NEW QUESTION 1

This question requires that you evaluate the underlined text to determine if it is correct.
In Microsoft Word on Windows, before you can sideload a Microsoft Office Add-in. you must first upload the manifest to Microsoft_pnePrivc.
Instructions: Review the underlined text. If it makes the statement correct, select "No change is needed." If the statement is incorrect, select the answer choice that makes the statement correct.

• A. No change is needed.
• B. deploy the manifest to an Azure website
• C. publish the manifest to a trusted network location
• D. set Microsoft Edge to Developer Mode

Answer: A

NEW QUESTION 2

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Box 1: Yes
As part of your app you can add custom tabs to embed your own web content in Teams, and using the Teams JavaScript client SDK, add Teams-specific functionality to your web content.
Box 2: Yes
You can use the Office JavaScript API to create task pane or content add-ins for Office 2013 host applications. Box 3: Yes
You can use the Office JavaScript API to create task pane or content add-ins for Office 2013 host applications. Reference: https://docs.microsoft.com/en-us/microsoftteams/platform/tabs/what-are-tabs https://docs.microsoft.com/en-us/office/dev/add-ins/develop/support-for-task-pane-and-content-add-ins

NEW QUESTION 3

How can you validate that the JSON notification message is sent from the Microsoft Graph service?

• A. The ClientState must match the value provided when subscribing.
• B. The user_guid must map to a user ID in the Azure AD tenant of the customer.
• C. The tenant ID must match the tenant ID of the customer’s Office 365 tenant.
• D. The subscription ID must match the Azure subscription used by ADatum.

Answer: A

Explanation:
clientState specifies the value of the clientState property sent by the service in each notification. The maximum length is 128 characters. The client can check that the notification came from the service by comparing the value of the clientState property sent with the subscription with the value of the clientState property received with each notification.
Note: A subscription allows a client app to receive notifications about changes to data in Microsoft Graph. Reference: https://docs.microsoft.com/en-us/graph/api/resources/subscription

NEW QUESTION 4

You have a SharePoint Framework (SPFx) web part that displays the weather. Users can set the city within the web part. Which component is invoked to provide the users with the ability to configure the settings for the web part?

• A. a custom control
• B. the property pane
• C. the Application Customizer
• D. a library component

Answer: B

NEW QUESTION 5

You develop a web API named WebApi1.
When validating a token received from a client application, WebApi1 receives a MsalUiRequiredException exception from Azure Active Directory (Azure AD).
You need to formulate the response that WebApi1 will return to the client application. Which HTTP response should you send?

• A. HTTP 307 Temporary Redirect
• B. HTTP 400 Bad Request
• C. HTTP 403 Forbidden
• D. HTTP 412 Precondition Failed

Answer: D

Explanation:
The HyperText Transfer Protocol (HTTP) 412 Precondition Failed client error response code indicates that access to the target resource has been denied. This happens with conditional requests on methods other than GET or HEAD when the condition defined by the If-Unmodified-Since or If-None-Match headers is not fulfilled. In that case, the request, usually an upload or a modification of a resource, cannot be made and this error response is sent back.
MsalUiRequiredException
The "Ui Required" is proposed as a specialization of MsalServiceException named MsalUiRequiredException. This means you have attempted to use a non-interactive method of acquiring a token (e.g. AcquireTokenSilent), but MSAL could not do it silently. this can be because:
you need to sign-in
you need to consent
you need to go through a multi-factor authentication experience.
The remediation is to call AcquireTokenInteractive try
{
app.AcquireTokenXXX(scopes, account) WithYYYY(...)
ExecuteAsync()
}
catch(MsalUiRequiredException ex)
{
app.AcquireTokenInteractive(scopes) WithAccount(account)
WithClaims(ex.Claims) ExcecuteAsync();
}

NEW QUESTION 6

When developing a tab in Microsoft teams, personal, group, and shared tabs can all be implemented as configurable tabs.
Instructions: Review the underlined BOLD text, if it makes the statement correct, select ‘’ No change is needed if the statement is incorrect selct the answer choice that makes the statement correct.

• A. No change is needed.
• B. Share the same code
• C. Be used in a conversation
• D. Have a configuration panel

Answer: A

NEW QUESTION 7

You are designing a Microsoft Teams application. The application will enable content authors to start conversations about news coming from a third-party application.
Which development technique should you use?

• A. incoming webhooks
• B. outgoing webhooks
• C. activity feeds
• D. deep links

Answer: D

Explanation:
Create deep links to content and features in Microsoft Teams.
You can create links to information and features within the Teams client. Examples of where this may be useful:
Your app automates or simplifies certain user tasks, such as creating a chat or scheduling a meeting, by pre-populating the deep links with required parameters. This avoids the need for users to manually enter information.
Navigating the user to content within one of your app's tabs.
Reference: https://docs.microsoft.com/en-us/microsoftteams/platform/concepts/build-and-test/deep-links

NEW QUESTION 8

You are developing in application named App1.
App1 needs to use the Microsoft Graph API to retrieve emails from Microsoft 365 for the current signed-in user. The solution must meet the following requirements:
Emails that have attachments and are from bill@contoso.com must be retrieved.
The results must show the subject of the email, the sender address, and the count of emails retrieved.
How should you complete the URI to retrieve the results? To answer, drag the appropriate values to the correct targets. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Box 1: $count
Use $count as a query parameter to include a count of the total number of items in a collection alongside the page of data values returned from the Graph, as in the following example:
GET https://graph.microsoft.com/v1.0/me/contacts?$count=true Box 2: $select
To specify a different set of properties to return than the default set provided by the Graph, use the $select query option. The $select option allows for choosing a subset or superset of the default set returned.
Box 3: $filter
To filter the response data based on a set of criteria, use the $filter query option.
The following example returns messages that have the address field of the from property equal to "jon@contoso.com".
The from property is of the complex type emailAddress.
GET https://graph.microsoft.com/v1.0/me/messages?$filter=from/emailAddress/address eq 'jon@contoso.com' Reference: https://developer.microsoft.com/en-us/graph/docs/overview/query_parameters

NEW QUESTION 9

HOTSPOT
You are developing an interactive invoicing application that will be used by end users. The application will have the following features:
Save invoices generated by a user to the user’s Microsoft OneDrive.
Email daily automated reminders.
You need to identify which permissions to grant for the application features. The solution must use the principle of least privilege.
Which permission should you grant for each feature? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Microsoft identity platform supports two types of permissions: delegated permissions and application permissions.
Box 1: Delegated
Delegated permissions are used by apps that have a signed-in user present. For these apps, either the user or an administrator consents to the permissions that the app requests, and the app is delegated permission to act as the signed-in user when making calls to the target resource.
Box 2: Application
Application permissions are used by apps that run without a signed-in user present; for example, apps that run as background services or daemons. Application permissions can only be consented by an administrator.
Reference: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent

NEW QUESTION 10

You have an application that employees use to schedule vacations. The application sets an automatic reply and an out-of-off event in the employees’ Microsoft 365 calender.
Employees who access the application from a mobile device report that the application is slow to make changes.
You need to replace the application calls to use batched request. Automatic reply must be set only if an out-of-office event is set successfully.
How should you complete the batch request? To answer, select the appropriate options in the answer area.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 11

You have a backend service that will access the Microsoft Graph API.
You need to configure the service to authenticate by using the most secure authentication method. What should you configure the service to use?

• A. a certificate
• B. a client secret
• C. a shared key
• D. a hash

Answer: A

Explanation:
You can authenticate to the Graph API with two primary methods: AppId/Secret and certificate based authentication. Certificate is the preferred and more secure way of authenticating.
Reference: https://adamtheautomator.com/microsoft-graph-api-powershell/

NEW QUESTION 12

You need to complete the MSAL.js code for SSO. Which code segment should you insert at line 06?

• A. storeAuthStateInCookie: false
• B. storeAuthStateInCookie: true
• C. cacheLocation: ‘localStorage’
• D. cacheLocation: ‘sessionStorage’

Answer: C

Explanation:
Scenario: Implement single sign-on (SSO) and minimize login prompts across browser tabs.
When your application is open in multiple tabs and you first sign in the user on one tab, the user is also signed in on the other tabs without being prompted. MSAL.js caches the ID token for the user in the browser localStorage and will sign the user in to the application on the other open tabs.
By default, MSAL.js uses sessionStorage which does not allow the session to be shared between tabs. To get SSO between tabs, make sure to set the cacheLocation in MSAL.js to localStorage.
Reference: https://docs.microsoft.com/bs-latn-ba/Azure/active-directory/develop/msal-js-sso

NEW QUESTION 13

You have a starter SharePoint Framework (SPFx) web part.
You need to test the web part from the local workbench by connecting to a URL of https:// localhost:4321/temp/workbench.html.
Which tool should you use make the web part available locally for debugging?

• A. Yeoman
• B. Microsoft Visual Studio Code
• C. npm install
• D. gulp serve

Answer: B

Explanation:
By setting up debugging of your SharePoint Framework solution in Visual Studio Code, you can more efficiently step through your code and fix errors.
When building SharePoint Framework solutions, you can use the local workbench to verify that your web part is working correctly. Using the local workbench is convenient for testing all scenarios that do not require communicating with SharePoint as well as for offline development.
Reference: https://docs.microsoft.com/en-us/sharepoint/dev/spfx/debug-in-vscode

NEW QUESTION 14

This question requires that you evaluate the underlined BOLD text to determine if it is correct.
You can use App Studio for Microsoft Teams to develop all the components of a bot application.
Instructions: Review the underlined text. If it makes the statement correct, select “No change is needed”. If the statement is incorrect, select the answer choice that makes the statement correct.

• A. No change is needed
• B. configure a Teams tab in an application
• C. develop a SharePoint Framework (SPFx) web part
• D. provision a bot by using the Bot Framework

Answer: B

Explanation:
Tabs provide a place for you to display for rich interactive web content. You can define both personal and team tabs.
There can be only 1 team tab per app, but up to 16 personal tabs per app.
Reference: https://blog.thoughtstuff.co.uk/2021/04/what-is-app-studio-in-microsoft-teams-and-why-do-i-care/

NEW QUESTION 15

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Box 1: Yes
The Adaptive Cards Designer provides a drag-and-drop experience to quickly build and tweak adaptive cards. Outlook Actionable Messages cards are designed using the Adaptive Card format. The Adaptive Card format
is a simple yet powerful declarative layout format that provides a lot of flexibility, allowing for visually rich cards. In this topic we'll cover the Outlook-specific features of the Adaptive Card format.
Box 2: Yes
The actionable message card is in JSON format. Box 3: No
By default, the Tenant Administrator can create, edit, clone, and delete tenants, and manage user accounts. Note:
To enable Actionable Messages the recipient of the task must be an Office 365 customer with permissions for the SharePoint online site.
No: Office 365 administrators can disable actionable messages via the Set-OrganizationConfig cmdlet. If actionable messages do not render, check with your administrator to make sure the feature is enabled in your organization.
Adaptive Cards Designer Microsoft outlook actionable messages
References: https://docs.microsoft.com/en-us/outlook/actionable-messages/adaptive-card https://gingkoapp.com/create-tenant-administrator.html

NEW QUESTION 16

You need to develop a server-based web app that will be registered with the Microsoft identity platform. The solution must ensure that the app can perform operations on behalf of the user?
Which type of authorization flow should you use?

• A. authorization code
• B. refresh token
• C. resource owner password
• D. device code

Answer: A

Explanation:
In web server apps, the sign-in authentication flow takes these high-level steps:

You can ensure the user's identity by validating the ID token with a public signing key that is received from the Microsoft identity platform endpoint. A session cookie is set, which can be used to identify the user on subsequent page requests.
In addition to simple sign-in, a web server app might need to access another web service, such as a REST API. In this case, the web server app engages in a combined OpenID Connect and OAuth 2.0 flow, by using the OAuth 2.0 authorization code flow.
Reference: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-app-types

NEW QUESTION 17

You are developing a front end web app.
You want to display the current username as part of the user interface.
You need to retrieve the current username from Microsoft Graph by using a REST request. The solution must minimize the amount of information returned.
To which URI should you send the request?

• A. Option A
• B. Option B
• C. Option C
• D. Option D

Answer: A

NEW QUESTION 18

You are developing a web app that will display emails from the Microsoft 365 mailbox of the current signed-in user.
For performance reasons, you do not want all the emails to be loaded simultaneously, rather page-by-page as the user navigates the app.
You plan to display 30 emails per page. The most recent emails must be displayed first.
How should you complete the query parameters for the REST request to display the third page of emails? To answer, drag the appropriate query parameters to the correct targets. Each query parameter may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
Box 1: top
Number of items to return in a result Box 2: skip
$skip Indexes into a result set. Also used by some APIs to implement paging and can be used together with
$top to manually page results.
Reference: https://developer.microsoft.com/en-us/graph/docs/overview/query_parameters

NEW QUESTION 19

You are developing an application that will track changes to the UserPrincipalName attribute of Microsoft 365 accounts.
You need to use a REST request to retrieve the information by using Microsoft Graph. The solution must minimize the amount of data retrieved.
What should you do?

• A. Use GET https://graph.microsoft.com/v1.0/users/delta for the first cal
• B. Use the state token in subsequent calls.
• C. Use GET https://graph.microsoft.com/v1.0/users/delta?$select=UserPrincipalName for the first cal
• D. Use the state token in subsequent calls.
• E. Use GET https://graph.microsoft.com/v1.0/users$select=UserPrincipalName for the calls and track the changes.
• F. Use GET https://graph.microsoft.com/v1.0/users for the calls and track the changes.

Answer: B

Explanation:
Use delta query to track changes in a resource collection
The typical call pattern is as follows:application begins by calling a GET request with the delta function on the desired resource.
Microsoft
The Graph sends a response containing the requested resource and a state token.
Example: Selecting three properties
The next example shows the initial request selecting three properties for change tracking, with default response behavior.
Note: Delta query enables applications to discover newly created, updated, or deleted entities without performing a full read of the target resource with every request.
Reference: https://docs.microsoft.com/en-us/graph/api/user-delta

NEW QUESTION 20

You are building email notifications for an expensing system.
When a user receives an email notification, the email will contain a comment field. When the user submits a comment, the data will be returned to the expensing system for processing.
What should you do to implement the notification by using the minimum amount of development effort?

• A. Create a Microsoft Office Add-in that has an action pane to display the notifications
• B. Leverage Microsoft Graph notifications
• C. Leverage the Azure SignalR Service and implement web notifications
• D. Configure the expensing system to send actionable messages

Answer: D

Explanation:
Whether you are filling out a survey, approving an expense report, or updating a CRM sales opportunity, Actionable Messages enable you to take quick actions right from within Outlook. Developers can now embed actions in their emails or notifications, elevating user engagement with their services and increasing
organizational productivity.
Office 365 provides two solutions to enhance productivity with Outlook Actionable Messages: actionable messages via email, and actionable messages via Office 365 Connectors.
Reference: https://docs.microsoft.com/en-us/outlook/actionable-messages/

NEW QUESTION 21

You have a custom Microsoft Word add-in that was written by using Microsoft Visual Studio Code. A user reports that there is an issue with the add-in.
You need to debug the add-in for Word Online.
What should you do before you begin debugging in Visual Studio Code?

• A. Disable script debugging in your web browser
• B. Sideload the add-in
• C. Publish the manifest to the Microsoft SharePoint app catalog
• D. Add the manifest path to the trusted catalogs

Answer: C

Explanation:
Debug your add-in from Excel or Word on the web
To debug your add-in by using Office on the web (see step 3):
* 12.Deploy your add-in to a server that supports SSL.
* 13. In your add-in manifest file, update the SourceLocation element value to include an absolute, rather than a relative, URI.
* 14. Upload the manifest to the Office Add-ins library in the app catalog on SharePoint.
* 15. Launch Excel or Word on the web from the app launcher in Office 365, and open a new document.
* 16.On the Insert tab, choose My Add-ins or Office Add-ins to insert your add-in and test it in the app.
* 17.Use your favorite browser tool debugger to debug your add-in.
Reference: https://docs.microsoft.com/en-us/office/dev/add-ins/testing/debug-add-ins-in-office-online

NEW QUESTION 22

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are developing a new application named App1 that uses the Microsoft identity platform to authenticate to Azure Active Directory (Azure AD).
Currently, App1 can read user profile information. You need to allow App1 to read the user’s calendar.
Solution: From the Azure portal, add the Microsoft Graph API and the Calendar.Read permission by using the API permission list of App1. Grant tenant admin consent.
Does this meet the goal?

• A. Yes
• B. No

Answer: A

Explanation:
Microsoft Graph Calendars.Read allows the app to read events in user calendars.
For your app to access data in Microsoft Graph, the user or administrator must grant it the correct permissions via a consent process.
Application permissions are used by apps that run without a signed-in user present; for example, apps that run as background services or daemons. Application permissions can only be consented by an administrator.
References: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent https://docs.microsoft.com/en-us/graph/permissions-reference

NEW QUESTION 23

Which URI should you use to query all the emails that relate to an invoice?

• A. Option A
• B. Option B
• C. Option C
• D. Option D

Answer: A

NEW QUESTION 24

You have a single-page application (SPA) named TodoListSPA and a server-based web app named TodoListService.
The permissions for the TodoList SPA API are configured as shown in the TodoList SPA exhibit. (Click the TodoListSPA tab.)

The permissions for the TodoListService API are configured as shown in the TodoListService exhibit. (Click the TodoListService tab.)

You need to ensure that TodoListService can access a Microsoft OneDrive file of the signed-in user. The solution must use the principle of least privilege.
Which permission should to grant?

• A. the Sites.Read.All delegated permission for TodoListService
• B. the Sites.Read.All delegated permission for TodoListSpa
• C. the Sites.Read.All application permission for TodoListSPA
• D. the Sites.Read.All application permission for TodoListService

Answer: A

Explanation:
A client application gains access to a resource server by declaring permission requests. Two types are available:
"Delegated" permissions, which specify scope-based access using delegated authorization from the signed-in resource owner, are presented to the resource at run-time as "scp" claims in the client's access token.
"Application" permissions, which specify role-based access using the client application's credentials/identity, are presented to the resource at run-time as "roles" claims in the client's access token.
Reference: https://docs.microsoft.com/en-us/azure/active-directory/develop/developer-glossary#permissions

NEW QUESTION 25
......