Refresh Building Applications And Solutions With Microsoft 365 Core Services MS-600 Exam Dumps

NEW QUESTION 1

You are developing an application that will upload files that are larger than 50 MB to Microsoft OneDrive.
You need to recommend an upload solution to ensure that the file upload process can resume if a network error occurs during the upload.
Which four actions should you perform in sequence? To answer, move the actions from the list of actions to the answer area and arrange them in the correct order.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 2

You are developing an application that will track changes to the UserPrincipalName attribute of Microsoft 365 accounts.
You need to use a REST request to retrieve the information by using Microsoft Graph. The solution must minimize the amount of data retrieved.
What should you do?

• A. Use GET https://graph.microsoft.com/v1.0/users/delta for the first cal
• B. Use the state token in subsequent calls.
• C. Use GET https://graph.microsoft.com/v1.0/users/delta?$select=UserPrincipalName for the first cal
• D. Use the state token in subsequent calls.
• E. Use GET https://graph.microsoft.com/v1.0/users$select=UserPrincipalName for the calls and track the changes.
• F. Use GET https://graph.microsoft.com/v1.0/users for the calls and track the changes.

Answer: B

Explanation:
Use delta query to track changes in a resource collection
The typical call pattern is as follows:application begins by calling a GET request with the delta function on the desired resource.
Microsoft
The Graph sends a response containing the requested resource and a state token.
Example: Selecting three properties
The next example shows the initial request selecting three properties for change tracking, with default response behavior.
Note: Delta query enables applications to discover newly created, updated, or deleted entities without performing a full read of the target resource with every request.
Reference: https://docs.microsoft.com/en-us/graph/api/user-delta

NEW QUESTION 3

You develop a web API named WebApi1.
When validating a token received from a client application, WebApi1 receives a MsalUiRequiredException exception from Azure Active Directory (Azure AD).
You need to formulate the response that WebApi1 will return to the client application. Which HTTP response should you send?

• A. HTTP 307 Temporary Redirect
• B. HTTP 400 Bad Request
• C. HTTP 403 Forbidden
• D. HTTP 412 Precondition Failed

Answer: D

Explanation:
The HyperText Transfer Protocol (HTTP) 412 Precondition Failed client error response code indicates that access to the target resource has been denied. This happens with conditional requests on methods other than GET or HEAD when the condition defined by the If-Unmodified-Since or If-None-Match headers is not fulfilled. In that case, the request, usually an upload or a modification of a resource, cannot be made and this error response is sent back.
MsalUiRequiredException
The "Ui Required" is proposed as a specialization of MsalServiceException named MsalUiRequiredException. This means you have attempted to use a non-interactive method of acquiring a token (e.g. AcquireTokenSilent), but MSAL could not do it silently. this can be because:
you need to sign-in
you need to consent
you need to go through a multi-factor authentication experience.
The remediation is to call AcquireTokenInteractive try
{
app.AcquireTokenXXX(scopes, account) WithYYYY(...)
ExecuteAsync()
}
catch(MsalUiRequiredException ex)
{
app.AcquireTokenInteractive(scopes) WithAccount(account)
WithClaims(ex.Claims) ExcecuteAsync();
}

NEW QUESTION 4

You are developing a Microsoft Teams application for a support staff.
Within a conversation between the support staff, you want the staff to look up support ticket IDs from a list without opening the ticketing system.
Which feature should the application include?

• A. a bot
• B. a connector
• C. a messaging extension
• D. a tab

Answer: C

Explanation:
Messaging extensions allow users to interact with your web service through buttons and forms in the Microsoft Teams client. They can search, or initiate actions, in an external system from the compose message area, the command box, or directly from a message. You can then send the results of that interaction back to the Microsoft Teams client, typically in the form of a richly formatted card.
Reference:
https://docs.microsoft.com/en-us/microsoftteams/platform/messaging-extensions/what-are-messaging-extension

NEW QUESTION 5

You are building a new tab as part of a new Microsoft Teams application. Users will experience the tab privately.
How should you complete the application manifest? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 6

You are designing a Microsoft Teams application. The application will enable content authors to start conversations about news coming from a third-party application.
Which development technique should you use?

• A. incoming webhooks
• B. outgoing webhooks
• C. activity feeds
• D. deep links

Answer: D

Explanation:
Create deep links to content and features in Microsoft Teams.
You can create links to information and features within the Teams client. Examples of where this may be useful:
Your app automates or simplifies certain user tasks, such as creating a chat or scheduling a meeting, by pre-populating the deep links with required parameters. This avoids the need for users to manually enter information.
Navigating the user to content within one of your app's tabs.
Reference: https://docs.microsoft.com/en-us/microsoftteams/platform/concepts/build-and-test/deep-links

NEW QUESTION 7

You have an application named App1 that is used to administer an Azure Active Directory (Azure AD) tenant. When administrators install Appl, they are prompted for admin consent.
Which application permission can cause the administrators to be prompted for consent?

• A. RoleManagemen
• B. Read . Directory
• C. Device.Command
• D. Device.Read
• E. Calendars.ReadWrite

Answer: A

NEW QUESTION 8

You are building an application that will help Azure Active Directory (Azure AD) administrators manage Microsoft 365 groups.
You are building a details page that will display information about the groups.
You need to display the groups of which the current group is member. The results must contain the nested groups.
Which URI should you use?

• A. Option A
• B. Option B
• C. Option C
• D. Option D
• E. Option E

Answer: D

NEW QUESTION 9

What is the default permission scope when you request an access token by using MSGraphClient?

• A. User.Read
• B. People.Read.All
• C. People.Read
• D. User.Read.All

Answer: D

Explanation:
By default, the service principal has no explicit permissions granted to access the Microsoft Graph. However, if you request an access token for the Microsoft Graph, you get a token with the user_impersonation permission
scope that can be used for reading information about the users (that is, User.Read.All). Reference: https://docs.microsoft.com/en-us/sharepoint/dev/spfx/use-msgraph

NEW QUESTION 10

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Box 1: Yes
The Adaptive Cards Designer provides a drag-and-drop experience to quickly build and tweak adaptive cards. Outlook Actionable Messages cards are designed using the Adaptive Card format. The Adaptive Card format
is a simple yet powerful declarative layout format that provides a lot of flexibility, allowing for visually rich cards. In this topic we'll cover the Outlook-specific features of the Adaptive Card format.
Box 2: Yes
The actionable message card is in JSON format. Box 3: No
By default, the Tenant Administrator can create, edit, clone, and delete tenants, and manage user accounts. Note:
To enable Actionable Messages the recipient of the task must be an Office 365 customer with permissions for the SharePoint online site.
No: Office 365 administrators can disable actionable messages via the Set-OrganizationConfig cmdlet. If actionable messages do not render, check with your administrator to make sure the feature is enabled in your organization.
Adaptive Cards Designer Microsoft outlook actionable messages
References: https://docs.microsoft.com/en-us/outlook/actionable-messages/adaptive-card https://gingkoapp.com/create-tenant-administrator.html

NEW QUESTION 11

You need to complete the MSAL.js code for SSO. Which code segment should you insert at line 06?

• A. storeAuthStateInCookie: false
• B. storeAuthStateInCookie: true
• C. cacheLocation: ‘localStorage’
• D. cacheLocation: ‘sessionStorage’

Answer: C

Explanation:
Scenario: Implement single sign-on (SSO) and minimize login prompts across browser tabs.
When your application is open in multiple tabs and you first sign in the user on one tab, the user is also signed in on the other tabs without being prompted. MSAL.js caches the ID token for the user in the browser localStorage and will sign the user in to the application on the other open tabs.
By default, MSAL.js uses sessionStorage which does not allow the session to be shared between tabs. To get SSO between tabs, make sure to set the cacheLocation in MSAL.js to localStorage.
Reference: https://docs.microsoft.com/bs-latn-ba/Azure/active-directory/develop/msal-js-sso

NEW QUESTION 12

You are developing a Microsoft Team application. To host a webpage in a Teams tab, the manifest file must include the contentUrl property within the staticTabs property.
Instructions: Review the underline text. If the makes the statement correct, select ‘’ No change is needed. ‘’ If the statement is incorrect, select the answer choice that makes the statement correct.

• A. No change is needed.
• B. websiteUrl property within the configuragbleTabs property
• C. ValidDomain property within the configuragbleTabs property
• D. ValidDomain property within the statictabs property

Answer: B

NEW QUESTION 13

You need to develop a client-side web app that will be registered with the Microsoft identity platform. Which type of authorization flow should you use?

• A. authorization code grant
• B. device code grant
• C. implicit grant
• D. client credentials grant

Answer: A

NEW QUESTION 14

You have an application that uses the Microsoft graph API.
When users open the application during peak hours, they occasionally receive an HTTP 429 Too Many requests response status code.
What should you to mitigate the errors?

• A. Adjust the request rate based on the Rate-Limit-Reset Header.
• B. Wait 100 milliseconds between requests.
• C. Adjust the request rate based on the Retry-After header.

Answer: C

NEW QUESTION 15

You have a custom Microsoft Word add-in that was written by using Microsoft Visual Studio Code. A user reports that there is an issue with the add-in.
You need to debug the add-in for Word Online.
What should you do before you begin debugging in Visual Studio Code?

• A. Disable script debugging in your web browser
• B. Sideload the add-in
• C. Publish the manifest to the Microsoft SharePoint app catalog
• D. Add the manifest path to the trusted catalogs

Answer: C

Explanation:
Debug your add-in from Excel or Word on the web
To debug your add-in by using Office on the web (see step 3):
* 12.Deploy your add-in to a server that supports SSL.
* 13. In your add-in manifest file, update the SourceLocation element value to include an absolute, rather than a relative, URI.
* 14. Upload the manifest to the Office Add-ins library in the app catalog on SharePoint.
* 15. Launch Excel or Word on the web from the app launcher in Office 365, and open a new document.
* 16.On the Insert tab, choose My Add-ins or Office Add-ins to insert your add-in and test it in the app.
* 17.Use your favorite browser tool debugger to debug your add-in.
Reference: https://docs.microsoft.com/en-us/office/dev/add-ins/testing/debug-add-ins-in-office-online

NEW QUESTION 16

You have an application that employees use to schedule vacations. The application sets an automatic reply and an out-of-off event in the employees’ Microsoft 365 calender.
Employees who access the application from a mobile device report that the application is slow to make changes.
You need to replace the application calls to use batched request. Automatic reply must be set only if an out-of-office event is set successfully.
How should you complete the batch request? To answer, select the appropriate options in the answer area.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 17

You are building email notifications for an expensing system.
When a user receives an email notification, the email will contain a comment field. When the user submits a comment, the data will be returned to the expensing system for processing.
What should you do to implement the notification by using the minimum amount of development effort?

• A. Create a Microsoft Office Add-in that has an action pane to display the notifications
• B. Leverage Microsoft Graph notifications
• C. Leverage the Azure SignalR Service and implement web notifications
• D. Configure the expensing system to send actionable messages

Answer: D

Explanation:
Whether you are filling out a survey, approving an expense report, or updating a CRM sales opportunity, Actionable Messages enable you to take quick actions right from within Outlook. Developers can now embed actions in their emails or notifications, elevating user engagement with their services and increasing
organizational productivity.
Office 365 provides two solutions to enhance productivity with Outlook Actionable Messages: actionable messages via email, and actionable messages via Office 365 Connectors.
Reference: https://docs.microsoft.com/en-us/outlook/actionable-messages/

NEW QUESTION 18

You are developing in application named App1.
App1 needs to use the Microsoft Graph API to retrieve emails from Microsoft 365 for the current signed-in user. The solution must meet the following requirements:
Emails that have attachments and are from bill@contoso.com must be retrieved.
The results must show the subject of the email, the sender address, and the count of emails retrieved.
How should you complete the URI to retrieve the results? To answer, drag the appropriate values to the correct targets. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Box 1: $count
Use $count as a query parameter to include a count of the total number of items in a collection alongside the page of data values returned from the Graph, as in the following example:
GET https://graph.microsoft.com/v1.0/me/contacts?$count=true Box 2: $select
To specify a different set of properties to return than the default set provided by the Graph, use the $select query option. The $select option allows for choosing a subset or superset of the default set returned.
Box 3: $filter
To filter the response data based on a set of criteria, use the $filter query option.
The following example returns messages that have the address field of the from property equal to "jon@contoso.com".
The from property is of the complex type emailAddress.
GET https://graph.microsoft.com/v1.0/me/messages?$filter=from/emailAddress/address eq 'jon@contoso.com' Reference: https://developer.microsoft.com/en-us/graph/docs/overview/query_parameters

NEW QUESTION 19

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are developing a new application named App1 that uses the Microsoft identity platform to authenticate to Azure Active Directory (Azure AD).
Currently, App1 can read user profile information. You need to allow App1 to read the user’s calendar.
Solution: In the code of App1, dynamically request the Calendar.Read permission from the Microsoft Graph API.
Does this meet the goal?

• A. Yes
• B. No

Answer: B

Explanation:
For your app to access data in Microsoft Graph, the user or administrator must grant it the correct permissions via a consent process.
Application permissions can only be consented by an administrator.
References: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent https://docs.microsoft.com/en-us/graph/permissions-reference

NEW QUESTION 20

You are building a single-page application (SPA) that will have the following parameters:
• App Id: DBA22F72-64PA4C44-AA2C-FAA0DA5A471B
• Tenant Id: DC045C4D-5881-43C7-97AB-3C5A1ADB8DBC
• AppName: Contoso.Spa
You have a line-of-business API for invoicing that is secured by using the Microsoft identity platform. The API has the following parameters:
* App Id: 8/9A43D7-1794-47A0-AB2B-440B63FEC248
* Tenant Id: DC04SC4D S881-43C7-97AB 3C5A1ADB8DBC
* AppName: Contoso.lnvoicing
Contoso.Invoicing declares the following custom scopes:
* Invoices-Read
* Invoices. Read Write
Contoso.Spa needs to call Contoso.lnvoicing to create new invoices.
Which code should you use in Contoso.Spa to obtain an access token for Contoso.Invoicing? To answer, select the appropriate options in the answer area.
NOTE: Each correct select is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 21

You need to request permission to create a group in a Sharepoint Framework (SPFx) solution. To which file should you add the permission request?

• A. Config.json
• B. Package.json
• C. Serve.json
• D. Package-solution.json

Answer: D

NEW QUESTION 22

You are developing an Azure web app that will enable users to view a consolidated view of multiple users' tasks based on data in Microsoft Planner and Outlook. The app will use the Microsoft identity platform and a certificate to establish an authorization flow between the app and Microsoft 365.
You obtain a certificate and you create an Azure Active Directory (Azure AD) application. You need to set up authorization for the application.
Which three actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one pointA. Add the application permissions to the Azure AD application.

• A. Create a secret in the Azure AD application.
• B. Add the required delegated permissions to the Azure AD application.
• C. Modify the code of the Azure web app to use the certificate to obtain an access token for Microsoft Graph.
• D. From the Azure portal, configure a certificate public key for the Azure AD application.

Answer: ACD

NEW QUESTION 23

You need to protect the backend web service to meet the technical requirements.
Which four actions should you perform in sequence? To answer, move the actions from the list of actions to the answer area and arrange them in the correct order.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Here is a quick overview of the steps:
Step 1: Register an application in Azure AD for the backend web service Register an application (backend-app) in Azure AD to represent the API. Step 2: Set the App ID URI for the backend service application registration
When the application is created (step 1) select Expose an API and click on Save and continue to create an Application ID URI.
Step 3: Defend the scopes in the backend web service application registration
In the Add a scope page, create a new scope supported by the API. (e.g., Read) then click on Add scope to create the scope. Repeat this step to add all scopes supported by your API.
Step 4: Register an application in Azure AD for E-invoicing.
Step 4.1 Register another application in Azure AD to represent a client application
Step 4.2 Now that you have registered two applications to represent the API and the Developer Console, you need to grant permissions to allow the client-app to call the backend-app.
Scenario:
Secure access to the backend web service by using Azure AD
E- invoicing will have internal logic that will dynamically identify whether the user should be allowed to call the backend API.
Reference:
https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-protect-backend-with-aad

NEW QUESTION 24

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are developing a new application named App1 that uses the Microsoft identity platform to authenticate to Azure Active Directory (Azure AD).
Currently, App1 can read user profile information. You need to allow App1 to read the user’s calendar.
Solution: Add https://graph.windows.net/user.read to the list of scopes during the initial login request. Does this meet the goal?

• A. Yes
• B. No

Answer: B

Explanation:
Microsoft Graph Calendars.Read allows the app to read events in user calendars.
For your app to access data in Microsoft Graph, the user or administrator must grant it the correct permissions via a consent process.
Application permissions are used by apps that run without a signed-in user present; for example, apps that run as background services or daemons. Application permissions can only be consented by an administrator.
References: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent https://docs.microsoft.com/en-us/graph/permissions-reference

NEW QUESTION 25
......