AZ-400 Exam Questions

Total 488 Questions

Last Updated Exam : 7-Jul-2025

Topic 5, Labs & Tasks

Task 5
You plan to stoic signed images in an Azure Container Registry instance named az40038443478act1.
You need to modify the SKU for az40038443478aa1 to support the planned images. The solution must minimize costs.






Answer: See the solution below in explanation.

Explanation: To store signed images in an Azure Container Registry (ACR) instance and support your planned images while minimizing costs, you need to modify the SKU of your ACR instance to one that supports content trust and image signing. Here’s how you can do it:
Determine the Appropriate SKU:
uk.co.certification.simulator.questionpool.PList@2a5ef8fe Modify the SKU of the ACR Instance: By upgrading to the Premium SKU, you’ll be able to store signed images in your ACR instance. Remember to monitor your usage and costs to ensure they align with your budget and requirements.

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You need to recommend an integration strategy for the build process of a Java application. The solution must meet the following requirements:

  • The builds must access an on-premises dependency management system.
  • The build outputs must be stored as Server artifacts in Azure DevOps.
  • The source code must be stored in a Git repository in Azure DevOps.
Solution: Configure the build pipeline to use a Hosted VS 2017 agent pool. Include the Java Tool Installer task in the build pipeline. Does this meet the goal?


A. Yes


B. No





B.
  No

Instead use Octopus Tentacle.

Task 10
For Project1, you need to ensure that artifacts, symbols, and attachments are retained for 60 days.






Answer: See the solution below in explanation.

Explanation: Step 1: Navigate to Project Settings
Navigate to Azure DevOps:
Select Your Project:
Access Project Settings:
Step 2: Configure Retention Policies
Navigate to Pipelines Settings:
Set Retention Policies:
Save Changes:
By following these steps, you will have successfully configured the retention policy to retain artifacts, symbols, and attachments for 60 days in Project1

You are designing a strategy to monitor the baseline metrics of Azure virtual machines that run Windows Server. You need to collect detailed data about the processes running in the guest operating system. Which two agents should you deploy? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.


A. the Dependency agent


B. the Azure Network Watcher Agent for Windows


C. the Telegraf agent


D. the Azure Log Analytics agent





A.
  the Dependency agent

D.
  the Azure Log Analytics agent

Task 8
Initialize the default main branch, if it does not exist already.
In Project 1, you need to create a new Azure Pipelines YAML pipeline by using the ASP.NET template.
The pipeline must use Azure Repos as the hosting platform and must be created in a new branch named azure-pipelines.






Answer: See the solution below in explanation.

Explanation: Step 1: Initialize the Default Main Branch
Navigate to Azure DevOps: Select Your Project: Initialize the Main Branch:
Step 2: Create a New Branch for the Pipeline
Navigate to Branches:
Create the Branch:
Step 3: Create a New Azure Pipelines YAML Pipeline
Navigate to Pipelines: Select the Repository: Configure the Pipeline:
trigger:
- main
pool:
vmImage: 'windows-latest'

variables:
buildConfiguration: 'Release'

steps:
- task: UseDotNet@2 inputs:
packageType: 'sdk' version: '5.x'
installationPath: $(Agent.ToolsDirectory)/dotnet

- script: |
dotnet build --configuration $(buildConfiguration) displayName: 'Build project'

- script: |
dotnet test --no-build --configuration $(buildConfiguration) displayName: 'Run tests'

Save the Pipeline:
By following these steps, you will have successfully initialized the main branch, created a new branch named azure-pipelines, and set up a new Azure Pipelines YAML pipeline using the ASP.NET template

Task 8
You need to ensure that the https://contoso.com/statushook webhook is called every time a repository named az40038443478acr 1 receives a new version of an image named dotnetapp






Answer: See the solution below in explanation.

Explanation: To ensure that the webhook at https://contoso.com/statushook is called every time the repository named az40038443478acr1 receives a new version of an image named dotnetapp, you can follow these steps to configure a webhook in Azure Container Registry:
Navigate to the Azure Container Registry:
uk.co.certification.simulator.questionpool.PList@269c651f Create a New Webhook:
Save the Webhook Configuration:
Once configured, the webhook will send a POST request to https://contoso.com/statushook whenever a new version of the dotnetapp image is pushed to the az40038443478acr1 repository in your Azure Container Registry1.
This setup will automate the notification process, ensuring that the specified webhook is called with each new image version, thus fulfilling the task requirements.

You have an Azure DevOps organization named Contoso.
You need to receive Microsoft Teams notifications when work items are updated.
What should you do?


A. From Azure DevOps, configure a service hook subscription


B. From Microsoft Teams, configure a connector


C. From the Microsoft Teams admin center, configure external access


D. From Microsoft Teams, add a channel


E. From Azure DevOps, install an extension





A.
  From Azure DevOps, configure a service hook subscription

Service hooks let you run tasks on other services when events happen in your Azure DevOps projects. For example, create a card in Trello when a work item is created or send a push notification to your team's mobile devices when a build fails. You can also use service hooks in custom apps and services as a more efficient way to drive activities when events happen in your projects.
Note: Service hook publishers define a set of events. Subscriptions listen for the events and define actions to take based on the event. Subscriptions also target consumers, which are external services that can run their own actions, when an event occurs.

Task 12
You need to create a personal access token (PAT) named Token! that has only the following capabilities
•Read write, and manage code •Read and execute builds •Read releases
Token1 must expire in 60 days.






Answer: See the solution below in explanation.

Explanation: Step 1: Navigate to Personal Access Tokens
Sign in to Azure DevOps:
Access User Settings:
Open Personal Access Tokens:
Step 2: Create a New Personal Access Token
Create a New Token:
Configure the Token:
Set Scopes:
Create the Token:
Step 3: Save the Token
Copy the Token:
By following these steps, you will have successfully created a personal access token named Token1 with the specified capabilities and a 60-day expiration

Task 7
You need to prepare a network security group (NSG) named az400 38443478 nsgl to host an Azure DevOps pipeline agent. The solution must allow only the required outbound port for Azure DevOps and deny all other inbound and outbound access to the Internet






Answer: See the solution below in explanation.

Explanation: To prepare a Network Security Group (NSG) named az400-38443478-nsg1 for hosting an Azure DevOps pipeline agent, while allowing only the required outbound port for Azure DevOps and denying all other inbound and outbound access to the Internet, follow these steps:
Create the NSG:
uk.co.certification.simulator.questionpool.PList@466fd80f Configure Outbound Security Rules:
Configure Default Rules to Deny All Other Traffic:
Associate the NSG with the Appropriate Resource:
By following these steps, you will ensure that the Azure DevOps pipeline agent can communicate with Azure DevOps services over the required port while blocking all other inbound and outbound Internet access, adhering to the principle of least privilege and security best practices.

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. Your company has a prefect in Azure DevOps for a new web application. You need to ensure that when code is checked in, a build runs automatically. Solution: from the Triggers tab of the build pipeline, you select Enable continuous integration Does the meet the goal?


A. Yes


B. No





A.
  Yes


Page 14 out of 49 Pages
Previous