AZ-400 · Question #255
Drag and Drop Question You have an Azure DevOps release pipeline as shown in the following exhibit. You need to complete the pipeline to configure OWASP ZAP for security testing. Which five Azure CLI
The correct answer is Call the Baseline Scan; Download the file; Convert Report Format; Publish Test Results; Destroy OWASP Container. The correct sequence follows the logical workflow of OWASP ZAP security testing in an Azure DevOps pipeline: first 'Call the Baseline Scan' to execute the OWASP ZAP scan against the target, then 'Download the file' to retrieve the generated XML report from the ZAP container, then
Question
Exhibits
Answer Area
Drag items
Correct arrangement
- Call the Baseline Scan
- Download the file
- Convert Report Format
- Publish Test Results
- Destroy OWASP Container
Explanation
The correct sequence follows the logical workflow of OWASP ZAP security testing in an Azure DevOps pipeline: first 'Call the Baseline Scan' to execute the OWASP ZAP scan against the target, then 'Download the file' to retrieve the generated XML report from the ZAP container, then 'Convert Report Format' to transform the ZAP XML output into NUnit or JUnit format that Azure DevOps can interpret, then 'Publish Test Results' to upload and display the converted results in the pipeline dashboard, and finally 'Destroy OWASP Container' to clean up the Docker container and free resources. This sequence ensures the scan runs, results are captured and made readable, published for visibility, and infrastructure is cleaned up afterward.
Topics
Community Discussion
No community discussion yet for this question.

