AZ-400 Exam Study Guide (Designing and Implementing Microsoft DevOps Solutions)

AZ-400 Designing and Implementing Microsoft DevOps Solutions Study Guide

AZ-400 Preparation Details

Preparing for the AZ-400 Designing and Implementing Microsoft DevOps Solutions exam? Don’t know where to start? This post is the AZ-400 Certificate Study Guide (with links to each exam objective).

I have curated a list of articles from Microsoft documentation for each objective of the AZ-400 exam. Please share the post within your circles so it helps them to prepare for the exam.

Exam Voucher for AZ-400 with 1 Retake

Get 40% OFF with the combo

AZ-400 Azure DevOps Solutions Course

LinkedIn Learning (Free trial) Azure DevOps Solution Exam (Learning Path)
Pluralsight Microsoft Azure DevOps Engineer [Free Trial]
Udemy Study: Microsoft Azure DevOps Expert
Skylines AcademyAzure DevOps Dev. Process & Source Control

AZ-400 DevOps Solutions Practice Test

Whizlabs Exam Questions 275 Practice Questions & (Online Course)
Udemy Practice Tests Microsoft Azure DevOps Practice Questions
Amazon e-book (PDF) Implementing DevOps with Microsoft Azure

Other AZ-400 DevOps Learning Materials

Udacity (Nanodegree) Become a DevOps Engineer for MS Azure
Coursera DevOps Culture & Mindset [Cal. University]
Linux Foundation DevOps: Implementing Continuous Delivery

AZ-400 Sample Exam Questions

AZ-400 Azure DevOps Exam Prerequisites

To become a Microsoft Azure DevOps Engineer Expert, you must earn at least one of az-104 or az-204 certifications.

Check out all the other Azure certificate study guides

Full Disclosure: Some of the links in this post are affiliate links. I receive a commission when you purchase through them.

Looking for AZ-400 Dumps? Read This!

Using az-400 exam dumps can get you permanently banned from taking any future Microsoft certificate exam. Read the FAQ page for more information. However, I strongly suggest you validate your understanding with practice questions.

Develop an Instrumentation Strategy (5-10%)

Design and Implement Logging

Assess and Configure a Log framework

Overview of Azure platform logs

Design a log aggregation and storage strategy (e.g. Azure storage)

Design and Implement an Azure Storage Strategy

Design a log aggregation and query strategy (e.g., Azure Monitor, Splunk)

Aggregations in Azure Monitor log queries

Integrate logs with Splunk using Azure Monitor

Manage access control to logs (workspace-centric/resource-centric)

Manage access to log data and workspaces in Azure Monitor

Integrate crash analytics (App Center Crashes, Crashlytics)

What is App Center?

How does App Center Diagnostics work?

How to configure a Windows Application to exit an App Center Crash?

Monitor Your App’s Health with App Center Crash & Analytics

Design and Implement Telemetry

Design and implement distributed tracing

What is Distributed Tracing?

Configure distributed tracing with Azure Spring Cloud

Inspect application performance indicators

Common APM Performance Metrics & Indicators

Inspect infrastructure performance indicators

View Key Performance Indicators (KPI) for Azure Virtual Machine

View Key Performance Indicators (KPI) for Kubernetes cluster

Define and measure key metrics (CPU, memory, disk, network)

View key Virtual Machine metrics

Implement alerts on key metrics (email, SMS, webhooks, Teams/Slack)

Create log alerts that send a notification to SMS, email, or Webhook

A logic app that posts a message to a Slack channel when an alert fires

Alert triggers a logic app to create a conversation in Microsoft Teams

Integrate user analytics (e.g. Application Insights funnels, Visual Studio App Center, TestFlight, Google Analytics)

Discover how customers are using your appl with Application Insights Funnels

Integrate Visual Studio App Center analytics with a WPF application

Testing the iOS SDK Integration with TestFlight

Integrate Logging and Monitoring Solutions

Configure and integrate container monitoring (Azure Monitor, Prometheus, etc.)

Enable Azure Monitor for containers

Configure Prometheus metrics with Azure Monitor for containers

Configure and integrate with monitoring tools (Azure Monitor Application Insights, Dynatrace, New Relic, Naggios, Zabbix)

Set up Dynatrace integration with Azure Monitor

Configure Azure integrations with New Relic

Integrate Nagios with Microsoft Azure Stack Hub

Integrate Zabbix with Azure

Create feedback loop from platform monitoring tools (e.g. Azure Diagnostics VM extensions, Azure Platform Logs, Event Grid)

Azure Performance Diagnostics VM Extension for Windows

Create diagnostic settings to send platform logs to different destinations

Manage Access control to the monitoring platform

Manage access to log data and workspaces in Azure Monitor

Develop a Site Reliability Engineering (SRE) Strategy (5-10%)

Develop an Actionable Alerting Strategy

Identify and recommend metrics on which to base alerts

Supported metrics for creating alerts

Implement alerts using appropriate metrics

Create and manage metric alerts using Azure Monitor

Implement alerts based on appropriate log messages

Create log alerts based on data collected in Azure Monitor Logs

Implement alerts based on application health checks

Configure resource health alerts using Azure portal

Analyze combinations of metrics

Create views with multiple metrics and charts

Develop communication mechanism to notify users of degraded systems

Get notified when Azure service incidents impact your resources

Implement alerts for self-healing activities (e.g. scaling, failovers)

Design your application to be self-healing when failures occur

Alerts for Azure Autoscale actions

Design a Failure Prediction Strategy

Analyze the behavior of the system with regards to load and failure conditions

Failure mode analysis for Azure applications

Calculate when a system will fail under various conditions

How Azure uses machine learning to predict VM failures

Measure baseline metrics for system

Establish & Measure baseline metrics for [SQL Server on VM]

Recommend the appropriate tools for a failure prediction strategy

Foretell and prevent downtime with predictive maintenance

AZ-400 Exam details and tips

Design and Implement a Health Check

Analyze system dependencies to determine which dependency should be included in the health check

Visualize dependencies in an Azure Virtual Machine

Calculate healthy response timeouts based on SLO for the service

What is SLO (Service Level Objective)?

A community post on Azure DB Timeout exception

Timeout errors in Azure SQL Databases called in Azure Web Jobs

Design an approach for partial health situations

Requirements for health monitoring

Integrate health check with compute environment

Understanding health criteria in Azure Monitor for VMs

Implement different types of health checks (liveness, startup, shutdown)

Configure liveness probes on Container Instance

Configure Liveness, Readiness, and Startup Probes

Azure DevOps az-400

Amazon link (affiliate)

Develop a Security and Compliance Plan (10-15%)

Design an Authentication and Authorization Strategy

Design an access solution (Azure AD Privileged Identity Management (PIM), Azure AD Conditional Access, MFA)

What is Azure AD Privileged Identity Management?

What is Azure AD Conditional Access?

Azure Multi-Factor Authentication (MFA)

Organize the team using Azure AD groups

Assign users to Azure Active Directory groups

Implement Service Principals and Managed Identity

Authentication with service principals in Azure AD

Use managed identities with Azure virtual machines

Design an application access solution using Azure AD B2C

Using Azure B2C with an app

Configure service connections

Configure Service connections in Azure Pipelines

Design a Sensitive Information Management Strategy

Evaluate and configure vault solution (Azure Key Vault, Hashicorp Vault)

Getting started with Azure Key Vault using the Azure portal

Hashicorp Key Vault on Microsoft Azure

Generate security certificates

Add a TLS/SSL certificate in Azure App Service

Design a secrets storage and retrieval strategy

Storing and using secrets in Azure

Formulate a plan for deploying secret files as part of a release

Use secrets from Azure Key Vault in Azure Pipelines

Example: CI/CD pipeline using Terraform & Azure DevOps

Develop Security and Compliance

Automate dependencies scanning for security (container scanning, OWASP)

What is Dependency Scanning?

Container scanning that scans for vulnerabilities

OWASP Dependency-Check

Automate dependencies scanning for compliance (licenses: MIT, GPL)

Compliance and vulnerability scanning

Assess and report risks

Manage risks in Azure DevOps

Design a source code compliance solution (e.g. GitHub security, pipeline-based scans, Git hooks, SonarQube)

Get Started with Git Hooks

Control source code quality using the SonarQube platform

Add continuous security validation to your CI/CD pipeline

Design Governance Enforcement Mechanisms

Implement Azure policies to enforce organizational requirements

Create and manage policies to enforce compliance

Implement container scanning (e.g. static scanning, malware, crypto mining)

Static Security Analysis of Container Images with CoreOS Clair

Open Source tools to scan your containers for malware

Crypto miners scan for Docker container vulnerability to mine cryptocurrency

Design and implement Azure Container Registry Tasks (eg. Azure Policy)

Automate container image builds and maintenance with ACR Tasks

Design break-the-glass strategy for responding to security incidents

“Break glass”: what to do in an emergency?

Manage Source Control (10-15%)

Develop a Modern Source Control Strategy

Integrate/migrate disparate source control systems (e.g. GitHub, Azure Repos)

Migrating your repository to GitHub

Migrating Code to Azure DevOps Repos

Design authentication strategies

Authenticating to GitHub

Other authentication methods

Design an approach for managing large binary files (e.g. Git LFS)

Handling Large Binary Files with LFS

Design an approach for cross repository sharing (e.g. Git sub-modules, packages)

Two Git repositories share common code with Sub-modules

Cross-repository Component Sharing using Multi-packages

Implement workflow hooks

How To Ease Your Team’s Development Workflow With Git Hooks

Plan and Implement Branching Strategies for the Source Code

Define Pull Requests (PR) guidelines to enforce work item correlation

Link work items to pull request

Link from a work item to a GitHub pull request

Implement branch merging restrictions (e.g. branch policies, branch protections, manual, etc.)

Configure branch policies in Azure DevOps

Configure protected branches

Manual approvals that are required for merging a branch

Define branch strategy (e.g. trunk-based, feature branch, release branch, GitHub flow)

DevOps tech: Trunk-based development

Feature Branching & Release Branching Strategy

Understanding the GitHub flow

Design and implement a PR workflow (code reviews, approvals)

How to code review in a Pull Request

Approving a pull request with required reviews

Enforce static code analysis for code-quality consistency on PR

Automate Code Review with Static Code Analysis

Configure Repositories

Configure permissions in the source control repository

Access permissions on GitHub

Setting permissions for deleting or transferring repositories

Organize the repository with git-tags

Tagging a GitHub repository

Plan for handling oversized repositories

How to handle big repositories with Git

Working with large files and repositories

Plan for content recovery in all repository states

Restoring a deleted GitHub repository

Repairing and recovering broken git repositories

Purge data from source control

Removing files from a repository’s history

Removing sensitive data from a repository

Integrate Source Control with Tools

Integrate GitHub with DevOps pipelines

GitHub integration with Azure Pipelines

Integrate GitHub with identity management solutions (Azure AD)

Azure Active Directory single sign-on (SSO) integration with GitHub

Design for GitOps

GitOps with Microsoft Azure

Azure DevOps pipelines repo that support the GitOps flow

Design for ChatOps

ChatOps for Azure Active Directory

ChatOps with Azure DevOps and Microsoft Teams

Integrate source control artifacts for human consumption (e.g. Git changelog)

Auto-generating release notes in Azure DevOps pipelines

Facilitate Communication and Collaboration (10-15%)

Communicate Deployment and Release Information with Business Stakeholders

Create dashboards combining boards, pipelines (custom dashboards on Azure DevOps)

About dashboards, charts, reports, & widgets

Creating a Dashboard in Azure DevOps

Design a cost management communication strategy

Define Azure Cost Management

Cost Management discipline template

Integrate release pipeline with work item tracking (e.g. AZ DevOps, Jira, ServiceNow)

Link work items to deployments in Azure DevOps

Integrate with ServiceNow change management

Azure Pipelines integration with Jira

Integrate GitHub as a repository with Azure Boards

Connect Azure Boards to GitHub

Communicate user analytics

Communicate analytics via dashboard widgets, Power BI, and reports

Generate Devops Process Documentation

Design the onboarding process for new employees

Recommendations on how to onboard DevOps engineers

Assess and document external dependencies (e.g. integrations, packages)

Overview of Azure DevOps dependency tracker

Creating a Dependency

Assess and document artifacts (version, release notes)

What are Azure Artifacts?

Artifact Details – Get Package Versions

Release artifacts in Azure DevOps

Azure certification Frequently Asked Questions

Automate Communication with Team Members

Integrate monitoring tools with communication platforms (e.g. Teams, Slack, dashboards)

Azure Pipelines with Microsoft Teams

Azure Pipelines with Slack

Add continuous monitoring to your release pipeline

Notify stakeholders about key metrics, alerts, severity using communication platforms (e.g. Email, SMS, Slack, Teams)

Send Azure DevOps notifications to Slack

Send Azure DevOps notifications to Microsoft Teams

Integrate the build and release with communication platforms (e.g. build fails, release fails)

Get notifications for failed builds

Send Email After Release Deployment in Azure DevOps

Define and Implement Continuous Integration (20-25%)

Design Build Automation

Integrate the build pipeline with external tools (e.g., Dependency and security scanning, Code coverage)

Code Coverage Report (with JaCoCo) in Azure DevOps Pipeline

Choose a tool for scanning open-source dependencies

Security Scan Azure Pipelines with Snyk

Implement quality gates (e.g. code coverage, internationalization, peer review)

Release deployment control using gates

Code coverage for pull requests

Perform peer review with pull requests

Design a testing strategy (e.g. integration, load, fuzz, API, chaos)

Create test plans and test suites

Load test overview – Azure Test Plans

Integrate automated test in Azure DevOps using the Postman API

Fuzz Testing at Microsoft and the Triage Process

Integrate multiple tools (e.g. GitHub Actions, Azure Pipeline, Jenkins)

Use GitHub Actions to trigger a run in Azure Pipelines

Configuring a CD pipeline for your Jenkins CI

Design a Package Management Strategy

Recommend package management tools (e.g. GitHub Packages, Azure Artifacts, Azure Automation Runbooks Gallery, Nuget, Jfrog, Artifactory)

About GitHub Packages

Start using Azure Artifacts

Introducing the Azure Automation Runbook Gallery

An introduction to NuGet

Package management with JFrog

Design an Azure Artifacts implementation including linked feeds

Azure DevOps: What are feeds?

Design versioning strategy for code assets (e.g. SemVer, date-based)

Build Versioning in Azure DevOps Pipelines

Automated date-based versioning for ASP.NET Core assemblies using Azure DevOps

Plan for assessing and updating and reporting package dependencies (GitHub Automated Security Updates, NuKeeper, GreenKeeper)

Configuring GitHub Dependabot security updates

NuKeeper Integration with Azure DevOps

What Greenkeeper does, and why?

Design a versioning strategy for packages (e.g. SemVer, date-based)

Effective Nuget Package Versioning in Azure DevOps

Design a versioning strategy for deployment artifacts

Best way to handle versioning w/ YAML pipelines

Design an Application Infrastructure Management Strategy

Assess a configuration management mechanism for application infrastructure

Azure Automation State Configuration overview

Define and enforce desired state configuration for environments

The what, why, and how of Azure Automation Desired State Configuration (DSC)

Configuring Azure DSC Automation with PowerShell in 5 steps

Implement a Build Strategy

Design and implement build agent infrastructure (include cost, tool selection, licenses, maintainability)

Create a build agent that runs on Azure

Develop and implement build trigger rules

Trigger one pipeline after another

Develop build pipelines

Create your first pipeline in Azure DevOps

Design build orchestration (products that are composed of multiple builds)

Create a multi-platform pipeline

Integrate configuration into the build process

CI and CD with Azure DevOps – Quickstart

Develop complex build scenarios (e.g. containerized agents, hybrid, GPU)

Running a self-hosted agent in Docker

Self-hosted GPU agents for Azure Pipelines

Best Practices for Creating a VM with GPU inside Azure DevOps Pipelines

Enabling DevOps in A Hybrid Cloud Environment

Maintain Build Strategy

Monitor pipeline health (failure rate, duration, flaky tests)

Add continuous monitoring to your release pipeline

Test failures report

Pipeline duration report

Manage flaky tests

Optimize build (cost, time, performance, reliability)

Reducing Cost & Complexity For Azure Pipelines CI/CD

Identifying Cost-Saving Opportunities in Azure DevOps

Optimize build time with Pipeline caching

Improving Angular CI Build Time Using Azure DevOps ‘Cache Task’

Performance tuning an Azure DevOps build configuration

Analyze CI load to determine build agent configuration and capacity

Azure DevOps build agent analysis

Manage pipeline health

Pipeline reports to track Pipeline health

Identify the number of agents and jobs to run in parallel

Determine how many parallel jobs you need

Investigate test failures

Test Failures in Test Analytics

Design a Process for Standardizing Builds across Organization

Manage self-hosted build agents (VM templates, containerization, etc.)

Self-hosted agents

Running a self-hosted agent in Docker

Use an ARM-template generated host as a build agent

Create reusable build subsystems (YAML templates, Task Groups, Variable Groups, etc.)

Reuse YAML templates in different Azure DevOps team project

Create a reusable task with Task Groups

Variable group to store values for multiple pipelines

Define and Implement a Continuous Delivery and Release Management Strategy (10-15%)

Develop Deployment Scripts and Templates

Recommend a deployment solution (e.g. GitHub Actions, Azure Pipelines, Jenkins, CircleCI, etc.)

Comparison of Most Popular Continuous Integration Tools

Jenkins vs. Github Actions

A discussion on what’s the best CI/CD service

Continuous Integration: CircleCI vs Jenkins vs Alternatives

Design and implement Infrastructure as code (ARM, Terraform, PowerShell, CLI)

Azure Resource Manager templates

Infrastructure as Code: Terraform

Azure CLI Scripts and Tasks

Develop application deployment process (container, binary, scripts)

Use deployment scripts in templates

Develop database deployment process (migrations, data movement, ETL)

SQL Server database migration to Azure SQL Database

Azure SQL hybrid data movement

Build ETL pipelines collaboratively using Git integration in Azure Data Factory

Integrate configuration management as part of the release process

The Link Between Change Management and Release Management

Develop complex deployments (IoT, Azure IoT Edge, mobile, App Center, DR, multi-region, CDN, sovereign cloud, Azure Stack, etc.)

Deploy IoT Edge modules at scale using Azure

Setup Azure DevOps and App Center to deploy your application

Multi-region deployment with Azure DevOps & App Services

End to End Azure CDN Deployment with Self Managed CA Signed

Deploy to Azure Stack with Azure Pipelines

Implement an Orchestration Automation Solution

Combine release targets depending on release deliverable (e.g., Infrastructure, code, assets, etc.)

Integrating Infrastructure as Code into a Continuous Delivery Pipeline

Design the release pipeline to ensure reliable order of dependency deployments

Add stages, dependencies, & conditions

Organize shared release configurations and processes (YAML templates, variable groups)

Grouping Shared Variables in Azure DevOps Pipeline

Design and implement release gates and approval processes

Controlling Deployments using Release Gates

Control deployments using approvals

Plan the Deployment Environment Strategy

Design a release strategy (blue/green, canary, ring)

Blue/Green, Canary & Ring deployments

Implement the release strategy (using deployment slots, load balancer configurations, Azure Traffic Manager, feature toggle, etc.)

Considerations on using Deployment Slots in your DevOps Pipeline

Blue-Green deployments using Azure Traffic Manager

Feature Toggles (aka Feature Flags)

Select the appropriate desired state solution for a deployment environment (PowerShell DSC, Chef, Puppet, etc.)

Infrastructure automation tools with virtual machines in Azure

Plan for minimizing downtime during deployments (VIP Swap, Load balancer, rolling deployments, etc.)

Deployments with VIP swap

Load balancer: Blue-Green Deployment on Azure with Zero Downtime

Rolling deployment strategy

Design a hotfix path plan for responding to high priority code fixes

Doing a hotfix with Azure DevOps

This brings us to the end of the AZ-400 Designing and Implementing Microsoft DevOps Solutions exam study guide

What do you think? Let me know in the comments section if I have missed out on anything. Also, I love to hear from you how your preparation is going on!

In case you are preparing for other Azure certification exams, check out the Azure study guide for those exams.

Follow Me to Receive Updates on AZ-400 Exam

Want to be notified as soon as I post? Subscribe to the RSS feed / leave your email address in the subscribe section. Share the article to your social networks with the below links so it can benefit others.

Share the AZ-400 Study Guide in Your Network

You may also like