nerdexam
Microsoft

AZ-400 · Question #79

Drag and Drop Question You are implementing a package management solution for a Node.js application by using Azure Artifacts. You need to configure the development environment to connect to the packag

The correct answer is The .npmrc file in the project; The .npmrc file in the user's home folder. The correct arrangement uses two .npmrc files for different purposes: the project-level .npmrc file stores the registry URL and non-sensitive configuration (pointing to the Azure Artifacts feed), while the user's home folder .npmrc file stores the authentication credentials/token

Submitted by jordan8· Mar 6, 2026Design and implement a package management strategy - specifically configuring secure access to Azure Artifacts feeds using .npmrc files to separate registry settings from authentication credentials, preventing credential exposure in source control.

Question

Drag and Drop Question You are implementing a package management solution for a Node.js application by using Azure Artifacts. You need to configure the development environment to connect to the package repository. The solution must minimize the likelihood that credentials will be leaked. Which file should you use to configure each connection? To answer, drag the appropriate files to the correct connections. Each file may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content NOTE: Each correct selection is worth one point. Answer:

Exhibits

AZ-400 question #79 exhibit 1
AZ-400 question #79 exhibit 2

Answer Area

Drag items

The .npmrc file in the projectThe .npmrc file in the user's home folderThe Package.json file in the projectThe Project.json file in the project

Correct arrangement

  • The .npmrc file in the project
  • The .npmrc file in the user's home folder

Explanation

The correct arrangement uses two .npmrc files for different purposes: the project-level .npmrc file stores the registry URL and non-sensitive configuration (pointing to the Azure Artifacts feed), while the user's home folder .npmrc file stores the authentication credentials/tokens. This separation ensures credentials are kept out of source control (since the home folder .npmrc is never committed to a repository), minimizing the risk of credential leakage. Azure Artifacts explicitly recommends this two-file pattern to separate registry configuration from authentication.

Topics

#Azure Artifacts#npm package management#credential security#DevOps configuration

Community Discussion

No community discussion yet for this question.

Full AZ-400 Practice