Step 1 – Understand the feature
The scenario is about Microsoft Purview Data Security Posture Management for AI (DSPM for AI), a capability in Microsoft Purview that helps:
Discover sensitive data across AI environments (including Copilot for Microsoft 365).
Assess data exposure risks.
Apply policies for data classification and protection.
When you deploy DSPM for AI, Microsoft Purview automatically creates default policies to classify and protect sensitive content.
Step 2 – Which solutions are used to edit these policies?
DSPM for AI (D) → This is the core solution where the default DSPM policies are deployed and visible. To edit or manage them, you must use the DSPM for AI blade in Microsoft Purview.
Information Protection (B) → DSPM relies on Microsoft Information Protection (MIP), specifically sensitivity labels and sensitive information types. These labels and SITs are part of Purview Information Protection. Editing classification rules (e.g., sensitivity labels, sensitive info types, trainable classifiers) requires Information Protection.
???? Reference:
Microsoft Purview Data Security Posture Management for AI (DSPM for AI)
Overview of sensitivity labels in Microsoft Purview Information Protection
Step 3 – Why not the others?
A. Insider Risk Management → Detects risky insider activities (data theft, sabotage). Not used to configure DSPM policies.
C. Compliance Manager → Provides compliance score and assessments, but does not configure DSPM policies.
E. Information Barriers → Used to restrict communication between groups of users. Not related to DSPM.
F. Data Lifecycle Management → Manages retention and deletion of data. Not related to DSPM for AI policy editing.
G. Data Loss Prevention (DLP) → Protects sensitive data from being shared in apps/services, but DSPM’s default policies are not edited here.
