NEW QUESTION 1

You need to complete the MSAL.js code for SSO. Which code segment should you insert at line 06?

• A. storeAuthStateInCookie: false
• B. storeAuthStateInCookie: true
• C. cacheLocation: ‘localStorage’
• D. cacheLocation: ‘sessionStorage’

Answer: C

Explanation:
Scenario: Implement single sign-on (SSO) and minimize login prompts across browser tabs.
When your application is open in multiple tabs and you first sign in the user on one tab, the user is also signed in on the other tabs without being prompted. MSAL.js caches the ID token for the user in the browser localStorage and will sign the user in to the application on the other open tabs.
By default, MSAL.js uses sessionStorage which does not allow the session to be shared between tabs. To get SSO between tabs, make sure to set the cacheLocation in MSAL.js to localStorage.
Reference: https://docs.microsoft.com/bs-latn-ba/Azure/active-directory/develop/msal-js-sso

NEW QUESTION 2

You company has a third-party invoicing web app.
You need to display the app within Microsoft Teams for one user only. The app will not require conversational interactions.
How should you display the app by using the minimum amount of effort?

• A. Instruct the user to add a website tab
• B. Instruct the user to add an App Studio app
• C. Create a SharePoint Framework (SPFx) web part
• D. Create a search-based messaging extension

Answer: A

Explanation:
There are currently three methods of app integration in Teams: Connectors, Bots, and Tabs. Tabs offer more extensive integration by allowing you to view entire third-party services within Microsoft Teams. Reference: https://www.sherweb.com/blog/office-365/o365-microsoft-teams-apps/

NEW QUESTION 3

You need to develop an add-in for Microsoft Excel that can be used from the Windows, Mac, and web versions of Excel.
What are two ways to develop the add-in? Each correct answer presents a complete solution?
NOTE: Each correct selection is worth one point.

• A. From Microsoft Teams, install App Studio
• B. From Microsoft Visual Studio that has the Microsoft Office/SharePoint development workload installed, create a new project that uses a Web Add-in template
• C. From the Microsoft Office 365 portal, use Microsoft PowerApps
• D. Use the Yeoman generator for Microsoft Office Add-ins to create the project, and then open the project in Microsoft Visual Studio Code
• E. From Microsoft Visual Studio that has the Microsoft Office/SharePoint development workload installed, create a new project that uses a Visual Studio Tools for Office (VSTO) template

Answer: DE

Explanation:
D: Run the following command to create an add-in project using the Yeoman generator: yo office
Visual Studio Code is a great tool to help you develop your custom Office Add-ins regardless if they are for Outlook, Word, Excel, PowerPoint and run in the web clients, Windows clients, iOS clients or on macOS.
Open the project in Visual Studio Code by entering the following on the command line from within the same folder where you ran the generator:
code.
E: You can create VSTO Add-ins for Excel.
To create a new Excel VSTO Add-in project in Visual Studio
Start Visual Studio.
On the File menu, point to New, and then click Project.
In the templates pane, expand Visual C# or Visual Basic, and then expand Office/SharePoint.
Under the expanded Office/SharePoint node, select the Office Add-ins node.
In the list of project templates, select Excel 2010 Add-in or Excel 2013 Add-in.
In the Name box, type FirstExcelAddIn.
Click OK.
Visual Studio creates the FirstExcelAddIn project and opens the ThisAddIn code file in the editor. References: https://docs.microsoft.com/en-us/office/dev/add-ins/tutorials/excel-tutorial https://code.visualstudio.com/docs/other/office#_use-visual-studio-code-to-develop-your-office-addin https://docs.microsoft.com/en-us/visualstudio/vsto/walkthrough-creating-your-first-vsto-add-in-for-excel

NEW QUESTION 4

You are developing a server-based web app that will use OAuth2 on behalf of the user and will be registered with the Microsoft identity platform.
Which two types of token will the app retrieve as part of the authorization flow? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

• A. context token
• B. Kerberos token
• C. refresh token
• D. SAML token
• E. access token

Answer: BD

NEW QUESTION 5

You need to protect the backend web service to meet the technical requirements.
Which four actions should you perform in sequence? To answer, move the actions from the list of actions to the answer area and arrange them in the correct order.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Here is a quick overview of the steps:
Step 1: Register an application in Azure AD for the backend web service Register an application (backend-app) in Azure AD to represent the API. Step 2: Set the App ID URI for the backend service application registration
When the application is created (step 1) select Expose an API and click on Save and continue to create an Application ID URI.
Step 3: Defend the scopes in the backend web service application registration
In the Add a scope page, create a new scope supported by the API. (e.g., Read) then click on Add scope to create the scope. Repeat this step to add all scopes supported by your API.
Step 4: Register an application in Azure AD for E-invoicing.
Step 4.1 Register another application in Azure AD to represent a client application
Step 4.2 Now that you have registered two applications to represent the API and the Developer Console, you need to grant permissions to allow the client-app to call the backend-app.
Scenario:
Secure access to the backend web service by using Azure AD
E- invoicing will have internal logic that will dynamically identify whether the user should be allowed to call the backend API.
Reference:
https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-protect-backend-with-aad

NEW QUESTION 6

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct select is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 7

You are building a server-based web app that will use OAuth2 and will be registered with the Microsoft identity platform.
Which two values does the app require to obtain tokens from the Azure Active Directory (Azure AD) authorization endpoint? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

• A. the tenant ID
• B. the context token
• C. the application ID
• D. the application secret
• E. the authorization code

Answer: CE

Explanation:
C: The required client_id is the Application (client) ID that the Azure portal – App registrations experience assigned to your app.
E: The authorization code flow begins with the client directing the user to the /authorize endpoint.

Reference: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow

NEW QUESTION 8

How can you validate that the JSON notification message is sent from the Microsoft Graph service?

• A. The ClientState must match the value provided when subscribing.
• B. The user_guid must map to a user ID in the Azure AD tenant of the customer.
• C. The tenant ID must match the tenant ID of the customer’s Office 365 tenant.
• D. The subscription ID must match the Azure subscription used by ADatum.

Answer: A

Explanation:
clientState specifies the value of the clientState property sent by the service in each notification. The maximum length is 128 characters. The client can check that the notification came from the service by comparing the value of the clientState property sent with the subscription with the value of the clientState property received with each notification.
Note: A subscription allows a client app to receive notifications about changes to data in Microsoft Graph. Reference: https://docs.microsoft.com/en-us/graph/api/resources/subscription

NEW QUESTION 9

You plan to develop a Microsoft Teams bot tghat will return product information to users by using an adaptive card.
You need to card to contain a button that will invoke a web search for the product. What should use?

• A. An action-based messaging extension
• B. A task module
• C. A search-based messaging extension
• D. An outgoing webhook

Answer: B

NEW QUESTION 10

You develop a web API named WebApi1.
When validating a token received from a client application, WebApi1 receives a MsalUiRequiredException exception from Azure Active Directory (Azure AD).
You need to formulate the response that WebApi1 will return to the client application. Which HTTP response should you send?

• A. HTTP 307 Temporary Redirect
• B. HTTP 400 Bad Request
• C. HTTP 403 Forbidden
• D. HTTP 412 Precondition Failed

Answer: D

Explanation:
The HyperText Transfer Protocol (HTTP) 412 Precondition Failed client error response code indicates that access to the target resource has been denied. This happens with conditional requests on methods other than GET or HEAD when the condition defined by the If-Unmodified-Since or If-None-Match headers is not fulfilled. In that case, the request, usually an upload or a modification of a resource, cannot be made and this error response is sent back.
MsalUiRequiredException
The "Ui Required" is proposed as a specialization of MsalServiceException named MsalUiRequiredException. This means you have attempted to use a non-interactive method of acquiring a token (e.g. AcquireTokenSilent), but MSAL could not do it silently. this can be because:
you need to sign-in
you need to consent
you need to go through a multi-factor authentication experience.
The remediation is to call AcquireTokenInteractive try
{
app.AcquireTokenXXX(scopes, account) WithYYYY(...)
ExecuteAsync()
}
catch(MsalUiRequiredException ex)
{
app.AcquireTokenInteractive(scopes) WithAccount(account)
WithClaims(ex.Claims) ExcecuteAsync();
}

NEW QUESTION 11

You use Azure Active Directory (Azure AD) to store user identities. The user profile information is inconsistently populated.
You need to develop a web app that will provide users with a page where they can enter their interests, skill, and description. When the user click the submit button, the app will use Microsoft graph to send the data to Azure AD.
Which HTTP method should you use against the Microsoft graph endpoint?

• A. PUT
• B. POST
• C. PATCH
• D. GET

Answer: A

NEW QUESTION 12

You have a SharePoint Framework (SPFx) web part that displays the weather. Users can set the city within the web part. Which component is invoked to provide the users with the ability to configure the settings for the web part?

• A. a custom control
• B. the property pane
• C. the Application Customizer
• D. a library component

Answer: B

NEW QUESTION 13

This question requires that you evaluate the underlined text to determine if it is correct.
Microsoft Visual Studio Code contains samples that you can use to quickly prototype a Microsoft Office Web Add-in for Microsoft Word.
Instructions: Review the underlined text. If it makes the statement correct, select "No change is needed." If the statement is incorrect, select the answer choice that makes the statement correct.

• A. No change is needed.
• B. Microsoft AppSource
• C. The Office Ul Fabric
• D. The Script Lab add-in

Answer: D

NEW QUESTION 14

You have an application named App1 that is used to administer an Azure Active Directory (Azure AD) tenant. When administrators install Appl, they are prompted for admin consent.
Which application permission can cause the administrators to be prompted for consent?

• A. RoleManagemen
• B. Read . Directory
• C. Device.Command
• D. Device.Read
• E. Calendars.ReadWrite

Answer: A

NEW QUESTION 15

You are building a Microsoft teams application by using an outgoing webhook.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 16

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are developing a new application named App1 that uses the Microsoft identity platform to authenticate to Azure Active Directory (Azure AD).
Currently, App1 can read user profile information. You need to allow App1 to read the user’s calendar.
Solution: From the Azure portal, add the Microsoft Graph API and the Calendar.Read permission by using the API permission list of App1. Grant tenant admin consent.
Does this meet the goal?

• A. Yes
• B. No

Answer: A

Explanation:
Microsoft Graph Calendars.Read allows the app to read events in user calendars.
For your app to access data in Microsoft Graph, the user or administrator must grant it the correct permissions via a consent process.
Application permissions are used by apps that run without a signed-in user present; for example, apps that run as background services or daemons. Application permissions can only be consented by an administrator.
References: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent https://docs.microsoft.com/en-us/graph/permissions-reference

NEW QUESTION 17

For each of the following statements, select Yes if the statement is true. Otherwise, select NO. NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 18

You are building a Microsoft Teams application.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Box 1: Yes
Once an outgoing webhook is added to a team, it acts like bot, listening in channels for messages using
@mention, sending notifications to external web services, and responding with rich messages that can include cards and images.
Box 2: Yes
Webhooks are a great way for Teams to integrate with external apps. A webhook is essentially a POST request sent to a callback URL. In Teams, outgoing webhooks provide a simple way to allow users to send messages to your web service without having to go through the full process of creating bots via the Microsoft Bot Framework. Outgoing webhooks post data from Teams to any chosen service capable of accepting a JSON payload.
Box 3: Yes
Create an outgoing webhook
Select the appropriate team and select Manage team from the (• • • ) drop-down menu.
Choose the Apps tab from the navigation bar.
From the window's lower right corner select Create an outgoing webhook.
In the resulting popup window complete the required fields:
Name - The webhook title and @mention tap.
Callback URL - The HTTPS endpoint that accepts JSON payloads and will receive POST requests from Teams.
Reference:
https://docs.microsoft.com/en-us/microsoftteams/platform/webhooks-and-connectors/how-to/add-outgoing-web

NEW QUESTION 19

This question requires that you evaluate the underlined text to determine if it is correct.
In Microsoft Word on Windows, before you can sideload a Microsoft Office Add-in. you must first upload the manifest to Microsoft_pnePrivc.
Instructions: Review the underlined text. If it makes the statement correct, select "No change is needed." If the statement is incorrect, select the answer choice that makes the statement correct.

• A. No change is needed.
• B. deploy the manifest to an Azure website
• C. publish the manifest to a trusted network location
• D. set Microsoft Edge to Developer Mode

Answer: A

NEW QUESTION 20

You are developing a Microsoft Team application. To host a webpage in a Teams tab, the manifest file must include the contentUrl property within the staticTabs property.
Instructions: Review the underline text. If the makes the statement correct, select ‘’ No change is needed. ‘’ If the statement is incorrect, select the answer choice that makes the statement correct.

• A. No change is needed.
• B. websiteUrl property within the configuragbleTabs property
• C. ValidDomain property within the configuragbleTabs property
• D. ValidDomain property within the statictabs property

Answer: B

NEW QUESTION 21

You have a SharePoint Framework (SPFx) 1.5 solution.
You need to ensure that the solution can be used as a tab in Microsoft Teams. What should you do first?

• A. Convert the solution to use the Bot Framework
• B. Deploy the solution to a developer site collection
• C. Deploy the solution to the Microsoft AppSource store
• D. Upgrade the solution to the latest version of SPFx

Answer: D

Explanation:
Starting with the SharePoint Framework v1.8, you can implement your Microsoft Teams tabs using SharePoint Framework.
Reference:
https://docs.microsoft.com/en-us/sharepoint/dev/spfx/web-parts/get-started/using-web-part-as-msteams-tab

NEW QUESTION 22

You are developing a sever-based application that has the following requirements: Prompt the user to fill out a form that contains a keyword.
Search the Microsoft OneDrive folder for files that contain the keyword and return the results to the user. Allow the user to select one of the files from the results.
Copy the selected file to an Azure Blob storage container.
Which four actions should the application perform in sequence? To answer, move the actions from the list of actions to the answer area and arrange them in the correct order.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 23

You have a line-of-business API that is secured by using Azure Active Directory (Azure AD). You deploy a solution to the app catalog. The solution requests permission to the API.
What should you do in the SharePoint admin center to ensure that the solution can access the API?

• A. Create a SharePoint security group and add the solution
• B. Create an access policy
• C. Enable sandbox solutions
• D. Approve a pending permission request

Answer: D

Explanation:
Developers building a SharePoint Framework solution that requires access to specific resources secured with Azure AD list these resources along with the required permission scopes in the solution manifest. When deploying the solution package to the app catalog, SharePoint creates permission requests and prompts the administrator to manage the requested permissions. For each requested permission, tenant administrators can decide whether they want to grant or deny the specific permission.
All permissions are granted to the whole tenant and not to a specific application that has requested them. When the tenant administrator grants a specific permission, it is added to the SharePoint Online Client Extensibility Azure AD application, which is provisioned by Microsoft in every Azure AD and which is used
by the SharePoint Framework in the OAuth flow to provide solutions with valid access tokens.

NEW QUESTION 24
......