Overview

Lead AI transformation across your organization. This course covers Microsoft 365, Microsoft 365 Copilot, Microsoft 365 Copilot Chat, AI-powered agents, productivity, business applications, and security.  You need this course to secure and advance your organization Microsoft stack.

Audience Profile:

Business Leaders, Administrators and IT professionals This  course is for strategy leaders looking to enhance their productivity, streamline workflows, and gain from AI skills in a modern workplace..

Master the using M365 and AI to enhance your business

Module 1: Introduction to Microsoft 365 Services and Administration

Topic 1: Microsoft 365 Core Services and Administration Centers

• Explain the purpose of Microsoft 365 as a cloud productivity, collaboration, identity, security, and compliance platform.
• Identify the role of the Microsoft 365 admin center for managing users, licenses, domains, settings, and organizational configuration.
• Describe how administrators use workload-specific admin centers, including Exchange Online, SharePoint, Teams, Microsoft Entra, and Microsoft Purview.
• Recognize the relationship between users, groups, mailboxes, Teams, SharePoint sites, libraries, and folders.
• Understand how Microsoft 365 administration provides the foundation for Copilot and AI-powered experiences.

Support statements:

• Microsoft 365 administration requires an understanding of both the central Microsoft 365 admin center and individual workload admin centers.
• Core objects such as users, groups, sites, libraries, teams, and mailboxes are the building blocks for collaboration and access.
• AI readiness depends heavily on properly configured Microsoft 365 services, identity, data governance, and permissions.

Topic 2: Users, Groups, Licensing, and Access

• Describe how Microsoft 365 users are created, managed, and assigned licenses.
• Explain how license types affect access to Microsoft 365 features, Copilot, and AI-powered capabilities.
• Identify when to use users, Microsoft 365 groups, security groups, distribution lists, and Teams.
• Explain how group membership affects access to applications, content, and collaboration spaces.
• Recognize basic administrative tasks for onboarding and managing users.

Support statements:

• User and group management is one of the most important first steps in Microsoft 365 administration.
• Licensing determines which services, apps, and AI capabilities are available to each user.
• Proper group design helps simplify access management, security, and collaboration across the organization.

Module 2: Microsoft 365 Security, Identity, and Access Fundamentals

Topic 1: Microsoft Entra ID and Identity Administration

• Describe the role of Microsoft Entra ID as the identity and access foundation for Microsoft 365.
• Explain authentication and authorization in Microsoft 365.
• Identify common authentication methods, including passwords, multifactor authentication, and passwordless options.
• Describe the purpose and benefits of single sign-on.
• Understand how Microsoft Entra helps administrators manage access to cloud apps and enterprise applications.

Support statements:

• Microsoft Entra ID provides identity services that control how users access Microsoft 365 and related cloud resources.
• Authentication verifies who the user is, while authorization determines what the user can access.
• Strong identity controls are essential for protecting Microsoft 365 data and Copilot-enabled experiences.

Topic 2: Zero Trust and Conditional Access

• Explain the core principles of Zero Trust security.
• Describe how Conditional Access policies help control access based on user, device, location, risk, and application context.
• Identify common Conditional Access scenarios used to protect Microsoft 365.
• Understand how multifactor authentication supports Zero Trust.
• Recognize how risky sign-ins and identity signals can be used to improve security.

Support statements:

• Zero Trust assumes that every access request must be verified before access is granted.
• Conditional Access helps organizations enforce security policies dynamically based on risk and context.
• These controls are especially important when users access sensitive data that Copilot and agents may also surface.

Topic 3: Microsoft Defender XDR and Threat Protection

• Describe the purpose of Microsoft Defender XDR in Microsoft 365 security.
• Identify how threat protection helps defend against phishing, malware, identity compromise, and endpoint threats.
• Explain how security alerts and intelligence help administrators respond to threats.
• Understand the relationship between identity, email, endpoint, and cloud app protection.
• Recognize how secure environments reduce risk when deploying AI-powered tools.

Support statements:

• Microsoft Defender XDR helps unify threat detection and response across Microsoft 365 services.
• Administrators need basic awareness of threat signals that can affect users, data, and collaboration.
• Copilot and agents should be deployed in environments where security monitoring and threat response are mature enough to manage risk.

Module 3: Data Protection, Governance, and Microsoft Purview

Microsoft’s AB-900 study guide gives the largest weighting to data protection and governance tasks for Microsoft 365 and Copilot, at 35–40% of the exam.

Topic 1: Introduction to Microsoft Purview

• Describe Microsoft Purview as the platform for compliance, data protection, governance, and risk management.
• Explain the purpose of Information Protection, Data Loss Prevention, Insider Risk Management, Communication Compliance, and Data Lifecycle Management.
• Identify how sensitivity labels help classify and protect content.
• Explain how data classification supports compliance and security.
• Understand the purpose of retention policies and records management.

Support statements:

• Microsoft Purview helps organizations understand, classify, protect, and govern their data.
• Data protection is critical because Copilot responses are grounded in the data users are already permitted to access.
• Proper classification, labeling, and retention reduce the risk of oversharing or exposing sensitive information.

Topic 2: Data Security Implications of Microsoft 365 Copilot

• Explain how Copilot accesses Microsoft 365 data through Microsoft Graph.
• Describe how user permissions influence Copilot responses.
• Understand how SharePoint, OneDrive, Teams, Exchange, and other Microsoft 365 data sources can influence Copilot outputs.
• Explain how Microsoft Purview, Microsoft Defender, and Microsoft 365 permissions help protect against risk.
• Recognize the importance of responsible AI principles in Copilot administration.

Support statements:

• Copilot does not replace Microsoft 365 permissions; it respects the access users already have.
• Microsoft Graph helps Copilot retrieve relevant organizational context from Microsoft 365 services.
• Poorly governed permissions can lead to oversharing, making data governance a key Copilot readiness requirement.

Topic 3: Compliance, Risk, and Oversharing Management

• Identify compliance risks using Microsoft Purview Compliance Manager.
• Describe how Data Explorer and Activity Explorer can help administrators review sensitive data and user activity.
• Explain how DLP alerts can identify policy violations.
• Describe how Communication Compliance and Insider Risk Management help identify risky behavior.
• Understand how SharePoint Advanced Management and data access governance reports help detect oversharing.

Support statements:

• Oversharing is one of the most important governance risks for Microsoft 365 Copilot deployments.
• Administrators must understand how to identify sensitive content, excessive access, and risky sharing patterns.
• Compliance and governance tools help organizations prepare Microsoft 365 content before enabling AI experiences at scale.

Module 4: Microsoft 365 Copilot and Copilot Chat Administration

The AB-900 study guide includes basic administrative tasks for Copilot and agents as a major skill area, weighted at 25–30% of the exam.

Topic 1: Introduction to Microsoft 365 Copilot and Copilot Chat

• Describe the purpose of Microsoft 365 Copilot as an AI assistant embedded across Microsoft 365 experiences.
• Explain how Copilot Chat supports secure AI-powered productivity.
• Compare Copilot capabilities across Microsoft 365 apps, chat experiences, and organizational data.
• Identify which Copilot features can be enabled or disabled by administrators.
• Understand common use cases for AI-assisted productivity, collaboration, and knowledge discovery.

Support statements:

• Microsoft 365 Copilot combines large language model capabilities with organizational data and Microsoft 365 apps.
• Copilot Chat provides a secure conversational AI experience for users.
• Administrators need to understand both the business value and the administrative controls for Copilot.

Topic 2: Copilot Licensing, Billing, Usage, and Adoption

• Explain the difference between monthly Copilot licensing and pay-as-you-go models.
• Assign Copilot licenses to users.
• Monitor Copilot usage and adoption through the Microsoft 365 admin center.
• Understand the role of Copilot Analytics in measuring usage and organizational impact.
• Manage prompts, including saving, sharing, scheduling, and deleting prompts.

Support statements:

• Licensing determines which users can access specific Copilot capabilities.
• Usage and adoption reporting help organizations measure whether Copilot is being used effectively.
• Prompt management is becoming an important administrative and user productivity capability.

Topic 3: Researcher, Analyst, and Advanced Copilot Use Cases

• Identify use cases for Researcher.
• Identify use cases for Analyst.
• Explain how Copilot can support summarization, drafting, analysis, meeting productivity, and knowledge discovery.
• Describe how advanced Copilot experiences can help users work across Microsoft 365 content.
• Recognize when Copilot use cases require additional governance or access review.

Support statements:

• Researcher helps users gather, synthesize, and organize information.
• Analyst supports data analysis, reasoning, and insight generation.
• Advanced Copilot capabilities increase the need for strong data governance and responsible AI practices.

Module 5: Introduction to AI-Powered Agents

Topic 1: Built-In Agents and Custom Agents

• Compare built-in Copilot capabilities with AI-powered agents.
• Describe how agents can automate tasks, personalize user experiences, and support business processes.
• Identify common use cases for custom agents.
• Explain how agents can be grounded in organizational knowledge.
• Understand how agents fit into the broader Microsoft 365 and Copilot ecosystem.

Support statements:

• Agents extend AI from general productivity assistance into task-oriented business support.
• Built-in agents can address common productivity scenarios, while custom agents can target specific organizational processes.
• Agent planning should consider security, data access, governance, user experience, and lifecycle management.

Topic 2: Agent Access, Approval, and Lifecycle Management

• Identify how administrators configure user access to agents.
• Describe the basic process for creating an agent.
• Understand the approval process for agents.
• Monitor agent usage, operational insights, and lifecycle status.
• Recognize the role of the Microsoft 365 admin center and Power Platform admin center in agent administration.

Support statements:

• Agent access must be controlled so that users only interact with approved and appropriate AI tools.
• Approval processes help reduce risk from unmanaged or poorly designed agents.
• Monitoring agent usage and lifecycle helps administrators govern adoption and retire agents when they are no longer needed.

Module 6: Course Review and Exam Readiness

Topic 1: AB-900 Exam Skills Review

• Review the three major AB-900 skill areas: Microsoft 365 core services, data protection and governance, and Copilot and agent administration.
• Explain how Microsoft 365 objects, permissions, and admin centers support AI administration.
• Review key Microsoft Purview capabilities used to protect and govern Microsoft 365 data.
• Review Copilot licensing, feature controls, analytics, prompt management, and user adoption.
• Review agent access, creation, approval, monitoring, and lifecycle management.

Support statements:

• The AB-900 exam measures foundational knowledge of Microsoft 365, Copilot, agents, security, governance, and administration.
• Learners should understand not only what Copilot and agents do, but also how administrators control and secure them.
• Strong exam preparation should include Microsoft 365 admin concepts, Microsoft Entra, Microsoft Purview, Copilot controls, and agent lifecycle management.