Microsoft Power Platform Fundamentals PL-900 (PL-900) — Questions 226300

976 questions total · 14pages · All types, answers revealed

Page 3

Page 4 of 14

Page 5
226
Multi-Selecthard

A company is migrating a complex Power Apps solution from a development environment to production. The solution includes custom connectors, flows, and Dataverse tables. Which THREE steps should the administrator take to ensure a successful migration?

Select 3 answers
A.Test the solution in a staging environment first
B.Delete the development environment after export
C.Export the solution as a managed solution
D.Manually recreate the solution in production
E.Run the solution checker to identify issues
AnswersA, C, E

Staging allows validation without affecting production.

Why this answer

Exporting as managed solution, using solution checker, and testing in a staging environment are essential steps. Option D is wrong because manually recreating is error-prone. Option E is wrong because deleting the development environment after export is risky.

227
MCQhard

Your organization uses Power Automate to automate approval workflows for purchase orders. The compliance team requires that all approvals be auditable and that the flow logs include the identity of the user who initiated the approval. Which feature should you use?

A.Use the 'When an item is created' trigger for the approval.
B.Configure 'Run After' settings for the approval action.
C.Use the 'Start and wait for an approval' action.
D.Enable 'Run only user' in the flow's trigger settings.
AnswerD

This captures the user who triggered the flow for audit.

Why this answer

Option D is correct because the 'Run only user' setting in a flow run captures the context of the user who triggered the flow, enabling audit trails. Option A is wrong because the 'Create approval' action itself does not log the initiator by default. Option B is wrong because 'Configure Run After' is for error handling.

Option C is wrong because the 'When an item is created' trigger doesn't include run context.

228
MCQeasy

A company wants to build a Power Apps app that uses a SQL Server database as its data source and requires complex business logic validation before saving data. Which type of app should they use?

A.Model-driven app
B.Canvas app
C.Power Automate
D.Portal
AnswerB

Canvas apps allow complex formulas and custom validation.

Why this answer

Canvas apps are the correct choice because they allow full control over the user interface and can incorporate complex business logic validation using Power Fx formulas before data is written to the SQL Server database. Unlike model-driven apps, which rely on predefined forms and server-side business rules, canvas apps enable custom validation logic directly in the app's formulas, such as checking multiple field conditions or calling custom connectors.

Exam trap

The trap here is that candidates often confuse model-driven apps with canvas apps, assuming model-driven apps can handle complex client-side validation, when in fact model-driven apps rely on server-side business rules and cannot execute custom Power Fx logic directly on the form.

How to eliminate wrong answers

Option A is wrong because model-driven apps are designed for rapid form generation from Dataverse or SQL Server but rely on server-side business rules and workflows, not custom client-side validation logic, making them less suitable for complex business logic validation before saving. Option C is wrong because Power Automate is an automation and workflow service, not an app type; it can be used to run validation after data is submitted but cannot provide real-time, interactive validation within a user-facing app. Option D is wrong because Power Apps portals are intended for external-facing websites with limited customization for complex business logic, and they primarily use Dataverse as a data source, not direct SQL Server integration with custom validation.

229
MCQmedium

You need to design a Power App that allows users to view and update customer records from a SQL Server database. The app must enforce row-level security based on the user's region. What should you use?

A.Power Apps security groups
B.Dataverse security roles
C.Environment security
D.SQL Server row-level security with the USER_NAME() function
AnswerD

SQL Server RLS filters rows based on the user executing the query.

Why this answer

Option A is correct because row-level security can be implemented in SQL Server by filtering data based on user context passed from Power Apps. Option B is wrong because security roles in Dataverse are for Dataverse tables, not SQL Server. Option C is wrong because Power Apps security groups control app access, not data filtering.

Option D is wrong because environment security restricts environment access, not row-level data.

230
MCQeasy

Refer to the exhibit. You see a configuration snippet for a Microsoft Copilot Studio bot. What is the purpose of 'triggerPhrases'?

A.They define the bot's fallback behavior.
B.They identify which topics the bot should use when a user says those phrases.
C.They define the responses the bot will give.
D.They are used for analytics reporting.
AnswerB

Trigger phrases map user input to topics.

Why this answer

Trigger phrases are the phrases that activate a specific topic in a Copilot Studio bot.

231
MCQmedium

A Power Apps app uses a Dataverse table with a choice column 'Priority' (Low, Medium, High, Critical). The app must display the priority as a color-coded badge in a gallery. Which method is most efficient?

A.Add a second table with colors and use LookUp in the gallery.
B.Create a Power Automate flow to update a color field on the record.
C.Use the Switch function in the gallery's Fill property to map each choice value to a color.
D.Use an If function with multiple conditions to set the Fill property.
AnswerC

Switch function is efficient and built-in for conditional formatting.

Why this answer

Using the Switch function in the gallery control (A) allows direct conditional formatting without additional datasources. B is overkill for simple mapping. C requires a separate lookup table.

D is less efficient than A.

232
Multi-Selecthard

Which TWO actions can a Power Platform administrator perform in the Power Platform Admin Center to manage environments?

Select 2 answers
A.Increase the storage limit of an environment
B.Change an environment from production to sandbox
C.Add a custom connector to an environment
D.Backup an environment
E.Copy an environment
AnswersD, E

You can back up environments in the admin center.

Why this answer

Option D is correct because the Power Platform Admin Center provides a built-in backup feature that allows administrators to create manual backups of environments. This is essential for disaster recovery and data preservation before making significant changes. Backups can be triggered on-demand and are stored for a limited retention period.

Exam trap

The trap here is that candidates may confuse environment-level administrative actions (like backup and copy) with development or configuration tasks (like adding custom connectors or changing environment types), which are not available in the Power Platform Admin Center.

233
MCQeasy

A company wants to create a public-facing website for citizens to submit permit applications and track their status. The site must allow anonymous access and integrate with Dataverse for backend storage. Which Power Platform component should the company use?

A.Power Automate
B.Power Pages
C.Power BI
D.Power Apps
AnswerB

Power Pages enables external websites with anonymous access and Dataverse integration.

Why this answer

Power Pages is designed for external-facing websites with anonymous access capabilities and Dataverse integration. Power Apps is for internal apps, Power Automate for workflows, and Power BI for analytics.

234
Multi-Selecthard

Which THREE conditions are required for a Power Automate flow to use the 'When an email arrives' trigger for a shared mailbox? (Select THREE.)

Select 3 answers
A.The flow must use an Office 365 Outlook connector.
B.The flow must be a desktop flow.
C.The email must contain an attachment.
D.The connection must be configured with the shared mailbox address.
E.The shared mailbox must be enabled for the connector.
AnswersA, D, E

Outlook connector is used for mailbox triggers.

Why this answer

Options A, B, and D are correct. The shared mailbox must be accessible via the connector, and the connection must be configured with the mailbox address. Option C is wrong because a cloud flow can trigger on shared mailbox.

Option E is wrong because the trigger does not require an attachment to fire.

235
MCQeasy

A sales team wants to automate follow-up emails after a lead is created in Dynamics 365 Sales. Which Power Platform component should they use?

A.Power BI
B.Power Apps
C.Power Automate
D.Power Virtual Agents
AnswerC

Power Automate enables automated workflows between apps and services, like sending emails on lead creation.

Why this answer

Power Automate is the correct component because it is designed to create automated workflows that trigger actions based on events, such as sending follow-up emails when a lead is created in Dynamics 365 Sales. It integrates directly with Dynamics 365 via connectors, allowing you to define a trigger (e.g., 'When a lead is created') and an action (e.g., 'Send an email') without custom code.

Exam trap

The trap here is that candidates may confuse Power Automate with Power Apps, thinking that building a custom app is required to send automated emails, when in fact Power Automate handles event-driven automation without any user interface.

How to eliminate wrong answers

Option A is wrong because Power BI is a business analytics tool for visualizing data and creating reports, not for automating email workflows. Option B is wrong because Power Apps is a low-code platform for building custom applications, not for creating automated email sequences triggered by data events. Option D is wrong because Power Virtual Agents is used to build conversational chatbots, not to automate backend email processes.

236
Multi-Selecthard

You need to design a Power Automate cloud flow that processes incoming emails and creates tasks in Microsoft To Do. The flow should only run for emails from specific senders. Which TWO actions should you use?

Select 2 answers
A.Compose
B.Condition
C.Send an email
D.Apply to each
E.Create a task
AnswersB, E

Filters emails based on sender.

Why this answer

Options B and D are correct. A 'Condition' action filters by sender, and 'Create a task' action creates the task. Option A is wrong because 'Apply to each' is used for arrays.

Option C is wrong because 'Send an email' is not needed. Option E is wrong because 'Compose' is for data manipulation.

237
MCQmedium

Fabrikam Inc. uses Power Automate to automate expense report approvals. The flow is triggered when an expense report is submitted in a SharePoint list. The flow then sends an approval request to the expense approver via the Approvals connector. If approved, the flow updates the SharePoint list status to 'Approved' and sends a confirmation email to the submitter. If rejected, it updates the status to 'Rejected' and sends a rejection email. Currently, the flow works for single approvers, but the business now requires that if the expense amount exceeds $5,000, the approval must be sent to a senior manager instead of the regular manager. You need to modify the flow to meet this requirement with minimal maintenance. What should you do?

A.Use a Scope action to group the approval actions
B.Create a child flow that handles the approval routing
C.Add a Condition action to check the expense amount and then use two separate approval actions
D.Add parallel branches for each approval path
AnswerC

Condition allows branching based on the amount, sending to the appropriate approver.

Why this answer

Option B is correct because a condition action can check the expense amount and branch to different approval actions. This is simple and maintainable. Option A is incorrect because parallel branches would send approvals to both managers, not conditionally.

Option C is incorrect because a scope does not provide conditional logic. Option D is incorrect because a child flow would add unnecessary complexity for this simple conditional logic.

238
MCQmedium

A company wants to enable its field service technicians to access customer records and update work orders from their mobile devices offline. Which Power Platform solution should they implement?

A.Power Pages website accessible from mobile browsers
B.Power Apps (model-driven) configured for offline use
C.Power BI dashboards embedded in a mobile app
D.Power Automate flows to sync data periodically
AnswerB

Model-driven Power Apps can be used offline, enabling technicians to view and edit data on their mobile devices.

Why this answer

Model-driven Power Apps natively support offline capabilities through the Dynamics 365 offline sync engine, which allows field service technicians to access customer records and update work orders without connectivity. When the device reconnects, changes are automatically synchronized with the Dataverse, ensuring data consistency. This makes it the correct choice for mobile offline scenarios.

Exam trap

The trap here is that candidates confuse 'offline access' with 'periodic sync' (Option D) or 'mobile browser access' (Option A), not realizing that only model-driven Power Apps provide a native offline runtime with full CRUD capabilities on mobile devices.

How to eliminate wrong answers

Option A is wrong because Power Pages is a low-code website builder for external-facing sites, not designed for offline mobile data entry or synchronization with Dataverse. Option C is wrong because Power BI is a data visualization and analytics tool, not an application for creating or updating transactional records like work orders. Option D is wrong because Power Automate flows can trigger syncs but do not provide a user interface for technicians to view or edit records offline; they are automation tools, not offline-capable apps.

239
MCQmedium

A company uses Power Apps to manage employee leave requests. They want to automate the approval process so that managers receive an email when a request is submitted. Which component should they add?

A.Power Automate
B.Power BI
C.AI Builder
D.Power Virtual Agents
AnswerA

Power Automate can be triggered by Power Apps to send approval emails.

Why this answer

Power Automate is the correct component because it is designed to create automated workflows that trigger actions based on events. In this scenario, when a leave request is submitted in Power Apps, a Power Automate flow can be configured to send an email notification to the manager, automating the approval process without manual intervention.

Exam trap

The trap here is that candidates may confuse Power Automate with Power BI, thinking that reporting tools can also send notifications, but Power BI lacks workflow automation capabilities.

How to eliminate wrong answers

Option B is wrong because Power BI is a business analytics tool used for data visualization and reporting, not for automating workflows or sending emails. Option C is wrong because AI Builder adds artificial intelligence capabilities (e.g., form processing, object detection) to Power Platform solutions, but it does not handle event-driven email notifications. Option D is wrong because Power Virtual Agents is used to build conversational chatbots, not to automate backend processes like sending approval emails.

240
MCQeasy

A business analyst wants to create a Power Automate flow that runs every Monday at 9 AM to generate a report. Which trigger should they use?

A.Power Apps button
B.When a row is added, modified or deleted
C.When a new email arrives
D.Recurrence
AnswerD

Recurrence trigger runs on a schedule.

Why this answer

Option B is correct because 'Recurrence' trigger allows scheduling. Option A is wrong because it triggers on data changes. Option C is wrong because it is for manual triggers.

Option D is wrong because it triggers on new emails.

241
Multi-Selecthard

Which TWO of the following are required to set up a Power Pages site that allows external users to sign in using their social media accounts?

Select 2 answers
A.Deploy a model-driven app to manage user registrations.
B.Set up the social identity provider in the Power Pages admin center.
C.Configure Microsoft Entra ID as the identity provider.
D.Obtain a client ID and client secret from the social media platform.
E.Create a local contact record for each external user.
AnswersB, D

The identity provider must be configured in portal settings.

Why this answer

Options C and D are correct. To enable social login, you need to configure the identity provider (e.g., Facebook, Google) in the Power Pages admin center and provide the client ID and secret from the social platform. Option A is wrong because Microsoft Entra ID is for organizational accounts, not social.

Option B is wrong because a local contact record is created after authentication, not before. Option E is wrong because a model-driven app is not required for authentication.

242
MCQhard

Your organization uses Power Platform environments for development, test, and production. A developer accidentally deleted a managed solution from the production environment. You need to restore the solution without affecting other components. What should you do?

A.Reimport the solution from the source-controlled repository using Azure DevOps.
B.Use the Power Platform admin center to recover the solution from the recycle bin.
C.Restore the environment from a backup taken before the deletion.
D.Reimport the managed solution from a backup file.
AnswerC

Environment restore brings back the entire environment to a previous state.

Why this answer

The correct answer is C because restoring the environment to a previous point in time using backup/restore will bring back the solution and all other components as they were. Option A is incorrect because reimporting the solution may cause data loss or conflicts. Option B is incorrect because solutions cannot be recovered from the recycle bin.

Option D is incorrect because solutions cannot be recovered from the source-controlled repository automatically; you would need to deploy again, which may cause issues.

243
MCQeasy

A company uses Power Automate to automate approval workflows for expense reports. When an expense report exceeds $5,000, the flow should send an email to the manager and then wait for approval before processing payment. Which type of trigger should be used to start the flow when a new expense report is submitted?

A.When an item is modified trigger
B.Recurrence trigger
C.When a new item is created trigger
D.Manual trigger
AnswerC

Correct: This trigger fires when a new item is added to a SharePoint list, Dataverse, etc.

Why this answer

Option C is correct because the 'When a new item is created' trigger starts the flow when a new expense report is submitted. Option A is wrong because a scheduled trigger runs at specified times, not on item creation. Option B is wrong because a manual trigger requires a user to run the flow.

Option D is wrong because 'When an item is modified' triggers on updates, not new items.

244
MCQeasy

A manufacturing company uses Power Automate flows to process inventory updates. The flows use standard connectors. The company needs to ensure that the flows can be run by users in their own context without requiring the flow owner's credentials. Which authentication type should be used for the connections?

A.Owner-provided credentials
B.User-provided credentials
C.Anonymous authentication
D.Service principal authentication
AnswerB

This allows each user to authenticate with their own identity, enabling context-based execution.

Why this answer

User-provided credentials (option B) are correct because they allow each user who runs the flow to authenticate with their own identity, enabling the flow to execute in the user's context without requiring the flow owner's credentials. This is essential when flows are shared with multiple users and need to respect individual permissions and data access.

Exam trap

The trap here is that candidates often confuse 'owner-provided credentials' with the default behavior of shared flows, not realizing that user-provided credentials are required to run flows in each user's own context rather than the owner's context.

How to eliminate wrong answers

Option A is wrong because owner-provided credentials would force all users to run the flow under the flow owner's identity, which violates the requirement that users run flows in their own context and introduces security risks. Option C is wrong because anonymous authentication is not supported for standard connectors in Power Automate; all connectors require some form of authenticated identity. Option D is wrong because service principal authentication is used for server-to-server or automated scenarios, not for flows triggered or run by individual users in their own context.

245
MCQhard

A global company has multiple Power Platform environments (Dev, Test, Prod) and uses Application Lifecycle Management (ALM) with solutions. The administrator needs to ensure that only tested solutions are deployed to production. What is the recommended approach?

A.Share the solution from Dev to Test to Prod using sharing permissions.
B.Export the solution as managed from Dev, import to Test, then after validation, import to Prod.
C.Allow developers to make changes directly in the production environment.
D.Copy the Dataverse database from Dev to Prod directly.
AnswerB

Managed solutions and staged imports are the standard ALM practice.

Why this answer

Option B is correct because Application Lifecycle Management (ALM) in Power Platform requires solutions to be exported as managed from a development environment, then imported into test for validation, and finally imported into production. This ensures that only tested, versioned components are deployed, preventing unvalidated changes from reaching production. Managed solutions also lock components in the target environment, preventing accidental modifications.

Exam trap

The trap here is that candidates confuse sharing permissions (which control user access) with solution deployment mechanisms, leading them to choose option A instead of understanding that managed exports are the only supported ALM method for promoting solutions across environments.

How to eliminate wrong answers

Option A is wrong because sharing permissions control user access to data and apps, not the deployment of solution components; sharing does not enforce versioning or testing gates. Option C is wrong because allowing direct changes in production bypasses all ALM processes, risks breaking live services, and violates governance best practices. Option D is wrong because copying the Dataverse database directly from Dev to Prod would overwrite production data and configurations, including untested changes, and is not a supported method for solution deployment.

246
MCQeasy

A company wants to create a mobile app for field service technicians to log work orders. The app must use a SharePoint list as the data source and include offline capability. Which type of Power App should they build?

A.Power Pages site
B.Power Automate flow
C.Model-driven app
D.Canvas app
AnswerD

Canvas apps support offline and custom UI, ideal for field service scenarios.

Why this answer

A canvas app allows custom layout and offline support via Power Apps mobile. Model-driven apps (B) are primarily for data management and require online connectivity. Power Pages (C) is for external websites.

Power Automate (D) is for workflow automation.

247
MCQhard

Your organization has a Power Apps app that uses the Microsoft Dataverse connector. Users report that the app loads slowly. You review the app and find that it loads all records from a large table (over 500,000 rows) into a gallery. What is the best action to improve performance?

A.Increase the data row limit in the app settings.
B.Modify the gallery's Items property to use a delegable filter, such as Filter(Table, Condition).
C.Clear the app cache on the client devices.
D.Reduce the delegation limit in the environment settings.
AnswerB

Delegation filters are processed server-side, reducing data load.

Why this answer

Option B is correct because modifying the gallery's Items property to use a delegable filter (e.g., Filter(Table, Condition)) ensures that the query is processed server-side by Microsoft Dataverse, retrieving only the subset of records that match the condition. This avoids loading all 500,000+ rows into the client app, which is the root cause of the slow performance. Delegation allows Power Apps to offload data processing to the data source, significantly reducing network payload and client memory usage.

Exam trap

The trap here is that candidates often confuse client-side caching or row limits with the core delegation concept, mistakenly believing that increasing limits or clearing caches solves performance issues, when the real solution is to ensure queries are processed on the server via delegable filters.

How to eliminate wrong answers

Option A is wrong because increasing the data row limit in app settings would actually worsen performance by forcing the app to retrieve even more records from the large table, exacerbating the slow loading issue. Option C is wrong because clearing the app cache on client devices only removes locally stored temporary files; it does not address the fundamental problem of retrieving an excessive number of records from the server. Option D is wrong because reducing the delegation limit in environment settings would lower the maximum number of records that can be processed server-side, potentially causing the app to fall back to non-delegable queries and still retrieve all rows, or truncating data incorrectly.

248
MCQhard

Refer to the exhibit. You create a policy in Power Apps using the above JSON. The policy is applied on the account entity. What will happen when an account record with revenue of $2,000,000 is saved?

A.The description field will be updated to 'High-value account'
B.The save operation will be blocked
C.A task will be created for the account owner
D.The revenue field will be updated to 1,000,000
AnswerA

The condition is met and the action sets the description.

Why this answer

Option B is correct because the policy checks if revenue > 1,000,000; if true, it sets the description field to 'High-value account'. Option A is wrong because the policy does not block save. Option C is wrong because the policy only sets the description, not revenue.

Option D is wrong because the action is to set an attribute, not to create a task.

249
MCQeasy

A user wants to add a chart to a model-driven app to visualize sales data. Which component should they use?

A.Chart component from the Dataverse table
B.Chart control from the Power Apps canvas
C.Excel chart imported into the app
D.Power BI tile embedded in the app
AnswerA

Model-driven apps can display charts based on table views.

Why this answer

Option A is correct because model-driven apps include built-in chart visualization for Dataverse data. Option B is for Canvas apps. Option C is for custom visuals in Power BI.

Option D is not a standard chart component.

250
MCQmedium

A company plans to build a public-facing website for customer support using Power Pages. They need to enable customers to view their open support tickets and submit new ones. Which two components must be configured in the Power Pages design studio?

A.Embed a canvas app
B.Configure a Dataverse connector in a custom web template
C.Add a list and a form component bound to a Dataverse table
D.Create a Power Automate flow
AnswerC

Lists and forms are standard components in Power Pages for displaying and submitting data from Dataverse.

Why this answer

Option C is correct because you need to create a custom table to store support tickets and use list and form components for viewing and submitting data. Option A is wrong because Power Automate is not a component in the design studio. Options B and D are wrong because canvas apps and Dataverse connectors are not directly used in Power Pages design studio for this purpose.

251
MCQhard

You are designing a Power Automate flow to approve expense reports. The flow must allow managers to approve or reject directly from the email notification without signing in. Which action should you use?

A.Create a file
B.Send an email (V2)
C.Start and wait for an approval
D.Send an HTTP request
AnswerC

Correct. This creates an approval request that can be acted upon from email.

Why this answer

The 'Start and wait for an approval' action is specifically designed to send an approval request via email or the Power Automate mobile app, and it allows recipients to approve or reject directly from the email notification without needing to sign in, using adaptive cards or lightweight approval buttons. This meets the requirement for manager approval without authentication.

Exam trap

The trap here is that candidates often confuse 'Send an email (V2)' with the ability to embed approval buttons, but that action only sends a static email and cannot capture responses without a separate custom solution, whereas 'Start and wait for an approval' is the native, correct action for this scenario.

How to eliminate wrong answers

Option A is wrong because 'Create a file' only generates a file (e.g., in SharePoint or OneDrive) and has no capability to send notifications or collect approval responses. Option B is wrong because 'Send an email (V2)' can send an email but does not include built-in approval buttons or the ability to capture a response directly from the email without additional custom setup. Option D is wrong because 'Send an HTTP request' is used to call external APIs or web services and does not provide a native approval workflow or email-based approval interaction.

252
Multi-Selectmedium

Which TWO of the following are valid trigger types in Power Automate? (Select TWO.)

Select 2 answers
A.Scheduled
B.Recurrence
C.Automated
D.Manual
E.Instant
AnswersA, C

Scheduled triggers run at specified times.

Why this answer

A and B are correct. Automated triggers respond to events, and scheduled triggers run on a timer. Button triggers are also valid but not listed as an option here.

C is incorrect because 'Manual' is not a trigger type; manual flows are triggered by a button. D and E are types of connections or actions, not triggers.

253
MCQmedium

An organization uses Power Automate flows that connect to Microsoft Dataverse. The flows need to run under a service account with specific permissions. What is the best practice to manage the connection?

A.Use the flow owner's credentials and share the flow with the service account
B.Create a connection reference that uses the service account's connection
C.Create a service account connection type in the Power Platform admin center
D.Hardcode the service account credentials in the flow
AnswerB

Connection references allow managing connections centrally.

Why this answer

Connection references decouple the connection details from the flow definition, allowing you to configure a service account's connection once and reuse it across multiple flows. When you create a connection reference and set it to use a service account's connection (e.g., a pre-created Dataverse connection authenticated with the service account), the flow runs under that account's permissions without exposing credentials or requiring the flow owner to share their identity. This is the recommended pattern for service principal or application user scenarios in Power Automate.

Exam trap

The trap here is that candidates confuse 'sharing a flow' with 'changing the runtime identity,' assuming that sharing with a service account grants it execution permissions, when in reality the flow always runs under the connection owner's identity unless a connection reference is used to swap the connection.

How to eliminate wrong answers

Option A is wrong because sharing a flow with a service account does not change the runtime identity; the flow still executes under the original owner's credentials, not the service account's permissions. Option C is wrong because there is no 'service account connection type' in the Power Platform admin center; connection types are defined by connectors, not created in the admin center. Option D is wrong because hardcoding credentials violates security best practices, exposes secrets in plaintext, and breaks when passwords rotate or policies change.

254
Multi-Selecthard

A company is designing a copilot using Microsoft Copilot Studio. The copilot must handle sensitive employee data. Which TWO actions should the administrator take to ensure data security and compliance?

Select 2 answers
A.Enable anonymous access to allow external users
B.Configure data loss prevention (DLP) policies to restrict data movement
C.Disable authentication to simplify access
D.Enable the 'Data for training' option to be turned off
E.Add public websites as knowledge sources
AnswersB, D

DLP policies help secure sensitive data.

Why this answer

Options A and D are correct. Option A prevents data from leaving the region. Option D ensures data isn't used for model training.

Option B is wrong because enabling anonymous access increases risk. Option C is wrong because disabling authentication doesn't secure data. Option E is wrong because public websites aren't secure for sensitive data.

255
MCQmedium

A company has deployed a custom copilot built with Microsoft Copilot Studio to support the sales team. The copilot uses a SharePoint site containing product documentation and a public website for industry news as knowledge sources. The copilot is configured with anonymous access and is published to a demo page. Recently, the sales team has been using the copilot to answer customer questions, but they report that the copilot sometimes provides incorrect product specifications and cites sources that are not related to the company's products. The administrator needs to improve the accuracy and relevance of the copilot's responses while maintaining the ability to answer questions about industry news. What should the administrator do first?

A.Remove the public website as a knowledge source and add a more specific industry news source
B.Enable Microsoft Entra ID authentication to restrict access
C.Turn off Generative AI and use only manual topics
D.Add additional SharePoint sites with product specifications
AnswerA

This ensures the copilot uses authoritative product data and relevant news.

Why this answer

Option A is correct because the core issue is that the public website knowledge source is introducing irrelevant or incorrect information into the copilot's responses. By removing it and adding a more specific industry news source, the administrator directly addresses the source of inaccuracy while preserving the ability to answer industry news questions. This aligns with the principle that knowledge source quality directly impacts generative AI response relevance in Microsoft Copilot Studio.

Exam trap

The trap here is that candidates may think restricting access (authentication) or disabling generative AI are quick fixes, but the question specifically asks about improving accuracy and relevance while maintaining the ability to answer industry news, so the correct first step is to refine the knowledge sources, not to change access or disable the core AI functionality.

How to eliminate wrong answers

Option B is wrong because enabling Microsoft Entra ID authentication controls access to the copilot but does not improve the accuracy or relevance of its responses; it only restricts who can use it. Option C is wrong because turning off Generative AI and using only manual topics would eliminate the copilot's ability to answer questions about industry news, which the requirement explicitly states must be maintained. Option D is wrong because adding more SharePoint sites with product specifications does not address the root cause of the problem—the public website source introducing irrelevant or incorrect information—and could even compound the issue by adding more potentially conflicting data.

256
MCQeasy

A company is deploying Microsoft Power Platform across multiple departments. They want to ensure that only licensed users can create environments. What should they configure?

A.In the Power Platform admin center, assign the Environment Maker security role to specific users.
B.Disable environment creation for all users in the Microsoft 365 admin center.
C.Use Microsoft Entra ID roles to control environment creation permissions.
D.Configure the Dynamics 365 admin center to restrict environment creation to administrators only.
AnswerA

The Environment Maker role allows users to create environments; this is configured in the Power Platform admin center.

Why this answer

Option A is correct because the Environment Maker security role in the Power Platform admin center is the specific permission that allows users to create environments. By assigning this role to licensed users, administrators can control who has the ability to create new environments, ensuring only authorized individuals can do so. This is the standard method for managing environment creation permissions within Power Platform.

Exam trap

The trap here is that candidates may confuse the Environment Maker role with other roles like System Administrator or Global Administrator, or think that environment creation can be controlled through Microsoft Entra ID or the Microsoft 365 admin center, when in fact it is a Power Platform-specific permission managed in the Power Platform admin center.

How to eliminate wrong answers

Option B is wrong because disabling environment creation in the Microsoft 365 admin center does not exist; environment creation permissions are managed within the Power Platform admin center, not the Microsoft 365 admin center. Option C is wrong because Microsoft Entra ID roles do not directly control environment creation permissions in Power Platform; they manage broader identity and access management, but environment creation is governed by Power Platform-specific roles. Option D is wrong because the Dynamics 365 admin center is used for managing Dynamics 365 applications, not for controlling environment creation permissions across Power Platform; environment creation is managed in the Power Platform admin center.

257
Multi-Selectmedium

Which TWO of the following are valid ways to share a canvas app with other users? (Choose TWO.)

Select 2 answers
A.Share the app with a distribution group.
B.Share the app with everyone in the organization by selecting 'Everyone' in the share settings.
C.Share the app with a security group.
D.Share the app with a Microsoft 365 group.
E.Share the app with individual users by entering their email addresses.
AnswersC, E

Canvas apps can be shared with security groups.

Why this answer

Correct answers: B and C. Option B: Sharing with a security group is valid. Option C: Sharing with individual users is the most common method.

Option A is wrong because sharing with everyone in the tenant requires premium licensing. Option D is wrong because sharing with a distribution group is not supported; security groups are used. Option E is wrong because sharing with a team is for model-driven apps, not canvas apps.

258
MCQeasy

Which data platform in Power Platform provides a secure, scalable database with built-in business logic and security?

A.Microsoft Dataverse
B.SharePoint
C.SQL Server
D.Excel
AnswerA

Dataverse is the data platform for Power Platform.

Why this answer

Microsoft Dataverse is the correct answer because it is the underlying data platform for Power Platform that provides a secure, scalable database with built-in business logic (such as business rules, workflows, and calculated fields) and role-based security. Unlike other options, Dataverse is designed specifically to store and manage business data with features like column-level security, auditing, and a rich metadata-driven architecture.

Exam trap

The trap here is that candidates often confuse SharePoint's list storage capabilities with a true database platform, overlooking that Dataverse is the only option purpose-built for Power Platform with integrated security and business logic.

How to eliminate wrong answers

Option B (SharePoint) is wrong because while it can store list data and integrate with Power Platform, it lacks the relational database capabilities, built-in business logic (like server-side calculations and workflows), and granular role-based security that Dataverse provides; SharePoint is primarily a document management and collaboration platform. Option C (SQL Server) is wrong because although it is a robust relational database with security and logic, it is not a built-in data platform of Power Platform and requires additional configuration for integration, whereas Dataverse is natively integrated with Power Apps and Power Automate. Option D (Excel) is wrong because it is a spreadsheet application with no built-in security, scalability, or business logic capabilities; it is often used as a data source but is not a secure, scalable database platform.

259
MCQmedium

Your organization has a Power Platform environment that contains several canvas apps and flows. You need to ensure that only users from your Microsoft Entra ID tenant can access the environment. What should you configure?

A.Assign a security group to the environment in the Power Platform admin center.
B.Change the environment URL to include the tenant name.
C.Modify the tenant-level environment creation settings.
D.Configure a data loss prevention (DLP) policy for the environment.
AnswerA

Security group assignment restricts environment access to group members.

Why this answer

Assigning a security group to the environment in the Power Platform admin center restricts access to only members of that group, who must be from your Microsoft Entra ID tenant. This ensures that only authenticated users within your tenant can access the environment, effectively blocking external users.

Exam trap

The trap here is that candidates often confuse environment creation settings (Option C) with environment access control, not realizing that creation settings only affect who can provision new environments, not who can use an existing one.

How to eliminate wrong answers

Option B is wrong because changing the environment URL to include the tenant name does not enforce access control; it only modifies the URL format and does not prevent external users from accessing the environment. Option C is wrong because tenant-level environment creation settings control who can create environments, not who can access an existing environment. Option D is wrong because a data loss prevention (DLP) policy governs data sharing and connector usage, not user authentication or tenant-level access restrictions.

260
MCQmedium

A company has deployed a custom copilot built with Microsoft Copilot Studio. Users report that the copilot sometimes provides outdated information. The knowledge sources are SharePoint sites and public websites. The copilot uses Generative AI to formulate answers. What should the administrator do to improve the accuracy of the copilot's responses?

A.Enable the 'Show citations' option
B.Reduce the number of topics
C.Refresh the knowledge sources periodically
D.Turn off Generative AI for responses
AnswerC

Refreshing knowledge sources ensures the copilot uses current data.

Why this answer

Option C is correct because the copilot's knowledge sources (SharePoint sites and public websites) are not automatically refreshed in real time. By periodically refreshing these sources, the administrator ensures the copilot's generative AI has access to the most current content, directly addressing the issue of outdated information.

Exam trap

The trap here is that candidates confuse user-facing features like 'Show citations' with data freshness mechanisms, or assume that disabling generative AI will fix accuracy issues, when in fact the root cause is the static nature of the knowledge snapshot.

How to eliminate wrong answers

Option A is wrong because enabling 'Show citations' only displays the source of the answer to the user, but does not update the underlying data; the copilot would still use outdated content. Option B is wrong because reducing the number of topics limits the copilot's scope but does not solve the problem of stale data; outdated information remains in the remaining topics. Option D is wrong because turning off Generative AI would revert the copilot to non-generative, topic-based responses, which may still rely on outdated knowledge sources and would eliminate the AI's ability to synthesize answers from multiple sources.

261
MCQmedium

A manufacturing company uses Power Apps to track inventory. They want to add a feature that automatically reorders stock when levels fall below a threshold. The solution must be low-code. Which Power Platform component should be integrated with Power Apps?

A.Power BI
B.Power Pages
C.Power Virtual Agents
D.Power Automate
AnswerD

Power Automate can automate the reorder process when called from Power Apps.

Why this answer

Power Automate is the correct component because it provides low-code workflow automation that can monitor inventory levels in real time and trigger reorder actions when thresholds are breached. By integrating Power Automate with Power Apps, you can create a cloud flow that checks stock data from a data source (e.g., Dataverse or SQL) and automatically sends reorder notifications or creates purchase orders, all without writing traditional code.

Exam trap

The trap here is that candidates often confuse Power Automate with Power BI, thinking that a dashboard can automatically reorder stock, but Power BI is read-only and cannot trigger actions—only Power Automate can execute automated workflows.

How to eliminate wrong answers

Option A is wrong because Power BI is a business analytics tool for visualizing data and creating reports, not for triggering automated actions like reordering stock. Option B is wrong because Power Pages is used to build external-facing websites with low-code, not for backend process automation or event-driven workflows. Option C is wrong because Power Virtual Agents is designed for creating conversational chatbots, not for executing automated business logic such as inventory reorder triggers.

262
Multi-Selectmedium

An administrator is planning the environment strategy for a large enterprise. Which TWO considerations should the administrator include to ensure proper governance?

Select 2 answers
A.Use only the default environment to simplify management
B.Establish environment naming conventions
C.Disable environment monitoring to reduce overhead
D.Implement data loss prevention (DLP) policies
E.Allow all connectors to maximize flexibility
AnswersB, D

Naming conventions help organize environments.

Why this answer

Environment naming conventions and DLP policies are key governance considerations. Option A is wrong because using only the default environment is not recommended for governance. Option D is wrong because allowing all connectors is not secure.

Option E is wrong because disabling monitoring is counterproductive.

263
MCQeasy

A small business wants to automate sending a welcome email when a new customer is added to a CRM system. Which Power Platform service should they use?

A.Power Automate
B.Power Apps
C.Power BI
D.Copilot Studio
AnswerA

Power Automate automates workflows like sending emails.

Why this answer

Power Automate is the correct service because it is designed to create automated workflows that trigger actions based on events, such as sending a welcome email when a new customer record is added to a CRM system. It uses connectors to integrate with CRM platforms (e.g., Dynamics 365, Salesforce) and email services (e.g., Office 365 Outlook) to execute the automation without manual intervention.

Exam trap

The trap here is that candidates often confuse Power Automate with Power Apps, thinking that building an app is necessary to send an email, when in fact Power Automate handles event-driven automation without requiring a custom app interface.

How to eliminate wrong answers

Option B is wrong because Power Apps is a low-code platform for building custom applications, not for automating workflows or sending emails based on triggers. Option C is wrong because Power BI is a business analytics tool for data visualization and reporting, not for workflow automation or event-driven actions. Option D is wrong because Copilot Studio is used to create custom copilots and AI-powered conversational experiences, not for triggering automated email workflows from CRM events.

264
MCQeasy

You create a Power Automate flow that runs when a new tweet matches a keyword. What type of trigger does this use?

A.Recurrence trigger
B.Manual trigger
C.Automated trigger
D.Scheduled trigger
AnswerC

Automated triggers respond to events like new tweets.

Why this answer

Option B is correct because the flow starts automatically when a new tweet matches. Option A is wrong because manual triggers require user action. Option C is wrong because scheduled triggers run at specified times.

Option D is wrong because recurrence is a type of scheduled trigger.

265
Multi-Selectmedium

Which TWO of the following are valid ways to customize the appearance of a Power Pages site? (Choose two.)

Select 2 answers
A.Use Power Automate to change the site theme
B.Add custom CSS via the portal's CSS editor
C.Edit page templates to modify layout
D.Embed Power BI tiles
E.Add a Power Apps canvas app to a page
AnswersB, C

CSS customization is a standard way to change appearance.

Why this answer

Power Pages allows customization via CSS (Option A) and by editing page templates directly (Option D). Option B (Power Automate) is for workflows, not appearance. Option C (Power BI tiles) is for embedding reports.

Option E (Power Apps canvas app) is for custom applications, not site appearance.

266
MCQmedium

You have a Power Automate flow that sends a notification to a Teams channel when a high-priority ticket is created in Dynamics 365. The flow works correctly for most tickets, but occasionally a ticket is missed. Upon checking the flow runs, you see that some runs show 'Skipped' status. What is the most likely cause?

A.The trigger has a condition that filters out tickets with priority lower than 'High'.
B.The flow requires a premium license, but some users have standard licenses.
C.The flow's concurrency setting is too high, causing some triggers to be ignored.
D.The flow uses a connection that has expired or lacks permissions.
AnswerA

Trigger conditions can cause the flow to skip if conditions not met.

Why this answer

Option D is correct because the trigger condition filters out low-priority tickets, so only high-priority triggers the flow. Option A is wrong because missed runs are not due to licensing. Option B is wrong because concurrency would cause queuing, not skipping.

Option C is wrong because incorrect permissions would cause failures, not skipping.

267
MCQhard

A user reports that a canvas app displays an error: 'The data source is not found.' The app connects to a SQL Server database via an on-premises data gateway. The gateway status shows 'Running' and the connection is configured. What is the most likely cause?

A.A required environment variable is missing
B.A SharePoint list used in the app was deleted
C.The SQL table name in the app formula is incorrect
D.The on-premises data gateway is offline
AnswerC

A misspelled table name causes 'data source not found'.

Why this answer

Option D is correct because the app's query could be referencing a table name that does not exist or is misspelled. Option A is wrong because the gateway is running. Option B is wrong because a missing environment variable would cause a different error.

Option C is wrong because a SharePoint list deletion would not affect SQL Server connections.

268
Multi-Selecteasy

Which TWO of the following are capabilities of Power Pages?

Select 2 answers
A.Integrate with Dataverse for data storage
B.Run complex machine learning models
C.Automate business processes using workflows
D.Build custom mobile apps for iOS and Android
E.Create external-facing websites without code
AnswersA, E

Power Pages uses Dataverse as its primary data source.

Why this answer

Power Pages allows creation of external websites and supports integration with Dataverse, but it does not create mobile apps or run complex machine learning models directly.

269
MCQmedium

An organization plans to build a Power App that will be used by external partners. The app must allow partners to log in with their own credentials (Azure AD B2B). Which feature should be configured?

A.Use SharePoint external sharing settings
B.Enable anonymous access in Power Apps
C.Set up Azure AD B2B guest user access
D.Configure Azure AD B2C for the app
AnswerC

Allows external partners to use their own Azure AD credentials.

Why this answer

Option C is correct because Azure AD B2B enables external users to use their own identities. Option A is wrong because the app is for partners, not anonymous. Option B is wrong because Azure AD B2C is for customer identities, not B2B.

Option D is wrong because SharePoint external sharing is for SharePoint, not Power Apps authentication.

270
Multi-Selectmedium

Which THREE are valid components of a Microsoft Power Platform environment?

Select 3 answers
A.Custom connector
B.Dataverse database
C.Power BI workspace
D.Microsoft 365 Group
E.Power Automate flow
AnswersA, B, E

Custom connectors are stored in environments.

Why this answer

A custom connector is a valid component of a Microsoft Power Platform environment because it allows you to extend the platform by creating your own API connectors to external services. Custom connectors are stored and managed within an environment, enabling makers to build apps and flows that interact with systems not covered by out-of-the-box connectors.

Exam trap

The trap here is that candidates confuse shared Microsoft 365 resources (like Groups or Power BI workspaces) with Power Platform environment components, but only items directly managed within the environment's scope—such as custom connectors, Dataverse databases, and Power Automate flows—are valid components.

271
MCQmedium

A Power Automate flow processes hundreds of items daily. The flow sometimes fails due to service unavailability. Which feature should be used to automatically retry the failed action?

A.Use a 'Scope' action
B.Enable retry policy on the action
C.Add a 'Terminate' action
D.Configure a 'Configure run after' setting
AnswerB

Retry policies allow automatic retries on failure.

Why this answer

Option B is correct because Power Automate allows you to configure a retry policy on individual actions to automatically reattempt execution when a transient failure (such as service unavailability) occurs. This feature handles intermittent errors without manual intervention, improving flow reliability for high-volume processing.

Exam trap

The trap here is that candidates often confuse 'Configure run after' settings (which control conditional execution based on previous action status) with automatic retry logic, but retry policy is a separate configuration on the action itself that handles transient failures before any run-after conditions are evaluated.

How to eliminate wrong answers

Option A is wrong because a 'Scope' action is used to group actions for error handling and variable scoping, not to automatically retry a failed action. Option C is wrong because a 'Terminate' action is used to stop a flow immediately with a custom status, not to retry failures. Option D is wrong because 'Configure run after' settings define which actions run based on the success or failure of a previous action, but they do not automatically retry the failed action itself.

272
MCQmedium

A company wants to restrict the ability to create Power Apps and Power Automate flows in the default environment to only a specific security group. What is the recommended approach?

A.Create a DLP policy that blocks creation of apps and flows.
B.Assign the security group to the Environment Maker role for the default environment.
C.Disable the default environment and create a new one with restricted access.
D.Remove the Environment Maker role from all users and add the security group as co-admins.
AnswerB

The Environment Maker role can be scoped to a specific environment and assigned to a security group.

Why this answer

Option A is correct because default environment can be restricted by assigning the security group to the Environment Maker role. Option B is wrong because DLP does not control creation. Option C is wrong because disabling the default environment is not possible.

Option D is wrong because the maker role applies to all environments unless scoped.

273
Multi-Selecteasy

Which TWO are valid ways to access the Power Platform admin center? (Choose two.)

Select 2 answers
A.Through the Power Apps maker portal under 'Admin'
B.Through the Microsoft Entra admin center under 'Power Platform'
C.Through the Microsoft 365 admin center under 'All admin centers'
D.Navigating to https://admin.powerplatform.com
E.Through the Azure portal under 'Power Platform'
AnswersC, D

The Power Platform admin center is listed among other admin centers.

Why this answer

Option C is correct because the Microsoft 365 admin center includes a link to 'All admin centers,' which provides direct access to the Power Platform admin center. Option D is correct because the Power Platform admin center can be accessed directly via its dedicated URL, https://admin.powerplatform.com, which is the primary entry point for managing environments, data policies, and settings.

Exam trap

The trap here is that candidates may confuse the Power Apps maker portal's 'Admin center' link (which is a valid access method) with a non-existent 'Admin' tab, or assume that the Azure portal or Entra admin center includes Power Platform administration, when in fact only the dedicated URL and the Microsoft 365 admin center's 'All admin centers' list are correct.

274
Multi-Selecthard

Which TWO are benefits of using model-driven apps over canvas apps? (Choose two.)

Select 2 answers
A.Easier to create complex formulas
B.No Microsoft Entra ID licensing required
C.Built-in business process flows
D.Responsive design automatically adapts to screen size
E.Unlimited custom layout control
AnswersC, D

Model-driven apps include business process flows.

Why this answer

Options B and D are correct because model-driven apps are responsive by default and automatically generate a business logic layer. Option A is wrong because canvas apps offer more design flexibility. Option C is wrong because model-driven apps require minimal customization.

Option E is wrong because model-driven apps still require consent.

275
Multi-Selecteasy

Which TWO actions can be performed using Microsoft Copilot Studio without writing custom code?

Select 2 answers
A.Trigger a Power Automate flow from a topic.
B.Integrate with a custom API by writing JavaScript code.
C.Train the copilot with a custom machine learning model.
D.Publish the copilot to a Microsoft Teams channel.
E.Deploy the copilot to a third-party website using custom HTML.
AnswersA, D

Power Automate flows can be triggered natively.

Why this answer

Option A is correct because Microsoft Copilot Studio allows you to trigger a Power Automate flow directly from a topic without writing any custom code. This is achieved by adding a 'Call an action' node within a topic and selecting a Power Automate flow, enabling the copilot to execute automated workflows seamlessly.

Exam trap

The trap here is that candidates may think integrating with a custom API (Option B) is no-code because Copilot Studio has a 'Custom API' connector, but that connector still requires writing JavaScript code to define the API call, making it a code-based action.

276
MCQhard

A company has a Power Apps portal for external partners to submit support tickets. Partners report that they cannot see the tickets they created. The portal uses Dataverse. What is the most likely cause?

A.The partners are using an unsupported browser.
B.Entity permissions for the ticket table are not configured for portal users.
C.The portal is not published to the external network.
D.The Dataverse environment is in maintenance mode.
AnswerB

Portal users need specific entity permissions to read records; by default, they may not have access.

Why this answer

In Power Apps portals, visibility of Dataverse records is governed by entity permissions, not by the portal being published or the browser used. When partners cannot see tickets they created, the most likely cause is that the entity permissions for the ticket table are not configured to grant 'Read' access to the appropriate portal web roles (e.g., 'Authenticated Users' or a custom role). Without these permissions, the portal cannot query and display the records, even though the data exists in Dataverse.

Exam trap

The trap here is that candidates may assume the issue is a network or browser problem, but the PL-900 exam specifically tests understanding that Power Apps portals rely on Dataverse security and entity permissions to control record visibility, not on portal publishing status or browser compatibility.

How to eliminate wrong answers

Option A is wrong because unsupported browsers typically cause rendering or functionality issues (e.g., JavaScript errors), not a complete inability to see records that were created; Dataverse and Power Apps portals support modern browsers like Chrome, Edge, and Firefox. Option C is wrong because if the portal were not published to the external network, partners would not be able to access the portal at all, not just fail to see tickets; the question states they can access the portal but cannot see tickets. Option D is wrong because maintenance mode in Dataverse prevents all operations (create, read, update, delete) across the environment, but partners can still create tickets, which indicates the environment is operational.

277
MCQhard

An administrator notices that a Power Apps environment has exceeded its Dataverse storage capacity. The company wants to free up storage without losing data. Which action should the administrator take first?

A.Delete unused apps and flows from the environment
B.Purchase additional Dataverse storage capacity
C.Archive old flows to reduce storage usage
D.Run the storage capacity analysis in Power Platform Admin Center
AnswerD

This identifies what is consuming storage, allowing targeted cleanup.

Why this answer

Option D is correct because the first step when addressing Dataverse storage capacity issues is to run the storage capacity analysis in the Power Platform Admin Center. This analysis provides a detailed breakdown of storage usage by entity, environment, and solution, enabling the administrator to identify the largest consumers and take targeted actions to free up space without data loss. Deleting apps or flows (Option A) does not reclaim Dataverse storage, as these items consume minimal storage compared to data tables.

Exam trap

The trap here is that candidates confuse 'freeing up storage' with deleting apps or flows, not realizing that Dataverse storage is dominated by data rows and files, not solution components.

How to eliminate wrong answers

Option A is wrong because deleting unused apps and flows frees up only solution-related metadata, not the actual Dataverse data (rows, files, logs) that consume the bulk of storage capacity. Option B is wrong because purchasing additional storage is a reactive cost-incurring measure, not the first diagnostic step; the administrator should first analyze usage to see if existing storage can be optimized. Option C is wrong because archiving old flows does not reduce Dataverse storage—flows themselves store minimal data, and archiving only affects flow run history, not database or file storage.

278
MCQmedium

A company has a Power Apps model-driven app for sales. Sales reps need to see their assigned leads only. Which security feature should be configured?

A.Configure business unit security to isolate each rep's data
B.Use field-level security to set permissions on the 'Assigned To' field
C.Assign security roles that filter leads by owner
D.Share the app with each rep individually
AnswerB

Correct: Field-level security hides the field, preventing reps from seeing others' assignments.

Why this answer

Option D is correct because field-level security allows hiding the assigned to field from users who shouldn't see it. Option A is wrong because sharing is for specific records, not all. Option B is wrong because role-based access controls access to entities, not fields.

Option C is wrong because business unit security restricts by business unit, not by individual.

279
Multi-Selecteasy

Which TWO of the following are components of Power Platform? (Choose two.)

Select 2 answers
A.SharePoint
B.Teams
C.Power Apps
D.Excel
E.Power BI
AnswersC, E

Power Apps is a core component.

Why this answer

Power Apps is a core component of Microsoft Power Platform, enabling users to build custom low-code applications for web and mobile without extensive programming. It integrates with other Power Platform services like Power Automate and Power BI to create end-to-end business solutions.

Exam trap

The trap here is that candidates often confuse data sources or integration tools (like SharePoint or Excel) with actual Power Platform components, leading them to select those as answers instead of the core services Power Apps and Power BI.

280
MCQeasy

A company wants to allow external partners to access a Power Apps portal without requiring a Microsoft Entra ID account. What should the administrator configure?

A.Create Microsoft Entra ID guest accounts for each partner
B.Configure the portal to use local authentication with username and password
C.Share the Power Apps app directly with the partners
D.Enable Microsoft Entra ID B2B collaboration and invite partners
AnswerB

Power Apps portals support local authentication for external users without Microsoft Entra ID.

Why this answer

Option B is correct because Power Apps portals support local authentication, which allows external users to sign up and sign in using a username and password without requiring a Microsoft Entra ID account. This is the appropriate method when the goal is to grant access to partners who do not have or need Microsoft Entra ID credentials.

Exam trap

The trap here is that candidates often confuse Microsoft Entra ID B2B collaboration (which still requires an external identity provider) with the ability to have completely independent local accounts, leading them to select option D instead of B.

How to eliminate wrong answers

Option A is wrong because creating Microsoft Entra ID guest accounts still requires each partner to have or create a Microsoft Entra ID identity, which contradicts the requirement of not requiring a Microsoft Entra ID account. Option C is wrong because sharing a Power Apps app directly with partners is designed for internal users with Microsoft Entra ID accounts and does not provide external portal access without authentication. Option D is wrong because Microsoft Entra ID B2B collaboration requires partners to have an existing Microsoft Entra ID or Microsoft account, which again does not meet the requirement of no Microsoft Entra ID account.

281
MCQmedium

Refer to the exhibit. An administrator runs this PowerShell command against a Power Platform environment. What can the administrator conclude?

A.The environment is accessible only to members of the ContosoUsers security group
B.The environment creation failed
C.The environment has no security group assigned
D.The environment is a personal productivity environment
AnswerA

The environmentSecurityGroupName property indicates the security group assigned to the environment.

Why this answer

The PowerShell command `Get-AdminPowerAppEnvironment` returns the environment details, including the `SecurityGroupId` property. If this property is populated with a GUID, it indicates a security group is assigned to the environment, restricting access to its members. Since the exhibit shows a non-null `SecurityGroupId` for the ContosoUsers group, the environment is accessible only to members of that security group.

Exam trap

The trap here is that candidates assume a populated `SecurityGroupId` field means the environment is restricted to that group, but they may confuse it with other properties like `EnvironmentSku` or `Permissions`, or incorrectly think a null value indicates failure rather than no group assignment.

How to eliminate wrong answers

Option B is wrong because the command successfully returned environment details, including a `SecurityGroupId`, which indicates the environment was created and exists. Option C is wrong because the `SecurityGroupId` field is populated with a GUID, meaning a security group is assigned; an empty or null value would indicate no security group. Option D is wrong because a personal productivity environment (e.g., from a Power Apps license) does not have a security group assigned; the presence of a `SecurityGroupId` confirms this is a standard environment with access control.

282
MCQhard

A Power Pages site is configured with multiple web roles. A user reports they can see the 'Submit Ticket' button but cannot submit the form. Upon investigation, the form's 'Create' permission is set to 'Roles: Authenticated Users'. The user is authenticated. What is the most likely cause?

A.JavaScript error on the form
B.The user's web role lacks 'Create' permission on the Dataverse table
C.Page permission is set to 'Authenticated Users' but the page is already accessible
D.The user is not logged in
AnswerB

Form permissions rely on table permissions; the role may not have create rights.

Why this answer

Option D is correct because the user's web role may not have the 'Create' permission for the underlying Dataverse table, even though the form permission is set. Option A is wrong because the user is authenticated. Option B is wrong because JavaScript errors would affect functionality but not specifically the permission error.

Option C is wrong because the form is visible, so page permission is not the issue.

283
Multi-Selecthard

Which THREE components are part of a model-driven app? (Choose three.)

Select 3 answers
A.Gallery
B.Cloud flow
C.Form
D.Dashboard
E.Business process flow
AnswersC, D, E

Forms are the primary data entry interface.

Why this answer

Options A, C, and D are core components. Business process flows guide users, dashboards provide overviews, and forms are data entry interfaces. Option B is for automation, not part of the app's UI.

Option E is a component of canvas apps.

284
Multi-Selecthard

Which TWO of the following are best practices for managing Power Platform environments in an enterprise? (Choose two.)

Select 2 answers
A.Share all connectors and data sources with all users by default.
B.Implement Data Loss Prevention (DLP) policies to control data flow between connectors.
C.Disable auditing to improve performance.
D.Use a single environment for all development and production workloads.
E.Use separate environments for development, testing, and production.
AnswersB, E

DLP policies prevent unauthorized data sharing.

Why this answer

Option B is correct because Data Loss Prevention (DLP) policies are a core governance feature in Power Platform that allow administrators to classify connectors as Business or Non-Business, preventing data from flowing between prohibited groups. This protects sensitive data from being inadvertently shared across services like SharePoint and third-party APIs, which is essential for enterprise compliance and security.

Exam trap

The trap here is that candidates may think disabling auditing improves performance (Option C) or that a single environment simplifies management (Option D), but the PL-900 exam emphasizes governance, security, and ALM separation as core best practices.

285
MCQhard

A model-driven app uses a business process flow to guide users through a sales process. The flow has multiple stages, and users complain that they can move to the next stage without completing required fields. What should the app maker do to enforce data entry?

A.Set the fields as business required in the entity
B.Set the fields as required in the business process flow stage
C.Add a validation rule on the entity fields
D.Make the fields read-only in the business process flow stage
AnswerB

Required fields in the stage must be filled before moving to the next stage.

Why this answer

Option D is correct because setting fields as required in the business process flow stage ensures they must be filled before progressing. Option A is incorrect because it applies to the entire entity, not the flow. Option B is incorrect because read-only fields prevent data entry.

Option C is incorrect because validation rules apply at the field level, not flow stage transitions.

286
MCQhard

A Power Automate flow processes sensitive employee data and must be run only by HR managers. Which is the best way to restrict access?

A.Create a separate environment for HR flows.
B.Use a Data Loss Prevention (DLP) policy to block non-HR users.
C.Share the flow only with HR managers and set their permissions to 'Owner'.
D.Disable sharing for all flows in the environment.
AnswerC

Owners can run and edit the flow.

Why this answer

Option B is correct because sharing the flow with specific people and setting owner permissions is the standard method. Option A is wrong because it affects all flows. Option C is wrong because DLP policies prevent data leakage but don't restrict flow ownership.

Option D is wrong because environments don't restrict by role inherently.

287
MCQmedium

A Power Pages site displays a form that submits data to Dataverse. Users report that the form does not save data. The site has been working for months. What is the most likely cause?

A.The web role assigned to users was removed
B.Dataverse table permissions were modified
C.The site visibility was changed to private
D.Page permissions have been updated to block anonymous access
AnswerB

Table permissions control Create, Read, Write, Delete.

Why this answer

Option D is correct because Dataverse table permissions are often changed accidentally, preventing saves. Option A is wrong because page permissions affect page access, not form submission. Option B is wrong because web roles are for authentication, not data operations.

Option C is wrong because site visibility doesn't affect form save.

288
MCQeasy

A Power Platform administrator receives a report that a user is unable to create a new environment. The user has a Power Apps per user license and is a member of the global admin group. What is the most likely cause?

A.The user does not have the Environment Admin role.
B.The user does not have a Power Apps Plan 2 license or Environment Creation add-on.
C.A DLP policy is blocking environment creation.
D.The tenant has reached its environment capacity limit.
AnswerB

A Power Apps per user license (Plan 1) does not include environment creation rights.

Why this answer

Environment creation requires a Power Apps Plan 2 license or an Environment Creation add-on. Having only a per user license is insufficient. Option A is incorrect because the user has global admin rights.

Option C is incorrect because capacity is not the issue. Option D is incorrect because DLP policies do not prevent environment creation.

289
MCQeasy

A non-technical employee wants to create a simple chatbot to answer common HR questions. Which Power Platform component should they use?

A.Power BI
B.Power Apps
C.Power Virtual Agents
D.Power Automate
AnswerC

Power Virtual Agents allows creating chatbots without coding.

Why this answer

Power Virtual Agents (C) is the correct choice because it is a no-code, AI-driven chatbot service within Power Platform specifically designed for building conversational agents. It allows non-technical users to create, publish, and analyze chatbots using a graphical interface without writing code, making it ideal for handling common HR questions through predefined topics and natural language understanding.

Exam trap

The trap here is that candidates confuse Power Virtual Agents with Power Automate, assuming chatbots are just automated workflows, but Power Virtual Agents is specifically designed for conversational AI with built-in NLP, whereas Power Automate handles backend task automation.

How to eliminate wrong answers

Option A is wrong because Power BI is a business analytics and data visualization tool, not a chatbot builder; it focuses on creating reports and dashboards from data sources. Option B is wrong because Power Apps is a low-code platform for building custom business applications (canvas or model-driven apps), not for creating conversational interfaces or chatbots. Option D is wrong because Power Automate is a workflow automation service for orchestrating repetitive tasks and processes across applications, not for building interactive chatbots that respond to user queries in real time.

290
MCQmedium

A healthcare provider needs to ensure that only authorized users can access patient data in a Power Apps app. The app uses Dataverse. What should the administrator configure?

A.Configure SharePoint permissions for the app
B.Set environment as restricted in Power Platform admin center
C.Use Microsoft Entra ID conditional access policies
D.Assign Dataverse security roles to users
AnswerD

Security roles define user permissions at the table and record level in Dataverse.

Why this answer

Dataverse security roles control access to tables and records. Column-level security can be used for sensitive fields. Power Platform admin center manages environments but not fine-grained data access.

SharePoint permissions are irrelevant.

291
MCQmedium

A company uses Power BI to monitor manufacturing efficiency. The dataset includes a column 'RunTime' (in minutes) and 'DownTime' (in minutes). A user wants to calculate 'Availability' as (RunTime / (RunTime + DownTime)) * 100. Which DAX measure should be used?

A.Availability = DIVIDE(SUM([RunTime]), SUM([RunTime])+SUM([DownTime])) * 100
B.Availability = DIVIDE(SUM([RunTime]), SUM([RunTime])+SUM([DownTime]))
C.Availability = AVERAGE(Table[RunTime]) / (AVERAGE(Table[RunTime])+AVERAGE(Table[DownTime])) * 100
D.Availability = SUMX(Table, [RunTime]/([RunTime]+[DownTime])) * 100
AnswerA

Correctly calculates percentage.

Why this answer

Option A is correct because it uses the DIVIDE function to safely handle division by zero, and multiplies by 100 to express the result as a percentage. The formula sums RunTime and DownTime across all rows, then computes Availability = (Total RunTime / (Total RunTime + Total DownTime)) * 100, which matches the user's requirement exactly.

Exam trap

The trap here is that candidates often confuse aggregate-level calculations (using SUM) with row-level calculations (using SUMX or AVERAGE), and they may forget to multiply by 100 when the requirement explicitly asks for a percentage value.

How to eliminate wrong answers

Option B is wrong because it omits the multiplication by 100, so the result is a decimal (e.g., 0.95) rather than a percentage (95%), which does not match the user's requirement. Option C is wrong because it uses AVERAGE instead of SUM; averaging individual row ratios yields a different result than the aggregate ratio, and the user's requirement is based on total times, not averages. Option D is wrong because SUMX iterates row-by-row, computing the ratio for each row and then summing those ratios; this is not equivalent to the aggregate ratio of total RunTime divided by total (RunTime + DownTime), and it can produce incorrect results when rows have different denominators.

292
MCQhard

You are a Power Automate administrator. A user reports that a cloud flow stopped working after you updated the environment's data loss prevention (DLP) policy. The flow uses the SharePoint and Outlook connectors. The new DLP policy only allows these connectors in the 'Business' group, but the flow was previously working. What is the most likely cause of the failure?

A.The flow owner's license expired
B.The flow is using a premium connector that requires a license
C.The SharePoint site was deleted
D.The DLP policy now assigns the two connectors to different groups
AnswerD

When connectors are in different groups, flows combining them are blocked.

Why this answer

If connectors are in different DLP groups, flows that combine them may fail. The policy change likely moved connectors to different groups or split them. If both are in the same group ('Business'), the flow should work unless they were moved to separate groups.

The description says the policy only allows them in 'Business' group, implying they might have been in 'Non-Business' before. But the most common issue is that connectors were assigned to different groups (e.g., SharePoint in Business, Outlook in Non-Business) which is not allowed. The flow worked before the update, so the update likely misaligned the groups.

293
Multi-Selecthard

Which THREE of the following are capabilities of Power Apps?

Select 3 answers
A.Create complex workflow automations
B.Perform real-time streaming analytics
C.Use AI Builder to add artificial intelligence
D.Connect to Microsoft 365 data (e.g., SharePoint, Outlook)
E.Run on mobile devices (iOS, Android, Windows)
AnswersC, D, E

AI Builder is integrated into Power Apps for AI capabilities.

Why this answer

Power Apps can connect to Microsoft 365, use AI Builder, and run on mobile devices. Option A, Option B, and Option C are correct. Option D is wrong because Power Automate handles workflows.

Option E is wrong because real-time streaming analytics is not a core capability.

294
Multi-Selectmedium

Which THREE components are essential when creating a Power Pages site?

Select 3 answers
A.Custom JavaScript code
B.A Power Pages site workspace
C.A Dataverse environment
D.Web roles to manage access
E.An authentication provider
AnswersB, C, D

The site is the core component.

Why this answer

A Power Pages site requires a workspace (site), web roles for security, and Dataverse for storage. Authentication providers are needed but not part of the site creation itself. Custom code is optional.

295
MCQmedium

Refer to the exhibit. A Power Automate flow uses the 'When a new email arrives' trigger with a filter for emails that have attachments. The trigger sometimes fires even when the incoming email has no attachment. What is the most likely reason?

A.The filter is applied after the trigger fires.
B.The trigger is configured to ignore the filter.
C.The filter should be on 'attachmentCount' instead of 'hasAttachments'.
D.The $filter parameter is not supported by the trigger type.
AnswerD

Some triggers do not support $filter fully.

Why this answer

Option A is correct because the $filter parameter is applied server-side but may not be supported by all mail providers; also, the trigger may use polling and the filter may not be applied correctly. Option B is wrong because the trigger does not ignore the filter. Option C is wrong because the filter is on hasAttachments.

Option D is wrong because the filter is not applied client-side.

296
MCQhard

A global organization has multiple environments in Power Platform. The security team wants to prevent users from sharing canvas apps with external users. What is the most effective way to enforce this restriction?

A.Set environment-level sharing to ‘Only specific security groups’
B.Disable ‘Share with external users’ in the Power Platform admin center tenant settings
C.Assign a custom security role that denies the ‘Share’ privilege
D.Create a Data Loss Prevention (DLP) policy that blocks connectors used by external users
AnswerB

This setting explicitly blocks sharing canvas apps and other resources with external users.

Why this answer

Option A is correct because the tenant-level setting to block sharing with external users is the most direct and comprehensive control. Option B is wrong because DLP policies do not control sharing permissions. Option C is wrong because environment-level sharing settings can be overridden by tenant settings, and external sharing control is at tenant level.

Option D is wrong because assigning a custom security role does not prevent external sharing by default.

297
MCQeasy

Refer to the exhibit. A Power Pages site configuration snippet shows authentication settings. What does this configuration achieve?

A.Multi-factor authentication is enforced.
B.Anonymous access is allowed for all users.
C.Users sign in with their Microsoft Entra ID accounts.
D.Users authenticate using local credentials stored in Dataverse.
AnswerC

The configuration specifies Entra ID as the provider.

Why this answer

The configuration sets Microsoft Entra ID as the authentication provider, meaning users will sign in using their Entra ID credentials. It does not enable local authentication or anonymous access, and it does not require multi-factor authentication.

298
MCQeasy

A user wants to build a Power Apps app that connects to Microsoft Dataverse and uses AI to suggest next best actions. Which feature should they use?

A.Power Automate
B.AI Builder
C.Power Virtual Agents
D.Copilot in Power Apps
AnswerB

Correct: AI Builder provides prebuilt AI models to integrate into apps.

Why this answer

Option B is correct because AI Builder allows adding AI models like prediction or suggestion to Power Apps. Option A is wrong because Copilot is a general AI assistant, not a specific feature for suggestions. Option C is wrong because Power Virtual Agents is for chatbots.

Option D is wrong because Power Automate is for workflows.

299
MCQmedium

Your company wants to create a chatbot that can answer employee questions about IT policies and escalate complex issues to a human agent. The chatbot should be built with minimal custom code. Which two Microsoft Power Platform components should you combine?

A.Power Virtual Agents
B.Power BI
C.Power Automate
D.Power Apps
AnswerA, C

Power Virtual Agents provides a low-code chatbot builder.

Why this answer

Power Virtual Agents (A) is the correct choice because it provides a low-code, conversational AI platform specifically designed to build chatbots with minimal custom code, enabling the creation of a bot that answers IT policy questions. Power Automate (C) is correct because it can be used to escalate complex issues to a human agent by triggering workflows, such as sending an email or creating a ticket in a helpdesk system, without writing code.

Exam trap

Cisco often tests the distinction between low-code chatbot creation (Power Virtual Agents) and workflow automation (Power Automate) versus analytics (Power BI) or app building (Power Apps), leading candidates to mistakenly choose Power Apps for the chatbot or Power BI for escalation.

How to eliminate wrong answers

Option B (Power BI) is wrong because it is a business analytics tool for data visualization and reporting, not for building chatbots or automating escalation workflows. Option D (Power Apps) is wrong because it is a low-code platform for building custom applications (canvas or model-driven apps), not for creating conversational interfaces or automating escalation processes; while it could integrate with a chatbot, it is not the primary component for the described scenario.

300
MCQhard

An organization has a canvas app that uses a SharePoint list as its data source. Users report that the app loads slowly and sometimes times out. The developer needs to improve performance. Which approach should the developer take?

A.Increase the timeout setting in the app settings
B.Migrate the data source to SQL Server to improve performance
C.Split the app into multiple screens to reduce load per screen
D.Use delegable queries to filter data at the source
AnswerD

Delegation pushes filters to SharePoint, reducing data transfer.

Why this answer

Option B is correct because delegating data operations to the data source reduces the amount of data retrieved and processed client-side, improving performance. Option A is wrong because increasing timeouts does not address the root cause. Option C is wrong because splitting into multiple screens may help but does not solve delegation issues.

Option D is wrong because using SQL Server might help but is not a direct solution; the question is about improving performance without changing data source.

Page 3

Page 4 of 14

Page 5