Udemy AZ-400 Practice Test 5: Mock Test 5
You have developed an app for iOS. The devices of all the app users belong to a private distribution group in Microsoft Visual Studio App Center. You are tasked with distributing a new release of the app from App Center. You require a specific certificate file to achieve your goal. Which of the following is the file extension of the certificate file? .crt .pfx .p12 .pem
.p12 Explanation A successful IOS device build will produce an ipa file. In order to install the build on a device, it needs to be signed with a valid provisioning profile and certificate. To sign the builds produced from a branch, enable code signing in the configuration pane and upload a provisioning profile (.mobileprovision) and a valid certificate (.p12), along with the password for the certificate. References: https://docs.microsoft.com/en-us/appcenter/build/xamarin/ios/
You need to consider the highlighted segment to establish whether it is accurate. Your company has a multi-tier application that has its front end hosted in Azure App Service. To pinpoint the average load times of the application pages, you should make use of Azure Event Hubs. Select "No adjustment required" if the highlighted segment is accurate. If the highlighted segment is inaccurate, select the accurate option. No adjustment required. Azure Application Insights Azure Log Analytics Azure Advisor
Azure Application Insights Explanation Application Insights will tell you about any performance issues and exceptions, and help you find and diagnose the root causes. Application Insights can monitor both Java and ASP.NET web applications and services, WCF services. They can be hosted on-premises, on virtual machines, or as Microsoft Azure websites. On the client side, Application Insights can take telemetry from web pages and a wide variety of devices including iOS, Android, and Windows Store apps. Reference: https://docs.microsoft.com/en-us/azure/azure-monitor/app/web-monitor-performance
Your company has a multi-tier application. The application is configured to have an Azure Web Apps front end, with an Azure SQL Database back end. You are designing a strategy for capturing and storing telemetry data. Your strategy should allow for baselines to be pinpointed via ad-hoc queries. Also, alerts must be triggered once baseline metrics are surpassed. Furthermore, application and database metrics must be stored centrally. Which of the following should be part of your strategy? Azure Advisor Azure Security Center Azure Application Insights Azure Log Analytics
Azure Log Analytics Explanation Azure Platform as a Service (PaaS) resources, like Azure SQL and Web Sites (Web Apps), can emit performance metrics data natively to Log Analytics. The Premium plan will retain up to 12 months of data, giving you an excellent baseline ability. There are two options available in the Azure portal for analyzing data stored in Log analytics and for creating queries for ad hoc analysis. Incorrect Answers: B: Intelligent Insights analyzes database performance by comparing the database workload from the last hour with the past seven-day baseline workload. However, we need handle application metrics as well. References: https://docs.microsoft.com/en-us/azure/azure-monitor/platform/collect-azurepass-posh
You have created an Azure DevOps project for a new application that will be deployed to a number of Windows Server 2016 Azure virtual machines. You are preparing a deployment solution that allows for the virtual machines to maintain a uniform configuration, and also keep administrative effort with regards to configuring the virtual machines to a minimum. Which of the following should be part of your solution? (Choose two.) Azure Resource Manager templates The PowerShell Desired State Configuration (DSC) extension for Windows Azure pipeline deployment groups The Custom Script Extension for Windows Azure pipeline stage templates
Azure Resource Manager templates The PowerShell Desired State Configuration (DSC) extension for Windows Explanation A. Azure Resource Manager Templates B. The PowerShell Desired State Configuration (DSC) extension for Windows
Your company has an application that contains a number of Azure App Service web apps and Azure functions. You would like to view recommendations with regards to the security of the web apps and functions. You plan to navigate to Compute and Apps to achieve your goal. Which of the following should you access to make use of Compute and Apps? Azure Log Analytics Azure Event Hubs Azure Advisor Azure Security Center
Azure Security Center Explanation Monitor compute and app services: Compute & apps include the App Services tab, which App services: list of your App service environments and current security state of each. Recommendations - This section has a set of recommendations for each VM and computer, web and worker roles, Azure App Service Web Apps, and Azure App Service Environment that Security Center monitors. The first column lists the recommendation. The second column shows the total number of resources that are affected by that recommendation. The third column shows the severity of the issue. References: https://docs.microsoft.com/en-us/azure/azure-monitor/app/proactive-diagnostics Topic 7, Implement Continuous Feedback
You are currently developing a project for a client that will be managing work items via Azure DevOps. You want to make sure that the work item process you use for the client allows for requirements, change requests, risks, and reviews to be tracked. Which of the following is the option you would choose? Basic Agile Scrum CMMI
CMMI Explanation Choose CMMI when your team follows more formal project methods that require a framework for process improvement and an auditable record of decisions. With this process, you can track requirements, change requests, risks, and reviews. Incorrect Answers: A. Choose Basic when your team wants the simplest model that uses Issues, Tasks, and Epics to track work. B. This process works great if you want to track user stories and (optionally) bugs on the Kanban board, or track bugs and tasks on the taskboard. C. This process works great if you want to track product backlog items (PBIs) and bugs on the Kanban board, or break PBIs and bugs down into tasks on the taskboard. References: https://docs.microsoft.com/en-us/azure/devops/boards/work-items/guidance/choose-process?view=azure-devops Topic 2, Implement DevOps Development Processes
You are making use of Azure DevOps to automate the build process for a Java-based application. You are required to include code coverage testing and publish the results to the pipeline. Which two of the following tools could you use? Cobertura Coverlet JaCoCo Coverage.py
Cobertura Coverage.py Explanation Use Publish Code Coverage Results task in a build pipeline to publish code coverage results to Azure Pipelines or TFS, which were produced by a build in Cobertura or JaCoCo format. Incorrect Answers: B. If you're building on Linux or macOS, you can use Coverlet or a similar tool to collect code coverage metrics. Code coverage results can be published to the server by using the Publish Code Coverage Results task. To leverage this functionality, the coverage tool must be configured to generate results in Cobertura or JaCoCo coverage format. D. Coverage.py is used for Python, not for Java. References: https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/test/publish-code-coverage-results
Your company has an Azure DevOps environment that can only be accessed by Azure Active Directory users You are instructed to make sure that the Azure DevOps environment can only be accessed from devices connected to the company's on-premises network. Which of the following actions should you take? Assign the devices to a security group. Create a GPO. Configure Security in Project Settings from Azure DevOps. Configure conditional access in Azure Active Directory.
Configure conditional access in Azure Active Directory. Explanation Conditional Access is a capability of Azure Active Directory. With Conditional Access, you can implement automated access control decisions for accessing your cloud apps that are based on conditions. Conditional Access policies are enforced after the first-factor authentication has been completed. References: https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview
You create NuGet packages and host them via Azure Artifacts. You want to grant availability to external anonymous users for one of the packages, while keeping the number of publication points to a minimum. Which of the following actions should you take? Change the feed URL of the package Create a new feed for the package Upload the package to a Git repository. Add the package URL to the Environment settings in Visual Studio.
Create a new feed for the package Explanation Azure Artifacts introduces the concept of multiple feeds that you can use to organize and control access to your packages. Packages you host in Azure Artifacts are stored in a feed. Setting permissions on the feed allows you to share your packages with as many or as few people as your scenario requires. Feeds have four levels of access: Owners, Contributors, Collaborators, and Readers. References: https://docs.microsoft.com/en-us/azure/devops/artifacts/feeds/feed-permissions?view=vsts&tabs=new-nav
You are configuring project metrics for dashboards in Azure DevOps. You need to configure a chart widget that measures the elapsed time to complete work items once they become active. Which of the following is the widget you should use? Cumulative Flow Diagram Burnup Cycle time Burndown
Cycle time Explanation Cycle time measures the time it takes for your team to complete work items once they begin actively working on them. References: https://docs.microsoft.com/en-us/azure/devops/report/dashboards/cycle-time-and-lead-time?view=vsts.
You are making use of Azure DevOps to configure Azure Pipelines for project, named PROJ-01. You are preparing to use a version control system that allows for source code to be stored on a managed Windows server located on the company network. Which of the following is the version control system you should use? Github Enterprise Bitbucket cloud Github Professional Git in Azure Repos
Github Enterprise Explanation GitHub Enterprise is the on-premises version of GitHub.com. GitHub Enterprise includes the same great set of features as GitHub.com but packaged for running on your organization's local network. All repository data is stored on machines that you control, and access is integrated with your organization's authentication system (LDAP, SAML, or CAS). References: https://www.azuredevopslabs.com/labs/azuredevops/yaml/ https://enterprise.github.com/faq Topic 3, Implement Continuous Integration
You are in the process of creating a new Java application. You analyze the code of .NET applications via a SonarQube server. You are preparing to add a task type to the build pipeline that will allow you to analyze and monitor the code quality of the Java application. Which two of the following task types could you use? Chef Gradle Maven xCODE
Gradle Maven Explanation SonarQube is a set of static analyzers that can be used to identify areas of improvement in your code. It allows you to analyze the technical debt in your project and keep track of it in the future. With Maven and Gradle build tasks, you can run SonarQube analysis with minimal setup in a new or existing Azure DevOps Services build task. Reference: https://docs.microsoft.com/en-us/azure/devops/java/sonarqube?view=azure-devops
Your company manages incidents via ServiceNow. You have recently created an application that runs on Azure. You have to make sure that application authentication failure produces a ticket in ServiceNow. Which Azure Log Analytics solution should you use? Application Insights Connector Microsoft Azure Connector IT Service Management Connector (ITSM) SQL Server Connector
IT Service Management Connector (ITSM) Explanation The IT Service Management Connector (ITSMC) allows you to connect Azure and a supported IT Service Management (ITSM) product/service. ITSMC supports connections with the following ITSM tools: ServiceNow - System Center Service Manager - Provance - Cherwell - With ITSMC, you can - Create work items in ITSM tool, based on your Azure alerts (metric alerts, Activity Log alerts and Log Analytics alerts). Optionally, you can sync your incident and change request data from your ITSM tool to an Azure Log Analytics workspace. References: https://docs.microsoft.com/en-us/azure/azure-monitor/platform/itsmc-overview
You need to consider the highlighted segment to establish whether it is accurate. To compile an Internet Information Services (IIS) web application that runs docker, you should use a Default build agent pool. Select "No adjustment required" if the highlighted segment is accurate. If the highlighted segment is inaccurate, select the accurate option. No adjustment required. Hosted Windows Container Hosted Hosted macOS
Hosted Explanation Hosted pool (Azure Pipelines only): The Hosted pool is the built-in pool that is a collection of Microsoft-hosted agents. Reference: https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/v2-osx https://docs.microsoft.com/en-us/azure/devops/pipelines/agents
You need to consider the below highlighted segment to establish whether it is accurate. The Burnup widget measures the elapsed time from creation of work items to their completion. Select ?€No adjustment required?€ if the highlighted segment is accurate. If the highlighted segment is inaccurate, select the accurate option. No adjustment required. Lead time Test results trend Burndown
Lead time Explanation References: https://docs.microsoft.com/en-us/azure/devops/report/dashboards/cycle-time-and-lead-time?view=vsts
You are making use of Azure DevOps manage build pipelines, and also deploy pipelines. The development team is quite large, and is regularly added to. You have been informed that the management of users and licenses must be automated when it can be. Which of the following is a task that can't be automated? Group membership changes License assignment Assigning entitlements License procurement
License procurement
You are in the process of developing an application, whose source has several branches. After making a number of alterations to a branch used for testing, you are required to update the main branch to capture the alterations made to the testing branch and override the Git repository's history. You need to select the Git option that will achieve this. Which of the following is the option you should select? Join Fetch Merge Force
Merge Explanation Create pull requests to review and merge code in a Git project. Pull requests let your team review code and give feedback on changes before merging it into the master branch. Reference: https://docs.microsoft.com/en-us/azure/devops/repos/git/pull-requests Topic 4, Implement Continuous Delivery
Your company makes use of Azure SQL Database Intelligent Insights and Azure Application Insights for monitoring purposes. You have been tasked with analyzing the monitoring using ad-hoc queries. You need to utilize the correct query language. Solution: You use Azure Log Analytics. Does the solution meet the goal? Yes No
No Explanation Data analysis in Azure SQL Analytics is based on Log Analytics language for your custom querying and reporting. References: https://docs.microsoft.com/en-us/azure/azure-monitor/insights/azure-sql
You are responsible for an Azure DevOps project, which contains package feeds. You are preparing to assign a number of developers access that allows them to save packages from upstream sources, without giving them more permissions than necessary. Solution: You assign the Owner access level. Does the solution meet the goal? Yes No
No Explanation Feeds have four levels of access: Owners, Contributors, Collaborators, and Readers. Owners can add any type of identity-individuals, teams, and groups-to any access level Reference: https://docs.microsoft.com/en-us/azure/devops/artifacts/feeds/feed-permissions
You are responsible for an Azure DevOps project, which contains package feeds. You are preparing to assign a number of developers access that allows them to save packages from upstream sources, without giving them more permissions than necessary. Solution: You assign the Reader access level. Does the solution meet the goal? Yes No
No Explanation Feeds have four levels of access: Owners, Contributors, Collaborators, and Readers. Owners can add any type of identity-individuals, teams, and groups-to any access level. Reference: https://docs.microsoft.com/en-us/azure/devops/artifacts/feeds/feed-permissions
You are in the process of configuring the settings of a new Git repository in Azure Repos. You want to ensure that pull requests in a branch allows for committed code to be compiled successfully prior to being merged. Solution: You configure a status policy. Does the solution meet the goal? Yes No
No Explanation Reference: https://docs.microsoft.com/en-us/azure/devops/repos/tfvc/add-check-policies
Your company has an Azure DevOps project that includes a release pipeline. You want to make use of the Helm package and deploy task to deploy to an Azure Kubernetes Services (AKS) cluster. To make sure that the intended deployment is successful, you are required to install the necessary service in the AKS namespace. Solution: You install the Azure Container Registry service. Does the solution meet the goal? Yes No
No Explanation References: https://docs.microsoft.com/en-us/azure/aks/kubernetes-helm
Your company has an Azure DevOps project that includes a release pipeline. You want to make use of the Helm package and deploy task to deploy to an Azure Kubernetes Services (AKS) cluster. To make sure that the intended deployment is successful, you are required to install the necessary service in the AKS namespace. Solution: You install the Yeoman service. Does the solution meet the goal? Yes No
No Explanation References: https://docs.microsoft.com/en-us/azure/aks/kubernetes-helm
Your company makes use of Azure SQL Database Intelligent Insights and Azure Application Insights for monitoring purposes. You have been tasked with analyzing the monitoring using ad-hoc queries. You need to utilize the correct query language. Solution: You use the Contextual Query Language (CQL). Does the solution meet the goal? Yes No
No Explanation References: https://docs.microsoft.com/en-us/azure/azure-monitor/insights/azure-sql
Your company makes use of Azure SQL Database Intelligent Insights and Azure Application Insights for monitoring purposes. You have been tasked with analyzing the monitoring using ad-hoc queries. You need to utilize the correct query language. Solution: You use the Transact-SQL. Does the solution meet the goal? Yes No
No Explanation References: https://docs.microsoft.com/en-us/azure/azure-monitor/insights/azure-sql
Your company has an Azure subscription that includes an Azure SQL database. Your company also has an Azure DevOps project, named PROJ-01. You plan to update the Azure SQL database by creating a release pipeline that employs the Azure SQL Database Deployment task. You need to deploy the necessary artifact. Solution: You deploy a config file. Does the solution meet the goal? Yes No
No Explanation References: https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/deploy/sql-azure-dacpac-deployment
Your company has an Azure subscription that includes an Azure SQL database. Your company also has an Azure DevOps project, named PROJ-01. You plan to update the Azure SQL database by creating a release pipeline that employs the Azure SQL Database Deployment task. You need to deploy the necessary artifact. Solution: You deploy an LDF file. Does the solution meet the goal? Yes No
No Explanation References: https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/deploy/sql-azure-dacpac-deployment
You run the Register-AzureRmAutomationDscNode command in your company's environment. You need to make sure that your company's test servers remain correctly configured, regardless of configuration drift. Solution: You set the -ConfigurationMode parameter to ApplyAndMonitor. Does the solution meet the goal? Yes No
No Explanation References: https://docs.microsoft.com/en-us/powershell/module/azurerm.automation/register-azurermautomationdscnode?view=azurermps-6.13.0
You run the Register-AzureRmAutomationDscNode command in your company's environment. You need to make sure that your company's test servers remain correctly configured, regardless of configuration drift. Solution: You set the -ConfigurationMode parameter to ApplyOnly. Does the solution meet the goal? Yes No
No Explanation References: https://docs.microsoft.com/en-us/powershell/module/azurerm.automation/register-azurermautomationdscnode?view=azurermps-6.13.0
You need to consider the highlighted segment to establish whether it is accurate. Black Duck can be used to make sure that all the open-source libraries conform to your company's licensing criteria. Select "No adjustment required" if the highlighted segment is accurate. If the highlighted segment is inaccurate, select the accurate option. No adjustment required. Maven Bamboo CMAKE
No adjustment required. Explanation Secure and Manage Open-Source Software Black Duck helps organizations identify and mitigate open-source security, license compliance and code-quality risks across application and container portfolios. Black Duck Hub and its plugin for Team Foundation Server (TFS) allows you to automatically find and fix open source security vulnerabilities during the build process, so you can proactively manage risk. The integration allows you to receive alerts and fail builds when any Black Duck Hub policy violations are met. References: https://marketplace.visualstudio.com/items?itemName=black-duck-software.hub-tfs Topic 6, Implement Application Infrastructure
You are currently defining a release strategy for an app, named APP-01. The strategy should allow you to keep the time it takes to deploy new releases of the app to a minimum. The strategy should also allow you to roll back in the shortest time required. Which of the following is the release strategy you should use? Red/Black deployment Rolling deployment Big Bang deployment Canary deployment
Red/Black deployment Explanation Canary deployment - With canary deployment, you deploy a new application code in a small part of the production infrastructure. Once the application is signed off for release, only a few users are routed to it. This minimizes any impact. With no errors reported, the new version can gradually roll out to the rest of the infrastructure. References: https://dev.to/mostlyjason/intro-to-deployment-strategies-blue-green-canary-and-more-3a3
You have been tasked with strengthening the security of your team?€™s development process. You need to suggest a security tool type for the Continuous Integration (CI) phase of the development process. Which of the following is the option you would suggest? Penetration testing Static code analysis Threat modeling Dynamic code analysis
Static code analysis Explanation Validation in the CI/CD begins before the developer commits his or her code. Static code analysis tools in the IDE provide the first line of defense to help ensure that security vulnerabilities are not introduced into the CI/CD process. References: https://docs.microsoft.com/en-us/azure/devops/articles/security-validation-cicd-pipeline?view=vsts
You are in the process of building a mobile app aimed at Android and iOS devices. All work items and release cycles are managed via Azure DevOps. You want to make sure that crash reports for issue analysis is collected, and that beta releases are distributed to your testers. Also, you want to ensure that user feedback on the functionality of new apps is received. Which of the following must be part of your solution? The Microsoft Test & Feedback extension. OWASP ZAP TFS Integration Platform Code Style
The Microsoft Test & Feedback extension. Explanation The "Exploratory Testing" extension is now "Test & Feedback" and is now Generally Available. Anyone can now test web apps and give feedback, all directly from the browser on any platform: Windows, Mac, or Linux. Available for Google Chrome and Mozilla Firefox (required version 50.0 or above) currently. Support for Microsoft Edge is in the pipeline and will be enabled once Edge moves to a Chromium- compatible web platform. References: https://marketplace.visualstudio.com/items?itemName=ms.vss-exploratorytesting-web
Your company is currently making use of Team Foundation Server 2013 (TFS 2013) but intend to migrate to Azure DevOps. You have been tasked with supplying a migration approach that allows for the preservation of Team Foundation Version Control changesets dates, as well as the changes dates of work items revisions. The approach should also allow for the migration of all TFS artifacts, while keeping migration effort to a minimum. You have suggested upgrading TFS to the most recent RTW release. Which of the following should also be suggested? Installing the TFS kava SDK Using the TFS Database Import Service to perform the upgrade. Upgrading PowerShell Core to the latest version. Using the TFS Integration Platform to perform the upgrade.
Using the TFS Integration Platform to perform the upgrade. Explanation In Phase 3 of your migration project, you will work on upgrading your Team Foundation Server to one of the supported versions for the Database Import Service in Azure Devops Services.
You need to consider the highlighted segment to establish whether it is accurate. To find when common open-source libraries are added to the code base, you should add Jenkins to the build pipeline. Select "No adjustment required" if the highlighted segment is accurate. If the highlighted segment is inaccurate, select the accurate option. No adjustment required. SourceGear Vault WhiteSource OWASP ZAP
WhiteSource Explanation WhiteSource is the leader in continuous open-source software security and compliance management. WhiteSource integrates into your build process, irrespective of your programming languages, build tools, or development environments. It works automatically, continuously, and silently in the background, checking the security, licensing, and quality of your open source components against WhiteSource constantly-updated definitive database of open source repositories. Azure DevOps integration with WhiteSource Bolt will enable you to: Detect and remedy vulnerable open source components. Generate comprehensive open source inventory reports per project or build. Enforce open source license compliance, including dependencies?€™ licenses. Identify outdated open source libraries with recommendations to update. Note: Black duck would also be a good answer, but it is not an option here. References: https://www.azuredevopslabs.com/labs/vstsextend/WhiteSource/
Your company has an Azure DevOps project that includes a release pipeline. You want to make use of the Helm package and deploy task to deploy to an Azure Kubernetes Services (AKS) cluster. To make sure that the intended deployment is successful, you are required to install the necessary service in the AKS namespace. Solution: You install the Tiller service. Does the solution meet the goal? Yes No
Yes Explanation Before you can deploy Helm in an RBAC-enabled AKS cluster, you need a service account and role binding for the Tiller service. References: https://docs.microsoft.com/en-us/azure/aks/kubernetes-helm
You are responsible for an Azure DevOps project, which contains package feeds. You are preparing to assign a number of developers access that allows them to save packages from upstream sources, without giving them more permissions than necessary. Solution: You assign the Collaborator access level. Does the solution meet the goal? Yes No
Yes Explanation Feeds have four levels of access: Owners, Contributors, Collaborators, and Readers. Owners can add any type of identity-individuals, teams, and groups-to any access level. Reference: https://docs.microsoft.com/en-us/azure/devops/artifacts/feeds/feed-permissions
You are in the process of configuring the settings of a new Git repository in Azure Repos. You want to ensure that pull requests in a branch allows for committed code to be compiled successfully prior to being merged. Solution: You configure a check-in policy. Does the solution meet the goal? Yes No
Yes Explanation Reference: https://docs.microsoft.com/en-us/azure/devops/repos/tfvc/add-check-policies
You run the Register-AzureRmAutomationDscNode command in your company's environment. You need to make sure that your company's test servers remain correctly configured, regardless of configuration drift. Solution: You set the -ConfigurationMode parameter to ApplyAndAutocorrect. Does the solution meet the goal? Yes No
Yes Explanation References: https://docs.microsoft.com/en-us/powershell/module/azurerm.automation/register-azurermautomationdscnode?view=azurermps-6.13.0
Your company has an Azure subscription that includes an Azure SQL database. Your company also has an Azure DevOps project, named PROJ-01. You plan to update the Azure SQL database by creating a release pipeline that employs the Azure SQL Database Deployment task. You need to deploy the necessary artifact. Solution: You deploy a DACPAC file. Does the solution meet the goal? Yes No
Yes Explanation Use Azure SQL Database Deployment task in a build or release pipeline to deploy to Azure SQL DB using a DACPAC or run scripts using SQLCMD. References: https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/deploy/sql-azure-dacpac-deployment
Your company has an Azure DevOps project, which includes a build pipeline that makes use of roughly fifty open-source libraries. You have been tasked with making sure that you are able to scan project for common security weaknesses in the open-source libraries. Which of the following actions should you take? You should create a build task and use the WhiteSource Bolt service. You should create a deployment task and use the WhiteSource Bolt service. You should create a build task and use the Chef service. You should create a deployment task and use the Chef service.
You should create a build task and use the WhiteSource Bolt service. Explanation References: https://www.azuredevopslabs.com/labs/vstsextend/whitesource/
Your company hosts a web application in Azure and makes use of Azure Pipelines for managing the build and release of the application. When stakeholders report that system performance has been adversely affected by the most recent releases, you configure alerts in Azure Monitor. You are informed that new releases must satisfy specified performance baseline conditions in the staging environment before they can be deployed to production. You need to make sure that releases not satisfying the performance baseline are prevented from being deployed. Which of the following actions should you take? You should make use of a branch control check. You should make use of an alert trigger. You should make use of a gate. You should make use of an approval check
You should make use of a gate. Explanation Scenarios and use cases for gates include: Quality validation. Query metrics from tests on the build artifacts such as pass rate or code coverage and deploy only if they are within required thresholds. Use Quality Gates to integrate monitoring into your pre-deployment or post-deployment. This ensures that you are meeting the key health/performance metrics (KPIs) as your applications move from dev to production and any differences in the infrastructure environment or scale is not negatively impacting your KPIs. Note: Gates allow automatic collection of health signals from external services, and then promote the release when all the signals are successful at the same time or stop the deployment on timeout. Typically, gates are used in connection with incident management, problem management, change management, monitoring, and external approval systems. References: https://docs.microsoft.com/en-us/azure/azure-monitor/continuous-monitoring https://docs.microsoft.com/en-us/azure/devops/pipelines/release/approvals/gates?view=azure-devops
You intend to make use of Azure Artifacts to share packages that you wrote, tested, validated, and deployed. You want to use a solitary feed to release several builds of each package. You have to make sure that the release of packages that are in development is restricted. Which of the following actions should you take? You should make use of static code analysis. You should make use of views. You should make use of dynamic code analysis. You should make use of upstream sources.
You should make use of views. Explanation https://docs.microsoft.com/en-us/azure/devops/artifacts/concepts/views?view=azure-devops use of feed - "is to share package versions that have been tested and validated but hold back on packages that are still under development and/or didn't meet your quality bar." for Upsteam sources - "In order for other Azure Artifacts feeds to use your feed as an upstream source, you must set your feed's view visibility to members of your organization, or members of your Azure Active Directory, depending on your scenario."
Your company has an on-premises Bitbucket Server that is used for Git-based source control. The server is protected by a firewall that blocks inbound Internet traffic. You plan to use Azure DevOps to manage the build and release processes. Which two components are required to integrate Azure DevOps and Bitbucket? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point. a deployment group a Microsoft-hosted agent service hooks a self-hosted agent an External Git service connection
a self-hosted agent an External Git service connection Explanation E: GitLab CI/CD can be used with GitHub or any other Git server such as BitBucket. Instead of moving your entire project to GitLab, you can connect your external repository to get the benefits of GitLab CI/CD. Note: When a pipeline uses a remote, 3rd-party repository host such as Bitbucket Cloud, the repository is configured with webhooks that notify Azure Pipelines Server or TFS when code has changed and a build should be triggered. Since on-premises installations are normally protected behind a firewall, 3rd-party webhooks are unable to reach the on-premises server. As a workaround, you can use the External Git repository type which uses polling instead of webhooks to trigger a build when code has changed. Reference: https://docs.microsoft.com/en-us/azure/devops/pipelines/repos/pipeline-options-for-git
You need to consider the highlighted segment to establish whether it is accurate. When moving to Azure DevOps, JIRA must be replaced with the build pipelines Azure DevOps service. Select "No adjustment required" if the highlighted segment is accurate. If the highlighted segment is inaccurate, select the accurate option. No adjustment required. repos release pipelines boards
boards Explanation D - correct answer
You need to consider the highlighted segment to establish whether it is accurate. To deploy an application to a number of Azure virtual machines, you should create a universal group. Select "No adjustment required" if the highlighted segment is accurate. If the highlighted segment is inaccurate, select the accurate option. No adjustment required. security deployment resource
deployment Explanation When authoring an Azure Pipelines or TFS Release pipeline, you can specify the deployment targets for a job using a deployment group. If the target machines are Azure VMs, you can quickly and easily prepare them by installing the Azure Pipelines Agent Azure VM extension on each of the VMs, or by using the Azure Resource Group Deployment task in your release pipeline to create a deployment group dynamically. References: https://docs.microsoft.com/en-us/azure/devops/pipelines/release/deployment-groups
ou scan a Node.js application using WhiteSource Bolt. The scan finds numerous libraries with invalid licenses but are only used during development. You have to make sure that only production dependencies are scanned by WhiteSource Bolt. Which of the following is a command you should run? npm edit npm publish npm install npm update
npm install Explanation References: https://whitesource.atlassian.net/wiki/spaces/WD/pages/34209870/NPM+Plugin https://nodejs.org/en/knowledge/getting-started/npm/what-is-the-file-package-json
