Microsoft Azure DevOps Solutions (AZ-400) Practice Exam

The Microsoft Azure DevOps Solutions (AZ-400) exam is currently in and will assess your ability to design and implement DevOps solutions on the Azure platform. While the complete details are still under development, here's what we know so far:

Who should consider this Exam:

• Azure DevOps Engineers and Architects: Deepen your expertise in designing and implementing secure and scalable DevOps solutions on Azure.
• Cloud Engineers and Administrators: Enhance your skills in automating infrastructure and application delivery using Azure DevOps tools and services.
• Software Developers: Gain valuable insights into DevOps practices and cloud development within the Azure ecosystem.
• Anyone seeking career advancement in Azure DevOps: Validate your expertise and stand out in the job market.

Key Responsibilities (as per available information):

• Design and implement DevOps pipelines: Build efficient CI/CD pipelines for continuous integration and delivery of applications.
• Manage source code and configuration: Utilize Azure Repos and other tools for version control and configuration management.
• Automate infrastructure provisioning and deployment: Leverage tools like Azure Resource Manager and Bicep for Infrastructure as Code (IaC).
• Implement security and compliance: Secure your DevOps pipelines and infrastructure using Azure security services and adhere to compliance requirements.
• Monitor and troubleshoot applications: Utilize monitoring and logging tools to ensure application performance and stability.

Exam Details (subject to change):

• Format: Multiple-choice questions (expected)
• Time Limit: Estimated to be around 90 minutes
• Languages: English (other languages may be offered later)
  
• Passing Score: 700

Microsoft Azure AZ-400 Course Outline

The Microsoft Azure DevOps Solutions (AZ-400) covers the latest exam updates and topics - 

Develop an Instrumentation Strategy (5-10%)

Design and implement logging

• assessing and Configure a log framework
• designing a log aggregation and storage strategy (e.g. Azure storage)
• design a log aggregation and query strategy using Azure Monitor
• interrogating Log Analytics logs using basic Kusto (KQL) queries
• managing access control to logs (workspace-centric/resource-centric)
• integrate crash analytics (App Center Crashes, Crashlytics)

Design and implement telemetry

• design and implement distributed tracing
• inspect application performance indicators
• inspect infrastructure performance indicators
• defininging and measure key metrics (CPU, memory, disk, network)
• implement alerts on key metrics (email, SMS, webhooks, Teams/Slack)
• integrating user analytics (e.g. Application Insights funnels, Visual Studio App Center, TestFlight, Google Analytics)

Integrate logging and monitoring solutions

• configure and integrate container monitoring (Azure Monitor, Prometheus, etc.)
• configure and integrate with monitoring tools (Azure Monitor Application Insights, Dynatrace, New Relic, Naggios, Zabbix)
• create feedback loop from platform monitoring tools (e.g. Azure Diagnostics extension, Log Analytics agent, Azure Platform Logs, Event Grid)
• manage Access control to the monitoring platform

Develop a Site Reliability Engineering (SRE) strategy (5-10%)

Develop an actionable alerting strategy

• identify and recommend metrics on which to base alerts
• implementing alerts using appropriate metrics
• implementing alerts based on appropriate log messages
• implement alerts based on application health checks
• analyze combinations of metrics
• develop communication mechanism to notify users of degraded systems
• implement alerts for self-healing activities (e.g. scaling, failovers)

Design a failure prediction strategy

• analyze behavior of system with regards to load and failure conditions
• calculate when a system will fail under various conditions
• measure baseline metrics for system
• leverage Application Insights Smart Detection and Dynamic thresholds in Azure Monitor

Design and implement a health check

• analyze system dependencies to determine which dependency should be included in health check
• calculate healthy response timeouts based on SLO for the service
• design approach for partial health situations
• design approach for piecemeal recovery (e.g. to improve recovery time objective strategies)
• integrate health check with compute environment
• implement different types of health checks (container liveness, startup, shutdown)

Develop a security and compliance plan (10-15%)

Design an authentication and authorization strategy

• designing an access solution (Azure AD Privileged Identity Management (PIM), Azure AD Conditional Access, MFA, Azure AD B2B etc)
• organize the team using Azure AD groups
• implement Service Principals and Managed Identity
• configure service connections

Design a sensitive information management strategy

• evaluatinging and configure vault solution (Azure Key Vault, Hashicorp Vault)
• generate security certificates
• design a secrets storage and retrieval strategy (KeyVault secrets, GitHub secrets, Azure Pipelines secrets)
• formulating a plan for deploying secret files as part of a release

Develop security and compliance

• automate dependencies scanning for security (container scanning, OWASP)
• automate dependencies scanning for compliance (licenses: MIT, GPL)
• assess and report risks
• design a source code compliance solution (e.g. GitHub Code scanning, GitHub Secret scanning, pipeline-based scans, Git hooks, SonarQube, Dependabot, etc.))

Design governance enforcement mechanisms

• implementing Azure policies to enforce organizational requirements
• implementing container scanning (e.g. static scanning, malware, crypto mining)
• designing and implement Azure Container Registry Tasks
• designing break-the-glass strategy for responding to security incidents

Manage source control (10-15%)

Develop a modern source control strategy

• integrate/migrate disparate source control systems (e.g. GitHub, Azure Repos)
• designing authentication strategies
• designing approach for managing large binary files (e.g. Git LFS)
• designing approach for cross repository sharing (e.g. Git sub-modules, packages) implement workflow hooks
• designing approach for efficient code reviews (e.g. GitHub code review assignments, schedule reminders, Pull Analytics)

Plan and implement branching strategies for the source code

• define Pull Requests (PR) guidelines to enforce work item correlation
• implement branch merging restrictions (e.g. branch policies, branch protections, manual, etc.)
• define branch strategy (e.g. trunk based, feature branch, release branch, GitHub flow)
• design and implement a PR workflow (code reviews, approvals)
• enforce static code analysis for code-quality consistency on PR

Configure repositories

• configuring permissions in the source control repository
• organize the repository with git-tags
• planing for handling oversized repositories
• plan for content recovery in all repository states
• purging data from source control

Integrate source control with tools

• integrating GitHub with DevOps pipelines
• integrating GitHub with identity management solutions (Azure AD)
• designing for GitOps
• designing for ChatOps
• integrating source control artifacts for human consumption (e.g. Git changelog)
• integrate GitHub Codespaces

Facilitate communication and collaboration (10-15%)

Communicate deployment and release information with business stakeholders

• create dashboards combining boards, pipelines (custom dashboards on Azure DevOps)
• designing a cost management communication strategy
• integrating release pipeline with work item tracking (e.g. AZ DevOps, Jira)
• integrating GitHub as repository with Azure Boards
• communicate user analytics

Generate DevOps process documentation

• designing onboarding process for new employees
• assess and document external dependencies (e.g. integrations, packages)
• assess and document artifacts (version, release notes)
• Automate communication with team members
• integrate monitoring tools with communication platforms (e.g. Teams, Slack, dashboards)
• notify stakeholders about key metrics, alerts, severity using communication and project management platforms (e.g. Email, SMS, Slack, Teams, ServiceNow etc)
• integrate build and release with communication platforms (e.g. build fails, release fails)
• integrate GitHub pull request approvals via mobile apps

Define and implement continuous integration (20-25%)

Design build automation

• integrate the build pipeline with external tools (e.g., Dependency and security scanning, Code coverage)
• implementing quality gates (e.g. code coverage, internationalization, peer review)
• design a testing strategy (e.g. integration, load, fuzz, API, chaos)
• integrating multiple tools (e.g. GitHub Actions, Azure Pipeline, Jenkins)

Design a package management strategy

• recommending package management tools (e.g. GitHub Packages, Azure Artifacts, Azure Automation Runbooks Gallery, Nuget, Jfrog, Artifactory)
• design an Azure Artifacts implementation including linked feeds
• designing versioning strategy for code assets (e.g. SemVer, date based)
• plan for assessing and updating and reporting package dependencies (GitHub Automated Security Updates, NuKeeper, GreenKeeper)
• designing a versioning strategy for packages (e.g. SemVer, date based)
• design a versioning strategy for deployment artifacts

Design an application infrastructure management strategy

• assess a configuration management mechanism for application infrastructure
• define and enforce desired state configuration for environments
• Implement a build strategy
• designing and implement build agent infrastructure (include cost, tool selection, licenses, maintainability)
• developing and implement build trigger rules
• developing build pipelines
• design build orchestration (products that are composed of multiple builds)
• integrate configuration into build process
• develop complex build scenarios (e.g. containerized agents, hybrid, GPU)

Maintain build strategy

• monitor pipeline health (failure rate, duration, flaky tests)
• optimize build (cost, time, performance, reliability)
• analyze CI load to determine build agent configuration and capacity

Design a process for standardizing builds across organization

• managing self-hosted build agents (VM templates, containerization, etc.)
• creating reuseable build subsystems (YAML templates, Task Groups, Variable Groups, etc.)

Define and implement a continuous delivery and release management strategy (10-15%)

Develop deployment scripts and templates

• recommend a deployment solution (e.g. GitHub Actions, Azure Pipelines, Jenkins, CircleCI, etc.)
• design and implement Infrastructure as code (ARM, Terraform, PowerShell, CLI)
• developing application deployment process (container, binary, scripts)
• developing database deployment process (migrations, data movement, ETL)
• integrate configuration management as part of the release process
• developing complex deployments (IoT, Azure IoT Edge, mobile, App Center, DR, multiregion, CDN, sovereign cloud, Azure Stack, etc.)

Implement an orchestration automation solution

• combining release targets depending on release deliverable (e.g., Infrastructure, code, assets, etc.)
• design the release pipeline to ensure reliable order of dependency deployments
• organizing shared release configurations and process (YAML templates, variable groups, Azure App Configuration)
• designing and implement release gates and approval processes

Plan the deployment environment strategy

• designing a release strategy (blue/green, canary, ring)
• implement the release strategy (using deployment slots, load balancer configurations, Azure Traffic Manager, feature toggle, etc.)
• select the appropriate desired state solution for a deployment environment (PowerShell DSC, Chef, Puppet, etc.)
• plan for minimizing downtime during deployments (VIP Swap, Load balancer, rolling deployments, etc.)
• designing a hotfix path plan for responding to high priority code fixes