You are developing a Microsoft .NET Core application and want to analyze the application to check whether there are any open source libraries with known security vulnerabilities being used. Which of the following products can you use for such an analysis? [Choose two.]
Jenkins
Whitesource Bolt
Snyk
App Center
You are currently using (i) JIRA, (ii) GitLab, and (iii) Octopus Deploy for some of your DevOps processes. You want to consolidate your DevOps tools and have chosen to go with Azure DevOps. Which Azure DevOps services should you use to replace these? Choose the correct service to replace these three services. [Match three pairs.]
Azure Pipelines
Azure Repos
Azure Boards
Azure Artifacts
You are evaluating different options for build agents. What are valid arguments for opting for private agents over Microsoft Hosted Agents? [Choose two.]
You need custom software to be available on the agent before any job is executed.
You need to ensure that the same environment is used for executing only one pipeline job, before being destructed.
You need direct network connectivity from the build agent to your on-premises network.
You need to ensure that you are always running on up-to-date images.
You are responsible for managing the settings of the applications your team deploys to an Azure App Service. Which of the following offerings cannot be used to achieve this?
Azure App Configuration
ARM templates
Azure Policy
Azure Key Vault
You are tasked with creating a large number of build pipelines for your team. Almost all pipelines need to have the same structure. Which Azure DevOps Pipelines construct can help you?
Branch Policies
Task Groups
Azure Artifacts
Deployment Groups
You are using Entity Framework as the database access layer from your application. You are responsible for managing database upgrades and want to use Entity Framework for this as well, to manage the database schema from code. Which type of schema migration should you use?
Migrations-based
End-state based
You need to save your local changes to a Git repository. Which commands do you need to use?
git clone and git push
git commit and git push
git add, git commit, and git push
git add and git commit
You need to prevent anyone from merging changes to the master branch if the changes do not compile or any of the unit tests fail. Which of the following can you use to accomplish this?
Branch protection center.
Azure Repos branch policies.
Azure Repos branch security.
This is not possible in Azure DevOps; you need to use another product, for example, GitHub.
Your company uses GitHub Enterprise on-premises for hosting source control. For implementing continuous integration and deployment, you are looking to use Azure DevOps. Which of the following components form a complete solution to make this possible? [Choose two.]
An external Git service connection
Opening the firewall for HTTPS connections from Azure Pipelines to GitHub Enterprise
A Git sources proxy for HTTP
On-premises agents
A new team joins the company and they have to start work on a new application. They ask you to recommend a branching strategy that allows them to work on multiple features in parallel and deploy a new version at any time, and minimizes the need for merging changes late. Which of the following do you recommend?
Create an eternal branch per team member and cherry-pick commits to merge.
Create a branch per feature and merge this branch upon completion.
Create a branch per task and merge this branch upon completion.
Create and merge a branch as often as possible when a shippable piece of work has been completed.
You are tasked with configuring source control for your team in Azure DevOps. Which of the following source control systems do you choose preferably?
TFVC
Git
Which of the following is true?
You can have as many Git and TFVC repositories in an Azure DevOps project as you want.
You can have at most one Git repository and at most one TFVC repository in an Azure DevOps project.
You can have at most one TFVC repository and as many Git repositories as you want in your Azure DevOps project.
You can have either Git repositories or TFVC repositories in an Azure DevOps project, but not both at the same time.
Your team is creating a mobile application and wants to use App Center for distributing that application to both the App Stores and the testers within the team. Which of the following should you use? [Choose two.]
Invitation-only pre-release groups
Push-to-store integration
Store Connection
Distribution Groups
You are creating a series of microservices for a new project. You are looking for a way to manage configuration from a centralized point. There are many configuration settings shared between microservices. Which of the following solutions best fits this use case?
Azure Key Vault
Azure App Configuration
Azure Configuration Center
ARM templates
You have to ensure that code cannot be checked into the master branch of a repository when it has not been viewed by at least two people. Which of the following is a complete solution for this? [Choose three.]
Enforce the use of a pull request for merging changes to the master.
Reset approval votes on the pull request for a branch when a new commit is pushed to that branch.
Have a minimum of at least two reviewers, but allow everyone to merge their own changes.
Have a minimum of at least one reviewer, not being the person who opened the pull request.
You have to sign the binaries (DLLs) that your team produces so that other teams that consume them can verify the binaries are not altered and really are the binaries originating from your team. You have to store the certificate used for signing securely. Where can you do this and still have the file available for use in your pipeline? If multiple answers fit, choose the simplest solution.
Azure Pipelines Library
Azure Key Vault
Encrypted in source control
Azure DevOps Certificate Store
You have to ensure that every build pipeline contains a task group that is pre-shared by your team. Which of the following Azure DevOps constructs can you use to do this?
Pipeline Decorators.
Pipeline Verificators.
Pipeline pre-execution tasks.
This is not possible—you have to implement a manual auditing process.
Your sources are stored in a Subversion source control system. You want to move to Azure DevOps Pipelines for continuous integration. You do not want to move your sources and connect from Pipelines to Subversion. Is this possible?
Yes
No
The development team is creating a containerized application. The solution needs to be deployed to a Kubernetes cluster in Azure. You need to create the cluster and ensure that the application is running as it should. Select which commands you should perform and place them in the correct order of execution.
kubectl apply
az group create
az aks create
az appservice plan create
kubectl get deployments
az aks get-credentials
kubectl get hpa
az create group
kubectl get services
A great advantage of running containers instead of virtual machines is that containers share the operating system kernel. This makes container images also smaller than virtual machine images. Is this correct?