MS-600 Dumps Updated – Real Microsoft MS-600 Exam Dumps

1. Topic 1, ADatum Corporation

This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.

To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.

At the end on this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study

To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.

Overview

ADatum Corporation develops a software as a service (SaaS) application named E-invoicing.

Existing Environment

Application Architecture

E-invoicing consists of a single-page application (SPA) and a backend web service that provides invoice management and processing functionality.

E-invoicing stores all the details of each invoicing operation in a backend cloud database. E-invoicing generates invoices in PDF format and provides users with the ability to download the PDF after it is generated. Each invoice has a unique identifier named invoiceid.

The users have a common workflow where they sign in to E-invoicing, and then open E-invoicing in multiple tabs of a web browser so they can use different parts of the application simultaneously.

Security Architecture

ADatum uses the principle of least privilege whenever possible. ADatum always uses the latest libraries and integration endpoints.

Requirements

Business Goals

ADatum wants to integrate E-invoicing, Azure Active Directory (Azure AD), and Microsoft Graph so that their customers can leverage Microsoft Office 365 services directly from within E-invoicing.

Planned Changes

ADatum plans to add the following capabilities to E-invoicing:

- Email the generated invoices to customers on behalf of the current signed-in user. Any emails generated by the system will contain the invoiced.

- Perform as many operations as possible in the browser without having to leave the E-invoicing application.

- Use Azure AD to manage identities, authentication, and authorization.

- Display all emails that contain a specific invoiceid.

Technical Requirements

ADatum identifies the following technical requirements for the planned E-invoicing capabilities:

- Ensure that all operations performed by E-invoicing against Office 365 are initiated by a user. Require that the user authorize E-invoicing to access the Office 365 data the first time the application attempts to access Office 365 data on the user’s behalf.

- Send scheduled reminders to customers before a payment due date. Create an administration user interface to enable the scheduled reminders.

- Implement Microsoft Graph change notifications to detect emails from vendors that arrive in a designated mailbox.

- Implement single sign-on (SSO) and minimize login prompts across browser tabs.

- Secure access to the backend web service by using Azure AD.

- Ensure that all solutions use secure coding practices.

Backend Security Planned Changes

ADatum wants to use custom application roles to map user functionality to permissions granted to users.

E-invoicing will have internal logic that will dynamically identify whether the user should be allowed to call the backend API.

SSO JavaScript Script

You plan to implement SSO with Microsoft Authentication Library (MSAL) by using the following code:

Access Token JavaScript Script

You have the following JavaScript code to obtain an access token.

Change Notification JSON

You have the following JSON message that will be sent by the Microsoft Graph service to detect the vendor emails.

DRAG DROP

You need to protect the backend web service to meet the technical requirements.

Which four actions should you perform in sequence? To answer, move the actions from the list of actions to the answer area and arrange them in the correct order.

2. How can you validate that the JSON notification message is sent from the Microsoft Graph service?

3. You need to implement the role functionality for the backend web service calls.

Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

4. DRAG DROP

You need to implement the role functionality for the backend web service calls.

Which three actions should you perform in sequence? To answer, move the actions from the list of actions to the answer area and arrange them in the correct order.

5. What are two possible URIs that you can use to prompt the administrators for admin consent to the E-invoicing application? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

6. You need to complete the MSAL.js code for SSO.

Which code segment should you insert at line 06?

7. You need to configure the initial login request in the access token JavaScript script.

Which code segment should you insert at line 01?

8. Which type of authentication flow should you recommend for the planned integration with Office 365?

9. Which URI should you use to query all the emails that relate to an invoice?

10. Which URI should you use to query all the email that relate to an invoice?

11. Topic 2, Misc. Questions

You have a SharePoint Framework (SPFx) web part named WebPartA that uses SPFx 1.11.0. You need to ensure that WebPartA can be installed as an app in Microsoft Teams .

What should you do?

12. HOTSPOT

You create a personal bot that you plan to distribute as a Microsoft Teams team app.

The bot has the following app manifest.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point

13. This question requires that you evaluate the underlined BOLD text to determine if it is correct.

You develop a Microsoft Teams application that uses a messaging extension.

Users can invoke the messaging extension from the Teams sidebar menu.

Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.

14. You have a SharePoint Framework (SPFx) web part that includes the manifest shown in the following exhibit.

Which task can the web part perform?

15. You have a SharePoint Framework (SPFx) web part that displays the weather. Users can set the city within the web part .

Which component is invoked to provide the users with the ability to configure the settings for the web part?

16. You have an invoice approval process in which an approver is sent an automated email that contains a link to a web-based accounts system whenever an invoice requires approval.

Which benefit can be achieved by using actionable messages for the approval process?

17. You plan to develop a new way for users to generate tickets in a support system by filling out a form that pops up in a Microsoft Teams app.

You already have the built form in an existing web app.

You need to ensure that the existing form can be hosted in a custom tab in a Microsoft Teams app.

Which three actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

18. CORRECT TEXT

You plan to create a single-tenant console app that will use the Microsoft identity platform.

You need to ensure that the app can use the device code flow to access Microsoft Graph and read email on behalf of the authenticated user.

Which three actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

A Set Supported account types to Accounts in any organizational directory

B. Add redirect URIs.

C. Set Supported account types to Accounts in this organizational directory only

D. Enable the Default client type option.

E. From the Expose an API settings, create a custom scope.

F. Generate a client secret for the app.

19. You need to develop a server-based web app that will be registered with the Microsoft identity platform.

The solution must ensure that the app can perform operations on behalf of the user?

Which type of authorization flow should you use?

20. You are building a conversational bot that will have an interactive Ul. When the user invokes the bot by using a keyword, the bot will reply with a dialog that lets the user choose one of multiple options.

After the user chooses an option, and the response is received by the backend logic, you need to prompt the user to select additional options.

Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

21. You have a custom Microsoft Word add-in that was written by using Microsoft Visual Studio Code.

A user reports that there is an issue with the add-in.

You need to debug the add-in for Word Online.

What should you do before you begin debugging in Visual Studio Code?

22. You have a single-page application (SPA) named TodoListSPA and a server-based web app named TodoListService.

The permissions for the TodoList SPA API are configured as shown in the TodoList SPA exhibit. (Click the TodoListSPA tab.)

The permissions for the TodoListService API are configured as shown in the TodoListService exhibit. (Click the TodoListService tab.)

You need to ensure that TodoListService can access a Microsoft OneDrive file of the signed-in user. The solution must use the principle of least privilege.

Which permission should to grant?

23. HOTSPOT

You are developing an application that will run as an overnight background service on a server. The service will access web-hosted resources by using the application’s identity and the OAuth 2.0 client credentials grant flow.

You register the application and grant permissions. The tenant administrator grants admin consent to the application.

You need to get the access token from Azure Active Directory (Azure AD).

Which URI should you use for the POST request? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

24. HOTSPOT

You have a Microsoft 365 tenant that contains a Microsoft SharePoint Online site named Projects.

You need to get a list of documents in the Documents library by using the Microsoft Graph API.

How should you complete the query? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

25. HOTSPOT

You have a server-side web app that uses OAuth 2.0 and is registered to the Microsoft identity platform.

A user acquires an authorization token.

You need to specify which HTTP header format the user must use to access the app.

What should you specify? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

26. You are building a server-based web app that will use OAuth2 and will be registered with the Microsoft identity platform.

Which two values does the app require to obtain tokens from the Azure Active Directory (Azure AD)? authorization endpoint? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

27. HOTSPOT

You create an incoming webhook for a Microsoft Teams team channel.

You need to verify the webhook by using PowerShell.

How should you complete the PowerShell command? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

28. DRAG DROP

You have a bot that responds by using an Adaptive Card.

In which order will a user and the bot interact? To answer, move all actions from the list of actions to the answer area and arrange them in the correct order.

29. This question requires that you evaluate the underlined text to determine if it is correct.

Microsoft Visual Studio Code contains samples that you can use to quickly prototype a Microsoft Office Web Add-in for Microsoft Word.

Instructions: Review the underlined text. If it makes the statement correct, select "No change is needed." If the statement is incorrect, select the answer choice that makes the statement correct.

30. What should you add to a SharePoint Framework (SPFx) solution to ensure that the solution can be used as a Microsoft Teams tab?

31. You develop a web API named WebApi1.

When validating a token received from a client application, WebApi1 receives a MsalUiRequiredException exception from the Microsoft Identity Platform.

You need to ensure that the client application has the information required to complete the authentication.

Which header should you include in the HTTP response sent from WebApi1 to the client application?

32. HOTSPOT

You have an app that queries Azure Active Directory (Azure AD) by using the Microsoft Graph API.

You need to minimize the number of times users are prompted for their credentials.

How should you complete the code? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

33. You need to build a daemon app that polls Microsoft Graph to get all user information.

You register and configure the app in Azure Active Directory (Azure AD).

Which three actions should you perform next? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

34. You need to display the profile picture of the current signed-in user.

Which REST query should you use to retrieve the picture?

35. You are building a Microsoft Outlook add-in.

Which object should you use to save a user's preferences between sessions and devices?

36. DRAG DROP

You need to develop a conversational bot in Microsoft Teams.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

37. You are developing a Microsoft Teams app that will use an Azure function to send scheduled messages from a bot to users .

What is required for the Teams app to send a proactive message to the users?

38. You are developing a Microsoft Teams application.

Which Teams feature provides you with the ability to invoke a model popup by using the minimum amount of custom code?

39. You need to develop a SharePoint Framework (SPFx) solution that interacts with Microsoft SharePoint and Teams. The solution must share the same code base.

What should you include in the solution?

40. You are designing a custom SharePoint Framework (SPFx) web part that will be deployed to modern Microsoft SharePoint sites.

You need to ensure that all the web part fields and controls adopt the theme of the site when you deploy the web part.

What should you use to develop the web part?

41. You are developing an outgoing webhook in Microsoft Teams.

In the service that receives the outgoing webhook request, what should you validate to ensure that calls are coming from Microsoft Teams?

42. You are building a Microsoft Outlook add-in.

Which object should you use to save additional information in an email?

43. You are developing a SharePoint Framework (SPFx) web part. The web part will call a backed API that is secured by using Azure Active Directory (Azure AD). The web part will be on a page that has many other web parts.

Which type of web part should you use ensure that access to the exclusive to the web part?

44. HOTSPOT

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

45. HOTSPOT

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

46. You are developing an application that will track changes to the UserPrincipalName attribute of Microsoft 365 accounts.

You need to use a REST request to retrieve the information by using Microsoft Graph. The solution must minimize the amount of data retrieved.

What should you do?

47. DRAG DROP

You are developing an application that will upload files that are larger than 50 MB to Microsoft OneDrive.

You need to recommend an upload solution to ensure that the file upload process can resume if a network error occurs during the upload.

Which four actions should you perform in sequence? To answer, move the actions from the list of actions to the answer area and arrange them in the correct order.

48. HOTSPOT

You are building a Microsoft Teams application.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

49. You have a starter SharePoint Framework (SPFx) web part.

You need to test the web part from the local workbench by connecting to a URL of https://localhost:4321/temp/workbench.html.

Which tool should you use make the web part available locally for debugging?

50. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You are developing a new application named App1 that uses the Microsoft identity platform to authenticate to Azure Active Directory (Azure AD).

Currently, App1 can read user profile information.

You need to allow App1 to read the user’s calendar.

Solution: From the Azure portal, edit the API permission list for App1. Add the Microsoft Graph API and the Calendars.Read permissions and then grant tenant admin consent.

Does this meet the goal?

51. You are developing a Microsoft Team application. To host a webpage in a Teams tab, the manifest file must include the contentUrl property within the staticTabs property.

Instructions: Review the underline text. If the makes the statement correct, select ‘’No change is needed. ‘’ If the statement is incorrect, select the answer choice that makes the statement correct.

52. You have an API that is secured by using Azure Active Directory (Azure AD).

You are designing a SharePoint Framework (SPFx) solution.

Which object should you use to connect to the API from the solution?

53. HOTSPOT

You are building a single-page application (SPA) that will have the following parameters:

• App Id: DBA22F72-64PA4C44-AA2C-FAA0DA5A471B

• Tenant Id: DC045C4D-5881-43C7-97AB-3C5A1ADB8DBC

• AppName: Contoso.Spa

You have a line-of-business API for invoicing that is secured by using the Microsoft identity platform. The API has the following parameters:

* App Id: 8/9A43D7-1794-47A0-AB2B-440B63FEC248

* Tenant Id: DC04SC4D S881-43C7-97AB 3C5A1ADB8DBC

* AppName: Contoso.lnvoicing

Contoso.Invoicing declares the following custom scopes:

* Invoices-Read

* Invoices. Read Write

Contoso.Spa needs to call Contoso.lnvoicing to create new invoices.

Which code should you use in Contoso.Spa to obtain an access token for Contoso.Invoicing? To answer, select the appropriate options in the answer area. NOTE: Each correct select is worth one point.

54. HOTSPOT

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct select is worth one point.

55. You are creating an application named App1 that will use the Microsoft identity platform.

App1 will be accessed only by users from several different Microsoft 365 subscriptions.

Which Supported account types setting should you configure for App1?

56. DRAG DROP

Match the SharePoint Framework (SPFx) extensions to the correct descriptions.

To answer, drag the appropriate SPFx extension from the column on the left to its description on the right. Each SPFx extension may be used once, more than once, or not at all. NOTE Each correct match is worth one point.

57. This question requires that you evaluate the bold text to determine if it is correct.

You can use a Command Set extension to develop a breadcrumb element that will appear on every Microsoft SharePoint page.

Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.

58. You are developing an application that will use Microsoft Graph.

You attempt to retrieve a list of the groups in your organization by using a URI of https://graph.microsoft.eom/vi.0/groups on behalf of the user.

The application fails. The diagnostic logs show the following information:

* An HTTP 403 Forbidden status code

* An Authorization_RequestDenied error code

* The following error message: "Insufficient privileges to complete the operation."

You need to ensure that the application can retrieve the list of groups. The solution must use the principle of least privilege .

Which two actions should you perform? Each correct answer presents part of the solution. NOTE; Each correct selection is worth one point.

59. You plan to integrate a web-based support ticketing system and Microsoft Teams.

You need to recommend a solution that will prompt users for specific information before a ticket is created.

The solution must minimize development effort.

What should you include in the recommendation?

60. DRAG DROP

You are developing in application named App1.

App1 needs to use the Microsoft Graph API to retrieve emails from Microsoft 365 for the current signed-in user.

The solution must meet the following requirements:

✑ Emails that have attachments and are from [email protected] must be retrieved.

✑ The results must show the subject of the email, the sender address, and the count of emails retrieved.

How should you complete the URI to retrieve the results? To answer, drag the appropriate values to the correct targets. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.