Book Image

Designing and Implementing Microsoft DevOps Solutions AZ-400 Exam Guide - Second Edition

By : Subhajit Chatterjee, Swapneel Deshpande, Henry Been, Maik van der Gaag
Book Image

Designing and Implementing Microsoft DevOps Solutions AZ-400 Exam Guide - Second Edition

By: Subhajit Chatterjee, Swapneel Deshpande, Henry Been, Maik van der Gaag

Overview of this book

The AZ-400 Designing and Implementing Microsoft DevOps Solutions certification helps DevOps engineers and administrators get to grips with practices such as continuous integration and continuous delivery (CI/CD), containerization, and zero downtime deployments using Azure DevOps Services. This new edition is updated with advanced topics such as site reliability engineering (SRE), continuous improvement, and planning your cloud transformation journey. The book begins with the basics of CI/CD and automated deployments, and then moves ahead to show you how to apply configuration management and Infrastructure as Code (IaC) along with managing databases in DevOps scenarios. As you make progress, you’ll explore fitting security and compliance with DevOps and find out how to instrument applications and gather metrics to understand application usage and user behavior. This book will also help you implement a container build strategy and manage Azure Kubernetes Services. Lastly, you’ll discover quick tips and tricks to confidently apply effective DevOps practices and learn to create your own Azure DevOps organization. By the end of this DevOps book, you'll have gained the knowledge needed to ensure seamless application deployments and business continuity.
Table of Contents (27 chapters)
1
Part 1 – Digital Transformation through DevOps
5
Part 2 – Getting to Continuous Delivery
9
Part 3 – Expanding Your DevOps Pipeline
15
Part 4 – Closing the Loop
18
Part 5 – Advanced Topics

Other tools you can use

There are many tools available on the market for performing security scans of application code and dependencies. Some examples include WhiteSource, Black Duck, Veracode, and Checkmarx:

  • WhiteSource is the paid version of WhiteSource Bolt. It offers the same services and more. For example, it doesn’t only report risks at the time of the dependency scan; it also gives you alerts when new risks become available for dependencies that were present during the last scan of an application.
  • Black Duck is a product that helps teams to manage the risks associated with using open source software. The services it offers are comparable to WhiteSource.
  • Veracode and Checkmarx are code-scanning tools that are used to identify vulnerable code. Whereas SonarQube checks both code quality and security risks, these two products focus solely on security risks. In general, they are better at security scanning, with the downside being that they are more expensive...