🔒 Guided

Pre-launch preview. Authorised access only.

Incorrect code

Guided by A Guide to Cloud
Explore AB-900 AI-901
Guided AB-900 Domain 2
Domain 2 — Module 6 of 10 60%
16 of 28 overall

AB-900 Study Guide

Domain 1: M365 Core Features & Objects

  • Welcome to Microsoft 365
  • Exchange Online: Mailboxes & Distribution
  • SharePoint: Sites, Libraries & Permissions
  • Microsoft Teams: Teams, Channels & Policies
  • Users, Groups & Licensing
  • Zero Trust: Never Trust, Always Verify
  • Authentication: Passwords, MFA & Beyond
  • Microsoft Defender XDR
  • Microsoft Entra: Your Identity Hub
  • PIM, Audit Logs & Identity Governance

Domain 2: Data Protection & Governance

  • Microsoft Purview: The Big Picture
  • Sensitivity Labels & Data Classification
  • Data Loss Prevention (DLP)
  • Insider Risk & Communication Compliance
  • DSPM for AI & Data Lifecycle
  • How Copilot Accesses Your Data
  • Responsible AI Principles
  • Compliance Manager & eDiscovery
  • Activity Explorer & Data Monitoring
  • Oversharing in SharePoint

Domain 3: Copilot & Agent Admin

  • What is Microsoft 365 Copilot? Free
  • What Are Agents? Free
  • Copilot vs Agents: When to Use Which Free
  • Copilot Licensing: Monthly vs Pay-as-You-Go Free
  • Researcher, Analyst & Real-World Use Cases Free
  • Managing Copilot: Billing, Monitoring & Prompts Free
  • Building Agents: Create, Test & Publish Free
  • Agent Lifecycle: Access, Approval & Monitoring Free

AB-900 Study Guide

Domain 1: M365 Core Features & Objects

  • Welcome to Microsoft 365
  • Exchange Online: Mailboxes & Distribution
  • SharePoint: Sites, Libraries & Permissions
  • Microsoft Teams: Teams, Channels & Policies
  • Users, Groups & Licensing
  • Zero Trust: Never Trust, Always Verify
  • Authentication: Passwords, MFA & Beyond
  • Microsoft Defender XDR
  • Microsoft Entra: Your Identity Hub
  • PIM, Audit Logs & Identity Governance

Domain 2: Data Protection & Governance

  • Microsoft Purview: The Big Picture
  • Sensitivity Labels & Data Classification
  • Data Loss Prevention (DLP)
  • Insider Risk & Communication Compliance
  • DSPM for AI & Data Lifecycle
  • How Copilot Accesses Your Data
  • Responsible AI Principles
  • Compliance Manager & eDiscovery
  • Activity Explorer & Data Monitoring
  • Oversharing in SharePoint

Domain 3: Copilot & Agent Admin

  • What is Microsoft 365 Copilot? Free
  • What Are Agents? Free
  • Copilot vs Agents: When to Use Which Free
  • Copilot Licensing: Monthly vs Pay-as-You-Go Free
  • Researcher, Analyst & Real-World Use Cases Free
  • Managing Copilot: Billing, Monitoring & Prompts Free
  • Building Agents: Create, Test & Publish Free
  • Agent Lifecycle: Access, Approval & Monitoring Free
Domain 2: Data Protection & Governance Premium ⏱ ~12 min read

How Copilot Accesses Your Data

Copilot is powered by Microsoft Graph. It reads your emails, files, chats, and calendar — but only what YOU can see. Understanding this connection is the most important concept for the exam.

The Graph connection — Copilot’s data pipeline

☕ Simple explanation

Imagine a librarian who knows every book in the library and who’s allowed to borrow what.

When you ask Copilot a question, it goes to the librarian (Microsoft Graph) and says: “This person wants to know about Project Phoenix. What can they see?” The librarian checks your library card (permissions) and brings back only the books you’re allowed to read.

If you don’t have access to the Finance section, the librarian won’t show you Finance books — even if they contain information about Project Phoenix.

This is the most important thing to understand for the exam: Copilot sees exactly what you see. No more, no less.

Microsoft 365 Copilot accesses organisational data through the Microsoft Graph API, the same unified API that powers search, admin reports, and cross-app features in M365. When a user prompts Copilot, the orchestration service queries the Graph using the signed-in user’s own access token, respecting all existing M365 permissions, sensitivity labels, and DLP policies.

Copilot does NOT maintain a separate data store, does NOT have elevated permissions, and does NOT bypass any security controls. Its access boundary is identical to the user’s direct access boundary.

How Copilot processes a prompt

StepWhat HappensWho Controls It
1. User prompts”What’s the latest on Project Phoenix?”The user
2. OrchestrationCopilot’s orchestration service prepares the queryMicrosoft (backend)
3. Graph queryQuery sent to Microsoft Graph using the user’s access tokenM365 permissions
4. Data retrievalGraph returns relevant emails, files, chats, meetings — filtered by user’s permissionsSharePoint, Exchange, Teams permissions
5. GroundingRetrieved data is combined with the user’s prompt and sent to the LLMMicrosoft (backend)
6. ResponseLLM generates a response grounded in the user’s organisational dataCopilot

Key exam concept: At Step 4, the Graph ONLY returns data the user already has permission to access. This is called permission-trimmed access. If the user can’t see a SharePoint file directly, Copilot can’t use it either.

What Copilot CAN and CANNOT see

Copilot's access boundary = your access boundary
Feature✅ Copilot CAN See❌ Copilot CANNOT See
Your email
Files you have access to in SharePoint/OneDrive
Teams chats and channels you're a member of
Your calendar and meetings
Files in SharePoint sites you DON'T have access to
Other people's private OneDrive files
Private channels you're NOT a member of
Email from other people's mailboxes

Why this matters — the oversharing problem

Here’s the exam scenario that trips everyone up:

“After deploying Copilot, employees discover they can ask Copilot about documents they didn’t know existed but technically had access to.”

This is NOT a Copilot bug. It’s a permissions problem. Copilot didn’t grant them new access — it just made their EXISTING access more discoverable. The files were always accessible; Copilot just made them easier to find.

⚠️ The oversharing scenario — exam favourite

Northwave deploys Copilot. An intern asks: “Show me the latest board meeting notes.”

Before Copilot: The intern technically had read access to the Board SharePoint site (permissions were too broad), but never navigated there directly. No one noticed.

After Copilot: Copilot finds and summarises the board notes because the intern has permission. The CISO panics.

Root cause: SharePoint permissions were too broad — NOT a Copilot issue.

Fix:

  1. Restrict SharePoint permissions on the Board site (break inheritance, owner-only access)
  2. Run a SharePoint data access governance report to find other overshared sites
  3. Apply sensitivity labels to board documents (add encryption for extra protection)

Exam answer: “Fix the permissions, not Copilot.”

How M365 controls protect Copilot

ControlHow It Protects Copilot
SharePoint permissionsCopilot can only access files the user can access
Sensitivity labelsLabels restrict what can be done with content (encrypt, block external sharing)
DLP policiesPrevent Copilot-surfaced content from being shared inappropriately
Conditional AccessControl which devices/locations can use Copilot
Microsoft DefenderMonitor for suspicious AI-related activity
DSPM for AIVisibility into how sensitive data interacts with Copilot

Web grounding vs Graph grounding

ModeData SourceAdmin Control
Graph groundingYour organisation’s M365 data (emails, files, chats)Controlled by M365 permissions
Web groundingPublic internet via BingCan be DISABLED by admin in M365 admin center

Exam tip: Some organisations disable web grounding for compliance — they only want Copilot to use internal data. Admins can toggle this in the M365 admin center.

🎬 Video walkthrough

🎬 Video coming soon

How Copilot Accesses Data — AB-900 Module 16

How Copilot Accesses Data — AB-900 Module 16

~10 min

Flashcards

Question

How does Copilot access your organisation's data?

Click or press Enter to reveal answer

Answer

Through the Microsoft Graph API, using the signed-in user's own access token. Copilot respects all existing M365 permissions — it can only access data the user already has permission to see.

Click to flip back
Question

Does Copilot have its own separate data store or admin permissions?

Click or press Enter to reveal answer

Answer

No. Copilot does NOT maintain a separate data store, does NOT have elevated permissions, and does NOT bypass any security controls. Its access boundary is identical to the user's.

Click to flip back
Question

If Copilot surfaces sensitive data to a user, what is the root cause?

Click or press Enter to reveal answer

Answer

The user already had permission to access that data — Copilot just made it more discoverable. The fix is to correct the overly broad permissions in SharePoint/Exchange/Teams, NOT to configure Copilot differently.

Click to flip back

Knowledge Check

Knowledge Check

After Copilot deployment, Northwave's HR team discovers that Copilot is summarising salary data for users outside HR. What is the MOST LIKELY root cause?

Next up: Responsible AI Principles — the ethical framework that governs how Microsoft builds and deploys AI, and what the exam expects you to know.

← Previous

DSPM for AI & Data Lifecycle

Next →

Responsible AI Principles

Guided

I learn, I simplify, I share.

A Guide to Cloud YouTube Feedback

© 2026 Sutheesh. All rights reserved.

Guided is an independent study resource and is not affiliated with, endorsed by, or officially connected to Microsoft. Microsoft, Azure, and related trademarks are property of Microsoft Corporation. Always verify information against Microsoft Learn.