects.D: SonarQube is a set of static analyzers that can be used to identify areas of improvement in your code. It allows you to analyze the technical debt in your project and keep track of it in the future.Reference:https://octopus.com/docs/packaging-applications QUESTION 225You have a private distribution group that contains provisioned and unprovisioned devices.You need to distribute a new iOS application to the distribution group by using Microsoft Visual Studio App Center.What should you do? A. Generate a new .p12 file for each device.B. Create an unsigned build.C. Register the devices on the Apple Developer portal.D. Create an active subscription in App Center Test. Answer: CExplanation:When releasing an iOS app signed with an ad-hoc or development provisioning profile, you must obtain tester’s device IDs (UDIDs), and add them to the provisioning profile before compiling a release. When you enable the distribution group’s Automatically manage devices setting, App Center automates the before mentioned operations and removes the constraint for you to perform any manual tasks. As part of automating the workflow, you must provide the user name and password for your Apple ID and your production certificate in a .p12 format.App Center starts the automated tasks when you distribute a new release or one of your testers registers a new device. First, all devices from the target distribution group will be registered, using your Apple ID, in your developer portal and all provisioning profiles used in the app will be generated with both new and existing device ID. Afterward, the newly generated provisioning profiles are downloaded to App Center servers.Reference:https://docs.microsoft.com/en-us/appcenter/distribution/groups QUESTION 226Your company uses the following resources:– Windows Server 2019 container images hosted in an Azure Container Registry.– Azure virtual machines that run the latest version of Ubuntu– An Azure Log Analytics workspace– Azure Active Directory (Azure AD)– An Azure key vaultFor which two resources can you receive vulnerability assessments in Azure Security Center? Each correct answer presents part of the solution.NOTE: Each correct selection is worth one point. A. the Azure Log Analytics workspaceB. the Azure key vaultC. the Azure virtual machines that run the latest version of UbuntuD. Azure Active Directory (Azure AD)E. The Windows Server 2019 container images hosted in the Azure Container Registry. Answer: BCExplanation:B: Azure Security Center includes Azure-native, advanced threat protection for Azure Key Vault, providing an additional layer of security intelligence.C: When Security Center discovers a connected VM without a vulnerability assessment solution deployed, it provides the security recommendation “A vulnerability assessment solution should be enabled on your virtual machines”.Ubuntu supported versions: 12.04 LTS, 14.04 LTS, 15.x, 16.04 LTS, 18.04 LTS Reference:https://docs.microsoft.com/en-us/azure/security-center/deploy-vulnerability-assessment-vm QUESTION 227You have a private project in Azure DevOps.You need to ensure that a project manager can create custom work item queries to report on the project’s progress. The solution must use the principle of least privilege.To which security group should you add the project manager? A. ReaderB. Project Collection AdministratorsC. Project AdministratorsD. Contributor Answer: DExplanation:Contributors have permissions to contribute fully to the project code base and work item tracking. The main permissions they don’t have or those that manage or administer resources.Reference:https://docs.microsoft.com/en-us/azure/devops/organizations/security/permissions QUESTION 228You use Azure Pipelines to manage build pipelines, GitHub to store source code, and Dependabot to manage dependencies.You have an app named App1.Dependabot detects a dependency in App1 that requires an update.What should you do first to apply the update? A. Create a pull request.B. Approve the pull request.C. Create a branch.D. Perform a commit. Answer: BExplanation:DependaBot is a useful tool to regularly check for dependency updates. By helping to keep your project up to date, DependaBot can reduce technical debt and immediately apply security vulnerabilities when patches are released. How does DependaBot work?1. DependaBot regularly checks dependencies for updates2. If an update is found, DependaBot creates a new branch with this upgrade and Pull Request for approval3. You review the new Pull Request, ensure the tests passed, review the code, and decide if you can merge the changeReference:https://samlearnsazure.blog/2019/12/20/github-using-dependabot/ QUESTION 229You are integrating Azure Pipelines and Microsoft Teams.You install the Azure Pipelines app in Microsoft Teams.You have an Azure DevOps organization named Contoso that contains a project name Project1.You subscribe to Project1 in Microsoft Teams.You need to ensure that you only receive events about failed builds in Microsoft Teams.What should you do first? A. From Microsoft Teams, run @azure pipelines subscribe https://dev.azure.com/Contoso/Project1.B. From Azure Pipelines, add a Publish Build Artifacts task to Project1.C. From Microsoft Teams, run @azure pipelines subscriptions.D. From Azure Pipelines, enable continuous integration for Project1. Answer: AExplanation:To start monitoring all pipelines in a project, use the following command inside a channel:@azure pipelines subscribe [project url]The project URL can be to any page within your project (except URLs to pipelines).For example:@azure pipelines subscribe https://dev.azure.com/myorg/myproject/Reference:https://docs.microsoft.com/en-us/azure/devops/pipelines/integrations/microsoft-teams QUESTION 230You have an Azure DevOps organization named Contoso and an Azure subscription.You use Azure DevOps to build and deploy a web app named App1. Azure Monitor is configured to generate an email notification in response to alerts generated whenever App1 generates a server-side error.You need to receive notifications in Microsoft Teams whenever an Azure Monitor alert is generated.Which two actions should you perform? Each correct answer presents part of the solution.NOTE: Each correct selection is worth one point. A. Create an Azure Monitor workbook.B. Create an Azure logic app that has an HTTP request trigger.C. Create an Azure logic app that has an Azure DevOps trigger.D. Modify an action group in Azure Monitor.E. Modify the Diagnostics settings in Azure Monitor. Answer: CDExplanation:https://dirteam.com/dave/2019/05/14/getting-azure-devops-tasks-in-to-do-with-flow/ Resources From: 1.2020 Latest Braindump2go AZ-400 Exam Dumps (PDF & VCE) Free Share:https://www.braindump2go.com/az-400.html 2.2020 Latest Braindump2go AZ-400 PDF and AZ-400 VCE Dumps Free Share:https://drive.google.com/drive/folders/1kLhX5N_Pt_noAKZD50xUpnSEA5Tt62TZ?usp=sharing 3.2020 Free Braindump2go AZ-400 PDF Download:https://www.braindump2go.com/free-online-pdf/AZ-400-Dumps(219-229).pdfhttps://www.braindump2go.com/free-online-pdf/AZ-400-PDF-Dumps(208-218).pdfhttps://www.braindump2go.com/free-online-pdf/AZ-400-VCE-Dumps(230-240).pdf Free Resources from Braindump2go,We Devoted to Helping You 100% Pass All Exams!