HOTSPOT - (Topic 4)
Your company is building a new web application.
You plan to collect feedback from pilot users on the features being delivered.
All the pilot users have a corporate computer that has Google Chrome and the Microsoft Test & Feedback extension installed. The pilot users will test the application by using Chrome.
You need to identify which access levels are required to ensure that developers can request and gather feedback from the pilot users. The solution must use the principle of least privilege.
Which access levels in Azure DevOps should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Solution:
Graphical user
interface, text, application Description automatically generated
Box 1: Basic
Assign Basic to users with a TFS CAL, with a Visual Studio Professional subscription, and to users for whom you are paying for Azure Boards & Repos in an organization.
Box 2: Stakeholder
Assign Stakeholders to users with no license or subscriptions who need access to a limited set of features.
Note:
You assign users or groups of users to one of the following access levels: Basic: provides access to most features
VS Enterprise: provides access to premium features
Stakeholders: provides partial access, can be assigned to unlimited users for free

Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

- (Topic 4)
You have an Azure DevOps organization named Contoso.
You need to receive Microsoft Teams notifications when work items are updated. What should you do?

1. A. From Azure DevOp
2. B. configure a service hook subscription.
3. C. From Microsoft Teams, configure a connector.
4. D. From Microsoft Teams, add a channel.
5. E. From Azure DevOp
6. F. install an extension.
7. G. From the Microsoft Teams admin center configure external access.

Correct Answer: A
https://azuredevopslabs.com/labs/vstsextend/teams/

- (Topic 4)
You plan to provision a self-hosted Linux agent
Which authentication mechanism should you use to register the self-hosted agent?

1. A. SSH key
2. B. personal access token (PAT)
3. C. Alternate credentials
4. D. certificate

Correct Answer: B
Note: PAT Supported only on Azure Pipelines and TFS 2017 and newer. After you choose PAT, paste the PAT token you created into the command prompt window. Use a personal access token (PAT) if your Azure DevOps Server or TFS instance and the agent machine are not in a trusted domain. PAT authentication is handled by your Azure DevOps Server or TFS instance instead of the domain controller.
Reference:
https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/v2-linux
https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/v2-linux?view=azure- devops

HOTSPOT - (Topic 4)
You use Azure Pipelines lo manage the build and deployment of apps.
You are planning the release strategies for a new app. You need to choose strategies for the following scenarios:
• Releases will be made available to users who are grouped by their tolerance for software faults.
• Code will be deployed to enable functionality that will be available in later releases of the app.
• When a new release occurs, the existing deployment will remain active to minimize recovery time if a return to the previous version is required.

Solution:
Box 1: Progressive exposure
Continuous Delivery may sequence multiple deployment “rings” for progressive exposure (also known as “controlling the blast radius”). Progressive exposure groups users who get to try new releases to monitor their experience in “rings.” The first deployment ring is often a “canary” used to test new versions in production before a broader rollout. CD automates deployment from one ring to the next and may optionally depend on an approval step, in which a decision maker signs off on the changes electronically. CD may create an auditable record of the approval in order to satisfy regulatory procedures or other control objectives.

Box 2: Feature flags
Feature flags support a customer-first DevOps mindset, to enable (expose) and disable (hide) features in a solution, even before they are complete and ready for release.
Box 3: Blue/green
Blue/green deployments which means that instead of replacing the previous version (here we refer to this version as blue), we bring up the new version (here referred to as the green version) next to the existing version, but not expose it to the actual users right away. On the condition of having successfully validated that the green version works correctly, we will promote this version to the public version by changing the routing configuration without downtime. If something is wrong with the green version we can revert back without users every noticing interruptions.

Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

- (Topic 4)
During a code review, you discover quality issues in a Java application.
You need to recommend a solution to detect quality issues including unused variables and empty catch blocks.
What should you recommend?

1. A. In an Xcode build task, select Use xcpretty from Advanced.
2. B. In a Maven build task, select Run PMD.
3. C. In a Grunt build task, select Enabled from Control Options.
4. D. In a Gulp build task, specify a custom condition expression.

Correct Answer: B
PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth.
There is an Apache Maven PMD Plugin which allows you to automatically run the PMD code analysis tool on your project's source code and generate a site report with its results.