Microsoft Microsoft Certifications MS-600 Questions & Answers

• Question 31:

  You have a custom API that is secured by using Azure Active Directory (Azure AD). You need to call the API from within a SharePoint Framework (SPFx) web part. Which object should you use to call the API?

  A. AadHttpClient

  B. MSGraphClient

  C. SPMttpCHent

  D. XMLHttpRequest

  Correct Answer: B

• Question 32:

  You have a line-of-business API that is secured by using Azure Active Directory (Azure AD).

  You deploy a solution to the app catalog. The solution requests permission to the API.

  What should you do in the SharePoint admin center to ensure that the solution can access the API?

  A. Create a SharePoint security group and add the solution

  B. Create an access policy

  C. Enable sandbox solutions

  D. Approve a pending permission request

  Correct Answer: D

  Developers building a SharePoint Framework solution that requires access to specific resources secured with Azure AD list these resources along with the required permission scopes in the solution manifest. When deploying the solution package to the app catalog, SharePoint creates permission requests and prompts the administrator to manage the requested permissions. For each requested permission, tenant administrators can decide whether they want to grant or deny the specific permission. All permissions are granted to the whole tenant and not to a specific application that has requested them. When the tenant administrator grants a specific permission, it is added to the SharePoint Online Client Extensibility Azure AD application, which is provisioned by Microsoft in every Azure AD and which is used by the SharePoint Framework in the OAuth flow to provide solutions with valid access tokens.

• Question 33:

  You have an application that uses the Microsoft Graph API.

  You need to configure the application to retrieve the groups to which the current signed-in user belongs. The results must contain the extended priorities of the groups.

  Which URI should you use?

  A. https://graph.microsoft.com/v1.0/me/getMemberObjects

  B. https://graph.microsoft.com/v1.0/me/getMemberGroups

  C. https://graph.microsoft.com/v1.0/me/memberOf

  D. https://graph.microsoft.com/v1.0/me/checkMemberGroups

  Correct Answer: B

  Get member groups returns all the groups that the specified user, group, or directory object is a member of. This function is transitive. Reference: https://docs.microsoft.com/en-us/graph/api/directoryobject-getmembergroups

• Question 34:

  You have an invoice approval process in which an approver is sent an automated email that contains a link to a web-based accounts system whenever an invoice requires approval. Which benefit can be achieved by using actionable messages for the approval process?

  A. The approver can delegate invoice approvals to other users by forwarding actionable messages

  B. Invoices can be approved directly from Microsoft Outlook by using actionable messages

  C. Actionable messages will work in any email client

  D. Actionable messages can provide detailed auditing of all the approved invoices and can be viewed in a rollup report

  Correct Answer: B

  Whether you are filling out a survey, approving an expense report, or updating a CRM sales opportunity, Actionable Messages enable you to take quick actions right from within Outlook. Developers can now embed actions in their emails or notifications, elevating user engagement with their services and increasing organizational productivity.

  Reference: https://docs.microsoft.com/en-us/outlook/actionable-messages/

• Question 35:

  You are building a Microsoft Outlook Web Add-in.

  You need to persist user preferences between devices by using the minimum amount of development effort.

  Which API should you use?

  A. the Microsoft Graph API

  B. the REST API for the Blob service

  C. the JavaScript API for Microsoft Office

  D. the Table service REST API

  Correct Answer: C

  You can persist add-in state and settings with the JavaScript API for Office. The JavaScript API for Office provides the Settings, RoamingSettings, and CustomProperties objects for saving add-in state across sessions Reference: https://docs.microsoft.com/en-us/office/dev/add-ins/develop/persisting-add-in-state-and-settings

• Question 36:

  You are developing an application that will use Microsoft Graph.

  You attempt to retrieve a list of the groups in your organization by using a URI of https://graph.microsoft.com/v1.0/groups on behalf of the user.

  The application fails. The diagnostic logs show the following information:

  1.

  An HTTP 403 Forbidden status code.

  2.

  An Authorization_RequestDenied error code.

  3.

  The following error message: “Insufficient privileges to complete the operation.”

  You need to ensure that the application can retrieve the list of groups. The solution must use the principle of least privilege.

  Which two actions should you perform? Each correct answer presents part of the solution.

  NOTE: Each correct selection is worth one point.

  A. In the permission request for the application, request the Group. Read. All permission.

  B. Grant tenant admin consent for the Group.Read. All permission.

  C. Configure the application to use application permissions.

  D. In the permission request for the application, request the Group. Readwrite. All permission

  Correct Answer: CD

  Reference: https://docs.microsoft.com/en-us/graph/permissions-reference

• Question 37:

  You have a SharePoint Framework (SPFx) solution that contains a client-side web part named WebPart1. WebPart1 has the following app manifest.

  

  You need to ensure that WebPart1 can be used in Microsoft Teams and Microsoft SharePoint Online.

  How should you modify the app manifest?

  A. Change the "coraponentType" value to "TeamsTab".

  B. Add "Tea*sTab" to the existing "supportedHosts" value.

  C. No modifications are required.

  D. Change the "supportedHosts" value to "TeamsTab".

  Correct Answer: A

• Question 38:

  You plan to build a tab extension for Microsoft Teams that will display a list of assets and enable users to make reservations.

  When a user reserves an asset, a form must be displayed that enables the user to make a reservation by selecting a date and duration, as well as other preferences.

  Which type of extension should you use?

  A. a full-width column web part

  B. a messaging extension

  C. a task module

  D. a personal tab

  Correct Answer: B

  Reference: https://docs.microsoft.com/en-us/microsoftteams/platform/messaging-extensions/what-are-messaging-extensions

• Question 39:

  You are developing an Azure web app that will enable users to view a consolidated view of multiple users’ tasks based on data in Microsoft Planner and Outlook. The app will use the Microsoft identity platform and a certificate to establish an

  authorization flow between the app and Microsoft 365.

  You obtain a certificate and you create an Azure Active Directory (Azure AD) application.

  You need to set up authorization for the application.

  Which three actions should you perform? Each correct answer presents part of the solution.

  NOTE: Each correct selection is worth one point.

  A. From the Azure portal, upload a certificate public key for the Azure AD application.

  B. Add the application permissions to the Azure AD application.

  C. Modify the code of the web app to use the certificate to obtain an access token for Microsoft Graph.

  D. Create a secret in the Azure AD application.

  E. Add the required delegated permissions to the Azure AD application.

  Correct Answer: ADE

  Reference: https://docs.microsoft.com/en-us/azure/data-explorer/provision-azure-ad-app

• Question 40:

  You are building a server-based web app that will use OAuth2 and will be registered with the Microsoft identity platform.

  Which two values does the app require to obtain tokens from the Azure Active Directory (Azure AD) authorization endpoint? Each correct answer presents part of the solution.

  NOTE: Each correct selection is worth one point.

  A. the tenant ID

  B. the context token

  C. the application ID

  D. the application secret

  E. the authorization code

  Correct Answer: CE

  C: The required client_id is the Application (client) ID that the Azure portal ?App registrations experience assigned to your app.

  E: The authorization code flow begins with the client directing the user to the /authorize endpoint.

  

  Timeline Description automatically generated with low confidence Reference: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow