Copyright (c) 2026 MindMesh Academy. All rights reserved. This content is proprietary and may not be reproduced or distributed without permission.

8.3. Practice Questions

Try each before reading the rationale. These mirror the exam's mixed multiple-choice and scenario style.

Q1. A developer needs to make a precise change to two specific files and wants to review and control each edit. Which mode is the best fit? A. Inline suggestions B. Agent Mode C. Edit Mode D. Plan Mode Answer: C. Edit Mode applies scoped, directed edits across files you specify with full per-turn control. Agent Mode (B) is autonomous and overkill for a precise known change; inline (A) can't coordinate multi-file edits; Plan Mode (D) produces a plan, not the edits themselves.

Q2. A team wants Copilot to answer questions using data from their internal incident-tracking system. What enables this? A. Content exclusions B. Model Context Protocol (MCP) C. Prompt files D. Audit log Answer: B. MCP connects Copilot to external tools and data sources. Exclusions (A) remove context; prompt files (C) reuse prompts; the audit log (D) records governance events.

Q3. A developer accepts a Copilot suggestion that compiles and passes the happy-path test, then ships a bug on empty input. What's the correct lesson? A. Use a different model B. Strengthen validation, including edge cases C. Disable the security filter D. Trust Copilot less and stop using it Answer: B. "It compiled" isn't "validated." The fix is stronger validation (edge cases, review) — not switching models, removing safeguards, or abandoning the tool.

Q4. Which statement about content exclusions is correct? A. They delete the excluded files from the repository B. Each developer sets them in their own editor C. They stop Copilot from using specified files as context or suggestions D. They guarantee identical coverage across all editors Answer: C. Exclusions remove files from Copilot's context; they don't delete code (A), are admin-configured at repo/org level (B), and coverage can vary by editor (D).

Q5. An organization wants every pull request reviewed by Copilot, including PRs from contributors without a Copilot seat. Is this automatic? A. Yes, it's on by default B. No — an admin must enable specific policies, and there are cost implications C. Only individual maintainers can enable it D. It's impossible for non-licensed users Answer: B. Extending code review to non-licensed PRs is an opt-in admin policy with billing implications (and, after June 1, 2026, also consumes Actions minutes). It's not a default.

Q6. Why must AI output be validated? A. Because Copilot is always wrong B. Because the model produces plausible output, which can diverge from correct, secure output C. Only when the code doesn't compile D. Because validation is legally required in all jurisdictions Answer: B. The model optimizes for plausibility, not verified correctness — so fluent output can be subtly wrong or insecure. (A) overstates; (C) is the trap that "compiles = validated"; (D) is not the reason.

Q7. A Business customer wants IP indemnity for Copilot suggestions. What must they ensure? A. Use only the Free tier B. Enable the public-code matching (duplication detection) filter C. Disable all content exclusions D. Use Agent Mode exclusively Answer: B. On Business/Enterprise, IP indemnity is contingent on enabling the public-code matching filter. The others are unrelated or counterproductive.

Q8. In the code suggestion lifecycle, where does toxicity/relevance/jailbreak screening occur? A. Only after the model responds B. At the proxy, before the prompt reaches the LLM (inbound) C. In the editor, locally D. It doesn't happen Answer: B. Inbound screening at the GitHub proxy happens before the LLM sees the prompt. (Outbound post-processing also filters responses — but the inbound screen is the one described here.)

Q9. A developer reports the Copilot CLI installed cleanly but won't run any task. What should you check first? A. The service is down B. Reinstall the operating system C. GitHub authentication and a valid plan/seat or policy access D. Switch to a different terminal emulator Answer: C. Like every surface, the CLI requires GitHub authentication and an eligible plan; org policy can also restrict it. Configuration, not an outage, is the first suspect.

Q10. Which best describes when few-shot prompting is preferable to zero-shot? A. Always — more examples are always better B. When the answer's specific format or pattern needs demonstrating C. Never — examples waste context D. Only for security tasks Answer: B. Few-shot shapes specific output form/conventions; for common tasks zero-shot is leaner and often sufficient. "Always" (A) and "never" (C) are both wrong.

Q11. A team enables Autopilot in the Copilot CLI for a production deployment script and stops reviewing actions. What's the problem? A. Nothing — Autopilot is designed for this B. Oversight should increase with autonomy, not disappear C. Autopilot doesn't exist D. They should switch to inline suggestions Answer: B. Proportionality: more autonomy demands more deliberate oversight. Removing review in a production context is the wrong move.

Q12. A developer's Copilot suggestions are generic, even though the instruction is clear. The most likely fix is: A. Upgrade to Enterprise B. Open/select the relevant files so Copilot has the needed context C. Re-type the prompt in all caps D. Disable content exclusions globally Answer: B. Copilot determines context largely from editor state. Generic results usually mean the relevant context isn't exposed — opening or selecting the right code fixes it.

Alvin Varughese
Written byAlvin Varughese
Founder18 professional certifications