SC-400T00 Administering Information Protection and Compliance in Microsoft 365

Learn how Microsoft 365 information protection and data lifecycle management solutions help you protect and govern your data, throughout its lifecycle – wherever it lives, or wherever it travels.

Lesson

• Introduction to information protection and data lifecycle management
• Know your data
• Protect your data
• Prevent data loss
• Govern your data
• Summary and knowledge check

Learn about the information available to help you understand your data landscape and know your data.

Lesson

• Data classification overview
• Classify data using sensitive information types
• Classify data using trainable classifiers
• Review sensitive information and label usage
• Explore labeled and sensitive content
• Understand activities related to your data
• Summary and knowledge check

Learn how to use sensitive information types to support your information protection strategy.

Lesson

• Introduction
• Compare built-in versus custom sensitive information types
• Create and manage custom sensitive information types
• Describe custom sensitive information types with exact data match
• Implement document fingerprinting
• Create keyword dictionary
• Knowledge check
• Summary and resources

Learn how Microsoft 365 encrypts data-at-rest and in-transit, securely manages encryption keys, and provides key management options to customers to meet their business needs and compliance obligations

Lesson

• Introduction to Microsoft 365 encryption
• Learn how Microsoft 365 data is encrypted at rest
• Understand service encryption in Microsoft Purview
• Explore customer key management using Customer Key
• Learn how data is encrypted in-transit
• Summary and knowledge check

Learn about the different encryption methods Microsoft Purview provides to protect messages. 

Lesson

• Introduction
• Implement Microsoft Purview Message Encryption
• Implement Microsoft Purview Advanced Message Encryption
• Use Microsoft Purview Message Encryption templates in mail flow rules
• Knowledge check
• Summary and resources

Learn how to detect sensitive content as it’s used and shared throughout your organization, in the cloud and on devices, and help prevent accidental data loss.

Lesson

• Information protection overview
• Configure sensitivity labels
• Configure sensitivity label policies
• Configure auto-labeling policies
• Manage, monitor, and remediate information protection
• Summary and knowledge check

Learn about how sensitivity labels are used to classify and protect business data while making sure that user productivity and their ability to collaborate are not hindered.

Lesson

• Introduction
• Apply sensitivity labels to Microsoft Teams, Microsoft 365 groups, and SharePoint sites
• Plan on-premises labeling
• Configure on-premises labeling for the Unified Labeling Scanner
• Apply protections and restrictions to email and files
• Monitor label performance using label analytics
• Knowledge check
• Summary and resources

Learn how to discover, classify, and protect sensitive and business-critical content throughout its lifecycle across your organization.

Lesson

• Introduction
• Data loss prevention overview
• Identify content to protect
• Define policy settings for your DLP policy
• Test and create your DLP policy
• Prepare Endpoint DLP
• Manage DLP alerts in the Microsoft Purview compliance portal
• View data loss prevention reports
• Implement the Microsoft Purview Extension
• Knowledge check
• Summary

Learn how to configure and implement data loss prevention policies and integrate them with Microsoft Defender for Cloud Apps

Lesson

• Introduction
• Configure data loss prevention policies for Power Platform
• Integrate data loss prevention in Microsoft Defender for Cloud Apps
• Configure policies in Microsoft Defender for Cloud Apps
• Manage data loss prevention violations in Microsoft Defender for Cloud Apps
• Knowledge check
• Summary and resources

Learn how to manage data loss prevention policies and mitigate data loss prevention policy violations.

Lesson

• Introduction
• Configure data loss prevention for policy precedence
• Implement data loss prevention policies in test mode
• Explain data loss prevention reporting capabilities
• Review and analyze data loss prevention reports
• Manage permissions for data loss prevention reports
• Manage and respond to data loss prevention policy violations
• Knowledge check
• Summary and resources

Learn how to manage your content lifecycle using solutions to import, store, and classify business-critical data so you can keep what you need and delete what you don’t.

Lesson

• Data Lifecycle Management overview
• Configure retention policies
• Configure retention labels
• Configure manual retention label policies
• Configure auto-apply retention label policies
• Import data for Data Lifecycle Management
• Manage, monitor, and remediate Data Lifecycle Management
• Summary and knowledge check

Learn how to manage retention for Microsoft 365, and how retention solutions are implemented in the individual Microsoft 365 services.

Lesson

• Introduction
• Explain retention in Exchange Online
• Explain retention in SharePoint Online and OneDrive
• Explain retention in Microsoft Teams
• Explain retention in Microsoft Yammer
• Recover content in Microsoft 365 workloads
• Activate archive mailboxes in Microsoft Exchange
• Apply mailbox holds in Microsoft Exchange
• Recover content in Microsoft Exchange
• Knowledge check

Learn how to use intelligent classification to automate and simplify the retention schedule for regulatory, legal, and business-critical records in your organization.

Lesson

• Introduction
• Records management overview
• Import a file plan
• Configure retention labels
• Configure event driven retention
• Manage, monitor, and remediate records
• Summary and knowledge check

This module explores the tools Microsoft 365 provides to help ensure an organization’s regulatory compliance, including the Microsoft Purview compliance portal, Compliance Manager, and the Microsoft compliance score.

Lesson

• Introduction
• Plan for security and compliance in Microsoft 365
• Plan your beginning compliance tasks in Microsoft Purview
• Manage your compliance requirements with Compliance Manager
• Examine the Compliance Manager dashboard
• Analyze the Microsoft Compliance score
• Knowledge check
• Summary

This module examines how to search for content in the Microsoft Purview compliance portal using Content Search functionality, including how to view and export the search results, and configure search permissions filtering.

Lesson

• Introduction
• Explore Microsoft Purview eDiscovery solutions
• Create a content search
• View the search results and statistics
• Export the search results and search report
• Configure search permissions filtering
• Search for and delete email messages
• Knowledge check
• Summary

This module explores how to use Microsoft Purview eDiscovery (Standard) to create an eDiscovery case and a hold for a case, how to manage case content, and how to close, reopen, and delete a case.

Lesson

• Introduction
• Explore Microsoft Purview eDiscovery solutions
• Implement Microsoft Purview eDiscovery (Standard)
• Create eDiscovery holds
• Search for content in a case
• Export content from a case
• Close, reopen, and delete a case
• Knowledge check
• Summary

This module explores how to use Microsoft Purview eDiscovery (Premium) to preserve, collect, analyze, review, and export content that’s responsive to an organization’s internal and external investigations, and communicate with custodians involved in a case.

Lesson

• Introduction
• Explore Microsoft Purview eDiscovery (Premium)
• Implement Microsoft Purview eDiscovery (Premium)
• Create and manage an eDiscovery (Premium) case
• Manage custodians and non-custodial data sources
• Analyze case content
• Knowledge check
• Summary

This module examines how to search for audited activities using the Microsoft Purview Audit (Standard) solution, including how to export, configure, and view the audit log records that were retrieved from an audit log search.

Lesson

• Introduction
• Explore Microsoft Purview Audit solutions
• Implement Microsoft Purview Audit (Standard)
• Search the audit log
• Export, configure, and view audit log records
• Use audit log searching to investigate common support issues
• Knowledge check
• Summary

Microsoft Purview Communication Compliance is a solution that helps organizations address code-of-conduct policy violations in company communications, while also assisting organizations in regulated industries meet specific supervisory compliance requirements. Communication Compliance uses machine learning to intelligently detect violations across different communication channels such as Microsoft Teams, Exchange Online, or Yammer messages.

Lesson

• Introduction to communication compliance
• Plan for communication compliance
• Identify and resolve communication compliance workflow
• Introduction to communication compliance policies
• Knowledge check
• Case study–Configure an offensive language policy
• Investigate and remediate communication compliance alerts
• Summary and knowledge check

Microsoft Purview Insider Risk Management helps organizations address internal risks, such as IP theft, fraud, and sabotage. Learn about insider risk management and how Microsoft technologies can help you detect, investigate, and take action on risky activities in your organization.

Lesson

• Insider risk management overview
• Introduction to managing insider risk policies
• Create and manage insider risk policies
• Knowledge check
• Investigate insider risk alerts
• Take action on insider risk alerts through cases
• Manage insider risk management forensic evidence
• Create insider risk management notice templates
• Summary and knowledge check

This module examines how Microsoft Purview uses information barriers to restrict communication and collaboration in Microsoft Teams, SharePoint Online, and OneDrive for Business.

Lesson

• Introduction
• Explore Microsoft Purview Information Barriers
• Configure information barriers in Microsoft Purview
• Examine information barriers in Microsoft Teams
• Examine information barriers in OneDrive
• Examine information barriers in SharePoint
• Knowledge check
• Summary

Learn how to use Microsoft Priva to manage privacy risk policies and subject rights requests.

Lesson

• Introduction
• Create and manage risk management policies
• Investigate and remediate risk management alerts
• Create rights requests
• Manage data estimate and retrieval for rights requests
• Review data from rights requests
• Get reports from rights requests
• Knowledge check
• Summary

Privileged access management allows granular access control over privileged admin tasks in Office 365. Privileged access management requires users to request just-in-time access to complete elevated and privileged tasks through a highly scoped and time-bound approval workflow. This configuration gives users just-enough-access to perform the task at hand without risking exposure of sensitive data or critical configuration settings.

Lesson

• Introduction to privileged access management
• Case study–Implementing privileged access management
• Summary and knowledge check

Customer Lockbox supports requests to access data in Exchange Online, SharePoint Online, and OneDrive when Microsoft engineers need to access customer content to determine root cause and fix an issue. Customer Lockbox requires the engineer to request access from the customer as a final step in the approval workflow. This gives organizations the option to approve or deny these requests and provide direct-access control to the customer.

Lesson

• Introduction to Customer Lockbox
• Manage Customer Lockbox requests
• Summary and knowledge check