🔥 3-day streak
Microsoft Cybersecurity Architect Expert12 / 158
Question 12 of 158

A financial services firm is deploying Microsoft 365 Copilot. During a pre-deployment readiness review, the security architect finds that many SharePoint sites containing confidential client portfolios have broad 'Everyone except external users' permissions, and much of the content is unlabeled. Leadership is concerned that Copilot could surface confidential data to employees who should not see it in generated responses. The architect must design a data-security control set that reduces oversharing risk without blocking Copilot entirely. Which approach best addresses the requirement?

Reviewed for accuracy · Report an issueNext question