CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. AZ-400

Free AZ-400 Exam Braindumps (page: 26)

Page 25 of 128
PDF with 556 Questions

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You manage a project in Azure DevOps.
You need to prevent the configuration of the project from changing over time.

Solution: Implement Continuous Integration for the project.
Does this meet the goal?

  1. Yes
  2. No

Answer(s): B

Explanation:

Instead implement Continuous Assurance for the project.


Reference:

https://azsk.azurewebsites.net/04-Continous-Assurance/Readme.html



Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You manage a project in Azure DevOps.
You need to prevent the configuration of the project from changing over time.

Solution: Implement Continuous Assurance for the project.
Does this meet the goal?

  1. Yes
  2. No

Answer(s): A

Explanation:

The basic idea behind Continuous Assurance (CA) is to setup the ability to check for "drift" from what is considered a secure snapshot of a system. Support for Continuous Assurance lets us treat security truly as a 'state' as opposed to a 'point in time' achievement. This is particularly important in today's context when 'continuous change' has become a norm.

There can be two types of drift:
Drift involving 'baseline' configuration: This involves settings that have a fixed number of possible states (often pre-defined/statically determined ones). For instance, a SQL DB can have TDE encryption turned ON or OFF…or a Storage Account may have auditing turned ON however the log retention period may be less than 365 days.
Drift involving 'stateful' configuration: There are settings which cannot be constrained within a finite set of well-known states. For instance, the IP addresses configured to have access to a SQL DB can be any (arbitrary) set of IP addresses. In such scenarios, usually human judgment is initially required to determine whether a particular configuration should be considered 'secure' or not. However, once that is done, it is important to ensure that there is no "stateful drift" from the attested configuration. (E.g., if, in a troubleshooting session, someone adds the IP address of a developer machine to the list, the Continuous Assurance feature should be able to identify the drift and generate notifications/alerts or even trigger 'auto-remediation' depending on the severity of the change).


Reference:

https://azsk.azurewebsites.net/04-Continous-Assurance/Readme.html



You are designing a configuration management solution to support five apps hosted on Azure App Service. Each app is available in the following three environments: development, test, and production.
You need to recommend a configuration management solution that meets the following requirements:
-Supports feature flags
-Tracks configuration changes from the past 30 days
-Stores hierarchically structured configuration values
-Controls access to the configurations by using role-based access control (RBAC) permissions
-Stores shared values as key/value pairs that can be used by all the apps

Which Azure service should you recommend as the configuration management solution?

  1. Azure Cosmos DB
  2. Azure App Service
  3. Azure App Configuration
  4. Azure Key Vault

Answer(s): C

Explanation:

The Feature Manager in the Azure portal for App Configuration provides a UI for creating and managing the feature flags that you use in your applications.

App Configuration offers the following benefits:
-A fully managed service that can be set up in minutes
-Flexible key representations and mappings
-Tagging with labels
-Point-in-time replay of settings
-Dedicated UI for feature flag management
-Comparison of two sets of configurations on custom-defined dimensions

Enhanced security through Azure-managed identities
-Encryption of sensitive information at rest and in transit
-Native integration with popular frameworks

App Configuration complements Azure Key Vault, which is used to store application secrets.


Reference:

https://docs.microsoft.com/en-us/azure/azure-app-configuration/overview



You have a containerized solution that runs in Azure Container Instances. The solution contains a frontend container named App1 and a backend container named DB1. DB1 loads a large amount of data during startup.

You need to verify that DB1 can handle incoming requests before users can submit requests to App1. What should you configure?

  1. a liveness probe
  2. a performance log
  3. a readiness probe
  4. an Azure Load Balancer health probe

Answer(s): C

Explanation:

For containerized applications that serve traffic, you might want to verify that your container is ready to handle incoming requests. Azure Container Instances supports readiness probes to include configurations so that your container can't be accessed under certain conditions.

Incorrect Answers:
A: Containerized applications may run for extended periods of time, resulting in broken states that may need to be repaired by restarting the container. Azure Container Instances supports liveness probes so that you can configure your containers within your container group to restart if critical functionality is not working.


Reference:

https://docs.microsoft.com/en-us/azure/container-instances/container-instances-readiness-probe






Post your Comments and Discuss Microsoft AZ-400 exam with other Community members:

AZ-400 Exam Discussions & Posts