AZ-400 Exam Study Guide (Designing and Implementing Microsoft DevOps Solutions)

AZ-400 Designing and Implementing Microsoft DevOps Solutions Study Guide

Preparing for the AZ-400 Designing and Implementing Microsoft DevOps Solutions exam? Don’t know where to start? This post is the AZ-400 Certificate Study Guide (with links to each exam objective).

I have curated a list of articles from Microsoft documentation for each objective of the AZ-400 exam. Please share the post within your circles so it helps them to prepare for the exam.

Exam Voucher for AZ-400 with 1 Retake

Get 40% OFF with the combo

AZ-400 Azure DevOps Solutions Course

AZ-400 DevOps Solutions Practice Test

Other AZ-400 DevOps Learning Materials

AZ-400 Azure DevOps Exam Prerequisites

To become a Microsoft Azure DevOps Engineer Expert, you must earn at least one of az-104 or az-204 certification.

To view other Azure Certificate Study Guides, click here

Full Disclosure: Some of the links in this post are affiliate links. I receive a commission when you purchase through them.

Looking for AZ-400 Dumps? Read This!

Using az-400 exam dumps can get you permanently banned from taking any future Microsoft certificate exam. Read the FAQ page for more information. However, I strongly suggest you validate your understanding with practice questions.

Develop an Instrumentation Strategy (5-10%)

Design and Implement Logging

Assess and Configure a log framework

Overview of Azure platform logs

Design a log aggregation and storage strategy (e.g. Azure storage)

Design and Implement an Azure Storage Strategy

Design a log aggregation using Azure Monitor

Aggregations in Azure Monitor log queries

Manage access control to logs (workspace-centric/resource-centric)

Manage access to log data and workspaces in Azure Monitor

Integrate crash analytics (App Center Crashes, Crashlytics)

What is App Center?

How App Center Diagnostics works?

How to configure a Windows Application to exit an App Center Crash?

Monitor Your App’s Health with App Center Crash & Analytics

Design and Implement Telemetry

Integrate Logging and Monitoring Solutions

Configure and integrate container monitoring (Azure Monitor, Prometheus, etc.)

Enable Azure Monitor for containers

Configure Prometheus metrics with Azure Monitor for containers

Configure and integrate with monitoring tools (Azure Monitor Application Insights, Dynatrace, New Relic, Naggios, Zabbix)

Set up Dynatrace integration with Azure Monitor

Configure Azure integrations with New Relic

Integrate Nagios with Microsoft Azure Stack Hub

Integrate Zabbix with Azure

Create feedback loop from platform monitoring tools (e.g. Azure Diagnostics VM extensions, Azure Platform Logs, Event Grid)

Azure Performance Diagnostics VM Extension for Windows

Create diagnostic settings to send platform logs to different destinations

Manage Access control to the monitoring platform

Manage access to log data and workspaces in Azure Monitor

Develop a Site Reliability Engineering (SRE) Strategy (5-10%)

Develop an Actionable Alerting Strategy

Identify and recommend metrics on which to base alerts

Supported metrics for creating alerts

Implement alerts using appropriate metrics

Create and manage metric alerts using Azure Monitor

Implement alerts based on appropriate log messages

Create log alerts based on data collected in Azure Monitor Logs

Implement alerts based on application health checks

Configure resource health alerts using Azure portal

Analyze combinations of metrics

Create views with multiple metrics and charts

Develop communication mechanism to notify users of degraded systems

Get notified when Azure service incidents impact your resources

Implement alerts for self-healing activities (e.g. scaling, failovers)

Design your application to be self-healing when failures occur

Alerts for Azure Autoscale actions

Design a Failure Prediction Strategy

Analyze behavior of system with regards to load and failure conditions

Failure mode analysis for Azure applications

Calculate when a system will fail under various conditions

How Azure uses machine learning to predict VM failures

Measure baseline metrics for system

Establish & Measure baseline metrics for [SQL Server on VM]

Recommend the appropriate tools for a failure prediction strategy

Foretell and prevent downtime with predictive maintenance

az-400 Exam details & Tips

Design and Implement a Health Check

Analyze system dependencies to determine which dependency should be included in health check

Visualize dependencies in a Azure Virtual Machine

Calculate healthy response timeouts based on SLO for the service

What is SLO (Service Level Objective)?

A community post on Azure DB Timeout exception

Timeout errors in Azure SQL Databases called in Azure Web Jobs

Design approach for partial health situations

Requirements for health monitoring

Integrate health check with compute environment

Understanding health criteria in Azure Monitor for VMs

Implement different types of health checks (liveness, startup, shutdown)

Configure liveness probes on Container Instance

Configure Liveness, Readiness and Startup Probes

Azure DevOps az-400

Amazon link (affiliate)

Develop a Security and Compliance Plan (10-15%)

Design an Authentication and Authorization Strategy

Design an access solution (Azure AD Privileged Identity Management (PIM), Azure AD Conditional Access, MFA)

What is Azure AD Privileged Identity Management?

What is Azure AD Conditional Access?

Azure Multi-Factor Authentication (MFA)

Organize the team using Azure AD groups

Assign users to Azure Active Directory groups

Implement Service Principals and Managed Identity

Authentication with service principals in Azure AD

Use managed identities with Azure virtual machines

Configure service connections

Configure Service connections in Azure Pipelines

Design a Sensitive Information Management Strategy

Evaluate and configure vault solution (Azure Key Vault, Hashicorp Vault)

Getting started with Azure Key Vault using the Azure portal

Hashicorp Key Vault on Microsoft Azure

Generate security certificates

Add a TLS/SSL certificate in Azure App Service

Design a secrets storage and retrieval strategy

Storing and using secrets in Azure

Formulate a plan for deploying secret files as part of a release

Use secrets from Azure Key Vault in Azure Pipelines

Example: CI/CD pipeline using Terraform & Azure DevOps

Develop Security and Compliance

Automate dependencies scanning for security (container scanning, OWASP)

What is Dependency Scanning?

Container scanning that scans for vulnerabilities

OWASP Dependency-Check

Automate dependencies scanning for compliance (licenses: MIT, GPL)

Compliance and vulnerability scanning

Assess and report risks

Manage risks in Azure DevOps

Design a source code compliance solution (e.g. GitHub security, pipeline-based scans, Git hooks, SonarQube)

Get Started with Git Hooks

Control source code quality using the SonarQube platform

Add continuous security validation to your CI/CD pipeline

Design Governance Enforcement Mechanisms

Implement Azure policies to enforce organizational requirements

Create and manage policies to enforce compliance

Implement container scanning (e.g. static scanning, malware, crypto mining)

Static Security Analysis of Container Images with CoreOS Clair

Open Source tools to scan your containers for malware

Crypto Miners scan for Docker container vulnerability to mine cryptocurrency

Design and implement Azure Container Registry Tasks (eg. Azure Policy)

Automate container image builds and maintenance with ACR Tasks

Design break-the-glass strategy for responding to security incidents

“Break glass”: what to do in an emergency?

Manage Source Control (10-15%)

Develop a Modern Source Control Strategy

Integrate/migrate disparate source control systems (e.g. GitHub, Azure Repos)

Migrating your repository to GitHub

Migrating Code to Azure DevOps Repos

Design authentication strategies

Authenticating to GitHub

Other authentication methods

Design approach for managing large binary files (e.g. Git LFS)

Handling Large Binary Files with LFS

Design approach for cross repository sharing (e.g. Git sub-modules, packages)

Two Git repositories share common code with Sub-modules

Cross-repository Component Sharing using Multi-packages

Implement workflow hooks

How To Ease Your Team’s Development Workflow With Git Hooks

Plan and Implement Branching Strategies for the Source Code

Define Pull Requests (PR) guidelines to enforce work item correlation

Link work items to pull request

Link from a work item to a GitHub pull request

Implement branch merging restrictions (e.g. branch policies, branch protections, manual, etc.)

Configure branch policies in Azure DevOps

Configure protected branches

Manual approvals required for merging a branch

Define branch strategy (e.g. trunk based, feature branch, release branch, GitHub flow)

DevOps tech: Trunk-based development

Feature Branching & Release Branching Strategy

Understanding the GitHub flow

Design and implement a PR workflow (code reviews, approvals)

How to code review in a Pull Request

Approving a pull request with required reviews

Enforce static code analysis for code-quality consistency on PR

Automate Code Review with Static Code Analysis

Configure Repositories

Integrate Source Control with Tools

Facilitate Communication and Collaboration (10-15%)

Communicate Deployment and Release Information with Business Stakeholders

Create dashboards combining boards, pipelines (custom dashboards on Azure DevOps)

About dashboards, charts, reports, & widgets

Creating a Dashboard in Azure DevOps

Design a cost management communication strategy

Define Azure Cost Management

Cost Management discipline template

Integrate release pipeline with work item tracking (e.g. AZ DevOps, Jira)

Link work items to deployments in Azure DevOps

Integrate GitHub as repository with Azure Boards

Connect Azure Boards to GitHub

Communicate user analytics

Communicate analytics via dashboard widgets, Power BI and reports

Generate Devops Process Documentation

Design onboarding process for new employees

Recommendations on how to onboard DevOps engineers

Assess and document external dependencies (e.g. integrations, packages)

Overview of Azure DevOps dependency tracker

Creating a Dependency

Assess and document artifacts (version, release notes)

What is Azure Artifacts?

Artifact Details – Get Package Versions

Release artifacts in Azure DevOps

Azure certification Frequently Asked Questions

Automate Communication with Team Members

Integrate monitoring tools with communication platforms (e.g. Teams, Slack, dashboards)

Azure Pipelines with Microsoft Teams

Azure Pipelines with Slack

Add continuous monitoring to your release pipeline

Notify stakeholders about key metrics, alerts, severity using communication platforms (e.g. Email, SMS, Slack, Teams)

Send Azure DevOps notifications to Slack

Send Azure DevOps notifications to Microsoft Teams

Integrate build and release with communication platforms (e.g. build fails, release fails)

Get notifications for failed builds

Send Email After Release Deployment in Azure DevOps

Define and Implement Continuous Integration (20-25%)

Design Build Automation

Design a Package Management Strategy

Recommend package management tools (e.g. GitHub Packages, Azure Artifacts, Azure Automation Runbooks Gallery, Nuget, Jfrog, Artifactory)

About GitHub Packages

Start using Azure Artifacts

Introducing the Azure Automation Runbook Gallery

An introduction to NuGet

Package management with JFrog

Design an Azure Artifacts implementation including linked feeds

Azure DevOps: What are feeds?

Design versioning strategy for code assets (e.g. SemVer, date based)

Build Versioning in Azure DevOps Pipelines

Automated date-based versioning for ASP.NET Core assemblies using Azure DevOps

Plan for assessing and updating and reporting package dependencies (GitHub Automated Security Updates, NuKeeper, GreenKeeper)

Configuring GitHub Dependabot security updates

NuKeeper Integration with Azure DevOps

What Greenkeeper does, and why?

Design a versioning strategy for packages (e.g. SemVer, date based)

Effective Nuget Package Versioning in Azure DevOps

Design a versioning strategy for deployment artifacts

Best way to handle versioning w/ YAML pipelines

Design an Application Infrastructure Management Strategy

Assess a configuration management mechanism for application infrastructure

Azure Automation State Configuration overview

Define and enforce desired state configuration for environments

The what, why and how of Azure Automation Desired State Configuration (DSC)

Configuring Azure DSC Automation with PowerShell in 5 steps

Implement a Build Strategy

Design and implement build agent infrastructure (include cost, tool selection, licenses, maintainability)

Create a build agent that runs on Azure

Develop and implement build trigger rules

Trigger one pipeline after another

Develop build pipelines

Create your first pipeline in Azure DevOps

Design build orchestration (products that are composed of multiple builds)

Create a multi-platform pipeline

Integrate configuration into build process

CI and CD with Azure DevOps – Quickstart

Develop complex build scenarios (e.g. containerized agents, hybrid, GPU)

Running a self-hosted agent in Docker

Self-hosted GPU agents for Azure Pipelines

Best Practices for Creating a VM with GPU inside Azure DevOps Pipelines

Enabling DevOps in A Hybrid Cloud Environment

Maintain Build Strategy

Design a Process for Standardizing Builds across Organization

Define and Implement a Continuous Delivery and Release Management Strategy (10-15%)

Develop Deployment Scripts and Templates

Implement an Orchestration Automation Solution

Combine release targets depending on release deliverable (e.g., Infrastructure, code, assets, etc.)

Integrating Infrastructure as Code into a Continuous Delivery Pipeline

Design the release pipeline to ensure reliable order of dependency deployments

Add stages, dependencies, & conditions

Organize shared release configurations and process (YAML templates, variable groups)

Grouping Shared Variables in Azure DevOps Pipeline

Design and implement release gates and approval processes

Controlling Deployments using Release Gates

Control deployments using approvals

Plan the Deployment Environment Strategy

Design a release strategy (blue/green, canary, ring)

Blue/Green, Canary & Ring deployments

Implement the release strategy (using deployment slots, load balancer configurations, Azure Traffic Manager, feature toggle, etc.)

Considerations on using Deployment Slots in your DevOps Pipeline

Blue-Green deployments using Azure Traffic Manager

Feature Toggles (aka Feature Flags)

Select the appropriate desired state solution for a deployment environment (PowerShell DSC, Chef, Puppet, etc.)

Infrastructure automation tools with virtual machines in Azure

Plan for minimizing downtime during deployments (VIP Swap, Load balancer, rolling deployments, etc.)

Deployments with VIP swap

Load balancer: Blue-Green Deployment on Azure with Zero Downtime

Rolling deployment strategy

Design a hotfix path plan for responding to high priority code fixes

Doing a hotfix with Azure DevOps

This brings us to the end of the AZ-400 Designing and Implementing Microsoft DevOps Solutions exam study guide

What do you think? Let me know in the comments section if I have missed out on anything. Also, I love to hear from you how your preparation is going on!

In case you are looking for other Azure certification exams check out this page

Follow/Like to Receive Updates

Want to be notified as soon as I post? Subscribe to RSS feed / leave your email address in the subscribe section. Share the article to your social networks with the below links so it can benefit others.

Share the Article in Your Social Media Networks

  • 1

You may also like


    1. yea generally labs are there, but I heard they were not available for some time due to increased demand for cloud services.
      I am not sure of the exact situation now. But it is better to be prepared for that.
      For format, check the az-400 GitHub labs. they should give some idea.

  1. Pluralsight (Learning Path) Microsoft Azure DevOps Engineer [Free Trial]

    above is not available , could you please suggest

    1. Microsoft updates the code if they think there are considerable changes to the exam objectives, although I agree there were

  2. I See that the skills measured changed on June 15. Do you have any recommendation on the learning material for the new topics?

Leave a Reply

Your email address will not be published. Required fields are marked *