AZ-400試験無料問題集「Microsoft Designing and Implementing Microsoft DevOps Solutions 認定」
After you answer a question in this section, you will NOT be able to return to it As a result, these questions will not appear in the review screen.
You use Azure Pipelines to build and test a React js application
You have a pipeline that has a single job.
You discover that installing JavaScript packages from npm lakes approximately five minutes each time you run the pipeline.
You need to recommend a solution to reduce the pipeline execution time.
Solution: You recommend enabling pipeline caching.
Does this meet the goal?
You use Azure Pipelines to build and test a React js application
You have a pipeline that has a single job.
You discover that installing JavaScript packages from npm lakes approximately five minutes each time you run the pipeline.
You need to recommend a solution to reduce the pipeline execution time.
Solution: You recommend enabling pipeline caching.
Does this meet the goal?
正解:B
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
You need to deploy a new project in Azure DevOps that has the following requirements:
* The lead developer must be able to create repositories, manage permissions, manage policies, and contribute to the repository.
* Developers must be able to contribute to the repository and create branches, but NOT bypass policies when pushing builds.
* Project managers must only be able to view the repository.
* The principle of least privilege must be used.
You create a new Azure DevOps project team for each role.
To which Azure DevOps groups should you add each team? To answer, drag the appropriate groups to the correct teams. Each group may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
* The lead developer must be able to create repositories, manage permissions, manage policies, and contribute to the repository.
* Developers must be able to contribute to the repository and create branches, but NOT bypass policies when pushing builds.
* Project managers must only be able to view the repository.
* The principle of least privilege must be used.
You create a new Azure DevOps project team for each role.
To which Azure DevOps groups should you add each team? To answer, drag the appropriate groups to the correct teams. Each group may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You use Azure Pipelines to build and test a React.js application.
You have a pipeline that has a single job.
You discover that installing JavaScript packages from 9pm takes approximately five minutes each time you run the pipeline.
You need to recommend a solution to reduce the pipeline execution time.
Solution: You recommend using pipeline artifacts.
Does this meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You use Azure Pipelines to build and test a React.js application.
You have a pipeline that has a single job.
You discover that installing JavaScript packages from 9pm takes approximately five minutes each time you run the pipeline.
You need to recommend a solution to reduce the pipeline execution time.
Solution: You recommend using pipeline artifacts.
Does this meet the goal?
正解:A
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
You need to deploy Internet Information Services (IIS) to an Azure virtual machine that runs Windows Server
2022
How should you complete the Desired State Configuration (DSC) configuration script? To answer, drag the appropriate values to the correct locations. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
2022
How should you complete the Desired State Configuration (DSC) configuration script? To answer, drag the appropriate values to the correct locations. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
正解:
You need to create a virtual machine template in an Azure DevTest Labs environment named az400-9940427- dtl1. The template must be based on Windows Server 2016 Datacenter. Virtual machines created from the template must include the selenium tool and the Google Chrome browser.
To complete this task, sign in to the Microsoft Azure portal.
To complete this task, sign in to the Microsoft Azure portal.
正解:
See solution below.
Explanation:
1. Open Microsoft Azure Portal
2. Select All Services, and then select DevTest Labs in the DEVOPS section.
3. From the list of labs, select the az400-9940427-dtl1 lab
4. On the home page for your lab, select + Add on the toolbar.
5. Select the Windows Server 2016 Datacenter base image for the VM.
6. Select automation options at the bottom of the page above the Submit button.
7. You see the Azure Resource Manager template for creating the virtual machine.
8. The JSON segment in the resources section has the definition for the image type you selected earlier.
References:
https://docs.microsoft.com/bs-cyrl-ba/azure//lab-services/devtest-lab-vm-powershell
Explanation:
1. Open Microsoft Azure Portal
2. Select All Services, and then select DevTest Labs in the DEVOPS section.
3. From the list of labs, select the az400-9940427-dtl1 lab
4. On the home page for your lab, select + Add on the toolbar.
5. Select the Windows Server 2016 Datacenter base image for the VM.
6. Select automation options at the bottom of the page above the Submit button.
7. You see the Azure Resource Manager template for creating the virtual machine.
8. The JSON segment in the resources section has the definition for the image type you selected earlier.
References:
https://docs.microsoft.com/bs-cyrl-ba/azure//lab-services/devtest-lab-vm-powershell
You use Get for source control.
You need to optimize the performance of a repository. The solution must meet the following requirements:
* Permanently remove all items referenced only in the ref log.
* Remove history that is NOT in any current branch.
How should you complete the command? To answer, select the appropriate options in the answer area.
You need to optimize the performance of a repository. The solution must meet the following requirements:
* Permanently remove all items referenced only in the ref log.
* Remove history that is NOT in any current branch.
How should you complete the command? To answer, select the appropriate options in the answer area.
正解:
Explanation:
Task 1
You need to ensure that an Azure Web App named az400-38443478-main can retrieve secrets from an Azure key vault named az400-3844J478-kv1 by using a system managed identity The solution must use the principle of least privilege.
You need to ensure that an Azure Web App named az400-38443478-main can retrieve secrets from an Azure key vault named az400-3844J478-kv1 by using a system managed identity The solution must use the principle of least privilege.
正解:
See the solution below in explanation.
Explanation:
To ensure that your Azure Web App named az400-38443478-main can retrieve secrets from an Azure Key Vault named az400-3844J478-kv1 using a system managed identity with the principle of least privilege, follow these detailed steps:
* Enable a System Managed Identity for the Azure Web App:
* Navigate to the Azure Portal.
* Go to the Azure Web App az400-38443478-main.
* Select Identity under the Settings section.
* In the System assigned tab, switch the Status to On.
* Click Save to apply the changes.
* Grant the Web App Access to the Key Vault:
* Go to the Azure Key Vault az400-3844J478-kv1.
* Select Access policies under the Settings section.
* Click on Add Access Policy.
* Choose Secret permissions and select Get and List. This grants the app the ability to read secrets, adhering to the principle of least privilege.
* Click on Select principal, search for your Web App name az400-38443478-main, and select it.
* Click Add to add the policy.
* Don't forget to click Save to save the access policy changes.
* Retrieve Secrets in the Web App Code:
* In your Web App's code, use the Azure SDK to retrieve the secrets.
* For example, in a .NET application, you can use the Azure.Identity and Azure.Security.KeyVault.
Secrets namespaces.
* Utilize the DefaultAzureCredential class which will automatically use the system managed identity when running on Azure.
using Azure.Identity;
using Azure.Security.KeyVault.Secrets;
var client = new SecretClient(new Uri("https://az400-3844J478-kv1.vault.azure.net/"), new DefaultAzureCredential()); KeyVaultSecret secret = await client.GetSecretAsync("my-secret-name"); string secretValue = secret.Value; Replace "my-secret-name" with the actual name of the secret you want to retrieve.
By following these steps, your Azure Web App will be able to securely retrieve secrets from the Azure Key Vault using a system managed identity, without needing to store credentials in the code, and adhering to the principle of least privilege. Remember to replace the placeholder names with the actual names of your Web App and Key Vault.
Explanation:
To ensure that your Azure Web App named az400-38443478-main can retrieve secrets from an Azure Key Vault named az400-3844J478-kv1 using a system managed identity with the principle of least privilege, follow these detailed steps:
* Enable a System Managed Identity for the Azure Web App:
* Navigate to the Azure Portal.
* Go to the Azure Web App az400-38443478-main.
* Select Identity under the Settings section.
* In the System assigned tab, switch the Status to On.
* Click Save to apply the changes.
* Grant the Web App Access to the Key Vault:
* Go to the Azure Key Vault az400-3844J478-kv1.
* Select Access policies under the Settings section.
* Click on Add Access Policy.
* Choose Secret permissions and select Get and List. This grants the app the ability to read secrets, adhering to the principle of least privilege.
* Click on Select principal, search for your Web App name az400-38443478-main, and select it.
* Click Add to add the policy.
* Don't forget to click Save to save the access policy changes.
* Retrieve Secrets in the Web App Code:
* In your Web App's code, use the Azure SDK to retrieve the secrets.
* For example, in a .NET application, you can use the Azure.Identity and Azure.Security.KeyVault.
Secrets namespaces.
* Utilize the DefaultAzureCredential class which will automatically use the system managed identity when running on Azure.
using Azure.Identity;
using Azure.Security.KeyVault.Secrets;
var client = new SecretClient(new Uri("https://az400-3844J478-kv1.vault.azure.net/"), new DefaultAzureCredential()); KeyVaultSecret secret = await client.GetSecretAsync("my-secret-name"); string secretValue = secret.Value; Replace "my-secret-name" with the actual name of the secret you want to retrieve.
By following these steps, your Azure Web App will be able to securely retrieve secrets from the Azure Key Vault using a system managed identity, without needing to store credentials in the code, and adhering to the principle of least privilege. Remember to replace the placeholder names with the actual names of your Web App and Key Vault.
You plane to store signed images in an Azure Container Registry instance named az4009940427acr1.
You need to modify the SKU for az4009940427acr1 to support the planned images. The solution must minimize costs.
To complete this task, sign in to the Microsoft Azure portal.
You need to modify the SKU for az4009940427acr1 to support the planned images. The solution must minimize costs.
To complete this task, sign in to the Microsoft Azure portal.
正解:
See solution below.
Explanation:
1. Open Microsoft Azure Portal, and select the Azure Container Registry instance named az4009940427acr1.
2. Under Policies, select Content Trust > Enabled > Save.
References:
https://docs.microsoft.com/en-us/azure/container-registry/container-registry-content-trust
Explanation:
1. Open Microsoft Azure Portal, and select the Azure Container Registry instance named az4009940427acr1.
2. Under Policies, select Content Trust > Enabled > Save.
References:
https://docs.microsoft.com/en-us/azure/container-registry/container-registry-content-trust
unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution After you answer a question in this section, you will NOT be able to return to it. As a result these questions will not appear in the review screen.
You integrate a cloud-hosted Jenkins server and a new Azure DevOps deployment.
You need Azure DevOps to send a notification to Jenkins when a developer commits changes to a branch in Azure Repos.
Solution: You create a service hook subscription that uses the build completed event Does this meet the goal?
You integrate a cloud-hosted Jenkins server and a new Azure DevOps deployment.
You need Azure DevOps to send a notification to Jenkins when a developer commits changes to a branch in Azure Repos.
Solution: You create a service hook subscription that uses the build completed event Does this meet the goal?
正解:A
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
You have a project in Azure DevOps that has three teams as shown in the Teams exhibit. (Click the Teams tab.)
You create a new dashboard named Dash1.
You configure the dashboard permissions for the Contoso project as shown in the Permissions exhibit (Click the Permissions tab.)
All other permissions have the default values set.
You create a new dashboard named Dash1.
You configure the dashboard permissions for the Contoso project as shown in the Permissions exhibit (Click the Permissions tab.)
All other permissions have the default values set.
正解:
Explanation:
You have a containerized solution that runs in Azure Container Instances. The solution contains a frontend container named App1 and a backend container named DB1. DB1 loads a large amount of data during startup.
You need to verify that DB1 can handle incoming requests before users can submit requests to Appl.
What should you configure?
You need to verify that DB1 can handle incoming requests before users can submit requests to Appl.
What should you configure?
正解:B
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
You have a GitHub repository.
You need to configure Dependabot dependency scanning. The solution must meet the following requirements:
* Automatically open a pull request to resolve an alert.
* Automatically open a pull request when a dependency is updated.
What should you enable for each requirement? To answer, drag the appropriate features to the correct requirements. Each feature may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
You need to configure Dependabot dependency scanning. The solution must meet the following requirements:
* Automatically open a pull request to resolve an alert.
* Automatically open a pull request when a dependency is updated.
What should you enable for each requirement? To answer, drag the appropriate features to the correct requirements. Each feature may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
