[Dec 15, 2021] MS-600 Dumps Full Questions - Exam Study Guide
Microsoft 365 Certified: Developer Associate Free Certification Exam Material from BraindumpQuiz with 170 Questions
Introduction to MS-600: Building Applications and Solutions with Microsoft 365 Core Services (beta) Exam
Candidates for MS-600 Exam are seeking to prove fundamental knowledge and skills of application development with Microsoft 365. Before taking this exam, exam aspirants ought to have a solid fundamental knowledge of the concepts shared in preparation guide as well as developing solutions on Microsoft Teams, Office Add-ins, or SharePoint Framework through all phases of software development would give an added edge.
It is suggested that professionals accustomed to the ideas and also the technologies represented here by taking relevant training courses. Candidates are expected to have some hands-on experience with key responsibilities such as build apps with Microsoft Graph, implementing Microsoft identity; extending Teams & Office, extend and customize share point. After passing this exam, candidates get a certificate from Microsoft that helps them to demonstrate their proficiency in application development with Microsoft 365 Core Services to their clients and employers.
Microsoft MS-600 Exam Prerequisites
Exam MS-600 targets Microsoft 365 developers who want to prove their day-to-day at-job expertise by writing this official test.
As already noted above, the MS-600 is linked to an associated-level certification. Hence, it is wise to gain certain competency before taking-up it. As per the vendor’s website, the interested candidate should have gain commendable work-experience on tools like SharePoint Framework, Office Add-ins, or Microsoft Teams. All the phases of software development should be cleared to the test-taker.
Besides, the exam journey will be simplified like never before if an MS-600 applicant has elementary competency of Microsoft identities, REST APIs, OAuth2, OpenID Connect, JSON, OData, and many other related concepts.
NEW QUESTION 23
You have an application named App1 that is used to administer an Azure Active Directory (Azure AD) tenant.
When administrators install App1, they are prompted for admin consent.
Which application permission can cause the administrators to be prompted for consent?
- A. Calendars.ReadWrite
- B. RoleManagement. Read . Directory
- C. Device.Read
- D. Device.Command
Answer: B
NEW QUESTION 24
You are developing a single-page application (SPA).
You plan to access user data from Microsoft Graph by using an AJAX call.
You need to obtain an access token by the Microsoft Authentication Library (MSAL). The solution must minimize authentication prompts.
How should you complete the code segment? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Box 1: loginPopup
Box 2: acquireTokenSilent
The pattern for acquiring tokens for APIs with MSAL.js is to first attempt a silent token request by using the acquireTokenSilent method. When this method is called, the library first checks the cache in browser storage to see if a valid token exists and returns it. When no valid token is in the cache, it sends a silent token request to Azure Active Directory (Azure AD) from a hidden iframe. This method also allows the library to renew tokens.
Box 3: acquireTokenPopup
//AcquireToken Failure, send an interactive request.
Example:
userAgentApplication.loginPopup(applicationConfig.graphScopes).then(function (idToken) {
//Login Success
userAgentApplication.acquireTokenSilent(applicationConfig.graphScopes).then(function (accessToken) {
//AcquireToken Success
updateUI();
}, function (error) {
//AcquireToken Failure, send an interactive request.
userAgentApplication.acquireTokenPopup(applicationConfig.graphScopes).then(function (accessToken) { updateUI();
}, function (error) {
console.log(error);
});
})
}, function (error) {
console.log(error);
});
Reference: https://github.com/AzureAD/microsoft-authentication-library-for-js/issues/339
NEW QUESTION 25
How can you validate that the JSON notification message is sent from the Microsoft Graph service?
- A. The tenant ID must match the tenant ID of the customer's Office 365 tenant.
- B. The subscription ID must match the Azure subscription used by ADatum.
- C. The ClientState must match the value provided when subscribing.
- D. The user_guid must map to a user ID in the Azure AD tenant of the customer.
Answer: C
Explanation:
clientState specifies the value of the clientState property sent by the service in each notification. The maximum length is 128 characters. The client can check that the notification came from the service by comparing the value of the clientState property sent with the subscription with the value of the clientState property received with each notification.
Note: A subscription allows a client app to receive notifications about changes to data in Microsoft Graph.
NEW QUESTION 26
You have an application that employees use to schedule vacations. The application sets an automatic reply and an out-of-office event in the employees' Microsoft 365 calendar.
Employees who access the application from a mobile device report that the application is slow to make changes.
You need to replace the application calls to use a batched request. Automatic reply must be set only if an out-of-office event is set successfully.
How should you complete the batch request? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 27
You are building a Microsoft teams application by using an outgoing webhook.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 28
You need to complete the MSALjs code for the SSO Javascript. Which code segment should you insert at line 06?
- A. cacheLocation:'localStorage'
- B. storeAuthStatelnCookie: false
- C. cacheLocation:'sessionStorage'
- D. storeAuthStatelnCookie: true
Answer: A
NEW QUESTION 29
You need to configure the initial login request in the access token JavaScript script.
Which code segment should you insert at line 01?
const scopes = ['https://graph.microsoft.com/.default'];
- A. 'https://graph.microsoft.com/Mail.Send.All'];
const accessTokenRequest = { - B. const accessTokenRequest = {
- C. scopes: ['https://graph.microsoft.com/Files.ReadWrite',
'https://graph.microsoft.com/Mail.Send']
}; - D. };
const scopes = ['https://graph.microsoft.com/Files.Read.All',
Answer: C
Explanation:
Scenario: ADatum identifies the following technical requirements for the planned E-invoicing capabilities:
* Ensure that all operations performed by E-invoicing against Office 365 are initiated by a user. Require that the user authorize E-invoicing to access the Office 365 data the first time the application attempts to access Office 365 data on the user's behalf.
Reference: https://docs.microsoft.com/en-us/graph/permissions-reference
Implement Microsoft Identity
Testlet 1
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end on this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.
Overview
ADatum Corporation develops a software as a service (SaaS) application named E-invoicing.
Existing Environment
Application Architecture
E-invoicing consists of a single-page application (SPA) and a backend web service that provides invoice management and processing functionality.
E-invoicing stores all the details of each invoicing operation in a backend cloud database. E-invoicing generates invoices in PDF format and provides users with the ability to download the PDF after it is generated.
Each invoice has a unique identifier named invoiceid.
The users have a common workflow where they sign in to E-invoicing, and then open E-invoicing in multiple tabs of a web browser so they can use different parts of the application simultaneously.
Security Architecture
ADatum uses the principle of least privilege whenever possible. ADatum always uses the latest libraries and integration endpoints.
Requirements
Business Goals
ADatum wants to integrate E-invoicing, Azure Active Directory (Azure AD), and Microsoft Graph so that their customers can leverage Microsoft Office 365 services directly from within E-invoicing.
Planned Changes
ADatum plans to add the following capabilities to E-invoicing:
* Email the generated invoices to customers on behalf of the current signed-in user. Any emails generated by the system will contain the invoiced.
* Perform as many operations as possible in the browser without having to leave the E-invoicing application.
* Use Azure AD to manage identities, authentication, and authorization.
* Display all emails that contain a specific invoiceid.
Technical Requirements
ADatum identifies the following technical requirements for the planned E-invoicing capabilities:
* Ensure that all operations performed by E-invoicing against Office 365 are initiated by a user. Require that the user authorize E-invoicing to access the Office 365 data the first time the application attempts to access Office 365 data on the user's behalf.
* Send scheduled reminders to customers before a payment due date. Create an administration user interface to enable the scheduled reminders.
* Implement Microsoft Graph change notifications to detect emails from vendors that arrive in a designated mailbox.
* Implement single sign-on (SSO) and minimize login prompts across browser tabs.
* Secure access to the backend web service by using Azure AD.
* Ensure that all solutions use secure coding practices.
Backend Security Planned Changes
ADatum wants to use custom application roles to map user functionality to permissions granted to users.
E-invoicing will have internal logic that will dynamically identify whether the user should be allowed to call the backend API.
SSO JavaScript Script
You plan to implement SSO with Microsoft Authentication Library (MSAL) by using the following code:
Access Token JavaScript Script
You have the following JavaScript code to obtain an access token.
Change Notification JSON
You have the following JSON message that will be sent by the Microsoft Graph service to detect the vendor emails.
NEW QUESTION 30
You are developing an application that will track changes to the UserPrincipalName attribute of Microsoft 365 accounts.
You need to use a REST request to retrieve the information by using Microsoft Graph. The solution must minimize the amount of data retrieved.
What should you do?
- A. Use GET https://graph.microsoft.com/v1.0/users for the calls and track the changes.
- B. Use GET https://graph.microsoft.com/v1.0/users/delta?$select=UserPrincipalName for the first call. Use the state token in subsequent calls.
- C. Use GET https://graph.microsoft.com/v1.0/users/delta for the first call. Use the state token in subsequent calls.
- D. Use GET https://graph.microsoft.com/v1.0/users$select=UserPrincipalName for the calls and track the changes.
Answer: B
Explanation:
Explanation
Use delta query to track changes in a resource collection
The typical call pattern is as follows:application begins by calling a GET request with the delta function on the desired resource.
* Microsoft
* The Graph sends a response containing the requested resource and a state token.
Example: Selecting three properties
The next example shows the initial request selecting three properties for change tracking, with default response behavior.
Note: Delta query enables applications to discover newly created, updated, or deleted entities without performing a full read of the target resource with every request.
Reference: https://docs.microsoft.com/en-us/graph/api/user-delta
NEW QUESTION 31
You have a SharePoint Framework (SPFx) 1.5 solution.
You need to ensure that the solution can be used as a tab in Microsoft Teams.
What should you do first?
- A. Deploy the solution to a developer site collection
- B. Convert the solution to use the Bot Framework
- C. Upgrade the solution to the latest version of SPFx
- D. Deploy the solution to the Microsoft AppSource store
Answer: C
Explanation:
Starting with the SharePoint Framework v1.8, you can implement your Microsoft Teams tabs using SharePoint Framework.
Reference: https://docs.microsoft.com/en-us/sharepoint/dev/spfx/web-parts/get-started/using-web-part-as-ms- teams-tab
NEW QUESTION 32
You need to protect the backend web service to meet the technical requirements.
Which four actions should you perform in sequence? To answer, move the actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Explanation:
Explanation
Here is a quick overview of the steps:
Step 1: Register an application in Azure AD for the backend web service Register an application (backend-app) in Azure AD to represent the API.
Step 2: Set the App ID URI for the backend service application registration When the application is created (step 1) select Expose an API and click on Save and continue to create an Application ID URI.
Step 3: Defend the scopes in the backend web service application registration In the Add a scope page, create a new scope supported by the API. (e.g., Read) then click on Add scope to create the scope. Repeat this step to add all scopes supported by your API.
Step 4: Register an application in Azure AD for E-invoicing.
Step 4.1 Register another application in Azure AD to represent a client application Step 4.2 Now that you have registered two applications to represent the API and the Developer Console, you need to grant permissions to allow the client-app to call the backend-app.
Scenario:
Secure access to the backend web service by using Azure AD
E-invoicing will have internal logic that will dynamically identify whether the user should be allowed to call the backend API.
Reference:
https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-protect-backend-with-aad
NEW QUESTION 33
You have a server-side web app that uses OAuth 2.0 and is registered to the Microsoft identity platform.
A user acquires an authorization token.
You need to specify which HTTP header format the user must use to access the app.
What should you specify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 34
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Graphical user interface, text, application, chat or text message Description automatically generated
Box 1: Yes
As part of your app you can add custom tabs to embed your own web content in Teams, and using the Teams JavaScript client SDK, add Teams-specific functionality to your web content.
Box 2: Yes
You can use the Office JavaScript API to create task pane or content add-ins for Office 2013 host applications.
Box 3: Yes
You can use the Office JavaScript API to create task pane or content add-ins for Office 2013 host applications.
Reference: https://docs.microsoft.com/en-us/microsoftteams/platform/tabs/what-are-tabs
https://docs.microsoft.com/en-us/office/dev/add-ins/develop/support-for-task-pane-and-content-add-ins
NEW QUESTION 35
You have an app named App1 that uses the Microsoft Graph API.
You need to identify all users who have a job title of Developer. The solution must return only the display name and email address attributes of the users.
How should you complete the Microsoft Graph API query? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Graphical user interface Description automatically generated
Reference:
https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http
NEW QUESTION 36
You need to develop a server-based web app that will be registered with the Microsoft identity platform. The solution must ensure that the app can perform operations on behalf of the user.
Which type of authorization flow should you use?
- A. refresh token
- B. authorization code
- C. device code
- D. resource owner password
Answer: B
Explanation:
Explanation
In web server apps, the sign-in authentication flow takes these high-level steps:
You can ensure the user's identity by validating the ID token with a public signing key that is received from the Microsoft identity platform endpoint. A session cookie is set, which can be used to identify the user on subsequent page requests.
In addition to simple sign-in, a web server app might need to access another web service, such as a REST API.
In this case, the web server app engages in a combined OpenID Connect and OAuth 2.0 flow, by using the OAuth 2.0 authorization code flow.
Reference: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-app-types
NEW QUESTION 37
You need to implement the role functionality for the backend web service calls.
Which three actions should you perform in sequence? To answer, move the actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Explanation:
Explanation
NEW QUESTION 38
You plan to integrate a web-based support ticketing system and Microsoft Teams.
You need to recommend a solution that will prompt users for specific information before a ticket is created.
The solution must minimize development effort.
What should you include in the recommendation?
- A. incoming webhooks
- B. a notification-only bot
- C. a conversational bot
- D. outgoing webhooks
Answer: D
Explanation:
Webhooks are a great way for Teams to integrate with external apps. A webhook is essentially a POST request sent to a callback URL. In Teams, outgoing webhooks provide a simple way to allow users to send messages to your web service without having to go through the full process of creating bots via the Microsoft Bot Framework. Outgoing webhooks post data from Teams to any chosen service capable of accepting a JSON payload. Once an outgoing webhook is added to a team, it acts like bot, listening in channels for messages using @mention, sending notifications to external web services, and responding with rich messages that can include cards and images.
NEW QUESTION 39
You are evaluating deep links in Microsoft Teams.
For each of the following statement, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
A screenshot of a computer Description automatically generated with low confidence
Box 1: No
Box 2: Yes
Box 3: Yes
You can create links to information and features within the Teams client. Examples of where this may be useful:
* Navigating the user to content within one of your app's tabs. For instance, your app may have a bot that sends messages notifying the user of an important activity. When the user taps on the notification, the deep link navigates to the tab so the user can view more details about the activity.
* Your app automates or simplifies certain user tasks, such as creating a chat or scheduling a meeting, by pre-populating the deep links with required parameters. This avoids the need for users to manually enter information.
Reference: https://docs.microsoft.com/en-us/microsoftteams/platform/concepts/build-and-test/deep-links
NEW QUESTION 40
You have a SharePoint Framework (SPFx) 1.5 solution.
You need to ensure that the solution can be used as a tab in Microsoft Teams.
What should you do first?
- A. Deploy the solution to a developer site collection
- B. Convert the solution to use the Bot Framework
- C. Upgrade the solution to the latest version of SPFx
- D. Deploy the solution to the Microsoft AppSource store
Answer: C
Explanation:
Starting with the SharePoint Framework v1.8, you can implement your Microsoft Teams tabs using SharePoint Framework.
NEW QUESTION 41
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 42
You have a backend service that will access the Microsoft Graph API.
You need to configure the service to authenticate by using the most secure authentication method.
What should you configure the service to use?
- A. a shared key
- B. a client secret
- C. a certificate
- D. a hash
Answer: C
Explanation:
Explanation
You can authenticate to the Graph API with two primary methods: AppId/Secret and certificate based authentication. Certificate is the preferred and more secure way of authenticating.
Reference: https://adamtheautomator.com/microsoft-graph-api-powershell/
NEW QUESTION 43
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Box 1: Yes
As part of your app you can add custom tabs to embed your own web content in Teams, and using the Teams JavaScript client SDK, add Teams-specific functionality to your web content.
Box 2: Yes
You can use the Office JavaScript API to create task pane or content add-ins for Office 2013 host applications.
Box 3: Yes
You can use the Office JavaScript API to create task pane or content add-ins for Office 2013 host applications.
Reference: https://docs.microsoft.com/en-us/microsoftteams/platform/tabs/what-are-tabs
https://docs.microsoft.com/en-us/office/dev/add-ins/develop/support-for-task-pane-and-content-add-ins
NEW QUESTION 44
You are developing a human resources application that will show users where they are in their company's organization chart.
You are adding a new feature that will display the name of a user's manager inside the application.
You need to create a REST query to retrieve the information. The solution must minimize the amount of data retrieved.
Which query should you use?
- A. GET https://graph.microsoft.com/v1.0/users/{UserPricipalName}/
people?$filter=jobTitle eq 'manager'&$select=displayName - B. GET https://graph.microsoft.com/v1.0/users/{UserPricipalName}/
manager?$select=displayName - C. GET https://graph.microsoft.com/v1.0/users/{UserPricipalName}/
contacts?$filter=jobTitle eq 'manager' - D. GET https://graph.microsoft.com/v1.0/users/{UserPricipalName}/manager
Answer: B
Explanation:
Explanation
Get user's manager. Returns the user or organizational contact assigned as the user's manager.
Syntax:
GET /me/manager
GET /users/{id | userPrincipalName}/manager
Only the name of the user's manager should be displayed so we use ?select=displayname To specify a different set of properties to return than the default set provided by the Graph, use the $select query option. The $select option allows for choosing a subset or superset of the default set returned.
References: https://docs.microsoft.com/en-us/graph/api/user-list-manager
https://developer.microsoft.com/en-us/graph/docs/overview/query_parameters
NEW QUESTION 45
You need to complete the MSAL.js code for SSO.
Which code segment should you insert at line 06?
- A. cacheLocation: 'sessionStorage'
- B. cacheLocation: 'localStorage'
- C. storeAuthStateInCookie: true
- D. storeAuthStateInCookie: false
Answer: B
Explanation:
Scenario: Implement single sign-on (SSO) and minimize login prompts across browser tabs.
When your application is open in multiple tabs and you first sign in the user on one tab, the user is also signed in on the other tabs without being prompted. MSAL.js caches the ID token for the user in the browser localStorage and will sign the user in to the application on the other open tabs.
By default, MSAL.js uses sessionStorage which does not allow the session to be shared between tabs. To get SSO between tabs, make sure to set the cacheLocation in MSAL.js to localStorage.
Reference: https://docs.microsoft.com/bs-latn-ba/Azure/active-directory/develop/msal-js-sso Implement Microsoft Identity Question Set 2
NEW QUESTION 46
......
Microsoft MS-600 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
| Topic 8 |
|
| Topic 9 |
|
| Topic 10 |
|
| Topic 11 |
|
| Topic 12 |
|
| Topic 13 |
|
| Topic 14 |
|
| Topic 15 |
|
| Topic 16 |
|
| Topic 17 |
|
| Topic 18 |
|
| Topic 19 |
|
Dumps Brief Outline Of The MS-600 Exam: https://www.braindumpquiz.com/MS-600-exam-material.html
Use Real MS-600 - 100% Cover Real Exam Questions: https://drive.google.com/open?id=1aF8PiGFiXWZf3Qz6YMC4ahcxuI9-XhC4