Domain 3 · 15-20% of Exam

Design and Implement Security and Compliance

Design and implement strategies for managing sensitive information, security, and compliance in DevOps.

What You'll Be Tested On

  • Implement dependency scanning and vulnerability management
  • Design secret management with Key Vault and variable groups
  • Implement SAST, DAST, and container scanning
  • Design compliance and governance automation

Key AWS Services in This Domain

🔒Security🧪Testing

Exam Tips for Domain 3

💡

Shift-left security integrates scanning early in the development cycle.

💡

GitHub Advanced Security provides code scanning, secret scanning, and Dependabot.

💡

Azure Key Vault integration with pipelines eliminates hard-coded secrets.

Practice Domain 3 Questions

Test your knowledge of Design and Implement Security and Compliance with practice questions from our AZ-400 question bank.

Start Practice Quiz →

Other AZ-400 Domains

Domain 1Configure Processes and Communications10-15%Domain 2Design and Implement Source Control and CI/CD40-45%Domain 4Implement an Instrumentation Strategy10-15%Domain 5Develop an SRE Strategy5-10%
← AZ-400 Study HubFree Mock Exam30-Day Study Plan