Hello Readers, have you enrolled for the Microsoft exam AZ-400 Designing and Implementing Azure DevOps Engineer- Expert ? Are you willing to take up the exam and get certified? It is time to check your skills and review some sample questions that may appear for the AZ-400 certification exam.
Here goes the quiz:
- Azure resources deployed via Ansible are found to be going around in a loop and unable to proceed, resulting in a deployment failure. What is the correct way of deploying resources in the above case? (Select all correct answers)
a. Redeploy after providing additional Azure policies
b. Rerun the Ansible playbook
c. Move some deployment operations into child resources which can be deployed after the resources with the circular dependency
d. Evaluate your template to see if any dependencies are not needed and can be removed
- The client is using one of the configuration management tools to deploy their resources. A security group attached to VM is found to have additional rules configured for port number 22 because of configuration drift. What are the best solutions for managing configuration drift? (Select all correct answers)
a. Use Windows PowerShell Desired State Configuration
b. Enforce policies and compliance standards for Azure resourcesc. Manually change the security group
d. Delete and recreate security group
- The user is deploying infrastructure via Resource Manager Deployment and wants to use Azure key vault for passing secrets. What are the steps needed to execute before deploying the resources? (Select all correct answers)
a. Template must have Microsoft.KeyVault/vaults/deploy/action
b. Set the key vault property enabledForDeployment
c. Set the key vault property enabledForTemplateDeployment
d. Template must have Microsoft.compute/KeyVault/vaults/deploy/action
- You want to deploy resources in a subscription and make them available to all resource groups. Which of the below services are required?
a. RBAC, Azure Security Center
b. Azure Policy, RBAC
c. Azure Policy, RBAC, Azure Security Center
d. Azure Security Center, Azure Policy
- A developer using Azure CLI wants to know the commands that might help him manage a storage bloB. Which is the most appropriate command that needs to be executed
a. az find storage blob –help
b. az find –query blob
c. az storage blob –help
d. az find blob
- A user is trying to get the image from the ACR repository for deploying into the existing AKS cluster. On doing so, he is getting the ImagePullBackoff error. What are the troubleshooting steps he should take?
a. az aks create -n <cluster name> -g <resourcegroup name> –attach-acr <acr name>
b. az aks update -n <cluster name> -g <resourcegroup name> –attach-acr <acr name/acr resource id>
c. az aks create -n <cluster name> -g <resourcegroup name> –generate-ssh-keys –attach-acr <acr name>
d. az aks update-credentials -n <cluster name> -g <resourcegroup name> –attach-acr <acr name>
- An Organization is running a monolithic financial management application. They want to have dev stages environments to run the transactions tested by different teams. The team is planning to move the architecture into microservices. What could be the best reason behind this scenario?
a. Very easy to adopt as the cloud-native solution.
b. Microservices reduces the cost of infrastructure provisioning significantly
c. For achieving security Compliance
d. Each microservice can be scaled deployed managed independently with high agility
- The developer who wanted to optimize the Dockerfile with better readability and maintenance has decided to use Multiple Stage Builds. What are the considerations for having Multiple Stage Builds?
a. Adopt Container Modularity
b. Choose an Appropriate Base
c. All the above
d. Avoid Including Application Data
e. Avoid Unnecessary Packages
- A Game company has a global mobile application. As they have added some new features in the application. They want to serve users to get confidence about the stability of the new features on the application. Which deployment strategy will be suitable for them to follow?
a. Ramped deployment strategy
b. Blue-Green deployment strategy
c. Canary deployment strategy
- In Azure DevOps, what will be the best practice of using dynamic variables for build pipelines?
a. By adding the variable while configuring build pipelines
b. By prompting the user to add variables on builds
c. By linking Variable Group with the build pipelines
d. By adding the variables in the repository
Explanation: Evaluate your template to see if any dependencies are not needed and can be removed. Move some deployment operations into child resources which can be deployed after the resources with the circular dependency to resolve the problem.
Explanation: DSC is a management platform in PowerShell that enables you to manage your IT and development infrastructure with configuration as code. Create policies at the core of Azure to govern every existing resource or resource to be deployed. New policy constructs allow you to measure your VM configuration and discover configuration drifts.
Explanation: Instead of putting a secure value (like a password) directly in your template or parameter file, you can retrieve the value from an Azure Key Vault during deployment. You retrieve the value by referencing the key vault and secret in your parameter file. To access a key vault during template deployment, set enabledForTemplateDeployment on the key vault to true. The user who deploys the template must have Microsoft.KeyVault/vaults/deploy/action permission for the scope of the resource group and key vault.
Azure Policy evaluates the state by examining properties on resources that are represented in Resource Manager and RBAC focuses on managing user actions at different scopes. Azure Security Center helps you to monitor all the available security recommendations.
Explanation: The az find command provides you with example commands based on Azure documentation and usage patterns of the Azure CLI and Azure Resource Manager users
Explanation: Integrate an existing ACR with existing AKS clusters by supplying valid values for acr-name or acr-resource-id use command az aks update -n <cluster name> -g <resourcegroup name> –attach-acr <acr-name/acr-resource-id>
Explanation: Microservices can be deployed in different environments and scaled accordingly. Each microservice can be deployed, managed independently without affecting other services running on the environment.
Explanation: Multi-stage build is a new feature requiring Docker 17.05 or higher on the daemon and client. Multistage builds is useful to anyone who has struggled to optimize Docker files while keeping them easy to read and maintain.
Explanation: Canary deployments are a pattern for rolling out releases to a subset of users or servers. The idea is to first deploy the change to a small subset of servers, test it, and then roll the change out to the rest of the servers.
Explanation: Variable Groups is used to store pipeline based variable and can be linked with Azure Key Vault.
This brings us to the end of the correct answers section. For more such practice sessions and hands-on labs, check out TestPrep material.
Disclaimer: These questions are NOT appearing in the certification exam. I personally or CloudThat do not have any official tie-up with Microsoft regarding the certification or the kind of questions asked. These are my best guesses for the kind of questions to expect with Microsoft in general and with the examination.
Feel free to drop any questions in the comment box, I would love to address them. I hope you enjoyed the article. Best of luck!