This chapter covers Azure Information Protection (AIP) labels, a core component of Microsoft Purview Information Protection. For the MS-900 exam, understanding AIP labels is critical because they are the primary mechanism for classifying and protecting sensitive data in Microsoft 365. Approximately 10-15% of exam questions touch on information protection topics, with AIP labels being a frequent focus. You will be tested on label types, where they are applied, how they persist, and the difference between sensitivity labels and AIP labels (now unified). This chapter provides the depth you need to answer any AIP label question correctly.
Jump to a section
Imagine a law firm that uses a color-coded stamp system for all documents. When a partner creates a contract, they physically stamp it with a red "Confidential" seal that includes a barcode. The barcode encodes rules: "Only partners can open this; if emailed externally, encrypt it." The stamp is visible on the page, so anyone handling the document immediately knows its sensitivity. If an associate tries to photocopy the document, the photocopier reads the barcode and rejects the copy. If the document is mailed to a client, the barcode triggers a shrink-wrap process that seals the envelope with a lock only the client can open. The stamp itself is not the security—it's the label that instructs systems (copiers, printers, email servers) on what protection to apply. In the same way, an AIP label is a metadata tag applied to a file or email. The label carries configuration rules (encryption, watermarking, access restrictions). When the file is opened in Office apps, the label is read, and the app enforces the rules. The label persists even if the file is saved, renamed, or moved—just like the stamp stays on the paper. The key is that the label is the policy trigger, not the protection itself. The actual encryption or rights management is performed by Azure Information Protection (now part of Microsoft Purview Information Protection) based on the label's settings.
What Are AIP Labels and Why Do They Exist?
Azure Information Protection (AIP) labels are metadata tags that allow organizations to classify and optionally protect documents and emails based on sensitivity. They are part of Microsoft Purview Information Protection (formerly Microsoft Information Protection, MIP). The primary purpose is to enable data governance: organizations can define labels like "Public," "Internal," "Confidential," and "Highly Confidential" and then apply rules automatically or manually. The labels persist with the data, traveling with it even when shared outside the organization, and can enforce protection actions such as encryption, access restrictions, and visual markings (headers, footers, watermarks).
On the MS-900 exam, you need to know that AIP labels are now unified under the "Sensitivity labels" umbrella in the Microsoft Purview compliance portal. The term "AIP label" is legacy but still used in some contexts. The exam tests your understanding of label capabilities, not the historical naming.
How AIP Labels Work Internally
When a sensitivity label is applied to a document in Office apps (Word, Excel, PowerPoint, Outlook), the label is embedded as metadata in the file. The mechanism differs by file type:
For Office documents (Office Open XML format): The label is stored in the custom XML part of the file. Specifically, it uses the Classification and LabelInfo properties. The label ID (a GUID) and label name are written. The file remains in its native format (e.g., .docx), but the metadata is persistent.
For PDFs and other files: The label can be embedded via Azure Information Protection unified labeling client or through a scanner. The client may inject metadata into the file's properties.
For emails: The label is applied as a header (e.g., X-MS-Exchange-Organization-Classification). Outlook reads this header and displays the label in the email's sensitivity bar.
When protection (encryption) is configured, the label triggers Azure Rights Management (Azure RMS) to wrap the file. The file is encrypted using AES-256 (for files) or the email is encrypted using S/MIME or OME. The encryption key is managed by Azure RMS, and access is controlled by templates defined in the label's settings. The label itself is not the encryption—it's the policy that invokes the encryption.
Key Components, Values, Defaults, and Timers
- Label Types: - Sensitivity labels (current term) – these are the labels you create in the Purview compliance portal. - AIP labels (legacy) – previously created in Azure portal; now migrated to Purview. - Label Scope: Labels can be scoped to files and emails, meetings, or other items. For MS-900, focus on files and emails. - Protection Actions: - Encryption: Uses Azure RMS. You can assign specific users or groups, or allow everyone in the organization. - Visual Markings: Headers, footers, watermarks. These are applied dynamically when the document is opened or printed. - Content Marking: Can be applied to files, emails, and attachments. - Auto-labeling: You can create auto-labeling policies that scan data at rest (in SharePoint, OneDrive, Exchange) or at rest in files (via AIP scanner) and apply labels based on sensitive information types (e.g., credit card numbers) or trainable classifiers. - Default Label: An organization can set a default label for all documents and emails. This is a tenant-wide setting in the label policy. - Mandatory Labeling: You can require users to apply a label before sending an email or saving a document. If not applied, the action is blocked. - Label Priority: Labels have an order (from least sensitive to most sensitive). When auto-labeling, the highest priority label that matches wins. - Timers: There are no specific timers for label application. However, protection (encryption) can have expiration settings: you can define a date after which access is revoked, or set a duration (e.g., 30 days) for the license to access the content.
Configuration and Verification Commands
Configuration is done through the Microsoft Purview compliance portal or via PowerShell. For MS-900, you don't need to memorize commands, but understanding the process helps:
PowerShell for Sensitivity Labels:
- Connect to Security & Compliance Center PowerShell: Connect-IPPSSession
- Get existing labels: Get-Label
- Create a new label: New-Label -DisplayName "Confidential" -Name "Confidential" -Tooltip "Use for sensitive data"
- Set encryption: Set-Label -Identity "Confidential" -EncryptionEnabled $true -EncryptionTemplateId <GUID>
Verification:
In Office apps, the sensitivity bar shows the applied label.
For files, you can inspect properties: Right-click file > Properties > Details > Sensitivity.
For emails, view message headers.
Interaction with Related Technologies
Microsoft 365 Defender for Cloud Apps: Can detect sensitive files with labels and apply actions like blocking downloads.
Microsoft Purview Data Loss Prevention (DLP): DLP policies can use sensitivity labels as conditions. For example, block sharing of a file labeled "Highly Confidential" externally.
Microsoft Purview Data Lifecycle Management (formerly Records Management): Labels can be used to trigger retention or disposition actions.
Microsoft 365 Compliance Center: Central management of labels, policies, and analytics.
Azure Information Protection Scanner: On-premises scanner that discovers, classifies, and labels files on file shares and SharePoint Server.
Exam-Relevant Details
- Unified Labeling: Since 2022, AIP labels are fully integrated into Microsoft Purview Information Protection. The term "AIP label" is deprecated but still appears in exam context. Always look for "sensitivity label" as the current term. - Label Application Methods: 1. Manual – user selects label in Office apps. 2. Default – applied automatically if no label is selected. 3. Recommended – Office prompts user to apply a label based on content detected. 4. Auto-labeling – policy-based scanning and labeling of data at rest. - Persistence: Labels survive file rename, copy, and move within Office formats. For non-Office files, the label may be lost if the file is converted to a different format that doesn't support custom properties. - Encryption Details: When encryption is applied, the file becomes an Azure RMS-protected file (.ppdf for PDF, or .rpmsg for email). The original extension may change (e.g., .docx becomes .docx.rpmsg).
1. Define Sensitivity Labels
In the Microsoft Purview compliance portal, an administrator creates sensitivity labels. Each label has a name, tooltip, and description. The admin configures protection settings: encryption, visual markings, and access control. The label is assigned a priority order; higher priority labels are more sensitive. The admin then publishes the label via a label policy, specifying which users and groups can use it. This step is done once per label, but labels can be updated later.
2. Publish Label Policy
The label policy is created in the Purview portal. It includes the labels to publish, the users/groups that receive them, and policy settings like default label and mandatory labeling. The policy is applied to the specified users. It can take up to 24 hours to propagate, but typically within minutes. The policy also defines whether the label is available in Office apps (Word, Excel, Outlook) and for files and emails.
3. User Applies Label (Manual)
In an Office app (e.g., Word), the user opens the document and sees the sensitivity bar at the top. They click the bar and select a label (e.g., "Confidential"). The app writes the label metadata into the file. If the label has encryption configured, the app calls Azure RMS to encrypt the file. The user may be prompted to authenticate if they don't have rights. The label is now persistent in the file.
4. Auto-Labeling (Optional)
An administrator creates auto-labeling policies that scan data at rest (SharePoint, OneDrive, Exchange) or data in transit (via Exchange mail flow). The policy uses sensitive information types or machine learning classifiers to detect content. When a match occurs, the system automatically applies the specified label. For files, this may also trigger protection actions. Auto-labeling runs periodically (e.g., every 24 hours for SharePoint).
5. Label Enforcement and Audit
When a labeled document is opened by another user, Office apps read the label metadata and enforce the protection (e.g., encryption). If the user is unauthorized, they get an error. All label changes are logged in the Microsoft 365 audit log. Administrators can monitor label usage in the Purview portal under Information Protection > Activity Explorer. This provides insights into which labels are applied and by whom.
Enterprise Scenario 1: Classifying Financial Reports
A multinational corporation, Contoso Finance, needs to protect quarterly earnings reports. They create sensitivity labels: "Public," "Internal," "Confidential," and "Highly Confidential." The "Highly Confidential" label enforces encryption and restricts access to the CFO and board members. The label also applies a watermark "HIGHLY CONFIDENTIAL" on each page. The label policy is published to all employees. Financial analysts manually label reports before sharing. The company also uses auto-labeling to scan SharePoint libraries for documents containing financial data (e.g., revenue numbers) and automatically apply the "Confidential" label. The system works well, but they encounter a challenge: when an analyst sends a labeled report via email to an external auditor, the encryption prevents the auditor from opening it. The solution is to create a separate label "Confidential - External" that allows access to specific external users via Azure RMS. This scenario highlights the need for careful label design and user training.
Enterprise Scenario 2: Healthcare Data Protection
A hospital network, HealthFirst, must comply with HIPAA. They create a sensitivity label "Protected Health Information (PHI)" that enforces encryption and restricts access to healthcare staff. The label also adds a header "CONFIDENTIAL - PHI" to every page. They use auto-labeling to scan emails for patient data (e.g., medical record numbers) and automatically apply the PHI label. The hospital also deploys the AIP scanner on on-premises file shares to label existing files. A common issue is that some legacy applications do not support sensitivity labels, so unlabeled files remain unprotected. To mitigate, they implement mandatory labeling for all new documents via group policy. Performance is generally fine, but scanning large file shares (terabytes of data) can take days. They schedule scans during off-peak hours.
Enterprise Scenario 3: Legal Firm with External Collaboration
A law firm, LexCorp, needs to share confidential case files with external clients. They create a label "Attorney-Client Privilege" that encrypts the document and grants access to the specific client's email domain. However, they discover that if the client forwards the document to an unauthorized person, the encryption persists but the client's rights (view, edit, print) are inherited. To prevent this, they set usage rights to "View Only" and disable printing. They also use Azure RMS templates to define granular permissions. A challenge is that external users must authenticate with a Microsoft account or Azure AD guest account to open the encrypted file. This can cause friction. They mitigate by using the Microsoft Purview Information Protection viewer for mobile devices. Overall, labels provide a robust way to enforce data protection across organizational boundaries.
What MS-900 Tests on This Topic
The MS-900 exam objective 3.4 covers "Describe the capabilities of Microsoft 365 security and compliance solutions." Under this, you must understand sensitivity labels (formerly AIP labels). The exam focuses on:
The purpose of sensitivity labels (classification and protection)
How labels are applied (manual, default, recommended, auto)
What protection actions labels can enforce (encryption, visual markings, access control)
The relationship between labels and Azure RMS
The difference between sensitivity labels and retention labels (retention labels are for data lifecycle management, not protection)
Common Wrong Answers and Why Candidates Choose Them
Wrong answer: "AIP labels are only for on-premises files." Candidates confuse AIP scanner (which scans on-premises) with labels themselves. Reality: Labels apply to cloud and on-premises data via the unified labeling client.
Wrong answer: "Labels are the same as retention labels." Candidates see both in Purview. Reality: Sensitivity labels classify and protect; retention labels manage retention and deletion. They are different.
Wrong answer: "Encryption is applied by the label itself." Candidates think the label contains the encryption key. Reality: The label triggers Azure RMS to encrypt; the label is metadata.
Wrong answer: "Labels cannot be applied automatically." Candidates think only manual application exists. Reality: Auto-labeling policies can apply labels based on content detection.
Specific Numbers, Values, and Terms That Appear Verbatim
The exam may ask: "Which component provides the encryption for sensitivity labels?" Answer: Azure Rights Management (Azure RMS).
The exam may ask: "What is the default encryption algorithm?" Answer: AES-256.
The exam may ask: "Where are sensitivity labels configured?" Answer: Microsoft Purview compliance portal.
The exam may ask: "Which label application method prompts the user?" Answer: Recommended labeling.
Edge Cases and Exceptions
Labels do not apply to all file types. For example, plain text (.txt) files cannot hold metadata; the label may be lost if the file is saved as .txt.
When a file is encrypted by Azure RMS, the file extension may change (e.g., .docx becomes .docx.rpmsg). The exam may test that you cannot open the file without the RMS client.
External users must have an Azure AD account or a Microsoft account to access encrypted content. Guest access requires Azure AD B2B.
How to Eliminate Wrong Answers Using the Underlying Mechanism
If a question asks about "protecting data with labels," remember that labels themselves do not encrypt; they trigger encryption. So any answer that says "the label encrypts" is wrong. For questions about persistence, remember that labels are embedded as metadata in the file, so they survive copy/move within Office formats. If an answer says labels are lost when emailing, it's wrong because the label travels with the email as a header. For auto-labeling, remember it scans data at rest and in transit. If an answer says auto-labeling only applies to emails, it's incomplete (it also applies to SharePoint and OneDrive).
Sensitivity labels (formerly AIP labels) are metadata tags that classify and optionally protect data in Microsoft 365.
Labels are created in the Microsoft Purview compliance portal and published via label policies.
Protection actions include encryption (via Azure RMS, AES-256), visual markings (headers, footers, watermarks), and access control.
Labels can be applied manually, as a default, via recommendation, or automatically through auto-labeling policies.
Labels persist with Office files (.docx, .xlsx, .pptx) even when copied, renamed, or moved; for other formats, persistence varies.
Sensitivity labels are distinct from retention labels; retention labels manage data lifecycle, not protection.
Auto-labeling policies scan data at rest (SharePoint, OneDrive, Exchange) and in transit (Exchange mail flow).
External users need an Azure AD account or Microsoft account to access encrypted content.
Mandatory labeling can be enforced to ensure all documents and emails have a label before saving/sending.
Label usage is logged in the audit log and can be monitored in Activity Explorer.
The exam tests the difference between sensitivity labels and retention labels, and the methods of label application.
A common exam trap: thinking labels always encrypt; encryption is optional per label configuration.
These come up on the exam all the time. Here's how to tell them apart.
Sensitivity Labels (AIP)
Classify and protect data (encryption, visual markings)
Can be applied manually, automatically via content detection, or as default
Persist with the data when shared externally
Enforce access control via Azure RMS
Used for data governance and compliance (e.g., GDPR)
Retention Labels
Manage data lifecycle (retention and deletion)
Can be applied manually or automatically based on conditions (e.g., file age, sensitive info)
Do not provide encryption or access control
Trigger disposition reviews or permanent deletion
Used for records management and legal hold
Mistake
AIP labels and sensitivity labels are two different systems.
Correct
They are the same. AIP labels were the original name; Microsoft rebranded to sensitivity labels under Purview Information Protection. The functionality is identical. The exam uses both terms interchangeably, but 'sensitivity labels' is current.
Mistake
Applying a label always encrypts the file.
Correct
Encryption is optional. A label can be used purely for classification (e.g., 'Public') with no protection. The admin configures whether encryption is applied. Many labels only add visual markings.
Mistake
Labels can only be applied manually by users.
Correct
Labels can be applied automatically via auto-labeling policies that scan data for sensitive content, or via default labels and recommended labeling that prompts users. Manual is just one method.
Mistake
Labels are removed when a file is copied or renamed.
Correct
For Office Open XML formats (.docx, .xlsx, .pptx), the label metadata persists even when the file is copied, renamed, or moved. For non-Office formats, persistence depends on the file format's ability to store custom properties.
Mistake
Sensitivity labels are the same as retention labels.
Correct
Sensitivity labels classify and protect data (encryption, visual markings). Retention labels manage how long data is kept and when it is deleted. They are separate features in Purview with different purposes.
Reveal each answer, then mark whether you got it right. Score 60%+ to unlock the next chapter.
There is no difference; they are the same thing. Azure Information Protection (AIP) labels were the original name, but Microsoft rebranded them as sensitivity labels under Microsoft Purview Information Protection. The functionality is identical. On the MS-900 exam, you may see both terms, but 'sensitivity labels' is the current terminology. Always think of them as the same feature.
Yes, via auto-labeling policies. These policies can scan data at rest in SharePoint, OneDrive, and Exchange, or data in transit in Exchange mail flow. They use sensitive information types (e.g., credit card numbers) or trainable classifiers to detect content and apply a label automatically. This is different from default labeling, which applies a label if the user doesn't choose one, and recommended labeling, which prompts the user.
Not necessarily. Encryption is an optional protection action that can be configured on a label. A label can be used purely for classification (like 'Public') with no encryption. If encryption is enabled, the label triggers Azure Rights Management (Azure RMS) to encrypt the file using AES-256. The label itself does not contain encryption keys; it instructs the system to apply protection.
For Office Open XML formats (.docx, .xlsx, .pptx), the label is embedded as custom metadata in the file. When the file is shared externally, the label travels with it. If the label has encryption, the external user must authenticate (via Azure AD guest account or Microsoft account) to access the file. For emails, the label is added as a header and persists through forwarding.
Yes. When configuring encryption on a label, you can assign specific users or groups (including external users) who have access. You can also set usage rights (view, edit, copy, print). This is done via Azure RMS templates. For example, you can create a label that allows only the legal team to edit a document, while others can only view it.
Sensitivity labels classify and protect data (encryption, visual markings, access control). Retention labels manage data lifecycle (how long data is kept and when it is deleted). They are separate features in Microsoft Purview. A file can have both a sensitivity label and a retention label simultaneously. The MS-900 exam often tests this distinction.
You can right-click the file in Windows Explorer, go to Properties > Details, and look for the 'Sensitivity' field. In Office apps, the sensitivity bar at the top of the document shows the applied label. For administrators, the Activity Explorer in Purview shows label application events. You can also use PowerShell cmdlets like Get-Label to view label policies.
You've just covered Azure Information Protection (AIP) Labels — now see how well it sticks with free MS-900 practice questions. Full explanations included, no account needed.
Done with this chapter?