Microsoft 365 Developer Associate Certification MS-600 Updated Exam Dumps

1. Topic 1, ADatum Corporation

This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.

To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.

At the end on this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study

To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.

Overview

ADatum Corporation develops a software as a service (SaaS) application named E-invoicing.

Existing Environment

Application Architecture

E-invoicing consists of a single-page application (SPA) and a backend web service that provides invoice management and processing functionality.

E-invoicing stores all the details of each invoicing operation in a backend cloud database. E-invoicing generates invoices in PDF format and provides users with the ability to download the PDF after it is generated. Each invoice has a unique identifier named invoiceid.

The users have a common workflow where they sign in to E-invoicing, and then open E-invoicing in multiple tabs of a web browser so they can use different parts of the application simultaneously.

Security Architecture

ADatum uses the principle of least privilege whenever possible. ADatum always uses the latest libraries and integration endpoints.

Requirements

Business Goals

ADatum wants to integrate E-invoicing, Azure Active Directory (Azure AD), and Microsoft Graph so that their customers can leverage Microsoft Office 365 services directly from within E-invoicing.

Planned Changes

ADatum plans to add the following capabilities to E-invoicing:

- Email the generated invoices to customers on behalf of the current signed-in user. Any emails generated by the system will contain the invoiced.

- Perform as many operations as possible in the browser without having to leave the E-invoicing application.

- Use Azure AD to manage identities, authentication, and authorization.

- Display all emails that contain a specific invoiceid.

Technical Requirements

ADatum identifies the following technical requirements for the planned E-invoicing capabilities:

- Ensure that all operations performed by E-invoicing against Office 365 are initiated by a user. Require that the user authorize E-invoicing to access the Office 365 data the first time the application attempts to access Office 365 data on the user’s behalf.

- Send scheduled reminders to customers before a payment due date. Create an administration user interface to enable the scheduled reminders.

- Implement Microsoft Graph change notifications to detect emails from vendors that arrive in a designated mailbox.

- Implement single sign-on (SSO) and minimize login prompts across browser tabs.

- Secure access to the backend web service by using Azure AD.

- Ensure that all solutions use secure coding practices.

Backend Security Planned Changes

ADatum wants to use custom application roles to map user functionality to permissions granted to users.

E-invoicing will have internal logic that will dynamically identify whether the user should be allowed to call the backend API.

SSO JavaScript Script

You plan to implement SSO with Microsoft Authentication Library (MSAL) by using the following code:

Access Token JavaScript Script

You have the following JavaScript code to obtain an access token.

Change Notification JSON

You have the following JSON message that will be sent by the Microsoft Graph service to detect the vendor emails.

You need to configure the initial login request in the access token JavaScript script.

Which code segment should you insert at line 01?

2. DRAG DROP

You need to protect the backend web service to meet the technical requirements.

Which four actions should you perform in sequence? To answer, move the actions from the list of actions to the answer area and arrange them in the correct order.

3. Which URI should you use to query all the emails that relate to an invoice?

4. How can you validate that the JSON notification message is sent from the Microsoft Graph service?

5. You need to implement the role functionality for the backend web service calls.

Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

6. You need to complete the MSAL.js code for SSO.

Which code segment should you insert at line 06?

7. What are two possible URIs that you can use to prompt the administrators for admin consent to the E-invoicing application? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

8. DRAG DROP

You need to implement the role functionality for the backend web service calls.

Which three actions should you perform in sequence? To answer, move the actions from the list of actions to the answer area and arrange them in the correct order.

9. Which type of authentication flow should you recommend for the planned integration with Office 365?

10. Topic 2, Misc. Questions

This question requires that you evaluate the underlined text to determine if it is correct.

Centralized deployments for Microsoft Office Add-ins require Office Online Server.

Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.

11. You need to develop an add-in for Microsoft Excel that can be used from the Windows, Mac, and web versions of Excel.

What are two ways to develop the add-in? Each correct answer presents a complete solution? NOTE: Each correct selection is worth one point.

12. HOTSPOT

You are developing an Azure function to provision a team in Microsoft Teams.

You need to create a group named Project A, add a classification of Private to the group, and then convert Project A to a team group.

How should you complete the REST requests? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

13. HOTSPOT

You are building a new tab as part of a new Microsoft Teams application. Users will experience the tab privately.

How should you complete the application manifest? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

14. HOTSPOT

You have a Microsoft 365 tenant that contains a Microsoft SharePoint Online site named Projects.

You need to get a list of documents in the Documents library by using the Microsoft Graph API.

How should you complete the query? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

15. You have a SharePoint Framework (SPFx) web part named WebPartA that uses SPFx 1.11.0. You need to ensure that WebPartA can be installed as an app in Microsoft Teams.

What should you do?

16. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You need to deploy a Microsoft Teams app. The app will create a Microsoft Teams personal tab that displays a website.

Solution: From the Microsoft Teams client, you add a new tab, you select the Website app, and then you enter the URL of the website.

Does this meet the goal?

17. You use Azure Active Directory (Azure AD) to store user identities.

The user profile information is inconsistently populated.

You need to develop a web app that will provide users with a page where they can enter their interests, skill, and description. When the user click the submit button, the app will use Microsoft graph to send the data to Azure AD.

Which HTTP method should you use against the Microsoft graph endpoint?

18. This question requires that you evaluate the bold text to determine if it is correct.

You can use a Command Set extension to develop a breadcrumb element that will appear on every Microsoft SharePoint page.

Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.

19. You are developing a mobile application that will display the current signed-in user’s display name and the application settings. The application settings are stored as Microsoft graph extension of the user profile.

Users of the application have intermittent network connectivity.

You need to retrieve the least amount of data by using a single REST request. The solution must minimize network traffic.

Which URI Should you use to retrieve the data?

20. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You are developing a new application named App1 that uses the Microsoft identity platform to authenticate to Azure Active Directory (Azure AD).

Currently, App1 can read user profile information.

You need to allow App1 to read the user’s calendar.

Solution: Add https://graph.windows.net/user.read to the list of scopes during the initial login request.

Does this meet the goal?

21. You are developing a Microsoft Teams application for a support staff.

Within a conversation between the support staff, you want the staff to look up support ticket IDs from a list

without opening the ticketing system.

Which feature should the application include?

22. HOTSPOT

You are building a single-page application (SPA) that will have the following parameters:

• App Id: DBA22F72-64PA4C44-AA2C-FAA0DA5A471B

• Tenant Id: DC045C4D-5881-43C7-97AB-3C5A1ADB8DBC

• AppName: Contoso.Spa

You have a line-of-business API for invoicing that is secured by using the Microsoft identity platform.

The API has the following parameters:

* App Id: 8/9A43D7-1794-47A0-AB2B-440B63FEC248

* Tenant Id: DC04SC4D S881-43C7-97AB 3C5A1ADB8DBC

* AppName: Contoso.lnvoicing

Contoso.Invoicing declares the following custom scopes:

* Invoices-Read

* Invoices. Read Write

Contoso.Spa needs to call Contoso.lnvoicing to create new invoices.

Which code should you use in Contoso.Spa to obtain an access token for Contoso.Invoicing? To answer, select the appropriate options in the answer area. NOTE: Each correct select is worth one point.

23. When developing a tab in Microsoft teams, personal, group, and shared tabs can all be implemented as configurable tabs.

Instructions: Review the underlined BOLD text, if it makes the statement correct, select ‘’ No change is needed if the statement is incorrect selct the answer choice that makes the statement correct.

24. HOTSPOT

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

25. HOTSPOT

For each of the following statements, select Yes if the statement is true. Otherwise, select NO. NOTE: Each correct selection is worth one point.

26. You are building an application that will help Azure Active Directory (Azure AD) administrators manage Microsoft 365 groups.

You are building a details page that will display information about the groups.

You need to display the groups of which the current group is member. The results must contain the nested groups.

Which URI should you use?

27. HOTSPOT

HOTSPOT

You are developing an interactive invoicing application that will be used by end users.

The application will have the following features:

✑ Save invoices generated by a user to the user’s Microsoft OneDrive.

✑ Email daily automated reminders.

You need to identify which permissions to grant for the application features. The solution must use the principle of least privilege.

Which permission should you grant for each feature? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

28. You have a custom Microsoft Teams app that you deploy to users by using the Microsoft Teams admin center.

You plan to update the app.

Which two changes to the app will require user acceptance to perform the upgrade? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

29. HOTSPOT

You are evaluating deep links in Microsoft Teams.

For each of the following statement, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

30. HOTSPOT

You are creating an app manifest for Microsoft Teams.

You need to create a team tab and a personal tab. The team tab must be scoped for group chat.

How should you complete the manifest? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

31. You develop a custom messaging extension to translate messages in a Microsoft Teams chat.

You need to provide users with the ability to invoke the extension from the More actions menu of a message.

What should you do?

32. DRAG DROP

Match the SharePoint Framework (SPFx) extensions to the correct descriptions.

To answer, drag the appropriate SPFx extension from the column on the left to its description on the right. Each SPFx extension may be used once, more than once, or not at all. NOTE Each correct match is worth one point.

33. This question requires that you evaluate the underlined BOLD text to determine if it is correct.

You develop a Microsoft Teams application that uses a messaging extension.

Users can invoke the messaging extension from the Teams sidebar menu.

Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.

34. HOTSPOT

You are developing a single-page application (SPA).

You plan to access user data from Microsoft Graph by using an AJAX call.

You need to obtain an access token by the Microsoft Authentication Library (MSAL). The solution must minimize authentication prompts.

How should you complete the code segment? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

35. HOTSPOT

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

36. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these

questions will not appear in the review screen.

You are developing a new application named App1 that uses the Microsoft identity platform to authenticate to Azure Active Directory (Azure AD).

Currently, App1 can read user profile information.

You need to allow App1 to read the user’s calendar.

Solution: From the Azure portal, add the Microsoft Graph API and the Calendar. Read permission by using the API permission list of App1. Grant tenant admin consent.

Does this meet the goal?

37. You develop a web API named WebApi1.

When validating a token received from a client application, WebApi1 receives a MsalUiRequiredException

exception from Azure Active Directory (Azure AD).

You need to formulate the response that WebApi1 will return to the client application.

Which HTTP response should you send?

38. You are developing a Microsoft Office Add-in for Microsoft Word.

Which Office UI element can contain commands from the add-in?

39. You plan to develop a Microsoft Teams bot tghat will return product information to users by using an adaptive card.

You need to card to contain a button that will invoke a web search for the product.

What should use?

40. You plan to integrate a web-based support ticketing system and Microsoft Teams.

You need to recommend a solution that will prompt users for specific information before a ticket is created.

The solution must minimize development effort.

What should you include in the recommendation?

41. HOTSPOT

You are evaluating the SharePoint Framework (SPFx) ListView Command Set extension.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

42. You are developing a SharePoint Framework (SPFx) web part.

Which API should you use to retrieve the Microsoft Teams memberships of a user by using the minimum amount of code?

43. You need to develop a client-side web app that will be registered with the Microsoft identity platform.

Which type of authorization flow should you use?

44. You are designing a Microsoft Teams application. The application will enable content authors to start

conversations about news coming from a third-party application.

Which development technique should you use?

45. This question requires that you evaluate the underlined BOLD text to determine if it is correct.

You can use App Studio for Microsoft Teams to develop all the components of a bot application.

Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.

46. You have a Microsoft 365 tenant.

You develop a custom Microsoft Office Add-in for Word.

You need to sideload the add-in.

You sign in to Microsoft 365 in a web browser and create a new Word document

What should you do next?

47. HOTSPOT

You are developing a single page application (SPA) named App1 that will be used by the public.

Many users of App1 restrict pop-up windows from opening in their browser.

You need to authenticate the users by using the Microsoft identity platform.

The solution must meet the following requirements:

* Ensure that App1 can read the profile of a user.

* Minimize user interaction during authentication.

* Prevent App1 from requiring admin consent for any permissions.

How should you complete the code? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

48. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You are developing a new application named App1 that uses the Microsoft identity platform to authenticate to Azure Active Directory (Azure AD).

Currently, App1 can read user profile information.

You need to allow App1 to read the user's calendar.

Solution: Perform a POST request against https://graph.microsoft.eom/vi.0/me/events.

Does this meet the goal?

49. You are creating an application named App1 that will use the Microsoft identity platform.

App1 will be accessed only by users from several different Microsoft 365 subscriptions.

Which Supported account types setting should you configure for App1?

50. HOTSPOT

You are developing a SharePoint Framework (SPFx) solution.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.