- (Exam Topic 2)
You have a private distribution group that contains provisioned and unprovisioned devices.
You need to distribute a new iOS application to the distribution group by using Microsoft Visual Studio App Center.
What should you do?
Correct Answer:A
The following diagram displays the entire app re-signing flow in App Center.
Reference:
https://docs.microsoft.com/hu-hu/appcenter/distribution/auto-provisioning
- (Exam Topic 2)
You are designing the security validation strategy for a project in Azure DevOps.
You need to identify package dependencies that have known security issues and can be resolved by an update.
What should you use?
Correct Answer:D
With enterprise level of SonarQube you can use OWASP that runs the security scans for known vulnerabilities. https://www.sonarqube.org/features/security/
https://www.sonarqube.org/features/security/owasp/?gclid=Cj0KCQiAzZL-BRDnARIsAPCJs70Teq0-efI2Hd_h
- (Exam Topic 2)
You are deploying a server application that will run on a Server Core installation of Windows Server 2019. You create an Azure key vault and a secret.
You need to use the key vault to secure API secrets for third-party integrations.
Which three actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point. D18912E1457D5D1DDCBD40AB3BF70D5D
Correct Answer:BCE
BE: An app deployed to Azure can take advantage of Managed identities for Azure resources, which allows the app to authenticate with Azure Key Vault using Azure AD authentication without credentials (Application ID and Password/Client Secret) stored in the app.
Select Add Access Policy.
Open Secret permissions and provide the app with Get and List permissions.
Select Select principal and select the registered app by name. Select the Select button.
Select OK.
Select Save.
Deploy the app. References:
https://docs.microsoft.com/en-us/aspnet/core/security/key-vault-configuration https://docs.microsoft.com/en-us/azure/key-vault/general/tutorial-net-virtual-machine
- (Exam Topic 3)
You need to recommend a procedure to implement the build agent for Project1.
Which three actions should you recommend be performed in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Solution:
Scenario:
Step 1: Sign in to Azure Devops by using an account that is assigned the Administrator service connection
security role.
Note: Under Agent Phase, click Deploy Service Fabric Application. Click Docker Settings and then click Configure Docker settings. In Registry Credentials Source, select Azure Resource Manager Service Connection. Then select your Azure subscription.
Step 2: Create a personal access token..
A personal access token or PAT is required so that a machine can join the pool created with the Agent Pools (read, manage) scope.
Step 3: Install and register the Azure Pipelines agent on an Azure virtual machine.
By running a Azure Pipeline agent in the cluster, we make it possible to test any service, regardless of type. References:
https://docs.microsoft.com/en-us/azure/service-fabric/service-fabric-tutorial-deploy-container-app-with-cicd-vst https://mohitgoyal.co/2019/01/10/run-azure-devops-private-agents-in-kubernetes-clusters/
Does this meet the goal?
Correct Answer:A
- (Exam Topic 2)
You have a GitHub repository.
You create a new repository in Azure DevOps.
You need to recommend a procedure to clone the repository from GitHub to Azure DevOps. What should you recommend?
Correct Answer:C