Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. AZ-400

Microsoft AZ-400 Exam Questions
Designing and Implementing Microsoft DevOps Solutions (Page 21 )

Updated On: 24-Feb-2026
Page 20 of 103
PDF with 510 Questions

You have a build pipeline in Azure Pipelines that occasionally fails.

You discover that a test measuring the response time of an API endpoint causes the failures. You need to prevent the build pipeline from failing due to the test.
Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

  1. Set Flaky test detection to Off.
  2. Clear Flaky tests included in test pass percentage.
  3. Enable Test Impact Analysis (TIA).
  4. Manually mark the test as flaky.
  5. Enable test slicing.

Answer(s): B,D

Explanation:

D: You can mark or unmark a test as flaky based on analysis or context, by choosing Flaky.
To configure flaky test management, choose Project settings, and select Test management in the Pipelines section.
B:
Slide the On/Off button to On.


Reference:

https://docs.microsoft.com/en-us/azure/devops/pipelines/test/flaky-test-management



Your company hosts a web application in Azure. The company uses Azure Pipelines for the build and release management of the application. Stakeholders report that the past few releases have negatively affected system performance.
You configure alerts in Azure Monitor.

You need to ensure that new releases are only deployed to production if the releases meet defined performance baseline criteria in the staging environment first.

What should you use to prevent the deployment of releases that fall to meet the performance baseline?

  1. an Azure Scheduler job
  2. a trigger
  3. a gate
  4. an Azure function

Answer(s): C

Explanation:

Scenarios and use cases for gates include:
Quality validation. Query metrics from tests on the build artifacts such as pass rate or code coverage and deploy only if they are within required thresholds.

Use Quality Gates to integrate monitoring into your pre-deployment or post-deployment. This ensures that you are meeting the key health/performance metrics (KPIs) as your applications move from dev to production and any differences in the infrastructure environment or scale is not negatively impacting your KPIs.

Note: Gates allow automatic collection of health signals from external services, and then promote the release when all the signals are successful at the same time or stop the deployment on timeout. Typically, gates are used in connection with incident management, problem management, change management, monitoring, and external approval systems.


Reference:

https://docs.microsoft.com/en-us/azure/azure-monitor/continuous-monitoring https://docs.microsoft.com/en-us/azure/devops/pipelines/release/approvals/gates?view=azure-devops



Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You manage a project in Azure DevOps.

You need to prevent the configuration of the project from changing over time. Solution: Perform a Subscription Health scan when packages are created.
Does this meet the goal?

  1. Yes
  2. No

Answer(s): B

Explanation:

Instead implement Continuous Assurance for the project.

Note: The Subscription Security health check features in AzSK contains a set of scripts that examines a subscription and flags off security issues, misconfigurations or obsolete artifacts/settings which can put your subscription at higher risk.


Reference:

https://azsk.azurewebsites.net/04-Continous-Assurance/Readme.html



Your company uses the following resources:

-Windows Server 2019 container images hosted in an Azure Container Registry.
-Azure virtual machines that run the latest version of Ubuntu
-An Azure Log Analytics workspace
-Azure Active Directory (Azure AD)
-An Azure key vault

For which two resources can you receive vulnerability assessments in Azure Security Center? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

  1. the Azure Log Analytics workspace
  2. the Azure key vault
  3. the Azure virtual machines that run the latest version of Ubuntu
  4. Azure Active Directory (Azure AD)
  5. The Windows Server 2019 container images hosted in the Azure Container Registry.

Answer(s): C,E

Explanation:

B: Azure Security Center includes Azure-native, advanced threat protection for Azure Key Vault, providing an additional layer of security intelligence.

C: When Security Center discovers a connected VM without a vulnerability assessment solution deployed, it provides the security recommendation "A vulnerability assessment solution should be enabled on your virtual machines".
Ubuntu supported versions: 12.04 LTS, 14.04 LTS, 15.x, 16.04 LTS, 18.04 LTS


Reference:

https://docs.microsoft.com/en-us/azure/security-center/deploy-vulnerability-assessment-vm



You use Azure Pipelines to manage build pipelines, GitHub to store source code, and Dependabot to manage dependencies.

You have an app named App1.
Dependabot detects a dependency in App1 that requires an update. What should you do first to apply the update?

  1. Create a pull request.
  2. Approve the pull request.
  3. Create a branch.
  4. Perform a commit.

Answer(s): B

Explanation:

DependaBot is a useful tool to regularly check for dependency updates. By helping to keep your project up to date, DependaBot can reduce technical debt and immediately apply security vulnerabilities when patches are released. How does DependaBot work?
DependaBot regularly checks dependencies for updates
If an update is found, DependaBot creates a new branch with this upgrade and Pull Request for approval
You review the new Pull Request, ensure the tests passed, review the code, and decide if you can merge the change


Reference:

https://samlearnsazure.blog/2019/12/20/github-using-dependabot/






Post your Comments and Discuss Microsoft AZ-400 exam dumps with other Community members:

Join the AZ-400 Discussion