- (Exam Topic 4)
You use WhiteSource Bolt to scan a Node.js application.
The WhiteSource Bolt scan identifies numerous libraries that have invalid licenses. The libraries are used only during development and are not part of a production deployment.
You need to ensure that WhiteSource Bolt only scans production dependencies.
Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
Correct Answer:
AC
A: To resolve NPM dependencies, you should first run "npm install" command on the relevant folders before executing the plugin.
C: All npm packages contain a file, usually in the project root, called package.json - this file holds various metadata relevant to the project. This file is used to give information to npm that allows it to identify the project as well as handle the project's dependencies. It can also contain other metadata such as a project description, the version of the project in a particular distribution, license information, even configuration data - all of which can be vital to both npm and to the end users of the package.
Reference: https://whitesource.atlassian.net/wiki/spaces/WD/pages/34209870/NPM+Plugin https://nodejs.org/en/knowledge/getting-started/npm/what-is-the-file-package-json
- (Exam Topic 4)
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions
will not appear in the review screen.
You have an Azure DevOps organization named Contoso and an Azure subscription. The subscription contains an Azure virtual machine scale set named VMSS1 that is configured for autoscaling.
You have a project in Azure DevOps named Project1. Project1 is used to build a web app named App1 and deploy App1 to VMSS1.
You need to ensure that an email alert is generated whenever VMSS1 scales in or out. Solution: From Azure DevOps, configure the Notifications settings for Project1. Does this meet the goal?
Correct Answer:
B
Notifications help you and your team stay informed about activity that occurs within your projects in Azure DevOps. You can get notified when changes occur to the following items:
work items code reviews pull requests source control files builds
Reference:
https://docs.microsoft.com/en-us/azure/devops/notifications/about-notifications?view=azure-devops
- (Exam Topic 4)
You provision an Azure Kubernetes Service (AKS) cluster that has RBAC enabled. You have a Helm chart for a client application.
You need to configure Helm and Tiller on the cluster and install the chart.
Which three commands should you recommend be run in sequence? To answer, move the appropriate commands from the list of commands to the answer area and arrange them in the correct order.
Solution:
Step 1: Kubectl create
You can add a service account to Tiller using the --service-account
Example: Service account with cluster-admin role
$ kubectl create -f rbac-config.yaml serviceaccount "tiller" created clusterrolebinding "tiller" created
$ helm init --service-account tiller Step 2: helm init
To deploy a basic Tiller into an AKS cluster, use the helm init command. Step 3: helm install
To install charts with Helm, use the helm install command and specify the name of the chart to install. References:
https://docs.microsoft.com/en-us/azure/aks/kubernetes-helm https://docs.helm.sh/using_helm/#tiller-namespaces-and-rbac
Does this meet the goal?
Correct Answer:
A
