Microsoft DevOps Engineer Expert AZ-400 Practice Question
You maintain an Azure DevOps project that uses Azure Repos Git. An external deployment-orchestration platform exposes an HTTPS endpoint that must be called automatically whenever a pull request is completed (merged) in the main branch. The platform validates requests by recalculating an HMAC using a shared secret that Azure DevOps must include in the X-Hub-Signature header. The solution must avoid any polling or scheduled jobs. Which Azure DevOps configuration should you implement to meet these requirements?
Create a Service Hook subscription that targets the Generic Web Hook consumer, select the Pull request merged event, and provide the shared secret.
Create an Azure Monitor alert rule on the repository and use a webhook action group to call the endpoint when the alert fires.
Set up a GitHub Actions workflow that listens for repository_dispatch events and invokes the external HTTPS endpoint.
Configure a Git push notification in Azure Repos and enable a continuous integration trigger in an Azure Pipeline that calls the endpoint.
A service hook subscription created from Azure DevOps is designed to push event data to external systems without polling. By selecting the Generic Web Hook consumer and the "Pull request merged" (part of the Pull request updated/merged event type) trigger, Azure DevOps will POST a JSON payload to the external HTTPS endpoint each time a pull request is completed. When you specify a secret on the subscription, Azure DevOps computes an HMAC of the payload body and places the result in the X-Hub-Signature header, enabling the external service to verify the message. The other options do not meet all requirements: a push-notification CI trigger only interacts with Azure Pipelines and does not deliver a signed webhook to the external system; configuring GitHub Actions is irrelevant because the repository is hosted in Azure Repos; Azure Monitor alert rules cannot directly subscribe to pull-request events in Azure Repos and therefore cannot guarantee the required signature or payload format.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a Service Hook subscription in Azure DevOps?
Open an interactive chat with Bash
How does the X-Hub-Signature header help with payload security?
Open an interactive chat with Bash
Why are Git push notifications or Azure Monitor alerts not sufficient in this scenario?
Open an interactive chat with Bash
Microsoft DevOps Engineer Expert AZ-400
Design and implement processes and communications
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .