ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-400 All Questions

View all questions & answers for the AZ-400 exam
Go to Exam

Exam AZ-400 topic 7 question 48 discussion

Actual exam question from Microsoft's AZ-400
Question #: 48
Topic #: 7
[All AZ-400 Questions]

DRAG DROP -
You have an Azure DevOps release pipeline as shown in the following exhibit.

You need to complete the pipeline to configure OWASP ZAP for security testing.
Which five Azure CLI tasks should you add in sequence? To answer, move the tasks from the list of tasks to the answer area and arrange them in the correct order.
Select and Place:

Show Suggested Answer Hide Answer
Suggested Answer:
Defining the Release Pipeline -
Once the application portion of the Release pipeline has been configured, the security scan portion can be defined. In our example, this consists of 8 tasks, primarily using the Azure CLI task to create and use the ACI instance (and supporting structures).
Otherwise specified, all the Azure CLI tasks are Inline tasks, using the default configuration options.

Reference:
https://devblogs.microsoft.com/premier-developer/azure-devops-pipelines-leveraging-owasp-zap-in-the-release-pipeline/
by SteveChai at April 26, 2021, 8:20 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Dalias
Highly Voted 3 years, 4 months ago
got this in 29 Jun exams. scored 800+ marks. didn't answered correctly though
upvoted 10 times
...
SteveChai
Highly Voted 3 years, 6 months ago
Given answer is correct - verified.
upvoted 9 times
...
4bd3116
Most Recent 4 months, 4 weeks ago
The Answer is correct https://devblogs.microsoft.com/premier-developer/wp-content/uploads/sites/31/2019/05/word-image-17.png
upvoted 1 times
...
vsvaid
10 months, 2 weeks ago
Given answer is right Report Result = Download File+ Convert File + Publish https://www.examtopics.com/exams/microsoft/az-400/view/32/
upvoted 1 times
...
Fal991l
1 year, 6 months ago
GTP: Based on the documentation and the steps required to configure OWASP ZAP for security testing in an Azure DevOps release pipeline, the proper order for the five Azure CLI tasks should be: Docker CLI installer (f) Build machine image (b) Call the Baseline Scan (e) Convert Report Format (a) Destroy OWASP Container (d) This order ensures that the necessary prerequisites are set up before running the OWASP ZAP Baseline Scan and that the results are properly handled and formatted for publishing and analysis.
upvoted 2 times
Fal991l
1 year, 6 months ago
Task e: Call the Baseline Scan The next task in the sequence is to call the baseline scan for OWASP ZAP. This involves running the OWASP ZAP container on the agent machine and executing the initial security scan to establish a baseline of vulnerabilities in the target application. The "Call the Baseline Scan" task is an Azure CLI task that runs the OWASP ZAP container and executes the baseline scan. This task should be configured to run after the "Docker CLI installer" task has completed successfully.
upvoted 1 times
...
Fal991l
1 year, 6 months ago
Task f: Docker CLI installer The first task in the sequence is to install the Docker CLI on the agent machine that will run the security tests. This is necessary because OWASP ZAP is typically packaged as a Docker container, and in order to run the container and execute the security tests, the agent machine must have the Docker CLI installed. The "Docker CLI installer" task is an Azure CLI task that installs the Docker CLI on the agent machine. This task should be configured to run on the agent machine before the other tasks in the sequence.
upvoted 1 times
...
Fal991l
1 year, 6 months ago
Task f: Docker CLI installer The first task in the sequence is to install the Docker CLI on the agent machine that will run the security tests. This is necessary because OWASP ZAP is typically packaged as a Docker container, and in order to run the container and execute the security tests, the agent machine must have the Docker CLI installed. The "Docker CLI installer" task is an Azure CLI task that installs the Docker CLI on the agent machine. This task should be configured to run on the agent machine before the other tasks in the sequence.
upvoted 1 times
...
Fal991l
1 year, 6 months ago
Task e: Call the Baseline Scan The next task in the sequence is to call the baseline scan for OWASP ZAP. This involves running the OWASP ZAP container on the agent machine and executing the initial security scan to establish a baseline of vulnerabilities in the target application. The "Call the Baseline Scan" task is an Azure CLI task that runs the OWASP ZAP container and executes the baseline scan. This task should be configured to run after the "Docker CLI installer" task has completed successfully.
upvoted 1 times
...
Load full discussion...
...
syu31svc
2 years, 2 months ago
Given answer is correct and link provided supports it
upvoted 1 times
...
tjeerd
2 years, 3 months ago
On exam 20220727. Given answer is correct.
upvoted 1 times
...
Eltooth
2 years, 5 months ago
Call Download Export Publish Destroy
upvoted 2 times
Eltooth
2 years, 5 months ago
Export = Convert
upvoted 1 times
...
...
chanbull
2 years, 6 months ago
Based on the question, how can we know there exists an image in Azure Blob and has been loaded in ACI such that the first task to run the baseline scan?
upvoted 3 times
...
Whirly
2 years, 7 months ago
Exam Question April 1st 2022.
upvoted 3 times
...
rdemontis
2 years, 7 months ago
correct answer!!
upvoted 1 times
...
Optimist_Indian
2 years, 8 months ago
Got this question in Feb-2022 exam (scored 910+). Given answer is correct.
upvoted 4 times
...
lugospod
2 years, 9 months ago
Got this January 2022.
upvoted 3 times
...
Ashutosh_9608
3 years ago
The given answer is correct. https://devblogs.microsoft.com/premier-developer/azure-devops-pipelines-leveraging-owasp-zap-in-the-release-pipeline/
upvoted 5 times
...
subrata83
3 years, 1 month ago
Got this in the Az-400 exam(Sep 27 2021)
upvoted 4 times
...
celciuz
3 years, 2 months ago
This came question came out, August 2021
upvoted 4 times
...
francis6170
3 years, 4 months ago
Got this in the AZ-400 exam (June 2021).
upvoted 3 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago