Test Online Free Microsoft AZ-400 Exam Questions and Answers
Practice a live sample before buying full access. This page keeps the free AZ-400 question set organized by page so visitors and search engines can reach the canonical -questions.html URL directly.
You have an Azure subscription. The subscription contains virtual machines that run either Windows Server or Linux.
You plan to use Prometheus to monitor performance metrics.
You need to integrate Prometheus and Azure Monitor.
Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
Answer:
Question 32Selectable Answer
What should you use to implement the code quality restriction on the release pipeline for the investment planning applications suite?
Answer:
Question 33Selectable Answer
You are designing the security validation strategy for a project in Azure DevOps.
You need to identify package dependencies that have known security issues and can be resolved by an update.
What should you use?
Answer: Explanation:
With enterprise level of SonarQube you can use OWASP that runs the
security scans for known vulnerabilities. https://www.sonarqube.org/features/security/
https://www.sonarqube.org/features/security/owasp/?gclid=Cj0KCQiAzZL-BRDnARIsAPCJs70Teq0-efI2Hd_h-kykCB7I_C7L88Q7kpiuTzuD6Xw1jUb6ZqIP7O0aApVzEALw_wcB
Question 34Written Answer
DRAG DROP
You are configuring the settings of a new Git repository in Azure Repos.
You need to ensure that pull requests in a branch meet the following criteria before they are merged:
✑ Committed code must compile successfully.
✑ Pull requests must have a Quality Gate status of Passed in SonarCloud.
Which policy type should you configure for each requirement? To answer, drag the appropriate policy types to the correct requirements. Each policy type may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Box 1: A check-in policy
Administrators of Team Foundation version control can add check-in policy requirements.
These check-in policies require the user to take actions when they conduct a check-in to source control.
By default, the following check-in policy types are available:
✑ Builds Requires that the last build was successful before a check-in.
✑ Code Analysis Requires that code analysis is run before check-in.
✑ Work Items Requires that one or more work items be associated with the check-in.
Box 2: Build policy
Question 35Selectable Answer
You use Azure SQL Database Intelligent Insights and Azure Application Insights for monitoring.
You need to write ad-hoc queries against the monitoring data.
Which query language should you use?
Answer: Explanation:
Azure Monitor Logs is based on Azure Data Explorer, and log queries are written using the same Kusto query language (KQL). This is a rich language designed to be easy to read and author, and you
should be able to start using it with minimal guidance.
Reference: https://docs.microsoft.com/en-us/azure/azure-monitor/log-query/log-query-overview
Question 36Written Answer
HOTSPOT
You need to configure a cloud service to store the secrets required by the mobile applications to call the share.
What should you include in the solution? To answer, select the appropriate options m the answer area, NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Every request made against a storage service must be authorized, unless the request is for a blob or container resource that has been made available for public or signed access. One option for authorizing a request is by using Shared Key.
Scenario: The mobile applications must be able to call the share pricing service of the existing retirement fund management system. Until the system is upgraded, the service will only support basic authentication over HTTPS.
The investment planning applications suite will include one multi-tier web application and two iOS mobile application. One mobile application will be used by employees; the other will be used by customers.
References: https://docs.microsoft.com/en-us/rest/api/storageservices/authorize-with-shared-key
Question 37Selectable Answer
You have a project in Azure DevOps.
You plan to deploy a self-hosted agent by using an unattended configuration script.
Which two values should you define in the configuration script? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
Answer: Explanation:
Unattended config:
The agent can be set up from a script with no human intervention. You must pass -- unattended and the answers to all questions.
To configure an agent, it must know the URL to your organization or collection and credentials of someone authorized to set up agents. All other responses are optional.
Reference: https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/v2-windows
Question 38Selectable Answer
After you answer a question in this section, you will NOT be able to return to it As a result, these questions will not appear in the review screen.
You use Azure Pipelines to build and test a React js application
You have a pipeline that has a single job.
You discover that installing JavaScript packages from npm lakes approximately five minutes each time you run the pipeline.
You need to recommend a solution to reduce the pipeline execution time.
Solution: You recommend enabling pipeline caching.
Does this meet the goal?
Answer: Explanation:
npm-cache is a command line utility that caches dependencies installed via npm, bower, jspm and composer.
It is useful for build processes that run [npm|bower|composer|jspm] install every time as part of their build process. Since dependencies don't change often, this often means slower build times. npm-cache helps alleviate this problem by caching previously installed dependencies on the build machine.
Reference: https://www.npmjs.com/package/npm-cache
Question 39Selectable Answer
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You need to recommend an integration strategy for the build process of a Java application.
The solution must meet the following requirements:
• The builds must access an on-premises dependency management system.
• The build outputs must be stored as Server artifacts in Azure DevOps.
• The source code must be stored in a Git repository in Azure DevOps.
Solution: Configure the build pipeline to use a Hosted Ubuntu agent pool. Include the Java Tool Installer task in the build pipeline.
Does this meet the goal?
Answer:
Question 40Selectable Answer
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You plan to update the Azure DevOps strategy of your company.
You need to identify the following issues as they occur during the company’s development process:
✑ Licensing violations
✑ Prohibited libraries
Solution: You implement continuous deployment.
Does this meet the goal?
Answer: Explanation:
Instead implement continuous integration.
Note: WhiteSource is the leader in continuous open source software security and compliance management. WhiteSource integrates into your build process, irrespective of your programming languages, build tools, or development environments. It works automatically, continuously, and silently in the background, checking the security, licensing, and quality of your open source components against WhiteSource constantly-updated denitive database of open source repositories.
Reference: https://azuredevopslabs.com/labs/vstsextend/whitesource/
Question 41Selectable Answer
You manage an Azure web app that supports an e-commerce website.
You need to increase the logging level when the web app exceeds normal usage patterns.
The solution must minimize administrative overhead.
Which two resources should you include in the solution? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
Answer: Explanation:
A: You can use Azure Monitor to monitor base-level metrics and logs for most services in Azure. You can call Azure Automation run books by using action groups or by using classic alerts to automate tasks based on alerts.
B: Metric Alert with Dynamic Thresholds detection leverages advanced machine learning (ML) to learn metrics' historical behavior, identify patterns and anomalies that indicate possible service issues. It provides support of both a simple UI and operations at scale by allowing users to configure alert rules through the Azure Resource Manager API, in a fully automated manner.
Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/alerts-dynamic-thresholds
https://docs.microsoft.com/en-us/azure/automation/automation-create-alert-triggered-runbook
Question 42Selectable Answer
To resolve the current technical issue, what should you do to the Register-AzureRmAutomationDscNode command?
Answer: Explanation:
Change the ConfigurationMode parameter from ApplyOnly to ApplyAndAutocorrect.
The Register-AzureRmAutomationDscNode cmdlet registers an Azure virtual machine as an APS Desired State Configuration (DSC) node in an Azure Automation account.
Scenario: Current Technical Issue
The test servers are configured correctly when first deployed, but they experience configuration drift over time. Azure Automation State Configuration fails to correct the configurations.
Azure Automation State Configuration nodes are registered by using the following command.
HOTSPOT
You have an Azure DevOps project that contains a build pipeline. The build pipeline uses approximately 50 open source libraries.
You need to ensure that the project can be scanned for known security vulnerabilities in the open source libraries.
What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Box 1: A Build task
Trigger a build
You have a Java code provisioned by the Azure DevOps demo generator. You will use WhiteSource Bolt extension to check the vulnerable components present in this code.
✑ Go to Builds section under Pipelines tab, select the build definition WhiteSourceBolt and click on Queue to trigger a build.
✑ To view the build in progress status, click on ellipsis and select View build results.
Box 2: WhiteSource Bolt
WhiteSource is the leader in continuous open source software security and compliance management. WhiteSource integrates into your build process, irrespective of your programming languages, build tools, or development environments. It works automatically, continuously, and silently in the background, checking the security, licensing, and quality of your open source components against WhiteSource constantly-updated denitive database of open source repositories.
References: https://www.azuredevopslabs.com/labs/vstsextend/whitesource/
Question 44Written Answer
HOTSPOT
How should you complete the code to initialize App Center in the mobile application? To answer, select the appropriate options in the answer area. NOTE: Each correct selection a worth one point.
Answer:
Explanation:
Scenario: Visual Studio App Center must be used to centralize the reporting of mobile application crashes and device types in use.
In order to use App Center, you need to opt in to the service(s) that you want to use, meaning by default no services are started and you will have to explicitly call each of them when starting the SDK.
Insert the following line to start the SDK in your app's App Delete class in the didFinishLaunchingWithOptions method.
MSAppCenter.start("{Your App Secret}", withServices: [MSAnalytics.self, MSCrashes.self])
References: https://docs.microsoft.com/en-us/appcenter/sdk/getting-started/ios
Question 45Written Answer
HOTSPOT
You are using PowerShell to administer Azure Log Analytics workspaces.
You need to list the available workspaces and their properties.
How should you complete the command? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Box 1: Get-AzResource
Use the following command to examine the access control mode for all workspaces in the subscription:
PowerShell
Get-Az Resource CResource Type Microsoft. Operational Insights/workspaces CExpand
Properties | for each {s.Name + ": " +
$_.Properties.features.enableLogAccessUsingOnlyResourcePermissions
Box 2: -Resource Type
