- (Exam Topic 2)
Your company is concerned that when developers introduce open source libraries, it creates licensing
compliance issues.
You need to add an automated process to the build pipeline to detect when common open source libraries are added to the code base.
What should you use?

Correct Answer:D
WhiteSource provides WhiteSource Bolt, a lightweight open source security and management solution developed specifically for integration with Azure DevOps and Azure DevOps Server.
Note: WhiteSource is the leader in continuous open source software security and compliance management. WhiteSource integrates into your build process, irrespective of your programming languages, build tools, or development environments. It works automatically, continuously, and silently in the background, checking the security, licensing, and quality of your open source components against WhiteSource constantly-updated denitive database of open source repositories.
Reference: https://www.azuredevopslabs.com/labs/vstsextend/whitesource/

- (Exam Topic 2)
You have an Azure DevOps organization named Contoso and an Azure subscription.
You use Azure DevOps to build and deploy a web app named App1. Azure Monitor is configured to generate an email notification in response to alerts generated whenever App1 generates a server-side error.
You need to receive notifications in Microsoft Teams whenever an Azure Monitor alert is generated. Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

Correct Answer:AB
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/action-groups-logic-app

- (Exam Topic 2)
Your company hosts a web application in Azure. The company uses Azure Pipelines for the build and release management of the application.
Stakeholders report that the past few releases have negatively affected system performance. You configure alerts in Azure Monitor.
You need to ensure that new releases are only deployed to production if the releases meet defined performance baseline criteria in the staging environment first.
What should you use to prevent the deployment of releases that fall to meet the performance baseline?

Correct Answer:C
Scenarios and use cases for gates include:
Quality validation. Query metrics from tests on the build artifacts such as pass rate or code coverage and deploy only if they are within required thresholds.
Use Quality Gates to integrate monitoring into your pre-deployment or post-deployment. This ensures that you are meeting the key health/performance metrics (KPIs) as your applications move from dev to production and any differences in the infrastructure environment or scale is not negatively impacting your KPIs.
Note: Gates allow automatic collection of health signals from external services, and then promote the release when all the signals are successful at the same time or stop the deployment on timeout. Typically, gates are used in connection with incident management, problem management, change management, monitoring, and external approval systems.
References:
https://docs.microsoft.com/en-us/azure/azure-monitor/continuous-monitoring https://docs.microsoft.com/en-us/azure/devops/pipelines/release/approvals/gates?view=azure-devops

- (Exam Topic 2)
You need to ensure that an Azure web app named az400-9940427-main can retrieve secrets from an Azure key vault named az400-9940427-kv1 by using a system managed identity.
The solution must use the principle of least privilege.
To complete this task, sign in to the Microsoft Azure portal.
Solution:
* 1. In Azure portal navigate to the az400-9940427-main app.
* 2. Scroll down to the Settings group in the left navigation.
* 3. Select Managed identity.
* 4. Within the System assigned tab, switch Status to On. Click Save.

References:
https://docs.microsoft.com/en-us/azure/app-service/overview-managed-identity

Does this meet the goal?

Correct Answer:A

- (Exam Topic 2)
Your company has a project in Azure DevOps.
You plan to create a release pipeline that will deploy resources by using Azure Resource Manager templates. The templates will reference secrets stored in Azure Key Vault.
You need to recommend a solution for accessing the secrets stored in the key vault during deployments. The solution must use the principle of least privilege.
What should you include in the recommendation? To answer, drag the appropriate configurations to the correct targets. Each configuration may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Solution:
Box 1: RBAC
Management plane access control uses RBAC.
The management plane consists of operations that affect the key vault itself, such as:
Creating or deleting a key vault.
Getting a list of vaults in a subscription.
Retrieving Key Vault properties (such as SKU and tags).
Setting Key Vault access policies that control user and application access to keys and secrets.
Box 2: RBAC
References:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-tutorial-use-key-vault

Does this meet the goal?

Correct Answer:A

- (Exam Topic 2)
Note: This question is part of * series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sett might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an approval process that contains a condition. The condition requires that releases be approved by a team leader before they are deployed.
You have a poky stating that approvals must occur within eight hour.
You discover that deployments fail if the approvals take longer than two hours.
You need to ensure that the deployments only fail if the approvals take longer than eight hours.
Solution: From Post-deployment conditions, you modify the Time between re-evaluation of gates option. Does this meet the goal?

Correct Answer:B
Use a gate From Pre-deployment conditions instead.
References: https://docs.microsoft.com/en-us/azure/devops/pipelines/release/approvals/gates