Your company has a project in Azure DevOps.
You plan to create a release pipeline that will deploy resources by using Azure Resource Manager templates.
The templates will reference secrets stored in Azure Key Vault.
You need to recommend a solution for accessing the secrets stored in the key vault during deployments. The solution must use the principle of least privilege.
What should you include in the recommendation? To answer, drag the appropriate configurations to the correct targets. Each configuration may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Correct Answer:

Box 1: A key Vault advanced access policy

Box 2: RBAC
Management plane access control uses RBAC.
The management plane consists of operations that affect the key vault itself, such as:
* Creating or deleting a key vault.
* Getting a list of vaults in a subscription.
* Retrieving Key Vault properties (such as SKU and tags).
* Setting Key Vault access policies that control user and application access to keys and secrets.
References:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-tutorial-use-key-vault

Comment: *

Name: *

Email: *

Verification: *

You have a GitHub organization.
You ate creating a GitHub Actions workflow.
You need to perform authenticated AP1 requests by using a GitHub app name App1.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Correct Answer:

Explanation:

Comment: *

Name: *

Email: *

Verification: *

How should you confrere the release retention policy for the investment planning depletions suite? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Correct Answer:

References: https://docs.microsoft.com/en-us/rest/api/storageservices/authorize-with-shared-key
Topic 3, Woodgrove bank
General Overview
Woodgrove Bank is a financial services company that has a main office in the United Kingdom.
Technical Requirements and Planned Changes
Planned Changes
Woodgrove Bank plans to implement the following project management changes:
Implement Azure DevOps for project tracking.
Centralize source code control in private GitHub repositories.
Implement Azure Pipelines for build pipelines and release pipelines.
Woodgrove Bank plans to implement the following changes to the identity environment:
Deploy an Azure AD tenant named woodgrovebank.com.
Sync the Active Directory domain to Azure AD.
Configure App1 to use a service principal.
Integrate GitHub with Azure AD.
Woodgrove Bank plans to implement the following changes to the core apps:
Migrate App1 to ASP.NET Core.
Integrate Azure Pipelines and the third-party build tool used to develop App2.
Woodgrove Bank plans to implement the following changes to the DevOps environment:
Deploy App1 to Azure App Service.
Implement source control for the DB1 schema.
Migrate all the source code from TFS1 to GitHub.
Deploy App2 to an Azure virtual machine named VM1.
Merge the POC branch into the GitHub default branch.
Implement an Azure DevOps dashboard for stakeholders to monitor development progress.
Technical Requirements
Woodgrove Bank identifies the following technical requirements:
The initial databases for new environments must contain both schema and reference data.
An Azure Monitor alert for VM1 must be configured to meet the following requirements:
Be triggered when average CPU usage exceeds 80 percent for 15 minutes.
Calculate CPU usage averages once every minute.
The commit history of the POC branch must replace the history of the default branch.
The Azure DevOps dashboard must display the metrics shown in the following table.

Access to Azure DevOps must be restricted to specific IP addresses.
Page load times for App1 must be captured and monitored.
Administrative effort must be minimized.

Comment: *

Name: *

Email: *

Verification: *

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company uses Azure DevOps to manage the build and release processes for applications.
You use a Git repository for applications source control.
You need to implement a pull request strategy that reduces the history volume in the master branch.
Solution: You implement a pull request strategy that uses squash merges.
Does this meet the goal?

• A.No
• B.Yes

Comment: *

Name: *

Email: *

Verification: *

Your company is building a new web application.
You plan to collect feedback from pilot users on the features being delivered.
All the pilot users have a corporate computer that has Google Chrome and the Microsoft Test & Feedback extension installed. The pilot users will test the application by using Chrome.
You need to identify which access levels are required to ensure that developers can request and gather feedback from the pilot users. The solution must use the principle of least privilege.
Which access levels m Azure DevOps should you identify? To answer, select the appropriate options in the answer area NOTE: Each correct selection is worth one point.

Correct Answer:

Explanation

Box 1: Basic
Assign Basic to users with a TFS CAL, with a Visual Studio Professional subscription, and to users for whom you are paying for Azure Boards & Repos in an organization.
Box 2: Stakeholder
Assign Stakeholders to users with no license or subscriptions who need access to a limited set of features.
Note:
You assign users or groups of users to one of the following access levels:
Basic: provides access to most features
VS Enterprise: provides access to premium features
Stakeholders: provides partial access, can be assigned to unlimited users for free References: https://docs.microsoft.com/en-us/azure/devops/organizations/security/access-levels?view=vsts

Comment: *

Name: *

Email: *

Verification: *