CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. AZ-400

Free AZ-400 Exam Braindumps (page: 7)

Page 6 of 128
PDF with 556 Questions

You need to consider the underlined segment to establish whether it is accurate.

To find when common open source libraries are added to the code base, you should add Jenkins to the build pipeline.
Select ‘No adjustment required’ if the underlined segment is accurate. If the underlined segment is inaccurate, select the accurate option.

  1. No adjustment required.
  2. SourceGear Vault
  3. WhiteSource
  4. OWASP ZAP

Answer(s): C

Explanation:

WhiteSource is the leader in continuous open source software security and compliance management. WhiteSource integrates into your build process, irrespective of your programming languages, build tools, or development environments. It works automatically, continuously, and silently in the background, checking the security, licensing, and quality of your open source components against WhiteSource constantly-updated definitive database of open source repositories.

Azure DevOps integration with WhiteSource Bolt will enable you to:
1. Detect and remedy vulnerable open source components.
2. Generate comprehensive open source inventory reports per project or build.
3. Enforce open source license compliance, including dependencies’ licenses.
4. Identify outdated open source libraries with recommendations to update.
Note: Black duck would also be a good answer, but it is not an option here.


Reference:

https://www.azuredevopslabs.com/labs/vstsextend/WhiteSource/



Your company has an Azure DevOps project, which includes a build pipeline that makes use of roughly fifty open source libraries.
You have been tasked with making sure that you are able to scan project for common security weaknesses in the open source libraries.
Which of the following actions should you take?

  1. You should create a build task and use the WhiteSource Bolt service.
  2. You should create a deployment task and use the WhiteSource Bolt service.
  3. You should create a build task and use the Chef service.
  4. You should create a deployment task and use the Chef service.

Answer(s): A


Reference:

https://www.azuredevopslabs.com/labs/vstsextend/whitesource/



You need to consider the underlined segment to establish whether it is accurate.

Black Duck can be used to make sure that all the open source libraries conform to your company’s licensing criteria.
Select ‘No adjustment required’ if the underlined segment is accurate. If the underlined segment is inaccurate, select the accurate option.

  1. No adjustment required.
  2. Maven
  3. Bamboo
  4. CMAKE

Answer(s): A

Explanation:

Secure and Manage Open Source Software
Black Duck helps organizations identify and mitigate open source security, license compliance and codequality risks across application and container portfolios.
Black Duck Hub and its plugin for Team Foundation Server (TFS) allows you to automatically find and fix open source security vulnerabilities during the build process, so you can proactively manage risk. The integration allows you to receive alerts and fail builds when any Black Duck Hub policy violations are met.


Reference:

https://marketplace.visualstudio.com/items?itemName=black-duck-software.hub-tfs



You have created an Azure DevOps project for a new application that will be deployed to a number of Windows Server 2016 Azure virtual machines.

You are preparing a deployment solution that allows for the virtual machines to maintain a uniform configuration, and also keep administrative effort with regards to configuring the virtual machines to a minimum.

Which of the following should be part of your solution? (Choose two.)

  1. Azure Resource Manager templates
  2. The PowerShell Desired State Configuration (DSC) extension for Windows
  3. Azure pipeline deployment groups
  4. The Custom Script Extension for Windows
  5. Azure pipeline stage templates

Answer(s): A,B






Post your Comments and Discuss Microsoft AZ-400 exam with other Community members:

AZ-400 Discussions & Posts