Microsoft AZ-400 Exam Practice Test Instant Access

Question 1

During a code review, you discover quality issues in a Java application.

You need to recommend a solution to detect quality issues including unused variables and empty catchblocks.

What should you recommend?

AIn an Xcode build task, select Use xcpretty from Advanced.

BIn a Maven build task, select Run PMD.

CIn a Grunt build task, select Enabled from Control Options.

DIn a Gulp build task, specify a custom condition expression.

Answer : B

PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth.

There is an Apache Maven PMD Plugin which allows you to automaticallyrun the PMD code analysis tool on your project's source code and generate a site report with its results.

Question 2

Your company concerned that when developers introduce open source Libraries, it creates licensing compliance issues.

You need to add an automated process to the build pipeline to detect when common open source libraries are added to the code base.

What should you use?

ACode Style

BMicrosoft Visual SourceSafe

CBlack Duck

DJenkins

Answer : C

Secure and Manage Open Source Software

Black Duck helps organizations identify and mitigate open source security, license compliance and code-quality risks across application andcontainer portfolios.

Black Duck Hub and its plugin for Team Foundation Server (TFS) allows you to automatically find and fix open source security vulnerabilities during the build process, so you can proactively manage risk. The integration allows you to receive alerts and fail builds when any Black Duck Hub policy violations are met.

Note: WhiteSource would also be a good answer, but it is not an option here.

https://marketplace.visualstudio.com/items?itemName=black-duck-software.hub-tfs

Question 3

You have a GitHub repository that contains workflows. The workflows contain steps that execute predefined actions. Each action has one or more versions.

You need to request the specific version of an action to execute.

Which three attributes can you use to identify the version? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.

Athe SHA-based hashes

Bthe tag

Cthe runner

Dthe branch

Ethe serial

Answer : A, B, D

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions

'We strongly recommend that you include the version of the action you are using by specifying a Git ref, SHA, or Docker tag. If you don't specify a version, it could break your workflows or cause unexpected behavior when the action owner publishes an update. Using the commit SHA of a released action version is the safest for stability and security. Ifthe action publishes major version tags, you should expect to receive critical fixes and security patches while still retaining compatibility. Note that this behavior is at the discretion of the action's author. Using the default branch of an action may beconvenient, but if someone releases a new major version with a breaking change, your workflow could break.'

Question 4

SIMULATION

You need to ensure that an Azure web app named az400-9940427-main supports rolling upgrades. The solution must ensure that only 10 percent of users who connect to az400-9940427-main use update versions of the app.

The solution must minimize administrative effort.

To complete this task, sign in to the Microsoft Azure portal.

ASee explanation below

Answer : A

Set up staging environments in Azure App Service

1. Open Microsoft Azure Portal

2. Log into your Azure account, select your app's resource page, in the left pane, selectDeployment slots > Add Slot.

3. In the Add a slot dialog box, give the slot a name, and select whether to clone an app configuration from another deployment slot. Select Add to continue.

4. After the slot is added, select Close to close the dialogbox. The new slot is now shown on the Deployment slots page. By default, Traffic % is set to 0 for the new slot, with all customer traffic routed to the production slot.

5. Select the new deployment slot to open that slot's resource page.

6. Change TRAFFIC % to 10

Question 5

SIMULATION

Task 5

You plan to stoic signed images in an Azure Container Registry instance named az40038443478act1.

You need to modify the SKU for az40038443478aa1 to support the planned images. The solution must minimize costs.

ASee the solution below in explanation

Answer : A

To store signed images in an Azure Container Registry (ACR) instance and support your planned images while minimizing costs, you need to modify the SKU of your ACR instance to one that supports content trust and image signing. Here's how you can do it:

Determine the Appropriate SKU:

Content trust and image signing are features of thePremiumservice tier of Azure ContainerRegistry1.

If cost minimization is a priority, ensure that the Premium tier is necessary for your use case. If you require content trust, the Premium tier is the appropriate choice.

Modify the SKU of the ACR Instance:

Navigate to the Azure Portal.

Go to your ACR instanceaz40038443478act1.

SelectUpdatefrom the overview pane.

Choose thePremiumSKU from the SKU drop-down menu2.

Review the changes and pricing, then save the configuration.

Question 6

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains aunique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result,these questions will not appear in the review screen.

You use Azure Pipelines to build and test a React.js application.

You have a pipeline that has a single job.

You discover that installing JavaScript packages from 9pm takes approximately five minutes each time you run the pipeline.

You need to recommend a solution to reduce the pipeline execution time.

Solution: You recommend using pipeline artifacts.

Does this meet the goal?

AYes

BNo

Answer : B

Pipeline artifacts are a way to persist build outputs,test results, and other files generated during a pipeline run. They allow you to share data between stages, jobs, and pipelines, and to persist data for longer than the lifetime of a pipeline run. While artifacts can be useful for sharing data between pipeline runs and reducing the time required to download dependencies, they are not a solution for reducing the time required to install JavaScript packages from 9pm during a pipeline run.

The solution of reducing the pipeline execution time could be achievedby using package caching, which allows you to store and reuse 9pm packages from previous pipeline runs.There are several package caching options available for Azure Pipelines, including the 9pm task, the 9pm cache task, and the 9pm ci task. All of theseoptions allow you to configure caching for your 9pm packages, which can significantly reduce the time required to install packages during subsequent pipeline runs.

Another solution could be using a dedicated agent that has those packages already installed,this way the pipeline doesn't have to install them again.

You can find more information on package caching by following this linkhttps://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/package/npm-cache?view=azure-devops

Question 7

You have an Azure subscription that contains the resources shown in the following table.

Project1 produces 9pm packages that are published to Feed1. Feed1 is consumed by multiple projects.

You need to ensure that only tested packages are available for consumption. The solution must minimize development effort.

What should you do?

ACreate a feed view named @default. After the 9pm packages test successfully, configure a release pipeline that tags the packages as release.

BCreate a feed view named @release and set @release as the default view. After the 9pm packages test successfully, configure a release pipeline that tags the packages as release.

CCreate a feed view named @release and set @release as the default view After the 9pm packages test successfully, configure a release pipeline that promotes a package to the @release view.

DCreate a feed view named @default. After the 9pm packages test successfully, configure a release pipeline that promotes a package to the @default view.

Answer : C

By creating a feed view named 'release' and setting it as the default view, packages that are published to the feed will not be immediately available for consumption. After the 9pm packages are tested successfully,you can configure a release pipeline that promotes a package to the @release view. This ensures that only tested packages are available for consumption and minimizes development effort as it doesn't require any additional steps to be taken by the consumerof the feed.

Azure DevOps Docs: Create a feed and viewshttps://docs.microsoft.com/en-us/azure/devops/artifacts/feeds/create-feed?view=azure-devops

Azure DevOps Docs: Promote a packagehttps://docs.microsoft.com/en-us/azure/devops/artifacts/feeds/promote-package?view=azure-devops

Microsoft Designing and Implementing Microsoft DevOps Solutions AZ-400 Exam Practice Test