📝 Infrastructure as Code - AZ-400 Practice Questions

Implement infrastructure as code using ARM templates, Bicep, Terraform, and configuration management tools.

4Questions Available
1Exam Domains

Practice IaC Questions Now

Start a timed practice session focusing on Infrastructure as Code topics from the AZ-400 question bank.

Start AZ-400 Practice Quiz →

AZ-400 IaC Question Bank (4 Questions)

Browse all 4 practice questions covering Infrastructure as Code for the AZ-400 certification exam. Answers are intentionally hidden on this page so you can self-test first before checking results in quiz mode.

  1. Question 1Develop a security and compliance plan

    A team wants to scan their Bicep/ARM templates for security misconfigurations (e.g., storage accounts with public access, overly permissive NSGs) in the CI pipeline. Which tool performs IaC security scanning?

    Aaz bicep build (syntax only)
    BCheckov, Terrascan, or Microsoft Defender for DevOps (which runs Checkov) — scans ARM/Bicep for security misconfigurations
    CAzure Policy compliance scan
    DARM template deployment validation

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start AZ-400 Quiz
  2. Question 2Design and implement build and release pipelines

    A DevOps team needs to implement infrastructure provisioning that supports both creating new environments and updating existing ones idempotently. Which Terraform command achieves this for Azure?

    Aterraform plan
    Bterraform apply — creates resources that don't exist and updates resources whose configuration has changed, idempotently
    Cterraform destroy followed by terraform apply
    Dterraform import

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start AZ-400 Quiz
  3. Question 3Design and implement build and release pipelines

    An organisation wants to implement Infrastructure as Code testing to validate that Terraform modules produce the expected resources. Which tool provides unit and integration testing for Terraform?

    Aterraform validate (syntax only)
    BTerratest (Go-based testing framework) or terraform test (built-in HCL testing in Terraform 1.6+)
    Cpytest with Terraform provider
    DPester (PowerShell testing framework)

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start AZ-400 Quiz
  4. Question 4Design and implement build and release pipelines

    A pipeline for an IaC deployment must validate that the Terraform plan has no critical changes before applying. Which pipeline pattern implements this safely?

    ARun terraform apply directly without plan
    BRun terraform init → terraform plan (save plan file) → manual approval gate → terraform apply -input=false -auto-approve planfile
    CRun terraform apply -auto-approve on every commit
    DRun terraform validate only, skip plan

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start AZ-400 Quiz

Key IaC Concepts for AZ-400

arm templatebicepterraformansibledesired state configurationiacinfrastructure as codeidempotent

AZ-400 IaC Exam Tips

Infrastructure as Code questions in AZ-400 are typically scenario-based. Focus on DevOps process maturity, release strategy, and secure delivery pipelines. Priority concepts: arm template, bicep, terraform, ansible, desired state configuration, iac.

What AZ-400 Expects

  • Anchor your answer in prefer automated, testable, and observable delivery mechanisms across environments.
  • IaC scenarios for AZ-400 are frequently mapped to Domain 3 (50-55%), so read the objective carefully before picking controls or architecture.
  • Expect multi-topic scenarios where IaC interacts with identity, networking, governance, or monitoring patterns rather than appearing as an isolated question.
  • When two options are both technically valid, prefer the choice that best aligns with the exam's operational scope (Expert) and vendor best practices.

High-Value IaC Concepts

  • Know the core IaC building blocks cold: arm template, bicep, terraform, ansible.
  • Review the edge-case features and limits for desired state configuration, iac; these details are commonly used to differentiate answer choices.
  • Practice service-integration reasoning: how IaC pairs with Pipelines, Containers, Release Management in real deployment patterns.
  • For AZ-400, explain why the chosen IaC design meets reliability, security, and cost expectations better than the alternatives.

Common AZ-400 Traps

  • Watch for building pipelines without quality or security gates.
  • Questions in Design and Implement Build and Release Pipelines often include distractors that look correct for IaC but violate least-privilege, compliance, or availability requirements.
  • Avoid picking options purely by feature name; validate data path, failure handling, and governance impact before answering.
  • If the prompt hints at automation or repeatability, eliminate manual-only operational answers first.

Fast Review Checklist

  • Can you compare at least two IaC implementation paths and justify which one best fits the scenario?
  • Can you map the chosen answer back to Design and Implement Build and Release Pipelines (50-55%) outcomes for AZ-400?
  • Can you explain security and access boundaries for IaC without relying on default-open assumptions?
  • Can you describe how IaC integrates with Pipelines and Containers during failure, scaling, and monitoring events?

Exam Domains Covering IaC

Domain 3Design and Implement Build and Release Pipelines50-55%

Related Resources

🎯 Free AZ-400 Mock Exam Pipelines Questions Containers Questions Release Management Questions

More AZ-400 Study Resources

← AZ-400 Study Hub30-Day Study PlanFull Practice Exam