You have app named App1. You have a Log Analytics workspace named Workspace1 that contains two tables named Events and Logs. App1 manage events in multiple locations and writes logs to Workspace1.
You need to query Workspace1 for all log entries related to Asia that occurred during the last two days.
In which order should you arrange the query statements?

Correct Answer:

Comment: *

Name: *

Email: *

Verification: *

You are defining release strategies for two applications as shown in the following table.

Which release strategy should you use for each application? To answer, drag the appropriate release strategies to the correct applications. Each release strategy may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Correct Answer:

Explanation

App1: Canary deployment
With canary deployment, you deploy a new application code in a small part of the production infrastructure.
Once the application is signed off for release, only a few users are routed to it. This minimizes any impact.
With no errors reported, the new version can gradually roll out to the rest of the infrastructure.
App2: Rolling deployment:
In a rolling deployment, an application's new version gradually replaces the old one. The actual deployment happens over a period of time. During that time, new and old versions will coexist without affecting functionality or user experience. This process makes it easier to roll back any new component incompatible with the old components.

Comment: *

Name: *

Email: *

Verification: *

You need to increase the security of your team's development process.
Which type of security tool should you recommend for each stage of the development process? To answer, drag the appropriate security toots to the correct stages. Each security tool may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content NOTE: Each correct selection is worth one point.

Correct Answer:

Explanation

Box 1: Threat modeling
Threat modeling's motto should be, "The earlier the better, but not too late and never ignore." Box 2: Static code analysis Validation in the CI/CD begins before the developer commits his or her code. Static code analysis tools in the IDE provide the first line of defense to help ensure that security vulnerabilities are not introduced into the CI/CD process.
Box 3: Penetration testing
Once your code quality is verified, and the application is deployed to a lower environment like development or QA, the process should verify that there are not any security vulnerabilities in the running application. This can be accomplished by executing automated penetration test against the running application to scan it for vulnerabilities.
References:
https://docs.microsoft.com/en-us/azure/devops/articles/security-validation-cicd-pipeline?view=vsts

Comment: *

Name: *

Email: *

Verification: *

Your company develops a client banking application that processes a large volume of data.
Code quality is an ongoing issue for the company. Recently, the code quality has deteriorated because of an increase in time pressure on the development team.
You need to implement static code analysis.
During which phase should you use static code analysis?

• A.build
• B.production release
• C.staging
• D.integration testing

Comment: *

Name: *

Email: *

Verification: *

You are configuring an Azure DevOps deployment pipeline. The deployed application will authenticate to a web service by using a secret stored in an Azure key vault.
You need to use the secret in the deployment pipeline.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Correct Answer:

Explanation
Creating a service principal
Creating a key vault
Check the Azure Pipeline

Comment: *

Name: *

Email: *

Verification: *