Microsoft DevOps Engineer Expert Practice Exam 2025: Latest Questions

Your team uses Azure Boards and Azure Repos. Leadership wants every pull request (PR) to be traceable to a work item, and the PR should be blocked if no work item is linked. What should you configure?

A development team is migrating from a centralized version control system to Git in Azure Repos. They want to reduce integration issues by using short-lived branches and frequent merges into main. Which branching strategy best fits this requirement?

You need to ensure that a CI pipeline in Azure Pipelines runs automatically when code is pushed to the main branch, and also when a pull request targets main. What should you configure in the YAML pipeline?

You are troubleshooting a multi-stage Azure DevOps pipeline. The build stage succeeds, but the deploy stage does not start. You notice the deploy stage dependsOn the build stage and has a condition set to run only when the source branch is refs/heads/main. A developer ran the pipeline from a feature branch manually. Why did the deploy stage not run?

Your organization must ensure that secrets used by Azure Pipelines are not stored in source control and are centrally managed with access policies and auditing. Pipelines must retrieve secrets at runtime. Which approach best meets these requirements?

You want to speed up CI builds for a .NET application in Azure Pipelines by reusing restored packages across runs. Which feature should you use?

Your team is using Git in Azure Repos. They want to prevent direct pushes to the main branch, require PRs, and ensure that the build pipeline validates changes before merge. What should you configure?

You deploy an application to Azure App Service using an Azure DevOps release pipeline. You need to ensure that the same build artifact is promoted through dev, test, and production without rebuilding, and each environment has its own configuration values. Which approach is recommended?

You need to enforce that any deployment to production from Azure Pipelines requires successful completion of an automated security scan and an explicit approval by the security team. The controls must be applied consistently even if new pipelines are created. What should you implement?

You operate a microservices application on AKS. You must correlate a single user request across multiple services and quickly find which dependency call caused latency. You already collect logs and metrics in Azure Monitor. What should you implement to enable end-to-end request correlation?

You manage an Azure DevOps project where multiple teams contribute to a single Git repo. You need to ensure every pull request has at least one reviewer from the security team when files under /infra/ change, while not affecting PRs that don’t touch that path. What should you configure?

Your team wants to standardize work item handling in Azure Boards. A pull request should automatically transition the linked user story to “Resolved” when the PR is completed and merged into the default branch. What should you use?

You are troubleshooting an Azure DevOps YAML pipeline that intermittently fails to restore NuGet packages from an Azure Artifacts feed. The error indicates unauthorized access, but only on some runs and only for some developers’ branches. Which solution is the recommended best practice?

A microservices application is deployed to Azure Kubernetes Service (AKS) using Azure DevOps. You must implement progressive exposure for a new version so that only 10% of traffic is routed to the new pods initially, and then gradually increase it if no issues occur. What should you implement?

You need to reduce YAML duplication across 30 repositories. Each repo has a similar CI pipeline but uses different build parameters. You want centralized control with the ability for each repo to pass its own values. What should you use in Azure Pipelines?

Your organization requires that production deployments occur only after an external change-management system approves the release. You must enforce this as a gate before the 'Prod' environment in Azure Pipelines. What should you configure?

You need to instrument a .NET service running in Azure App Service so that you can correlate a single user request across multiple dependencies (HTTP calls, SQL, and messaging) and troubleshoot latency. Which approach is most appropriate?

A team uses Azure DevOps multi-stage YAML pipelines. They want to ensure a stage runs only when changes are made under the /src/api folder, while still building on every commit for other stages. What is the best solution?

Your company wants to prevent secrets from being committed to repositories and also prevent secrets from being introduced by build artifacts. You must implement controls both at source and during CI. Which combination best meets the requirement?

You manage a regulated workload. Auditors require proof that production releases are traceable to an approved work item, built from a specific commit, and deployed via an automated process with segregation of duties. Which design best satisfies these requirements in Azure DevOps?

Your team uses Azure Boards and Azure Repos. You must ensure that a pull request cannot be completed unless it is linked to at least one work item and the work item state is changed to "Done" when the PR completes. What should you configure?

You need to ensure that a repository does not contain large binary assets and that developers are guided to store those assets elsewhere. The solution must block pushes that include files larger than 50 MB. What should you implement in Azure Repos?

A multi-stage YAML pipeline deploys to dev, test, and prod. You must ensure that production deployment can only occur after a manual approval and only from the main branch. The approval must be managed outside of the YAML file by release managers. What should you use?

Your organization uses self-hosted agents. You must prevent pipeline scripts from extracting secrets from the agent machine and accessing other teams' build artifacts. Which approach best mitigates this risk while maintaining self-hosted agents?

A microservices application emits distributed traces but troubleshooting end-to-end latency is difficult. You want to correlate a single user request across multiple services and deployments from Azure DevOps pipelines. What is the best solution?