Crucial Exams

Microsoft DevOps Engineer Expert AZ-400 Practice Question

Your organization stores its source code in Azure DevOps Repos. You need the build stage of a new multi-language YAML pipeline to automatically scan every commit for secrets, vulnerable open-source dependencies, Infrastructure-as-Code misconfigurations, and other security issues. The solution must use a single task, output SARIF-formatted results, and break the build if any high-severity findings are detected, without requiring you to configure each scanner individually. Which task should you add to the pipeline?

  • Add an OWASP Dependency Check task to scan third-party libraries.

  • Add the MicrosoftSecurityDevOps@1 task from the Microsoft Security DevOps extension.

  • Add a Trivy@0 task to perform container image vulnerability scanning.

  • Add the CodeQLAnalysis@0 task and configure a CodeQL database for each language.

Microsoft DevOps Engineer Expert AZ-400
Develop a security and compliance plan
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot