[2023] Use Valid New AZ-400 Questions - Top choice Help You Gain Success
AZ-400 Exam Practice Materials Collection
NEW QUESTION # 37
Your company uses the following resources:
* Windows Server 2019 container images hosted in an Azure Container Registry
* Azure virtual machines that run the latest version of Ubuntu An Azure
* Log Analytics workspace Azure Active Directory (Azure AD)
* An Azure key vault
For which two resources can you receive vulnerability assessments in Azure Security Center? Each correct answer presents part of the solution.
- A. the Windows Server 2019 container images hosted in the Azure Container Registry
- B. Azure Active Directory (Azure AD)
- C. the Azure virtual machines that run the latest version of Ubuntu
- D. the Azure Log Analytics workspace
- E. the Azure key vault
Answer: C,E
Explanation:
Explanation
https://docs.microsoft.com/en-us/azure/security-center/features-paas
https://docs.microsoft.com/en-us/azure/security-center/container-security
NEW QUESTION # 38
Your company has four projects. The version control requirements for each project are shown in the following table.
You plan to use Azure Repos for all the projects.
Which version control system should you use for each project? To answer, drag the appropriate version control systems to the correct projects. Each version control system may be used once, more than once, or not at all.
You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
1 -> TFVS Refer :
https://docs.microsoft.com/en-us/azure/devops/repos/tfvc/control-access-team-foundation-version-control?view=
2 -> TFVS Refer :
https://docs.microsoft.com/en-us/azure/devops/repos/tfvc/add-check-policies?view=azure-devops
3 -> Git Refer :
https://docs.microsoft.com/en-us/azure/devops/repos/git/share-your-code-in-git-xcode?view=azure-devops
4 -> TFVS Refer
:https://docs.microsoft.com/en-us/azure/devops/organizations/security/permissions?view=azure-devops#tfvc
NEW QUESTION # 39
You have the following Azure policy.
- A. ensures that at) data for new Azure Storage accounts is encrypted at rest
- B. prevents all HTTP traffic to wasting Azure Storage accounts
- C. prevents HTTPS traffic to new Azure Storage accounts when the accounts are accessed over the internet
- D. ensures that all traffic to new Azure Storage accounts is encrypted
Answer: A
NEW QUESTION # 40
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You manage a project in Azure DevOps.
You need to prevent the configuration of the project from changing over time.
Solution: Perform a Subscription Health scan when packages are created.
Does this meet the goal?
- A. No
- B. Yes
Answer: A
Explanation:
Explanation
Instead implement Continuous Assurance for the project.
Note: The Subscription Security health check features in AzSK contains a set of scripts that examines a subscription and flags off security issues, misconfigurations or obsolete artifacts/settings which can put your subscription at higher risk.
Reference:
https://azsk.azurewebsites.net/04-Continous-Assurance/Readme.html
NEW QUESTION # 41
You have an Azure DevOps project that contains a build pipeline. The build pipeline uses approximately 50 open source libraries.
You need to ensure that the project can be scanned for known security vulnerabilities in the open source libraries.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Box 1: A Build task
Trigger a build
You have a Java code provisioned by the Azure DevOps demo generator. You will use WhiteSource Bolt extension to check the vulnerable components present in this code.
Go to Builds section under Pipelines tab, select the build definition WhiteSourceBolt and click on Queue to trigger a build.
To view the build in progress status, click on ellipsis and select View build results.
Box 2: WhiteSource Bolt
WhiteSource is the leader in continuous open source software security and compliance management.
WhiteSource integrates into your build process, irrespective of your programming languages, build tools, or development environments. It works automatically, continuously, and silently in the background, checking the security, licensing, and quality of your open source components against WhiteSource constantly-updated denitive database of open source repositories.
References:
https://www.azuredevopslabs.com/labs/vstsextend/whitesource/
NEW QUESTION # 42
HOTSPOT
You have an Azure virtual machine named VM1 that runs Linux.
You plan to deploy the Desired State Configuration (DSC) extension to VM1.
You need to grant the Log Analytics agent the appropriate directory permissions.
How should you complete the command? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Box 1: rwx
The Log Analytics agent for Linux runs as the omsagent user. To grant >write permission to the omsagent user, run the command setfacl -m u:omsagent:rwx /tmp.
Box 2: /tmp
Deploying DSC to a Linux node uses the /tmp folder.
Reference:
https://docs.microsoft.com/en-us/azure/automation/automation-dsc-onboarding
NEW QUESTION # 43
You need to meet the technical requirements for controlling access to Azure DevOps.
What should you use?
- A. Azure role-based access control (Azure RBAC)
- B. conditional access policies in Azure AD
- C. Azure Multi-Factor Authentication (MFA)
- D. on-premises firewall rules
Answer: B
Explanation:
Explanation
Scenario: Access to Azure DevOps must be restricted to specific IP addresses.
Azure DevOps is authenticated through Azure Active Directory. You can use Azure AD's conditional access to prevent logins from certain geographies and address ranges.
Reference:
https://www.rebeladmin.com/2018/08/step-step-guide-configure-location-based-conditional-access-policies/
NEW QUESTION # 44
You have a project Azure DevOps.
You plan to create a build pipeline that will deploy resources by using Azure Resource Manager templates.
The templates will reference secretes stored in Azure Key Vault.
Yu need to ensure that you can dynamically generate the resource ID of the key vault during template deployment.
What should you include in the template? To answer, select eh appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
NEW QUESTION # 45
You need to deploy a new project in Azure DevOps that has the following requirements:
* The lead developer must be able to create repositories, manage permissions, manage policies, and contribute to the repository.
* Developers must be able to contribute to the repository and create branches, but NOT bypass policies when pushing builds.
* Project managers must only be able to view the repository.
* The principle of least privilege must be used.
You create a new Azure DevOps project team for each role.
To which Azure DevOps groups should you add each team? To answer, drag the appropriate groups to the correct teams. Each group may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
NEW QUESTION # 46
You are configuring the Azure DevOps dashboard. The solution must meet the technical requirements.
Which widget should you use for each metric? To answer, drag the appropriate widgets to the correct metrics. Each widget may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/devops/report/dashboards/widget-catalog?view=azure-devops
NEW QUESTION # 47
You need to configure authentication for App1. The solution must support the planned changes.
Which three actions should you perform in sequence? To answer, move all actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Explanation:
1 - Create an app.
2 - Create a managed service identity.
3 - Configure the ID and secret for App1
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal
NEW QUESTION # 48
You need to execute inline testing of an Azure DevOps pipeline that uses a Docker deployment model. The solution must prevent the results from being published to the pipeline.
What should you use for the inline testing?
- A. a Docker Compose file
- B. a single stage Dockerfile
- C. a multi-stage Dockerfile
- D. an Azure Kubernetes Service (AKS) pod
Answer: D
Explanation:
Explanation
Use Docker when running integration tests with Azure Pipelines.
Reference:
https://crossprogramming.com/2019/12/27/use-docker-when-running-integration-tests-with-azure-pipelines.html
NEW QUESTION # 49
You have a project in Azure DevOps named Project1 that has a release pipeline in Azure Pipeline named ReleaseP1.
you need to ensure that when a new release is generated for ReleaseP1, a new release note document is created. The release notes must contain new features and bug fixes.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the Most of actions to the answer area and arrange them r the correct order.
NOTE: More than one order of answer choices is correct You will receive credit for any of the correct orders you select
Answer:
Explanation:
NEW QUESTION # 50
Your company has a project in Azure DevOps.
You plan to create a release pipeline that will deploy resources by using Azure Resource Manager templates.
The templates will reference secrets stored in Azure Key Vault.
You need to recommend a solution for accessing the secrets stored in the key vault during deployments. The solution must use the principle of least privilege.
What should you include in the recommendation? To answer, drag the appropriate configurations to the correct targets. Each configuration may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Box 1: RBAC
Management plane access control uses RBAC.
The management plane consists of operations that affect the key vault itself, such as:
* Creating or deleting a key vault.
* Getting a list of vaults in a subscription.
* Retrieving Key Vault properties (such as SKU and tags).
* Setting Key Vault access policies that control user and application access to keys and secrets.
Box 2: RBAC
References:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-tutorial-use-key-vault
NEW QUESTION # 51
You manage the Git repository for a large enterprise application.
You need to minimize the data size of the repository.
How should you complete the commands? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Box 1: --aggressive
Cleanup unnecessary files and optimize the local repository:
git gc --aggressive
Box 2: prune
Prune all unreachable objects from the object database:
git prune
Reference:
https://gist.github.com/Zoramite/2039636
NEW QUESTION # 52
You need to create an instance of Azure Application Insights named az400-9940427-main and configure the instance to receive telemetry data from an Azure web app named az400-9940427-main.
To complete this task, sign in to the Microsoft Azure portal.
- A. See solution below
Answer: A
Explanation:
Step 1: Create an instance of Azure Application Insights
1. Open Microsoft Azure Portal
2. Log into your Azure account, Select Create a resource > Developer tools > Application Insights.
3. Enter the following settings, and then select Review + create.
Name: az400-9940427-main
Step 2: Configure App Insights SDK
4. Open your ASP.NET Core Web App project in Visual Studio > Right-click on the AppName in the Solution Explorer > Select Add > Application Insights Telemetry.
5. Click the Get Started button
6. Select your account and subscription > Select the Existing resource you created in the Azure portal > Click Register.
Reference:
https://docs.microsoft.com/bs-latn-ba/azure/azure-monitor/learn/dotnetcore-quick-start?view=vs-2017
NEW QUESTION # 53
......
Maximum Grades By Making ready With AZ-400 Dumps: https://www.testkingpass.com/AZ-400-testking-dumps.html
Get Latest and 100% Accurate AZ-400 Exam Questions: https://drive.google.com/open?id=1xvZwK391GoQ_1Q97XvOys4uT2HjEoaOm