AZ-400 無料問題集「Microsoft Designing and Implementing Microsoft DevOps Solutions」
You have an Azure subscription that contains the resources shown in the following table.
You plan to create a linked service in DF1. The linked service will connect to SQL1 by using Microsoft SQL Server authentication. The password for the SQL Server login will be stored in KV1.
You need to configure DF1 to retrieve the password when the data factory connects to SQL1. The solution must use the principle of least privilege.
How should you configure DF1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You plan to create a linked service in DF1. The linked service will connect to SQL1 by using Microsoft SQL Server authentication. The password for the SQL Server login will be stored in KV1.
You need to configure DF1 to retrieve the password when the data factory connects to SQL1. The solution must use the principle of least privilege.
How should you configure DF1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
Box 1: Secret
Store credential in Azure Key Vault by reference secret stored in key vault.
To reference a credential stored in Azure Key Vault, you need to:
* Retrieve data factory managed identity
* Grant the managed identity access to your Azure Key Vault. In your key vault -> Access policies -> Add Access Policy, search this managed identity to grant Get permission in Secret permissions dropdown. It allows this designated factory to access secret in key vault.
* Create a linked service pointing to your Azure Key Vault.
* Create data store linked service, inside which reference the corresponding secret stored in key vault.
Box 2: Access policy
Reference:
https://docs.microsoft.com/en-us/azure/data-factory/store-credentials-in-key-vault
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has a prefect in Azure DevOps for a new web application.
You need to ensure that when code is checked in, a build runs automatically.
Solution: from the Triggers tab of the build pipeline, you select Enable continuous integration Does the meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has a prefect in Azure DevOps for a new web application.
You need to ensure that when code is checked in, a build runs automatically.
Solution: from the Triggers tab of the build pipeline, you select Enable continuous integration Does the meet the goal?
正解:A
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
Task 6
You have an Azure function hosted in an App Service plan named az400-38443478-funct You need to configure az400 38443478-funcl lo update the functions automatically whenever new code is committed to the main branch of https://githubcom/Azure-Samples/functions-quickstart.
NOTE: Access to GitHub is blocked in the exam environment. Access to GitHub is NOT required to complete the task successfully.
You have an Azure function hosted in an App Service plan named az400-38443478-funct You need to configure az400 38443478-funcl lo update the functions automatically whenever new code is committed to the main branch of https://githubcom/Azure-Samples/functions-quickstart.
NOTE: Access to GitHub is blocked in the exam environment. Access to GitHub is NOT required to complete the task successfully.
正解:
See the solution below in explanation.
Explanation:
To configure your Azure Function az400-38443478-funct to automatically update whenever new code is committed to the main branch of the specified GitHub repository, you can use GitHub Actions for continuous deployment. Here's how to set it up:
* Create a GitHub Actions Workflow:
* In your GitHub repository, navigate to the .github/workflows/ directory.
* Create a new file for your workflow (e.g., azure-function-cd.yml).
* Define the Workflow:
* In the workflow file, define the steps for the build and deployment process.
* Use the Azure/functions-action to deploy to your Azure Function App.
* Set up triggers for the main branch to initiate the workflow on every commit.
* Generate Deployment Credentials:
* In the Azure Portal, navigate to your Function App az400-38443478-funct.
* Download the publish profile from the Overview section by clicking on Get publish profile.
* Store the Publish Profile as a GitHub Secret:
* In your GitHub repository, go to Settings > Secrets and variables > Actions.
* Create a new secret (e.g., AZURE_FUNCTIONAPP_PUBLISH_PROFILE) and paste the content of the publish profile.
* Configure the Workflow to Use the Secret:
* In the workflow file, reference the secret to authenticate the deployment to Azure.
Here's a sample GitHub Actions workflow snippet:
name: Deploy Azure Function
on:
push:
branches:
- main
jobs:
build-and-deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up Python version
uses: actions/setup-python@v2
with:
python-version: '3.x'
- name: Install dependencies
run: |
pip install -r requirements.txt
- name: Deploy to Azure Functions
uses: Azure/functions-action@v1
with:
app-name: az400-38443478-funct
publish-profile: ${{ secrets.AZURE_FUNCTIONAPP_PUBLISH_PROFILE }}
package: .
Replace the app-name with the name of your Azure Function App and ensure the Python version and dependencies match your application's requirements.
By following these steps, your Azure Function will automatically update whenever new code is pushed to the main branch of the GitHub repository. This setup minimizes manual effort and ensures that your function app is always running the latest code.
Explanation:
To configure your Azure Function az400-38443478-funct to automatically update whenever new code is committed to the main branch of the specified GitHub repository, you can use GitHub Actions for continuous deployment. Here's how to set it up:
* Create a GitHub Actions Workflow:
* In your GitHub repository, navigate to the .github/workflows/ directory.
* Create a new file for your workflow (e.g., azure-function-cd.yml).
* Define the Workflow:
* In the workflow file, define the steps for the build and deployment process.
* Use the Azure/functions-action to deploy to your Azure Function App.
* Set up triggers for the main branch to initiate the workflow on every commit.
* Generate Deployment Credentials:
* In the Azure Portal, navigate to your Function App az400-38443478-funct.
* Download the publish profile from the Overview section by clicking on Get publish profile.
* Store the Publish Profile as a GitHub Secret:
* In your GitHub repository, go to Settings > Secrets and variables > Actions.
* Create a new secret (e.g., AZURE_FUNCTIONAPP_PUBLISH_PROFILE) and paste the content of the publish profile.
* Configure the Workflow to Use the Secret:
* In the workflow file, reference the secret to authenticate the deployment to Azure.
Here's a sample GitHub Actions workflow snippet:
name: Deploy Azure Function
on:
push:
branches:
- main
jobs:
build-and-deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up Python version
uses: actions/setup-python@v2
with:
python-version: '3.x'
- name: Install dependencies
run: |
pip install -r requirements.txt
- name: Deploy to Azure Functions
uses: Azure/functions-action@v1
with:
app-name: az400-38443478-funct
publish-profile: ${{ secrets.AZURE_FUNCTIONAPP_PUBLISH_PROFILE }}
package: .
Replace the app-name with the name of your Azure Function App and ensure the Python version and dependencies match your application's requirements.
By following these steps, your Azure Function will automatically update whenever new code is pushed to the main branch of the GitHub repository. This setup minimizes manual effort and ensures that your function app is always running the latest code.
You have a project in Azure DevOps named Project1.
You implement a Continuous Integration/Continuous Deployment (CI/CD) pipeline that uses PowerShell Desired State Configuration (DSC) to configure the application infrastructure.
You need to perform a unit test and an integration test of the configuration before Project1 is deployed.
What should you use?
You implement a Continuous Integration/Continuous Deployment (CI/CD) pipeline that uses PowerShell Desired State Configuration (DSC) to configure the application infrastructure.
You need to perform a unit test and an integration test of the configuration before Project1 is deployed.
What should you use?
正解:C
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
Your company wants to use Azure Application Insights to understand how user behaviors affect an application.
Which Application Insights tool should you use to analyze each behavior? To answer, drag the appropriate tools to the correct behaviors. Each tool may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
Box 1: User Flows
The User Flows tool visualizes how users navigate between the pages and features of your site. It's great for answering questions like:
How do users navigate away from a page on your site?
What do users click on a page on your site?
Where are the places that users churn most from your site?
Are there places where users repeat the same action over and over?
Box 2: Users
Counting Users: The user behavior analytics tools don't currently support counting users or sessions based on properties other than anonymous user ID, authenticated user ID, or session ID.
Box 3: Impact
Impact analyzes how load times and other properties influence conversion rates for various parts of your app.
To put it more precisely, it discovers how any dimension of a page view, custom event, or request affects the usage of a different page view or custom event.
Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/app/usage-flows
https://docs.microsoft.com/en-us/azure/azure-monitor/app/usage-impact
https://docs.microsoft.com/en-us/azure/azure-monitor/app/usage-troubleshoot
You use Azure Pipelines to build and release application code, The pipelines include validation tests that must be completed successfully before deployment proceeds from the test stage to production.
You discover inconsistent test outcomes for the same source code.
You need to validate the test logic.
What should you do?
You discover inconsistent test outcomes for the same source code.
You need to validate the test logic.
What should you do?
正解:C
解答を投票する
Your company uses Git as a source code control system for a complex app named App1.
You plan to add a new functionality to App1.
You need to design a branching model for the new functionality.
Which branch lifetime and branch time should you use in the branching model? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You plan to add a new functionality to App1.
You need to design a branching model for the new functionality.
Which branch lifetime and branch time should you use in the branching model? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
Branch lifetime: Short-lived
Branch type: Feature
Feature branches are used when developing a new feature or enhancement which has the potential of a development lifespan longer than a single deployment. When starting development, the deployment in which this feature will be released may not be known. No matter when the feature branch will be finished, it will always be merged back into the master branch.
References:
https://gist.github.com/digitaljhelms/4287848
You have an Azure DevOps project named Project1 and an Azure subscription named Sub1. Sub1 contains an Azure SQL database named DB1.
You need to create a release pipeline that uses the Azure SQL Database Deployment task to update DB1.
Which artifact should you deploy?
You need to create a release pipeline that uses the Azure SQL Database Deployment task to update DB1.
Which artifact should you deploy?
正解:C
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
You have a project in Azure DevOps that uses packages from multiple public feeds. Some of the feeds are unreliable.
You need to consolidate the packages into a single feed.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
You need to consolidate the packages into a single feed.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
正解:
Explanation:
Step 1: Create a NuGet package.
NuGet and Maven are public package managers that support multiple feeds.
Step 2: Create an Azure Artifacts feed that uses upstream sources
If you want to use packages from multiple feeds, use upstream sources to bring packages from multiple feeds together into a single feed.
Step 3: Create a Micrtosoft Visual Studio project that includes all the packages Consume NuGet packages from upstream sources: Now you can open Visual Studio and install packages from the upstream sources you just configured.
Reference:
https://docs.microsoft.com/en-us/azure/devops/artifacts/how-to/set-up-upstream-sources
Your company concerned that when developers introduce open source Libraries, it creates licensing compliance issues.
You need to add an automated process to the build pipeline to detect when common open source libraries are added to the code base.
What should you use?
You need to add an automated process to the build pipeline to detect when common open source libraries are added to the code base.
What should you use?
正解:A
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
You have an Azure DevOps project that contains a build pipeline. The build pipeline uses approximately 50 open source libraries.
You need to ensure that the project can be scanned for known security vulnerabilities in the open source libraries.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to ensure that the project can be scanned for known security vulnerabilities in the open source libraries.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
Box 1: A Build task
Trigger a build
You have a Java code provisioned by the Azure DevOps demo generator. You will use WhiteSource Bolt extension to check the vulnerable components present in this code.
* Go to Builds section under Pipelines tab, select the build definition WhiteSourceBolt and click on Queue to trigger a build.
* To view the build in progress status, click on ellipsis and select View build results.
Box 2: WhiteSource Bolt
WhiteSource is the leader in continuous open source software security and compliance management.
WhiteSource integrates into your build process, irrespective of your programming languages, build tools, or development environments. It works automatically, continuously, and silently in the background, checking the security, licensing, and quality of your open source components against WhiteSource constantly-updated de#nitive database of open source repositories.
References:
https://www.azuredevopslabs.com/labs/vstsextend/whitesource/
You need to configure authentication for App1. The solution must support the planned changes.
Which three actions should you perform in sequence? To answer, move all actions from the list of actions to the answer area and arrange them in the correct order.
Which three actions should you perform in sequence? To answer, move all actions from the list of actions to the answer area and arrange them in the correct order.
正解:
Explanation:
Woodgrove Bank plans to implement the following changes to the identity environment:
* Configure App1 to use a service principal.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You plan to update the Azure DevOps strategy of your company.
You need to identify the following issues as they occur during the company's development process:
* Licensing violations
* Prohibited libraries
Solution: You implement automated security testing.
Does this meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You plan to update the Azure DevOps strategy of your company.
You need to identify the following issues as they occur during the company's development process:
* Licensing violations
* Prohibited libraries
Solution: You implement automated security testing.
Does this meet the goal?
正解:B
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)