SC-400 Microsoft Information Protection Administrator

Description

Overview:

Learn how to protect information in your Microsoft 365 deployment. This course focuses on data governance and information protection within your organization. The course covers implementation of data loss prevention policies, sensitive information types, sensitivity labels, data retention policies and Office 365 message encryption among other related topics. The course helps learners prepare for the Microsoft Information Protection Administrator exam (SC-400).

Pre-requisite(s):

Before attending this course, students should have:

• Foundational knowledge of Microsoft security and compliance technologies.
• Basic knowledge of information protection concepts.
• Understanding of cloud computing concepts.
• Understanding of Microsoft 365 products and services.

Audience:

The Information Protection Administrator plans and implements controls that meet organizational compliance needs. This person is responsible for translating requirements and compliance controls into technical implementation. They assist organizational control owners to become and stay compliant. They work with information technology (IT) personnel, business application owners, human resources, and legal stakeholders to implement technology that supports policies and controls necessary to sufficiently address regulatory requirements for their organization. They also work with the compliance and security leadership such as a Chief Compliance Officer and Security Officer to evaluate the full breadth of associated enterprise risk and partner to develop those policies. This person defines applicable requirements and tests IT processes and operations against those policies and controls. They are responsible for creating policies and rules for content classification, data loss prevention, governance, and protection.

Outline:

Module 1 – Introduction to information protection and data lifecycle management in Microsoft Purview

• Introduction to information protection and data lifecycle management
• Know your data
• Protect your data
• Prevent data loss
• Govern your data

Module 2 – Classify data for protection and governance

• Data classification overview
• Classify data using sensitive information types
• Classify data using trainable classifiers
• Review sensitive information and label usage
• Explore labeled and sensitive content
• Understand activities related to your data

Module 3 – Create and manage sensitive information types

• Compare built-in versus custom sensitive information types
• Create and manage custom sensitive information types
• Describe custom sensitive information types with exact data match
• Implement document fingerprinting
• Create keyword dictionary

Module 4 – Understand Microsoft 365 encryption

• Introduction to Microsoft 365 encryption
• Learn how Microsoft 365 data is encrypted at rest
• Understand service encryption in Microsoft Purview
• Explore customer key management using Customer Key
• Learn how data is encrypted in-transit

Module 5 – Deploy Microsoft Purview Message Encryption

• Implement Microsoft Purview Message Encryption
• Implement Microsoft Purview Advanced Message Encryption
• Use Microsoft Purview Message Encryption templates in mail flow rules

Module 6 – Protect information in Microsoft Purview

• Information protection overview
• Configure sensitivity labels
• Configure sensitivity label policies
• Configure auto-labeling policies
• Manage, monitor, and remediate information protection

Module 7 – Apply and manage sensitivity labels

• Apply sensitivity labels to Microsoft Teams, Microsoft 365 groups, and SharePoint sites
• Plan on-premises labeling
• Configure on-premises labeling for the Unified Labeling Scanner
• Apply protections and restrictions to email and files
• Monitor label performance using label analytics

Module 8 – Prevent data loss in Microsoft Purview

• Data loss prevention overview
• Identify content to protect
• Define policy settings for your DLP policy
• Test and create your DLP policy
• Prepare Endpoint DLP
• Manage DLP alerts in the Microsoft Purview compliance portal
• View data loss prevention reports
• Implement the Microsoft Purview Extension

Module 9 – Configure DLP policies for Microsoft Defender for Cloud Apps and Power Platform

• Configure data loss prevention policies for Power Platform
• Integrate data loss prevention in Microsoft Defender for Cloud Apps
• Configure policies in Microsoft Defender for Cloud Apps
• Manage data loss prevention violations in Microsoft Defender for Cloud Apps

Module 10 – Manage data loss prevention policies and reports in Microsoft 365

• Configure data loss prevention for policy precedence
• Implement data loss prevention policies in test mode
• Explain data loss prevention reporting capabilities
• Review and analyze data loss prevention reports
• Manage permissions for data loss prevention reports
• Manage and respond to data loss prevention policy violations

Module 11 – Manage the data lifecycle in Microsoft Purview

• Data Lifecycle Management overview
• Configure retention policies
• Configure retention labels
• Configure manual retention label policies
• Configure auto-apply retention label policies
• Import data for Data Lifecycle Management
• Manage, monitor, and remediate Data Lifecycle Management

Module 12 – Manage data retention in Microsoft 365 workloads

• Explain retention in Exchange Online
• Explain retention in SharePoint Online and OneDrive
• Explain retention in Microsoft Teams
• Explain retention in Microsoft Yammer
• Recover content in Microsoft 365 workloads
• Activate archive mailboxes in Microsoft Exchange
• Apply mailbox holds in Microsoft Exchange
• Recover content in Microsoft Exchange

Module 13 – Manage records in Microsoft Purview

• Records management overview
• Import a file plan
• Configure retention labels
• Configure event driven retention
• Manage, monitor, and remediate records

Module 14 – Explore compliance in Microsoft 365

• Plan for security and compliance in Microsoft 365
• Plan your beginning compliance tasks in Microsoft Purview
• Manage your compliance requirements with Compliance Manager
• Examine the Compliance Manager dashboard
• Analyze the Microsoft Compliance score

Module 15 – Search for content in the Microsoft Purview compliance portal

• Explore Microsoft Purview eDiscovery solutions
• Create a content search
• View the search results and statistics
• Export the search results and search report
• Configure search permissions filtering
• Search for and delete email messages

Module 16 – Manage Microsoft Purview eDiscovery (Standard)

• Explore Microsoft Purview eDiscovery solutions
• Implement Microsoft Purview eDiscovery (Standard)
• Create eDiscovery holds
• Search for content in a case
• Export content from a case
• Close, reopen, and delete a case

Module 17 – Manage Microsoft Purview eDiscovery (Premium)

• Explore Microsoft Purview eDiscovery (Premium)
• Implement Microsoft Purview eDiscovery (Premium)
• Create and manage an eDiscovery (Premium) case
• Manage custodians and non-custodial data sources
• Analyze case content

Module 18 – Manage Microsoft Purview Audit (Standard)

• Explore Microsoft Purview Audit solutions
• Implement Microsoft Purview Audit (Standard)
• Search the audit log
• Export, configure, and view audit log records
• Use audit log searching to investigate common support issues

Module 19 – Prepare Microsoft Purview Communication Compliance

• Introduction to communication compliance
• Plan for communication compliance
• Identify and resolve communication compliance workflow
• Introduction to communication compliance policies
• Knowledge check
• Case study–Configure an offensive language policy
• Investigate and remediate communication compliance alerts

Module 20 – Manage insider risk in Microsoft Purview

• Insider risk management overview
• Introduction to managing insider risk policies
• Create and manage insider risk policies
• Knowledge check
• Investigate insider risk alerts
• Take action on insider risk alerts through cases
• Manage insider risk management forensic evidence
• Create insider risk management notice templates

Module 21 – Implement Microsoft Purview Information Barriers

• Explore Microsoft Purview Information Barriers
• Configure information barriers in Microsoft Purview
• Examine information barriers in Microsoft Teams
• Examine information barriers in OneDrive
• Examine information barriers in SharePoint

Module 22 – Manage regulatory and privacy requirements with Microsoft Priva

• Create and manage risk management policies
• Investigate and remediate risk management alerts
• Create rights requests
• Manage data estimate and retrieval for rights requests
• Review data from rights requests
• Get reports from rights requests

Module 23 – Implement privileged access management

• Introduction to privileged access management
• Case study–Implementing privileged access management

Module 24 – Manage Customer Lockbox

• Introduction to Customer Lockbox
• Manage Customer Lockbox requests