DRAG DROP - (Topic 4)
Your company has a project in Azure DevOps.
You plan to create a release pipeline that will deploy resources by using Azure Resource Manager templates. The templates will reference secrets stored in Azure Key Vault.
You need to recommend a solution for accessing the secrets stored in the key vault during deployments. The solution must use the principle of least privilege.
What should you include in the recommendation? To answer, drag the appropriate configurations to the correct targets. Each configuration may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Solution:
Box 1: A key Vault advanced access policy
Box 2: RBAC
Management plane access control uses RBAC.
The management plane consists of operations that affect the key vault itself, such as:
✑ Creating or deleting a key vault.
✑ Getting a list of vaults in a subscription.
✑ Retrieving Key Vault properties (such as SKU and tags).
✑ Setting Key Vault access policies that control user and application access to keys and secrets.
References: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-tutorial-use-key-vault
Does this meet the goal?
Correct Answer:
A
DRAG DROP - (Topic 4)
You have a private project in Azure DevOps and two users named User1 and User2. You need to add User1 and User2 to groups to meet the following requirements:
✑ User1 must be able to create a code wiki.
✑ User2 must be able to edit wiki pages.
✑ The solution must use the principle of least privilege.
To which group should you add each user? To answer, drag the appropriate groups to the correct users. Each group may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Solution:
User1: Project Administrators
You must have the permission Create Repository to publish code as wiki. By default, this permission is set for members of the Project Administrators group.
User2: Contributors
Anyone who is a member of the Contributors security group can add or edit wiki pages. Anyone with access to the team project, including stakeholders, can view the wiki.
Does this meet the goal?
Correct Answer:
A
- (Topic 4)
You have an existing project in Azure DevOps.
You plan to integrate GitHub as the repository for the project
You need to ensure that Azure Pipelines runs under the Azure Pipelines identity Which authentication mechanism should you use?
Correct Answer:
A
GitHub App uses the Azure Pipelines identity.
Reference:
https://docs.microsoft.com/en-us/azure/devops/pipelines/repos/github
- (Topic 4)
You plan to use Azure DevOps to build and deploy an app that will be hosted in a Kubernetes cluster.
You need to scan the app image for vulnerabilities before the image is deployed to the
cluster.
What should you include in the solution?
Correct Answer:
C
DRAG DROP - (Topic 4)
You need to recommend project metrics for dashboards in Azure DevOps.
Which chart widgets should you recommend for each metric? To answer, drag the appropriate chart widgets to the correct metrics. Each chart widget may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Solution:
Box 1: Lead time
Lead time measures the total time elapsed from the creation of work items to their completion.
Box 2: Cycle time
Cycle time measures the time it takes for your team to complete work items once they begin actively working on them.
Box 3: Burndown
Burndown charts focus on remaining work within a specific time period.
Does this meet the goal?
Correct Answer:
A
