Trusted Worldwide Questions & Answers
Microsoft AZ-400 Exam Actual Questions
The questions for AZ-400 were last updated on Oct 3, 2024.
- Viewing page 1 out of 102 pages.
- Viewing questions 1-5 out of 510 questions
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure pipeline that is used to deploy a web app. The pipeline includes a test suite named TestSuite1. TestSuite1 is used to validate the operations of the web app.
TestSuite1 fails intermittently.
You identify that the failures are unrelated to changes in the source code and execution environment.
You need to minimize troubleshooting effort for the TestSuite1 failures.
Solution: You increase code coverage.
Does this meet the goal?
You use Azure Pipelines to build and deploy an app named Appl. You plan to monitor App1 by using Application Insights. You create an Application Insights instance named All. You need to configure App1 to use All. Which file should you modify?
Task 1
You need to ensure that an Azure Web App named az400-38443478-main can retrieve secrets from an Azure key vault named az400-3844J478-kv1 by using a system managed identity The solution must use the principle of least privilege.
To ensure that your Azure Web App named az400-38443478-main can retrieve secrets from an Azure Key Vault named az400-3844J478-kv1 using a system managed identity with the principle of least privilege, follow these detailed steps:
Enable a System Managed Identity for the Azure Web App:
Navigate to the Azure Portal.
Go to the Azure Web App az400-38443478-main.
Select Identity under the Settings section.
In the System assigned tab, switch the Status to On.
Click Save to apply the changes.
Grant the Web App Access to the Key Vault:
Go to the Azure Key Vault az400-3844J478-kv1.
Select Access policies under the Settings section.
Click on Add Access Policy.
Choose Secret permissions and select Get and List. This grants the app the ability to read secrets, adhering to the principle of least privilege.
Click on Select principal, search for your Web App name az400-38443478-main, and select it.
Click Add to add the policy.
Don't forget to click Save to save the access policy changes.
Retrieve Secrets in the Web App Code:
In your Web App's code, use the Azure SDK to retrieve the secrets.
For example, in a .NET application, you can use the Azure.Identity and Azure.Security.KeyVault.Secrets namespaces.
Utilize the DefaultAzureCredential class which will automatically use the system managed identity when running on Azure.
using Azure.Identity;
using Azure.Security.KeyVault.Secrets;
var client = new SecretClient(new Uri('https://az400-3844J478-kv1.vault.azure.net/'), new DefaultAzureCredential());
KeyVaultSecret secret = await client.GetSecretAsync('my-secret-name');
string secretValue = secret.Value;
Replace 'my-secret-name' with the actual name of the secret you want to retrieve.
By following these steps, your Azure Web App will be able to securely retrieve secrets from the Azure Key Vault using a system managed identity, without needing to store credentials in the code, and adhering to the principle of least privilege. Remember to replace the placeholder names with the actual names of your Web App and Key Vault.
Task 2
You need to create an instance of Azure Application Insights named az400-38443478-main and configure the instance to receive telemetry data from an Azure web app named az400-38443478-main
You must create a Log Analytics workspace before this task.
To create an instance of Azure Application Insights named az400-38443478-main and configure it to receive telemetry data from an Azure web app with the same name, you'll need to follow these steps:
Create a Log Analytics Workspace:
Go to the Azure Portal.
Search for Log Analytics Workspaces and select Add.
Select a Subscription and either use an existing Resource Group or create a new one.
Provide a unique name for your Log Analytics workspace.
Choose the Region that is appropriate for you.
Review the settings and then select Create1.
Create an Azure Application Insights Instance:
In the Azure Portal, navigate to Application Insights.
Click on + Create.
Fill in the instance details, ensuring the name is az400-38443478-main.
Link the instance to the Log Analytics workspace you created in the previous step.
Review and create the Application Insights instance2.
Configure the Azure Web App to Send Telemetry Data:
Go to the Azure Web App az400-38443478-main.
Under Monitoring, select Application Insights.
Choose to use an existing resource and select the Application Insights instance you created.
Follow the prompts to set up the connection, which may involve adding the appropriate SDK to your web app and configuring the connection string or instrumentation key.
Verify Telemetry Data Reception:
After setting up, send some test traffic to your web app.
Then, go to the Application Insights instance and check the Overview or Performance sections to see if telemetry data is being received.
Remember to replace placeholder names with the actual names of your resources where necessary. These steps will help you set up Azure Application Insights to monitor your web app effectively.
Task 3
You need to ensure that an Azure Web App named az400-38443478-matn supports rolling upgrades The solution must ensure that only 10 percent of users who connect to az400-38443478 main use updated versions of the app. The solution must minimize administrative effort.
To ensure that your Azure Web App named az400-38443478-main supports rolling upgrades and only 10 percent of users connect to the updated version of the app, you can use deployment slots with the following steps:
Create a Deployment Slot:
Navigate to the Azure Portal.
Go to your Web App az400-38443478-main.
Select Deployment slots in the menu.
Click on Add Slot.
Name the slot (e.g., staging) and if needed, clone settings from the production slot.
Configure the Traffic Percentage:
In the Deployment Slots menu, you will see a column for Traffic %.
Set the traffic percentage to 10% for the staging slot1.
This will route only 10% of the traffic to the updated version of the app in the staging slot.
Deploy the Updated App to the Staging Slot:
Deploy your updated application to the staging slot.
Test the application in the staging slot to ensure it's working as expected.
Complete the Rolling Upgrade:
Once you're satisfied with the performance and stability of the app in the staging slot, you can gradually increase the percentage of traffic until you're ready to swap with the production slot.
To swap slots, go to the Deployment slots menu and click on Swap with the production slot.
By using deployment slots, you can achieve rolling upgrades with minimal administrative effort, as it allows you to test the new version on a subset of users before fully releasing it. Remember to adjust the traffic percentage and monitor the application's performance throughout the process.
Unlock All Questions for Microsoft AZ-400 Exam
Full Exam Access, Actual Exam Questions, Validated Answers, Anytime Anywhere, No Download Limits, No Practice Limits
Get All 510 Questions & Answers