Free Practice Questions for Microsoft 365 Fundamentals (AB-900) Certification
Study with 351 exam-style practice questions designed to help you prepare for the Microsoft 365 Fundamentals (AB-900).
Start Practicing
Random Questions
Practice with randomly mixed questions from all topics
Domain Mode
Practice questions from a specific topic area
Quiz History
Exam Details
Key information about Microsoft 365 Fundamentals (AB-900)
- Multiple choice
- Matching
- True/False
- Fill in the blank
Fundamentals
Candidates familiar with Microsoft 365, including core services, security, identity and access, data protection, and governance, along with Microsoft 365 Copilot and agents. Familiarity with admin centers for Exchange Online, SharePoint, Teams, Microsoft Entra, and Microsoft Purview, plus experience with AI-driven productivity tools and modern IT management practices.
Exam Topics & Skills Assessed
Skills measured (from the official study guide)
Domain 1: Identify the core features and objects of Microsoft 365 services
Subdomain 1.1: Identify the core objects of Microsoft 365 services
- Explain how license types assigned to users and groups affect access to Microsoft 365 features - Explore the organization configurations by using the Microsoft 365 admin center (domain names and org settings) - Identify the appropriate objects to configure by using the Exchange Online admin center (mailboxes and distribution lists) - Identify the appropriate objects to configure by using the SharePoint in Microsoft 365 admin center (sites, libraries, and folders) - Identify the appropriate roles and permissions for sites in SharePoint in Microsoft 365 - Identify the appropriate objects to configure by using the Teams admin center (teams, channels, and policies)
Subdomain 1.2: Understand the Microsoft 365 security principles
- Explain the core Zero Trust principles - Understand authorization - Understand authentication methods - Understand threat protection and intelligence - Understand features and capabilities of Microsoft Defender XDR
Subdomain 1.3: Identify the core security features of Microsoft 365 services
- Understand features and capabilities of Microsoft Entra - Understand conditional access policies - Understand the purpose and benefits of SSO - Identify the appropriate security object to use in an organization (users and groups) - Identify the appropriate tools to troubleshoot common sign-in issues (multifactor authentication [MFA], conditional access, and risky sign-ins) - Interpret Identity Secure Score in Microsoft Entra ID - Use the appropriate tools to review audit logs for user and admin activity - Identify the role of Privileged Identity Management (PIM) in an organization - Understand App registrations and Enterprise apps
Domain 2: Understand data protection and governance tasks for Microsoft 365 and Copilot
Subdomain 2.1: Understand Microsoft Purview
- Understand features and capabilities of Microsoft Purview Information Protection, Microsoft Purview Data Loss Prevention (DLP), Microsoft Purview Insider Risk Management, Microsoft Purview Communication Compliance, Microsoft Purview Data Security Posture Management (DSPM) for AI, and Microsoft Purview Data Lifecycle Management - Identify the use cases for sensitivity labels in Microsoft Purview - Understand data classification in Microsoft Purview - Understand retention
Subdomain 2.2: Understand data security implications of Copilot
- Understand how Copilot accesses data - Understand how Microsoft Graph influences Copilot responses - Understand how Copilot uses permissions and other controls in Microsoft 365, Microsoft Purview, and Microsoft Defender to protect against risks - Understand responsible AI principles
Subdomain 2.3: Identify data protection and governance risks for Microsoft 365 and Copilot
- Identify compliance risks and recommendations by using Microsoft Purview Compliance Manager - Identify sensitive information by using Microsoft Purview Data Explorer - Identify risks by using Insider Risk Management - Identify and respond to alerts generated by Microsoft Purview DLP - Identify policy violations generated by Communication Compliance - Identify user activities reported by Microsoft Purview activity explorer - Discover and manage AI activity by using DSPM for AI - Search for files and emails by using Content search in Microsoft Purview eDiscovery
Subdomain 2.4: Identify and monitor oversharing in SharePoint in Microsoft 365
- Identify the tools to troubleshoot oversharing in an organization - Run a data access governance report in SharePoint - Understand features and capabilities of SharePoint Advanced Management, including restricted site access
Domain 3: Perform basic administrative tasks for Copilot and agents
Subdomain 3.1: Understand features and capabilities of Copilot and agents
- Compare the built-in capabilities of Copilot and agents - Compare Copilot monthly license model to pay-as-you-go, including SharePoint - Identify which Copilot features can be enabled or disabled - Identify use cases for Researcher - Identify use cases for Analyst - Identify use cases for custom agents
Subdomain 3.2: Perform basic administrative tasks for Copilot
- Assign Copilot licenses - Monitor and manage Copilot pay-as-you-go billing policies - Monitor Copilot usage and adoption, including Copilot Analytics and the Microsoft 365 admin center - Manage prompts, including saving, sharing, scheduling, and deleting
Subdomain 3.3: Perform basic administrative tasks for agents
- Identify how to configure user access to agents - Create an agent - Understand approval process for agents - Monitor agents, including usage, operational insights, and agent lifecycle, by working with the Microsoft 365 admin center and the Microsoft Power Platform admin center
Techniques & products