Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Free Resources

Difficulty IndexLearn — Free ChaptersIT GlossaryFree Tools & LabsStudy GuidesCareer RoadmapsBrowse by VendorCisco Command ReferenceCCNA Scenarios

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

← Design and implement build and release pipelines practice sets

AZ-400 Design and implement build and release pipelines • Complete Question Bank

AZ-400 Design and implement build and release pipelines — All Questions With Answers

Complete AZ-400 Design and implement build and release pipelines question bank — all 0 questions with answers and detailed explanations.

461
Questions
Free
No signup
Certifications/AZ-400/Practice Test/Design and implement build and release pipelines/All Questions
Question 1easymultiple choice
Read the full Design and implement build and release pipelines explanation →

A team uses Azure Pipelines to build a .NET Core application. The build pipeline runs successfully, but the release pipeline fails when deploying to Azure App Service with the error: 'ERROR_FILE_IN_USE'. What is the most likely cause?

Question 2mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

A development team is designing a build pipeline for a microservices application. They want to ensure that each service is built and tested independently, but they also need to run integration tests that span multiple services. What is the recommended approach?

Question 3hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

A company uses Azure Pipelines with YAML-based pipelines stored in a Git repository. The pipeline triggers on every push to the main branch, but the team wants to reduce unnecessary builds when only documentation files are changed. What is the best way to achieve this?

Question 4mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

A team is implementing a release pipeline for a Node.js application. They want to run integration tests against a temporary environment that is destroyed after the tests complete. Which strategy should they use?

Question 5mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO actions should be taken to secure secrets in Azure Pipelines? (Choose two.)

Question 6hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You are reviewing an Azure Policy definition applied to an Azure DevOps project. The project has a build pipeline that deploys to production. What is the effect of this policy on the build pipeline?

Exhibit

Refer to the exhibit.

```json
{
  "properties": {
    "description": "Policy to require multiple reviewers for critical repos",
    "policyType": "Build",
    "mode": "Validation",
    "initiative": "RequireMinimumReviewers",
    "policyRule": {
      "if": {
        "field": "type",
        "equals": "Microsoft.TeamFoundation/teamProjects"
      },
      "then": {
        "effect": "audit",
        "details": {
          "minimumApproverCount": 2
        }
      }
    }
  }
}
```
Question 7hardmultiple choice
Read the full NAT/PAT explanation →

Your company has a large monorepo with multiple microservices. You have a single YAML-based Azure Pipeline that builds the entire solution on every commit to the main branch. The pipeline takes over an hour to complete, causing long feedback loops. Developers often submit changes to only one service, but the whole pipeline runs. You need to reduce build time while maintaining quality. You are considering splitting the pipeline into multiple pipelines, each for a service, and using path triggers. However, some services have dependencies on shared libraries that are updated infrequently. You also need to ensure that integration tests that span multiple services still run when necessary. What should you do?

Question 8mediummulti select
Read the full Design and implement build and release pipelines explanation →

A development team is configuring a YAML-based pipeline in Azure Pipelines. The pipeline must meet the following requirements: - Build only the main branch. - Run integration tests after a successful build. - Deploy to a staging environment only if tests pass. - Handle failures gracefully by sending a notification to the team. You need to define the pipeline structure. Which TWO configurations should you include?

Question 9hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. The pipeline is configured as shown. A developer pushes a change to the `main` branch that modifies a file under `src/Controllers/HomeController.cs` and also adds a new file under `docs/readme.md`. Which of the following best describes what happens?

Network Topology
configuration $(buildConfiguration)'arguments: 'configuration $no-build'Refer to the exhibit.```yaml# azure-pipelines.ymltrigger:branches:include:- main- release/*paths:exclude:- docs/*- tests/*pool:vmImage: 'ubuntu-latest'variables:buildConfiguration: 'Release'steps:- task: DotNetCoreCLI@2inputs:command: 'build'projects: '**/*.csproj'displayName: 'Build project'command: 'test'projects: '**/*Tests/*.csproj'displayName: 'Run tests'```
Question 10easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses Azure Pipelines for CI/CD. The current pipeline for a .NET Core application builds and runs unit tests, then deploys to a staging environment. The team wants to add a step to run integration tests against the staging environment after deployment, and only if integration tests pass, promote the build to production. The integration tests require a database connection string that is stored as a secret in Azure Key Vault. The pipeline uses a service principal with permissions to read secrets from the Key Vault. You need to modify the pipeline to meet these requirements while ensuring security best practices. Which action should you take?

Question 11mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You have a multi-stage YAML pipeline that deploys to Azure Kubernetes Service (AKS). The pipeline uses a deployment job with a strategy of 'runOnce'. You need to ensure that if the deployment fails, the pipeline automatically redeploys the previous successful version. Which strategy should you use instead?

Question 12hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a build pipeline that produces a NuGet package. The pipeline must conditionally sign the assembly only when the build is triggered by a tag starting with 'v' (e.g., v1.0.0). The pipeline uses a script task that signs the assembly. Which expression should you use in the condition of the script task?

Question 13hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You have a YAML pipeline that deploys to multiple environments. The pipeline uses environment approvals. You need to ensure that the pipeline waits for manual approval before deploying to the production environment. The production environment is named 'Production'. Which configuration should you add to the deployment job?

Question 14mediummulti select
Read the full Design and implement build and release pipelines explanation →

You are designing a release pipeline that uses Azure App Service deployment slots. The pipeline must perform a swap after deployment to the staging slot. Which three tasks or actions should you include in the pipeline? (Select all that apply.)

Question 15hardmulti select
Read the full Design and implement build and release pipelines explanation →

You are creating a YAML pipeline that builds a .NET Core application. The pipeline must use a multi-stage build with separate stages for 'Build', 'Test', and 'Deploy'. The 'Deploy' stage should only run if both 'Build' and 'Test' succeed. Which two conditions can you use to achieve this? (Select all that apply.)

Question 16mediummultiple choice
Read the full NAT/PAT explanation →

You are designing a build pipeline that uses a combination of tasks. The pipeline must compile code, run unit tests, and then publish code coverage results. Match each task with its appropriate placement in the pipeline order. The tasks are: 'Visual Studio Test', 'Publish Code Coverage Results', 'Visual Studio Build'. The correct order is: 1. Build, 2. Test, 3. Publish coverage.

Question 17easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You have a YAML pipeline that builds a .NET application. You need to ensure that the pipeline uses the .NET SDK version 6.0.x. Which task should you add to the pipeline?

Question 18mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You have a release pipeline that deploys to multiple stages. You want to ensure that a manual approval is required before deploying to the production stage. Which approach should you use?

Question 19hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You have a YAML pipeline that uses a multi-stage build. You want to cache the restored NuGet packages across builds to improve performance. Which caching strategy should you use?

Question 20easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You need to run a set of tasks only when the build pipeline runs for the main branch. Which condition should you add to the job or step?

Question 21mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You have a YAML pipeline with multiple jobs that need to run in parallel. However, one job depends on artifacts produced by a previous job. How should you configure the dependency?

Question 22mediummulti select
Read the full Design and implement build and release pipelines explanation →

You are designing a release pipeline for a microservices application. Which two strategies can you use to manage configuration across different environments? (Choose two.)

Question 23hardmulti select
Read the full Design and implement build and release pipelines explanation →

You have a YAML pipeline that builds a Docker image and pushes it to Azure Container Registry (ACR). You need to ensure the pipeline uses the latest version of Docker and that the build is cached for faster subsequent runs. Which two tasks should you include? (Choose two.)

Question 24mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You are configuring a YAML pipeline that deploys to multiple environments. The pipeline should automatically trigger when changes are pushed to the main branch, but only if the build artifact changes. Which trigger configuration should you use?

Question 25hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You have a multi-stage YAML pipeline with stages: Build, Test, and Deploy. The Deploy stage requires approval from a specific user group. You want to ensure that the approval request is sent only after the Test stage completes successfully. Which configuration should you use?

Question 26easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You need to create a build pipeline that runs on a Microsoft-hosted agent. You want to use the latest Ubuntu image. Which YAML snippet should you use?

Question 27hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a pipeline that deploys to an Azure Kubernetes Service (AKS) cluster. You need to securely pass the Kubernetes cluster credentials to the pipeline without hardcoding them. Which approach should you use?

Question 28mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You have a release pipeline that deploys to multiple stages (Dev, QA, Prod). You want to automatically deploy to Dev and QA after a successful build, but require a manual approval for Prod. Which deployment strategy should you use?

Question 29mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which two actions can you use to validate that a deployment to a staging environment is successful before promoting to production? (Choose two.)

Question 30hardmulti select
Read the full Design and implement build and release pipelines explanation →

You are designing a pipeline that must run tasks in a container. The container needs access to Azure resources using a managed identity. Which two configurations are required? (Choose two.)

Question 31easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You are configuring a YAML build pipeline for a .NET Core application. Which task should you use to restore NuGet packages?

Question 32mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You have a release pipeline that deploys to multiple environments. You need to ensure that a manual approval is required before deploying to production. What should you configure?

Question 33hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your YAML pipeline uses a self-hosted agent pool. You need to ensure that only the pipeline can trigger builds on that pool, preventing other projects from using it. What should you do?

Question 34mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which two of the following are valid strategies to implement conditional deployment in a YAML pipeline? (Choose 2)

Question 35hardmulti select
Read the full Design and implement build and release pipelines explanation →

You are designing a release pipeline that must deploy to Azure App Service across multiple regions. Which two practices should you implement to minimize downtime during deployments? (Choose 2)

Question 36mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Match each Azure DevOps concept to its correct description.

Question 37mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You have a multi-stage YAML pipeline that deploys to a Linux-based Azure App Service. The pipeline uses a 'Deploy to Azure App Service' task. You need to ensure that the deployment uses the Kudu REST API with ZIP deployment. Which value should you set for the 'packageForLinux' task input?

Question 38hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your YAML pipeline uses the 'AzureResourceManagerTemplateDeployment' task to deploy ARM templates. You need to handle incremental deployments and ensure that the task fails if any resource already exists and cannot be updated. Which deployment mode should you specify?

Question 39mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your pipeline runs on a Microsoft-hosted agent. You need to securely reference an Azure Key Vault secret in a pipeline variable without exposing the value in logs. Which variable group type should you use and how should you reference the secret?

Question 40hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You configured a multi-stage YAML pipeline with a deployment job that uses a deployment strategy like 'runOnce' or 'rolling'. You need to ensure that the deployment target is marked as 'succeeded' only after the deployment job completes successfully, and that any previous deployment to the same environment is preserved for rollback. Which setting must you configure?

Question 41easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You need to trigger a pipeline whenever changes are pushed to the 'main' branch of a GitHub repository. Which trigger should you configure in the YAML pipeline?

Question 42hardmulti select
Read the full Design and implement build and release pipelines explanation →

You are designing a build pipeline for a .NET Core application. You need to ensure that the pipeline restores NuGet packages from both an Azure Artifacts feed and the public NuGet gallery. The pipeline must fail if a package is not found in either source. Which two actions must you take? (Select two.)

Question 43mediumdrag order
Read the full Design and implement build and release pipelines explanation →

Drag and drop the steps to implement a disaster recovery plan for Azure App Service into the correct order.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4
5Step 5
Question 44mediumdrag order
Read the full Design and implement build and release pipelines explanation →

Drag and drop the steps to implement infrastructure as code with Azure Resource Manager (ARM) templates into the correct order.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4
5Step 5
Question 45mediummatching
Read the full Design and implement build and release pipelines explanation →

Match each Azure Pipeline concept to its definition.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Compute resource to run jobs

Logical boundary for pipeline phases

Sequence of steps on a single agent

Atomic build or deployment action

Question 46mediummatching
Read the full Design and implement build and release pipelines explanation →

Match each Azure Monitor feature to its use case.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Application performance monitoring and diagnostics

Query and analyze log data from various sources

Visualize performance metrics from Azure resources

Proactive notifications based on conditions

Question 47mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a build pipeline for a Java application that uses Maven. The build must run unit tests and integration tests separately. You want to publish test results to Azure Pipelines. Which task configuration should you use?

Question 48hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your release pipeline deploys to Azure App Service using deployment slots. You need to ensure that traffic is gradually shifted to the new slot over 30 minutes, and if performance issues occur, it should automatically roll back. Which deployment strategy should you implement?

Question 49easymultiple choice
Read the full NAT/PAT explanation →

Your pipeline uses a multi-stage YAML file. You want to conditionally run a stage only if the build originates from the 'main' branch. Which syntax should you use?

Question 50hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You are configuring a branch policy for the main branch using the Azure DevOps REST API. The JSON above is the policy configuration. A developer pushes a new commit to an existing pull request. What happens to the existing approvals?

Exhibit

Refer to the exhibit.
```json
{
  "policies": [
    {
      "policy": {
        "name": "Require Pull Request Review",
        "isEnabled": true,
        "blocking": true,
        "settings": {
          "minimumApproverCount": 2,
          "creatorVoteCounts": false,
          "allowDownvotes": true,
          "resetOnPush": false
        }
      }
    }
  ]
}
```
Question 51mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your build pipeline uses a self-hosted agent. The agent is running low on disk space. You need to clean up the agent's working directory after each build. Which option should you configure in the pipeline?

Question 52hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a release pipeline for a microservices application deployed to Azure Kubernetes Service (AKS). You need to implement a strategy that allows rolling back to the previous version quickly if a deployment fails. The pipeline should also support canary deployments. Which tool or feature should you use?

Question 53easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses GitHub for source control and Azure Pipelines for CI/CD. You need to trigger a pipeline automatically when a pull request is created against the main branch. Which trigger type should you configure in the YAML pipeline?

Question 54mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You have a build pipeline that produces several artifacts. You need to publish these artifacts to Azure Artifacts feed, but only if the build succeeds. Which task should you add to the pipeline?

Question 55hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. A developer pushes a commit to the main branch. Which stages will run?

Exhibit

Refer to the exhibit.
```yaml
# azure-pipelines.yml
trigger:
  branches:
    include:
      - main
      - develop

stages:
- stage: Build
  jobs:
  - job: BuildJob
    pool:
      vmImage: ubuntu-latest
    steps:
    - script: echo "Building..."

- stage: Test
  dependsOn: Build
  condition: eq(variables['Build.SourceBranch'], 'refs/heads/develop')
  jobs:
  - job: TestJob
    pool:
      vmImage: ubuntu-latest
    steps:
    - script: echo "Testing..."
```
Question 56mediummulti select
Read the full Design and implement build and release pipelines explanation →

Your release pipeline deploys to multiple environments sequentially: Dev, QA, Staging, Production. You need to implement manual approval gates before Staging and Production deployments. Which TWO configurations should you use? (Choose two.)

Question 57hardmulti select
Read the full Design and implement build and release pipelines explanation →

Your organization uses Azure Pipelines with Microsoft-hosted agents. The pipeline runs a .NET Core application build. You notice that the build takes longer than expected. Which THREE actions can you take to improve build performance? (Choose three.)

Question 58easymulti select
Read the full Design and implement build and release pipelines explanation →

You are configuring a continuous integration (CI) trigger for your YAML pipeline. The trigger should run the pipeline when changes are pushed to the 'main' branch or any release branch matching 'release/*'. Which TWO trigger configurations are valid? (Choose two.)

Question 59mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. You are deploying this Bicep file using Azure Pipelines. The 'environment' parameter should be set to 'dev', 'qa', or 'prod' based on the release stage. How should you pass the parameter value?

Exhibit

Refer to the exhibit.
```bicep
resource appService 'Microsoft.Web/sites@2022-09-01' = {
  name: 'myapp-${environment}'  
  location: resourceGroup().location
  properties: {
    serverFarmId: appServicePlan.id
    siteConfig: {
      appSettings: [
        {
          name: 'APPINSIGHTS_INSTRUMENTATIONKEY'
          value: appInsights.properties.InstrumentationKey
        }
      ]
    }
  }
}
```
Question 60hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your release pipeline uses a multi-stage YAML with environments. You need to ensure that only one deployment runs at a time to a production environment to avoid conflicts. Which feature should you use?

Question 61easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You need to integrate Azure Pipelines with GitHub to trigger a build when a release is published in GitHub. Which trigger type should you use in the pipeline?

Question 62mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team is designing a build pipeline for a Java application that uses Maven. The pipeline must run unit tests and integration tests separately, and fail the build if integration tests fail. However, integration tests require a running database container. Which approach should you use to ensure the database is available for the integration tests?

Question 63hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses GitHub Actions for CI/CD. You need to ensure that deployment to production only occurs after a successful deployment to a staging environment and requires approval from a senior developer. The deployment workflow is defined in a single YAML file. What is the most efficient way to achieve this?

Question 64easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your Azure DevOps pipeline uses a YAML template to avoid duplication. The template defines common build steps. You need to override one of the steps in a specific pipeline without modifying the template. Which approach should you use?

Question 65mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your release pipeline deploys a .NET Core web app to Azure App Service using a deployment slot for staging. The pipeline runs integration tests against the staging slot. After tests pass, you want to swap the staging slot with production. However, the swap fails sometimes because the staging slot has different configuration settings. What is the best practice to ensure swapping succeeds?

Question 66hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses Azure Pipelines to build a large monolithic application. The build takes over 60 minutes. Management wants to reduce the build time to under 30 minutes. The application has multiple independent modules that could be built in parallel. What is the most effective strategy to reduce build time?

Question 67mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your Azure DevOps pipeline uses a variable group to store secrets. The variable group is linked to a Key Vault. You need to use a secret variable in a pipeline task. How should you reference the secret in the YAML pipeline?

Question 68easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You are setting up a GitHub Actions workflow to deploy an Azure Resource Manager (ARM) template. The workflow must run whenever a pull request is opened against the main branch. Which trigger should you use?

Question 69hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your Azure DevOps pipeline deploys a microservice to a Kubernetes cluster using Helm. The Helm chart requires a values file that contains environment-specific configurations. You want to store the values file securely and use it during deployment. What is the recommended approach?

Question 70mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure Repos for source control. You need to enforce that all builds must pass unit tests before code can be merged into the main branch. Which branch policy should you configure?

Question 71mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO of the following are valid ways to trigger a release pipeline in Azure DevOps? (Select TWO.)

Question 72hardmulti select
Read the full Design and implement build and release pipelines explanation →

Which THREE of the following are best practices for managing secrets in Azure Pipelines? (Select THREE.)

Question 73mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which THREE of the following are valid deployment strategies that can be implemented using Azure DevOps release pipelines? (Select THREE.)

Question 74mediummultiple choice
Read the full NAT/PAT explanation →

Your team uses Azure Pipelines for CI/CD. You need to enforce that all pipeline runs use approved agents from a specific agent pool with the latest security patches. The agents are self-hosted on Azure VMs. What should you implement?

Question 75hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses GitHub Actions for CI/CD. You need to ensure that secrets stored in GitHub Actions are not exposed in logs. A developer accidentally logs a secret using 'echo ${{ secrets.API_KEY }}' in a workflow step. What is the default behavior?

Question 76easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a release pipeline in Azure Pipelines that deploys a web app to multiple environments (dev, test, prod). You want to ensure that the same build artifact is deployed to each environment without rebuilding. Which trigger type should you use?

Question 77mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your Azure Pipelines build fails intermittently due to transient network errors when downloading NuGet packages. You want to implement retry logic. What is the best approach?

Question 78hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You are implementing a multi-stage YAML pipeline in Azure Pipelines for a microservices application. You need to ensure that the 'deploy' stage only runs if the 'build' stage succeeds and that the 'test' stage runs in parallel with 'build' for different services. How should you structure the pipeline?

Question 79easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You need to ensure that a release pipeline in Azure Pipelines automatically deploys to production only if the deployment to staging succeeds and all manual intervention checks pass. What is the best way to configure this?

Question 80mediummultiple choice
Read the full NAT/PAT explanation →

Your Azure Pipelines build uses a self-hosted agent that runs on a Windows VM. The build fails with the error 'Access to the path 'C:\agent\_work\1\s\bin' is denied.' What is the most likely cause?

Question 81hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You are setting up a GitHub Actions workflow to deploy a containerized application to Azure Kubernetes Service (AKS). You need to securely authenticate to the AKS cluster using a service principal. What is the recommended way to store and use the service principal credentials?

Question 82easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure Pipelines to build a .NET Core application. You notice that the build takes too long because it restores NuGet packages every time. What is the best way to improve build performance?

Question 83mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO actions should you take to implement a gated check-in policy in Azure Repos that triggers a build before changes are merged?

Question 84hardmulti select
Read the full Design and implement build and release pipelines explanation →

Which THREE components are required to set up a self-hosted agent pool in Azure Pipelines?

Question 85easymulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO triggers can start a release in Azure Pipelines?

Question 86mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure Pipelines for CI/CD. You need to ensure that a secret variable stored in Azure Key Vault is available to a build pipeline without exposing it in logs. What should you do?

Question 87hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You have a multi-stage YAML pipeline that deploys to multiple environments. You want to enforce that a manual approval is required before deploying to the production environment, but not for other environments. How should you configure the pipeline?

Question 88easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your build pipeline fails intermittently with the error: 'The job running on agent 'Azure Pipelines' exceeded the maximum execution time of 60 minutes.' How can you resolve this issue?

Question 89hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a release pipeline for a critical application. The pipeline must automatically roll back to the previous version if the deployment to staging fails health checks. Which deployment strategy should you implement?

Question 90mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your CI pipeline includes a step that runs unit tests. You want to fail the pipeline if code coverage drops below 80%, but continue if tests pass with lower coverage. How should you configure the test step?

Question 91easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses GitHub Actions for CI/CD. You need to ensure that only specific branches can trigger the deployment workflow to production. Which workflow trigger should you configure?

Question 92mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You have a YAML pipeline that builds a .NET application. You want to cache the NuGet packages to speed up subsequent builds. Which task should you use?

Question 93hardmultiple choice
Review the full routing breakdown →

Your release pipeline deploys to Azure App Service using slots. You need to ensure that after swapping, the warmup request is sent to the production slot before traffic is fully routed. What should you configure?

Question 94easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You need to create a pipeline that triggers only when changes are made to files in the 'src/api' folder. Which trigger configuration should you use?

Question 95mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO are valid strategies for managing secrets in Azure Pipelines?

Question 96hardmulti select
Read the full Design and implement build and release pipelines explanation →

Which THREE are required to set up a self-hosted agent for Azure Pipelines?

Question 97mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO conditions must be met to use multi-stage YAML pipelines with approvals?

Question 98hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You have the YAML pipeline exhibit above. The pipeline fails with: 'The pipeline is not valid. Could not find the template file shared-templates/build-steps.yml.' What is the most likely cause?

Exhibit

Refer to the exhibit.

```json
{
  "resources": {
    "repositories": [
      {
        "repository": "shared-templates",
        "type": "git",
        "name": "myorg/shared-templates",
        "ref": "refs/heads/main"
      }
    ]
  },
  "jobs": [
    {
      "job": "build",
      "steps": [
        {
          "checkout": "self"
        },
        {
          "checkout": "shared-templates"
        },
        {
          "template": "shared-templates/build-steps.yml",
          "parameters": {
            "buildConfiguration": "Release"
          }
        }
      ]
    }
  ]
}
```
Question 99mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

The pipeline above fails with: 'The deployment job 'DeployToProd' references environment 'Production' which does not exist.' What should you do to resolve this error?

Exhibit

Refer to the exhibit.

```yaml
# azure-pipelines.yml
trigger:
  branches:
    include:
    - main
    - release/*

pool:
  vmImage: ubuntu-latest

variables:
  - group: 'Prod-Environment'

stages:
- stage: Build
  jobs:
  - job: BuildJob
    steps:
    - script: echo Building...

- stage: Deploy
  jobs:
  - deployment: DeployToProd
    environment: 'Production'
    strategy:
      runOnce:
        deploy:
          steps:
          - script: echo Deploying...
```
Question 100easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You ran the above Azure CLI command to check the deployment source of an Azure Web App. The web app is not deploying automatically when commits are pushed to the main branch. Based on the output, what is the most likely cause?

Network Topology
name MyAppresource-group MyRGRefer to the exhibit.```bash# Azure CLI command output"branch": "main","deploymentRollbackEnabled": false,"isMercurial": false,"repoUrl": "https://github.com/myorg/myrepo"```
Question 101mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team is implementing a CI/CD pipeline for a .NET application. The build pipeline should only run when changes are pushed to the main branch, but a recent push to a feature branch triggered the pipeline. What is the most likely cause?

Question 102hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You have a pipeline with the above YAML trigger configuration. A developer pushes changes to a file in 'src/app/config.json' on a branch named 'release/v1'. Which statement is true about the build trigger?

Exhibit

Refer to the exhibit.
```yaml
trigger:
  branches:
    include:
    - main
    - release/*
  paths:
    include:
    - src/app/*
```
Question 103easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You need to deploy a web app to Azure App Service using Azure Pipelines. The deployment slot should be 'staging' first, and after smoke tests, swap to production. Which deployment strategy should you use?

Question 104hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your release pipeline uses a 'Run Azure CLI' task to execute a script. The script authenticates using a service principal. However, the deployment fails with 'insufficient privileges to complete the operation'. What is the most likely cause?

Question 105mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses Microsoft-hosted agents for builds. Recently, builds are taking longer to start. What is the best way to reduce queue times?

Question 106easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You run the above Azure CLI command to deploy a Bicep template. The deployment fails with 'The resource 'Microsoft.Storage/storageAccounts/mystgaccount' already exists'. What is the most likely cause?

Network Topology
az deployment group createresource-group MyRGtemplate-file main.bicepparameters storageName=mystgaccountRefer to the exhibit.```bash```
Question 107mediummulti select
Read the full Design and implement build and release pipelines explanation →

Your release pipeline deploys to multiple environments (dev, test, prod). You need to ensure that only authorized users can approve production deployments. Which TWO actions should you take?

Question 108hardmulti select
Read the full Design and implement build and release pipelines explanation →

Your build pipeline uses a YAML template that references variables from a variable group. The variable group is linked to a library. You need to ensure that sensitive variables are not exposed in logs. Which THREE actions should you take?

Question 109easymulti select
Read the full Design and implement build and release pipelines explanation →

Your team wants to implement automated testing in the build pipeline. You need to ensure that tests run and results are published. Which TWO tasks should you include?

Question 110easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You have a pipeline with the above JSON definition. The build fails with 'The specified configuration 'Release' is not valid'. What is the most likely cause?

Network Topology
"arguments": "configuration $(buildConfiguration)"Refer to the exhibit.```json"variables": {"buildConfiguration": "Release","majorVersion": "1","minorVersion": "0"},"stages": ["stage": "Build","jobs": ["job": "BuildJob","steps": ["task": "DotNetCoreCLI@2","inputs": {"command": "build",```
Question 111hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You have the above YAML task in a pipeline. The task runs but no secrets are available in subsequent tasks. What is the most likely cause?

Exhibit

Refer to the exhibit.
```yaml
- task: AzureKeyVault@2
  inputs:
    azureSubscription: 'MyServiceConnection'
    KeyVaultName: 'mykv'
    SecretsFilter: '*'
    RunAsPreJob: false
```
Question 112mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses GitHub for source control and Azure Pipelines for CI/CD. You need to implement a policy that requires all pull requests to be built and pass tests before merging. What should you do?

Question 113hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You run the above KQL query in Log Analytics to troubleshoot a failing container in a Kubernetes deployment. The query returns no results even though you know there are errors. What is the most likely cause?

Exhibit

Refer to the exhibit.
```kusto
ContainerLog
| where TimeGenerated > ago(1h)
| where LogEntry contains "Error"
| project TimeGenerated, LogEntry, ContainerID
```
Question 114mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a multi-stage YAML pipeline that builds a Docker image and deploys it to Azure Kubernetes Service (AKS). You want to reuse the Docker build steps across multiple stages. What is the best approach?

Question 115easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your release pipeline includes a 'Deploy to App Service' task for a Linux web app. The deployment fails with 'Error: Failed to deploy web package to App Service'. What should you check first?

Question 116hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure Pipelines with a YAML-based build pipeline. The pipeline builds a .NET application and runs unit tests. Recently, the unit tests are failing intermittently due to flaky tests. You need to ensure that the pipeline fails only if the same test fails in two consecutive runs. Which feature should you configure?

Question 117easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You have an Azure DevOps Pipeline that builds a Node.js application. The pipeline uses template expressions to conditionally run certain jobs based on the branch name. You notice that the condition 'eq(variables['Build.SourceBranch'], 'refs/heads/main')' is not evaluating as expected. What is the most likely cause?

Question 118mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses GitHub Actions for CI/CD. You have a workflow that builds and deploys a containerized application to Azure Kubernetes Service (AKS). The workflow uses the 'azure/aks-set-context' action to connect to the AKS cluster. Recently, the workflow started failing with authentication errors. The service principal used has Contributor role on the AKS cluster. What is the most likely cause?

Question 119hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You have a multi-stage YAML pipeline in Azure DevOps that deploys to multiple environments. The pipeline uses a deployment job with environment approvals. You need to ensure that the deployment to the production environment is only triggered after a manual approval is granted. However, you also want the deployment to automatically roll back if the post-deployment health check fails. Which configuration should you implement?

Question 120easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure Repos Git and wants to enforce a policy that all pushes to the main branch must pass a build validation pipeline. The pipeline runs unit tests and code analysis. You need to configure this in the branch policy. Which setting should you enable?

Question 121mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a release pipeline for a microservices application where each service is built as a Docker container and deployed to Azure Kubernetes Service (AKS). You want to ensure that each service is deployed independently to the same cluster. The services have dependencies on each other. Which deployment strategy should you use?

Question 122hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses GitHub Actions with self-hosted runners on Azure virtual machines. You notice that some workflows are taking longer than expected because runners are busy. You need to improve the performance without adding more permanent runners. Which solution should you implement?

Question 123mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You have a YAML pipeline that builds a Java project using Maven. The pipeline uses a private artifact feed in Azure Artifacts. You need to authenticate to the feed from the pipeline. Which authentication method should you use?

Question 124hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure Pipelines to deploy a web app to Azure App Service. The deployment uses the 'AzureWebApp@1' task with a deployment slot. You need to ensure that after a successful deployment to the staging slot, the slot swap happens automatically and the staging slot is warmed up before the swap. Which configuration should you use?

Question 125mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO of the following are valid strategies to securely store and use secrets in Azure Pipelines?

Question 126hardmulti select
Read the full Design and implement build and release pipelines explanation →

Which THREE of the following are valid considerations when designing a release pipeline to deploy to multiple environments (dev, test, prod) using Azure Pipelines YAML?

Question 127easymulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO of the following are true about multi-stage pipelines in Azure Pipelines?

Question 128mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. This YAML pipeline snippet is configured in an Azure Pipelines YAML file. The team reports that the pipeline does not trigger when changes are pushed to the main branch that modify files outside the /src folder. What is the most likely reason?

Exhibit

Refer to the exhibit.
```json
{
  "triggers": [
    {
      "branch": "main",
      "paths": {
        "include": [
          "/src/*"
        ]
      }
    }
  ],
  "pool": {
    "vmImage": "ubuntu-latest"
  },
  "steps": [
    {
      "script": "echo Building..."
    }
  ]
}
```
Question 129hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. This multi-stage YAML pipeline has a variable 'publishEnabled' set to false. The team wants the Publish stage to run only when 'publishEnabled' is true. However, the Publish stage never runs, even when the variable is changed to true at queue time. What is the most likely cause?

Exhibit

Refer to the exhibit.
```json
{
  "variables": {
    "buildConfiguration": "Release",
    "publishEnabled": false
  },
  "stages": [
    {
      "stage": "Build",
      "jobs": [
        {
          "job": "BuildJob",
          "steps": [
            {
              "script": "echo Building..."
            }
          ]
        }
      ]
    },
    {
      "stage": "Publish",
      "dependsOn": "Build",
      "condition": "eq(variables['publishEnabled'], true)",
      "jobs": [
        {
          "job": "PublishJob",
          "steps": [
            {
              "script": "echo Publishing..."
            }
          ]
        }
      ]
    }
  ]
}
```
Question 130mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. This YAML pipeline snippet uses parameters to deploy to different environments. The team wants to run the pipeline for a specific environment by providing the parameter at queue time. However, the pipeline fails with 'Invalid stage name'. What is the most likely cause?

Exhibit

Refer to the exhibit.
```json
{
  "parameters": [
    {
      "name": "environment",
      "values": ["dev", "test", "prod"]
    }
  ],
  "stages": [
    {
      "stage": "Deploy${{ parameters.environment }}",
      "jobs": [
        {
          "job": "Deploy",
          "steps": [
            {
              "task": "AzureWebApp@1",
              "inputs": {
                "appName": "myapp-${{ parameters.environment }}",
                "package": "$(System.DefaultWorkingDirectory)/**/*.zip"
              }
            }
          ]
        }
      ]
    }
  ]
}
```
Question 131mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure DevOps to build a .NET application. The build pipeline takes 45 minutes to complete. You want to reduce build times by caching dependencies. What should you configure in the pipeline?

Question 132hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a release pipeline for a critical production application. The pipeline must ensure that changes are deployed to a staging environment first, and if integration tests pass, they are automatically deployed to production. However, if the tests fail, the deployment to production must be blocked. What is the best approach?

Question 133mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO features in Azure Pipelines allow you to enforce separation of duties between development and operations teams? (Choose two.)

Question 134easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your build pipeline includes a task that runs unit tests. You want to ensure that if any test fails, the pipeline stops immediately and does not proceed to the next tasks. What should you configure in the pipeline?

Question 135mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. The YAML pipeline triggers on commits to main and develop branches, and pull requests targeting develop. A developer pushes a commit directly to main. What will happen?

Exhibit

Refer to the exhibit.
```yaml
# azure-pipelines.yml
trigger:
  branches:
    include:
      - main
      - develop
pr:
  branches:
    include:
      - develop
```
Question 136hardmulti select
Read the full Design and implement build and release pipelines explanation →

Which THREE are valid approaches to securely store secrets used in Azure Pipelines? (Choose three.)

Question 137hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. This is a deployment job definition in a multi-stage YAML pipeline. The deployment fails because the Kubernetes service connection 'aks-prod' cannot be found. What is the most likely cause?

Exhibit

Refer to the exhibit.
```json
{
  "name": "Deploy to AKS",
  "type": "DeployPipeline",
  "environment": "production",
  "strategy": {
    "runOnce": {
      "deploy": {
        "steps": [
          {
            "task": "Kubernetes@1",
            "inputs": {
              "kubernetesServiceConnection": "aks-prod",
              "namespace": "prod",
              "manifests": "$(Build.ArtifactStagingDirectory)/deployment.yaml"
            }
          }
        ]
      }
    }
  },
  "approvals": [
    {
      "approvers": [
        "user@contoso.com"
      ]
    }
  ]
}
```
Question 138easymulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO triggers can be used to start a pipeline automatically in Azure Pipelines? (Choose two.)

Question 139mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You have a multi-stage pipeline that deploys to multiple regions. You want to ensure that if the deployment to one region fails, the pipeline does not proceed to the next region. What is the best way to implement this?

Question 140easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses GitHub Actions for CI/CD. You need to ensure that secrets are not exposed in build logs. What should you use?

Question 141hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. An Azure CLI command outputs the configuration of an Azure Web App. Your pipeline deploys to this Web App using the 'AzureWebApp@1' task. The deployment fails with an error indicating that the runtime stack is not supported. What is the most likely cause?

Exhibit

Refer to the exhibit.
```powershell
# Output from Azure CLI
{
  "id": "/subscriptions/.../resourceGroups/rg-prod/providers/Microsoft.Web/sites/app-prod",
  "kind": "app,linux",
  "siteConfig": {
    "linuxFxVersion": "DOTNETCORE|6.0",
    "appSettings": [
      {
        "name": "ASPNETCORE_ENVIRONMENT",
        "value": "Production"
      }
    ]
  }
}
```
Question 142mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which THREE are valid ways to trigger a pipeline in Azure Pipelines using GitHub integration? (Choose three.)

Question 143easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You need to automatically run a pipeline when a new tag is pushed to the repository. Which trigger configuration should you use?

Question 144mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. The pipeline YAML includes an Azure CLI script that sets an app setting on a Web App. The pipeline fails with an authentication error. What is the most likely cause?

Network Topology
resource-group rg-contosoname app-contososettings DEPLOYMENT_SLOT=productionRefer to the exhibit.```yaml# Azure CLI scriptecho "Setting environment variables"pipeline:- job: Deploypool:vmImage: 'ubuntu-latest'steps:```
Question 145hardmulti select
Read the full Design and implement build and release pipelines explanation →

Which THREE are valid security best practices for Azure Pipelines? (Choose three.)

Question 146hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You have a multi-stage pipeline that builds a .NET application and deploys it to Azure App Service. The build stage produces a drop artifact that is used by the deployment stage. Recently, the deployment stage started failing intermittently with a '403 Forbidden' error when trying to download the artifact. The service connection used for deployment has 'Contributor' role at the resource group level. The artifact is stored in Azure Artifacts. What is the most likely cause of the failure?

Question 147mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses GitHub Actions for CI/CD. You need to enforce that all pull requests to the main branch pass a required status check that runs a security scan. The security scan is a GitHub Action that runs on pull_request events. However, the status check is not appearing as required in the branch protection rules. What should you do?

Question 148easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your Azure DevOps pipeline uses a YAML template that defines variables. You want to override a variable value when running the pipeline manually. What is the best approach?

Question 149hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a release pipeline for a critical application that must minimize downtime during deployment. The application runs on Azure Kubernetes Service (AKS) and uses Azure SQL Database. Which deployment strategy should you recommend?

Question 150mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your Azure DevOps pipeline uses the 'DotNetCoreCLI@2' task to run unit tests. Some tests are failing intermittently. You suspect test flakiness due to race conditions. What should you do to automatically retry failed tests without rewriting the tests?

Question 151easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You are implementing a CI pipeline for a Node.js application. The pipeline must run linting, unit tests, and build the application. Which YAML structure is most appropriate?

Question 152hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses GitHub Actions for CI/CD. You need to ensure that secrets stored in GitHub are not exposed in build logs. A developer accidentally printed a secret to the console in a workflow step. How can you prevent this from happening in the future?

Question 153mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your Azure DevOps pipeline deploys an ARM template to create a storage account. The deployment fails with 'AuthorizationFailed' error. The service principal used by the service connection has 'Contributor' role on the resource group. What is the most likely issue?

Question 154easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You are setting up a release pipeline that deploys to multiple environments (dev, test, prod) sequentially. Each environment requires approval before deployment. What is the best way to implement this in Azure Pipelines?

Question 155hardmulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO are best practices for securing Azure Pipelines? (Choose two.)

Question 156mediummulti select
Read the full NAT/PAT explanation →

Which THREE are valid deployment patterns for Kubernetes? (Choose three.)

Question 157mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO are true about Azure Pipelines YAML templates? (Choose two.)

Question 158hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. You deploy this ARM template using Azure Pipelines. The deployment succeeds, but the storage account is created with a name that is not what you expected. What is the most likely reason?

Exhibit

{
  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "storageAccountName": {
      "type": "string",
      "defaultValue": "[uniqueString(resourceGroup().id)]"
    },
    "location": {
      "type": "string",
      "defaultValue": "[resourceGroup().location]"
    }
  },
  "resources": [
    {
      "type": "Microsoft.Storage/storageAccounts",
      "apiVersion": "2022-09-01",
      "name": "[parameters('storageAccountName')]",
      "location": "[parameters('location')]",
      "kind": "StorageV2",
      "sku": {
        "name": "Standard_LRS"
      }
    }
  ]
}
Question 159mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. You have this GitHub Actions workflow YAML. The workflow does not trigger when you push to the main branch. What is the most likely issue?

Exhibit

{
  "triggers": ["main"],
  "pool": {
    "vmImage": "ubuntu-latest"
  },
  "steps": [
    {
      "script": "echo Hello, world!"
    }
  ]
}
Question 160mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. You have this Azure Pipeline YAML. When you run the pipeline, it fails because the resource group name is not correctly resolved. What is the likely cause?

Exhibit

{
  "parameters": {
    "environment": {
      "type": "string",
      "defaultValue": "dev"
    }
  },
  "variables": {
    "resourceGroupName": "rg-$(environment)-001"
  },
  "trigger": "none",
  "pool": {
    "vmImage": "ubuntu-latest"
  },
  "stages": [
    {
      "stage": "Deploy",
      "jobs": [
        {
          "job": "DeployJob",
          "steps": [
            {
              "task": "AzureCLI@2",
              "inputs": {
                "azureSubscription": "MyServiceConnection",
                "scriptType": "pscore",
                "scriptLocation": "inlineScript",
                "inlineScript": "az group create -n $(resourceGroupName) -l westus"
              }
            }
          ]
        }
      ]
    }
  ]
}
Question 161mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses a multi-stage YAML pipeline. The 'Build' stage compiles the code and runs unit tests. The 'Deploy' stage deploys to a staging environment. You notice that if the 'Build' stage fails, the 'Deploy' stage still starts because it depends on a condition that always evaluates to true. How should you modify the pipeline to prevent the 'Deploy' stage from running if the 'Build' stage fails?

Question 162hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization requires that all code changes must be built and tested before merging to the main branch. You plan to use branch policies in Azure Repos. Which policy enforcement will ensure that a pull request cannot be completed unless the build succeeds?

Question 163easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You are configuring a release pipeline to deploy to Azure App Service. You want to use the 'Deploy Azure App Service' task. Which authentication method should you use to securely connect Azure DevOps to the Azure subscription?

Question 164mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team is using GitHub Actions for CI/CD. The workflow builds a container image and pushes it to Azure Container Registry (ACR). However, the workflow fails with an authentication error when pushing to ACR. What is the most likely cause?

Question 165hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You need to implement a strategy to manage secrets for your multi-stage YAML pipeline. The pipeline runs on Microsoft-hosted agents. Which approach should you use to securely pass secrets to pipeline tasks?

Question 166mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your build pipeline uses the 'NuGetCommand@2' task to restore NuGet packages. You want to use packages from an Azure Artifacts feed that requires authentication. How should you configure the pipeline to authenticate with the feed?

Question 167easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You want to trigger a pipeline automatically when a new commit is pushed to the 'develop' branch of your repository. Which trigger configuration should you use in the YAML pipeline?

Question 168hardmultiple choice
Read the full NAT/PAT explanation →

Your release pipeline deploys to multiple environments (Dev, QA, Prod) using approvals. You need to ensure that the deployment to Prod only proceeds if the deployment to QA succeeded and an approval is granted. Which combination of triggers and pre-deployment conditions should you configure?

Question 169mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a pipeline to build a .NET Core application. The build must run unit tests and publish code coverage results. Which task should you use to publish the code coverage results to Azure DevOps?

Question 170hardmulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO of the following are valid strategies to reduce the build time of a container image in Azure Pipelines?

Question 171mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which THREE of the following are true about GitHub Actions self-hosted runners?

Question 172mediummulti select
Read the full Design and implement build and release pipelines explanation →

You are implementing a release pipeline with multiple stages. You want to automatically trigger the next stage only if the previous stage succeeds and the build is from the 'main' branch. Which TWO conditions should you configure?

Question 173easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a build pipeline for a Node.js application. The team wants to ensure that the pipeline runs unit tests and publishes test results to Azure DevOps. Which task should you add to the pipeline?

Question 174mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your release pipeline deploys to multiple environments sequentially. The deployment to production fails intermittently due to a database schema migration issue. You need to implement a strategy that automatically rolls back the deployment if the migration fails. What should you do?

Question 175hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a build pipeline that uses Microsoft-hosted agents. The pipeline must build a .NET Framework 4.8 application and run on a Windows agent. Due to compliance, the build must use a specific version of Visual Studio that is not pre-installed on the Microsoft-hosted agents. What should you do?

Question 176easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses GitHub for source control and Azure Pipelines for CI/CD. You need to ensure that only pull requests from specific branches trigger a build pipeline. Which trigger configuration should you use?

Question 177mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You are implementing a release pipeline that deploys a web app to Azure App Service. The deployment must be approved by a manager before proceeding to the production slot. However, the manager is on leave and the deployment is critical. What should you do to ensure the deployment can proceed without delaying the release?

Question 178easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses GitHub Actions for CI/CD. You want to ensure that the workflow runs only when a pull request is labeled 'safe-to-deploy'. Which trigger should you use?

Question 179mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You are configuring a multi-stage YAML pipeline that builds a .NET Core application and deploys it to Azure Kubernetes Service (AKS). The build stage produces a container image that is pushed to Azure Container Registry (ACR). The deploy stage needs to use the image from ACR. How should you pass the image tag from the build stage to the deploy stage?

Question 180mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO actions should you take to implement a secure build pipeline that uses Azure Key Vault to store secrets? (Choose two.)

Question 181hardmulti select
Read the full Design and implement build and release pipelines explanation →

Which THREE options are valid strategies to reduce build times in Azure Pipelines? (Choose three.)

Question 182mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO conditions should you configure in a release pipeline to ensure that a deployment to production only happens when both the staging deployment succeeded and a manual approval is granted? (Choose two.)

Question 183hardmulti select
Read the full Design and implement build and release pipelines explanation →

Which THREE steps should you take to implement a blue-green deployment strategy for an Azure App Service using Azure Pipelines? (Choose three.)

Question 184easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You are creating a release pipeline that deploys to Azure App Service. You want to ensure that the deployment uses the 'Run from package' feature for faster deployments and reduced downtime. Which deployment method should you select in the 'Azure App Service deploy' task?

Question 185mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses GitHub Actions for CI/CD. You want to enforce that all workflows pass required checks before a pull request can be merged. The repository is in an organization that uses GitHub Enterprise Cloud. What should you configure?

Question 186mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure Pipelines to build a .NET application. Recently, builds have been failing intermittently with NuGet restore errors. The pipeline uses a hosted agent. You need to ensure consistent package restoration. What should you do?

Question 187hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization is adopting GitHub Actions for CI/CD. You need to enforce that all workflows must pass required status checks before merging pull requests to the main branch. The repository is in an organization. What should you configure?

Question 188easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a release pipeline for a mission-critical application. The pipeline must deploy to multiple environments (dev, test, prod) in sequence, with manual approval required before production deployment. Which Azure Pipelines feature should you use?

Question 189hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your Azure Pipelines build is failing with the error: '##[error]No agent found in pool 'Default' that satisfies the specified demands: Agent.Version -gtVersion 2.200.0'. The pool 'Default' contains agents of various versions. What is the most likely cause?

Question 190mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You are implementing a CI pipeline for a Node.js application. The pipeline must run unit tests and generate code coverage reports. You want to publish the coverage results to Azure DevOps and enforce a minimum coverage threshold of 80%. Which tasks should you use?

Question 191easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team is using GitHub Actions to deploy a containerized application to Azure Kubernetes Service (AKS). You need to securely authenticate the workflow to AKS without storing credentials in the repository. What should you use?

Question 192hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a build pipeline that must be triggered only when changes are made to specific folders in the repository. The pipeline should ignore documentation changes. Which trigger configuration should you use?

Question 193mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your release pipeline deploys to multiple Azure regions. You need to ensure that if a deployment to one region fails, the pipeline continues deploying to other regions. Which deployment strategy should you use?

Question 194easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You need to automatically run a security scan on every pull request in GitHub. The scan should block the PR if critical vulnerabilities are found. Which GitHub feature should you use?

Question 195mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO are valid ways to pass build artifacts from one stage to another in a multi-stage YAML pipeline in Azure Pipelines?

Question 196hardmulti select
Read the full Design and implement build and release pipelines explanation →

Which THREE are required components to implement a secure CI/CD pipeline using Azure Pipelines and GitHub?

Question 197mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO are valid strategies for managing secrets in a GitHub Actions workflow?

Question 198hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. You are deploying this ARM template using Azure Pipelines. The pipeline passes the parameter 'environmentName' with value 'prod'. What will be the name of the virtual network?

Exhibit

Refer to the exhibit.

```json
{
  "parameters": {
    "environmentName": {
      "type": "string",
      "defaultValue": "dev"
    },
    "vmSku": {
      "type": "string",
      "defaultValue": "Standard_DS2_v2"
    }
  },
  "variables": {
    "vnetName": "[concat('vnet-', parameters('environmentName'))]"
  },
  "resources": [
    {
      "type": "Microsoft.Network/virtualNetworks",
      "apiVersion": "2023-11-01",
      "name": "[variables('vnetName')]",
      "properties": {
        "addressSpace": {
          "addressPrefixes": [
            "10.0.0.0/16"
          ]
        }
      }
    }
  ]
}
```
Question 199mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. You run an Azure CLI command during a pipeline to get the state of a web app. The output shows the state as 'Running'. You want to ensure the pipeline only proceeds if the state is 'Running'. Which task should you use to evaluate the condition?

Exhibit

Refer to the exhibit.

```bash
# Azure CLI output
{
  "id": "/subscriptions/.../resourceGroups/rg-dev/providers/Microsoft.Web/sites/myapp-dev",
  "name": "myapp-dev",
  "type": "Microsoft.Web/sites",
  "kind": "app",
  "state": "Running"
}
```
Question 200hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. A developer creates a pull request from a branch called 'feature/update'. The workflow runs on the pull_request event. What will the output of this workflow be?

Exhibit

Refer to the exhibit.

```yaml
# GitHub Actions workflow snippet
name: CI
on:
  push:
    branches: [ main ]
  pull_request:
    branches: [ main ]

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Run tests
        run: |
          if [ "${{ github.event_name }}" == "pull_request" ]; then
            echo "Running PR tests"
          fi
```
Question 201mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

A team uses Azure Pipelines to build a .NET application. The build takes 30 minutes, and developers complain that the pipeline runs slowly. The pipeline uses the 'windows-latest' agent and installs the .NET SDK in each run. Which action would MOST reduce the build time?

Question 202hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your release pipeline deploys to Azure App Service using a deployment slot strategy. After a successful deployment to the staging slot, you run smoke tests, then swap slots. Recently, a swap failed because the staging slot had an incorrect application setting. What is the BEST way to prevent this issue?

Question 203easymultiple choice
Study the full Python automation breakdown →

You are designing a build pipeline for a Python application that uses multiple external packages from PyPI. You want to ensure that builds are reproducible and not affected by package updates. Which strategy should you use?

Question 204mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your Azure DevOps project uses Git for source control. You want to enforce that all code changes are reviewed before merging into the main branch. Which branch policy should you enable?

Question 205hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your release pipeline uses Azure Kubernetes Service (AKS) and Helm charts. You need to roll back to a previous release quickly if the new release fails health checks. What is the BEST approach?

Question 206easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You are configuring a build pipeline for a JavaScript application. You want to run linting, unit tests, and build steps only when changes are pushed to the 'develop' branch. Which trigger should you configure?

Question 207mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your build pipeline uses a YAML template to define steps. You want to pass a parameter to the template to conditionally run a task. What syntax should you use in the template?

Question 208hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a release pipeline that deploys to multiple environments (dev, test, prod) sequentially. You need to require manual approval before deploying to prod. The approver should be able to review the changes and approve or reject. Which feature should you use?

Question 209easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses GitHub Actions for CI/CD. You want to securely store a database connection string used in a workflow. Where should you store it?

Question 210mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO of the following are valid strategies to reduce build times in Azure Pipelines? (Select TWO.)

Question 211hardmulti select
Open the full VLAN trunking answer →

Which THREE of the following are valid steps to implement a trunk-based development workflow in Azure Repos? (Select THREE.)

Question 212easymulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO of the following are benefits of using deployment slots in Azure App Service? (Select TWO.)

Question 213mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure Pipelines for CI/CD. You need to enforce that all builds produce a signed artifact. Which approach should you use?

Question 214hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

During a release pipeline, you notice that the deployment to staging fails intermittently due to a timeout waiting for the health check endpoint to return 200. The health check typically passes within 30 seconds, but occasionally takes up to 2 minutes. You need to make the deployment more reliable without affecting the overall release time. What should you do?

Question 215easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a release pipeline that deploys a web app to Azure App Service. You need to ensure that configuration secrets (e.g., database connection strings) are not stored in the pipeline YAML file. Which approach should you use?

Question 216mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization is adopting GitHub Actions for CI/CD. You need to ensure that only approved actions from your enterprise can be used in workflows. What should you configure?

Question 217hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You have a multi-stage YAML pipeline that builds and deploys a containerized application to Azure Kubernetes Service (AKS). The build stage runs successfully, but the deploy stage fails with an error: 'Error: failed to get credentials: context deadline exceeded'. You verify that the AKS cluster is running and that the service connection is valid. What is the most likely cause?

Question 218easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You are using Azure Pipelines to deploy a function app. You need to automatically roll back the deployment if the post-deployment smoke tests fail. What should you do?

Question 219mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses GitFlow with Azure Repos. You need to ensure that every commit to the 'main' branch is built and deployed to production automatically. Which trigger should you configure in your YAML pipeline?

Question 220hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You have a YAML pipeline that uses a self-hosted agent. The agent runs on a VM in Azure. The pipeline fails intermittently with the error: '##[error]The job running on agent MyAgent has been cancelled because the agent was idle for more than the maximum idle time.' You need to resolve this issue. What should you do?

Question 221mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a release pipeline that deploys to multiple environments (dev, test, prod) with approval gates between each. You need to ensure that the same build artifact is deployed to all environments. Which strategy should you use?

Question 222hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. You have a YAML pipeline definition that builds a .NET application. You notice that the revision number is always 0. What is the most likely cause?

Network Topology
configuration $(buildConfiguration)""arguments": "configuration $output $(Build.ArtifactStagingDirectory)"Refer to the exhibit.```json"variables": {"buildConfiguration": "Release","majorVersion": "1","minorVersion": "0","revision": $[counter(variables['minorVersion'], 0)]},"steps": ["task": "DotNetCoreCLI@2","inputs": {"command": "build","command": "publish",```
Question 223easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. You have a YAML pipeline that deploys an ARM template. The pipeline runs successfully on the first commit to main, but subsequent commits fail with 'The resource group myResourceGroup already exists'. How should you modify the pipeline to avoid this error?

Network Topology
az group createname myResourceGrouplocation eastusaz deployment group createresource-group myResourceGrouptemplate-file template.jsonRefer to the exhibit.```yamltrigger:branches:include:- mainpool:vmImage: ubuntu-lateststeps:- task: AzureCLI@2inputs:azureSubscription: 'MyServiceConnection'scriptType: 'pscore'scriptLocation: 'inlineScript'inlineScript: |```
Question 224mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. You run the Kusto query in Azure Monitor to analyze pipeline performance. The query returns no results even though you know some pipelines have average durations over 10 minutes. What is the most likely reason?

Exhibit

Refer to the exhibit.

```sql
-- KQL query to get pipeline run duration
let startTime = ago(7d);
PipelineRuns
| where RunStartTime >= startTime
| summarize AvgDuration=avg(RunDurationSeconds) by PipelineName
| where AvgDuration > 600
| project PipelineName, AvgDuration
```
Question 225hardmulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO actions should you take to implement a secure CI/CD pipeline that uses Azure Pipelines and prevents unauthorized access to production? (Choose two.)

Question 226mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which THREE components are essential for implementing a canary deployment strategy using Azure Kubernetes Service (AKS) and Azure Pipelines? (Choose three.)

Question 227easymulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO practices help improve the security of container images in a CI/CD pipeline? (Choose two.)

Question 228hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure DevOps to deploy a Node.js web app to Azure App Service on Linux. The build pipeline runs `npm install` and `npm run build`, then publishes the `dist` folder. The release pipeline uses the 'Azure App Service deploy' task. Recently, deployments fail intermittently with 'ERR_MODULE_NOT_FOUND' for a custom module. The module is listed in `package.json` and is present in the `node_modules` folder on the build agent. What is the most likely cause?

Question 229mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a multi-stage YAML pipeline for a .NET Core application. The pipeline must build, test, and deploy to a staging environment. You want to ensure that the deployment stage only runs if the build and test stages succeed, and that the staging deployment uses the exact same bits that were built. Which strategy should you use?

Question 230easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your build pipeline for a Java application uses Maven. You need to run unit tests and integration tests separately. Unit tests should run on every commit, while integration tests should run only when the build is triggered by a pull request to the main branch. How should you configure the pipeline?

Question 231hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You are implementing a build pipeline for a .NET application that uses GitHub Advanced Security (GHAS) for code scanning. The pipeline must run CodeQL analysis on every pull request to the main branch. You have added the CodeQL task to the pipeline. However, the analysis results are not appearing in the 'Security' tab of the repository on GitHub. What is the most likely cause?

Question 232mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure Pipelines to deploy a Docker container to Azure Kubernetes Service (AKS). The pipeline builds a Docker image, pushes it to Azure Container Registry (ACR), and then runs a deployment to AKS. You want to ensure that the deployment uses the exact image that was built in the same pipeline run. Which approach should you use?

Question 233easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You are setting up a release pipeline for a web application. The pipeline must deploy to three environments: Dev, Test, and Prod. The deployment to Prod must be triggered only after a successful deployment to Test and after a manual approval. How should you configure the pipeline?

Question 234hardmultiple choice
Read the full NAT/PAT explanation →

Your organization uses GitHub Actions for CI/CD. You have a workflow that builds a .NET application and runs tests. The workflow uses a self-hosted runner on an on-premises Windows server. Recently, builds started failing with 'Access to the path is denied' errors when the runner tries to restore NuGet packages. The runner has been working for months. What is the most likely cause?

Question 235mediummultiple choice
Study the full Python automation breakdown →

You are designing a build pipeline for a Python application that uses Anaconda environments. The pipeline must create a Conda environment, install dependencies, and run tests. The pipeline should also cache the Conda environment to speed up subsequent builds. Which configuration should you use?

Question 236hardmulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO actions are required to securely use Azure Key Vault secrets in an Azure Pipelines build? (Choose 2)

Question 237mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO are valid strategies to reduce build times in Azure Pipelines? (Choose 2)

Question 238easymulti select
Read the full Design and implement build and release pipelines explanation →

Which THREE are true about using deployment groups in Azure Pipelines? (Choose 3)

Question 239mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses GitHub Actions to build and deploy a static website to Azure Storage. The workflow uses the 'azure/webapps-deploy' action to deploy to a storage account static website. Recently, deployments started failing with 'Error: Failed to get credentials'. The workflow uses OpenID Connect (OIDC) for authentication. What is the most likely cause?

Question 240hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure Pipelines for CI/CD. A release pipeline fails intermittently during deployment to an Azure App Service slot. The error message indicates 'Failed to fetch access token for Azure Resource Manager service endpoint.' The service principal used has been granted Contributor role on the resource group. The issue resolves after re-creating the service connection in Azure DevOps. What is the most likely cause?

Question 241mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a build pipeline for a Node.js application. The pipeline must run unit tests and publish code coverage results to Azure Pipelines. Which task should you use to ensure coverage results are available in the pipeline summary?

Question 242easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your pipeline uses a multi-stage YAML file. You want to conditionally run a stage only when the build is triggered from the 'main' branch. Which expression should you use in the 'condition' property of the stage?

Question 243hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your release pipeline deploys to multiple environments (Dev, Test, Prod) using approval gates. Recently, the Prod deployment failed because a manual validation task timed out after 30 minutes. You need to ensure that if the manual validation is not approved within 15 minutes, the pipeline automatically rejects the deployment and sends a notification. What should you do?

Question 244mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses GitHub Actions for CI/CD. You want to reuse a workflow across multiple repositories without duplicating code. Which approach should you use?

Question 245easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You are setting up a build pipeline for a .NET Core application. The build should run on every pull request to the 'main' branch. Which trigger configuration should you use in the YAML pipeline?

Question 246hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your Azure DevOps release pipeline deploys to Azure Kubernetes Service (AKS). You need to ensure that the deployment is rolled back automatically if the health checks fail within 5 minutes after deployment. The AKS cluster uses a canary deployment strategy. What should you use?

Question 247mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses Azure Pipelines and wants to enforce that all builds must pass a security scan before being deployed to production. The security scan is performed by a third-party tool that is not available as a built-in task. You have installed the tool on a self-hosted agent. What is the best way to integrate the security scan into the pipeline?

Question 248easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You need to configure a release pipeline that deploys to Azure App Service. The deployment should use the 'slot swap' strategy to minimize downtime. Which deployment slot should you initially deploy to?

Question 249mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO actions should you take to implement a CI/CD pipeline for a microservices application using Azure Pipelines? (Choose two.)

Question 250hardmulti select
Read the full Design and implement build and release pipelines explanation →

Which THREE components are required to set up a self-hosted agent in Azure Pipelines? (Choose three.)

Question 251mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO benefits does using deployment groups provide in Azure Pipelines? (Choose two.)

Question 252mediummultiple choice
Read the full NAT/PAT explanation →

The exhibit shows a deployment job in an Azure Pipelines YAML file. The deployment fails with the error 'No package found with pattern: $(Pipeline.Workspace)/drop/*.zip'. What is the most likely cause?

Exhibit

Refer to the exhibit.

```yaml
jobs:
- deployment: Deploy
  environment: prod
  strategy:
    runOnce:
      deploy:
        steps:
        - download: current
          artifact: drop
        - task: AzureWebApp@1
          inputs:
            azureSubscription: 'myServiceConnection'
            appName: 'myApp'
            package: '$(Pipeline.Workspace)/drop/*.zip'
```
Question 253hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

The exhibit shows a parameters file for an ARM template deployment. During a release pipeline, the deployment fails with the error 'The provided value for the template parameter 'sku' is not valid'. The ARM template defines the 'sku' parameter as an allowed value set of ['F1', 'D1', 'B1', 'S1']. What could be the issue?

Exhibit

Refer to the exhibit.

```json
{
  "parameters": {
    "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
    "contentVersion": "1.0.0.0",
    "parameters": {
      "appName": {
        "value": "myapp"
      },
      "location": {
        "value": "eastus"
      },
      "sku": {
        "value": "S1"
      }
    }
  }
}
```
Question 254easymultiple choice
Read the full Design and implement build and release pipelines explanation →

The exhibit shows an Azure CLI command to run a pipeline. What does this command do?

Network Topology
$ az pipelines runname "MyPipeline"branch mainvariables myVar="value1"Refer to the exhibit.```bash```
Question 255mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses GitHub Actions to build and deploy a Node.js application to Azure App Service. The deployment succeeds, but the app crashes after startup with an error indicating a missing module. The build artifact includes the node_modules folder. What is the most likely cause?

Question 256easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You need to enforce that all builds in Azure Pipelines use a specific version of the .NET SDK. What is the best approach?

Question 257hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your Azure DevOps pipeline deploys to multiple environments (Dev, Test, Prod) using YAML multi-stage pipelines. The Prod deployment requires manual approval. However, the approval gate shows 'Pending' even after an authorized user approves. What is the most likely cause?

Question 258mediummulti select
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure Pipelines to deploy a microservices application to Azure Kubernetes Service (AKS). You need to implement a strategy that minimizes downtime during updates. Which TWO options should you use?

Question 259hardmulti select
Read the full Design and implement build and release pipelines explanation →

You are designing a release pipeline for a .NET Core application that must comply with regulatory requirements. The pipeline must sign the assembly with a code-signing certificate stored in Azure Key Vault. Which THREE actions should you perform?

Question 260mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. You have an Azure Pipelines YAML file for a .NET Core application. The pipeline is triggered on changes to the main branch, but only for files under src/. After a push to main that modifies a file in src/, the pipeline does not start. What is the most likely reason?

Network Topology
"arguments": "configuration $(buildConfiguration)"Refer to the exhibit.```json"triggers": ["branch": "main","paths": {"include": ["src/*"]],"variables": {"buildConfiguration": "Release","majorVersion": "1"},"stages": ["stage": "Build","jobs": ["job": "BuildJob","steps": ["task": "DotNetCoreCLI@2","inputs": {"command": "build",```
Question 261easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. You run the Azure CLI command to trigger a pipeline run. The pipeline fails because tests were skipped but should have run. What is the most likely issue?

Network Topology
az pipelines runname "Build Pipeline"branch feature/new-featurevariables-parameters '{"skipTests":"true"}'Refer to the exhibit.```
Question 262hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. You deploy this Bicep template to create an Azure App Service with a custom container. The deployment succeeds, but the container fails to start with an error 'Container didn't respond to HTTP pings'. What is the most likely missing configuration?

Exhibit

Refer to the exhibit.

```bicep
param location string = resourceGroup().location
param appName string
param containerImage string

resource appService 'Microsoft.Web/sites@2022-09-01' = {
  name: appName
  location: location
  kind: 'app,linux'
  properties: {
    siteConfig: {
      linuxFxVersion: 'DOCKER|${containerImage}'
      appSettings: [
        {
          name: 'WEBSITES_ENABLE_APP_SERVICE_STORAGE'
          value: 'false'
        }
      ]
    }
  }
}
```
Question 263mediummultiple choice
Study the full Python automation breakdown →

Your team uses GitHub Actions to build a Python application. The workflow includes a step to run unit tests with pytest. The tests pass locally but fail in CI with 'ModuleNotFoundError: No module named 'myapp''. The repository structure has the application code in a subdirectory 'src/'. What is the most likely fix?

Question 264mediummulti select
Read the full Design and implement build and release pipelines explanation →

Your organization uses Azure Pipelines to deploy a web application to multiple Azure App Service instances across regions. You need to implement a deployment strategy that allows rolling back to the previous version quickly if issues are detected. Which TWO strategies should you recommend?

Question 265hardmulti select
Read the full Design and implement build and release pipelines explanation →

You are configuring a release pipeline in Azure Pipelines for a Java application. The pipeline must run integration tests after deployment to a test environment and only proceed to production if tests pass. Which THREE should you configure?

Question 266easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses GitHub Actions to build a Docker image and push it to Azure Container Registry (ACR). The workflow fails with the error 'unauthorized: authentication required'. The workflow uses the 'azure/docker-login@v1' action. What is the most likely cause?

Question 267hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses Azure Pipelines to manage infrastructure as code with Terraform. The pipeline runs terraform plan and apply. You need to ensure that the state file is stored securely and can be locked to prevent concurrent modifications. What should you configure?

Question 268mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure Pipelines to build a React application. The build process runs npm install, npm test, and npm run build. The build succeeds, but the application loads slowly in the browser due to large bundle sizes. What should you add to the pipeline to optimize the build?

Question 269easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You need to ensure that only specific branches can trigger a release to production in Azure Pipelines. What should you configure?

Question 270mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses a YAML-based build pipeline in Azure Pipelines. You need to ensure that the pipeline runs automatically when a pull request is created against the main branch, but only if the changes include modifications to the 'src/' directory. Which trigger configuration should you use?

Question 271hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your Azure Pipelines release pipeline deploys to multiple stages. You need to implement a manual approval gate that requires two specific users to approve before deployment proceeds to production. The approval should expire after 8 hours. Which configuration should you use?

Question 272easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your build pipeline uses a hosted agent. You notice that every build starts with a clean workspace, increasing build time. You want to improve performance by caching the Node.js 'node_modules' folder. Which task should you add to the pipeline?

Question 273hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You have the YAML pipeline snippet shown in the exhibit. The first run produces version 1.0.0. What will be the version produced on the third run?

Network Topology
"arguments": "configuration $(buildConfiguration) /p:Version=$(majorVersion).$(minorVersion).$(revision)"Refer to the exhibit.```json"variables": {"buildConfiguration": "Release","majorVersion": "1","minorVersion": "0","revision": $[counter(variables['majorVersion'], 0)]},"steps": ["task": "DotNetCoreCLI@2","inputs": {"command": "build",```
Question 274mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your release pipeline deploys to Azure App Service using a deployment slot. You need to ensure that after swapping slots, the staging slot retains the previous production configuration for rollback. Which deployment strategy should you use?

Question 275easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You need to integrate security scanning into your build pipeline to detect vulnerable open-source dependencies. Which Azure DevOps extension should you use?

Question 276mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your build pipeline runs on a self-hosted agent pool. You need to ensure that only authorized pipelines can use these agents. Which security measure should you implement?

Question 277hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You run the Azure CLI command shown in the exhibit as part of a release pipeline to deploy a ZIP package to an Azure App Service. The deployment succeeds, but the app does not start. What is the most likely cause?

Network Topology
resource-group myRGname myAppsrc ./deploy.zipRefer to the exhibit.```powershell# Azure CLI script```
Question 278easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses GitHub for source control and wants to set up continuous integration using GitHub Actions. Which file should you create in the repository to define the workflow?

Question 279mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO conditions must be met for a self-hosted agent to be used in an Azure Pipelines agent pool? (Choose two.)

Question 280hardmulti select
Read the full Design and implement build and release pipelines explanation →

Which THREE factors should you consider when designing a release pipeline for a critical production application? (Choose three.)

Question 281easymulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO triggers can be used to automatically start a pipeline in Azure Pipelines? (Choose two.)

Question 282hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You have the YAML pipeline shown in the exhibit. What will be the output of the script in the Deploy stage?

Exhibit

Refer to the exhibit.
```yaml
# azure-pipelines.yml
variables:
  - name: environment
    value: 'dev'
stages:
- stage: Build
  jobs:
  - job: BuildJob
    steps:
    - script: echo "Building for $(environment)"
- stage: Deploy
  dependsOn: Build
  condition: succeeded()
  variables:
    environment: 'prod'
  jobs:
  - job: DeployJob
    steps:
    - script: echo "Deploying to $(environment)"
```
Question 283mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You need to implement a build retention policy that automatically deletes old builds after 30 days, but keeps the latest 5 builds regardless of age. Which configuration should you use?

Question 284easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You need to run unit tests in your build pipeline and publish the test results to Azure Pipelines. Which task should you use?

Question 285mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses a multi-stage YAML pipeline in Azure Pipelines. The pipeline includes a stage that runs integration tests against a test environment. You want to ensure that the integration tests are not affected by other pipelines that deploy to the same environment concurrently. What should you implement?

Question 286hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a release pipeline for a critical application that requires zero-downtime deployments. The application runs on Azure Kubernetes Service (AKS) with multiple replicas. You are using Azure Pipelines with a canary deployment strategy. What is the best approach to gradually shift traffic to the new version while monitoring for errors?

Question 287easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your development team uses GitHub Actions for CI/CD. You need to ensure that secrets stored in GitHub repository secrets are not exposed in build logs. What is the best practice?

Question 288mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses Azure Pipelines to build and deploy a .NET Core application to Azure App Service. The build pipeline takes 15 minutes. You want to implement continuous integration (CI) triggers but only for changes to the 'src' folder. The repository is in Azure Repos. How should you configure the trigger?

Question 289hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You are managing a pipeline that deploys a microservices application to multiple Azure Kubernetes Service (AKS) clusters in different regions. You want to implement a progressive exposure strategy where the deployment first goes to a small cluster (canary), then to a medium cluster, and finally to all clusters. The deployment should be automated but with the ability to halt if errors occur. What should you use?

Question 290easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure Pipelines for CI/CD. The pipeline builds a Docker image and pushes it to Azure Container Registry (ACR). You need to ensure that only the main branch triggers a build of the Docker image. What should you configure in the pipeline YAML?

Question 291mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a release pipeline for a Node.js application that deploys to Azure App Service. The pipeline must run integration tests against the deployed application. You want to use deployment slots to minimize downtime. What is the recommended approach?

Question 292hardmultiple choice
Study the full Python automation breakdown →

Your company uses GitHub Actions to build and deploy a Python application. The workflow includes a job that runs on a self-hosted runner. You need to ensure that sensitive environment variables are not exposed in the workflow logs. What is the best approach?

Question 293easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You are configuring a continuous integration trigger in Azure Pipelines for a repository in Azure Repos. You want to trigger a build for all branches except the 'release' branch. How should you configure the trigger?

Question 294mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO actions should you take to implement a gated deployment strategy in Azure Pipelines?

Question 295hardmulti select
Read the full Design and implement build and release pipelines explanation →

Which THREE options are valid strategies for implementing progressive exposure in Azure Pipelines?

Question 296mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO tools can be used to manage feature flags in Azure DevOps pipelines?

Question 297mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses GitHub Actions for CI/CD. You need to ensure that secrets stored in GitHub repository secrets are not exposed in build logs. Which security practice should you implement?

Question 298easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You have an Azure DevOps pipeline that deploys to multiple environments. You need to ensure that approvals are required before production deployment. Which pipeline configuration should you use?

Question 299hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a multi-stage YAML pipeline in Azure DevOps that builds, tests, and deploys a .NET Core application. The pipeline must use a self-hosted agent pool for compliance. You need to minimize agent idle time while ensuring that the agent is always available for builds. What should you do?

Question 300mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You have a pipeline that uses Azure Repos Git. You need to enforce that all commits to the main branch are associated with a work item. Which branch policy should you enable?

Question 301hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your release pipeline uses deployment groups to deploy to Windows servers. You need to securely pass credentials to a script that runs on target machines. What is the recommended approach?

Question 302easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You need to configure a build pipeline that triggers only when changes are pushed to the 'release/*' branch. Which trigger configuration should you use?

Question 303mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses GitHub Actions. You need to create a reusable workflow that builds and tests a Node.js application. Which approach should you use to define the workflow?

Question 304hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You are deploying a multi-container application to Azure Kubernetes Service (AKS) using Azure Pipelines. You need to ensure that the deployment rollback automatically if the health checks fail. Which strategy should you implement?

Question 305easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You have a pipeline that builds a Docker image and pushes it to Azure Container Registry. You need to ensure that only the latest successful build image is tagged as 'latest'. Which tagging strategy should you use?

Question 306mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO practices should you adopt to improve the security of your Azure DevOps pipeline? (Choose two.)

Question 307hardmulti select
Read the full Design and implement build and release pipelines explanation →

Which THREE components are required to implement a GitHub Actions self-hosted runner on a Windows virtual machine? (Choose three.)

Question 308easymulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO features of Azure Pipelines help you manage build artifacts across stages? (Choose two.)

Question 309mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

The pipeline fails with the error 'The resource with name 'myregistry' could not be found'. What is the most likely cause?

Network Topology
az acr buildregistry myregistryimage myapp:$(Build.BuildId) .```azurecli```
Question 310hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

The pipeline fails because the artifact is empty. What is the most likely cause?

Exhibit

Refer to the exhibit. You have the following YAML pipeline snippet:

```yaml
jobs:
- job: Build
  steps:
  - task: DotNetCoreCLI@2
    inputs:
      command: 'build'
      projects: '**/*.csproj'
  - task: PublishBuildArtifacts@1
    inputs:
      PathtoPublish: '$(Build.ArtifactStagingDirectory)'
      ArtifactName: 'drop'
```
Question 311mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

What is the most likely cause of this error?

Exhibit

Refer to the exhibit. You have the following Azure Key Vault secret reference in your pipeline:

```yaml
variables:
- group: my-variable-group
- name: mySecret
  value: $(myKeyVaultSecret)
```

And the variable group is linked to an Azure Key Vault. The pipeline fails with the error 'Secret myKeyVaultSecret not found'.
Question 312easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team is using YAML pipelines in Azure DevOps and wants to ensure that a specific stage runs only for changes to the 'main' branch. Which condition should you add to the stage?

Question 313mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a multi-stage YAML pipeline that deploys to multiple environments. You need to ensure that the pipeline can be triggered manually for a specific stage without running previous stages. Which feature should you use?

Question 314hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses GitHub Actions for CI/CD. You need to implement a deployment strategy where a new version of the application is gradually shifted from the stable environment to a canary environment, and if health checks pass, the traffic is fully shifted to the canary. Which GitHub Actions deployment strategy should you use?

Question 315mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure Pipelines to build a .NET application. You notice that the build takes 15 minutes because of dependency restoration. You want to cache the NuGet packages to speed up subsequent builds. Which task should you add to your pipeline?

Question 316hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure Pipelines with Microsoft-hosted agents. You need to ensure that sensitive variables like API keys are securely passed to build tasks, but not exposed in logs. Which approach should you use?

Question 317easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses GitHub Actions and needs to enforce that all workflows pass required checks before a pull request can be merged. Which GitHub feature should you configure?

Question 318mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a release pipeline for a containerized application deployed to Azure Kubernetes Service (AKS). You want to implement a strategy where the new version is deployed to a small subset of pods first, and if healthy, gradually rolled out to all pods. Which Kubernetes deployment strategy should you use?

Question 319hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your Azure Pipeline builds a Docker image and pushes it to Azure Container Registry (ACR). You need to ensure that the image is scanned for vulnerabilities before being pushed. Which task should you add to the pipeline?

Question 320mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure Pipelines and wants to automatically create a release every time a build succeeds on the main branch. Which trigger should you configure?

Question 321mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO actions can you take to improve the security of secrets in Azure Pipelines? (Choose two.)

Question 322hardmulti select
Read the full Design and implement build and release pipelines explanation →

Which THREE are valid deployment strategies supported by Azure Pipelines and GitHub Actions? (Choose three.)

Question 323easymulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO are valid ways to trigger a pipeline in Azure Pipelines? (Choose two.)

Question 324easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. The pipeline will trigger when changes are pushed to which branches?

Exhibit

Refer to the exhibit.

```yaml
# azure-pipelines.yml
trigger:
  branches:
    include:
      - main
      - release/*
  paths:
    exclude:
      - docs/*
```
Question 325mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. You are reviewing an ARM template used in an Azure Pipeline deployment. Which security concern should you address?

Exhibit

Refer to the exhibit.

```json
{
  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "location": {
      "type": "string",
      "defaultValue": "[resourceGroup().location]"
    },
    "vmName": {
      "type": "string"
    }
  },
  "resources": [
    {
      "type": "Microsoft.Compute/virtualMachines",
      "apiVersion": "2021-03-01",
      "name": "[parameters('vmName')]",
      "location": "[parameters('location')]",
      "properties": {
        "hardwareProfile": {
          "vmSize": "Standard_DS2_v2"
        },
        "osProfile": {
          "computerName": "[parameters('vmName')]",
          "adminUsername": "azureuser",
          "adminPassword": "P@ssw0rd123!"
        }
      }
    }
  ]
}
```
Question 326hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. The workflow runs successfully but the deployment fails because the Azure CLI is not authenticated. What should you add to the workflow to authenticate?

Network Topology
az webapp deployresource-group myRGname myAppsrc-path ./app.zipRefer to the exhibit.```yaml# .github/workflows/deploy.ymlname: Deployon:push:branches:- mainjobs:deploy:runs-on: ubuntu-latestenvironment: productionsteps:- uses: actions/checkout@v2- name: Deploy to Azurerun: |```
Question 327hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization has a multi-stage YAML pipeline that builds and deploys a containerized application to Azure Kubernetes Service (AKS). The pipeline uses environment approvals for the production stage. You need to ensure that the container image deployed to production is the same as the one that passed all previous stages. Which strategy should you implement?

Question 328mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You are configuring a release pipeline that deploys to multiple environments. You want to automate the deployment to the staging environment only if the build succeeds, and then require manual approval before deploying to production. Which strategy should you use?

Question 329easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure Repos and wants to trigger a pipeline automatically when a pull request is created targeting the main branch. The pipeline should run validations and report the status to the PR. Which trigger type should you configure?

Question 330hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your pipeline builds a .NET application and runs unit tests. You notice that the pipeline takes too long because it restores NuGet packages on every run. You want to cache the NuGet packages to speed up subsequent builds. Which task should you use?

Question 331mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses GitHub Actions for CI/CD. You need to ensure that secrets used in workflows are not exposed in logs. What should you do?

Question 332easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a build pipeline for a Java application that uses Maven. You want to publish the compiled JAR file as a build artifact. Which task should you use?

Question 333mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your Azure DevOps pipeline deploys a web app to Azure App Service using a YAML pipeline. The deployment fails intermittently with the error 'Conflict' when updating deployment slots. What is the most likely cause?

Question 334hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses a monorepo in Azure Repos with multiple projects. You want to trigger a pipeline only when changes are made to a specific subfolder. Which configuration should you use?

Question 335easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You are creating a release pipeline that uses Azure Pipelines to deploy to multiple virtual machines. You need to ensure that the deployment runs on each machine in parallel. Which deployment strategy should you use?

Question 336hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. You have a YAML pipeline with the variables shown. What will be the value of $(Build.BuildNumber) on the first run?

Exhibit

{
  "variables": {
    "buildConfiguration": "Release",
    "majorVersion": 1,
    "minorVersion": 0,
    "revision": $[counter(variables['minorVersion'], 0)]
  },
  "steps": [
    {
      "script": "echo $(Build.BuildNumber)"
    }
  ]
}
Question 337mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. You have a YAML pipeline that references a repository resource with a tag. When will this pipeline trigger?

Exhibit

```json
{
  "resources": {
    "repositories": [
      {
        "repository": "myrepo",
        "type": "git",
        "name": "MyProject/myrepo",
        "ref": "refs/tags/v1.0"
      }
    ]
  },
  "trigger":
  [
    "main"
  ]
}```
Question 338easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. The pipeline uses a variable group 'ReleaseVariables' that contains a variable named 'EnvironmentName' with value 'Staging'. What environment will the deployment target?

Exhibit

```
variables:
  - group: ReleaseVariables
  - name: EnvironmentName
    value: Production

stages:
- stage: Deploy
  jobs:
  - deployment: DeployWeb
    environment:
      name: $(EnvironmentName)
      resourceType: VirtualMachine
```
Question 339mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO actions should you take to ensure that a build pipeline fails if code coverage drops below 80%?

Question 340hardmulti select
Read the full Design and implement build and release pipelines explanation →

Which THREE components are required to implement a self-hosted agent pool in Azure Pipelines?

Question 341easymulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO strategies can you use to manage secrets in Azure Pipelines securely?

Question 342mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a build pipeline for a Java application hosted in Azure Repos. The pipeline needs to run unit tests, package the application as a JAR file, and publish the build artifact. Which task should you use to publish the JAR file as a pipeline artifact?

Question 343hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your release pipeline deploys a .NET Core web app to Azure App Service using a slot swap strategy. The pipeline runs acceptance tests on the staging slot before swapping. After a recent change, the acceptance tests pass but the production site becomes unresponsive after the swap. What is the most likely cause?

Question 344easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You have a multi-stage YAML pipeline that builds and deploys a Node.js application. You want to ensure that the build stage runs only when changes are made to the 'src' folder. Which trigger configuration should you use?

Question 345mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses GitHub for source control and Azure Pipelines for CI/CD. You need to implement a policy that requires all pull requests to pass a status check before merging. The status check should be provided by a pipeline that runs when a pull request is created. Which type of trigger should you configure in the pipeline YAML?

Question 346hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You are implementing a release pipeline for a containerized application using Azure Kubernetes Service (AKS). The pipeline should use canary deployments to gradually shift traffic from the stable version to the new version. Which strategy should you use to manage the traffic shift?

Question 347mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your pipeline uses the DotNetCoreCLI task to build a .NET Core application. You need to ensure that the build produces a self-contained deployment (SCD) for a Linux target. Which argument should you pass to the 'arguments' input of the task?

Question 348easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You have a YAML pipeline that builds a Docker image and pushes it to Azure Container Registry (ACR). You need to dynamically set the image tag based on the build number. Which predefined variable should you use?

Question 349hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You are troubleshooting a release pipeline that deploys an ARM template to Azure. The deployment fails with the error 'The subscription '...' could not be found.' The service connection used has Contributor permissions on the subscription. The pipeline runs successfully from the Azure DevOps portal when triggered manually. What is the likely cause?

Question 350mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses Azure Pipelines and requires that all builds be run on Microsoft-hosted agents to reduce maintenance overhead. However, you need to ensure that the build agent has a specific version of Node.js installed that is not available on the standard Microsoft-hosted agents. What should you do?

Question 351mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO conditions must be met to use the 'Approvals and gates' feature in a release pipeline? (Choose two.)

Question 352hardmulti select
Read the full Design and implement build and release pipelines explanation →

Which THREE factors should you consider when designing a strategy for managing secrets in Azure Pipelines? (Choose three.)

Question 353easymulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO are valid types of triggers for a YAML pipeline in Azure Pipelines? (Choose two.)

Question 354hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You are the DevOps lead for a large enterprise that uses GitHub for source control and Azure Pipelines for CI/CD. The organization has hundreds of repositories, each with its own pipeline. Recently, the security team mandated that all pipelines must use a centralized set of tasks for secret scanning and compliance checks before any deployment. You need to design a solution that enforces these mandatory tasks across all pipelines without modifying each pipeline individually. The solution should allow pipeline authors to add their own custom steps after the mandatory steps. The mandatory steps must be versioned and updated centrally. You also need to ensure that the mandatory steps are not bypassed by pipeline authors. What should you do?

Question 355mediummultiple choice
Read the full NAT/PAT explanation →

Your team uses Azure Pipelines to build a .NET Core application. The build runs successfully on Windows agents, but you need to also run the build on Linux agents to validate cross-platform compatibility. The pipeline currently has a single `windows-latest` agent pool. What is the most efficient way to run the build on both platforms without duplicating the entire pipeline?

Question 356hardmultiple choice
Read the full NAT/PAT explanation →

You are designing a release pipeline for a mission-critical application that must achieve zero-downtime deployments to Azure App Service (Web App for Containers). The application uses Azure SQL Database with schema migrations. The current deployment slot strategy uses staging and production slots. You need to ensure that during a swap, the staging slot is warmed up and the database schema is rolled back if the swap fails. Which combination of deployment slots and pre/post-swap actions should you implement?

Question 357easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your build pipeline uses a hosted agent. You need to securely pass a connection string to a deployment task. The connection string contains a password. What is the recommended approach to store and use this secret in Azure Pipelines?

Question 358mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. You have this Azure Pipelines YAML definition. The pipeline runs manually, but you want it to automatically trigger on every push to the main branch and also build pull requests targeting main. Which change should you make?

Network Topology
"arguments": "configuration $(buildConfiguration)""triggers": ["none"],"pr": ["none"],"variables": {"buildConfiguration": "Release"},"stages": ["stage": "Build","jobs": ["job": "BuildJob","pool": {"vmImage": "ubuntu-latest""steps": ["task": "DotNetCoreCLI@2","displayName": "Build","inputs": {"command": "build",
Question 359hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure Pipelines to deploy a microservices application to Azure Kubernetes Service (AKS). Each microservice has its own pipeline that builds a Docker image and deploys it to a shared AKS cluster. The deployment must support rolling updates with zero downtime. You need to ensure that if a deployment fails (e.g., health check fails), the pipeline automatically rolls back to the previous version. Which deployment strategy should you implement in the pipeline?

Question 360easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You are configuring a release pipeline that deploys to multiple environments (dev, test, prod). You want to ensure that the same build artifact is deployed to each environment without rebuilding. Which type of trigger should you use for the release pipeline?

Question 361mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your build pipeline uses a self-hosted agent in your on-premises network. The agent pool is configured to use the 'latest' agent version. Recently, a new version of the Azure Pipelines agent was released, and your builds started failing because the new agent requires .NET 6.0, which is not installed on the agent machine. What is the best way to prevent this issue in the future?

Question 362hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a release pipeline for a multi-tenant SaaS application that is deployed to Azure App Service. Each tenant has its own App Service instance. The pipeline must deploy a new version of the application to a staging slot for each tenant, run smoke tests, and then swap the staging slot to production. You need to ensure that if the smoke tests fail for any tenant, the swap is not performed for that tenant, while other tenants continue. Which release pipeline configuration should you use?

Question 363easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses GitHub Actions for CI/CD. You want to automatically deploy to Azure App Service whenever a pull request is merged to the main branch. Which event trigger should you use in the GitHub Actions workflow?

Question 364mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO actions should you take to protect sensitive information (e.g., API keys, passwords) in Azure Pipelines? (Choose two.)

Question 365hardmulti select
Read the full Design and implement build and release pipelines explanation →

Which THREE conditions must be met for you to use the 'Approvals' feature in Azure Pipelines to control deployments to a production environment? (Choose three.)

Question 366mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO are valid strategies for reducing build times in Azure Pipelines? (Choose two.)

Question 367hardmulti select
Read the full Design and implement build and release pipelines explanation →

Which THREE are benefits of using 'Environment' resources in YAML pipelines compared to classic release pipelines? (Choose three.)

Question 368hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses a monorepo in Azure Repos containing multiple microservices. You need to design a build pipeline that only builds and tests the services that have changed in a given commit, to optimize build times. The pipeline must trigger on any push to any branch, but only the affected services should be built. You also need to ensure that dependent services are rebuilt if their dependencies change. The services are located in subdirectories: /services/serviceA, /services/serviceB, etc. Each service has a Dockerfile and a unit test project. You plan to use a script to determine which services changed. Which approach should you use to implement this pipeline?

Question 369mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You are setting up a release pipeline for an ASP.NET Core application that is deployed to Azure App Service (Windows). The application uses Entity Framework Core for database migrations. You need to automate the execution of database migrations during deployment, ensuring that the migrations run only once and that the application is not started until the migration completes. You also need to handle rollback in case the migration fails. The pipeline should deploy to staging slot, run migrations, swap to production, and then run post-swap migrations if needed. Currently, the pipeline deploys the code and then runs a script to execute 'dotnet ef database update'. However, during swap, the staging slot's migrations may conflict with production. What is the recommended architecture for handling database migrations with zero-downtime deployment?

Question 370mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure Pipelines with GitHub for source control. You need to ensure that whenever a pull request is created against the main branch, a validation build runs automatically. Which YAML trigger should you configure in the pipeline?

Question 371hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a release pipeline for a microservices application deployed to Azure Kubernetes Service (AKS). You need to implement a strategy that minimizes downtime during updates by gradually shifting traffic to the new version while monitoring for errors. Which deployment strategy should you use?

Question 372easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your build pipeline uses a self-hosted agent that runs on a Windows machine. The pipeline fails with the error: 'The task 'DotNetCoreCLI' is not supported on this agent.' What is the most likely cause?

Question 373mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You maintain a classic release pipeline that deploys to multiple environments. You need to ensure that a deployment to the Production environment only proceeds after a manual approval from a specific group of users. Which feature should you configure?

Question 374hardmultiple choice
Read the full NAT/PAT explanation →

Refer to the exhibit. You have a YAML pipeline with the above steps. The pipeline publishes a web app and deploys to Azure App Service. The deployment fails with error: 'Could not find the package in the specified path.' What is the most likely cause?

Exhibit

{
  "steps": [
    {
      "task": "DotNetCoreCLI@2",
      "inputs": {
        "command": "publish",
        "publishWebProjects": true,
        "zipAfterPublish": true
      }
    },
    {
      "task": "AzureWebApp@1",
      "inputs": {
        "azureSubscription": "MyServiceConnection",
        "appType": "webApp",
        "appName": "myapp",
        "package": "$(System.DefaultWorkingDirectory)/**/*.zip"
      }
    }
  ]
}
Question 375easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses GitHub Actions for CI/CD. You need to ensure that secrets are securely passed to workflows without being exposed in logs. What should you use?

Question 376mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You have a multi-stage YAML pipeline that builds and deploys a Java application. The pipeline runs on a Microsoft-hosted agent. The build stage fails intermittently with 'OutOfMemoryError: Java heap space'. What should you do to resolve this issue?

Question 377hardmultiple choice
Review the full routing breakdown →

You are designing a release strategy for a critical application that must maintain high availability. You decide to use Azure Traffic Manager to route traffic between deployments in two Azure regions. Your release pipeline deploys the application to the secondary region first, then switches Traffic Manager priority to route traffic to the secondary region while the primary region is updated. This strategy is known as:

Question 378easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure Pipelines for CI/CD. You want to enforce that every build produces a versioned artifact that includes the Git commit ID. Which predefined variable should you use to get the commit ID in a YAML pipeline?

Question 379hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. You are creating an ARM template to deploy an App Service and its Application Insights configuration. The template fails to deploy with error: 'The resource 'Microsoft.Insights/components/...' is not defined in the template.' What is the most likely cause?

Exhibit

{
  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "resources": [
    {
      "type": "Microsoft.Web/sites/config",
      "apiVersion": "2021-02-01",
      "name": "[concat(parameters('siteName'), '/appsettings')]",
      "properties": {
        "APPINSIGHTS_INSTRUMENTATIONKEY": "[reference(resourceId('Microsoft.Insights/components', parameters('insightsName')), '2020-02-02').InstrumentationKey]"
      }
    }
  ]
}
Question 380mediummulti select
Read the full Design and implement build and release pipelines explanation →

Your team is adopting Azure Pipelines for a new project. You need to ensure that only authorized users can approve releases to production. Which two methods can you use to implement approval checks?

Question 381hardmulti select
Read the full Design and implement build and release pipelines explanation →

You are designing a YAML pipeline that builds a .NET application and publishes it as a NuGet package to Azure Artifacts. Which three tasks should you include in the build stage?

Question 382easymulti select
Read the full Design and implement build and release pipelines explanation →

Your organization uses GitHub Actions for CI/CD. You need to ensure that workflows are only triggered when changes are pushed to the main branch or when a pull request is opened against main. Which two trigger types should you specify in the workflow?

Question 383hardmultiple choice
Read the full NAT/PAT explanation →

You are a DevOps engineer at a large enterprise that develops a cloud-native application using microservices architecture. The application consists of 15 microservices, each stored in a separate GitHub repository. Your team uses GitHub Actions for CI/CD and Azure Kubernetes Service (AKS) for production. The current deployment process is manual and error-prone. You need to design an automated CI/CD pipeline that supports the following requirements:

1. Each microservice must have its own build and test pipeline triggered on pull requests and merges to the main branch. 2. Upon merging to main, a container image must be built, tagged with the Git commit SHA, and pushed to Azure Container Registry (ACR). 3. A separate release pipeline must deploy the updated images to AKS using a GitOps approach with Flux v2. 4. The release pipeline must support rolling back to a previous version quickly if a deployment fails. 5. The entire solution must be defined as code to ensure reproducibility.

Which approach should you recommend?

Question 384mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team is migrating from Jenkins to Azure Pipelines. You have a Jenkins pipeline that builds a Java application, runs unit tests, performs static code analysis with SonarQube, packages the application as a WAR file, and deploys to a Tomcat server. You need to replicate this pipeline in Azure Pipelines using YAML. The build and deployment must be triggered by commits to the main branch. You also need to ensure that the SonarQube analysis results are published to the SonarQube server and that the pipeline breaks if the quality gate fails. The Tomcat server is on-premises and requires a service connection. Which YAML pipeline structure should you use?

Question 385mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses a multi-stage YAML pipeline to build and deploy a .NET Core application. The build stage runs successfully, but the deployment to a Linux web app fails with an error indicating that the Kudu service cannot start because the startup command is missing. What is the most likely cause?

Question 386hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses GitHub Actions for CI/CD. You need to ensure that secrets stored in GitHub are not exposed in build logs. A developer accidentally printed a secret to the console in a workflow step. What built-in feature of GitHub Actions automatically prevents this?

Question 387easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You are configuring a release pipeline in Azure DevOps to deploy to multiple environments (dev, test, prod). You need to ensure that the production deployment requires manual approval from the release manager. What should you configure?

Question 388mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a build validation policy for a GitHub repository. You want to ensure that all pull requests pass a CI check before they can be merged. What should you configure?

Question 389easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your Azure Pipelines build takes 45 minutes. You want to reduce build time by caching dependencies. Which task should you add to the pipeline?

Question 390hardmultiple choice
Review the full routing breakdown →

You have a classic release pipeline that deploys to Azure App Service. You need to implement a canary deployment strategy where 10% of traffic is routed to the new version for 30 minutes before full rollout. What should you use?

Question 391mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure Pipelines for CI/CD. You need to enforce that all builds sign the assemblies with a code signing certificate stored in Azure Key Vault. What is the recommended approach?

Question 392easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You want to trigger a pipeline automatically when a new tag is pushed to a GitHub repository. Which trigger should you configure in the pipeline YAML?

Question 393mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO are benefits of using deployment groups in Azure Pipelines compared to using individual virtual machines?

Question 394hardmulti select
Read the full Design and implement build and release pipelines explanation →

Which THREE are valid strategies for managing configuration in a multi-environment CI/CD pipeline?

Question 395easymulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO tasks can be used to run unit tests in an Azure Pipeline?

Question 396hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You are a DevOps engineer for a large e-commerce company. The development team uses GitHub for source control and GitHub Actions for CI/CD. The application is a microservices architecture with 15 services, each in its own repository. You need to implement a continuous delivery pipeline that builds and deploys each service to a Kubernetes cluster in Azure (AKS). The pipeline must meet the following requirements: - Each service must have its own pipeline that triggers on pushes to the main branch. - Deployment to AKS must use Helm charts. - The pipeline must automatically increment the Helm chart version and update the deployment manifest in the repository. - Security scanning must be performed on container images before deployment. - The pipeline must support manual approval for production deployment. - All secrets (e.g., AKS credentials, registry credentials) must be stored securely and not exposed in logs. You need to design the workflow. What is the best course of action?

Question 397mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses Azure DevOps Server (on-premises) and is planning to migrate to Azure DevOps Services. You have hundreds of build and release pipelines. The migration must be done with minimal downtime and with validation that each pipeline works after migration. You have a test collection of 20 critical pipelines that must be validated first. What is the best approach?

Question 398easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You are setting up a build pipeline for a Node.js application that uses npm for package management. The pipeline should restore npm packages on every build, but you want to leverage caching to speed up the process. The pipeline runs on a Microsoft-hosted agent. You also need to ensure that the build fails if any npm audit vulnerabilities are found. Which tasks and configuration should you use?

Question 399easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure Pipelines for CI/CD. You need to ensure that only approved branches can trigger production deployments. Which feature should you use?

Question 400mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a release pipeline for a microservices application. Each service must be deployed independently with zero downtime. Which deployment strategy should you recommend?

Question 401hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. Your team uses a classic build pipeline. You notice that test assemblies are not being found during the Test phase. Which change resolves the issue?

Exhibit

{
  "triggers": ["master", "develop"],
  "phases": [
    {
      "phase": "Build",
      "steps": [
        {
          "task": "DotNetCoreCLI@2",
          "inputs": {
            "command": "build",
            "projects": "**/*.csproj"
          }
        }
      ]
    },
    {
      "phase": "Test",
      "steps": [
        {
          "task": "VSTest@2",
          "inputs": {
            "testSelector": "testAssemblies",
            "testAssemblyVer2": "**\\*test*.dll",
            "searchFolder": "$(System.DefaultWorkingDirectory)"
          }
        }
      ]
    }
  ]
}
Question 402easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team needs to automatically run a pipeline whenever a pull request is created in GitHub. Which trigger should you configure in Azure Pipelines?

Question 403mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You have a multi-stage YAML pipeline that deploys to Azure App Service. The deployment to the production stage should only proceed if a manual approval is granted. How should you configure this?

Question 404hardmultiple choice
Read the full NAT/PAT explanation →

You are designing a build pipeline that must run on Microsoft-hosted agents. The pipeline has a dependency on a native library that is not pre-installed. You want to minimize pipeline duration. Which approach should you use?

Question 405easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses Azure DevOps and GitHub. You need to ensure that secrets such as API keys are not exposed in pipeline logs. What should you do?

Question 406mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team is adopting Infrastructure as Code (IaC) using Bicep. You need to validate the Bicep file syntax and run pre-deployment checks as part of the build pipeline. Which task should you use?

Question 407hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You manage a release pipeline that deploys to multiple environments. The pipeline uses variables that differ per environment. You want to avoid duplicating variable definitions. Which strategy should you use?

Question 408mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO features can you use to enforce quality gates before a production deployment in Azure Pipelines?

Question 409hardmulti select
Read the full Design and implement build and release pipelines explanation →

Which THREE steps should you take to implement a secure CI/CD pipeline that uses secrets from Azure Key Vault?

Question 410easymulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO practices help you manage build artifacts efficiently in Azure Pipelines?

Question 411hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses GitHub for source control and Azure Pipelines for CI/CD. You have a monorepo with multiple projects. You need to design a pipeline that only builds and tests the projects that have changed in each commit. You want to minimize build time and avoid unnecessary runs. The pipeline should also handle dependencies between projects. Which approach should you use?

Question 412mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team deploys a web application to Azure App Service using Azure Pipelines. The application requires a configuration file that contains connection strings and app settings. You need to ensure that the configuration is environment-specific and that sensitive values are not exposed in the pipeline logs. The configuration file is stored in a Git repository with different branches for each environment. You also need to support local development with the same configuration approach. Which strategy should you use?

Question 413easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You are responsible for a release pipeline that deploys a containerized application to Azure Kubernetes Service (AKS). The pipeline currently builds and pushes a Docker image to Azure Container Registry (ACR) and then updates the Kubernetes manifest. You need to implement a rollback strategy in case the deployment fails. The rollback should revert to the previous known good version of the application. Which approach should you use?

Question 414mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure DevOps for CI/CD. You want to ensure that only code from the main branch is deployed to production. The release pipeline has a pre-deployment condition that requires approval. However, you notice that a release created from a feature branch was approved and deployed. What is the most likely cause?

Question 415hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses GitHub Actions for CI/CD. You need to ensure that secrets stored in GitHub are not exposed in logs. A developer reports that a secret value appeared in the workflow run log. What is the most likely reason?

Question 416easymultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a release pipeline for a .NET application. The pipeline must deploy to multiple environments (Dev, Test, Prod) with manual approval at each stage. Which release trigger should you configure for the production stage?

Question 417mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your build pipeline uses a Microsoft-hosted agent. The pipeline fails intermittently with 'Error: No space left on device'. What is the most effective solution?

Question 418hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your release pipeline uses deployment groups to deploy to on-premises servers. You want to ensure that only one deployment runs at a time on each server. Which option should you configure?

Question 419mediummulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO tasks can be used to deploy an Azure Web App using YAML pipelines in Azure DevOps?

Question 420hardmulti select
Read the full Design and implement build and release pipelines explanation →

Which THREE features are available in GitHub Actions for managing secrets across environments?

Question 421easymulti select
Read the full Design and implement build and release pipelines explanation →

Which TWO triggers can be used to start a release pipeline in Azure DevOps?

Question 422hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your company uses Azure DevOps for CI/CD. You have a YAML build pipeline that builds a .NET Core application and publishes artifacts. The build runs on a Microsoft-hosted agent. Recently, the build started failing with the error 'The process cannot access the file because it is being used by another process.' This occurs intermittently during the 'dotnet build' step. The pipeline uses multiple jobs that run in parallel. You suspect that one job is interfering with another because they share the same workspace on the agent. You need to ensure that each job runs in its own isolated workspace. What should you do?

Question 423mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses GitHub Actions for CI/CD. You have a workflow that builds and deploys a Node.js application to Azure App Service. The workflow uses the 'azure/webapps-deploy@v2' action. You notice that the deployment often fails with a 403 error during the 'Deploy to Azure' step. The error message indicates that the publish profile credentials are invalid. You have stored the publish profile as a secret in the repository. The secret name is AZURE_WEBAPP_PUBLISH_PROFILE. The workflow step uses the secret correctly. However, the secret value might have been rotated. You need to ensure that the deployment works reliably. What should you do?

Question 424easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses Azure DevOps. You have a classic release pipeline that deploys to multiple stages: Dev, QA, and Prod. Each stage has a pre-deployment approval gate. Recently, the QA team complained that they are not receiving approval notifications. You have verified that the approval configuration is correct and the approvers are members of the 'QA Approvers' group. The release pipeline is set to send email notifications to the approvers. However, the QA approvers report they do not receive any emails when a release is pending their approval. What should you check first?

Question 425mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your company uses Azure DevOps for CI/CD. You have a build pipeline that compiles a C++ application and runs unit tests. The pipeline uses a Microsoft-hosted agent. The build takes approximately 45 minutes to complete. You want to reduce the build time. You notice that the pipeline downloads dependencies from a NuGet feed every time. You have a private NuGet feed in Azure Artifacts. The pipeline restores packages using 'nuget restore'. You want to cache the NuGet packages on the agent to avoid downloading them on every build. What should you do?

Question 426hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses GitHub Actions to deploy a microservices application to a Kubernetes cluster. The workflow builds Docker images and pushes them to a container registry, then updates the Kubernetes deployment. The deployment often fails due to image pull errors, specifically 'ErrImagePull' and 'ImagePullBackOff'. You investigate and find that the image tag in the Kubernetes manifest is the commit SHA. The workflow uses the 'azure/k8s-deploy@v1' action. You suspect that the image is not being pulled because the registry credentials are not properly configured. You have stored the registry credentials as secrets. What is the most likely cause and solution?

Question 427mediummulti select
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure Pipelines to build a .NET application. You need to implement a secure build pipeline that meets the following requirements: - Secrets must be injected at build time without being exposed in logs or YAML files. - The build must use Microsoft-hosted agents. - All builds must be auditable. Which TWO actions should you take? (Choose two.)

Question 428mediummulti select
Read the full Design and implement build and release pipelines explanation →

You manage a release pipeline for a Java application that is deployed to Azure App Service. The pipeline currently uses manual approval gates. You need to implement automated quality gates to reduce manual intervention. Which THREE conditions can you use in the 'Post-deployment approvals' settings of a release pipeline? (Choose three.)

Question 429hardmulti select
Read the full Design and implement build and release pipelines explanation →

Your organization uses GitHub Actions for CI/CD. You need to enforce branch protection rules and ensure that all pull requests to the main branch require a successful status check from a specific workflow. Which TWO actions should you take? (Choose two.)

Question 430hardmultiple choice
Open the full VLAN trunking answer →

Your company develops a microservices-based application deployed on Azure Kubernetes Service (AKS). The CI/CD pipeline uses Azure Pipelines. The development team has recently adopted a trunk-based development strategy where all feature work is done on short-lived branches that merge to main at least daily. The release pipeline must automatically deploy to a development environment on each commit to main, and to a staging environment after a manual approval. The staging environment is used for integration tests and must remain stable. You need to design the release pipeline strategy to support this workflow. What should you do?

Question 431easymultiple choice
Study the full Python automation breakdown →

You are designing a build pipeline for a Python application that uses multiple third-party packages from the public PyPI repository. Your organization has security policies that require all build dependencies to be scanned for known vulnerabilities before being used. The build pipeline runs on Microsoft-hosted agents. You need to integrate vulnerability scanning into the build pipeline with minimal overhead and without storing credentials in the pipeline. What should you do?

Question 432mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure DevOps to manage a monolithic .NET Framework application that is deployed to on-premises Windows servers. You plan to modernize the application by containerizing it and moving it to Azure Kubernetes Service (AKS). The existing build pipeline uses the .NET Framework build task and MSBuild. The release pipeline uses WinRM-based deployment to copy files to on-premises servers. You need to design a new CI/CD pipeline that builds a Docker image, pushes it to Azure Container Registry (ACR), and deploys it to AKS. Your solution should minimize changes to the existing codebase and leverage Azure Pipelines. What should you do?

Question 433hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses GitHub Flow for source control with a monorepo containing multiple microservices. Each microservice has its own build and test workflow. You need to design a CI/CD strategy that builds and tests only the services affected by a pull request to reduce build times and resource usage. You also need to ensure that all pull requests to the main branch pass required checks before merging. What should you implement?

Question 434mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team is using Azure Pipelines to deploy a web application to Azure App Service. The application uses a configuration file (appsettings.json) that contains environment-specific settings. You need to manage these settings across development, staging, and production environments without exposing secrets in the source code. The pipeline should automatically replace the settings during deployment. What should you configure?

Question 435easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your company uses GitHub Actions for CI/CD. The development team wants to automatically create a new GitHub release with release notes whenever a pull request is merged to the main branch. The release notes should include a list of all merged pull requests since the last release. You need to implement this automation. What should you do?

Question 436mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You are responsible for managing build pipelines in Azure DevOps for a large .NET solution that consists of multiple projects. The build takes approximately 45 minutes, which is too long. The solution has unit tests and integration tests. The integration tests require a database that is provisioned during the build. You need to reduce the build time while maintaining code quality. What should you do?

Question 437hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses Azure DevOps Server (on-premises) and plans to migrate to Azure DevOps Services. You have hundreds of classic build and release pipelines. You need to design a migration strategy that minimizes downtime and allows for a gradual transition. The team wants to use the new YAML-based pipelines after migration. What should you do?

Question 438easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure Pipelines to build a Node.js application. The build pipeline runs linting, unit tests, and creates a production build. You want to ensure that the pipeline fails if the test coverage drops below 80%. You need to implement this check. What should you do?

Question 439mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses GitHub Actions for CI/CD. You have a workflow that deploys to Azure App Service. The deployment uses a publish profile secret stored as a GitHub secret. You want to improve security by using OpenID Connect (OIDC) to authenticate to Azure without storing secrets. What should you do?

Question 440hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure Pipelines to deploy a multi-tier application to Azure. The application consists of a web frontend, an API backend, and a database. You need to deploy the database schema changes using a DACPAC file. The deployment should be idempotent and support rollback. You must use the Azure SQL Database deployment task. What should you do?

Question 441easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses Azure Pipelines and wants to implement a continuous feedback loop by collecting user analytics from the production environment and automatically creating work items in Azure Boards for critical issues. You need to design a solution that integrates monitoring data with the pipeline. What should you do?

Question 442easymulti select
Read the full Design and implement build and release pipelines explanation →

You are designing a build pipeline for a .NET Core application. The pipeline must run on a self-hosted agent in a private network without internet access. Which TWO actions are required to ensure the build can download NuGet packages?

Question 443mediummulti select
Read the full Design and implement build and release pipelines explanation →

Your release pipeline deploys a web app to Azure App Service. You need to implement safe deployment practices that minimize downtime and enable quick rollback. Which THREE strategies should you recommend?

Question 444hardmulti select
Read the full Design and implement build and release pipelines explanation →

Your team uses GitHub Actions to build a multi-container application. The build must produce container images that are scanned for vulnerabilities and signed. Which THREE actions are required in the workflow?

Question 445easymulti select
Read the full Design and implement build and release pipelines explanation →

You are configuring a YAML pipeline in Azure Pipelines. The pipeline must trigger only when changes are pushed to the main branch. Which TWO settings should you configure?

Question 446hardmulti select
Read the full Design and implement build and release pipelines explanation →

Your release pipeline uses a deployment group to deploy to multiple on-premises servers. You need to ensure that only healthy servers receive the deployment and that deployment history is retained. Which THREE actions should you include?

Question 447mediummulti select
Read the full Design and implement build and release pipelines explanation →

You are designing a multi-stage YAML pipeline for an application that requires approval for production deployment. The pipeline must run automatically for non-production stages. Which TWO configurations should you use?

Question 448hardmulti select
Read the full Design and implement build and release pipelines explanation →

Your team uses Azure Pipelines to build a Java application. The build must produce a JAR file and publish it as a pipeline artifact. Which THREE steps should be included in the build pipeline?

Question 449easymultiple choice
Read the full NAT/PAT explanation →

Your company is migrating from on-premises Jenkins to Azure Pipelines. You have a Jenkins pipeline that builds a C++ application using MSBuild. The build environment requires specific Visual Studio components and SDKs. You need to set up a build agent in Azure Pipelines that matches the Jenkins environment. You want to minimize administrative overhead and ensure the agent is always up to date with the latest patches. What should you do?

Question 450mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

You are implementing a release pipeline for a web application deployed to multiple Azure App Service instances across different regions (West US, East US, and North Europe). The deployment must follow a phased rollout: first West US, then East US, then North Europe, with a manual approval gate between each region. Each region should have its own slot for staging and production. You need to design the pipeline to minimize duplication of stages and tasks. What should you do?

Question 451hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team uses GitHub Actions to build and deploy a Node.js application to Azure Functions. You need to implement a CI/CD pipeline that automatically deploys to a staging environment on every push to the main branch, and then promotes to production after a manual approval via GitHub Environments. The pipeline must also run unit tests and linting. You want to use the official Azure actions. What should you do?

Question 452easymultiple choice
Read the full Design and implement build and release pipelines explanation →

Your organization uses Azure Repos for source control and Azure Pipelines for CI/CD. You need to implement a policy that ensures every commit to the main branch is built and passes all tests before it can be merged. The team uses feature branches for development. What is the most efficient way to enforce this?

Question 453mediummultiple choice
Read the full NAT/PAT explanation →

You are designing a release pipeline for a microservices application deployed to Azure Kubernetes Service (AKS). Each microservice has its own build pipeline that produces a container image. You need a single release pipeline that can deploy multiple microservices in a coordinated manner, but you want to avoid rebuilding the deployment pipeline for each microservice. The deployment should use Helm charts. What should you do?

Question 454hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Your team is adopting Infrastructure as Code (IaC) using Bicep. You have a multi-stage YAML pipeline that deploys Azure resources to dev, test, and prod environments. You need to ensure that the Bicep files are validated and deployed consistently, and that any changes to the infrastructure are approved for production. You also want to use the latest version of the Azure CLI task. What is the recommended approach?

Question 455mediummultiple choice
Study the full Python automation breakdown →

Your organization uses GitHub for source control and Azure Pipelines for CI/CD. You need to implement a pipeline that automatically builds and tests a Python application on every pull request to the main branch, but only if the pull request is from a fork. The pipeline must also publish test results as a build artifact. What should you do?

Question 456hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

You are designing a release pipeline for a critical business application that must adhere to strict compliance requirements. The pipeline must deploy to multiple environments (dev, test, staging, prod) with manual approvals required for staging and prod. Additionally, the pipeline must automatically run integration tests after deployment to dev and test, and only proceed to the next environment if tests pass. You need to implement this using Azure Pipelines YAML. What should you do?

Question 457hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. A developer queues a build manually but notices the build status remains 'notStarted' for an extended period. The pipeline has no demands and priority is normal. Which is the most likely cause?

Network Topology
az pipelines build queuedefinition-id 123branch mainvariables '{"BuildConfiguration":"Release"}'output json"buildNumber": "20250303.1","status": "notStarted","queueTime": "2025-03-03T10:00:00Z","definition": {"id": 123,"name": "MyPipeline"},"parameters": "{}","demands": [],"priority": "normal","reason": "manual","triggeredBy": {"displayName": "John Doe"
Question 458mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. A developer creates a pipeline with this YAML. When a commit is pushed to the 'main' branch of the repository 'MyProject/MyRepo', the pipeline does NOT trigger. Which is the most likely cause?

Exhibit

resources:
  repositories:
    - repository: internal
      type: git
      name: MyProject/MyRepo
      ref: refs/heads/main
      trigger:
        branches:
          include:
            - main
            - release/*

pool:
  vmImage: 'ubuntu-latest'

steps:
  - checkout: self
  - checkout: internal
  - script: echo "Building..."
Question 459hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. A build pipeline produces the above logs. Which change would resolve the build failure?

Network Topology
##[command]dotnet buildconfiguration Release##[command]dotnet testno-build##[section]Starting: Build...##[error]CSCerror CS0117:'MyClass' does not contain a definition for 'MyMethod' [D:\a\1\s\MyProject\MyProject.csproj]##[section]Finishing: Build##[section]Starting: Test##[warning]No test results found. Exiting.##[section]Finishing: Test
Question 460mediummultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. A release is created with the above command. The Dev environment starts deploying, but the Prod environment does not. Which is the most likely reason?

Network Topology
az pipelines release createdefinition-id 5description "Release v1.0"artifacts '{"build":{"buildId":123}}'output json"id": 45,"status": "inProgress","createdOn": "2025-03-03T12:00:00Z","modifiedBy": null,"releaseDefinition": {"id": 5,"name": "ReleasePipeline"},"environments": ["name": "Dev","preDeployApprovals": [],"deploySteps": []"name": "Prod","status": "notStarted",
Question 461hardmultiple choice
Read the full Design and implement build and release pipelines explanation →

Refer to the exhibit. A build pipeline uses this trigger configuration. A developer pushes a commit to the 'main' branch that modifies files in '/src/app/' and '/src/tests/'. How many builds will be triggered?

Exhibit

{
  "triggers": [
    {
      "branchFilters": ["main", "develop"],
      "paths": {
        "include": ["/src/*"],
        "exclude": ["/src/tests/*"]
      },
      "batchChanges": true,
      "maxConcurrentBuildsPerBranch": 1,
      "triggerType": "continuousIntegration"
    }
  ]
}

Practice tests

Scored 10-question sessions with instant feedback and explanations.

AZ-400 Practice Test 1 — 10 Questions→AZ-400 Practice Test 2 — 10 Questions→AZ-400 Practice Test 3 — 10 Questions→AZ-400 Practice Test 4 — 10 Questions→AZ-400 Practice Test 5 — 10 Questions→AZ-400 Practice Exam 1 — 20 Questions→AZ-400 Practice Exam 2 — 20 Questions→AZ-400 Practice Exam 3 — 20 Questions→AZ-400 Practice Exam 4 — 20 Questions→Free AZ-400 Practice Test 1 — 30 Questions→Free AZ-400 Practice Test 2 — 30 Questions→Free AZ-400 Practice Test 3 — 30 Questions→AZ-400 Practice Questions 1 — 50 Questions→AZ-400 Practice Questions 2 — 50 Questions→AZ-400 Exam Simulation 1 — 100 Questions→

Practice by domain

Each domain maps to a weighted exam section. Focus on the domain where you are weakest.

Configure processes and communicationsDesign and implement source controlDesign and implement build and release pipelinesDevelop a security and compliance planImplement an instrumentation strategyDesign and implement a DevOps infrastructureDesign and implement a source control strategy

Practice by scenario

Filter questions by type — troubleshooting, exhibit, drag-and-drop, PBQ, ACLs, OSPF, and more.

Browse scenarios→

Continue studying

All Design and implement build and release pipelines setsAll Design and implement build and release pipelines questionsAZ-400 Practice Hub