Free Practice Questions for Microsoft Azure DevOps Engineer Expert (AZ-400) Certification
Study with 348 exam-style practice questions designed to help you prepare for the Microsoft Azure DevOps Engineer Expert (AZ-400). All questions are aligned with the latest exam guide and include detailed explanations to help you master the material.
Start Practicing
All Domains
Practice with randomly mixed questions from all topics
Domain Mode
Practice questions from a specific topic area
Quiz History
Exam Details
Key information about Microsoft Azure DevOps Engineer Expert (AZ-400)
- Multiple choice
- Ordering
- Matching
- Fill in the blank
Experience administering and developing in Azure, strong skills in at least one of these areas, and experience implementing both GitHub and Azure DevOps solutions.
Developers or infrastructure administrators with subject matter expertise in enabling continuous delivery of value, working with cross-functional teams including Developers, Site Reliability Engineers, Azure Administrators, and Security Engineers.
April 24, 2026
Exam Topics & Skills Assessed
Skills measured (from the official study guide)
Domain 1: Design and implement processes and communications
Subdomain 1.1: Design and implement traceability and flow of work
Design and implement a structure for the flow of work, including GitHub Flow
Design and implement a strategy for feedback cycles, including notifications and GitHub issues
Design and implement integration for tracking work, including GitHub projects, Azure Boards, and repositories
Design and implement source, bug, and quality traceability
Subdomain 1.2: Design and implement appropriate metrics and queries for DevOps
Design and implement a dashboard, including flow of work, such as cycle times, time to recovery, and lead time
Design and implement appropriate metrics and queries for project planning
Design and implement appropriate metrics and queries for development
Design and implement appropriate metrics and queries for testing
Design and implement appropriate metrics and queries for security
Design and implement appropriate metrics and queries for delivery
Design and implement appropriate metrics and queries for operations
Subdomain 1.3: Configure collaboration and communication
Document a project by configuring wikis and process diagrams, including Markdown and Mermaid syntax
Configure release documentation, including release notes and API documentation
Automate creation of documentation from Git history
Configure integration by using webhooks
Configure integration between Azure Boards and GitHub repositories
Configure integration between GitHub or Azure DevOps and Microsoft Teams
Domain 2: Design and implement a source control strategy
Subdomain 2.1: Design and implement branching strategies for the source code
Design a branch strategy, including trunk-based, feature branch, and release branch
Design and implement a pull request workflow by using branch policies and branch protection rules
Implement branch merging restrictions by using branch policies and branch protection rules
Subdomain 2.2: Configure and manage repositories
Design and implement a strategy for managing large files, including Git Large File Storage (LFS) and git-fat
Design a strategy for scaling and optimizing a Git repository, including Scalar and cross-repository sharing
Configure permissions in the source control repository
Configure tags to organize the source control repository
Recover specific data by using Git commands
Remove specific data from source control
Domain 3: Design and implement build and release pipelines
Subdomain 3.1: Design and implement a package management strategy
Recommend package management tools including GitHub Packages and Azure Artifacts
Design and implement package feeds and views for local and upstream packages
Design and implement a dependency versioning strategy for code assets and packages, including semantic versioning (SemVer) and date-based (CalVer)
Design and implement a versioning strategy for pipeline artifacts
Subdomain 3.2: Design and implement a testing strategy for pipelines
Design and implement quality and release gates, including security and governance
Design a comprehensive testing strategy, including local tests, unit tests, integration tests, and load tests
Implement tests in a pipeline, including configuring test tasks, configuring test agents, and integration of test results
Implement code coverage analysis
Subdomain 3.3: Design and implement pipelines
Select a deployment automation solution, including GitHub Actions and Azure Pipelines
Design and implement a GitHub runner or Azure DevOps agent infrastructure, including cost, tool selection, licenses, connectivity, and maintainability
Design and implement integration between GitHub repositories and Azure Pipelines
Develop and implement pipeline trigger rules
Develop pipelines by using YAML
Design and implement a strategy for job execution order, including parallelism and multi-stage pipelines
Develop and implement complex pipeline scenarios, such as hybrid pipelines, VM templates, and self-hosted runners or agents
Create reusable pipeline elements, including YAML templates, task groups, variables, and variable groups
Design and implement checks and approvals by using YAML-based environments
Subdomain 3.4: Design and implement deployments
Design a deployment strategy, including blue-green, canary, ring, progressive exposure, feature flags, and A/B testing
Design a pipeline to ensure that dependency deployments are reliably ordered
Plan for minimizing downtime during deployments by using load balancing, rolling deployments, and deployment slot usage and swap
Design a hotfix path plan for responding to high-priority code fixes
Design and implement a resiliency strategy for deployment
Implement feature flags by using Azure App Configuration Feature Manager
Implement application deployment by using containers, binaries, and scripts
Implement a deployment that includes database tasks
Subdomain 3.5: Design and implement infrastructure as code (IaC)
Recommend a configuration management technology for application infrastructure
Implement a configuration management strategy for application infrastructure
Define an IaC strategy, including source control and automation of testing and deployment
Design and implement desired state configuration for environments, including Azure Automation State Configuration, Azure Resource Manager, Bicep, and Azure Machine Configuration
Design and implement Azure Deployment Environments for on-demand self-deployment
Subdomain 3.6: Maintain pipelines
Monitor pipeline health, including failure rate, duration, and flaky tests
Optimize a pipeline for cost, time, performance, and reliability
Optimize pipeline concurrency for performance and cost
Design and implement a retention strategy for pipeline artifacts and dependencies
Migrate a pipeline from classic to YAML in Azure Pipelines
Domain 4: Develop a security and compliance plan
Subdomain 4.1: Design and implement authentication and authorization methods
Choose between Microsoft Entra service principals and managed identities for Azure resources (system-assigned and user-assigned)
Implement and manage GitHub authentication, including GitHub Apps, GITHUB_TOKEN, and personal access tokens
Implement and manage Azure DevOps service connections and personal access tokens
Design and implement permissions and roles in GitHub
Design and implement permissions and security groups in Azure DevOps
Recommend appropriate access levels, including stakeholder access in Azure DevOps and outside collaborator access in GitHub
Configure projects and teams in Azure DevOps
Subdomain 4.2: Design and implement a strategy for managing sensitive information in automation
Implement and manage secrets, keys, and certificates by using Azure Key Vault
Implement and manage secrets and secretless authentication (for example, workload identity federation/OpenID Connect) in GitHub Actions and Azure Pipelines
Design and implement a strategy for managing sensitive files during deployment, including Azure Pipelines secure files
Design pipelines to prevent leakage of sensitive information
Subdomain 4.3: Automate security and compliance scanning
Design a strategy for security and compliance scanning, including dependency, code, secret, and licensing scanning
Configure Microsoft Defender for Cloud DevOps Security
Configure GitHub Advanced Security for both GitHub and Azure DevOps
Integrate GitHub Advanced Security with Microsoft Defender for Cloud
Automate container scanning, including scanning container images and configuring an action to run CodeQL analysis in a container
Automate analysis of licensing, vulnerabilities, and versioning of open-source components by using Dependabot alerts
Domain 5: Implement an instrumentation strategy
Subdomain 5.1: Configure monitoring for a DevOps environment
Configure Azure Monitor and Azure Monitor Logs to integrate with DevOps tools
Configure collection of telemetry by using Application Insights, VM Insights, Container Insights, Azure Monitor for Storage, and Azure Monitor for Networks
Configure monitoring in GitHub, including enabling insights and creating and configuring charts
Configure alerts for events in GitHub Actions and Azure Pipelines
Subdomain 5.2: Analyze metrics from instrumentation
Inspect infrastructure performance indicators, including CPU, memory, disk, and network
Analyze metrics by using collected telemetry, including usage and application performance
Inspect distributed tracing by using Application Insights
Interrogate logs using basic Kusto Query Language (KQL) queries
Techniques & products