Microsoft AB-900 Exam Dumps

The correct answer is D. an app registration. Microsoft Learn states that to delegate identity and access management functions to Microsoft Entra ID, an application must be registered with a Microsoft Entra tenant. When you register an application, you create its identity configuration in Microsoft Entra, and a corresponding service principal is created so the application can authenticate and integrate with the tenant. This is the standard Microsoft mechanism for allowing a third-party cloud service or app to authenticate to Microsoft Entra.

The correct answer is C. the code interpreter capability. Microsoft Learn states that the code interpreter capability for Microsoft 365 Copilot declarative agents allows the agent to generate and execute Python code to analyze data and generate visualizations. Microsoft's agent schema documentation explicitly describes Code Interpreter as a capability used to solve complex math problems, analyze data, and generate visualizations. That directly matches the requirement to create charts and visualizations from a Microsoft Excel workbook.

Microsoft documentation also explains that code interpreter supports working with Excel files and is used for scenarios such as data analysis, statistical computations, and generating charts. This makes it the correct configuration for an agent that must reason over workbook data and produce chart-based outputs. By contrast, the image generator capability is for creating images, not for analyzing workbook data. The Scrum Assistant and Customer Insights Assistant options are templates, not the specific technical capability required to read data and build charts from an Excel workbook.

The correct answer is D. a sensitivity label policy. In Microsoft Purview, creating a sensitivity label by itself does not make it available to users. Microsoft Learn states that after you create sensitivity labels, you must publish them by creating a label policy so that users and groups can see and apply those labels in Microsoft 365 apps and services. Publishing controls which labels are available and to whom they are shown. This is why a sensitivity label policy is required to ensure that users can apply Label1 to files.

The other options do not meet the requirement. Auto-labeling policies apply labels automatically when content matches conditions, but they are not the primary mechanism for simply making a label available for user selection. A trainable classifier is used to identify content categories, not to publish a label. A retention label policy publishes retention labels for records and lifecycle purposes, which is different from sensitivity labeling for classification and protection. Therefore, the correct Microsoft-documented method to let users apply Label1 to files is to publish it using a sensitivity label policy.

The correct answer is C. Insider Risk Management. Microsoft documents that Microsoft Purview Insider Risk Management helps organizations detect, investigate, and act on potentially risky internal activities, including data theft and data leakage. Microsoft specifically provides policy templates for departing users, describing scenarios where users who are leaving an organization might download files, print files, or copy data to personal cloud storage or messaging services near their resignation or end date. That matches this question exactly, where User1 is leaving in two weeks and you need to determine whether the user is exfiltrating data.

The correct answer is B. Data explorer. Microsoft Learn states that Data explorer in Microsoft Purview shows a current snapshot of items that have been classified as a sensitive information type in your organization. Microsoft's sensitive information type documentation specifically lists examples such as social security numbers and credit card numbers, which means Data explorer is the appropriate portal feature for identifying files and emails that contain those data types. Data explorer is designed to help administrators see where sensitive data exists across supported Microsoft 365 locations.

The other options are less appropriate for this task. Information Protection reports focus more broadly on label and protection reporting. Information Protection policies are for configuring classification and protection behavior, not for finding existing files and emails containing SSNs or credit card numbers. Activity explorer is primarily used to review user and policy-related activities, such as label changes or DLP events, rather than to provide the direct sensitive-data inventory view requested here. Since the question asks to identify the files and emails containing specific sensitive information types, Microsoft's documented answer is Data explorer.