SC-400: Microsoft Information Protection Administrator

Microsoft will retire SC-400: Microsoft Information Protection Administrator on April 30, 2025. It will be replaced by SC-401: Information Security in Microsoft 365.

Course: SC-400 Microsoft Information Protection Administrator

Learn how to protect information in your Microsoft 365 deployment. This course focuses on data governance and information protection within your organization. The course covers implementing data loss prevention policies, sensitive information types, sensitivity labels, data retention policies, and Microsoft Purview message encryption, among other related topics. The course helps students prepare for the Microsoft Information Protection Administrator (SC-400) exam.

The course includes a certification exam and a bonus opportunity for a virtual gift! *Promotion valid until August 31st, for customers in Spain only. Does not apply to self-learning.

Course aimed at

The information protection manager plans and implements controls that meet the organization's compliance needs. This person is responsible for translating compliance requirements and controls into technical implementation. They assist organizational control owners in meeting requirements. They work with information technology (IT) personnel, enterprise application owners, human resources, and legal stakeholders to implement technology that supports policies and controls necessary to address their organization's regulatory requirements. They also work with compliance and security management, such as a chief compliance officer and chief security officer, to assess the full range of associated business risks and develop those policies. This person defines applicable requirements and tests IT operations and processes against those policies and controls. They are responsible for creating policies and rules for content classification, data loss prevention, governance, and protection.

Elements of the SC-400 formation

• Introduction to information protection and data lifecycle management in Microsoft Purview (6 Units)
• Prevent data loss (4 Units)
• Classify data for protection and governance (7 Units)
• Creating and Managing Confidential Information Types (8 Units)
• Microsoft 365 Encryption Overview (6 Units)
• Implementing Microsoft Purview Message Encryption (6 Units)
• Protect information in Microsoft Purview (6 Units)
• Application and management of confidentiality labels (8 Units)
• Prevent data loss in Microsoft Purview (10 Units)
• Configuring DLP Policies for Microsoft Defender for Cloud Apps and Power Platform (7 Units)
• Managing Data Loss Prevention Policies and Reports in Microsoft 365 (9 Units)
• Manage the data lifecycle in Microsoft Purview (8 Units)
• Managing Data Retention in Microsoft 365 Workloads (11 Units)
• Manage records in Microsoft Purview (7 Units)

SC-400 Course Content

Module 1: Implementing Information Protection in Microsoft Purview

Organizations require information protection solutions to safeguard data against theft and accidental loss. Learn how to protect sensitive information. Learn about Microsoft Purview information protection and governance solutions that help you protect and regulate data throughout its lifecycle, wherever it resides or travels. Learn about the information available to help you understand the data landscape and understand your data. Learn how to use sensitive information types to support your information protection strategy. Learn how sensitivity labels are used to classify and protect enterprise data, ensuring that user productivity and their ability to collaborate are not compromised.

Lessons

• Introduction to information protection in Microsoft Purview

• Data classification for protection and governance

• Creating and managing confidential information types

• Describe Microsoft 365 encryption

• Implementing message encryption with Microsoft Purview

• Protecting Information in Microsoft Purview

• Application and management of sensitivity labels

Lab: Implementing Information Protection

• Compliance Role Management
• Managing Microsoft Purview Message Encryption
• Manage types of confidential information
• Manage trainable classifiers
• Manage sensitivity labels

After completing this module, students will be able to do the following:

• Describe Microsoft's approach to information protection and governance

• List the components of the data classification solution

• Describe how to use sensitive information types and trainable classifiers

• Implement document fingerprinting

• Create custom keyword dictionaries

• Implementing message encryption in Microsoft Purview

Module 2: Implementing Data Loss Prevention

This module describes how to implement data loss prevention techniques to protect Microsoft 365 data. Learn how to detect, classify, and protect sensitive and business-critical content throughout its lifecycle across your organization. Learn how to configure and deploy data loss prevention policies and integrate them with Microsoft Defender for Cloud Apps. Learn how to respond to and remediate data loss policy violations.

Lessons

• Data Loss Prevention with Microsoft Purview

• Implement endpoint data loss prevention

• Configuring DLP policies for Microsoft Defender for Cloud Apps and Power Platform

• Managing DLP Reports and Policies in Microsoft Purview

Lab: Implementing Data Loss Prevention

• DLP Policy Management
• Manage the DLP endpoint
• Manage DLP reports

After completing this module, students will be able to do the following:

• Describe the information protection configuration process

• Recommended implementation and adoption procedures

• Describe DLP integration with Microsoft Defender for Cloud Apps.

• Configure policies in Microsoft Defender for Cloud Apps.

• Review and analyze DLP reports

• Identify and mitigate DLP policy violations

• Mitigating DLP violations in Microsoft Defender for Cloud Apps.

Module 3: Implementing Records Management and Data Lifecycle

In this module, you will learn how to plan and implement information governance strategies for an organization. Learn how to manage the content lifecycle using solutions to import, store, and classify business-critical data so you can retain what you need and delete what you don't. Learn how to manage Microsoft 365 retention and implement retention solutions across individual Microsoft 365 services. Learn how to use intelligent classification to automate and simplify the retention schedule for regulatory, legal, and business-critical records in your organization.

Lessons

• Data Lifecycle Management in Microsoft Purview

• Managing data retention in Microsoft 365 workloads

• Manage records in Microsoft Purview

Lab: Implementing Records Management and Data Lifecycle

• Configure retention labels
• Implement retention labels
• Configure service-based retention
• Setting up event-based retention
• Using eDiscovery for Recovery
• Configure log management

After completing this module, students will be able to do the following:

• Describe the information governance setup process

• Recommended implementation and adoption procedures

• Describe retention features in Microsoft 365 workloads

• Configure retention options in Microsoft Teams and SharePoint Online

• Implement retention for Exchange mailbox items

• Recover content protected by retention settings

• Recover protected items from Exchange mailboxes

• Describe the log management configuration process

Prerequisites

Before participating in this course, students must have:

• Fundamental knowledge of Microsoft security and compliance technologies

• Basic knowledge of information protection concepts

• Description of cloud computing concepts.

• Microsoft 365 Products and Services Description

Language

• Course: English / Spanish
• Labs: English / Spanish

Microsoft Associate Certification: Information Protection and Compliance Administrator Associate

Microsoft Certified: Information Protection and Compliance Administrator Associate

Demonstrate the fundamentals of data security, lifecycle management, information security, and compliance to protect a Microsoft 365 deployment.

Level: Intermediate
Role: Administrator
Product: Microsoft 365
Subject: Security