How the program is structured

Eight modules. Each module follows the same five-block rhythm:

1. Hook — why this matters
2. Concept — the core ideas
3. Live demo — what it looks like in practice
4. Hands-on lab — you try it on your own data
5. Knowledge check — quick interactive questions

Tip Your progress is saved in this browser. Each module you complete marks the green dot in the sidebar.

Core concepts

Think of Copilot as a highly talented intern on day one: it knows the world but not your company. Point it at the right documents and it turns into a colleague.

EDP — what is and isn't inside the boundary

• Prompts and responses are not used to train OpenAI's or Microsoft's foundation models.
• Data stays within the M365 service boundary (same boundary as Exchange/SharePoint).
• Conversations are subject to the same retention, eDiscovery, audit and DLP policies as the rest of M365.
• Customer-managed keys (CMK) and Customer Lockbox extend to Copilot interactions.

Copilot family — don't confuse the SKUs

Rule of thumb: if a feature description mentions "your organization's files," the user needs Microsoft 365 Copilot (the paid SKU), not the free Copilot Chat or Copilot Pro.

Work scope vs Web scope — a fuller comparison

The "Excel greyed out" triangle

If the Copilot icon is greyed out in Excel, check these three in order:

1. OneDrive/SharePoint — the file must be saved there (not on the desktop).
2. AutoSave — must be on.
3. Excel table — data must be in a table (Ctrl+T) or a supported range; no merged cells, no empty divider rows.

Other surfaces worth knowing

• OneNote — Copilot summarizes long notebooks, generates to-do lists from meeting notes.
• Loop — generate components (tables, task lists) from a prompt inside a Loop workspace.
• Whiteboard — "Categorize ideas" / "Suggest more" / "Summarize sticky notes."
• Forms — "Create a survey about customer satisfaction in 6 questions."
• Mobile — Copilot in the Microsoft 365 mobile app supports chat + voice, but slash-referencing is limited.

Researcher vs Analyst — a sharp distinction

Notebook vs Pages

Researcher — how it works under the hood

• Performs a multi-step plan: search → read → verify → synthesize. You see the reasoning steps as it works.
• Combines web and internal Graph results, citing both kinds in the same answer.
• Output is suitable for a 2-5 page briefing; you can hand off to Word, Outlook, or Teams to continue.
• Best prompts: "Brief me on...", "Compare...", "What are the implications of..."
• Not a good fit for: number crunching (use Analyst), file lookup (use Search), drafting (use plain Chat or in-app Copilot).

Analyst — how it works under the hood

• Uses a Python sandbox (a.k.a. "code interpreter") to crunch your data.
• Accepts Excel .xlsx, CSV .csv, and most text-extractable formats. Image-only files (a JPG of a chart) won't work.
• Shows you the Python code it runs — you can read and audit it.
• Best prompts: "Forecast...", "Correlate...", "Plot...", "Cluster customers by...", "What's the trend?"
• Cannot reach the web; bring your data in.

Pages — the new collaborative canvas

• Pages turn a Copilot answer into a shareable, editable canvas.
• Multiple people can co-edit with @mentions; Copilot stays available inside the page.
• You can export to Word, but that creates a frozen copy — future Copilot edits live in the page, not the Word file.
• Best for: a team co-writing a one-pager (brief, plan, recap, FAQ).

Notebooks — your project memory

• Hold a scoped bundle of sources (SharePoint links + local uploads + prompts) for one topic or project.
• Up to 20 sources per notebook is a safe ceiling — quality drops if you exceed that.
• SharePoint references = live (always latest, permission-trimmed). Local uploads = snapshot (frozen at upload time).
• Best for: "I'm running this customer engagement for three months — everything Copilot needs to know lives here."

Search vs Researcher vs Chat — the three Q&A surfaces

Image, audio, and video

• Create / Designer — generate images from a prompt. Subject to content-safety filters; cannot generate likenesses of real living people, real logos, or harmful content.
• Voice mode — talk to Copilot in supported clients (web, mobile).
• Stream highlights — video summaries appear in Teams Recap (audio + transcript-based, not deep video understanding).

Agent building blocks

Knowledge source matrix

Agent capabilities — what you can switch on

Agent lifecycle

1. Discover — is this task repeatable, multi-user, and grounded on stable sources? If not, a plain prompt or a saved prompt is enough.
2. Build — fill name, description, instructions, sources, capabilities.
3. Test — ask 5 typical questions; verify citations resolve and answers are correct.
4. Share — specific people, security groups, or whole organization (still tenant-scoped).
5. Operate — watch for drift: sources change, the agent's tone can drift; review monthly.
6. Retire — unshare and delete when the workflow is no longer needed.

Permission model — the most common misconception

Sharing the agent does not share the data.

• The agent itself can be shared with the whole org.
• When someone runs it, Microsoft Graph re-evaluates their permissions on the linked sources.
• A colleague who can't see the source SharePoint file will get a soft "no result" — the agent never bypasses access controls.
• Therefore: publish the underlying SharePoint files to the right people first, then share the agent.

Worked example — Charity volunteer-onboarding agent

Worked example — Bakery weekly-orders summary agent

• Name: Order Digest
• Instructions: "Summarize the week's wholesale orders. Group by product family. Flag anything more than 25% above the prior week."
• Knowledge sources: Weekly Order Sheet (SharePoint, live link)
• Capabilities: Code interpreter ON (needs to do the math)
• Trigger: Scheduled prompt every Monday at 07:00 — once a day, up to 15 runs total.

Governance — who can build, who can publish

• End users can build agents for themselves by default.
• Publishing org-wide typically requires admin approval (Tenant Admin / Copilot Admin role).
• Sensitive scenarios should use sensitivity labels on the underlying SharePoint sources; the agent inherits those controls.
• Audit: agent activity flows into the M365 audit log; Purview can attach DLP and retention.

Anti-patterns to avoid

GCSE in action — a bad prompt rewritten

Five prompt patterns to keep in your toolkit

Length, tone, format — the cues Copilot listens to

• Length: "in 5 bullets", "under 200 words", "a single paragraph", "one page"
• Tone: "warm and encouraging", "neutral and factual", "firm but polite", "playful"
• Audience: "for a B1 English reader", "for retirees with no IT background", "for a board of directors"
• Format: "table with columns X, Y, Z", "three sections with headings", "FAQ style", "email with subject line"
• Persona: "as a veterinary nurse", "as a museum docent"

Refine controls and follow-ups

After any answer, Copilot offers quick refinements you don't have to type:

• Make it longer / shorter
• More casual / more formal
• Visualize as a table
• Add an executive summary

Then keep iterating in natural language: "replace the third bullet with one about training" — Copilot keeps the rest as-is.

Common pitfalls (and the fix)

Saving and sharing prompts

• A prompt must run successfully at least once before it can be saved to the gallery.
• The gallery supports tags, descriptions, and sharing to teammates.
• Saved prompt links are tenant-scoped — a link sent to someone in another tenant will return "Prompt not found."
• Recommended hygiene: tag prompts by role ("newsletter", "intake", "summary"), review monthly.

The six AI risks

Microsoft's Responsible AI principles — the six pillars

The six AI risks — each one, properly explained

The supporting controls (who they're for)

What ends up where — conversation data residency

• Copilot conversations are stored in your tenant's Substrate (the same store as Exchange).
• They are visible to the user in their Copilot history; admin-visible via Purview/eDiscovery.
• Retention policies you apply to Exchange/Substrate cover Copilot history.
• Deleting a conversation in the UI follows your tenant's retention policy.

Citations — read them critically

• A citation is a provenance trail: "this content came from this source."
• A citation is not proof of accuracy: the source itself can be outdated, wrong, or misinterpreted.
• Citation review checklist:
  • Does the cited source actually say this?
  • Is the source fresh enough for the decision?
  • Is the source authoritative in your context?
  • Is anything important missing from the cited material?

Regulatory awareness (light touch)

• EU AI Act — risk-tiered regulation; M365 Copilot is a general-purpose AI deployment, and many uses fall under "limited risk" with transparency duties.
• NIST AI RMF — US risk-management framework; aligns with Microsoft's Responsible AI Standard.
• GDPR — data minimization, purpose limitation, subject rights still apply to anything Copilot processes.
• You do not need to memorize statutes for this exam, but you should know that AI use is regulated and that humans remain accountable.

Absolute words — a useful reflex

• "Always / never / only" on a feature claim → usually false. Features are context-dependent.
• "Always / never / only" on a security boundary → usually true. Microsoft commits to these guarantees.
• Example: "Copilot always produces accurate citations" → false. "Copilot never uses tenant data to train the foundation model" → true.

Memory ≠ conversation history

• Copilot may remember some preferences over time.
• To make Copilot forget: Settings → Memory → delete the entry.
• Deleting conversations does not clear memory.

Custom instructions — a worked example

A municipal communications officer might set custom instructions like this:

"I work in the communications team of a city council. Replies should be:

• In neutral, citizen-friendly English at B1 reading level
• Free of jargon and acronyms (spell out the first time)
• Structured with clear headings when longer than 4 paragraphs
• Inclusive in tone; avoid gendered defaults
• End with a one-line takeaway in bold

"

Scope reminder: these apply to new Chat conversations only. Researcher, Analyst, and other built-in agents have their own instruction sets baked in by Microsoft.

Memory — separate from history

Connectors, plugins, and Graph Connectors

• Graph Connectors (admin-controlled) pull external data (e.g., a knowledge-base, ticketing system) into Microsoft Graph so Copilot can ground on it.
• Plugins / message extensions let agents or Chat call external services for live actions.
• End users typically consume these — admins enable them. Recognizing the term is enough for the exam.

Language, accessibility, voice

• Copilot supports many UI languages; switch via M365 settings. The model can read and produce many more languages than the UI exposes.
• Voice mode is available in supported clients (web, mobile) for hands-free chat.
• Screen-reader and high-contrast support follow the host app's accessibility features.

Activity cleanup paths

Five most frequent field questions

1. "Is it using my company data to train the model?" → No, EDP forbids it.
2. "Who is responsible if the answer is wrong?" → Whoever publishes is accountable; human review rule.
3. "Can it read a confidential file I don't have access to?" → No, M365 permissions cannot be bypassed.
4. "Will Researcher work in my external meeting?" → Depends on the organizer's tenant policy.
5. "Will the same prompt give me the same answer?" → No, it's probabilistic.

Diagnostic flowchart — "Copilot isn't working"

1. Is the user signed in with their work account? Personal MSA → no tenant grounding.
2. Does the user have a Microsoft 365 Copilot license? Check M365 Admin Center → Users.
3. Is the host app up to date? Old builds of Word/Excel can hide the Copilot icon.
4. Is the file on OneDrive/SharePoint with AutoSave? Local files won't trigger Copilot in Excel/Word.
5. For Excel only — is the data in a real Excel table? Convert with Ctrl+T.
6. Has the admin disabled a specific surface? Researcher/Analyst pinning, agent install, web grounding can all be policy-controlled.
7. If all clear and still broken: capture a screenshot, exact prompt, and time, and open a Microsoft support ticket.

License combinations — the most common

Without the Copilot add-on, the user gets the free Microsoft 365 Copilot Chat experience: chat + web grounding + Designer image generation — but no tenant Graph grounding inside the Office apps.

Common error messages — root cause table

Field questions you'll be asked — the longer list

1. "Is Copilot trained on our data?" No. EDP forbids it. Grounding ≠ training.
2. "Who's responsible if the answer is wrong?" The human who publishes it. Always.
3. "Can it read confidential files?" Only files that user has permission to. Graph enforces permissions.
4. "Does it work in offline mode?" No. Copilot needs a live connection.
5. "Does it work on my personal Microsoft account?" Not the paid M365 Copilot. Free Copilot Chat and Copilot Pro are separate products.
6. "Can it remember my preferences?" Yes — via Memory. Delete entries any time.
7. "Will it work in someone else's Teams meeting?" Only if their tenant policy allows it.
8. "Why does the same prompt give a different answer?" LLMs are probabilistic. Add format constraints to stabilize.
9. "Why don't I see Researcher?" Pin it from the Agent Store, or check admin policy.
10. "Can I share a custom agent externally?" No. Custom agents are tenant-scoped.

Escalation path — when to hand off

• Champion / team lead — prompt help, sharing best practices.
• IT helpdesk — license, sign-in, app-version issues.
• Tenant admin — missing surfaces, blocked features, agent publishing, DLP/sensitivity.
• Microsoft support — reproducible service-level bugs; capture screenshot + prompt + timestamp + tenant ID.

2 · Containers — Notebooks vs Pages vs Apps

File version trap. A file you add to a notebook from SharePoint stays live — chats see the most recent version. A file you add from a local folder is a frozen snapshot — later edits on disk are ignored until you re-upload.

4 · Building custom agents in the Copilot app

Two tabs you must know:

• Describe tab — you describe the agent in natural language (purpose, audience, tone, tasks). Copilot proposes an initial setup (suggested behaviors, starter prompts). This is the AI-assisted starting point.
• Configure tab — you fine-tune knowledge sources, actions, and settings after the concept is set.

Capabilities you can add — pick by goal:

Knowledge source rules. Supported: SharePoint, Teams chats, email, websites, uploaded files (.doc/.docx, .pdf, .ppt/.pptx, .txt, .xls/.xlsx), and connectors. Not supported: image files (JPG/PNG) and prior Copilot conversations.

Sharing rules. Custom agents can be shared only with people in your organization — not with anyone holding a valid email, not with personal Microsoft accounts. For complex workflows with third-party connectors, use Copilot Studio, not the Copilot app.

6 · Grounding — making answers come from a real source

• Best way to ground: reference the actual content (the file, the doc, the URL) inside your prompt. Adding a goal or describing the audience helps clarity but does not ground the answer.
• With a Copilot license in Work scope, Copilot answers from two ingredients: (1) data the signed-in user is permitted to access, and (2) the model’s general training knowledge. It does not reach all tenant data indiscriminately, and it is not limited to training knowledge alone.
• Telling Copilot to “infer from training data” invites hallucinations — always reference the source.

8 · UI hints — verified response, suggested prompts, recap

• Verified response badge (small green indicator next to a conversation title): the conversation contains a response that is strongly grounded — typically backed by citations. It is not a sign that the conversation is shared, in a notebook, scheduled, or anonymous.
• Suggested prompts in an agent are the lightweight “guardrails” that show users how to start — the expected input patterns and output types. (Capabilities = what the agent can do; instructions = how it behaves; settings = configuration.)
• Recap is the right Teams feature for catching up on a meeting’s key points and next steps. For a meeting you joined late while it’s being recorded, the fastest path is to ask Copilot in Teams to summarize what you missed.
• To find existing similar content in your organization (“do we already have a training plan like this?”), use Search — not Designer, Apps, or Pages.

10 · The six AI risks — spotlight on prompt injection

Prompt injection is a top exam topic. An attacker hides malicious instructions inside an email, a document, a webpage, or a chat message the assistant will read. Because LLMs follow natural-language instructions, those hidden instructions can override the system’s intent — leading to data leakage, unsafe output, or policy bypass.

• Enterprise mitigations: grounding boundaries, permission trimming, content filtering, and an instruction hierarchy where system policies outrank user-supplied instructions.
• User mitigation: treat content from untrusted sources (external emails, web pages, files from outside your org) as potentially hostile. Validate before acting on AI output.
• The other recurring exam risk: users accepting AI output without verifying accuracy — always cross-check critical answers.

12 · Cross-tenant boundaries & file-access errors

• If a colleague from another company shares a prompt link and you see “Prompt not found. Sorry, it looks like the prompt is no longer available.” — the most likely cause is that the prompt lives outside your organization’s tenant. Cross-tenant sharing is not automatically allowed.
• If a saved prompt fails with “the file appears empty, corrupted, or in a format I cannot process”, the most likely cause is that you no longer have access to the file — not a real corruption.
• If Copilot answers feel inconsistent in wording between identical prompts, that’s normal: generative AI is probabilistic. Constrain the format if you need consistency.

14 · Temporary chat

• Designed for privacy-focused, non-persistent interactions.
• Prompts and responses are deleted immediately when the session ends or a new chat begins.
• Not saved to chat history, not stored in OneDrive, not added to a notebook, not kept for a delayed deletion window.
• Use it for: experimenting with sensitive ideas, drafting confidential text, testing prompts without leaving a record.

16 · Quick-fire glossary you must just remember

Official Microsoft Learn resources

• Exam page — learn.microsoft.com/credentials/certifications/exams/ab-730/ (registration, skills measured, scheduling).
• Free learning path — search Microsoft Learn for “AI Business Professional” and complete the official modules end-to-end.
• Microsoft 365 Copilot adoption hub — adoption.microsoft.com/copilot (scenario library, sample prompts, change-management templates).
• Responsible AI principles — microsoft.com/ai/responsible-ai.
• Practice Copilot directly — m365.cloud.microsoft (the web entry point covered in the Exam Deep Dive).

Customer scenario bank

Day-of-exam reminders

• Re-read the Exam Deep Dive module the night before — it is the densest single-pass review.
• Watch for the “content vs chrome” trap in Office app questions (Copilot does drafting/summarizing, not margins/themes/animations).
• Memorize the two prompt-scheduling limits: once per day, 15 runs.
• If you don\u2019t know a question: eliminate the two clearly wrong options first, then pick the answer that least contradicts EDP and responsible-AI principles.