nerdexam
ExamsAZ-400Questions#524
MicrosoftMicrosoft

AZ-400 · Question #524

AZ-400 Question #524: Real Exam Question with Answer & Explanation

Creating a Personal Access Token (PAT) in Azure DevOps requires navigating to User Settings > Personal Access Tokens, clicking '+ New Token', and configuring the name as 'Token1' with a custom expiration date set to exactly 60 days from today. The scopes must be precisely set to

Submitted by kavita_s· Mar 6, 2026Configure secure access to Azure DevOps resources using Personal Access Tokens with appropriate scopes and expiration policies - aligning with the AZ-400 domain of implementing DevOps security and identity management.

Question

SIMULATION You need to create a personal access token (PAT) named Token1 that has only the following capabilities: - Read, write, and manage code - Read and execute builds - Read releases Token1 must expire in 60 days. Answer:

Options

  • taskCreate a personal access token (PAT) named Token1 in Azure DevOps with specific capabilities and an expiration date.
  • prerequisitesAccess to an Azure DevOps organization.

Explanation

Creating a Personal Access Token (PAT) in Azure DevOps requires navigating to User Settings > Personal Access Tokens, clicking '+ New Token', and configuring the name as 'Token1' with a custom expiration date set to exactly 60 days from today. The scopes must be precisely set to 'Code (Read, Write & Manage)', 'Build (Read & Execute)', and 'Release (Read)' - selecting only these three scopes ensures the principle of least privilege is followed and matches the stated requirements. Any deviation in scope selection (e.g., granting full access or adding unnecessary permissions) or expiration date would make the token non-compliant with the requirements.

Topics

#Azure DevOps#Personal Access Tokens#Security & Authentication#Access Management

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full AZ-400 PracticeBrowse All AZ-400 Questions