SC-400: Microsoft Information Protection Administrator

Microsoft will retire the SC-400: Microsoft Information Protection Administrator course on April 30, 2025. It will be replaced by the SC-401: Information Security in Microsoft 365 course.

Course: SC-400 Microsoft Information Protection Administrator

Learn how to protect information in your Microsoft 365 implementation. This course focuses on data governance and information protection within your organization. It covers implementing data loss prevention policies, types of sensitive information, sensitivity labels, data retention policies, and Microsoft Purview message encryption, among other related topics. This course helps students prepare for the Microsoft Information Protection Administrator (SC-400) exam.

Course aimed at

The information protection administrator plans and implements controls that meet the organization's compliance needs. This individual is responsible for translating compliance requirements and controls into technical implementation. They assist organizational control owners in meeting requirements. They work with information technology (IT) staff, enterprise application owners, human resources, and legal stakeholders to implement technology that supports the policies and controls necessary to address the organization's regulatory requirements. They also work with compliance and security management, such as a compliance officer and a security officer, to assess the full range of associated business risks and develop those policies. This individual defines applicable requirements and tests IT operations and processes against those policies and controls. They are responsible for creating policies and rules for content classification, data loss prevention, governance, and protection.

Elements of the SC-400 formation

• Introduction to information protection and data lifecycle management in Microsoft Purview (6 Units)
• Prevent data loss (4 Units)
• Classify data for protection and governance (7 Units)
• Creation and management of confidential information types (8 Units)
• Microsoft 365 Encryption Description (6 Units)
• Implementing Microsoft Purview Message Encryption (6 Units)
• Protect information in Microsoft Purview (6 Units)
• Application and administration of confidentiality labels (8 Units)
• Prevent data loss in Microsoft Purview (10 Units)
• Configuring DLP policies for Microsoft Defender for Cloud Apps and Power Platform (7 Units)
• Managing Reports and Data Loss Prevention Policies in Microsoft 365 (9 Units)
• Manage the data lifecycle in Microsoft Purview (8 Units)
• Managing data retention in Microsoft 365 workloads (11 Units)
• Manage records in Microsoft Purview (7 Units)

SC-400 Course Content

Module 1: Implementing Information Protection in Microsoft Purview

Organizations require information protection solutions to safeguard data against theft and accidental loss. Learn how to protect sensitive information. Learn about Microsoft Purview's information governance and protection solutions that help you protect and regulate data throughout its lifecycle, wherever it resides or travels. Learn about the information available to help you understand the data landscape and know your data. Learn how to use sensitive information types to support your information protection strategy. Learn how sensitivity labels are used to classify and protect business data, ensuring that user productivity and collaboration are not compromised.

Lessons

• Introduction to Information Protection in Microsoft Purview

• Data classification for protection and governance

• Creation and management of confidential information types

• Describe Microsoft 365 encryption

• Implementing message encryption with Microsoft Purview

• Information protection in Microsoft Purview

• Application and management of confidentiality labels

Laboratory: Implementing Information Protection

• Compliance role management
• Managing Microsoft Purview Message Encryption
• Manage types of confidential information
• Manage trainable classifiers
• Manage confidentiality labels

After completing this module, students will be able to do the following:

• Describe Microsoft's approach to information protection and governance

• List the components of the data classification solution

• Describe how to use confidential information types and trainable classifiers

• Implement digital fingerprinting of documents

• Create custom keyword dictionaries

• Implementing message encryption in Microsoft Purview

Module 2: Implementing Data Loss Prevention

This module describes how to implement data loss prevention techniques to protect Microsoft 365 data. Learn how to detect, classify, and protect sensitive and business-critical content throughout its lifecycle across the organization. Learn how to configure and implement data loss prevention policies and integrate them with Microsoft Defender for Cloud Apps. Learn how to respond to and remediate data loss policy violations.

Lessons

• Data loss prevention with Microsoft Purview

• Implement endpoint data loss prevention

• Configuring DLP policies for Microsoft Defender for Cloud Apps and Power Platform

• Managing reports and DLP policies in Microsoft Purview

Laboratory: Implementing data loss prevention

• DLP policy management
• Manage the DLP endpoint
• Manage DLP reports

After completing this module, students will be able to do the following:

• Describe the information protection configuration process

• Recommended implementation and adoption procedures

• Describe the integration of DLP with Microsoft Defender for Cloud Apps.

• Configure policies in Microsoft Defender for Cloud Apps.

• Review and analyze DLP reports

• Identify and mitigate violations of DLP directives

• Mitigating DLP violations in Microsoft Defender for Cloud Apps.

Module 3: Implementing Records Management and the Data Lifecycle

In this module, you will learn how to plan and implement information governance strategies for an organization. Gain insights into managing the content lifecycle through solutions for importing, storing, and classifying business-critical data, enabling you to retain what you need and delete what you don't. Learn how to manage Microsoft 365 retention, including how retention solutions are implemented in individual Microsoft 365 services. Learn how to use intelligent classification to automate and simplify scheduling the retention of regulatory, legal, and business-critical records within your organization.

Lessons

• Data lifecycle management in Microsoft Purview

• Managing data retention in Microsoft 365 workloads

• Managing records in Microsoft Purview

Laboratory: Implementation of records management and data lifecycle management

• Configure retention labels
• Implement retention labels
• Configure service-based retention
• Event-based retention configuration
• Use eDiscovery for recovery
• Configure log management

After completing this module, students will be able to do the following:

• Describe the information governance setup process

• Recommended implementation and adoption procedures

• Describe the retention features in Microsoft 365 workloads

• Configure retention options in Microsoft Teams and SharePoint Online

• Implement retention for Exchange mailbox items

• Retrieve content protected by retention settings

• Recover protected items from Exchange mailboxes

• Describe the log management setup process

Prerequisites

Before participating in this course, students must have:

• Fundamental knowledge of Microsoft security and compliance technologies

• Basic knowledge of information protection concepts

• Description of cloud computing concepts.

• Description of Microsoft 365 products and services

Language

• Course: English / Spanish
• Labs: English / Spanish

Microsoft Certification Associate: Information Protection and Compliance Administrator Associate

Microsoft Certified: Information Protection and Compliance Administrator Associate

Demonstrate the fundamentals of data security, lifecycle management, information security, and compliance to protect a Microsoft 365 implementation.

Level: Intermediate
Role: Administrator
Product: Microsoft 365
Subject: Security