Free AB-900 Mock Exam – Practice Online Confidently

A group of high-impact administrators in a Microsoft 365 tenant are repeatedly targeted by modern phishing kits that can proxy sign-in pages and steal MFA codes in real time. The security team wants a sign-in method that is resistant to credential theft and MFA code replay, and that ties authentication to a hardware-backed credential. Which authentication method best meets this requirement?

A global organization has implemented Microsoft Entra ID as the identity provider for hundreds of SaaS applications. Users sign in once at the start of the workday and then access Outlook on the web, SharePoint, and multiple third-party applications without being asked for credentials again. Security engineers enforce additional checks such as multifactor authentication and device compliance only when specific risk conditions or app types warrant it. The engineers claim that this combination “lets us use a single identity to sign in once, but still apply policy-based access decisions at the point of resource access using Conditional Access.” Is this claim an accurate description of how SSO and Conditional Access are intended to work together in Microsoft Entra ID?

An organization is rolling out Copilot and several custom AI agents. Security and compliance teams want a central place to see which AI apps are accessing sensitive data, track prompts and responses, and identify risky AI usage across multiple clouds. They also want recommendations on how to improve their overall data security posture for AI workloads.To achieve this, they should use Microsoft’s ______.

What does a sensitivity label in Microsoft Purview do?

Your Operations team uses Copilot daily, generating hundreds of queries each week. What is the most cost-effective licensing step?