AB-900, AI Security, Cybersecurity, Data Security, Microsoft Certification, security

Understand features and capabilities of Microsoft Purview Information Protection, Microsoft Purview Data Loss Prevention (DLP), Microsoft Purview Insider Risk Management, Microsoft Purview Communication Compliance, Microsoft Purview Data Security Posture Management (DSPM) for AI, and Microsoft Purview Data Lifecycle Management (AB-900 Exam Prep)

 
This post is a part of the AB-900: Microsoft 365 Copilot and Agent Administration Fundamentals Exam Prep Hub.
This topic falls under these sections:
Understand data protection and governance tasks for Microsoft 365 and Copilot (35–40%)
   --> Understand Microsoft Purview
      --> Understand features and capabilities of Microsoft Purview Information Protection, Microsoft Purview Data Loss Prevention (DLP), Microsoft Purview Insider Risk Management, Microsoft Purview Communication Compliance, Microsoft Purview Data Security Posture Management (DSPM) for AI, and Microsoft Purview Data Lifecycle Management

Note that there are 10 practice questions (with answers) at the end of each section to help you solidify your knowledge of the material. Also, there are 4 practice tests with 30 questions each available from the hub's main page below the exam topics section.

Introduction

As organizations adopt Microsoft 365, Copilot, and AI-powered solutions, protecting sensitive information becomes increasingly important. Microsoft provides a unified compliance and governance platform called Microsoft Purview.

Microsoft Purview helps organizations:

  • Protect sensitive information.
  • Prevent accidental or intentional data loss.
  • Manage records and retention.
  • Detect insider risks.
  • Monitor communications.
  • Strengthen AI data governance.
  • Meet regulatory and compliance requirements.

For the AB-900 exam, you should understand the purpose and capabilities of the major Microsoft Purview solutions rather than detailed implementation steps.

What Is Microsoft Purview?

Microsoft Purview is Microsoft’s unified data governance, compliance, and risk management platform.

Purview enables organizations to:

  • Discover and classify data.
  • Protect sensitive information.
  • Govern information throughout its lifecycle.
  • Reduce insider threats.
  • Monitor AI-related risks.
  • Meet legal and regulatory obligations.

Purview works across:

  • Microsoft 365
  • Exchange Online
  • SharePoint Online
  • OneDrive
  • Teams
  • Microsoft Copilot
  • Power Platform
  • Endpoint devices
  • Third-party cloud services

Microsoft Purview Information Protection

Purpose

Microsoft Purview Information Protection (MIP) helps organizations classify and protect sensitive information.

It enables organizations to:

  • Identify sensitive data.
  • Apply sensitivity labels.
  • Encrypt content.
  • Control sharing permissions.
  • Track and monitor protected content.

Sensitivity Labels

Sensitivity labels classify content based on its importance.

Examples:

  • Public
  • General
  • Confidential
  • Highly Confidential

Labels can be applied to:

  • Emails
  • Word documents
  • Excel files
  • PowerPoint presentations
  • SharePoint sites
  • Teams
  • Microsoft 365 Groups

Protection Actions

Sensitivity labels can:

Encrypt Data

Only authorized users can open content.

Restrict Access

Prevent forwarding, printing, or copying.

Apply Visual Markings

Add:

  • Headers
  • Footers
  • Watermarks

Protect Copilot Data

Copilot respects existing permissions and sensitivity labels.

Benefits

Information Protection helps organizations:

  • Reduce accidental exposure.
  • Meet compliance requirements.
  • Maintain consistent classification.
  • Protect confidential information.

Microsoft Purview Data Loss Prevention (DLP)

Purpose

Data Loss Prevention (DLP) helps prevent sensitive information from being shared improperly.

DLP identifies sensitive information and automatically applies protection actions.

Examples of Sensitive Information

  • Credit card numbers
  • Social Security numbers
  • Passport numbers
  • Healthcare records
  • Financial information

DLP Actions

Policies can:

  • Block email transmission.
  • Prevent file sharing.
  • Warn users before sending data.
  • Generate alerts.
  • Create audit records.

Locations Protected by DLP

DLP policies can protect:

  • Exchange Online
  • SharePoint Online
  • OneDrive
  • Microsoft Teams
  • Endpoint devices

Example

A user attempts to email customer credit card information outside the company.

DLP can:

  1. Detect the information.
  2. Display a warning.
  3. Block the message.

Benefits

DLP helps:

  • Prevent accidental leaks.
  • Support compliance requirements.
  • Educate users with policy tips.
  • Reduce organizational risk.

Microsoft Purview Insider Risk Management

Purpose

Insider Risk Management helps detect risky behavior from internal users.

Risks may be:

  • Accidental
  • Negligent
  • Malicious

Examples of Risky Activities

  • Downloading large amounts of files.
  • Sending confidential information externally.
  • Copying data to USB devices.
  • Unusual file access patterns.
  • Data theft before leaving the company.

Risk Indicators

The solution uses:

  • User activities
  • Behavioral signals
  • Microsoft 365 audit logs

Investigation Capabilities

Administrators can:

  • Review alerts.
  • Analyze activities.
  • Escalate incidents.
  • Document investigations.

Benefits

Insider Risk Management helps:

  • Reduce insider threats.
  • Detect suspicious behavior early.
  • Protect intellectual property.

Microsoft Purview Communication Compliance

Purpose

Communication Compliance helps organizations monitor communications for policy violations.

Content Sources

Communication Compliance can monitor:

  • Microsoft Teams chats
  • Emails
  • Copilot interactions
  • Other communication channels

Violations It Can Detect

Examples include:

  • Harassment
  • Threatening language
  • Offensive content
  • Inappropriate sharing
  • Regulatory violations

Review Process

Flagged communications are:

  1. Detected automatically.
  2. Reviewed by authorized reviewers.
  3. Investigated when necessary.

Benefits

Communication Compliance helps:

  • Promote workplace safety.
  • Meet industry regulations.
  • Reduce legal exposure.
  • Enforce organizational policies.

Microsoft Purview Data Security Posture Management (DSPM) for AI

Purpose

DSPM for AI helps organizations understand and secure how AI systems interact with organizational data.

As AI adoption grows, organizations need visibility into:

  • What data AI tools can access.
  • Which users have access to sensitive information.
  • Potential AI-related risks.

DSPM for AI Capabilities

DSPM for AI helps organizations:

Discover AI Usage

Identify where AI tools are being used.

Assess Data Exposure

Understand whether sensitive data may be exposed.

Monitor Copilot Activity

Gain visibility into AI interactions.

Identify Oversharing Risks

Locate files with excessive permissions.

Strengthen AI Governance

Improve controls around AI usage.

Example

DSPM for AI may discover:

  • A SharePoint site containing confidential files.
  • Excessive permissions on the site.
  • Potential exposure to Copilot responses.

Administrators can then reduce permissions and improve security.

Benefits

DSPM for AI supports:

  • Responsible AI adoption.
  • Reduced oversharing risks.
  • Better governance of AI systems.

Microsoft Purview Data Lifecycle Management

Purpose

Data Lifecycle Management governs information throughout its lifecycle.

It ensures that information is:

  • Retained when required.
  • Deleted when no longer needed.
  • Managed according to regulations.

Retention Policies

Retention policies determine how long content should be kept.

Examples:

Content TypeRetention Period
HR records7 years
Financial documents10 years
General emails3 years

Retention Labels

Labels can assign different retention periods to individual documents.

Example:

  • Contract documents retained for 10 years.
  • Project files retained for 5 years.

Automatic Deletion

When retention periods expire, content can be deleted automatically.

Benefits include:

  • Reduced storage costs.
  • Reduced legal risk.
  • Better compliance.

Records Management

Organizations can designate records that must not be altered or deleted before their retention period ends.

How These Purview Solutions Work Together

SolutionPrimary Goal
Information ProtectionClassify and protect content
DLPPrevent data leakage
Insider Risk ManagementDetect risky user behavior
Communication ComplianceMonitor communications
DSPM for AISecure AI data access
Data Lifecycle ManagementRetain and dispose of data appropriately

Together, these capabilities provide a comprehensive governance framework for Microsoft 365 and Copilot.

Importance for Microsoft 365 Copilot

Copilot respects existing Microsoft 365 permissions and compliance controls.

Purview solutions help ensure:

  • Sensitive content is labeled.
  • Oversharing risks are minimized.
  • AI interactions remain compliant.
  • Records are retained appropriately.
  • Users do not accidentally expose confidential data.

Key Exam Points

Remember these AB-900 concepts:

  • Information Protection uses sensitivity labels to classify and protect content.
  • DLP prevents inappropriate sharing of sensitive data.
  • Insider Risk Management detects risky user behavior.
  • Communication Compliance monitors communications for policy violations.
  • DSPM for AI helps organizations govern AI usage and identify oversharing risks.
  • Data Lifecycle Management controls retention and deletion of information.
  • Microsoft Purview supports Microsoft 365, Copilot, and AI governance.

Practice Exam Questions

Question 1

Which Microsoft Purview solution primarily uses sensitivity labels to classify and protect content?

A. Communication Compliance
B. Data Lifecycle Management
C. Information Protection
D. Insider Risk Management

Correct Answer: C

Explanation: Microsoft Purview Information Protection uses sensitivity labels to classify and secure content.

Question 2

Which Microsoft Purview capability helps prevent users from emailing credit card numbers outside the organization?

A. Insider Risk Management
B. Communication Compliance
C. Data Loss Prevention (DLP)
D. Records Management

Correct Answer: C

Explanation: DLP detects sensitive information and can block or warn users before sharing it.

Question 3

Which solution is designed to identify potentially malicious or risky behavior by internal users?

A. Information Protection
B. Sensitivity Labels
C. Data Lifecycle Management
D. Insider Risk Management

Correct Answer: D

Explanation: Insider Risk Management focuses on identifying risky activities performed by users inside the organization.

Question 4

A company wants to monitor Teams messages for harassment and inappropriate language. Which Microsoft Purview solution should they use?

A. DLP
B. Communication Compliance
C. DSPM for AI
D. Information Protection

Correct Answer: B

Explanation: Communication Compliance analyzes communications for policy violations.

Question 5

What is the primary purpose of Microsoft Purview DSPM for AI?

A. Manage mailbox permissions
B. Secure and govern AI-related data exposure
C. Encrypt documents automatically
D. Replace Conditional Access

Correct Answer: B

Explanation: DSPM for AI provides visibility into AI usage and helps identify oversharing risks.

Question 6

Which Microsoft Purview capability determines how long information should be retained?

A. Insider Risk Management
B. Communication Compliance
C. Data Lifecycle Management
D. Information Protection

Correct Answer: C

Explanation: Data Lifecycle Management uses retention policies and labels to manage content over time.

Question 7

Which action can a sensitivity label perform?

A. Create Teams channels automatically
B. Synchronize users with Active Directory
C. Configure Conditional Access policies
D. Encrypt documents and restrict access

Correct Answer: D

Explanation: Sensitivity labels can apply encryption and restrict how information is used.

Question 8

Which Microsoft Purview solution helps identify oversharing risks that may affect Microsoft Copilot responses?

A. DSPM for AI
B. Communication Compliance
C. Data Lifecycle Management
D. Exchange Online Protection

Correct Answer: A

Explanation: DSPM for AI helps organizations understand how AI systems interact with organizational data and identify excessive permissions.

Question 9

A company must retain financial documents for ten years to meet regulatory requirements. Which capability addresses this need?

A. DLP
B. Insider Risk Management
C. Data Lifecycle Management
D. Communication Compliance

Correct Answer: C

Explanation: Retention policies and labels within Data Lifecycle Management ensure information is preserved for required periods.

Question 10

Which statement best describes the relationship between Microsoft Purview and Microsoft 365 Copilot?

A. Copilot ignores Purview policies.
B. Purview replaces Copilot permissions.
C. Copilot stores all data outside Microsoft 365.
D. Copilot works with existing Purview protections and permissions.

Correct Answer: D

Explanation: Microsoft 365 Copilot honors existing permissions, sensitivity labels, and compliance controls established through Microsoft Purview.

Go to the AB-900 Exam Prep Hub main page

Leave a comment