AZ-400 Free Practice Test

- (Exam Topic 4)
You are designing an Azure DevOps strategy for your company’s development team. You suspect that the team’s productivity is low due to accumulate technical debt. You need to recommend a metric to assess the amount of the team’s technical debt. What should you recommend?

1. A. the number of code modules in an application
2. B. the number of unit test failures
3. C. the percentage of unit test failures
4. D. the percentage of overall time spent on rework

Correct Answer: D

- (Exam Topic 4)
You manage a website that uses an Azure SQL Database named db1 in a resource group named RG1lod11566895.
You need to modify the SQL database to protect against SQL injection. To complete this task, sign in to the Microsoft Azure portal.
Solution:
Set up Advanced Threat Protection in the Azure portal
* 1. Sign into the Azure portal.
* 2. Navigate to the configuration page of the server you want to protect. In the security settings, select Advanced Data Security.
* 3. On the Advanced Data Security configuration page:

* 4. Enable Advanced Data Security on the server.
Note: Advanced Threat Protection for Azure SQL Database detects anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases. Advanced Threat Protection can identify
Potential SQL injection, Access from unusual location or data center, Access from unfamiliar principal or potentially harmful application, and Brute force SQL credentials
Reference:
https://docs.microsoft.com/en-us/azure/storage/common/storage-account-create https://docs.microsoft.com/en-us/azure/azure-sql/database/threat-detection-configure

Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

- (Exam Topic 4)
You have an Azure DevOps project that uses many package feeds.
You need to simplify the project by using a single feed that stores packages produced by your company and packages consumed from remote feeds. The solution must support public feeds and authenticated feeds.
What should you enable in DevOps?

1. A. Universal Packages
2. B. views in Azure Artifacts
3. C. upstream sources
4. D. a symbol server

Correct Answer: C

- (Exam Topic 4)
You have an Azure DevOps project named Project1 and an Azure subscription named Sub1. Sub1 contains an Azure virtual machine scale set named VMSS1. VMSS1 hosts a web application named
WebApp1. WebApp1 uses stateful sessions.
The WebApp1 installation is managed by using the Custom Script extension. The script resides in an Azure Storage account named sa1.
You plan to make a minor change to a UI element of WebApp1 and to gather user feedback about the change. You need to implement limited user testing for the new version of WebApp1 on VMSS1.
Which three actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

1. A. Modify the load balancer settings of VMSS1.
2. B. Redeploy VMSS1.
3. C. Upload a custom script file to sa1.
4. D. Modify the Custom Script extension settings of VMSS1.
5. E. Update the configuration of a virtual machine in VMSS1.

Correct Answer: BCD

- (Exam Topic 4)
Your company develops a client banking application that processes a large volume of data.
Code quality is an ongoing issue for the company. Recently, the code quality has deteriorated because of an increase in time pressure on the development team.
You need to implement static code analysis.
During which phase should you use static code analysis?

1. A. build
2. B. production release
3. C. staging
4. D. integration testing

Correct Answer: A
The Secure Development Lifecycle (SDL) Guidelines recommend that teams perform static analysis during the implementation phase of their development cycle.
Note: The company should focus in particular on the implementation of DevOps tests to assess the quality of the software from the planning stage to the implementation phase of the project.
References: https://secdevtools.azurewebsites.net/