CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. AZ-400

Free AZ-400 Exam Braindumps (page: 32)

Page 31 of 128
PDF with 556 Questions

DRAG DROP (Drag and Drop is not supported)
You need to configure access to Azure DevOps agent pools to meet the following requirements:

-Use a project agent pool when authoring build or release pipelines.
-View the agent pool and agents of the organization.
-Use the principle of least privilege.

Which role memberships are required for the Azure DevOps organization and the project? To answer, drag the appropriate role memberships to the correct targets. Each role membership may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.
Select and Place:

  1. See Explanation section for answer.

Answer(s): A

Explanation:




Box 1: Reader
Members of the Reader role can view the organization agent pool as well as agents. You typically use this to add operators that are responsible for monitoring the agents and their health.

Box 2: Service account
Members of the Service account role can use the organization agent pool to create a project agent pool in a project. If you follow the guidelines above for creating new project agent pools,you typically do not have to add any members here.

Incorrect Answers:
In addition to all the permissions given the Reader and the Service Account role, members of the administrator role can register or unregister agents from the organization agent pool. They can also refer to the organization agent pool when creating a project agent pool in a project. Finally, they can also manage membership for all roles of the organization agent pool. The user that created the organization agent pool is automatically added to the Administrator role for that pool.


Reference:

https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/pools-queues



You have a branch policy in a project in Azure DevOps. The policy requires that code always builds successfully.

You need to ensure that a specific user can always merge changes to the master branch, even if the code fails to compile. The solution must use the principle of least privilege.

What should you do?

  1. Add the user to the Build Administrators group.
  2. Add the user to the Project Administrators group.
  3. From the Security settings of the repository, modify the access control for the user.
  4. From the Security settings of the branch, modify the access control for the user.

Answer(s): D

Explanation:

In some cases, you need to bypass policy requirements so you can push changes to the branch directly or complete a pull request even if branch policies are not satisfied. For these situations, grant the desired permission from the previous list to a user or group. You can scope this permission to an entire project, a repo, or a single branch. Manage this permission along the with other Git permissions.


Reference:

https://docs.microsoft.com/en-us/azure/devops/repos/git/branch-policies



You have an Azure Resource Manager template that deploys a multi-tier application.

You need to prevent the user who performs the deployment from viewing the account credentials and connection strings used by the application. What should you use?

  1. Azure Key Vault
  2. a Web.config file
  3. an Appsettings.json file
  4. an Azure Storage table
  5. an Azure Resource Manager parameter file

Answer(s): A

Explanation:

When you need to pass a secure value (like a password) as a parameter during deployment, you can retrieve the value from an Azure Key Vault. You retrieve the value by referencing the key vault and secret in your parameter file. The value is never exposed because you only reference its key vault ID. The key vault can exist in a different subscription than the resource group you are deploying to.


Reference:

https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-keyvault-parameter



SIMULATION
Your company plans to implement a new compliance strategy that will require all Azure web apps to be backed up every five hours.

You need to back up an Azure web app named az400-11566895-main every five hours to an Azure Storage account in your resource group.
To complete this task, sign in to the Microsoft Azure portal.

  1. See Explanation section for answer.

Answer(s): A

Explanation:

With the storage account ready, you can configure backs up in the web app or App Service.

Open the App Service az400-11566895-main, which you want to protect, in the Azure Portal and browse to Settings > Backups. Click Configure and a Backup Configuration blade should appear.
Select the storage account.
Click + to create a private container. You could name this container after the web app or App Service. Select the container.
If you want to schedule backups, then set Scheduled Backup to On and configure a schedule: every five hours Select your retention. Note that 0 means never delete backups.
Decide if at least one backup should always be retained.
Choose if any connected databases should be included in the web app backup. Click Save to finalize the backup configuration.


Reference:

https://petri.com/backing-azure-app-service






Post your Comments and Discuss Microsoft AZ-400 exam with other Community members:

AZ-400 Exam Discussions & Posts