[2024年01月07日] 365日更新、有効なAZ-400知能問題集
ベスト品質のAZ-400試験問題集でMicrosoftテスト高得点を目指そう
マイクロソフトのAZ-400認定試験は、Azure DevOpsや関連ツールを使用した経験を持つプロフェッショナルに適しています。この試験は、継続的な統合とデプロイの設計と実装、ソースコントロールの管理、インフラストラクチャのコード化の実装、インフラストラクチャの設定と管理、監視と記録、セキュリティとコンプライアンスの実装など、さまざまなトピックをカバーしています。また、候補者は、Azure Resource Manager、Azure Kubernetes Service、Azure DevOpsなど、さまざまなAzureツールとサービスを使いこなす能力を示す必要があります。
マイクロソフトのAZ-400(Microsoft DevOpsソリューションの設計と実装)認定試験は、マイクロソフトのテクノロジーを使用してDevOpsソリューションを設計および実装するために必要なスキルと知識を検証するプロフェッショナルレベルの認定試験です。この試験は、Microsoft Azureおよび他のMicrosoftテクノロジーを使用して組織でDevOpsソリューションを設計および実装する責任を持つ個人を対象としています。
試験は、Microsoft Azure、Microsoft Visual Studio、およびその他のMicrosoftテクノロジーに経験を持つITプロフェッショナルを対象としています。試験は、スケーラブルで信頼性が高く、安全性があるDevOpsソリューションを設計および実装する能力を試験するように設計されています。合格者は、DevOpsの原則とプラクティスを使用して、ソフトウェア開発および配信プロセスの効率と信頼性を向上させる能力を証明できます。この試験に合格することで、プロフェッショナルはDevOpsのスキルと知識を証明し、新しいキャリアの機会を得ることができます。
質問 # 105
You need to execute inline testing of an Azure DevOps pipeline that uses aDocker deployment model. The solution must prevent the results from being published to the pipeline.
What should you use for the inline testing?
- A. a DockerCompose file
- B. a multi-stage Dockerfile
- C. an Azure Kubernetes Service (AKS) pod
- D. a single stage Dockerfile
正解:A
解説:
Explanation
"Build and test with a multi-stage Dockerfile: build and tests execute inside the container using a multi-stage Docker file, as such test results are not published back to the pipeline."https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/test/publish-test-results?view=azure-dev
質問 # 106
Your company uses cloud-hosted Jenkins for builds.
You need to ensure that Jenkins can retrieve source code from Azure Repos.
Which three actions should you perform? Each correct answer presents part of the solution NOTE: Each correct answer selection is worth one point
- A. Create a personal access token m your Azure DevOps account.
- B. Add a domain to your Jenkins account.
- C. Add the Team Foundation Server (TFS) plug-in to Jenkins.
- D. Create a webhook in Jenkins.
- E. Create a service hook m Azure DevOps.
正解:A、C、E
解説:
Explanation
References:
https://blogs.msdn.microsoft.com/devops/2017/04/25/vsts-visual-studio-team-services-integration-with-jenkins/
http://www.aisoftwarellc.com/blog/post/how-to-setup-automated-builds-using-jenkins-and-visual-studio-team-foundation-serve
質問 # 107
Your company uses GitHub for source control. GitHub repositories store source code and store process documentation. The process documentation is saved as Microsoft Word documents that contain simple flow charts stored as .bmp files.
You need to optimize the integration and versioning of the process documentation and the flow charts. The solution must meet the following requirements:
* Store documents as plain text.
* Minimize the number of files that must be maintained.
* Simplify the modification, merging, and reuse of flow charts.
* Simplify the modification, merging, and reuse of documents.
What should you include in the solution? To answer, select the appropriate options in the answer are a. NOTE: Each correct selection is worth one point.
正解:
解説:
Reference:
https://ourcodingclub.github.io/tutorials/git/
https://mermaid-js.github.io/mermaid/#/
質問 # 108
You have a virtual machine that runs Windows Server 2019 and is managed by using Desired State Configuration (DSC).
You have the following DSC configuration.
You have the following Local Configuration Manager (LCM) configuration.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation
No " Dependson are defined"
No "Mode is Apply and Monitor"
Yes "Configuration Mode FreqMin : 60 "
------
Configuration Mode Freq Min:How often, in minutes, the current configuration is checked and applied. This property is ignored if the Configuration Mode property is set to Apply Only.
https://docs.microsoft.com/en-us/powershell/dsc/managing-nodes/metaconfig?view=dsc-1.1
https://docs.microsoft.com/en-us/powershell/dsc/configurations/resource-depends-on?view=dsc-1.1
質問 # 109
Your company has four projects. The version control requirements for each project are shown in the following table.
You plan to use Azure Repos for all the projects.
Which version control system should you use for each project? To answer, drag the appropriate version control systems to the correct projects. Each version control system may be used once, more than once, or not at all.
You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation
1 -> TFVS Refer :
https://docs.microsoft.com/en-us/azure/devops/repos/tfvc/control-access-team-foundation-version-control?view=
2 -> TFVS Refer :
https://docs.microsoft.com/en-us/azure/devops/repos/tfvc/add-check-policies?view=azure-devops
3 -> Git Refer :
https://docs.microsoft.com/en-us/azure/devops/repos/git/share-your-code-in-git-xcode?view=azure-devops
4 -> TFVS Refer
:https://docs.microsoft.com/en-us/azure/devops/organizations/security/permissions?view=azure-devops#tfvc
質問 # 110
You plan to deploy a runbook that will create Azure AD user accounts.
You need to ensure that runbooks can run the Azure PowerShell cmdlets for Azure Active Directory.
To complete this task, sign in to the Microsoft Azure portal.
正解:
解説:
See solution below.
Explanation
Azure Automation now ships with the Azure PowerShell module of version 0.8.6, which introduced the ability to non-interactively authenticate to Azure using OrgId (Azure Active Directory user) credential-based authentication. Using the steps below, you can set up Azure Automation to talk to Azure using this authentication type.
Step 1: Find the Azure Active Directory associated with the Azure subscription to manage:
1. Log in to the Azure portal as the service administrator for the Azure subscription you want to manage using Azure Automation. You can find this user by logging in to the Azure portal as any user with access to this Azure subscription, then clicking Settings, then Administrators.
2. Note the name of the directory associated with the Azure subscription you want to manage. You can find this directory by clicking Settings, then Subscriptions.
Step 2: Create an Azure Active Directory user in the directory associated with the Azure subscription to manage:
You can skip this step if you already have an Azure Active Directory user in this directory. and plan to use this OrgId to manage Azure.
1. In the Azure portal click on Active Directory service.
2. Click the directory name that is associated with this Azure subscription.
3. Click on the Users tab and then click the Add User button.
4. For type of user, select "New user in your organization." Enter a username for the user to create.
5. Fill out the user's profile. For role, pick "User." Don't enable multi-factor authentication. Multi-factor accounts cannot be used with Azure Automation.
6. Click Create.
7. Jot down the full username (including part after @ symbol) and temporary password.
Step 3: Allow this Azure Active Directory user to manage this Azure subscription.
1. Click on Settings (bottom Azure tab under StorSimple)
2. Click Administrators
3. Click the Add button. Type the full user name (including part after @ symbol) of the Azure Active Directory user you want to set up to manage Azure. For subscriptions, choose the Azure subscriptions you want this user to be able to manage. Click the check mark.
Step 4: Configure Azure Automation to use this Azure Active Directory user to manage this Azure subscription Create an Azure Automation credential asset containing the username and password of the Azure Active Directory user that you have just created. You can create a credential asset in Azure Automation by clicking into an Automation Account and then clicking the Assets tab, then the Add Setting button.
Note: Once you have set up the Azure Active Directory credential in Azure and Azure Automation, you can now manage Azure from Azure Automation runbooks using this credential.
References:
https://azure.microsoft.com/sv-se/blog/azure-automation-authenticating-to-azure-using-azure-active-directory/
質問 # 111
Your company uses Team Foundation Server 2013 (TFS 2013).
You plan to migrate to Azure DevOps.
You need to recommend a migration strategy that meets the following requirements:
* Preserves the dates of Team Foundation Version Control changesets
* Preserves the changes dates of work items revisions
* Minimizes migration effort
* Migrates all TFS artifacts
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation
Box 1: Upgrade TFS to the most recent RTM release.
One of the major prerequisites for migrating your Team Foundation Server database is to get your database schema version as close as possible to what is currently deployed in Azure Devops Services.
Box 2: Use the TFS Database Import Service
In Phase 3 of your migration project, you will work on upgrading your Team Foundation Server to one of the supported versions for the Database Import Service in Azure Devops Services.
References: Team Foundation Server to Azure Devops Services Migration Guide
質問 # 112
You have a virtual machine that runs Windows Server 2019 and is managed by using Desired State Configuration (DSC).
You have the following DSC configuration.
You have the following Local Configuration Manager (LCM) configuration.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
解説:
質問 # 113
You plan to create alerts that will be triggered based on the page load performance of a home page.
You have the Application Insights log query shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
正解:
解説:
Reference:
https://devblogs.microsoft.com/premier-developer/alerts-based-on-analytics-query-using-custom-log-search/
質問 # 114 
Your company is building a new web application.
You plan to collect feedback from pilot users on the features being delivered.
All the pilot users have a corporate computer that has Google Chrome and the Microsoft Test & Feedback extension installed. The pilot users will test the application by using Chrome.
You need to identify which access levels are required to ensure that developers can request and gather feedback from the pilot users. The solution must use the principle of least privilege.
Which access levels in Azure DevOps should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation
Graphical user interface, text, application Description automatically generated
Box 1: Basic
Assign Basic to users with a TFS CAL, with a Visual Studio Professional subscription, and to users for whom you are paying for Azure Boards & Repos in an organization.
Box 2: Stakeholder
Assign Stakeholders to users with no license or subscriptions who need access to a limited set of features.
Note:
You assign users or groups of users to one of the following access levels:
Basic: provides access to most features
VS Enterprise: provides access to premium features
Stakeholders: provides partial access, can be assigned to unlimited users for free Reference:
https://docs.microsoft.com/en-us/azure/devops/organizations/security/access-levels?view=vsts
質問 # 115
You have an Azure key vault named KV1 and three web servers.
You plan to deploy an app named App1 to the web server.
You need to ensure that App1 can retrieve a secret from KV1.
The solution must meet the following requirements:
* Minimize the number of permission grants required
* Follow the principle of least privilege.
What should you include in the solution?
- A. a user-assigned managed identity
- B. a system-assigned managed identity
- C. a service principal
- D. role-based access control (RBAQ permissions
正解:B
質問 # 116
You need to deploy Internet Information Services (IIS) to an Azure virtual machine that runs Windows Server 2019.
How should you complete the Desired State Configuration (DSQ configuration script? To answer, drag the appropriate values to the correct locations. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
正解:
解説:
Reference:
https://docs.microsoft.com/en-us/azure/virtual-machines/extensions/dsc-overview
質問 # 117
How should you complete the code to initialize App Center in the mobile application? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection a worth one point.
正解:
解説:
質問 # 118
Your company has a project in Azure DevOps.
You plan to create a release pipeline that will deploy resources by using Azure Resource Manager templates.
The templates will reference secrets stored in Azure Key Vault.
You need to recommend a solution for accessing the secrets stored in the key vault during deployments. The solution must use the principle of least privilege.
What should you include in the recommendation? To answer, drag the appropriate configurations to the correct targets. Each configuration may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
正解:
解説:
Box 1: RBAC
Management plane access control uses RBAC.
The management plane consists of operations that affect the key vault itself, such as:
* Creating or deleting a key vault.
* Getting a list of vaults in a subscription.
* Retrieving Key Vault properties (such as SKU and tags).
* Setting Key Vault access policies that control user and application access to keys and secrets.
Box 2: RBAC
References:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-tutorial-use-key-vault
質問 # 119
How should you configure the release retention policy for the investment planning applications suite? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation
Scenario: By default, all releases must remain available for 30 days, except for production releases, which must be kept for 60 days.
Box 1: Set the default retention policy to 30 days
The Global default retention policy sets the default retention values for all the build pipelines. Authors of build pipelines can override these values.
Box 2: Set the stage retention policy to 60 days
You may want to retain more releases that have been deployed to specific stages.
References: https://docs.microsoft.com/en-us/azure/devops/pipelines/policies/retention
質問 # 120
Your company is concerned that when developers introduce open source libraries, it creates licensing compliance issues.
You need to add an automated process to the build pipeline to detect when common open source libraries are added to the code base.
What should you use?
- A. SourceGea
- B. Jenkins
- C. Code Style
- D. Black Duck
- E. OWASP ZAP
- F. Microsoft Visual SourceSafe
正解:D
解説:
Secure and Manage Open Source Software
Black Duck helps organizations identify and mitigate open source security, license compliance and code-quality risks across application and container portfolios.
Black Duck Hub and its plugin for Team Foundation Server (TFS) allows you to automatically find and fix open source security vulnerabilities during the build process, so you can proactively manage risk. The integration allows you to receive alerts and fail builds when any Black Duck Hub policy violations are met.
Note: WhiteSource would also be a good answer, but it is not an option here.
Reference:
https://marketplace.visualstudio.com/items?itemName=black-duck-software.hub-tfs
質問 # 121
You are building an application that has the following assets:
Source code
Logs from automated tests and builds
Large and frequently updated binary assets
A common library used by multiple applications
Where should you store each asset? To answer, drag the appropriate Azure services to the correct assets. Each service may be used once. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
正解:
解説:
Reference:
https://docs.microsoft.com/en-us/azure/devops/repos/get-started/what-is-repos
https://azure.microsoft.com/en-us/services/devops/artifacts/
https://docs.microsoft.com/en-us/azure/devops/pipelines/test/review-continuous-test-results-after-build
質問 # 122
You have a build pipeline in Azure Pipelines that uses different jobs to compile an application for 10 different architectures.
The build pipeline takes approximately one day to complete.
You need to reduce the time it takes to execute the build pipeline
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point
- A. Create a deployment group.
- B. Move to a blue/green deployment pattern.
- C. Reduce the size of the repository.
- D. Increase the number of parallel jobs.
- E. Create an agent pool.
正解:D、E
解説:
Explanation
Question: I need more hosted build resources. What can I do?
answer: The Azure Pipelines pool provides all Azure DevOps organizations with cloud-hosted build agents and free build minutes each month. If you need more Microsoft-hosted build resources, or need to run more jobs in parallel, then you can either:
Host your own agents on infrastructure that you manage.
Buy additional parallel jobs.
Reference:
https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/pools-queues
質問 # 123
You need to deploy Azure Kubernetes Service (AKS) to host an application. The solution must meet the following requirements:
* Containers must only be published internally.
* AKS clusters must be able to create and manage containers in Azure.
What should you use for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation
Box 1: Azure Container Registry
Azure services like Azure Container Registry (ACR) and Azure Container Instances (ACI) can be used and connected from independent container orchestrators like kubernetes (k8s). You can set up a custom ACR and connect it to an existing k8s cluster to ensure images will be pulled from the private container registry instead of the public docker hub.
Box 2: An Azure service principal
When you're using Azure Container Registry (ACR) with Azure Kubernetes Service (AKS), an authentication mechanism needs to be established. You can set up AKS and ACR integration during the initial creation of your AKS cluster. To allow an AKS cluster to interact with ACR, an Azure Active Directory service principal is used.
References:
https://thorsten-hans.com/how-to-use-private-azure-container-registry-with-kubernetes
https://docs.microsoft.com/en-us/azure/aks/cluster-container-registry-integration
質問 # 124
......
注目すべき時短になるAZ-400オールインワン試験ガイド:https://www.goshiken.com/Microsoft/AZ-400-mondaishu.html
検証された材料は決まってこれ!AZ-400:https://drive.google.com/open?id=10rJEcP6nJfVT3j9Svb2sGFlAHfo3swrY