microsoft ms-600 online test

Question 1 Topic 1, Case Study 1Case Study Question View Case

What are two possible URIs that you can use to prompt the administrators for admin consent to the E-invoicing application?
Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

• A. https://login.microsoftonline.com/common/adminconsent?client_id={clientid}
• B. https://login.microsoftonline.com/{domain}/adminconsent?client_id={clientid}&state={state}&redirect_uri={url}
• C. https://login.microsoftonline.com/{tenant}/oauth2/v2.0/authorize?client_id={clientid}&state={state}$redirect_uri={url}
• D. https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token/authorize?client_id={clientid}$state={state}$redirect_uri={url}

Answer:

C D

Question 2 Topic 1, Case Study 1Case Study Question View Case

You need to implement the role functionality for the backend web service calls.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

• A. Upload a certificate for the application registration of the backend web service.
• B. Modify the manifest that defines the application roles and set Allowed Member Types to Apps.
• C. Modify the manifest that defines the application roles and set Allowed Member Types to Users.
• D. Assign the application roles to the Azure AD group that contains the users who are mapped to the roles.
• E. Create a new client secret in the application registration of the backed web service.

Answer:

B D

Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-add-app-roles-in-azure-ad-apps

Question 3 Topic 1, Case Study 1Case Study Question View Case

You need to configure the initial login request in the access token JavaScript script.
Which code segment should you insert at line 01?

• A. const scopes = ['https://graph.microsoft.com/.default'];
• B. const accessTokenRequest = { };
• C. const scopes = ['https://graph.microsoft.com/Files.Read.All', 'https://graph.microsoft.com/Mail.Send.All'];
• D. const accessTokenRequest = { scopes: ['https://graph.microsoft.com/Files.ReadWrite', 'https://graph.microsoft.com/Mail.Send'] };

Answer:

D

Explanation:
Scenario: ADatum identifies the following technical requirements for the planned E-invoicing capabilities:
Ensure that all operations performed by E-invoicing against Office 365 are initiated by a user. Require that the user

authorize E-invoicing to access the Office 365 data the first time the application attempts to access Office 365 data on the
users behalf.
Reference: https://docs.microsoft.com/en-us/graph/permissions-reference

Question 4 Topic 1, Case Study 1Case Study Question View Case

DRAG DROP
You need to protect the backend web service to meet the technical requirements.
Which four actions should you perform in sequence? To answer, move the actions from the list of actions to the answer area
and arrange them in the correct order.
Select and Place:

Answer:

Explanation:
Here is a quick overview of the steps:
Step 1: Register an application in Azure AD for the backend web service Register an application (backend-app) in Azure AD
to represent the API.
Step 2: Set the App ID URI for the backend service application registration
When the application is created (step 1) select Expose an API and click on Save and continue to create an Application ID
URI.
Step 3: Defend the scopes in the backend web service application registration
In the Add a scope page, create a new scope supported by the API. (e.g., Read) then click on Add scope to create the
scope. Repeat this step to add all scopes supported by your API.
Step 4: Register an application in Azure AD for E-invoicing.
Step 4.1 Register another application in Azure AD to represent a client application
Step 4.2 Now that you have registered two applications to represent the API and the Developer Console, you need to grant
permissions to allow the client-app to call the backend-app.
Scenario:
Secure access to the backend web service by using Azure AD
E-invoicing will have internal logic that will dynamically identify whether the user should be allowed to call the backend API.
Reference: https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-protect-backend-with-aad

Question 5 Topic 1, Case Study 1Case Study Question View Case

You need to complete the MSAL.js code for SSO JavaScript.
Which code segment should you insert at line 06?

• A. storeAuthStateInCookie: false
• B. storeAuthStateInCookie: true
• C. cacheLocation: ‘localStorage’
• D. cacheLocation: ‘sessionStorage’

Answer:

C

Explanation:
Scenario: Implement single sign-on (SSO) and minimize login prompts across browser tabs.
When your application is open in multiple tabs and you first sign in the user on one tab, the user is also signed in on the
other tabs without being prompted. MSAL.js caches the ID token for the user in the browser localStorage and will sign the
user in to the application on the other open tabs.
By default, MSAL.js uses sessionStorage which does not allow the session to be shared between tabs. To get SSO between
tabs, make sure to set the cacheLocation in MSAL.js to localStorage.
Reference:
https://docs.microsoft.com/bs-latn-ba/Azure/active-directory/develop/msal-js-sso

Question 6 Topic 2, Case Study 2Case Study Question View Case

How can you validate that the JSON notification message is sent from the Microsoft Graph service?

• A. The ClientState must match the value provided when subscribing.
• B. The user_guid must map to a user ID in the Azure AD tenant of the customer.
• C. The tenant ID must match the tenant ID of the customer’s Office 365 tenant.
• D. The subscription ID must match the Azure subscription used by ADatum.

Answer:

A

Explanation:
clientState specifies the value of the clientState property sent by the service in each notification. The maximum length is 128
characters. The client can check that the notification came from the service by comparing the value of the clientState
property sent with the subscription with the value of the clientState property received with each notification.
Note: A subscription allows a client app to receive notifications about changes to data in Microsoft Graph.
Reference: https://docs.microsoft.com/en-us/graph/api/resources/subscription

Question 7 Topic 2, Case Study 2Case Study Question View Case

Which URI should you use to query all the email that relate to an invoice?

• A. https://graph.microsoft.com/v1.0/me/messages?$filter=contains(subject, {invoiceid})
• B. https://graph.microsoft.com/v1.0/me/messages?$subject eq {invoiceid}
• C. https://graph.microsoft.com/v1.0/me/messages?$search="{invoiceid}"
• D. https://graph.microsoft.com/v1.0/me/messages?${invoiceid}

Answer:

C

Explanation:
Reference: https://docs.microsoft.com/en-us/graph/search-query-parameter

Question 8 Topic 3, Case Study 3Case Study Question View Case

You need to recommend which API object the SharePoint Framework (SPFx) intranet components will use to access the
research departments project management solution.
What should you recommend?

• A. HttpClient
• B. AadHttpClient
• C. MSGraphClient
• D. SPHttpClient

Answer:

B

Explanation:
Reference: https://docs.microsoft.com/en-us/sharepoint/dev/spfx/use-aadhttpclient

Question 9 Topic 3, Case Study 3Case Study Question View Case

HOTSPOT
You need to recommend the development environment and tools for the redesign of the research departments SharePoint
Online sites.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Answer:

Explanation:
Scenario: Redesign the SharePoint Online sites of the research department to provide users with an experience that is
consistent with the Microsoft 365 portal. The research department has a third-party project management solution that uses
the Microsoft identity platform in Azure AD.
Box 1: SharePoint Framework (SPFx)
The SharePoint Framework (SPFx) is a page and web part model that provides full support for client-side SharePoint
development, easy integration with SharePoint data, and extending Microsoft Teams. With the SharePoint Framework, you
can use modern web technologies and tools in your preferred development environment to build productive experiences and
apps that are responsive and mobileready.
The SPFx is the recommended SharePoint customization and extensibility model for developers. Due to tight integration
between SharePoint Online, Microsoft Teams, and Microsoft Viva Connections, developers can also use SPFx to customize
and extend all of these products.
Box 2: Visual Studio Code
Many developers like to use the cross-platform IDE Visual Studio Code for SharePoint Framework (SPFx).
Box 3: Fluent UI
Fluent UI is the upcoming and continually evolving design system for Microsoft 365. Currently, there is an ongoing merge in
the process to have one consistent UI Framework across the Microsoft ecosystem.
Reference: https://n8d.at/5-reasons-or-thoughts-on-fluent-ui-web

Question 10 Topic 3, Case Study 3Case Study Question View Case

DRAG DROP
You need to configure HRApp to enable users to search for specific jobs by using chat in Microsoft Teams.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the
answer area and arrange them in the correct order.
Select and Place:

Answer:

Explanation:
Step 1: Create a bot registration..
Step 2: In the HRApp manifest, configure the botId value in the ComposeExtensions section to match the botId value of the
bot registration.
Scenario: HRApp must include a messaging extension that enables users to search jobs by job title or job ID. Step 3:
Implement a handler
Reference:
https://docs.microsoft.com/en-us/azure/bot-service/bot-service-quickstart-registration