- (Exam Topic 1)
You need to protect the backend web service to meet the technical requirements.
Which four actions should you perform in sequence? To answer, move the actions from the list of actions to the answer area and arrange them in the correct order.
Solution:
Here is a quick overview of the steps:
Step 1: Register an application in Azure AD for the backend web service Register an application (backend-app) in Azure AD to represent the API. Step 2: Set the App ID URI for the backend service application registration
When the application is created (step 1) select Expose an API and click on Save and continue to create an Application ID URI.
Step 3: Defend the scopes in the backend web service application registration
In the Add a scope page, create a new scope supported by the API. (e.g., Read) then click on Add scope to create the scope. Repeat this step to add all scopes supported by your API.
Step 4: Register an application in Azure AD for E-invoicing.
Step 4.1 Register another application in Azure AD to represent a client application
Step 4.2 Now that you have registered two applications to represent the API and the Developer Console, you need to grant permissions to allow the client-app to call the backend-app.
Scenario:
Secure access to the backend web service by using Azure AD
E- invoicing will have internal logic that will dynamically identify whether the user should be allowed to call the backend API.
Reference:
https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-protect-backend-with-aad
Does this meet the goal?
Correct Answer:
A
- (Exam Topic 2)
You plan to create a Microsoft Teams application that uses action-based messaging extensions. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Solution:
Does this meet the goal?
Correct Answer:
A
- (Exam Topic 2)
You are developing a Microsoft Team application. To host a webpage in a Teams tab, the manifest file must include the contentUrl property within the staticTabs property.
Instructions: Review the underline text. If the makes the statement correct, select ‘’ No change is needed. ‘’ If the statement is incorrect, select the answer choice that makes the statement correct.
Correct Answer:
B
- (Exam Topic 2)
You are developing a SharePoint Framework (SPFx) web part. The web part will call a backed API that is secured by using Azure Active Directory (Azure AD). The web part will be on a page that has many other web parts.
Which type of web part should you use ensure that access to the exclusive to the web part?
Correct Answer:
A
- (Exam Topic 2)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are developing a new application named App1 that uses the Microsoft identity platform to authenticate to Azure Active Directory (Azure AD).
Currently, App1 can read user profile information. You need to allow App1 to read the user’s calendar.
Solution: From the Azure portal, add the Microsoft Graph API and the Calendar.Read permission by using the API permission list of App1. Grant tenant admin consent.
Does this meet the goal?
Correct Answer:
A
Microsoft Graph Calendars.Read allows the app to read events in user calendars.
For your app to access data in Microsoft Graph, the user or administrator must grant it the correct permissions via a consent process.
Application permissions are used by apps that run without a signed-in user present; for example, apps that run as background services or daemons. Application permissions can only be consented by an administrator.
References: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent https://docs.microsoft.com/en-us/graph/permissions-reference