AB-900 Practice Test

A. × Incorrect: Fully managed is incorrect because it refers to a different type of service management rather than specifically container-based hosting.

B. × Incorrect: Multi-agent, branching is incorrect because it describes a configuration option for agents but does not relate to the hosting environment being container-based and managed.

C. × Incorrect: Custom logic is incorrect because it pertains to agent behavior customization and is unrelated to the hosting infrastructure.

D. ✓ Correct: Container-based, managed is correct because it accurately identifies the container-based, managed hosting option in Microsoft Foundry Agent Service.

A. ✓ Correct: Email and calendars is correct because it includes the section where you can manage email settings and other related configurations in Microsoft 365.

B. × Incorrect: Manage users is incorrect because managing users involves setting up user accounts and licenses, not email settings.

C. × Incorrect: Security settings is incorrect because they are for configuring policies to protect data and systems, not for managing email settings directly.

D. × Incorrect: Subscription management is incorrect because it deals with purchasing and managing subscriptions, unrelated to email settings.

A. × Incorrect: Compliance Manager risks is incorrect because it focus on compliance issues rather than identifying sensitive data within AI applications.

B. × Incorrect: Insider Risk Management alerts is incorrect because they are designed to detect insider threats and do not specifically address the identification of sensitive information in AI contexts.

C. ✓ Correct: Data Explorer for sensitive information is tailored to identify and manage sensitive data, including within AI applications like Copilots.

D. × Incorrect: Purview DLP and Communication Compliance violations is incorrect because they pertain more to policy enforcement rather than identifying sensitive data specifically.

A. × Incorrect: Copilot code completion is incorrect because it does not involve analyzing and upgrading Java applications.

B. × Incorrect: Monthly license model is incorrect because it is a monthly license model relates to cost structure rather than application analysis or upgrade capabilities.

C. × Incorrect: Researcher data migration is incorrect because it pertains to transferring research datasets, unrelated to Java application upgrades.

D. ✓ Correct: Agent application analysis allows for the examination and enhancement of Java applications in Azure.

A. ✓ Correct: Identity is correct because it focuses on secure authentication and management of identities and devices in Microsoft 365.

B. × Incorrect: Threat protection is incorrect because it deals with detecting and responding to security threats rather than managing identity access.

C. × Incorrect: Intelligence is incorrect because it involves using data analytics for better decision-making, not securing identity and device access.

D. × Incorrect: Authorization is incorrect because it is a part of the identity pillar but does not encompass all aspects of securing identities and devices.

A. × Incorrect: User Permissions Manager is incorrect because it does not specifically restrict access to sensitive sites in SharePoint.

B. × Incorrect: Data Loss Prevention (DLP) policies is incorrect because they are used for protecting data from being shared outside the organization but do not directly manage site access restrictions.

C. × Incorrect: SharePoint Alerts is incorrect because it notify users about updates or changes, but they do not control who can access sensitive sites.

D. ✓ Correct: Restricted Site Access Policies in SharePoint Advanced Management specifically restrict access to sensitive sites.

A. × Incorrect: Billing Dashboard is incorrect because it is the Billing Dashboard focuses on financial information and does not provide insights into Copilot usage.

B. × Incorrect: User Management Console is incorrect because it handles user accounts and permissions but does not offer analytics for Copilot usage.

C. ✓ Correct: Copilot Analytics specifically provides tools to monitor and analyze how Microsoft 365 Copilot is being used within your organization.

D. × Incorrect: License Assignment Manager is incorrect because it deals with assigning licenses to users, which is unrelated to monitoring Copilot usage.

A. × Incorrect: Microsoft Priva Privacy Risk Management is incorrect because it does not offer both Standard and Premium versions for tenant-level auditing.

B. ✓ Correct: Microsoft Purview Audit (Standard) offers both a Standard and Premium version for tenant-level auditing, aligning with the requirements of the question.

C. × Incorrect: Microsoft Purview Collection Policies is incorrect because they are related to data governance but do not provide tenant-level auditing options in different versions.

D. × Incorrect: Microsoft Purview Communications Compliance is incorrect because it focuses on monitoring communications for compliance issues rather than offering tenant-level auditing.

A. × Incorrect: Automated threat detection and response is incorrect because it focuses on automated threat detection and response, which are important but not specifically highlighted as core features of Data Security Posture Management for AI applications in Microsoft Purview.

B. × Incorrect: User behavior analytics and reporting is incorrect because they are valuable for understanding how users interact with data but do not directly address the security and compliance protections provided by Data Security Posture Management.

C. ✓ Correct: Data security and compliance protections is correct because it accurately describes that the classic version of Data Security Posture Management in Microsoft Purview offers essential safeguards to ensure AI applications adhere to data protection standards and regulatory requirements.

D. × Incorrect: Real-time data encryption services is incorrect because they are crucial for protecting data but are not specifically mentioned as a primary feature of Data Security Posture Management for AI applications.

A. ✓ Correct: Pay-as-you-go is correct because it allows you to pay only when using Azure's AI-powered agent services, making it ideal for unpredictable usage patterns.

B. × Incorrect: Monthly license is incorrect because it is a monthly license would require payment regardless of the actual usage of the service during that month.

C. × Incorrect: Annual subscription is incorrect because it is an annual subscription would obligate you to pay for a full year even if your use of the service varies or decreases over time.

D. × Incorrect: Researcher use cases is incorrect because they are specific scenarios and do not represent a licensing model available to all users.

A. × Incorrect: Manage users and licenses is incorrect because managing users and licenses does not include distribution group management.

B. ✓ Correct: Email and calendars settings is correct because they is the Email and calendars settings section includes tools to manage distribution groups.

C. × Incorrect: SharePoint site libraries management is incorrect because it pertains to document storage and collaboration, not email-related features like distribution groups.

D. × Incorrect: Security and compliance is incorrect because it focuses on policies and controls for data protection and governance, unrelated to managing distribution groups.

A. × Incorrect: Microsoft Graph API is incorrect because it provides access to data and services in Microsoft cloud environments but does not specifically manage security posture for AI applications.

B. ✓ Correct: Data Security Posture Management for AI (classic) in Microsoft Purview is designed to ensure that generative AI applications adhere to security standards and compliance requirements.

C. × Incorrect: Azure Active Directory Permissions is incorrect because they are related to managing access control within an organization but do not specifically address the security of AI applications like Copilots.

D. × Incorrect: Microsoft 365 Defender is incorrect because it focuses on threat protection, incident response, and compliance for Microsoft 365 services rather than specific security management for generative AI applications.

A. × Incorrect: Fully managed is incorrect because it refers to a service where Microsoft handles all aspects of management and maintenance, but it does not specifically indicate container-based hosting.

B. × Incorrect: Multi-agent, branching is incorrect because it describes a scenario involving multiple agents with branching logic, which is unrelated to the specific type of hosting environment.

C. ✓ Correct: Container-based, managed refers to an approach where Microsoft Foundry Agent Service uses containers for orchestration and management, providing a scalable and efficient solution.

D. × Incorrect: Custom logic is incorrect because it pertains to user-defined rules or scripts that agents follow, rather than describing the hosting infrastructure.

A. ✓ Correct: Manage email settings is correct because managing email settings includes options to configure and oversee distribution groups.

B. × Incorrect: Secure your users is incorrect because securing your users pertains to setting up security policies and compliance management rather than managing distribution groups directly.

C. × Incorrect: Set up shared mailboxes is incorrect because setting up shared mailboxes involves creating accounts that multiple people can use, which is different from managing distribution groups.

D. × Incorrect: Manage service plans is incorrect because managing service plans relates to assigning or removing services for users or groups, not specifically handling distribution group configurations.

A. × Incorrect: Purview DLP and Communication Compliance violations is incorrect because they are related to data loss prevention and communication policies rather than identifying compliance risks in AI applications.

B. × Incorrect: Data Explorer for sensitive information is incorrect because it focuses on discovering and classifying sensitive data, not specifically on identifying compliance risks associated with AI applications like Copilots.

C. × Incorrect: Insider Risk Management alerts is incorrect because it focus on detecting insider threats and misuse of company resources, rather than compliance violations specific to AI applications.

D. ✓ Correct: Compliance Manager risks identify potential compliance issues in AI applications such as Copilots by assessing adherence to regulatory requirements.

A. ✓ Correct: Workflow agents are designed to create stable endpoints that can be easily shared through Microsoft Teams.

B. × Incorrect: Prompt agents is incorrect because they are used for generating responses based on user input and do not provide stable endpoints for sharing.

C. × Incorrect: Hosted agents (preview) is incorrect because it offer a managed environment but are not specifically tailored for creating stable endpoints for Microsoft Teams integration.

D. × Incorrect: Code-based agents is incorrect because it allow users to write custom scripts, which may lack the stability and ease of use required for consistent endpoint sharing in Teams.

A. × Incorrect: Secure your environment is incorrect because it pertains to security settings and does not relate to managing SharePoint site libraries.

B. × Incorrect: Manage distribution groups is incorrect because distribution groups are related to email management rather than SharePoint site library administration.

C. ✓ Correct: Email and calendars is correct because they is the 'Email and calendars' section includes features for managing SharePoint site libraries, among other functionalities.

D. × Incorrect: Set up shared mailboxes is incorrect because setting up shared mailboxes pertains to email functionality and does not involve SharePoint site library management.

A. ✓ Correct: To ensure data security for AI applications is correct because data Security Posture Management in Microsoft Purview ensures data security specifically for AI applications.

B. × Incorrect: To manage communication compliance is incorrect because managing communication compliance is a separate function and does not pertain to securing data for AI applications.

C. × Incorrect: To prevent insider risks is incorrect because preventing insider risks, while important, is not the primary focus of Data Security Posture Management for AI applications.

D. × Incorrect: To protect against data loss is incorrect because protecting against data loss is crucial but it's not the specific purpose of managing security posture for AI applications.

A. × Incorrect: Code refactoring is incorrect because it involves restructuring existing code to improve readability and maintainability but does not directly relate to AI-powered agent capabilities.

B. × Incorrect: Application migration is incorrect because it refers to moving applications from one environment to another, which is a manual process rather than an AI-driven analysis task.

C. × Incorrect: Cost optimization is incorrect because it focuses on reducing expenses in cloud services through various strategies, unrelated to the specific capability of analyzing and upgrading .NET applications.

D. ✓ Correct: Upgrade analysis is correct because azure's AI-powered agents can analyze current application states and recommend or perform upgrades for .NET applications.

A. × Incorrect: Manage users is incorrect because managing users in the Microsoft 365 admin center focuses on user accounts and licenses rather than mailbox settings.

B. ✓ Correct: Email and calendars is correct because they is the Email and calendars section includes tools to manage Exchange Online mailboxes, email policies, and other related features.

C. × Incorrect: Security settings is incorrect because they are used for configuring protection measures like data loss prevention and compliance management, not directly managing mailboxes.

D. × Incorrect: SharePoint sites is incorrect because it pertain to document management and collaboration within Microsoft 365, unrelated to mailbox administration.

A. × Incorrect: Compliance Manager is incorrect because it focuses on tracking and managing compliance across an organization rather than detecting sensitive data within AI applications.

B. ✓ Correct: Data Explorer specifically scans for sensitive information in datasets used by AI applications like Copilots to ensure data security and privacy.

C. × Incorrect: Insider Risk Management is incorrect because it monitors employee activities related to potential insider threats, not the detection of sensitive data within AI systems.

D. × Incorrect: Communication Compliance is incorrect because it focuses on monitoring and managing communications to comply with regulatory requirements, unrelated to detecting sensitive information in AI applications.

A. ✓ Correct: Pay-as-you-go is correct because azure's AI-powered agents are licensed under a pay-as-you-go model.

B. × Incorrect: Monthly subscription is incorrect because it does not accurately describe the licensing model for Azure's AI-powered agents.

C. × Incorrect: Annual commitment is incorrect because it is not the licensing model used for Azure's AI-powered agents.

D. × Incorrect: Perpetual licensing is incorrect because it does not apply to Azure's AI-powered agents.

A. × Incorrect: Network segmentation is incorrect because it focuses on dividing networks into smaller parts to enhance security but does not directly address identity verification.

B. × Incorrect: Device encryption is incorrect because it protects data stored on devices but does not ensure secure access based on user identity and context.

C. ✓ Correct: Identity verification ensures that only authorized users gain access, a fundamental aspect of Zero Trust in Microsoft 365.

D. × Incorrect: User behavior analytics is incorrect because it monitors actions to detect anomalies but does not directly control or verify the identity of accessing users.

A. × Incorrect: Restricted Site Access is incorrect because it focuses on controlling who can access a site rather than identifying oversharing of sensitive information.

B. × Incorrect: SharePoint Advanced Management is incorrect because it refers to general administrative tasks and does not specifically address data security or monitoring for oversharing issues.

C. ✓ Correct: Data Access Governance Reports help organizations identify and manage instances where sensitive information might be shared too widely, ensuring compliance with data protection policies.

D. × Incorrect: AI Use Monitoring is incorrect because it pertains to tracking the usage of artificial intelligence tools rather than managing data access governance within SharePoint.

A. × Incorrect: User management is incorrect because it focuses on managing users and their permissions rather than billing policies.

B. ✓ Correct: Billing and subscriptions is correct because it allows administrators to manage pay-as-you-go billing policies for Microsoft 365 Copilot.

C. × Incorrect: Copilot settings is incorrect because they are used to configure the features and capabilities of Copilot, not its billing.

D. × Incorrect: License management is incorrect because it deals with assigning and managing licenses for users, not billing policies.

A. × Incorrect: Threat Protection is incorrect because alone does not address identity management and verification required by Zero Trust principles.

B. × Incorrect: Device Access Policies is incorrect because it is important but does not encompass the full scope of securing identities under a Zero Trust model.

C. ✓ Correct: Identity Infrastructure is correct because deploying an identity infrastructure is essential for verifying user identities continuously, which is fundamental to implementing Zero Trust in Microsoft 365.

D. × Incorrect: Intelligence is incorrect because while intelligence is valuable, it does not directly address the core requirement of managing and securing identities.

A. × Incorrect: SharePoint Alerts is incorrect because they are used to notify users of updates and changes but do not monitor oversharing.

B. × Incorrect: Restricted Site Access is incorrect because it controls who can access certain sites but does not track oversharing activities.

C. ✓ Correct: Data Access Governance Reports help identify and monitor oversharing in SharePoint, ensuring sensitive information is protected.

D. × Incorrect: User Activity Logs is incorrect because record user actions but do not specifically address or prevent oversharing of sensitive data.

A. × Incorrect: Reviewing billing statements is incorrect because it does not provide insights into how users are adopting and using Microsoft 365 Copilot.

B. × Incorrect: Using the Security & Compliance Center is incorrect because it is the Security & Compliance Center focuses on security policies and compliance rather than usage analytics for Copilot.

C. × Incorrect: By checking email logs is incorrect because checking email logs would not give comprehensive data about Copilot's adoption and user engagement across the organization.

D. ✓ Correct: Through the Copilot Analytics dashboard is correct because it is the Copilot Analytics dashboard provides specific insights into how users are adopting and using Microsoft 365 Copilot.

A. × Incorrect: Manage users and devices is incorrect because managing users and devices does not include distribution groups.

B. ✓ Correct: Email and calendars includes the management of distribution groups.

C. × Incorrect: SharePoint sites libraries is incorrect because they are unrelated to managing distribution groups.

D. × Incorrect: Security settings is incorrect because it do not cover the administration of distribution groups.

A. × Incorrect: Microsoft Defender for Cloud Apps is incorrect because it focuses on monitoring and managing cloud app risks rather than providing specific data security and compliance protections for generative AI applications.

B. × Incorrect: Azure Information Protection is incorrect because primarily deals with classifying, labeling, and protecting sensitive information in documents and emails, not specifically for generative AI applications like Copilots.

C. ✓ Correct: Microsoft Purview Data Security Posture Management for AI is designed to provide data security and compliance protections tailored for generative AI applications such as Copilots.

D. × Incorrect: Office 365 Advanced Threat Analytics is incorrect because it focuses on detecting advanced threats in email, collaboration apps, and file shares rather than providing specific data security and compliance protections for generative AI applications.