NEW QUESTION 1
DRAG DROP
You need to use Azure Automation Sure Configuration to manage the ongoing consistency of virtual machine configurations.
Which five actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in
the correct order.
NOTE: More than one order of answer choices in correct. You writ receive credit for any of the orders you select.

• A. Mastered


• B. Not Mastered

Answer: A

Explanation:
Step 1: Assign the node configuration.
You create a simple DSC configuration that ensures either the presence or absence of the Web-Server Windows Feature (IIS), depending on how you assign nodes. Step 2: Upload a configuration to Azure Automation State Configuration.
You import the configuration into the Automation account. Step 3: Compiling a configuration into a node configuration Compiling a configuration in Azure Automation
Before you can apply a desired state to a node, a DSC configuration defining that state must be compiled into one or more node configurations (MOF document), and placed on the Automation DSC Pull Server.
Step 4: Onboard the virtual machines to Azure State Configuration Onboarding an Azure VM for management with Azure Automation State Configuration
Step 5: Check the compliance status of the node.
Viewing reports for managed nodes. Each time Azure Automation State Configuration performs a consistency check on a managed node, the node sends a status report back to the pull server. You can view these reports on the page for that node.
On the blade for an individual report, you can see the following status information for the corresponding consistency check:
The report status ¡X whether the node is "Compliant", the configuration "Failed", or the node is "Not Compliant" (when the node is in ApplyandMonitor mode and the machine is not in the desired state).
References: https://docs.microsoft.com/en-us/azure/automation/automation-dscgetting- started

NEW QUESTION 2
Your company develops an app for OS. All users of the app have devices that are members of a private distribution group in Microsoft Visual Studio App Center. You plan to distribute a new release of the app.
You need to identify which certificate file you require to distribute the new release from App Center.
Which file type should you upload to App Center?

• A. .cer


• B. .pvk


• C. .pfx


• D. .p12

Answer: D

NEW QUESTION 3
Your company has a project in Azure DevOps for a new web application. The company uses Service Now for change management.
You need to ensure that a change request is processed before any components can be deployed to the production environment.
What are two ways to integrate into the Azure DevOps release pipeline? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

• A. Define a deployment control that invokes the Service Now SOAP API.


• B. Define a post deployment gate after the deployment to the QA stage.


• C. Define a deployment control that invokes the ServiceNow REST API.


• D. Define a pre deployment gate before the deployment to the Prod stag

Answer: BD

Explanation:
An example of a release pipeline that can be modeled through a release pipeline in shown below:

In this example, a release of a website is created by collecting specific versions of two builds (artifacts), each from a different build pipeline. The release is first deployed to a Dev stage and then forked to two QA stages in parallel. If the deployment succeeds in both the QA stages, the release is deployed to Prod ring 1 and then to Prod ring 2. Each production ring represents multiple instances of the same website deployed at various locations around the globe.
References: https://docs.microsoft.com/en-us/azure/devops/pipelines/release

NEW QUESTION 4
Your company deploys applications m Docket containers.
You want to detect known explogts in the Docket images used to provision the Docker containers.
You need to integrate image scanning into the application lifecycle. The solution must expose the explogts as early as possible during the application lifecycle. What should you configure?

• A. a task executed in the continuous deployment pipeline and a scheduled task against a running production container.


• B. a task executed in the continuous integration pipeline and a scheduled task that analyzes the production container.


• C. a task executed in the continuous integration pipeline and a scheduled task that analyzes the image registry


• D. manual tasks performed during the planning phase and the deployment phase

Answer: C

Explanation:
You can use the Docker task to sign into ACR and then use a subsequent script to pull an image and scan the container image for vulnerabilities.
Use the docker task in a build or release pipeline. This task can be used with Docker
or Azure Container registry.
References: https://docs.microsoft.com/en-us/azure/devops/articles/securityvalidation- cicd-pipeline?view=vsts

NEW QUESTION 5
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen
Your company has a project in Azure DevOps for a new web application. You need to ensure that when code is checked in, a build runs automatically.
Solution: From the Continuous deployment trigger settings of the release pipeline, you enable the Pull request trigger setting.
Does the meet the goal?

• A. Yes


• B. No

Answer: B

Explanation:
In Visual Designer you enable continuous integration (CI) by:
„hSelect the Triggers tab.
„hEnable Continuous integration. References:
https://docs.microsoft.com/en-us/azure/devops/pipelines/get-started-designer

NEW QUESTION 6
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has a project in Azure DevOps for a new web application. You need to ensure that when code is checked in, a build runs automatically.
Solution: From the Pre-deployment conditions settings of the release pipeline, you select After stage.
Does this meet the goal?

• A. Yes


• B. No

Answer: B

Explanation:
Instead, In Visual Designer you enable continuous integration (CI) by:
„hSelect the Triggers tab.
„hEnable Continuous integration. References:
https://docs.microsoft.com/en-us/azure/devops/pipelines/get-started-designer

NEW QUESTION 7
During a code review, you discover many quality issues. Many modules contain unused variables and empty catch Modes. You need to recommend a solution to improve the quality o' the code. What should you recommend?

• A. In a Gradle build task, select Run Checkstyle.


• B. In an Xcode build task, select Use xcpretty from Advanced


• C. In a Grunt build task, select Enabled from Control Options.


• D. In a Maven build task, select Run PM

Answer: D

Explanation:
PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth.
There is an Apache Maven PMD Plugin which allows you to automatically run the PMD code analysis tool on your project's source code and generate a site report with its results.
References: https://pmd.github.io/

NEW QUESTION 8
HOTSPOT
Your company uses Team Foundation Server 2013 (TFS 2013). You plan to migrate to Azure DevOps.
You need to recommend a migration strategy that meets the following requirements:
„hPreserves the dates of Team Foundation Version Control changesets
„hPreserves the changes dates of work items revisions
„hMinimizes migration effort
„hMigrates all TFS artifacts
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

• A. Mastered


• B. Not Mastered

Answer: A

Explanation:
Box 1: Upgrade TFS to the most recent RTM release.
One of the major prerequisites for migrating your Team Foundation Server database is to get your database schema version as close as possible to what is currently deployed in Azure Devops Services.
Box 2: Use the TFS Database Import Service
In Phase 3 of your migration project, you will work on upgrading your Team Foundation Server to one of the supported versions for the Database Import Service in Azure Devops Services.
References: Team Foundation Server to Azure Devops Services Migration Guide

NEW QUESTION 9
You are developing a multi-tier application. The application will use Azure App Service web apps as the front end and an Azure SQL database as the back end. The application will use Azure functions to write some data to Azure Storage. You need to send the Azure DevOps team an email message when the front end fails to return a status code of 200.
Which feature should you use?

• A. Service Map in Azure Log Analytics


• B. Profiler in Azure Application Insights


• C. availability tests in Azure Application Insights


• D. Application Map in Azure Application Insights

Answer: D

Explanation:
Application Map helps you spot performance bottlenecks or failure hotspots across all components of your distributed application. Each node on the map represents an application component or its dependencies; and has health KPI and alerts status. References: https://docs.microsoft.com/en-us/azure/azure-monitor/app/app-map

NEW QUESTION 10
Your company develops a client banking application that processes a large volume of data.
Code quality is an ongoing issue for the company. Recently, the code quality has deteriorated because of an increase in time pressure on the development team. You need to implement static code analysis.
During which phase should you use static code analysis?

• A. build


• B. production release


• C. staging


• D. integration testing

Answer: B

NEW QUESTION 11
DRAG DROP
You need to implement Project6.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them m the correct order.

• A. Mastered


• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 12
HOTSPOT
You have a project Azure DevOps.
You plan to create a build pipeline that will deploy resources by using Azure Resource Manager templates. The templates will reference secretes stored in Azure Key Vault.
Yu need to ensure that you can dynamically generate the resource ID of the key vault during template deployment.
What should you include in the template? To answer, select eh appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

• A. Mastered


• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 13
You plan to share packages that you wrote, tested, validated, and deployed by using Azure Artifacts.
You need to release multiple builds of each package by using a single feed. The solution must limit the release of packages that are in development.
What should you use?

• A. global symbols


• B. local symbols


• C. upstream sources


• D. views

Answer: C

Explanation:
Upstream sources enable you to manage all of your product's dependencies in a single feed. We recommend publishing all of the packages for a given product to that product's feed, and managing that product's dependencies from remote feeds in the same feed, via upstream sources. This setup has a few benefits:
„hSimplicity: your NuGet.config, .npmrc, or settings.xml contains exactly one feed (your feed).
„hDeterminism: your feed resolves package requests in order, so rebuilding
the same codebase at the same commit or changeset uses the same set of packages
„hProvenance: your feed knows the provenance of packages it saved via upstream sources, so you can verify that you're using the original package, not a custom or malicious copy published to your feed
„hPeace of mind: packages used via upstream sources are guaranteed to be saved in the feed on first use; if the upstream source is disabled/removed, or the remote feed goes down or deletes a package you depend on, you can continue to develop and build
References: https://docs.microsoft.com/enus/ azure/devops/artifacts/concepts/upstream-sources?view=vsts

NEW QUESTION 14
Your company is building a new solution in Java.
The company currently uses a SonarQube server to analyze the code of .NET solutions.
You need to analyze and monitor the code quality of the Java solution. Which task types should you add to the build pipeline?

• A. Octopus


• B. Chef


• C. Maven


• D. Grunt

Answer: A

NEW QUESTION 15
You have a brand policy in a project in Azure DevOps. The policy requires that code always builds successfully.
You need to ensure that a specific user can always merge change to the master branch, even if the code fails to compile. The solution must use the principle of least privilege.
What should you do?

• A. From the Security setting of the repository, modify the access control tor the user.


• B. From the Security settings of the branch, modify the access control for the user.


• C. Add the user to the Build Administrators group,


• D. Add the user to the Project Administrators group

Answer: B

Explanation:
In some cases, you need to bypass policy requirements so you can push changes to the branch directly or complete a pull request even if branch policies are not satisfied. For these situations, grant the desired permission from the previous list to a user or group. You can scope this permission to an entire project, a repo, or a single branch. Manage this permission along the with other Git permissions. References: https://docs.microsoft.com/en-us/azure/devops/repos/git/branchpolicies

NEW QUESTION 16
Note: This question n part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution
After you answer a question in this section, you will NOT be able to return to it. As a result these questions will not appear in the review screen.
You have an approval process that contains a condition. The condition requires that releases be approved by a team leader before they are deployed.
You have a policy stating that approvals must occur within eight hours.
You discover that deployments fail if the approvals lake longer than two hours. You need to ensure that the deployments only fail if the approvals take longer than eight hours.
Solution: From Pre-deployment conditions, you modify the Timeout setting for predeployment approvals.
Does this meet the goal?

• A. Yes


• B. No

Answer: B

Explanation:
Use a gate instead of an approval instead.
References: https://docs.microsoft.com/enus/ azure/devops/pipelines/release/approvals/gates

NEW QUESTION 17
Your company is concerned that when developers introduce open source libraries, it creates licensing compliance issues.
You need to add an automated process to the build pipeline to detect when common open source libraries are added to the code base.
What should you use?

• A. Microsoft Visual SourceSafe


• B. PDM


• C. WhiteSource


• D. OWASP ZAP

Answer: C

Explanation:
WhiteSource is the leader in continuous open source software security and compliance management. WhiteSource integrates into your build process, irrespective of your programming languages, build tools, or development environments. It works automatically, continuously, and silently in the background, checking the security, licensing, and quality of your open source components against WhiteSource constantly-updated definitive database of open source repositories.
Azure DevOps integration with WhiteSource Bolt will enable you to:
„hDetect and remedy vulnerable open source components.
„hGenerate comprehensive open source inventory reports per project or build.
„hEnforce open source license compliance, including dependencies¡¦ licenses.
„hIdentify outdated open source libraries with recommendations to update. References: https://www.azuredevopslabs.com/labs/vstsextend/WhiteSource/

NEW QUESTION 18
Your company uses cloud-hosted Jenkins for builds.
You need to ensure that Jenkins can retrieve source code from Azure Repos. Which three actions should you perform? Each correct answer presents part of the solution
NOTE: Each correct answer selection is worth one point

• A. Add the Team Foundation Server (TFS) plug-in to Jenkins.


• B. Create a personal access token m your Azure DevOps account.


• C. Create a webhook in Jenkins.


• D. Add a domain to your Jenkins account.


• E. Create a service hook m Azure DevOps.

Answer: ABE

Explanation:
References:
https://blogs.msdn.microsoft.com/devops/2021/04/25/vsts-visual-studio-teamservices- integration-with-jenkins/
http://www.aisoftwarellc.com/blog/post/how-to-setup-automated-builds-usingjenkins- and-visual-studio-team-foundation-server/2044

NEW QUESTION 19
You have an Azure Resource Manager template that deploys a multi-tier application. You need to prevent the user who performs the deployment from viewing the account credentials and connection strings used by the application.
What should you use?

• A. an Azure Resource Manager parameter file


• B. an Azure Storage table


• C. an Appsettings.json files


• D. Azure Key Vault


• E. a Web.config file

Answer: D

Explanation:
When you need to pass a secure value (like a password) as a parameter during deployment, you can retrieve the value from an Azure Key Vault. You retrieve the value by referencing the key vault and secret in your parameter file. The value is never exposed because you only reference its key vault ID. The key vault can exist in a different subscription than the resource group you are deploying to. References: https://docs.microsoft.com/en-us/azure/azure-resourcemanager/ resource-manager-keyvault-parameter

NEW QUESTION 20
DRAG DROP
You mc configuring Azure DevOps build pipelines. You plan to use hosted build agents.
Which build agent pool should you use to compile each application type? To answer, drag the appropriate built agent pools to the correct application types. Each butt agent pool may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

• A. Mastered


• B. Not Mastered

Answer: A

Explanation:
Box 1: Hosted macOS
Hosted macOS pool (Azure Pipelines only): Enables you to build and release on macOS without having to configure a self-hosted macOS agent. This option affects where your data is stored.
Box 2: Hosted
Hosted pool (Azure Pipelines only): The Hosted pool is the built-in pool that is a collection of Microsoft-hosted agents.
Incorrect Answers:
Default pool: Use it to register self-hosted agents that you've set up.
Hosted Windows Container pool (Azure Pipelines only): Enabled you to build and release inside Windows containers. Unless you're building using containers, Windows builds should run in the Hosted VS2021 or Hosted pools.
References: https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/v2-osx

NEW QUESTION 21
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that m.ght meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you win NOT be able to return to it. As a result, these questions win not appear in the review screen.
You integrate a cloud- hosted Jenkins server and a new Azure DevOps deployment You need Azure DevOps to send a notification to Jenkins when a developer commits changes to a branch in Azure Repos.
Solution: You create a service hook subscription that uses the code pushed event. Does this meet the goal?

• A. Yes


• B. NO

Answer: A

Explanation:
You can create a service hook for Azure DevOps Services and TFS with Jenkins. References:
https://docs.microsoft.com/en-us/azure/devops/service-hooks/services/jenkins

NEW QUESTION 22
......