CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. AZ-400

Free AZ-400 Exam Braindumps (page: 25)

Page 24 of 128
PDF with 556 Questions

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You manage a project in Azure DevOps.

You need to prevent the configuration of the project from changing over time. Solution: Perform a Subscription Health scan when packages are created.
Does this meet the goal?

  1. Yes
  2. No

Answer(s): B

Explanation:

Instead implement Continuous Assurance for the project.

Note: The Subscription Security health check features in AzSK contains a set of scripts that examines a subscription and flags off security issues, misconfigurations or obsolete artifacts/settings which can put your subscription at higher risk.


Reference:

https://azsk.azurewebsites.net/04-Continous-Assurance/Readme.html



Your company uses the following resources:

-Windows Server 2019 container images hosted in an Azure Container Registry.
-Azure virtual machines that run the latest version of Ubuntu
-An Azure Log Analytics workspace
-Azure Active Directory (Azure AD)
-An Azure key vault

For which two resources can you receive vulnerability assessments in Azure Security Center? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

  1. the Azure Log Analytics workspace
  2. the Azure key vault
  3. the Azure virtual machines that run the latest version of Ubuntu
  4. Azure Active Directory (Azure AD)
  5. The Windows Server 2019 container images hosted in the Azure Container Registry.

Answer(s): C,E

Explanation:

B: Azure Security Center includes Azure-native, advanced threat protection for Azure Key Vault, providing an additional layer of security intelligence.

C: When Security Center discovers a connected VM without a vulnerability assessment solution deployed, it provides the security recommendation "A vulnerability assessment solution should be enabled on your virtual machines".
Ubuntu supported versions: 12.04 LTS, 14.04 LTS, 15.x, 16.04 LTS, 18.04 LTS


Reference:

https://docs.microsoft.com/en-us/azure/security-center/deploy-vulnerability-assessment-vm



You use Azure Pipelines to manage build pipelines, GitHub to store source code, and Dependabot to manage dependencies.

You have an app named App1.
Dependabot detects a dependency in App1 that requires an update. What should you do first to apply the update?

  1. Create a pull request.
  2. Approve the pull request.
  3. Create a branch.
  4. Perform a commit.

Answer(s): B

Explanation:

DependaBot is a useful tool to regularly check for dependency updates. By helping to keep your project up to date, DependaBot can reduce technical debt and immediately apply security vulnerabilities when patches are released. How does DependaBot work?
DependaBot regularly checks dependencies for updates
If an update is found, DependaBot creates a new branch with this upgrade and Pull Request for approval
You review the new Pull Request, ensure the tests passed, review the code, and decide if you can merge the change


Reference:

https://samlearnsazure.blog/2019/12/20/github-using-dependabot/



Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You manage a project in Azure DevOps.
You need to prevent the configuration of the project from changing over time.

Solution: Add a code coverage step to the build pipelines.
Does this meet the goal?

  1. Yes
  2. No

Answer(s): B

Explanation:

Instead implement Continuous Assurance for the project.


Reference:

https://azsk.azurewebsites.net/04-Continous-Assurance/Readme.html






Post your Comments and Discuss Microsoft AZ-400 exam with other Community members:

AZ-400 Exam Discussions & Posts