AZ-400 · Question #527
You use Azure Pipelines pipeline to build and deploy an app named App1. You need to ensure that before App1 is deployed, all the code for the app passes a security validation by using a custom tool. W
The correct answer is A. Add a status check to the policies of the branch used by your company's development. Explanation Option A is correct because adding a status check to the branch policies of the development branch enforces a gate that requires the custom security validation tool to pass before any code can be merged or deployed - this directly integrates external security checks i
Question
Options
- AAdd a status check to the policies of the branch used by your company's development
- BAdd a status check to the policies of the main branch.
- CAdd a service hook to the project.
- DLimit the job authorization scope to the current project for all the release pipelines.
How the community answered
(16 responses)- A69% (11)
- B6% (1)
- C6% (1)
- D19% (3)
Explanation
Explanation
Option A is correct because adding a status check to the branch policies of the development branch enforces a gate that requires the custom security validation tool to pass before any code can be merged or deployed - this directly integrates external security checks into the pipeline workflow as a required pre-deployment condition.
Option B is wrong because the question specifies the branch used by your company's development team (a feature or development branch), not the main branch; applying the check to main would be too late in the workflow and misses where the validation should occur.
Option C is wrong because a service hook is used to trigger external services in response to pipeline events (like notifications), not to enforce a blocking security gate that must pass before deployment proceeds.
Option D is wrong because limiting the job authorization scope is a security measure that restricts which resources a pipeline job can access - it has nothing to do with running a custom security validation tool before deployment.
Memory Tip
Think of branch policies + status checks as bouncers at the door - they won't let code through (merge/deploy) until the custom tool gives the green light. The key phrase "before deployment" + "custom tool" always points to status checks on branch policies.
Topics
Community Discussion
No community discussion yet for this question.