Free Practice Questions for Microsoft AZ-400 Exam

Step 1: Navigate to Project Settings

Navigate to Azure DevOps:

Go to Azure DevOps and sign in with your credentials.

Select Your Project:

Choose Project1 from your list of projects.

Access Project Settings:

In the left-hand menu, scroll down and select Project settings.

Step 2: Configure Retention Policies

Navigate to Pipelines Settings:

Under Pipelines, select Settings.

Set Retention Policies:

In the Retention section, set the number of days to keep artifacts, symbols, and attachments to 60 days.

Ensurethat the retention policy is applied to all relevant pipelines and branches.

Save Changes:

Click on Save to apply the retention policy1.

By following these steps, you will have successfully configured theretention policy to retain artifacts, symbols, and attachments for 60 days in Project1

Task 11: Create an Artifact Feed with Specific Retention Policies

Step 1: Navigate to Artifacts

In your Azure DevOps Project (Project1), click on the Artifacts section in the left menu.

Step 2: Create a New Feed

Click on the + New feed button.

In the Name field, enter:

nginx

Copy

artifact_feed

Choose the visibility of the feed:

Project scoped (only accessible to Project1).

Or Organization scoped (accessible across your Azure DevOps organization).

Leave other settings at default unless you have specific permissions or upstream sources.

Click Create.

This creates a new feed named artifact_feed.

Step 3: Configure Retention Policies

In the Artifacts section, click on the feed named artifact_feed to open its details page.

In the top-right corner, click on the three dots (...) and select Feed settings.

Step 4: Set the Maximum Number of Versions to Retain

In the Feed settings page, find the Retention policies section.

Set Maximum number of versions per package to:

Copy

10

Click Save.

This ensures that only the latest 10 versions of any package are retained in the feed.

Step 5: Set the Downloaded Package Retention Period

In the Feed settings page, under Retention policies, find Downloaded package retention.

Set Number of days to retain downloaded packages to:

Copy

90

Click Save.

This ensures that downloaded packages will be retained in the cache for 90 days before deletion.

Task 6: Create a Service Connection for Resource Group Deployment using Managed Identity and Workload Identity Federation

Step 1: Understand the Requirements

You want to deploy resources in the RGHod489Q1628 resource group.

The service connection must:

Use the ManagedJd1 managed identity.

Use workload identity federation (OIDC-based authentication for enhanced security).

Step 2: Verify Prerequisites

You need to ensure:

The ManagedJd1 managed identity exists in your Azure subscription.

Your Azure DevOps project (Project1) is linked to an Azure Active Directory tenant (for OIDC support).

You have the Owner or User Access Administrator role on the RGHod489Q1628 resource group.

Step 3: Assign Role to Managed Identity

Go to the Azure Portal.

In the search bar, type Managed Identities and select Managed Identities.

Locate and click on the ManagedJd1 identity.

In the left menu, click Azure role assignments.

Click + Add role assignment.

Set the following:

Scope: Resource Group

Subscription: Your subscription

Resource Group: RGHod489Q1628

Role: Contributor (or appropriate role)

Click Save.

This step ensures ManagedJd1 has permissions to deploy resources to RGHod489Q1628.

Step 4: Create a Federated Credential for Workload Identity Federation

In the Azure Portal, navigate to the ManagedJd1 managed identity.

In the left menu, click Workload identity federation (preview).

Click + Add a federated credential.

Configure as follows:

Federated credential name: devops-oidc

Issuer: https://vstoken.actions.githubusercontent.com (or use the default https://pipelines.actions.githubusercontent.com for Azure DevOps)

Subject identifier: Use the following format for Azure DevOps:

css

Copy

system:azuredevops:{organizationName}:{projectName}

For example:

css

Copy

system:azuredevops:{YourOrganizationName}:{Project1}

Audience: api://AzureADTokenExchange

Click Add.

This federated credential establishes trust between your Azure DevOps project and the managed identity.

Step 5: Create a Service Connection in Azure DevOps

Go to your Azure DevOps project (Project1) in the browser.

In the left menu, click Project settings.

Under Pipelines, click Service connections.

Click New service connection.

Choose Azure Resource Manager.

Choose the authentication method:

Select Workload identity federation.

Configure the service connection:

Scope level: Resource Group.

Resource Group: RGHod489Q1628.

Subscription: Your subscription.

Authentication method: Managed Identity with workload identity federation.

Managed Identity: Enter the client ID or select ManagedJd1.

Service connection name: e.g., Project1-RGHod489Q1628-Conn.

Grant access permission to all pipelines (recommended).

Click Save.

Step 6: Validate the Service Connection

After creation, click on the new service connection to Verify it.

Ensure the connection test is successful.

You can now use this service connection in your pipelines for deploying resources to RGHod489Q1628.

QUESTIONNO: 4

You need !0 the merge the POC branch into the default branch. The solution must meet the technical requirements. Which command should you run?

A. it push

B. git merge -- allow-unrelated-histories

C. git rebase

D. git merge --squash

Answer: C

Scenario: Deploy App2 to an Azure virtual machine named VM1.

A personal access token (PAT) is used as an alternatepassword to authenticate into Azure DevOps.

Woodgrove Bank plans to implement the following changes to the identity environment:

Configure App1 to use a service principal.

Box 1: Azure Boards

Azure Boards can be used to track work with Kanban boards, backlogs, team dashboards, and custom reporting

You can create multiple Trello boards, which are spaces to store tasks (for different work contexts, or even private boards)

You can easily shareTrello boards with another person.

Box 2: Azure Pipelines

You can use Bamboo to implement CI/CD (Continuous Integration and Continuous Delivery) for a simple Azure function app using Atlassian Bamboo. Bamboo does continuous delivery of the project fromsource code to deployment. It has stages including Build, Test and Deploy.

Software teams in every industry are upgrading their continuous delivery pipeline with Bamboo. Easy build import from popular open source tools, user and group import from JIRA, seamless integration with Bitbucket, and native support for Git, Hg, and SVN means you'll be building and deploying like a champ.

Box 3: GitHub repositories

Bitbucket can be used as the Git repository, but you can use any other Git repository (Like TFS Git)for source control of the code.

Step 1: Log in to the Azure Portal

Go to https://portal.azure.com .

Log in with your Azure account.

Step 2: Create an Azure App Configuration Instance

In the search bar at the top, type “App Configuration” and select App Configuration from the search results.

Click + Create.

Fill in the required fields:

Subscription: Your Azure subscription.

Resource Group: Create a new one or select an existing one.

Name: Provide a globally unique name (for example, myappconfig-instance).

Location: Choose a region close to your application.

Click Review + Create, then Create.

The instance will take a few seconds to deploy.

Step 3: Access the App Configuration Instance

Once the deployment is complete, click Go to resource.

You are now in the App Configuration resource.

Step 4: Enable Feature Management

In the left menu, click on Feature Manager (Preview).

Click + Add to create a new feature flag.

Step 5: Create the Feature Flag

Provide the following details:

Feature flag name: feature1

Label: (optional)

Description: (optional)

State: Set to Enabled.

Click on the Add filters link if you want to add targeting filters (optional).

Click Save to create the feature flag.

Step 6: Set the Expiration Date for the Feature Flag

In the Feature Manager list, find the newly created feature1 flag.

Click on the three dots (context menu) next to feature1 and select Edit.

In the Edit feature pane, look for the Expiration date setting.If there is no direct UI for expiration date, you can store it as a custom key-value (metadata).

Here’s how to store expiration as metadata:

In the App Configuration left menu, click on Configuration Explorer.

Locate the key: .appconfig.featureflag/feature1.

Click on the key to edit.

Add a new label or add a custom key in the Content type or tags section to store expiration metadata:

Key: expiration

Value: yyyy-MM-dd (set to today + 7 days)

For example, if today is June 4, 2025, set the expiration as 2025-06-11.

Scenario: Implement Project3, Project5,Project6, and Project7 based on the planned changes

Step 1: Open the release pipeline editor.

In the Releases tab of Azure Pipelines, select your release pipeline and choose Edit to open the pipeline editor.

Step 2: Enable Gates.

Choose thepre-deployment conditions icon for the Production stage to open the conditions panel. Enable gates by using the switch control in the Gates section.

Step 3: Add Query Work items.

Choose + Add and select the Query Work Items gate.

Configure the gate by selecting an existing work item query.

Note: A case for release gate is:

Incident and issues management. Ensure the required status for work items, incidents, and issues. For example, ensure deployment occurs only if no priority zero bugs exist, and validation that there are no active incidents takes place after deployment.