NEW QUESTION 1
Your company has a project in Azure DevOps for a new application. The application will be deployed to several Azure virtual machines that run Windows Server 2021.
You need to recommend a deployment strategy for the virtual machines. The strategy must meet the following requirements:
¡E Ensure that the virtual machines maintain a consistent configuration.
¡E Minimize administrative effort to configure the virtual machines What should you include in the recommendation?

• A. Deployment YAML and Azure pipeline stage templates
• B. Azure Resource Manager templates and the Custom Script Extension for Windows
• C. Azure Resource Manager templates and the PowerShell Desired State Configuration (DSC) extension for Windows
• D. Deployment YAML and Azure pipeline deployment groups

Answer: C

Explanation: Case Study: 1 Overview
Existing Environment
Litware, Inc. e an independent software vendor (ISV) Litware has a main office and five branch offices.
Application Architecture
The company¡¦ s primary application is a single monolithic retirement fund management system based on ASP.NE T web forms that use logic written in V8.NET. Some new sections of the application are written in C#.
Variations of the application are created for individual customers. Currently, there are more than 80 have code branches in the application¡¦s code base.
The application was developed by using Microsoft Visual Studio. Source code is stored in Team Foundation Server (TFS) in the main office. The branch offices access of the source code by using TFS proxy servers.
Architectural Issues
Litware focuses on writing new code for customers. No resources are provided to refactor or remove existing code. Changes to the code base take a long time, AS dependencies are not obvious to individual developers.
Merge operations of the code often take months and involve many developers. Code merging frequently introduces bugs that are difficult to locate and resolve.
Customers report that ownership costs of the retirement fund management system increase continually. The need to merge unrelated code makes even minor code changes expensive.
Requirements Planned Changes
Litware plans to develop a new suite of applications for investment planning. The investment planning Applications will require only minor integration with the easting retirement fund management system.
The investment planning applications suite will include one multi-tier web application and two iOS mobile applications. One mobile application will be used by employees; the other will be used by customers.
Litware plans to move to a more agile development methodology. Shared code will be extracted into a series of package.
Litware has started an internal cloud transformation process and plans to use cloud based services whenever suitable.
Litware wants to become proactive m detecting failures, rather than always waning for customer bug reports.
Technical Requirements
The company's investment planning applications suite must meet the following technical requirements:
¡E New incoming connections through the firewall must be minimized.
¡E Members of a group named Developers must be able to install packages.
¡E The principle of least privilege must be used for all permission assignments
¡E A branching strategy that supports developing new functionality in isolation must be used.
¡E Members of a group named Team leaders must be able to create new packages and edit the permissions of package feeds
¡E Visual Studio App Center must be used to centralize the reporting of mobile application crashes and device types in use.
¡E By default, all App Center must be used to centralize the reporting of mobile application crashes and device types in use.
¡E Code quality and release quality are critical. During release, deployments must not proceed between stages if any active bugs are logged against the release.
¡E The mobile applications must be able to call the share pricing service of the existing retirement fund management system. Until the system is upgraded, the service will only support basic authentication over HUPS.
¡E The required operating system configuration tor the test servers changes weekly. Azure Automation State Configuration must be used to ensure that the operating system on each test servers configured the same way when the servers are created and checked periodically.
Current Technical
The test servers are configured correctly when first deployed, but they experience configuration drift over time. Azure Automation State Configuration fails to correct the configurations.
Azure Automation State Configuration nodes are registered by using the following command.

NEW QUESTION 2
HOTSPOT
How should you confrere the release retention policy for the investment planning depletions suite? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Answer:

Explanation: Every request made against a storage service must be authorized, unless the request is for a blob or container resource that has been made available for public or signed access. One option for authorizing a request is by using Shared Key. Scenario: The mobile applications must be able to call the share pricing service of the existing retirement fund management system. Until the system is upgraded, the service will only support basic authentication over HTTPS.
The investment planning applications suite will include one multi-tier web application
and two iOS mobile application. One mobile application will be used by employees; the other will be used by customers.
References: https://docs.microsoft.com/en-us/rest/api/storageservices/authorizewith- shared-key

NEW QUESTION 3
You have a brand policy in a project in Azure DevOps. The policy requires that code always builds successfully.
You need to ensure that a specific user can always merge change to the master branch, even if the code fails to compile. The solution must use the principle of least privilege.
What should you do?

• A. From the Security setting of the repository, modify the access control tor the user.
• B. From the Security settings of the branch, modify the access control for the user.
• C. Add the user to the Build Administrators group,
• D. Add the user to the Project Administrators group

Answer: B

Explanation: In some cases, you need to bypass policy requirements so you can push changes to the branch directly or complete a pull request even if branch policies are not satisfied. For these situations, grant the desired permission from the previous list to a user or group. You can scope this permission to an entire project, a repo, or a single branch. Manage this permission along the with other Git permissions. References: https://docs.microsoft.com/en-us/azure/devops/repos/git/branchpolicies

NEW QUESTION 4
Note: This question is part of a ser les of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question m this section, you will NOT be able to return to it As a result, these questions will not appear m the review screen
You integrate a cloud-hosted Jenkins server and a new Azure Dev Ops deployment. You need Azure Dev Ops lo send a notification to Jenkins when a developer commits changes to a branch in Azure Repos.
Solution: You create an email subscription to an Azure DevOps notification. Does this meet the goal?

• A. Yes
• B. NO

Answer: B

Explanation: You can create a service hook for Azure DevOps Services and TFS with Jenkins. References:
https://docs.microsoft.com/en-us/azure/devops/service-hooks/services/jenkins

NEW QUESTION 5
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has a prefect in Azure DevOps for a new web application. You need to ensure that when code is checked in, a build runs automatically.
Solution: from the Triggers tab of the build pipeline, you select Enable continuous integration
Does the meet the goal?

• A. Yes
• B. No

Answer: B

Explanation: In Visual Designer you enable continuous integration (CI) by:
„hSelect the Triggers tab.
„hEnable Continuous integration.
A continuous integration trigger on a build pipeline indicates that the system should automatically queue a new build whenever a code change is committed. References:
https://docs.microsoft.com/en-us/azure/devops/pipelines/get-started-designer

NEW QUESTION 6
Your company creates a web application.
You need to recommend a solution that automatically sends to Microsoft Teams a dairy summary of the exceptions that occur m the application.
Which two Azure services should you recommend? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

• A. Microsoft Visual Studio App Center
• B. Azure DevOps Project
• C. Azure Logic Apps
• D. Azure Pipelines
• E. Azure Application Insights

Answer: CE

Explanation: References:
https://docs.microsoft.com/en-us/azure/azure-monitor/app/asp-net-exceptions https://docs.microsoft.com/en-us/azure/azure-monitor/app/automate-custom-reports

NEW QUESTION 7
Your company has a project in Azure DevOps for a new web application. The company uses Service Now for change management.
You need to ensure that a change request is processed before any components can be deployed to the production environment.
What are two ways to integrate into the Azure DevOps release pipeline? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

• A. Define a deployment control that invokes the Service Now SOAP API.
• B. Define a post deployment gate after the deployment to the QA stage.
• C. Define a deployment control that invokes the ServiceNow REST API.
• D. Define a pre deployment gate before the deployment to the Prod stag

Answer: BD

Explanation: An example of a release pipeline that can be modeled through a release pipeline in shown below:

In this example, a release of a website is created by collecting specific versions of two builds (artifacts), each from a different build pipeline. The release is first deployed to a Dev stage and then forked to two QA stages in parallel. If the deployment succeeds in both the QA stages, the release is deployed to Prod ring 1 and then to Prod ring 2. Each production ring represents multiple instances of the same website deployed at various locations around the globe.
References: https://docs.microsoft.com/en-us/azure/devops/pipelines/release

NEW QUESTION 8
Your company is concerned that when developers introduce open source libraries, it creates licensing compliance issues.
You need to add an automated process to the build pipeline to detect when common open source libraries are added to the code base.
What should you use?

• A. Microsoft Visual SourceSafe
• B. PDM
• C. WhiteSource
• D. OWASP ZAP

Answer: C

Explanation: WhiteSource is the leader in continuous open source software security and compliance management. WhiteSource integrates into your build process, irrespective of your programming languages, build tools, or development environments. It works automatically, continuously, and silently in the background, checking the security, licensing, and quality of your open source components against WhiteSource constantly-updated definitive database of open source repositories.
Azure DevOps integration with WhiteSource Bolt will enable you to:
„hDetect and remedy vulnerable open source components.
„hGenerate comprehensive open source inventory reports per project or build.
„hEnforce open source license compliance, including dependencies¡¦ licenses.
„hIdentify outdated open source libraries with recommendations to update. References: https://www.azuredevopslabs.com/labs/vstsextend/WhiteSource/

NEW QUESTION 9
Your company has an on-premises Bitbucket Server that is used for Git-based source control. The server is protected by a firewall that blocks inbound Internet traffic.
You plan to use Azure DevOps to manage the build and release processes Which two components are required to integrate Azure DevOps and Bitbucket? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one port.

• A. an External Git service connection
• B. a Microsoft hosted agent
• C. service hooks
• D. a self- hosted agent
• E. a deployment M group

Answer: AD

Explanation: When a pipeline uses a remote, 3rd-party repository host such as Bitbucket Cloud, the repository is configured with webhooks that notify Azure Pipelines Server or TFS when code has changed and a build should be triggered. Since on-premises installations are normally protected behind a firewall, 3rd-party webhooks are unable to reach the on-premises server. As a workaround, you can use the External Git repository type which uses polling instead of webhooks to trigger a build when code has changed.
References: https://docs.microsoft.com/enus/ azure/devops/pipelines/repos/pipeline-options-for

NEW QUESTION 10
HOTSPOT
Your company is building a new web application.
You plan to collect feedback from pilot users on the features being delivered. All the pilot users have a corporate computer that has Google Chrome and the Microsoft Test & Feedback extension installed. The pilot users will test the application by using Chrome.
You need to identify which access levels are required to ensure that developers can request and gather feedback from the pilot users. The solution must use the principle of least privilege.
Which access levels m Azure DevOps should you identify? To answer, select the
appropriate options in the answer area
NOTE: Each correct selection is worth one point.

Answer:

Explanation: Box 1: Basic
Assign Basic to users with a TFS CAL, with a Visual Studio Professional subscription, and to users for whom you are paying for Azure Boards & Repos in an organization.
Box 2: Stakeholder
Assign Stakeholders to users with no license or subscriptions who need access to a limited set of features.
Note:
You assign users or groups of users to one of the following access levels: Basic: provides access to most features
VS Enterprise: provides access to premium features
Stakeholders: provides partial access, can be assigned to unlimited users for free References: https://docs.microsoft.com/enus/ azure/devops/organizations/security/access-levels?view=vsts

NEW QUESTION 11
HOTSPOT
Your company uses Team Foundation Server 2013 (TFS 2013). You plan to migrate to Azure DevOps.
You need to recommend a migration strategy that meets the following requirements:
„hPreserves the dates of Team Foundation Version Control changesets
„hPreserves the changes dates of work items revisions
„hMinimizes migration effort
„hMigrates all TFS artifacts
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation: Box 1: Upgrade TFS to the most recent RTM release.
One of the major prerequisites for migrating your Team Foundation Server database is to get your database schema version as close as possible to what is currently deployed in Azure Devops Services.
Box 2: Use the TFS Database Import Service
In Phase 3 of your migration project, you will work on upgrading your Team Foundation Server to one of the supported versions for the Database Import Service in Azure Devops Services.
References: Team Foundation Server to Azure Devops Services Migration Guide

NEW QUESTION 12
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You plan to create a release pipeline that will deploy Azure resources by using Azure Resource Manager templates. The release pipeline will create the following resources:
„hTwo resource groups
„hFour Azure virtual machines in one resource group
„hTwo Azure SQL databases in other resource group
You need to recommend a solution to deploy the resources.
Solution: Create two standalone templates, each of which will deploy the resources in its respective group.
Does this meet the goal?

• A. Yes
• B. No

Answer: B

Explanation: Use a main template and two linked templates.
References: https://docs.microsoft.com/en-us/azure/azure-resourcemanager/ resource-group-linked-templates

NEW QUESTION 13
HOTSPOT
Your company is creating a suite of three mobile applications.
You need to control access to the application builds. The solution must be managed at the organization level
What should you use? To answer, select the appropriate options m the answer area. NOTE: Each correct selection is worth one point.

Answer:

Explanation: Box 1: Microsoft Visual Studio App Center distribution Groups
Distribution Groups are used to control access to releases. A Distribution Group represents a set of users that can be managed jointly and can have common access to releases. Example of Distribution Groups can be teams of users, like the QA Team or External Beta Testers or can represent stages or rings of releases, such as Staging.
Box 2: Shared
Shared distribution groups are private or public distribution groups that are shared across multiple apps in a single organization. Shared distribution groups eliminate the need to replicate distribution groups across multiple apps.
Note: With the Deploy with App Center Task in Visual Studio Team Services, you can deploy your apps from Azure DevOps (formerly known as VSTS) to App Center. By deploying to App Center, you will be able to distribute your builds to your users. References: https://docs.microsoft.com/en-us/appcenter/distribution/groups

NEW QUESTION 14
You have a GitHub repository.
You create a new repository in Azure DevOps.
You need to recommend a procedure to clone the repository from GitHub to Azure DevOps.
What should you recommend?

• A. Create a webhook.
• B. Create a service connection for GitHub.
• C. From Import a Git repository, click Import
• D. Create a pull request.
• E. Create a personal access token in Azure DevOp

Answer: C

NEW QUESTION 15
In Azure DevOps, you create Project3.
You need to meet the requirements of the project. What should you do first?

• A. From Azure DevOps, create a service endpoint.
• B. From SonarQube, obtain an authentication token.
• C. From Azure DevOps, modify the build definition.
• D. From SonarQube, create a projec

Answer: A

Explanation: The first thing to do is to declare your SonarQube server as a service endpoint in your VSTS/DevOps project settings.
References: https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Extension+fo r+vsts-TFS

NEW QUESTION 16
You need to recommend a Docker container build strategy that meets the following requirements
¡E Minimizes image sues
¡E Minimizes the security surface area of the final image What should you include m the recommendation?

• A. multi-stage builds
• B. single-stage builds
• C. PowerShell Desired State Configuration (DSC)
• D. Docker Swarm

Answer: A

Explanation: Multi-stage builds are a new feature requiring Docker 17.05 or higher on the daemon and client. Multistage builds are useful to anyone who has struggled to optimize Dockerfiles while keeping them easy to read and maintain. References: https://docs.docker.com/develop/develop-images/multistage-build/

NEW QUESTION 17
You are developing a multi-tier application. The application will use Azure App Service web apps as the front end and an Azure SQL database as the back end. The application will use Azure functions to write some data to Azure Storage. You need to send the Azure DevOps team an email message when the front end fails to return a status code of 200.
Which feature should you use?

• A. Service Map in Azure Log Analytics
• B. Profiler in Azure Application Insights
• C. availability tests in Azure Application Insights
• D. Application Map in Azure Application Insights

Answer: D

Explanation: Application Map helps you spot performance bottlenecks or failure hotspots across all components of your distributed application. Each node on the map represents an application component or its dependencies; and has health KPI and alerts status. References: https://docs.microsoft.com/en-us/azure/azure-monitor/app/app-map

NEW QUESTION 18
Your company is concerned that when developers introduce open source libraries, it creates licensing compliance issues.
You need to add an automated process to the build pipeline to detect when common open source libraries are added to the code base.
What should you use?

• A. PDM
• B. OWASPZAP
• C. WhiteSource
• D. Jenkins

Answer: C