Microsoft Cybersecurity Architect — Question 67

You have a Microsoft 365 subscription that contains 500 users. Each user is assigned a Microsoft 365 E5 license and uses a Windows device.

Microsoft Purview data loss prevention (DLP) policies are applied to Microsoft Exchange Online email and SharePoint Online sites.

You plan to monitor the usage of third-party generative AI apps by using Microsoft Purview Data Security Posture Management for AI (DSPM for AI).

What should you do first?

Answer options

• A. Enable Microsoft Purview insider risk management for all the users.
• B. Onboard all endpoint devices to Microsoft Purview.
• C. Configure Microsoft Purview data connectors for the generative AI apps.
• D. License all the users for Microsoft 365 Copilot.

Correct answer: B

Explanation

The correct initial step is to onboard all endpoint devices to Microsoft Purview, as this is essential for monitoring and managing data security posture. Enabling insider risk management, configuring data connectors, or licensing for Microsoft 365 Copilot are steps that come after ensuring the devices are properly onboarded.