nerdexam
Microsoft

AZ-400 · Question #92

You have an Azure DevOps organization named Contoso, an Azure DevOps project named Project1, an Azure subscription named Sub1, and an Azure key vault named vault1. You need to ensure that you can refe

The correct answer is A. Create a variable group in Project1.. Use a variable group to store values that you want to control and make available across multiple https://docs.microsoft.com/en-us/azure/devops/pipelines/library/variable-groups

Submitted by rania.sa· Mar 6, 2026Design identity, governance, and monitoring solutions

Question

You have an Azure DevOps organization named Contoso, an Azure DevOps project named Project1, an Azure subscription named Sub1, and an Azure key vault named vault1. You need to ensure that you can reference the values of the secrets stored in vault1 in all the pipelines of Project1. The solution must prevent the values from being stored in the pipelines. What should you do?

Options

  • ACreate a variable group in Project1.
  • BAdd a secure file to Project1.
  • CModify the security settings of the pipelines.
  • DConfigure the security policy of Contoso.

How the community answered

(41 responses)
  • A
    76% (31)
  • B
    7% (3)
  • C
    2% (1)
  • D
    15% (6)

Explanation

Use a variable group to store values that you want to control and make available across multiple https://docs.microsoft.com/en-us/azure/devops/pipelines/library/variable-groups

Topics

#Azure Key Vault#variable groups#pipeline secrets#credential management

Community Discussion

No community discussion yet for this question.

Full AZ-400 Practice