File Info
| Exam | Building Applications and Solutions with Microsoft 365 Core Services |
| Number | MS-600 |
| File Name | Microsoft.MS-600.CertDumps.2022-08-22.176q.tqb |
| Size | 14 MB |
| Posted | Aug 22, 2022 |
| Download | Microsoft.MS-600.CertDumps.2022-08-22.176q.tqb |
How to open VCEX & EXAM Files?
Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.
Coupon: MASTEREXAM
With discount: 20%
Demo Questions
Question 1
Case Study 1 - ADatum
Overview
ADatum Corporation develops a software as a service (SaaS) application named E-invoicing.
Existing Environment
Application Architecture
E-invoicing consists of a single-page application (SPA) and a backend web service that provides invoice management and processing functionality.
E-invoicing stores all the details of each invoicing operation in a backend cloud database. E-invoicing generates invoices in PDF format and provides users with the ability to download the PDF after it is generated. Each invoice has a unique identifier named invoiceid.
The users have a common workflow where they sign in to E-invoicing, and then open E-invoicing in multiple tabs of a web browser so they can use different parts of the application simultaneously.
Security Architecture
ADatum uses the principle of least privilege whenever possible. ADatum always uses the latest libraries and integration endpoints.
Requirements
Business Goals
ADatum wants to integrate E-invoicing, Azure Active Directory (Azure AD), and Microsoft Graph so that their customers can leverage Microsoft Office 365 services directly from within E-invoicing.
Planned Changes
ADatum plans to add the following capabilities to E-invoicing:
- Email the generated invoices to customers on behalf of the current signed-in user. Any emails generated by the system will contain the invoiced.
- Perform as many operations as possible in the browser without having to leave the E-invoicing application.
- Use Azure AD to manage identities, authentication, and authorization.
- Display all emails that contain a specific invoiceid.
Technical Requirements
ADatum identifies the following technical requirements for the planned E-invoicing capabilities:
- Ensure that all operations performed by E-invoicing against Office 365 are initiated by a user. Require that the user authorize E-invoicing to access the Office 365 data the first time the application attempts to access Office 365 data on the user's behalf.
- Send scheduled reminders to customers before a payment due date. Create an administration user interface to enable the scheduled reminders.
- Implement Microsoft Graph change notifications to detect emails from vendors that arrive in a designated mailbox.
- Implement single sign-on (SSO) and minimize login prompts across browser tabs.
- Secure access to the backend web service by using Azure AD.
- Ensure that all solutions use secure coding practices.
Backend Security Planned Changes
ADatum wants to use custom application roles to map user functionality to permissions granted to users.
E-invoicing will have internal logic that will dynamically identify whether the user should be allowed to call the backend API.
SSO JavaScript Script
You plan to implement SSO with Microsoft Authentication Library (MSAL) by using the following code:
Access Token JavaScript Script
You have the following JavaScript code to obtain an access token.
Change Notification JSON
You have the following JSON message that will be sent by the Microsoft Graph service to detect the vendor emails.
You need to configure the initial login request in the access token JavaScript script.
Which code segment should you insert at line 01?
- const scopes = ['https://graph.microsoft.com/.default'];
- const accessTokenRequest = {};
- const scopes = ['https://graph.microsoft.com/Files.Read.All','https://graph.microsoft.com/Mail.Send.All'];
- const accessTokenRequest = {scopes: ['https://graph.microsoft.com/Files.ReadWrite','https://graph.microsoft.com/Mail.Send']};
Correct answer: D
Explanation:
Scenario: ADatum identifies the following technical requirements for the planned E-invoicing capabilities:Ensure that all operations performed by E-invoicing against Office 365 are initiated by a user. Require that the user authorize E-invoicing to access the Office 365 data the first time the application attempts to access Office 365 data on the user's behalf.Reference: https://docs.microsoft.com/en-us/graph/permissions-reference Scenario: ADatum identifies the following technical requirements for the planned E-invoicing capabilities:
Ensure that all operations performed by E-invoicing against Office 365 are initiated by a user. Require that the user authorize E-invoicing to access the Office 365 data the first time the application attempts to access Office 365 data on the user's behalf.
Reference: https://docs.microsoft.com/en-us/graph/permissions-reference
Question 2
Case Study 1 - ADatum
Overview
ADatum Corporation develops a software as a service (SaaS) application named E-invoicing.
Existing Environment
Application Architecture
E-invoicing consists of a single-page application (SPA) and a backend web service that provides invoice management and processing functionality.
E-invoicing stores all the details of each invoicing operation in a backend cloud database. E-invoicing generates invoices in PDF format and provides users with the ability to download the PDF after it is generated. Each invoice has a unique identifier named invoiceid.
The users have a common workflow where they sign in to E-invoicing, and then open E-invoicing in multiple tabs of a web browser so they can use different parts of the application simultaneously.
Security Architecture
ADatum uses the principle of least privilege whenever possible. ADatum always uses the latest libraries and integration endpoints.
Requirements
Business Goals
ADatum wants to integrate E-invoicing, Azure Active Directory (Azure AD), and Microsoft Graph so that their customers can leverage Microsoft Office 365 services directly from within E-invoicing.
Planned Changes
ADatum plans to add the following capabilities to E-invoicing:
- Email the generated invoices to customers on behalf of the current signed-in user. Any emails generated by the system will contain the invoiced.
- Perform as many operations as possible in the browser without having to leave the E-invoicing application.
- Use Azure AD to manage identities, authentication, and authorization.
- Display all emails that contain a specific invoiceid.
Technical Requirements
ADatum identifies the following technical requirements for the planned E-invoicing capabilities:
- Ensure that all operations performed by E-invoicing against Office 365 are initiated by a user. Require that the user authorize E-invoicing to access the Office 365 data the first time the application attempts to access Office 365 data on the user's behalf.
- Send scheduled reminders to customers before a payment due date. Create an administration user interface to enable the scheduled reminders.
- Implement Microsoft Graph change notifications to detect emails from vendors that arrive in a designated mailbox.
- Implement single sign-on (SSO) and minimize login prompts across browser tabs.
- Secure access to the backend web service by using Azure AD.
- Ensure that all solutions use secure coding practices.
Backend Security Planned Changes
ADatum wants to use custom application roles to map user functionality to permissions granted to users.
E-invoicing will have internal logic that will dynamically identify whether the user should be allowed to call the backend API.
SSO JavaScript Script
You plan to implement SSO with Microsoft Authentication Library (MSAL) by using the following code:
Access Token JavaScript Script
You have the following JavaScript code to obtain an access token.
Change Notification JSON
You have the following JSON message that will be sent by the Microsoft Graph service to detect the vendor emails.
You need to complete the MSAL.js code for SSO.
Which code segment should you insert at line 06?
- storeAuthStateInCookie: false
- storeAuthStateInCookie: true
- cacheLocation: `localStorage'
- cacheLocation: `sessionStorage'
Correct answer: C
Explanation:
Scenario: Implement single sign-on (SSO) and minimize login prompts across browser tabs.When your application is open in multiple tabs and you first sign in the user on one tab, the user is also signed in on the other tabs without being prompted. MSAL.js caches the ID token for the user in the browser localStorage and will sign the user in to the application on the other open tabs. By default, MSAL.js uses sessionStorage which does not allow the session to be shared between tabs. To get SSO between tabs, make sure to set the cacheLocation in MSAL.js to localStorage.Reference: https://docs.microsoft.com/bs-latn-ba/Azure/active-directory/develop/msal-js-sso Scenario: Implement single sign-on (SSO) and minimize login prompts across browser tabs.
When your application is open in multiple tabs and you first sign in the user on one tab, the user is also signed in on the other tabs without being prompted. MSAL.js caches the ID token for the user in the browser localStorage and will sign the user in to the application on the other open tabs.
By default, MSAL.js uses sessionStorage which does not allow the session to be shared between tabs. To get SSO between tabs, make sure to set the cacheLocation in MSAL.js to localStorage.
Reference: https://docs.microsoft.com/bs-latn-ba/Azure/active-directory/develop/msal-js-sso
Question 3
Case Study 1 - ADatum
Overview
ADatum Corporation develops a software as a service (SaaS) application named E-invoicing.
Existing Environment
Application Architecture
E-invoicing consists of a single-page application (SPA) and a backend web service that provides invoice management and processing functionality.
E-invoicing stores all the details of each invoicing operation in a backend cloud database. E-invoicing generates invoices in PDF format and provides users with the ability to download the PDF after it is generated. Each invoice has a unique identifier named invoiceid.
The users have a common workflow where they sign in to E-invoicing, and then open E-invoicing in multiple tabs of a web browser so they can use different parts of the application simultaneously.
Security Architecture
ADatum uses the principle of least privilege whenever possible. ADatum always uses the latest libraries and integration endpoints.
Requirements
Business Goals
ADatum wants to integrate E-invoicing, Azure Active Directory (Azure AD), and Microsoft Graph so that their customers can leverage Microsoft Office 365 services directly from within E-invoicing.
Planned Changes
ADatum plans to add the following capabilities to E-invoicing:
- Email the generated invoices to customers on behalf of the current signed-in user. Any emails generated by the system will contain the invoiced.
- Perform as many operations as possible in the browser without having to leave the E-invoicing application.
- Use Azure AD to manage identities, authentication, and authorization.
- Display all emails that contain a specific invoiceid.
Technical Requirements
ADatum identifies the following technical requirements for the planned E-invoicing capabilities:
- Ensure that all operations performed by E-invoicing against Office 365 are initiated by a user. Require that the user authorize E-invoicing to access the Office 365 data the first time the application attempts to access Office 365 data on the user's behalf.
- Send scheduled reminders to customers before a payment due date. Create an administration user interface to enable the scheduled reminders.
- Implement Microsoft Graph change notifications to detect emails from vendors that arrive in a designated mailbox.
- Implement single sign-on (SSO) and minimize login prompts across browser tabs.
- Secure access to the backend web service by using Azure AD.
- Ensure that all solutions use secure coding practices.
Backend Security Planned Changes
ADatum wants to use custom application roles to map user functionality to permissions granted to users.
E-invoicing will have internal logic that will dynamically identify whether the user should be allowed to call the backend API.
SSO JavaScript Script
You plan to implement SSO with Microsoft Authentication Library (MSAL) by using the following code:
Access Token JavaScript Script
You have the following JavaScript code to obtain an access token.
Change Notification JSON
You have the following JSON message that will be sent by the Microsoft Graph service to detect the vendor emails.
How can you validate that the JSON notification message is sent from the Microsoft Graph service?
- The ClientState must match the value provided when subscribing.
- The user_guid must map to a user ID in the Azure AD tenant of the customer.
- The tenant ID must match the tenant ID of the customer's Office 365 tenant.
- The subscription ID must match the Azure subscription used by ADatum.
Correct answer: A
Explanation:
clientState specifies the value of the clientState property sent by the service in each notification. The maximum length is 128 characters. The client can check that the notification came from the service by comparing the value of the clientState property sent with the subscription with the value of the clientState property received with each notification.Note: A subscription allows a client app to receive notifications about changes to data in Microsoft Graph.Reference: https://docs.microsoft.com/en-us/graph/api/resources/subscription clientState specifies the value of the clientState property sent by the service in each notification. The maximum length is 128 characters. The client can check that the notification came from the service by comparing the value of the clientState property sent with the subscription with the value of the clientState property received with each notification.
Note: A subscription allows a client app to receive notifications about changes to data in Microsoft Graph.
Reference: https://docs.microsoft.com/en-us/graph/api/resources/subscription
