AZ-400 Microsoft Azure DevOps Solutions
You use Azure Artifacts to host NuGet packages that you create. You need to make one of the packages available to anonymous users outside your organization. The solution must minimize the number of publication points. What should you do?
A. Change the feed URL of the package
B. Create a new feed for the package
C. Promote the package to a release view.
D. Publish the package to a public NuGet repository.
Correct Answer: B
Azure Artifacts introduces the concept of multiple feeds that you can use to organize and control access to your packages. Packages you host in Azure Artifacts are stored in a feed. Setting permissions on the feed allows you to share your packages with as many or as few people as your scenario requires. Feeds have four levels of access: Owners, Contributors, Collaborators, and Readers.
Your company plans to use an agile approach to software development. You need to recommend an application to provide communication between members of the development team who work in locations around the world. The applications must meet the following requirements: Provide the ability to isolate the members of different project teams into separate communication channels and to keep a history of the chats within those channels. Be available on Windows 10, Mac OS, iOS, and Android operating systems. Provide the ability to add external contractors and suppliers to projects. Integrate directly with Azure DevOps.What should you recommend?
A. Microsoft Project
C. Microsoft Lync
D. Microsoft Teams
Correct Answer: D
Within each team, users can create different channels to organize their communications by topic. Each channel can include a couple of users or scale to thousands of users. Microsoft Teams works on Android, iOS, Mac and Windows systems and devices. It also works in Chrome, Firefox, Internet Explorer 11 and Microsoft Edge web browsers. The guest-access feature in Microsoft Teams allows users to invite people outside their organizations to join internal channels for messaging,meetings and file sharing. This capability helps to facilitate business-to-business project management. Teams integrate with Azure DevOps.Note: Slack would also be a correct answer, but it is not an option here.
You need to recommend project metrics for dashboards in Azure DevOps.Which chart widgets should you recommend for each metric? To answer, drag the appropriate chart widgets to the correct metrics. Each chart widget may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.NOTE: Each correct selection is worth one point.
Select and Place:
Box 1: Lead timeLead time measures the total time elapsed from the creation of work items to their completion.
Box 2: Cycle timeCycle time measures the time it takes for your team to complete work items once they begin actively working on them.
Box 3: BurndownBurndown charts focus on remaining work within a specific time period. Incorrect Answers: Velocity provides a useful metric for these activities: Support sprint planning forecast future sprints and the backlog items that can be completed
A guide for determining how well the team estimates and meets their planned commitments
You manage to build pipelines and deployment pipelines by using Azure DevOps.Your company has a team of 500 developers. New members are added continually to the team. You need to automate the management of users and licenses whenever possible. Which task must you perform manually?
A. modifying group memberships
B. adding users
C. assigning entitlements
D. procuring licenses
Correct Answer: D
A: You can seamlessly replace existing solutions with group-based licensing to more easily manage licenses in Azure DevOps. You can use Grouprules.C: Member Entitlement Management APIs allow managing Entitlements that include –
- Project/Team memberships
You need to increase the security of your team’s development process. Which type of security tool should you recommend for each stage of the development process? To answer, drag the appropriate security tools to the correct stages. Each security tool may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:
Box 1: Threat modelingThreat modeling’s motto should be, “The earlier the better, but not too late and never ignore.”
Box 2: Static code analysisValidation in the CI/CD begins before the developer commits his or her code. Static code analysis tools in the IDE provide the first line of defense to help ensure that security vulnerabilities are not introduced into the CI/CD process.
Box 3: Penetration testingOnce your code quality is verified, and the application is deployed to a lower environment like development or QA, the process should verify that there are not any security vulnerabilities in the running application. This can be accomplished by executing an automated penetration test against the running application to scan it for vulnerabilities.