Exam AB-900 Topic 2 Question 25 Discussion
Actual exam question for Microsoft's AB-900 exam
Question #: 25
Topic #: 2
Question #: 25
Topic #: 2
Your organization has a Microsoft 365 subscription.
All users are assigned Microsoft 365 Copilot licenses.
Some users report receiving Copilot responses that contain information from a Microsoft SharePoint site named Finance. The users report that the information is commercially sensitive.
You need to prevent Copilot from providing responses that contain information from the Finance site.
What should you do?
All users are assigned Microsoft 365 Copilot licenses.
Some users report receiving Copilot responses that contain information from a Microsoft SharePoint site named Finance. The users report that the information is commercially sensitive.
You need to prevent Copilot from providing responses that contain information from the Finance site.
What should you do?
Suggested Answer: D Vote an answer
The correct answer is D. From the Finance site, configure permissions . Microsoft states that Microsoft 365 Copilot honors existing Microsoft 365 permissions and only grounds responses in content that the signed-in user is already allowed to access. That means if users are getting Finance-site content in Copilot responses, those users likely still have permission to that SharePoint content. The direct fix is to review and correct the site, library, folder, or file permissions on the Finance site so only the intended users retain access.
The other options do not directly solve this requirement. Information Barriers are designed for communication and collaboration segmentation scenarios, not for ordinary site-level oversharing remediation.
A Defender data connector is unrelated to SharePoint permission enforcement. Conditional Access controls sign-in and session access conditions, but it does not selectively remove Copilot grounding from one SharePoint site for users who still have site permissions. Because Copilot uses SharePoint and Microsoft Graph permissions as its boundary, the Microsoft-documented corrective action is to fix the Finance site permissions .
The other options do not directly solve this requirement. Information Barriers are designed for communication and collaboration segmentation scenarios, not for ordinary site-level oversharing remediation.
A Defender data connector is unrelated to SharePoint permission enforcement. Conditional Access controls sign-in and session access conditions, but it does not selectively remove Copilot grounding from one SharePoint site for users who still have site permissions. Because Copilot uses SharePoint and Microsoft Graph permissions as its boundary, the Microsoft-documented corrective action is to fix the Finance site permissions .
by Olga at Jul 07, 2026, 08:43 AM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).