AB-900, AI Security, Data Security, Microsoft Certification

Understand how Copilot accesses data (AB-900 Exam Prep)

 
This post is a part of the AB-900: Microsoft 365 Copilot and Agent Administration Fundamentals Exam Prep Hub.
This topic falls under these sections:
Understand data protection and governance tasks for Microsoft 365 and Copilot (35–40%)
   --> Understand data security implications of Copilot
      --> Understand how Copilot accesses data

Note that there are 10 practice questions (with answers) at the end of each section to help you solidify your knowledge of the material. Also, there are 4 practice tests with 30 questions each available from the hub's main page below the exam topics section.

Introduction

One of the most important concepts for the AB-900 exam is understanding how Microsoft 365 Copilot accesses and uses organizational data. Many organizations are excited about the productivity benefits of Copilot but also want assurance that sensitive information remains protected.

Microsoft 365 Copilot is designed to work within an organization’s existing Microsoft 365 security, compliance, identity, and permission boundaries. Rather than creating a separate copy of organizational data, Copilot accesses information that users already have permission to access.

Understanding how Copilot retrieves, processes, and presents data is critical for administrators responsible for security, governance, and compliance.

What Is Microsoft 365 Copilot?

Microsoft 365 Copilot is an AI-powered assistant that combines:

  • Large Language Models (LLMs)
  • Microsoft Graph
  • Microsoft 365 applications
  • Organizational data

Copilot helps users:

  • Draft documents
  • Summarize meetings
  • Analyze data
  • Generate presentations
  • Answer questions
  • Perform business tasks more efficiently

The intelligence of Copilot comes from combining AI reasoning with an organization’s business data.

The Three Main Components of Copilot Data Access

Microsoft 365 Copilot relies on three major components:

Large Language Models (LLMs)

LLMs provide:

  • Natural language understanding
  • Reasoning capabilities
  • Content generation
  • Summarization

The LLM interprets the user’s prompt and generates responses.

Microsoft Graph

Microsoft Graph serves as the bridge between Copilot and organizational data.

Microsoft Graph connects to resources such as:

  • Emails
  • Calendars
  • Teams chats
  • Teams meetings
  • SharePoint documents
  • OneDrive files
  • Contacts
  • Tasks

Graph provides context that allows Copilot to generate relevant and personalized responses.

Microsoft 365 Data

Copilot accesses information stored within Microsoft 365 services.

Examples include:

  • Exchange Online mailboxes
  • SharePoint sites
  • OneDrive content
  • Teams conversations
  • Meeting transcripts
  • Microsoft Loop content

This organizational content provides the business context used to answer user requests.

How Copilot Processes a User Request

When a user submits a prompt, several steps occur.

Step 1: User Enters a Prompt

Example:

“Summarize the latest project updates from my team.”

Step 2: Copilot Interprets the Request

The LLM analyzes:

  • User intent
  • Context
  • Required information

Step 3: Microsoft Graph Retrieves Relevant Data

Microsoft Graph searches content the user is authorized to access.

Potential sources include:

  • Emails
  • Documents
  • Teams messages
  • Meeting notes

Step 4: Security Permissions Are Checked

Before data is returned:

  • Existing permissions are evaluated
  • Access controls are enforced
  • Security boundaries remain intact

If a user cannot access content directly, Copilot cannot use it in a response.

Step 5: Response Generation

The LLM combines:

  • User prompt
  • Retrieved business data
  • Organizational context

A response is generated and returned to the user.

Copilot Respects Existing Permissions

One of the most important exam concepts is:

Copilot Does Not Grant Additional Access

Copilot only accesses information a user already has permission to access.

For example:

  • If User A can view a SharePoint document, Copilot may use that document.
  • If User B cannot view the document, Copilot cannot expose it.

Copilot does not bypass:

  • SharePoint permissions
  • OneDrive permissions
  • Teams permissions
  • Microsoft 365 security controls

A common Microsoft phrase is:

“Copilot honors existing permissions.”

Role of Microsoft Graph

Microsoft Graph is central to Copilot’s operation.

Microsoft Graph:

  • Connects Microsoft 365 services
  • Provides contextual information
  • Retrieves relevant content
  • Applies user permissions

Without Microsoft Graph, Copilot would not have access to organizational context.

Think of Microsoft Graph as the intelligence layer that helps Copilot locate relevant business information.

Grounding

A key Copilot concept is grounding.

Grounding means enriching AI responses with organizational data retrieved through Microsoft Graph.

Without grounding:

  • Responses are based primarily on general AI knowledge.

With grounding:

  • Responses include organization-specific information.

Example:

A user asks:

“What decisions were made during yesterday’s budget meeting?”

Copilot can retrieve:

  • Meeting transcripts
  • Notes
  • Shared documents

The response is grounded in actual organizational content.

Data Sources Used by Copilot

Common Microsoft 365 data sources include:

Exchange Online

Provides:

  • Emails
  • Calendars
  • Contacts

SharePoint Online

Provides:

  • Team documents
  • Knowledge repositories
  • Project files

OneDrive

Provides:

  • Personal work files
  • User-owned documents

Microsoft Teams

Provides:

  • Chat messages
  • Meeting transcripts
  • Channel conversations
  • Shared files

Microsoft Loop

Provides:

  • Collaborative workspaces
  • Shared project information

Security Boundaries and Data Access

Copilot operates within existing Microsoft 365 security boundaries.

These include:

  • User permissions
  • Group memberships
  • SharePoint access controls
  • Teams membership
  • Sensitivity labels
  • Conditional Access policies

Security controls continue to function exactly as they would without Copilot.

Copilot and Sensitivity Labels

Sensitivity labels remain effective when Copilot accesses content.

If a document is protected with a sensitivity label:

  • Existing protections remain in place.
  • Access restrictions continue to apply.
  • Users without permission cannot access protected information through Copilot.

This helps maintain compliance and data security.

Copilot and Data Loss Prevention (DLP)

Microsoft Purview DLP policies continue to protect data.

DLP can help:

  • Detect sensitive information
  • Restrict inappropriate sharing
  • Prevent data leakage

Copilot operates within these governance controls.

Copilot and Retention Policies

Retention settings remain active for Copilot-accessed content.

If content:

  • Is retained, Copilot may use it if the user has access.
  • Has been deleted according to retention policies, it generally becomes unavailable for Copilot use.

Organizations should understand that Copilot relies on content already stored in Microsoft 365.

Copilot and Identity Management

Microsoft Entra ID plays a critical role in determining what data Copilot can access.

Entra ID provides:

  • Authentication
  • Authorization
  • User identity verification
  • Access control enforcement

Every Copilot interaction is tied to an authenticated user identity.

Why Permission Management Matters

Because Copilot honors existing permissions, organizations should regularly review:

  • Excessive access rights
  • Oversharing
  • Legacy permissions
  • Inactive accounts
  • SharePoint permissions
  • Teams memberships

Poor permission management can expose information through both traditional access methods and Copilot.

Many organizations conduct permission reviews before deploying Microsoft 365 Copilot.

Data Privacy and Copilot

Microsoft states that organizational prompts, responses, and data used by Microsoft 365 Copilot:

  • Stay within the Microsoft 365 service boundary
  • Are protected by existing Microsoft 365 compliance controls
  • Are not used to train foundation models for other customers

This helps organizations maintain privacy and regulatory compliance.

Common Misconceptions

Misconception 1: Copilot Can See Everything

False.

Copilot only accesses data the current user is authorized to access.

Misconception 2: Copilot Creates New Security Risks by Itself

Not exactly.

Copilot exposes existing permission issues more visibly, but it does not bypass security controls.

Misconception 3: Copilot Stores Separate Copies of All Data

False.

Copilot primarily retrieves information from existing Microsoft 365 sources through Microsoft Graph.

Misconception 4: Copilot Ignores Compliance Controls

False.

Copilot respects:

  • Permissions
  • Sensitivity labels
  • DLP policies
  • Retention policies
  • Identity controls

Key Exam Takeaways

For the AB-900 exam, remember the following:

  • Microsoft 365 Copilot combines LLMs, Microsoft Graph, and Microsoft 365 data.
  • Microsoft Graph retrieves organizational information used to ground responses.
  • Copilot only accesses data a user is authorized to access.
  • Copilot honors existing permissions and access controls.
  • Authentication and authorization are enforced through Microsoft Entra ID.
  • SharePoint, OneDrive, Exchange, Teams, and other Microsoft 365 services provide Copilot’s data sources.
  • Sensitivity labels, DLP policies, and retention policies continue to apply.
  • Copilot does not bypass security boundaries.
  • Permission management is critical for successful Copilot deployments.
  • Grounding improves response quality by incorporating organizational data.

Practice Exam Questions

Question 1

What component connects Microsoft 365 Copilot to organizational data stored across Microsoft 365 services?

A. Microsoft Graph
B. Microsoft Defender XDR
C. Microsoft Intune
D. Azure Virtual Network

Answer: A

Explanation: Microsoft Graph retrieves organizational data and provides context that Copilot uses to generate responses.

Question 2

A user asks Copilot to summarize a document stored in SharePoint. What determines whether Copilot can access the document?

A. The user’s existing permissions to the document
B. Whether the document is larger than 100 MB
C. Whether Microsoft Defender is enabled
D. Whether the document was created in Word

Answer: A

Explanation: Copilot honors existing permissions and can only access content the user is already authorized to view.

Question 3

Which Microsoft 365 service is commonly used as a source of files that Copilot can reference?

A. Active Directory Domain Services
B. Hyper-V
C. SharePoint Online
D. DNS Manager

Answer: C

Explanation: SharePoint Online is a major repository for organizational documents and content accessed by Copilot.

Question 4

What is the purpose of grounding in Microsoft 365 Copilot?

A. Encrypting prompts before submission
B. Backing up user data automatically
C. Monitoring administrator activity
D. Enhancing AI responses with organizational data

Answer: D

Explanation: Grounding enriches AI-generated responses with relevant organizational information retrieved through Microsoft Graph.

Question 5

Which statement best describes how Copilot handles security permissions?

A. It grants temporary access to protected documents.
B. It bypasses SharePoint permissions when necessary.
C. It honors existing Microsoft 365 permissions.
D. It automatically makes all team content available.

Answer: C

Explanation: Copilot respects existing permissions and does not provide access to content users cannot already access.

Question 6

Which Microsoft service provides authentication and authorization for Copilot users?

A. Microsoft Entra ID
B. Microsoft Defender for Endpoint
C. Microsoft Purview Data Map
D. Microsoft Fabric

Answer: A

Explanation: Microsoft Entra ID authenticates users and enforces authorization decisions that determine accessible content.

Question 7

A company applies sensitivity labels to confidential documents. How does Copilot interact with those documents?

A. Copilot removes the labels before processing.
B. Copilot ignores label protections.
C. Copilot can share the documents with any employee.
D. Copilot continues to respect the protections enforced by the labels.

Answer: D

Explanation: Sensitivity labels remain effective and continue governing access to protected content.

Question 8

Which Microsoft 365 workload can provide meeting transcripts that Copilot may use when generating responses?

A. Microsoft Teams
B. Microsoft Project Server
C. Windows Server
D. Microsoft Endpoint Configuration Manager

Answer: A

Explanation: Teams meeting transcripts are one of the organizational data sources that Copilot can use when users have access.

Question 9

What happens when a user asks Copilot about information stored in a file they do not have permission to access?

A. Copilot grants temporary access.
B. Copilot can still summarize the file.
C. Copilot cannot access or expose the file’s contents.
D. Copilot sends an approval request automatically.

Answer: C

Explanation: Copilot enforces existing access controls and cannot retrieve information from content the user is not authorized to access.

Question 10

Why do organizations often review permissions before deploying Microsoft 365 Copilot?

A. Copilot requires every file to be reuploaded.
B. Overshared content may become more discoverable through AI-assisted interactions.
C. Copilot disables SharePoint security.
D. Microsoft Graph cannot function without permission reviews.

Answer: B

Explanation: Because Copilot honors existing permissions, organizations often review and reduce oversharing to ensure users only have access to appropriate information.

Go to the AB-900 Exam Prep Hub main page

Leave a comment