Crucial Exams

Microsoft DevOps Engineer Expert AZ-400 Practice Question

You are integrating GitHub Advanced Security with Microsoft Defender for Cloud. The DevOps security connector for GitHub has been created and the Azure Security for GitHub app is installed with access to all repositories. In the organization-level Code security and analysis settings, only Dependabot alerts and Code scanning are currently enabled. Defender for Cloud is receiving vulnerability and code-quality findings but no secrets-related findings. What should you do to ensure secret-scanning alerts appear in Defender for Cloud?

  • Grant the Azure Security for GitHub app the Administration permission on each repository.

  • Enable Secret scanning - Push protection for the organization's private repositories.

  • Turn on Dependabot security updates for every repository.

  • Create branch protection rules that require successful code-scanning checks before merge.

Microsoft DevOps Engineer Expert AZ-400
Develop a security and compliance plan
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot