nerdexam
Microsoft

AZ-400 · Question #67

Hotspot Question Your company is creating a suite of three mobile applications. You need to control access to the application builds. The solution must be managed at the organization level What should

This question tests knowledge of Azure DevOps organization-level access control for mobile application builds, specifically which features to use for managing distribution and access at scale.

Submitted by skyler.x· Mar 6, 2026Develop a security and compliance plan

Question

Hotspot Question Your company is creating a suite of three mobile applications. You need to control access to the application builds. The solution must be managed at the organization level What should you use? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. Answer:

Exhibit

AZ-400 question #67 exhibit

Answer Area

  • Groups to control the build access:
    Active Directory groupsAzure Active Directory groupsMicrosoft Visual Studio App Center distribution groups
  • Group type:
    PrivatePublicShared

Explanation

This question tests knowledge of Azure DevOps organization-level access control for mobile application builds, specifically which features to use for managing distribution and access at scale.

Approach. For controlling access to application builds at the organization level in Azure DevOps, you should use Microsoft Visual Studio App Center (now integrated with Azure) for distributing mobile app builds to testers and stakeholders, combined with Azure DevOps Organizations and Release Gates/Approvals for pipeline-level control. Specifically, for managing access to builds across three mobile apps at the organization level, you would use 'Release pipelines' with 'Deployment groups' or 'Environments' and configure 'Azure Active Directory groups' to manage who can access which builds. App Center Distribution Groups allow you to control which users or testers receive specific application builds, and this can be managed centrally at the organization level. For Azure DevOps-native control, Project-level permissions and Organization-level security groups (like 'Project Collection Administrators') govern who can trigger, view, or download builds across all three applications.

Concept tested. Azure DevOps organization-level access control for mobile application build management, including the use of Azure Active Directory integration, security groups, App Center distribution groups, and pipeline permissions to govern who can access application artifacts across multiple mobile projects.

Reference. https://learn.microsoft.com/en-us/azure/devops/organizations/security/about-security-identity?view=azure-devops

Topics

#Azure DevOps security#build access control#organization level permissions#Azure Active Directory integration

Community Discussion

No community discussion yet for this question.

Full AZ-400 Practice