Bash, the Crucial Exams Chat Bot
AI Bot
Deployment, Administration & Licensing (AB-900) Flashcards
Microsoft 365 Certified: Copilot and Agent Administration Fundamentals AB-900 Flashcards
Study our Deployment, Administration & Licensing (AB-900) flashcards for the Microsoft 365 Certified: Copilot and Agent Administration Fundamentals AB-900 exam with 45+ flashcards. View as flashcards, a searchable table, or as a fun matching game.
| Front | Back |
| How to assign licenses at scale | Use group based licensing Azure AD dynamic groups or scripts with Graph API |
| How to determine license coverage for rollout | Identify user roles features needed and map to available license SKUs |
| How to handle guest accounts for Copilot access | Apply least privilege use Conditional Access and restrict sensitive data access |
| How to manage connectors and third party integrations | Validate vendor security configure least privilege and monitor usage |
| How to report license usage and cost | Use Microsoft 365 admin center billing reports and Azure cost management |
| How to secure service principals secrets | Use certificates managed identities and rotate secrets regularly |
| Name the typical deployment stages | Assess pilot deploy train optimize |
| Name two MFA methods commonly used | Authenticator app SMS and hardware token |
| What are application permissions | Permissions granted to apps to act without a user context for background tasks |
| What are delegated permissions | Permissions granted to apps to act on behalf of a signed in user |
| What are tenant settings for Copilot | Controls for data collection telemetry features and allowed connectors |
| What is a pilot ring strategy | Deploy to a small set of users validate and expand gradually based on feedback |
| What is app registration in Azure AD | Process to register applications assign permissions and create secrets or certificates |
| What is Azure AD PIM used for | Just in time elevation of privileged roles and access review |
| What is change management best practice for Copilot updates | Use pilot rings communication training scheduled deployments and rollback plans |
| What is Conditional Access used for | Control access based on signals like location device risk and user |
| What is consent framework difference between admin and user consent | Admin consent grants tenant wide permissions user consent grants per user permissions |
| What is Copilot for Microsoft 365 licensing common model | Add on subscription for eligible Microsoft 365 user licenses |
| What is data residency requirement | Rules to ensure data stays within specific geographic regions for compliance |
| What is DLP in context of Copilot | Data Loss Prevention policies to prevent sharing of sensitive information |
| What is endpoint management requirement for Copilot clients | Ensure devices are compliant enrolled and meet configuration policies |
| What is evidence collection for audits | Gather logs configurations policies and user consent records for review |
| What is Just In Time access | Grant temporary elevated access only for approved tasks and time windows |
| What is least privilege principle in RBAC | Assign minimum permissions needed for tasks and use role separation |
| What is Microsoft Purview used for | Data governance classification labeling retention and eDiscovery |
| What is role of Compliance Administrator | Manage retention labels eDiscovery audit and compliance settings |
| What is role of Support escalation process | Define internal contacts Microsoft support pathways and incident SLAs |
| What is tenant admin responsibility for privacy | Configure data handling consent retention and user notification settings |
| What is tenant isolation | Segregating data and configurations to ensure boundaries between customers or departments |
| What is tenant level policy enforcement | Policies configured at tenant scope that apply to all users and groups |
| What is the first phase of Copilot deployment | Assessment and planning inventory of users apps data and compliance requirements |
| What is the function of conditional access session controls | Enforce sign in frequency block download or require app enforced restrictions |
| What is the purpose of audit logs | Record administrative and user actions for compliance and troubleshooting |
| What is the purpose of service health monitoring | Detect outages performance issues and receive Microsoft service notifications |
| What is the purpose of service principals | Enable apps and automation to authenticate as identities without user interaction |
| What is the role of admin consent in Copilot onboarding | Allows tenant admins to grant required app permissions on behalf of all users |
| What is the rollback plan for a failed rollout | Revert feature and configuration changes restore previous settings and communicate status |
| What is the significance of SLA for Copilot services | Defines uptime guarantees support response times and remediation expectations |
| What licensing model supports Copilot per user | Per user per month licensing typically assigned to individual seats |
| What monitoring tools track Copilot usage and health | Microsoft 365 admin center Azure Monitor and application insights |
| What must be considered for cost optimization | License utilization automation and right sizing of feature access |
| What role is needed to perform global configuration tasks | Global Administrator |
| What tenant prerequisites are required for Copilot | Azure AD licenses appropriate Microsoft 365 subscriptions and admin consent |
| What training is important for admins before production launch | Operational procedures governance security monitoring and incident response |
| Which role manages security settings and conditional access | Security Administrator |
About the Flashcards
Flashcards for the Microsoft 365 Certified: Copilot and Agent Administration Fundamentals exam help students review core terminology and deployment concepts for an enterprise AI assistant rollout. Cards cover assessment and planning, pilot and deployment stages, tenant and licensing prerequisites, admin roles and role-based access control including least-privilege and just-in-time elevation, and the consent framework for app permissions.
The deck also reinforces security, compliance, and operational controls such as conditional access, multi-factor authentication, data residency and loss-prevention policies, app registration and service principals, monitoring and health checks, pilot-ring strategies, rollback plans, audit evidence, and admin training and escalation processes needed for production launch.
Topics covered in this flashcard deck:
- Deployment phases
- Tenant prerequisites & licensing
- Identity, roles, RBAC
- Conditional Access & MFA
- App registration & service principals
- Monitoring, rollout, rollback