Microsoft AZ-400 시험

Question No : 1

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You plan to create a release pipeline that will deploy Azure resources by using Azure Resource Manager templates.
The release pipeline will create the following resources:
✑ Two resource groups
✑ Four Azure virtual machines in one resource group
✑ Two Azure SQL databases in other resource group
You need to recommend a solution to deploy the resources.
Solution: Create a single standalone template that will deploy all the resources.
Does this meet the goal?

• A.Yes
• B.No

답을 확인하기

정답:
Explanation:
Use two templates, one for each resource group, and link the templates.
Reference: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-linked-templates

Question No : 2

HOTSPOT
You currently use JIRA, Jenkins, and Octopus as part of your DevOps processes.
You plan to use Azure DevOps to replace these tools.
Which AzureDevOps service should you use to replace each tool? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

답을 확인하기

정답:


Explanation:
JIRA- Board
Jenkins- Build Pipelines
Octopus- Release pipelines

Question No : 3

You have an Azure DevOps organization named Contoso and an Azure DevOps project namedProject1.
You plan to use Microsoft-hosted agents to build container images that will host full Microsoft .NET Framework apps in a YAML pipeline in Project1.
What are two possible virtual machine images that you can use for the Microsoft-hosted agent pool? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

• A.vs2017-win2016
• B.ubuntu-16.04
• C.win1803
• D.macOS-10.13
• E.vs.2015-win2012r2

답을 확인하기

정답:
Explanation:
https://github.com/microsoft/azure-pipelines-image-generation/blob/d80f81d6c98f8ce2c74b034309bb774ea8d31cfb/images/win/Vs2015-Server2012R2-Readme.md
https://github.com/actions/virtual-environments/blob/master/images/win/Windows2016-Readme.md

Question No : 4

DRAG DROP
You are developing a full Microsoft .NET Framework solution that includes unit tests.
You need to configure SonarQube to perform a code quality validation of the C# code as part of the build pipelines.
Which four tasks should you perform in sequence? To answer, move the appropriate tasks from the list of tasks to the answer area and arrange them in the correct order.

답을 확인하기

정답:


Explanation:
Step 1: Prepare Analysis Configuration
Prepare Analysis Configuration task, to configure all the required settings before executing the build.
This task is mandatory.
In case of .NET solutions or Java projects, it helps to integrate seamlessly with MSBuild, Maven and Gradle tasks.
Step 2: Visual Studio Build
Reorder the tasks to respect the following order:
Prepare Analysis Configuration task before any MSBuild or Visual Studio Build task.
Step 3: Visual Studio Test
Reorder the tasks to respect the following order:
Run Code Analysis task after the Visual Studio Test task.
Step 4: Run Code Analysis
Run Code Analysis task, to actually execute the analysis of the source code.
This task is not required for Maven or Gradle projects, because scanner will be run as part of the Maven/Gradle build.
Note:



s: https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Extension+for+VSTS-TFS

Question No : 5

Your company is building a new solution in Java.
The company currently uses a SonarQube server to analyze the code of .NET solutions.
You need to analyze and monitor the code quality of the Java solution.
Which task types should you add to the build pipeline?

• A.Chef
• B.Gradle
• C.Octopus
• D.Gulp

답을 확인하기

정답:
Explanation:
SonarQube is a set of static analyzers that can be used to identify areas of improvement in your code.
It allows you to analyze the technical debt in your project and keep track of it in the future. With
Maven and Gradle build tasks, you can run SonarQube analysis with minimal setup in a new or
existing Azure DevOps Services build task.
Reference: https://docs.microsoft.com/en-us/azure/devops/java/sonarqube?view=azure-devops

Question No : 6

You have a project in Azure DevOps. You have an Azure Resource Group deployment project in Microsoft Visual Studio that is checked in to the Azure DevOps project.
You need to create a release pipeline that will deploy resources by using Azure Resource Manager templates.
The solution must minimize administrative effort.
Which task type should you include in the solution?

• A.Azure Cloud Service Deployment
• B.Azure RM Web App Deployment
• C.Azure PowerShell
• D.Azure App Service Manage

답을 확인하기

정답:
Explanation:
There are two different ways to deploy templates to Azure DevOps Services. Both methods provide the same
results, so choose the one that best fits your workflow.

Question No : 7

DRAG DROP
You provision an Azure Kubernetes Service (AKS) cluster that has RBAC enabled. You have a Helm chart for a client application.
You need to configure Helm and Tiller on the cluster and install the chart.
Which three commands should you recommend be run in sequence? To answer, move the appropriate commands from the list of commands to the answer area and arrange them in the correct order.

답을 확인하기

정답:


Explanation:
Step 1: Kubectl create
You can add a service account to Tiller using the --service-account <NAME> flag while you’re configuring Helm (step 2 below). As a prerequisite, you’ll have to create a role binding which specifies a role and a service account name that have been set up in advance. Example: Service account with cluster-admin role
$ kubectl create -f rbac-config.yaml
serviceaccount "tiller" created
clusterrolebinding "tiller" created
$ helm init --service-account tiller
Step 2: helm init
To deploy a basic Tiller into an AKS cluster, use the helm init command.
Step 3: helm install
To install charts with Helm, use the helm install command and specify the name of the chart to install.
Reference:
https://docs.microsoft.com/en-us/azure/aks/kubernetes-helm
https://docs.helm.sh/using_helm/#tiller-namespaces-and-rbac

Question No : 8

Your company has a project in Azure DevOps for a new web application.
The company identifies security as one of the highest priorities.
You need to recommend a solution to minimize the likelihood that infrastructure credentials will be leaked.
What should you recommend?

• A.Add a Run Inline Azure PowerShell task to the pipeline.
• B.Add a PowerShell task to the pipeline and run Set-AzureKeyVaultSecret.
• C.Add a Azurre Key Vault task to the pipeline.
• D.Add Azure Key Vault references to Azure Resource Manger templates.

답을 확인하기

정답:
Explanation:
Azure Key Vaultprovides a way to securely store credentials and other keys and secrets.
The Set-AzureKeyVaultSecret cmdlet creates or updates a secret in a key vault in Azure Key Vault.
Reference: https://docs.microsoft.com/en-us/powershell/module/azurerm.keyvault/set-azurekeyvaultsecret

Question No : 9

Your team uses an agile development approach.
You need to recommend a branching strategy for the team’s Git repository. The strategy must meet the following requirements.
Provide the ability to work on multiple independent tasks in parallel.
Ensure that checked-in code remains in a releasable state always.
Ensure that new features can be abandoned at any time.
Encourage experimentation.
What should you recommend?

• A.a single long-running branch
• B.multiple long-running branches
• C.a single fork per team member
• D.a single-running branch with multiple short-lived topic branches

답을 확인하기

정답:
Explanation:
Topic branches, however, are useful in projects of any size. A topic branch is a short-lived branch that you create and use for a single particular feature or related work. This is something you’ve likely never done with a VCS before because it’s generally too expensive to create and merge branches. But in Git it’s common to create, work on, merge, and delete branches several times a day.
Reference: https://git-scm.com/book/en/v2/Git-Branching-Branching-Workflows

Question No : 10

DRAG DROP
You are configuring Azure Pipelines for three projects in Azure DevOps as shown in the following table.



Which version control system should you recommend for each project? To answer, drag the appropriate version control systems to the correct projects. Each version control system may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.

답을 확인하기

정답:


Explanation:
Project1: Git in Azure Repos
Project2: Github Enterprise
GitHub Enterprise is the on-premises version of GitHub.com. GitHub Enterprise includes the same great set of features as GitHub.com but packaged for running on your organization's local network. All repository data is stored on machines that you control, and access is integrated with your organization's authentication system (LDAP, SAML, or CAS).
Project3: Bitbucket cloud
One downside, however, is that Bitubucket does not include support for SVN but this can be easily amended migrating the SVN repos to Git with tools such as SVN Mirror for Bitbucket.
Note: SVN is a centralized version control system.
Reference: https://www.azuredevopslabs.com/labs/azuredevops/yaml/
https://enterprise.github.com/faq

Question No : 11

You have an Azure DevOps organization named Contoso, an Azure DevOps project named Project1, an Azure subscription named Sub1, and an Azure key vault named vault1.
You need to ensure that you can reference the values of the secrets stored in vault1 in all the pipelines of Project1. The solution must prevent the values from being stored in the pipelines.
What should you do?

• A.Create a variable group in Project1.
• B.Add a secure file to Project1.
• C.Modify the security settings of the pipelines.
• D.Configure the security policy of Contoso.

답을 확인하기

정답:
Explanation:
Use a variable group to store values that you want to control and make available across multiple pipelines.
Reference:
https://docs.microsoft.com/en-us/azure/devops/pipelines/library/variable-groups
https://docs.microsoft.com/en-us/azure/devops/pipelines/library/variable-groups?view=azure-devops&tabs=yaml#link-secrets-from-an-azure-key-vault

Question No : 12

You are automating the testing process for your company.
You need to automate UI testing of a web application.
Which framework should you use?

• A.JaCoco
• B.Playwright
• C.Xamarin.UITest
• D.Microsoft.CodeAnalysis

답을 확인하기

정답:
Explanation:
Performing user interface (UI) testing as part of the release pipeline is a great way of detecting unexpected changes, and need not be difficult. Selenium can be used to test your website during a continuous deployment release and test automation.
Reference: https://docs.microsoft.com/en-us/azure/devops/pipelines/test/continuous-test-selenium?view=azure-devops

Question No : 13

Your company uses Azure DevOps.
Only users who have accounts in Azure Active Directory can access the Azure DevOps environment. You need to ensure that only devices that are connected to the on-premises network can access the Azure DevOps environment.
What should you do?

• A.Assign the Stakeholder access level to all users.
• B.In AzureActive Directory, configure risky sign-ins.
• C.In Azure DevOps, configure Security in Project Settings.
• D.In Azure Active Directory, configure conditional access.

답을 확인하기

정답:
Explanation:
Conditional Access is a capability of Azure Active Directory. WithConditional Access, you can implement
automated access control decisions for accessing your cloud apps that are based on conditions.
Conditional Access policies are enforced after the first-factor authentication has been completed.
Reference: https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview

Question No : 14

Your development team is building a new web solution by using the Microsoft Visual Studio integrated
development environment (IDE).
You need to make a custom package available to all the developers. The package must be managed centrally, and the latest version must be available for consumption in Visual Studio automatically.
Which three actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

• A.Publish the package to a feed.
• B.Create a new feed in AzureArtifacts.
• C.Upload a package to a Git repository.
• D.Add the package URL to the Environment settings in Visual Studio.
• E.Add the package URL to the NuGet Package Manager settings in Visual Studio.
• F.Create a Git repository in Azure Repos.

답을 확인하기

정답:
Explanation:
B: By using your custom NuGet package feed within your Azure DevOps (previously VSTS) instance, you’ll be able to distribute your packages within your organization with ease. Start by creating a new feed.
A: We can publish, pack and push the built project to our NuGet feed.
E: Consume your private NuGet Feed
Go back to the Packages area in Azure DevOps, select your feed and hit “Connect to feed”. You’ll see some instructions for your feed, but it’s fairly simple to set up.
Just copy your package source URL, go to Visual Studio, open the NuGet Package Manager, go to its settings and add a new source. Choose a fancy name, insert the source URL. Done.
Search for your package in the NuGet Package Manager and it should appear there, ready for installation.
Make sure to select the appropriate feed (or just all feeds) from the top right select box.
Reference: https://medium.com/medialesson/get-started-with-private-nuget-feeds-in-azure-devops-8c7b5f022a68

Question No : 15

DRAG DROP
You are planning projects for three customers.
Each customer’s preferred process for work items is shown in the following table.



The customers all plan to use Azure DevOps for work item management.
Which work item process should you use for each customer? To answer, drag the appropriate work item process to the correct customers. Each work item process may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.

답을 확인하기

정답:


Explanation:
Box 1: Scrum
Choose Scrum when your team practices Scrum. This process works great if you want to track product backlog items (PBIs) and bugs on the Kanban board, or break PBIs and bugs down into tasks on the taskboard.
Box 2: Agile
Choose Agile when your team uses Agile planning methods, including Scrum, and tracks development and test activities separately. This process works great if you want to track user stories and (optionally) bugs on the Kanban board, or track bugs and tasks on the taskboard.
Box 3: CMMI
Choose CMMI when your team follows more formal project methods that require a framework for process improvement and an auditable record of decisions. With this process, you can track requirements, change requests, risks, and reviews.
Reference: https://docs.microsoft.com/en-us/azure/devops/boards/work-items/guidance/choose-process?view=azure-devops