Microsoft DevOps Engineer Expert AZ-400 Practice Question
You are the lead DevOps engineer for an organization that uses both GitHub Enterprise Cloud and Azure DevOps Services. You have already purchased GitHub Advanced Security (GHAS) seats for your enterprise and installed the "Advanced Security for Azure DevOps" extension in your Azure DevOps organization. You want to start generating GHAS CodeQL, secret scanning, and dependency scanning alerts for all new and existing Azure DevOps repositories in a single project without requiring repository-level configuration.
Which action meets this requirement?
Install the GitHub Advanced Security CI/CD templates and call them from every pipeline in the project.
Add each repository in the project to Microsoft Defender for Cloud and enable DevOps Security.
Create a service connection that links the Azure DevOps project to the GitHub Enterprise Cloud organization where the GHAS licenses are managed.
Turn on Advanced Security at the Azure DevOps project level in Project settings → Repositories → Advanced Security.
For Azure DevOps, GHAS capabilities are surfaced by the "Advanced Security for Azure DevOps" extension, but the extension only makes the features available. They do not become active until you explicitly enable them for a project. Enabling Advanced Security at the project level automatically turns on CodeQL code scanning, secret scanning, and dependency (SBOM) analysis for every repository in that project and for any new repository that is created later. Repository-level enabling is optional once the project-wide switch is on. Installing the extension, adding service connections, or linking an Azure subscription are necessary prerequisites for billing and data-flow but do not by themselves activate scanning across the repos. GitHub Enterprise Cloud organization settings have no effect on Azure DevOps repositories.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is GitHub Advanced Security (GHAS) and how does it integrate with Azure DevOps?
Open an interactive chat with Bash
What is the purpose of CodeQL code scanning, and how does it help improve security?
Open an interactive chat with Bash
What is dependency scanning and why is it important for securing software projects?
Open an interactive chat with Bash
What is the role of the 'Advanced Security for Azure DevOps' extension?
Open an interactive chat with Bash
What does enabling Advanced Security at the project level achieve?
Open an interactive chat with Bash
How do CodeQL, secret scanning, and dependency scanning contribute to security?
Open an interactive chat with Bash
Microsoft DevOps Engineer Expert AZ-400
Develop a security and compliance plan
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .