Microsoft Certified Technology Specialist (MCTS) certifications enable professionals to target specific technologies and to distinguish themselves by demonstrating in-depth knowledge and expertise in their specialized technologies. more at http://www.certkingdom.com
ABOUT THE SALESFORCE CERTIFIED B2C COMMERCE DEVELOPER CREDENTIAL The Salesforce Certified B2C Commerce Developer credential is designed for
individuals who have experience as full stack developers for Salesforce B2C
Commerce Digital. This credential is targeted toward Salesforce customers,
partners, and employees who want to demonstrate their knowledge and skills in
using the B2C Commerce Digital to develop an eCommerce solution, such as:
setting up the development environment, working with the Digital data model,
working with site content, using Business Manager to perform site configuration
tasks, using scripts to extend site business logic, interacting with external
applications, optimizing site performance, and troubleshooting common issues.
SECTION 1. PURPOSE OF THIS EXAM GUIDE This Exam Guide is designed to help candidates evaluate their readiness to
pass the Salesforce Certified B2C Commerce Developer exam. This guide provides
information about the target audience for the certification exam, recommended
training and documentation, and a complete list of exam objectives; all with the
intent of helping candidates achieve a passing score. Salesforce highly
recommends a combination of on-the-job experience, and self-study to maximize
the likelihood of passing the exam.
The Salesforce Certified B2C Commerce Developer generally has three to six
months of experience in a B2C Commerce Developer role and has the skills and
knowledge of the following concepts:
Has knowledge of how the elements of a B2C Commerce Digital site interact.
Can create cartridges to add reusable functionality to a site.
Has knowledge of the elements contained within SiteGenesis.
Can describe the behavior of pipelines in existing sites or LINK cartridges.
Can create and troubleshoot JavaScript controllers to add business logic to a
site.
Can create reusable code using ISML templates.
Can use Digital Script API packages to manipulate site elements.
Can use the Forms Framework to control the validation, rendering, and storing
consumer-entered values.
Can create and manage jobs using the job scheduler.
Can use Open Commerce APIs and Web Services.
Can use appropriate techniques to troubleshoot issues with site code or site
configuration as well as optimize site performance.
A candidate for this exam will likely need assistance with: Troubleshooting front end tool installation and IDE if the developer
encounters issues.
Using front-end build tools, such as those included with SiteGenesis.
Replicating code and data using the appropriate instances of the B2C Commerce
Digital infrastructure.
Architecting solution elements.
Managing Certificates and private keys.
Establishing firewall rules for integrations.
A candidate for this exam is not expected to know how to do the following: Design a site, build complex sites, or create complex integrations.
Perform administrative tasks (e.g., maintain a Primary Instance Group, use
Control Center for administrative tasks, whitelist IP addresses).
Use cartridges from the B2C Commerce Community Suite.
Know any particular development lifecycle methodology.
Typical job roles a Salesforce Certified B2C Commerce Developer candidate may
include: Front End Developer
Full Stack Developer
Technical Architect
SECTION 3. ABOUT THE EXAM
The Salesforce Certified B2C Commerce Developer exam has the following
characteristics: Content: 60 multiple-choice/multiple-select questions
Time allotted to complete the exam: 105 minutes
Passing Score: 70%
Registration fee: USD 200, plus applicable taxes as required per local law
Retake fee: USD 100, plus applicable taxes as required per local law
Delivery options: Proctored exam delivered onsite at a testing center or in an
online proctored environment. Click here for information on scheduling an exam.
References: No hard-copy or online materials may be referenced during the
exam.
Prerequisite: None
SECTION 4. RECOMMENDED TRAINING AND REFERENCES As preparation for this exam, Salesforce recommends a combination of:
hands-on experience, training course completion, and self-study.
The following are links to self-study resources that are associated with the
areas listed in the Exam Outline section of this exam guide:
Xchange Community*
Commerce Cloud Digital online documentation
Click here* for information on how enroll in instructor-led courses and launch
online learning courses.
Courses recommended for this exam:
GEN 001 Getting Started with Demandware
DEV 001 Demandware Platform Architecture Overview
CCD 101 Developing for Digital I
CCD 201 Developing for Digital II
*Please note that you will need an Xchange Community username and password to
access the Xchange Community. To obtain access to the Xchange Community, please
contact your B2C Commerce Account Manager.
SECTION 5. EXAM OUTLINE
The Salesforce Certified B2C Commerce Developer exam measures a candidate’s
knowledge and skills related to the following objectives. A candidate should
have hands-on experience with B2C Commerce and should be able to demonstrate
knowledge and expertise in each of the areas below.
ENVIRONMENT SETUP
Given a sandbox instance and Eclipse IDE, install UX Studio and upload code to
the sandbox environment.
Given a sandbox instance and data import files, import files using Business
Manager Import/Export modules.
Given the code for a storefront site, add the correct sequence of cartridge
names to the provided cartridge path.
Given a sandbox instance and UX Studio connection, troubleshoot file
synchronization issues between UX Studio and the sandbox environment.
DIGITAL ARCHITECTURE Given a Business Manager task, work with the product data model to manage
products, their categorization, and associated inventory.
Given a configuration task, use Business Manager to work with storefront data
to complete a storefront order.
Given a configuration task, use Business Manager to work with Content Assets,
Content Slots, and Content Folders.
DATA MANAGEMENT/BUSINESS MANAGER USAGE Given a business requirement, modify site search preferences and settings
to enable searching for a specified product attribute.
Given a business requirement, create a new search refinement definition that
can be used on the storefront.
Given existing code and a sandbox instance, enable and access logging category
in Business Manager.
Given business requirements, pass data to a downstream system; extend the
storefront to expose a new attribute on an existing system object type.
Given business requirements, create a custom object type to store a custom
data type.
Given a performance issue and sample code, determine the faulty cache
configuration and identify the cause.
Given a specification and a sandbox instance, configure OCAPI permissions for
Data and Shop APIs.
APPLICATION DEVELOPMENT Given a development task, create ISML templates that use the following
ISML functionality: local include, remote include, modules, and components.
Configure and use the debugger to inspect script and pipeline functions.
Given a requirement, create a JavaScript controller that leverages a script
and renders a template/JSON.
Given a coding scenario, modify a JavaScript controller to alter the control
logic.
Given a requirement, modify the appearance of a form, add validation and CSRF
protection, and use bindings to process fields.
Given localization requirements, implement and enhance templates, form
definitions, static files, properties files, and persistent object attributes to
ensure that localized pages are displayed as expected.
Given a logging task, write code that logs non-sensitive data to custom log
files with different log levels.
Given a requirement and a simple service specification, integrate and deploy
using Service framework.
Given a use case, extend functionality with a hook that is not previously
defined in hooks.json.
Given code that violates documented best practices, identify the issues and
modify the code to conform to best practices including performance &
scalability.
Given a business requirement, use OCAPI Shop and Data APIs to enable
interoperability with an external system.
SECTION 6. SAMPLE EXAM QUESTIONS
The following questions are representative of those on the Salesforce Certified
B2C Commerce Developer exam. These questions are not designed to test your
readiness to successfully complete the certification exam, but should be used to
become familiar with the types of questions on the exam. The actual exam
questions may be more or less difficult than this set of questions.
1. A business user wants to add a link to a category page in the body of a
content asset. The category's ID is: `mens-jeans`.
Which link function will generate the correct link?
Choose One
A) `$url('Search-Show', 'cgid', 'mens-jeans')$`
B) `$httpUrl('Search-Show', 'cid', 'mens-jeans')$`
C) `$include('Products-Show', 'cgid', 'mens-jeans')$`
D) `$url('Products-Show', 'cid', 'mens-jeans')$`
2. A Developer has been asked to configure a content slot with featured
products.
Which two slot content types can the developer configure to achieve the
requirement?
Choose Two
A) Content Asset
B) HTML
C) Product
D) Recommendation
3. Given the resource bundle files below:
The file hello.properties contains:
greeting=Hello!
The file hello_fr.properties contains:
greeting=Bonjour!
Which sample code returns the value from the greeting key
in hello_fr.properties?
Choose One
A) dw.web.Resource.msg('greeting_fr', 'hello', null)
B) dw.web.Resource.msg('greeting', 'hello_fr', null)
C) dw.web.Resource.msg('greeting', 'hello', 'fr')
D) dw.web.Resource.msg('greeting', 'hello', null)
4. A Developer is tasked with converting the Universal Containers site from
using pipelines to using controllers. As a temporary fix, the Developer wants to
call the Account-Login pipeline from a new controller and return to the new
controller after login. The Account-Login pipeline has a login form.
What should the Developer do to accomplish this?
Choose One
A) Convert the Account-Login pipeline to a controller.
B) Use the Pipeline.execute() method to call the Account-Login pipeline.
C) Use the Pipeline.call() method to call the Account-Login pipeline.
D) Add a URL Redirect to the Account-Login pipeline.
SECTION 7. ANSWERS TO SAMPLE EXAM QUESTIONS
1. A
2. C & D
3. D
4. A
SECTION 8. MAINTAINING A CERTIFICATION
One of the benefits of holding a Salesforce credential is always being up to
date on new product releases. Our release exams are designed to ensure you have
the latest information you need to be a successful Salesforce Certified expert.
Bookmark these useful resources for maintaining your credentials:
· Maintenance Exam Due Dates
· Verify Your Certification Status
· Overall Maintenance Requirements
Don’t let your hard-earned credential expire! Once you earn the credential, if
you do not complete all maintenance requirements by the due date, your
credential will expire, or in some cases, become suspended. For more
information, click here.
QUESTION 1 A Digital Developer has been given a specification to integrate with a REST
API for retrieving weather conditions. The service expects parameters to be form
encoded.
Which service type should the Developer register?
A. FTP
B. SOAP
C. HTTP Form
D. WebDAV
Correct Answer: C
QUESTION 2 What happens if the log file size limit is reached in custom logging?
A. Logging is suspended for the day.
B. Logging is suspended for two hours.
C. The log file is deleted and recreated from scratch.
D. The log file rolls over and the last used log is overwritten.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Reference: https://documentation.b2c.commercecloud.salesforce.com/DOC2/index.jsp?topic=%
2Fcom.demandware.dochelp%2FSiteDevelopment%2FUnderstandingLogFiles.html
QUESTION 3 Which line of code creates a content slot that can be included on
homepage.isml to display on the home page?
A.
B.
C.
D.
QUESTION 4 A Digital Developer selects “Show Orderable Products Only” in the Search >
Search Preferences Business Manager module.
Which business goal does this accomplish?
A. Exclude products from search results if Available to Sell (ATS) = 0.
B. Exclude back-ordered products from showing on the website.
C. Block displaying the product detail page if Available to Sell (ATS) = 0.
D. Exclude pre-order products from search results.
Correct Answer: A
QUESTION 5 Universal Containers created a site export file from staging in the global
export directory.
How should the Digital Developer update their sandbox using this staging site
export file?
A. Perform a data replication from staging.
B. Use the Site Development > Site Import & Export Business Manager module.
C. Download the site export file and use UX Studio to transfer the data to the
sandbox.
D. Use the Site Development > Import & Export Business Manager module.
Exam Details The Professional NSX-T Data Center 2.4 exam (2V0-41.19) which leads to
VMware Certified Professional – Network Virtualization 2020 certification is a
70-item exam, with a passing score of 300 using a scaled method. Candidates are
given an appointment time of 105 minutes, which includes five-minute seating
time and adequate time to complete the exam for non-native English speakers.
Actual exam time is 100 minutes. Exam Delivery This is a proctored exam
delivered at Pearson VUE testing centers, world-wide. For more information,
visit the Pearson VUE website. Certification Information For details and a
complete list of requirements and recommendations for certification attainment,
please reference the VMware Education Services – Certification website.
Minimally Qualified Candidate The minimally qualified candidate should have 6
months or more experience installing, configuring, managing, and troubleshooting
NSX-T Data Center 2.4 solutions. Candidates should be knowledgeable of the
features, functions, and architectures of NSX-T. They should have at least 6
months hands-on experience with Linux and KVM. They should have 1 year of
experience working in IT and with VMware vSphere and its command line. The
successful candidate will likely hold additional industry-recognized IT
certifications or accreditation. The MQC should have all the knowledge contained
in the exam sections listed below. Exam Sections VMware exam blueprint sections
are now standardized to the seven sections below, some of which may NOT be
included in the final exam blueprint depending on the exam objectives.
Section 1 – Architecture and Technologies
Section 2 – Products and Solutions
Section 3 – Planning and Designing
Section 4 – Installing, Configuring, and Setup
Section 5 – Performance-tuning, Optimization, and Upgrades
Section 6 – Troubleshooting and Repairing
Section 7 – Administrative and Operational Tasks
If a section is missing from the list below, please note it is because the exam
has no testable objectives for that section. The objective numbering may be
referenced in your score report at the end of your testing event for further
preparation should a retake of the exam be necessary.
Sections Included in the Exam
Section 1 – Architectures and Technologies - There are no testable objectives
for this section
Section 2 – VMware Products and Solutions
Objective 2.1 Describe the VMware Virtual Cloud Network Vision
Objective 2.2 Outline the solutions of NSX Portfolio
Objective 2.3 List the use-cases for NSX Data Center
Objective 2.4 Explain the value proposition and features of NSX
Objective 2.5 Identify Physical and Virtual Infrastructure Requirements for NSX-T
Data Center
Objective 2.6 Describe NSX Architecture and Component sub-systems
Objective 2.7 Differentiate the functionalities of Management Plane, Control
Plane, Data Plane, and Consumption Planes
Objective 2.8 Define NSX-T Data Center Terminology
Objective 2.9 Describe the Logical Switching Architecture and Features
Objective 2.10Describe the Logical Routing Architecture and Features
Objective 2.11Describe the NSX-T Data Center Network Services
Objective 2.12 Explain the Edge Architecture and Features
Objective 2.13 Explain the NSX Security Architecture and Features
Objective 2.14 Identify the supported integration platforms of NSX-T
(Containers, Public Cloud, Private Cloud, Hybrid Cloud, DevOps tools, 3rd Party
etc.)
Section 3- Planning and Designing - There are no testable objectives for this
section
Section 4 – Installing, Configuring, and Setup
Objective 4.1 Outline the installation and preparation workflow of NSX-T Data
Center
Objective 4.2 Deploy and Configure NSX-T Data Center Environment
Objective 4.3 Configure Hypervisor Networking [vSphere and KVM] for NSX-T Data
Center
Objective 4.4 Configure and manage Logical Switching Features
Objective 4.5 Configure and manage Logical Routing Features
Objective 4.6 Configure NSX-T Edge Nodes and Edge Cluster
Objective 4.7 Configure NSX-T Data Center Network Services [Layer-3]
Objective 4.8 Configure NSX Security Features
Objective 4.9 Configure Service Insertion with NSX-T Data Center
Section 5 – Performance-tuning, Optimization, Upgrades - There are no testable
objectives for this section
Section 6 – Troubleshooting and Repairing
Objective 6.1 Identify the default log file locations of NSX-T Data Center
components
Objective 6.2 Compare and Contrast Tools Available for Troubleshooting
Objective 6.3 Troubleshoot Common NSX Installation/Configuration Issues
Objective 6.4 Troubleshoot Common NSX Component Issues
Objective 6.5 Troubleshoot Common Connectivity Issues
Objective 6.6 Troubleshoot Common physical infrastructure Issues
Section 7 – Administrative and Operational Tasks
Objective 7.1 List Operations Tasks in a VMware NSX Environment (syslog,
backup/restore etc.)
Objective 7.2 Configure roles and permissions for NSX-T Data Center environment
Objective 7.3 Generate Log bundles
Objective 7.4 Monitor a VMware NSX Implementation
QUESTION 1 Which two commands are used to query the arp-table of a logical switch?
(Choose two.)
A. get logical-switch arp-table
B. get logical-switch arp-table
C. get logical-switch arp-table
D. get logical-switch arp-table
E. get logical-switch arp-table
Correct Answer: A,B
QUESTION 2 When a stateful service is enabled for the first time on a Tier-0 Gateway,
what happens on the NSX Edge node?
A. SR and DR doesn't need to be connected to provide any stateful services.
B. SR is instantiated and automatically connected with DR.
C. SR and DR is instantiated but requires manual connection.
D. DR is instantiated and automatically connected with SR.
Correct Answer: B
QUESTION 4 A security administrator needs to configure a firewall rule based on the
domain name of a specific application.
Which field in a distributed firewall rule does the administrator configure?
A. Policy
B. Profile
C. Service
D. Source
Correct Answer: B
Explanation:
On the Profile page, choose which profiles to apply the rule to. For most
servers, you should apply the rule to
all three profiles, because servers are usually continually connected to a
single network. For mobile computers
in domain environments, you typically need to apply firewall rules only to the
Domain profile.
QUESTION 5 What are two supported VPN configuration types in a NSX-Y Data Center?
(Choose two.)
Candidates for this exam are Microsoft 365 Developers who design, build,
test, and maintain applications and solutions that are optimized for the
productivity and collaboration needs of organizations using the Microsoft 365
platform.
Candidates for this exam are proficient in Microsoft identity and Microsoft
Graph. They have general knowledge on UI elements (including Adaptive Cards and
UI Fabric), integration points (including Microsoft Teams, Office Add-ins,
SharePoint Framework, Actionable Messages), and determining workload platform
targets.
Candidates should have experience developing solutions on Microsoft Teams,
Office Add-ins, or SharePoint Framework through all phases of software
development. They should have a basic understanding of REST APIs, JSON, OAuth2,
OData, OpenID Connect, Microsoft identities (including Azure AD and Microsoft
accounts), Azure AD B2C, and permission/consent concepts.
Part of the requirements for: Microsoft 365 Certified: Developer Associate
Related exams: none
Important: See details
Exam MS-600: Building Applications and Solutions with Microsoft 365 Core
Services (beta)
Languages: English
Retirement date: none
This exam measures your ability to accomplish the following technical tasks:
implement Microsoft identity; build apps with Microsoft Graph; extend and
customize SharePoint; extend Teams; and extend Office.
Skills measured Implement Microsoft Identity (20-25%)
Build Apps with Microsoft Graph (20-25%)
Extend and Customize SharePoint (20-25%)
Extend Teams (15-20%)
Extend Office (15-20%)
Implement Microsoft Identity (20-25%)
Register an Application • determine the supported account type
• select authentication and client credentials for app type and authentication
flow
• define app roles
Implement Authentication • configure Microsoft Authentication Library (MSAL JS) for endpoint and
token cache
• plan and configure scopes for dynamic or static permission
• use the MSAL JS login method
Configure Permissions to Consume an API • configure Delegated permissions for the app
• configure Application permissions for the app
• identify admin consent requirements
Implement Authorization to Consume an API • configure incremental consent scopes
• call MSAL JS using AquireTokenSilent/AquireToken pattern
Implement Authorization in an API • validate Access Token
• configure effective permissions for delegated scopes
• implement app permissions using roles
• use a delegated access token to call a Microsoft API
Create a Service to Access Microsoft Graph • configure client credentials using
a certificate • configure Application permissions for the app • acquire an
access token for Microsoft Graph using an application permission and client
credential certificate
• acquire an access token using the client secret Build Apps with Microsoft
Graph (20-25%)
Optimize Data Usage with query parameters • use $filter query parameter
• use $select query parameter
• order results using $orderby query parameter
• set page size of results using $skip and $top query parameters
• expand and retrieve resources using $expand query parameter
• retrieve the total count of matching resources using $count query parameter
• search for resources using $search query parameter
• determine the appropriate Microsoft Graph SDK to leverage
Optimize network traffic • monitor for changes using change notifications
• combine multiple requests using $batch
• get changes using a delta query
• implement error 429 handler
Access User data from Microsoft Graph • get the signed in users profile
• get a list of users in the organization
• get the users profile photo
• get the user object based on the users unique identifier
• get the users manager profile
Access Files with Microsoft Graph • get the list of files in the signed in users OneDrive
• download a file from the signed in users OneDrive using file unique id
• download a file from a SharePoint Site using the relative path to the file
• get the list of files trending around the signed in user
• upload a large file to OneDrive
• get a user object from an owner list in a group and retrieve that user’s files
Manage a group lifecycle on Microsoft Graph • get the information on a group
by id • get the list of members in a Group • get the list of owners of a Group • get the list of Groups where the
signed in user is a member
• get the list of Groups where the signed in user is an owner
• provision a Group • provision a Team with a Group
• delete a group Extend and Customize SharePoint
Understand the components of a SharePoint Framework (SPFx) web part (20-25%) • identify the appropriate tool to create an SPFx Web Part project
• understand properties of client-side web parts
• understand Office UI Fabric in client-side web parts
• understand when to use an app page
• differentiate between app page and web part
• understand rendering framework options
Understand SPFx extensions • identify the appropriate tool to create an SPFx Extension project
• understand page placeholders from Application Customizer
• understand the ListView Command Set extension
• understand the Field Customizer extension
Understand the process to package and deploy an SPFx solution • understand the options for preparing a package for deployment
• understand the options for packaging a solution
• understand the requirements of tenant-scoped solution deployment
• understand the requirements of domain isolated web parts
• understand the options to deploy a solution
Understand the consumption of Microsoft Graph • understand the purpose of the MSGraphClient object
• understand the methods for granting permissions to Microsoft Graph
Understand the consumption of third party APIs secured with Azure AD from
within SPFx • understand the purpose of the AadHttpClient object
• understand the methods for granting permissions to consume a third party API
Understand Web Parts as Teams Tabs • understand the considerations for creating a SPFx Web Part to be a Teams
Tab
• understand the options for deploying a SPFx Web Part as a Teams Tab
Understand branding and theming in SharePoint
• understand the options for SharePoint site theming
• understand the options for site designs and site scripts Extend Teams
Understand the components of a Teams app (15-20%) • understand the purpose of a Teams app manifest
• understand App Studio functionality and features
• identify the components of an app package for Microsoft Teams
• understand the options for distributing a Teams app
• understand the benefits of using deep links
• understand task modules
Understand webhooks in Microsoft Teams
• understand when to use webhooks
• understand the limitations of webhooks
• understand the differences between incoming and outgoing webhooks
Understand tabs in Microsoft Teams • understand when to use tabs
• understand the capabilities of personal tabs
• understand the capabilities of channel tabs
• understand the requirements for tabs for mobile clients
Understand messaging extensions • understand when to use messaging extensions
• understand where messaging extensions can be invoked from
• understand search based messaging extensions
• choose the appropriate message extension command type based on requirements
• understand action-based messaging extensions with adaptive cards
• understand action-based messaging extensions with parameters
Understand conversational bots
• understand when to use conversational bots
• understand the scoping options for bots
• understand when to use a task module from a bot
Extend Office (15-20%)
Understand fundamental components and types of Office Add-ins
• understand task pane and Content Office Add-ins
• understand dialogs
• understand custom functions
• understand Add-in commands
• understand the purpose of Office Add-ins manifest
Understand Office JS APIs • understand the Office Add-in programming model
• understand Office Add-in developer tools
• understand the capabilities of the Excel Javascript API
• understand the capabilities of the Outlook JavaScript API
• understand the capabilities of the Word JavaScript API
• understand the capabilities of the PowerPoint JavaScript API
• understand the capabilities of custom functions
Understand customization of Add-ins • understand the options of persisting state and settings
• understand Office UI Fabric in Office Add-ins
• understand when to use Microsoft Graph in Office Add-ins
• understand authorization when using Microsoft Graph in Office Add-ins
Understand testing, debugging, and deployment options • select deployment options based on requirements
• understand testing and debugging concepts for Office Add-ins
Understand actionable messages • understand the features of actionable messages with an adaptive card
• understand the scenarios for refreshing an actionable message QUESTION 1 You need to configure the initial login request in the access token
JavaScript script.
Which code segment should you insert at line 01?
A. const scopes = ['https://graph.microsoft.com/.default'];
B. const accessTokenRequest = {
};
C. const scopes = ['https://graph.microsoft.com/Files.Read.All',
'https://graph.microsoft.com/Mail.Send.All'];
D. const accessTokenRequest = {
scopes: ['https://graph.microsoft.com/Files.ReadWrite',
'https://graph.microsoft.com/Mail.Send']
};
Correct Answer: D
Explanation:
Scenario: ADatum identifies the following technical requirements for the planned
E-invoicing capabilities:
Ensure that all operations performed by E-invoicing against Office 365 are
initiated by a user. Require that
the user authorize E-invoicing to access the Office 365 data the first time the
application attempts to access
Office 365 data on the user’s behalf.
QUESTION 2 You need to develop a server-based web app that will be registered with the
Microsoft identity platform. The solution must ensure that the app can perform
operations on behalf of the user.
Which type of authorization flow should you use?
A. authorization code
B. refresh token
C. resource owner password
D. device code
Correct Answer: A
QUESTION 3 You are building a server-based web app that will use OAuth2 and will be
registered with the Microsoft identity platform.
Which two values does the app require to obtain tokens from the Azure Active
Directory (Azure AD)
authorization endpoint? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. the tenant ID
B. the context token
C. the application ID
D. the application secret
E. the authorization code
Correct Answer: C,E
QUESTION 4 You develop a web API named WebApi1.
When validating a token received from a client application, WebApi1 receives a
MsalUiRequiredException exception from Azure Active Directory (Azure AD).
You need to formulate the response that WebApi1 will return to the client
application.
Which HTTP response should you send?
A. HTTP 307 Temporary Redirect
B. HTTP 400 Bad Request
C. HTTP 403 Forbidden
D. HTTP 412 Precondition Failed
Candidates for this exam are Microsoft 365 Developers who design, build,
test, and maintain applications and solutions that are optimized for the
productivity and collaboration needs of organizations using the Microsoft 365
platform.
Candidates for this exam are proficient in Microsoft identity and Microsoft
Graph. They have general knowledge on UI elements (including Adaptive Cards and
UI Fabric), integration points (including Microsoft Teams, Office Add-ins,
SharePoint Framework, Actionable Messages), and determining workload platform
targets.
Candidates should have experience developing solutions on Microsoft Teams,
Office Add-ins, or SharePoint Framework through all phases of software
development. They should have a basic understanding of REST APIs, JSON, OAuth2,
OData, OpenID Connect, Microsoft identities (including Azure AD and Microsoft
accounts), Azure AD B2C, and permission/consent concepts.
Part of the requirements for: Microsoft 365 Certified: Developer Associate
Related exams: none
Important: See details
Exam MS-600: Building Applications and Solutions with Microsoft 365 Core
Services (beta)
Languages: English
Retirement date: none
This exam measures your ability to accomplish the following technical tasks:
implement Microsoft identity; build apps with Microsoft Graph; extend and
customize SharePoint; extend Teams; and extend Office.
Skills measured Implement Microsoft Identity (20-25%)
Build Apps with Microsoft Graph (20-25%)
Extend and Customize SharePoint (20-25%)
Extend Teams (15-20%)
Extend Office (15-20%)
Implement Microsoft Identity (20-25%)
Register an Application • determine the supported account type
• select authentication and client credentials for app type and authentication
flow
• define app roles
Implement Authentication • configure Microsoft Authentication Library (MSAL JS) for endpoint and
token cache
• plan and configure scopes for dynamic or static permission
• use the MSAL JS login method
Configure Permissions to Consume an API • configure Delegated permissions for the app
• configure Application permissions for the app
• identify admin consent requirements
Implement Authorization to Consume an API • configure incremental consent scopes
• call MSAL JS using AquireTokenSilent/AquireToken pattern
Implement Authorization in an API • validate Access Token
• configure effective permissions for delegated scopes
• implement app permissions using roles
• use a delegated access token to call a Microsoft API
Create a Service to Access Microsoft Graph • configure client credentials using
a certificate • configure Application permissions for the app • acquire an
access token for Microsoft Graph using an application permission and client
credential certificate
• acquire an access token using the client secret Build Apps with Microsoft
Graph (20-25%)
Optimize Data Usage with query parameters • use $filter query parameter
• use $select query parameter
• order results using $orderby query parameter
• set page size of results using $skip and $top query parameters
• expand and retrieve resources using $expand query parameter
• retrieve the total count of matching resources using $count query parameter
• search for resources using $search query parameter
• determine the appropriate Microsoft Graph SDK to leverage
Optimize network traffic • monitor for changes using change notifications
• combine multiple requests using $batch
• get changes using a delta query
• implement error 429 handler
Access User data from Microsoft Graph • get the signed in users profile
• get a list of users in the organization
• get the users profile photo
• get the user object based on the users unique identifier
• get the users manager profile
Access Files with Microsoft Graph • get the list of files in the signed in users OneDrive
• download a file from the signed in users OneDrive using file unique id
• download a file from a SharePoint Site using the relative path to the file
• get the list of files trending around the signed in user
• upload a large file to OneDrive
• get a user object from an owner list in a group and retrieve that user’s files
Manage a group lifecycle on Microsoft Graph • get the information on a group
by id • get the list of members in a Group • get the list of owners of a Group • get the list of Groups where the
signed in user is a member
• get the list of Groups where the signed in user is an owner
• provision a Group • provision a Team with a Group
• delete a group Extend and Customize SharePoint
Understand the components of a SharePoint Framework (SPFx) web part (20-25%) • identify the appropriate tool to create an SPFx Web Part project
• understand properties of client-side web parts
• understand Office UI Fabric in client-side web parts
• understand when to use an app page
• differentiate between app page and web part
• understand rendering framework options
Understand SPFx extensions • identify the appropriate tool to create an SPFx Extension project
• understand page placeholders from Application Customizer
• understand the ListView Command Set extension
• understand the Field Customizer extension
Understand the process to package and deploy an SPFx solution • understand the options for preparing a package for deployment
• understand the options for packaging a solution
• understand the requirements of tenant-scoped solution deployment
• understand the requirements of domain isolated web parts
• understand the options to deploy a solution
Understand the consumption of Microsoft Graph • understand the purpose of the MSGraphClient object
• understand the methods for granting permissions to Microsoft Graph
Understand the consumption of third party APIs secured with Azure AD from
within SPFx • understand the purpose of the AadHttpClient object
• understand the methods for granting permissions to consume a third party API
Understand Web Parts as Teams Tabs • understand the considerations for creating a SPFx Web Part to be a Teams
Tab
• understand the options for deploying a SPFx Web Part as a Teams Tab
Understand branding and theming in SharePoint
• understand the options for SharePoint site theming
• understand the options for site designs and site scripts Extend Teams
Understand the components of a Teams app (15-20%) • understand the purpose of a Teams app manifest
• understand App Studio functionality and features
• identify the components of an app package for Microsoft Teams
• understand the options for distributing a Teams app
• understand the benefits of using deep links
• understand task modules
Understand webhooks in Microsoft Teams
• understand when to use webhooks
• understand the limitations of webhooks
• understand the differences between incoming and outgoing webhooks
Understand tabs in Microsoft Teams • understand when to use tabs
• understand the capabilities of personal tabs
• understand the capabilities of channel tabs
• understand the requirements for tabs for mobile clients
Understand messaging extensions • understand when to use messaging extensions
• understand where messaging extensions can be invoked from
• understand search based messaging extensions
• choose the appropriate message extension command type based on requirements
• understand action-based messaging extensions with adaptive cards
• understand action-based messaging extensions with parameters
Understand conversational bots
• understand when to use conversational bots
• understand the scoping options for bots
• understand when to use a task module from a bot
Extend Office (15-20%)
Understand fundamental components and types of Office Add-ins
• understand task pane and Content Office Add-ins
• understand dialogs
• understand custom functions
• understand Add-in commands
• understand the purpose of Office Add-ins manifest
Understand Office JS APIs • understand the Office Add-in programming model
• understand Office Add-in developer tools
• understand the capabilities of the Excel Javascript API
• understand the capabilities of the Outlook JavaScript API
• understand the capabilities of the Word JavaScript API
• understand the capabilities of the PowerPoint JavaScript API
• understand the capabilities of custom functions
Understand customization of Add-ins • understand the options of persisting state and settings
• understand Office UI Fabric in Office Add-ins
• understand when to use Microsoft Graph in Office Add-ins
• understand authorization when using Microsoft Graph in Office Add-ins
Understand testing, debugging, and deployment options • select deployment options based on requirements
• understand testing and debugging concepts for Office Add-ins
Understand actionable messages • understand the features of actionable messages with an adaptive card
• understand the scenarios for refreshing an actionable message QUESTION 1 You need to configure the initial login request in the access token
JavaScript script.
Which code segment should you insert at line 01?
A. const scopes = ['https://graph.microsoft.com/.default'];
B. const accessTokenRequest = {
};
C. const scopes = ['https://graph.microsoft.com/Files.Read.All',
'https://graph.microsoft.com/Mail.Send.All'];
D. const accessTokenRequest = {
scopes: ['https://graph.microsoft.com/Files.ReadWrite',
'https://graph.microsoft.com/Mail.Send']
};
Correct Answer: D
Explanation:
Scenario: ADatum identifies the following technical requirements for the planned
E-invoicing capabilities:
Ensure that all operations performed by E-invoicing against Office 365 are
initiated by a user. Require that
the user authorize E-invoicing to access the Office 365 data the first time the
application attempts to access
Office 365 data on the user’s behalf.
QUESTION 2 You need to develop a server-based web app that will be registered with the
Microsoft identity platform. The solution must ensure that the app can perform
operations on behalf of the user.
Which type of authorization flow should you use?
A. authorization code
B. refresh token
C. resource owner password
D. device code
Correct Answer: A
QUESTION 3 You are building a server-based web app that will use OAuth2 and will be
registered with the Microsoft identity platform.
Which two values does the app require to obtain tokens from the Azure Active
Directory (Azure AD)
authorization endpoint? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. the tenant ID
B. the context token
C. the application ID
D. the application secret
E. the authorization code
Correct Answer: C,E
QUESTION 4 You develop a web API named WebApi1.
When validating a token received from a client application, WebApi1 receives a
MsalUiRequiredException exception from Azure Active Directory (Azure AD).
You need to formulate the response that WebApi1 will return to the client
application.
Which HTTP response should you send?
A. HTTP 307 Temporary Redirect
B. HTTP 400 Bad Request
C. HTTP 403 Forbidden
D. HTTP 412 Precondition Failed
