NEW QUESTION 1
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an approval process that contains a condition. The condition requires that releases be approved by a team leader before they are deployed.
You haw a pokey stating that approvals must occur within eight hours.
You discover that deployments only if the approvals take longer than two hours. You need to ensure that the deployments only fail if the approvals take longer than hours.
Solution From Post -deployment conditions, you modify the Timeout setting for post-deployment approvals.
Does this meet the goal?

• A. Yes
• B. NO

Answer: B

NEW QUESTION 2
Your company . concerned that when developers introduce open source Libraries, it creates licensing compliance issues.
You need to add an automated process to the build pipeline to detect when common open source libraries are added to the code base.
What should you use?

• A. Code Style
• B. Microsoft Visual SourceSafe
• C. Black Duck
• D. Jenkins

Answer: C

Explanation:
Secure and Manage Open Source Software
Black Duck helps organizations identify and mitigate open source security, license compliance and code-quality risks across application and container portfolios. Black Duck Hub and its plugin for Team Foundation Server (TFS) allows you to automatically find and fix open source security vulnerabilities during the build process, so you can proactively manage risk. The integration allows you to receive alerts and fail builds when any Black Duck Hub policy violations are met.
Note: WhiteSource would also be a good answer, but it is not an option here. References:
https://marketplace.visualstudio.com/items?itemName=black-duck-software.hub-tfs

NEW QUESTION 3
Your company is building a new solution in Java.
The company currently uses a SonarQube server to analyze the code of .NET solutions.
You need to analyze and monitor the code quality of the Java solution. Which task types should you add to the build pipeline?

• A. Octopus
• B. Chef
• C. Maven
• D. Grunt

Answer: A

NEW QUESTION 4
You plan to share packages that you wrote, tested, validated, and deployed by using Azure Artifacts.
You need to release multiple builds of each package by using a single feed. The solution must limit the release of packages that are in development.
What should you use?

• A. global symbols
• B. local symbols
• C. upstream sources
• D. views

Answer: C

Explanation:
Upstream sources enable you to manage all of your product's dependencies in a single feed. We recommend publishing all of the packages for a given product to that product's feed, and managing that product's dependencies from remote feeds in the same feed, via upstream sources. This setup has a few benefits:
„hSimplicity: your NuGet.config, .npmrc, or settings.xml contains exactly one feed (your feed).
„hDeterminism: your feed resolves package requests in order, so rebuilding
the same codebase at the same commit or changeset uses the same set of packages
„hProvenance: your feed knows the provenance of packages it saved via upstream sources, so you can verify that you're using the original package, not a custom or malicious copy published to your feed
„hPeace of mind: packages used via upstream sources are guaranteed to be saved in the feed on first use; if the upstream source is disabled/removed, or the remote feed goes down or deletes a package you depend on, you can continue to develop and build
References: https://docs.microsoft.com/enus/ azure/devops/artifacts/concepts/upstream-sources?view=vsts

NEW QUESTION 5
DRAG DROP
You need to use Azure Automation Sure Configuration to manage the ongoing consistency of virtual machine configurations.
Which five actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in
the correct order.
NOTE: More than one order of answer choices in correct. You writ receive credit for any of the orders you select.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Step 1: Assign the node configuration.
You create a simple DSC configuration that ensures either the presence or absence of the Web-Server Windows Feature (IIS), depending on how you assign nodes. Step 2: Upload a configuration to Azure Automation State Configuration.
You import the configuration into the Automation account. Step 3: Compiling a configuration into a node configuration Compiling a configuration in Azure Automation
Before you can apply a desired state to a node, a DSC configuration defining that state must be compiled into one or more node configurations (MOF document), and placed on the Automation DSC Pull Server.
Step 4: Onboard the virtual machines to Azure State Configuration Onboarding an Azure VM for management with Azure Automation State Configuration
Step 5: Check the compliance status of the node.
Viewing reports for managed nodes. Each time Azure Automation State Configuration performs a consistency check on a managed node, the node sends a status report back to the pull server. You can view these reports on the page for that node.
On the blade for an individual report, you can see the following status information for the corresponding consistency check:
The report status ¡X whether the node is "Compliant", the configuration "Failed", or the node is "Not Compliant" (when the node is in ApplyandMonitor mode and the machine is not in the desired state).
References: https://docs.microsoft.com/en-us/azure/automation/automation-dscgetting- started

NEW QUESTION 6
Your company has a hybrid cloud between Azure and Azure Stack.
The company uses Azure DevOps for its CI/CD pipelines. Some applications are built by using Erlang and Hack.
You need to ensure that Erlang and Hack are supported as part of the build strategy across the hybrid cloud. The solution must minimize management overhead. What should you use to execute the build pipeline?

• A. AzureDevOps self-hosted agents on Azure DevTest Labs virtual machines.
• B. AzureDevOps self-hosted agents on virtual machine that run on Azure Stack
• C. AzureDevOps self-hosted agents on Hyper-V virtual machines
• D. a Microsoft-hosted agent

Answer: B

Explanation:
Azure Stack offers virtual machines (VMs) as one type of an on-demand, scalable computing resource. You can choose a VM when you need more control over the computing environment.
References: https://docs.microsoft.com/en-us/azure/azure-stack/user/azure-stackQuestions& Answers PDF P-11 compute-overview

NEW QUESTION 7
You manage build pipelines and deployment pipelines by using Azure DevOps.
Your company has a team of 500 developers. New members are added continual lo the team
You need to automate me management of users and licenses whenever possible Which task must you perform manually?

• A. modifying group memberships
• B. procuring licenses
• C. adding users
• D. assigning entitlements

Answer: B

Explanation:
References:
https://docs.microsoft.com/en-us/azure/devops/organizations/accounts/migrate-togroup- based-resource-management?view=vsts&tabs=new-nav https://docs.microsoft.com/enus/ rest/api/azure/devops/memberentitlementmanagement/?view=azure-devopsrest-
5.0

NEW QUESTION 8
Your company has a project in Azure DevOps.
You need to ensure that when there are multiple builds pending deployment only the most recent build is deployed.
What should you use?

• A. deployment queue settings
• B. deployment conditions
• C. release gates
• D. pull request triggers

Answer: A

NEW QUESTION 9
Your company develops a client banking application that processes a large volume of data.
Code quality is an ongoing issue for the company. Recently, the code quality has deteriorated because of an increase in time pressure on the development team. You need to implement static code analysis.
During which phase should you use static code analysis?

• A. build
• B. production release
• C. staging
• D. integration testing

Answer: B

NEW QUESTION 10
You are automating the build process for a Java-based application by using Azure DevOps.
You need to add code coverage testing and publish the outcomes to the pipeline. What should you use?

• A. Cobertura
• B. Bullseye Coverage
• C. MSTest
• D. Coverlet

Answer: A

Explanation:
Use Publish Code Coverage Results task in a build pipeline to publish code coverage results to Azure Pipelines or TFS, which were produced by a build in Cobertura or JaCoCo format.
References: https://docs.microsoft.com/enus/azure/devops/pipelines/tasks/test/publish-code-coverage-results

NEW QUESTION 11
DRAG DROP
You need to configure access to Azure DevOps Agent pools to meet the forwarding requirements:
¡E Use a project agent pool when authoring build release pipelines.
¡E View the agent pool and agents of the organization.
¡E Use the principle of least privilege.
Which role memberships are required for the Azure 0e%Oos organization and the project? To answer, drag the appropriate role membership to the correct targets.
Each role membership may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to content
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

Box 1: Reader
Members of the Reader role can view the organization agent pool as well as agents. You typically use this to add operators that are responsible for monitoring the agents and their health.
Box 2: Service account
Members of the Service account role can use the organization agent pool to create a project agent pool in a project. If you follow the guidelines above for creating new project agent pools,
you typically do not have to add any members here. Incorrect Answers:
In addition to all the permissions given the Reader and the Service Account role, members of the administrator role can register or unregister agents from the organization agent pool. They can also refer to the organization agent pool when creating a project agent pool in a project. Finally, they can also manage membership for all roles of the organization agent pool. The user that created the organization agent pool is automatically added to the Administrator role for that pool.
References: https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/poolsqueues

NEW QUESTION 12
Your company is concerned that when developers introduce open source libraries, it creates licensing compliance issues.
You need to add an automated process to the build pipeline to detect when common open source libraries are added to the code base.
What should you use?

• A. Microsoft Visual SourceSafe
• B. PDM
• C. WhiteSource
• D. OWASP ZAP

Answer: C

Explanation:
WhiteSource is the leader in continuous open source software security and compliance management. WhiteSource integrates into your build process, irrespective of your programming languages, build tools, or development environments. It works automatically, continuously, and silently in the background, checking the security, licensing, and quality of your open source components against WhiteSource constantly-updated definitive database of open source repositories.
Azure DevOps integration with WhiteSource Bolt will enable you to:
„hDetect and remedy vulnerable open source components.
„hGenerate comprehensive open source inventory reports per project or build.
„hEnforce open source license compliance, including dependencies¡¦ licenses.
„hIdentify outdated open source libraries with recommendations to update. References: https://www.azuredevopslabs.com/labs/vstsextend/WhiteSource/

NEW QUESTION 13
Note: This question n part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution
After you answer a question in this section, you will NOT be able to return to it. As a result these questions will not appear in the review screen.
You have an approval process that contains a condition. The condition requires that releases be approved by a team leader before they are deployed.
You have a policy stating that approvals must occur within eight hours.
You discover that deployments fail if the approvals lake longer than two hours. You need to ensure that the deployments only fail if the approvals take longer than eight hours.
Solution: From Pre-deployment conditions, you modify the Timeout setting for predeployment approvals.
Does this meet the goal?

• A. Yes
• B. No

Answer: B

Explanation:
Use a gate instead of an approval instead.
References: https://docs.microsoft.com/enus/ azure/devops/pipelines/release/approvals/gates

NEW QUESTION 14
You have an Azure Resource Manager template that deploys a multi-tier application. You need to prevent the user who performs the deployment from viewing the account credentials and connection strings used by the application.
What should you use?

• A. an Azure Resource Manager parameter file
• B. an Azure Storage table
• C. an Appsettings.json files
• D. Azure Key Vault
• E. a Web.config file

Answer: D

Explanation:
When you need to pass a secure value (like a password) as a parameter during deployment, you can retrieve the value from an Azure Key Vault. You retrieve the value by referencing the key vault and secret in your parameter file. The value is never exposed because you only reference its key vault ID. The key vault can exist in a different subscription than the resource group you are deploying to. References: https://docs.microsoft.com/en-us/azure/azure-resourcemanager/ resource-manager-keyvault-parameter

NEW QUESTION 15
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an approval process that contains a condition. The condition requires that releases be approved by a team leader before they are deployed.
You have a policy stating that approvals must occur within eight hours.
You discover that deployment fail if the approvals take longer than two hours. You need to ensure that the deployments only fail if the approvals take longer than eight hours.
Solution: From Pre-deployment conditions, you modify the Time between reevaluation of gates option.
Does this meet the goal?

• A. Yes
• B. No

Answer: A

Explanation:
Gates allow automatic collection of health signals from external services, and then promote the release when all the signals are successful at the same time or stop the deployment on timeout. Typically, gates are used in connection with incident management, problem management, change management, monitoring, and external approval systems.
References: https://docs.microsoft.com/enus/ azure/devops/pipelines/release/approvals/gates
Approvals and gates give you additional control over the start and completion of the deployment pipeline. Each stage in a release pipeline can be configured with predeployment and post-deployment conditions that can include waiting for users to
manually approve or reject deployments, and checking with other automated systems until specific conditions are verified.

NEW QUESTION 16
You have a GitHub repository.
You create a new repository in Azure DevOps.
You need to recommend a procedure to clone the repository from GitHub to Azure DevOps.
What should you recommend?

• A. Create a webhook.
• B. Create a service connection for GitHub.
• C. From Import a Git repository, click Import
• D. Create a pull request.
• E. Create a personal access token in Azure DevOp

Answer: C

NEW QUESTION 17
HOTSPOT
Your company uses Team Foundation Server 2013 (TFS 2013). You plan to migrate to Azure DevOps.
You need to recommend a migration strategy that meets the following requirements:
„hPreserves the dates of Team Foundation Version Control changesets
„hPreserves the changes dates of work items revisions
„hMinimizes migration effort
„hMigrates all TFS artifacts
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Box 1: Upgrade TFS to the most recent RTM release.
One of the major prerequisites for migrating your Team Foundation Server database is to get your database schema version as close as possible to what is currently deployed in Azure Devops Services.
Box 2: Use the TFS Database Import Service
In Phase 3 of your migration project, you will work on upgrading your Team Foundation Server to one of the supported versions for the Database Import Service in Azure Devops Services.
References: Team Foundation Server to Azure Devops Services Migration Guide

NEW QUESTION 18
HOTSPOT
You are configuring a release pipeline in Azure DevOps as shown in the exhibit.

Use the drop-down menus to select the answer choice that answers each question based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Box 1: 5
There are five stages: Development, QA, Pre-production, Load Test and Production. They all have triggers.
Box 2: The Internal Review stage References: https://docs.microsoft.com/enus/ azure/devops/pipelines/release/triggers

NEW QUESTION 19
What should you use to implement the code quality restriction on the release pipeline for the investment planning applications suite?

• A. a trigger
• B. a pre deployment approval
• C. a post-deployment approval
• D. a deployment gate

Answer: B

Explanation:
When a release is created from a release pipeline that defines approvals, the deployment stops at each point where approval is required until the specified approver grants approval or rejects the release (or re-assigns the approval to another user).
Scenario: Code quality and release quality are critical. During release, deployments must not proceed between stages if any active bugs are logged against the release. References: https://docs.microsoft.com/enus/ azure/devops/pipelines/release/approvals/approvals

NEW QUESTION 20
DRAG DROP
You plan to use Azure Kubernetes Service (AKS) to host containers deployed from images hosted in a Docker Trusted Registry.
You need to recommend a solution for provisioning and connecting to AKS. The solution must ensure that AKS is RBAC-enaWed and uses a custom service principal.
Which three commands should you recommend be run in sequence? To answer, move the appropriate commands from the list of commands to the answer area and arrange them in the coned order.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 21
......