ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-400 All Questions

View all questions & answers for the AZ-400 exam
Go to Exam

Exam AZ-400 topic 4 question 78 discussion

Actual exam question from Microsoft's AZ-400
Question #: 78
Topic #: 4
[All AZ-400 Questions]

You use Azure Pipelines pipeline to build and deploy an app named App1.

You need to ensure that before App1 is deployed, all the code for the app passes a security validation by using a custom tool.

What should you do?

  • A. Add a status check to the policies of the branch used by your company's development department.
  • B. Add a status check to the policies of the main branch.
  • C. Add a service hook to the project.
  • D. Limit the job authorization scope to the current project for all the release pipelines.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by MrAZ105 at Oct. 9, 2024, 6:30 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
7bc6163
3 weeks, 5 days ago
Selected Answer: B
B. Add a status check to the policies of the main branch. Explanation: To ensure that all code for App1 passes a security validation before deployment, you want to enforce that code cannot be merged into the main branch unless it passes your custom security validation tool. By adding a status check to the main branch policies, you can require that a specific check (such as the result of your custom tool) must succeed before pull requests can be completed and code can be merged. This is the standard and recommended way to enforce pre-deployment validations in Azure Pipelines.
upvoted 1 times
...
Dankho
6 months, 1 week ago
Selected Answer: A
you need to catch vulnerabilities "before" deployment because once it's in PROD with vulnerabilities, you would need to do a rollback. So, performing the tests in TEST environment is more appropriate and cause less headaches of having to rollback.
upvoted 2 times
...
yaguitoEC
6 months, 3 weeks ago
Selected Answer: B
B is correct, deployment
upvoted 1 times
...
Zangi
6 months, 3 weeks ago
Selected Answer: A
A is correct answer. Do not listen MrAZ105
upvoted 2 times
...
MrAZ105
7 months, 3 weeks ago
Selected Answer: B
B is correct
upvoted 1 times
...
UrbanRellik
7 months, 3 weeks ago
Selected Answer: A
Status check on a PR of the feature branch. Once approved, merge to main. Performing a check on the main branch means that it's already been approved and failed the status check after approval.
upvoted 1 times
DaveVentura
6 months, 2 weeks ago
when you configure the status check in the policies of the main branch it means it is a requirement to complete pull requests to main. not that it checks the main after merge.
upvoted 1 times
...
...
MrAZ105
8 months, 1 week ago
I would say option A Option B could work but is less ideal because it's applied to the main branch, and security validation should generally be enforced earlier in the development process (e.g., on the feature/development branches) to catch issues before they reach the main branch.
upvoted 4 times
UrbanRellik
7 months, 3 weeks ago
I'm with ya there.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel