[Jun-2026] Free AZ-400 Exam Questions AZ-400 Actual Free Exam Questions
Verified AZ-400 dumps and 625 unique questions
Preferred Target Audience
When it comes to the Microsoft certification exams, you need to make sure that you are the right candidate. If you are thinking about taking the AZ-400 test, it is important to have the proper knowledge of the subject matter. This is an expert-level path, so you will have to understand how to work with code, compliance, infrastructure, and security concepts. You should also have a good amount of experience with Azure development and administration. If you have the required expertise, you will not have any problems passing the exam.
NEW QUESTION # 313
You have a project Azure DevOps.
You plan to create a build pipeline that will deploy resources by using Azure Resource Manager templates. The templates will reference secretes stored in Azure Key Vault.
Yu need to ensure that you can dynamically generate the resource ID of the key vault during template deployment.
What should you include in the template? To answer, select eh appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 314
Your company uses a Git source-code repository.
You plan to implement GitFlow as a workflow strategy.
You need to identify which branch types are used for production code and preproduction code in the strategy.
Which branch type should you identify for each code type? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Box 1: Master
The Master branch contains production code. All development code is merged into master in sometime.
Box 2: Develop
The Develop branch containspre-production code. When the features are finished then they are merged into develop.
Reference:
https://medium.com/@patrickporto/4-branching-workflows-for-git-30d0aaee7bf
NEW QUESTION # 315
Note: This question n part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution After you answer a question in this section, you will NOT be able to return to it. As a result these questions will not appear in the review screen.
You have an approval process that contains a condition. The condition requires that releases be approved by a team leader before they are deployed.
You have a policy stating that approvals must occur within eight hours.
You discover that deployments fail if the approvals lake longer than two hours.
You need to ensure that the deployments only fail if the approvals take longer than eight hours.
Solution: From Pre-deployment conditions, you modify the Timeout setting for pre-deployment approvals.
Does this meet the goal?
- A. Yes
- B. No
Answer: B
Explanation:
Explanation
Use a gate instead of an approval instead.
References: https://docs.microsoft.com/en-us/azure/devops/pipelines/release/approvals/gates
NEW QUESTION # 316
To resolve the current technical issue, what should you do to the Register-AzureRmAutomationDscNode command?
- A. Add the AllowModuleOverwrite parameter.
- B. Replace the Register-AzureRmAutomationDscNode cmdlet with
Register-AzureRmAutomationScheduledRunbook - C. Add the DefaultProfile parameter.
- D. Change the value of the ConfigurationMode parameter.
Answer: D
Explanation:
Change the ConfigurationMode parameter from ApplyOnly to ApplyAndAutocorrect.
The Register-AzureRmAutomationDscNode cmdlet registers an Azure virtual machine as an APS Desired State Configuration (DSC) node in an Azure Automation account.
Scenario: Current Technical Issue
The test servers are configured correctly when first deployed, but they experience configuration drift over time. Azure Automation State Configuration fails to correct the configurations.
Azure Automation State Configuration nodes are registered by using the following command.
References:
https://docs.microsoft.com/en-us/powershell/module/azurerm.automation/register-azurermautomationdscnode?vi
NEW QUESTION # 317
You need to configure an Azure web app named az400-9940427-main to contain an environmental variable named "MAX_ITEMS". The environmental variable must have a value of 50.
To complete this task, sign in to the Microsoft Azure portal.
Answer:
Explanation:
See solution below.
Explanation:
anation:
1. In the Azure portal, navigate to the az400-9940427-main app's management page. In the app's left menu, click Configuration > Application settings.
2. Click New Application settings
3. Enter the following:
Name: MAX_ITEMS
Value: 50
References:
https://docs.microsoft.com/en-us/azure/app-service/configure-common
NEW QUESTION # 318
Your company has a project in Azure DevOps.
You plan to create a release pipeline that will deploy resources by using Azure Resource Manager templates.
The templates will reference secrets stored in Azure Key Vault.
You need to recommend a solution for accessing the secrets stored in the key vault during deployments. The solution must use the principle of least privilege.
What should you include in the recommendation? To answer, drag the appropriate configurations to the correct targets. Each configuration may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Box 1: RBAC
Management plane access control uses RBAC.
The management plane consists of operations that affect the key vault itself, such as:
Creating or deleting a key vault.
Getting a list of vaults in a subscription.
Retrieving Key Vault properties (such as SKU and tags).
Setting Key Vault access policies that control user and application access to keys and secrets.
Box 2: RBAC
References:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-tutorial-use-key-vault
NEW QUESTION # 319
You have an Azure DevOps pipeline that is used to deploy a Node.js app.
You need to ensure that the dependencies are cached between builds.
How should you configure the deployment YAML? To answer, drag the appropriate values to the correct targets. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
NEW QUESTION # 320
Your company uses Team Foundation Server 2013 (TFS 2013).
You plan to migrate to Azure DevOps.
You need to recommend a migration strategy that meets the following requirements:
Preserves the dates of Team Foundation Version Control changesets
Preserves the changes dates of work items revisions
Minimizes migration effort
Migrates all TFS artifacts
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 321
SIMULATION
You need to create a virtual machine template in an Azure DevTest Labs environment named az400-9940427-dtl1. The template must be based on Windows Server 2016 Datacenter. Virtual machines created from the template must include the selenium tool and the Google Chrome browser.
To complete this task, sign in to the Microsoft Azure portal.
- A. 1. Open Microsoft Azure Portal
2. Select All Services, and then select DevTest Labs in the DEVOPS section.
3. From the list of labs, select the az400-9940427-dtl1 lab
4. On the home page for your lab, select + Add on the toolbar.
5. You see the Azure Resource Manager template for creating the virtual machine.
6. The JSON segment in the resources section has the definition for the image type you selected earlier. - B. 1. Open Microsoft Azure Portal
2. Select All Services, and then select DevTest Labs in the DEVOPS section.
3. From the list of labs, select the az400-9940427-dtl1 lab
4. On the home page for your lab, select + Add on the toolbar.
5. Select the Windows Server 2016 Datacenter base image for the VM.
6. Select automation options at the bottom of the page above the Submit button.
7. You see the Azure Resource Manager template for creating the virtual machine.
8. The JSON segment in the resources section has the definition for the image type you selected earlier.
Answer: B
Explanation:
References:
https://docs.microsoft.com/bs-cyrl-ba/azure//lab-services/devtest-lab-vm-powershell
NEW QUESTION # 322
How should you confrere the release retention policy for the investment planning depletions suite? To answer, select the appropriate options in the answer area.
NOTE: Eachcorrect selection is worth one point.
Answer:
Explanation:
Explanation:
Every request made against a storage service must be authorized, unless the request is for a blob or container resource that has been made available for public or signed access. One option for authorizing a request is by using Shared Key.
Scenario: The mobile applications must be able to call the share pricing service of the existing retirement fund management system. Until the system is upgraded, the service will only support basic authentication over HTTPS.
The investment planning applications suite will include one multi-tier web application and two iOS mobile application. One mobile application will be used by employees; the other will be used by customers.
References:https://docs.microsoft.com/en-us/rest/api/storageservices/authorize-with-shared-key
NEW QUESTION # 323
You provision an Azure Kubernetes Service (AKS) cluster that has RBAC enabled. You have a Helm chart for a client application.
You need to configure Helm and Tiller on the cluster and install the chart.
Which three commands should you recommend be run in sequence? To answer, move the appropriate commands from the list of commands to the answer area and arrange them in the correct order.
Answer:
Explanation:
Explanation
Step 1: Kubectl create
You can add a service account to Tiller using the --service-account <NAME> flag while you're configuring Helm (step 2 below). As a prerequisite, you'll have to create a role binding which specifies a role and a service account name that have been set up in advance.
Example: Service account with cluster-admin role
$ kubectl create -f rbac-config.yaml
serviceaccount "tiller" created
clusterrolebinding "tiller" created
$ helm init --service-account tiller
Step 2: helm init
To deploy a basic Tiller into an AKS cluster, use the helm init command.
Step 3: helm install
To install charts with Helm, use the helm install command and specify the name of the chart to install.
References:
https://docs.microsoft.com/en-us/azure/aks/kubernetes-helm
https://docs.helm.sh/using_helm/#tiller-namespaces-and-rbac
NEW QUESTION # 324
You manage a website that uses an Azure SQL Database named db1 in a resource group named RG1lod11566895.
You need to modify the SQL database to protect against SQL injection.
To complete this task, sign in to the Microsoft Azure portal.
- A. Set up Advanced Threat Protection in the Azure portal
1. Sign into the Azure portal.
2. Navigate to the configuration page of the server you want to protect. In the security settings, select Advanced Data Security.
3. On the Advanced Data Security configuration page:
4. Enable Advanced Data Security on the server.
Note: Advanced Threat Protection for Azure SQL Database detects anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases. Advanced Threat Protection can identify Potential SQL injection, Access from unusual location or data center, Access from unfamiliar principal or potentially harmful application, and Brute force SQL credentials - B. Set up Advanced Threat Protection in the Azure portal
1. Sign into the Azure portal.
2. Navigate to the configuration page of the server you want to protect. In the security settings, select Advanced Data Security.
3. On the Advanced Data Security configuration page:
4. Enable Advanced Data Security on the server.
Note: Advanced Threat Protection for Azure SQL Database detects anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases. Advanced Threat Protection can identify Potential SQL injection, Access from unusual location or data center, Access from unfamiliar principal or potentially harmful application, and Brute force SQL credentials
Answer: B
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/storage/common/storage-account-create
https://docs.microsoft.com/en-us/azure/azure-sql/database/threat-detection-configure
NEW QUESTION # 325
You have an Azure DevOps organization named Contoso and an Azure DevOps project named Project1.
You plan to use Microsoft-hosted agents to build container images that will host full Microsoft .NET Framework apps in a YAML pipeline in Project1.
What are two possible virtual machine images that you can use for the Microsoft-hosted agent pool? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
- A. vs2017-win2016
- B. win1803
- C. vs.2015-win2012r2
- D. macOS-10.13
- E. ubuntu-16.04
Answer: B,E
Explanation:
The Microsoft-hosted agent pool provides 7 virtual machine images to choose from:
* Ubuntu 16.04 (ubuntu-16.04)
* Windows Server 1803 (win1803) - for running Windows containers
* Visual Studio 2019 Preview on Windows Server 2019 (windows-2019)
* Visual Studio 2017 on Windows Server 2016 (vs2017-win2016)
* Visual Studio 2015 on Windows Server 2012R2 (vs2015-win2012r2)
* macOS X Mojave 10.14 (macOS-10.14)
* macOS X High Sierra 10.13 (macOS-10.13)
References:
https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/hosted?view=azure-devops
NEW QUESTION # 326
You are creating a container for an ASP.NET Core app.
You need to create a Dockerfile file to build the image. The solution must ensure that the size of the image is minimized.
How should you configure the file? To answer, drag the appropriate values to the correct targets. Each value must be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Box 1: microsoft.com/dotnet/sdk:2.3
The first group of lines declares from which base image we will use to build our container on top of. If the local system does not have this image already, then docker will automatically try and fetch it. The mcr.microsoft.com/dotnet/core/sdk:2.1 comes packaged with the .NET core 2.1 SDK installed, so it's up to the task of building ASP .NET core projects targeting version 2.1 Box 2: dotnet restore The next instruction changes the working directory in our container to be /app, so all commands following this one execute under this context.
COPY *.csproj ./
RUN dotnet restore
Box 3: microsoft.com/dotnet/2.2-aspnetcore-runtime
When building container images, it's good practice to include only the production payload and its dependencies in the container image. We don't want the .NET core SDK included in our final image because we only need the .NET core runtime, so the dockerfile is written to use a temporary container that is packaged with the SDK called build-env to build the app.
Reference:
https://docs.microsoft.com/de-DE/virtualization/windowscontainers/quick-start/building-sample-app
NEW QUESTION # 327
Your company uses ServiceNow for incident management.
You develop an application that runs on Azure.
The company needs to generate a ticket in ServiceNow when the application fails to authenticate.
Which Azure Log Analytics solution should you use?
- A. Automation & Control
- B. Application Insights Connector
- C. IT Service Management Connector (ITSM)
- D. Insight & Analytics
Answer: C
Explanation:
The IT Service Management Connector (ITSMC) allows you to connect Azure and a supported IT Service Management (ITSM) product/service.
ITSMC supports connections with the following ITSM tools:
ServiceNow
System Center Service Manager
Provance
Cherwell
With ITSMC, you can
Create work items in ITSM tool, based on your Azure alerts (metric alerts, Activity Log alerts and Log Analytics alerts).
Optionally, you can sync your incident and change request data from your ITSM tool to an Azure Log Analytics workspace.
Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/itsmc-overview
NEW QUESTION # 328
......
Latest 100% Passing Guarantee - Brilliant AZ-400 Exam Questions PDF: https://itcertspass.itcertmagic.com/Microsoft/real-AZ-400-exam-prep-dumps.html