SC-401 – Administering Information Security in Microsoft 365

Course Duration

4 Days

Audience

Employees of federal, state and local governments; and businesses working with the government.

Prerequisites

Familiarity with Microsoft Purview compliance solutions. Basic understanding of data protection and security concepts. Foundational knowledge of Microsoft security and compliance technologies. Awareness of Microsoft 365 data governance capabilities.

Course Description

This course equips Information Security Administrators with the skills needed to plan and implement information security for sensitive data using Microsoft Purview and related services. Topics include information protection, data loss prevention (DLP), retention, and insider risk management. Students learn how to protect data within Microsoft 365 collaboration environments from internal and external threats — including securing AI-generated content and Microsoft 365 Copilot interactions.

Learning Objectives

• Classify and protect sensitive data using sensitivity labels, trainable classifiers, and sensitive information types
• Design and implement data loss prevention (DLP) policies across Microsoft 365 workloads and endpoints
• Configure Microsoft Purview Message Encryption to protect email
• Implement and manage retention policies and labels for compliance
• Configure Insider Risk Management to detect and respond to insider threats
• Use Microsoft Purview Audit and eDiscovery to investigate security incidents
• Secure Microsoft 365 Copilot interactions and AI-generated content with Purview controls
• Apply Adaptive Protection to dynamically enforce DLP based on user risk levels

Course Outline

Module 1 – Data Protection Foundations

• Protect sensitive data in a digital world and Zero Trust framework
• Classify data using sensitive information types and trainable classifiers
• Review classification and protection insights with data explorer
• Create and manage custom sensitive information types

Module 2 – Sensitivity Labels

• Create and configure sensitivity labels and label policies
• Configure encryption with sensitivity labels
• Implement auto-labeling policies
• Apply sensitivity labels in Office apps and Microsoft 365 Copilot
• Apply sensitivity labels to Teams, Microsoft 365 groups, and SharePoint

Module 3 – Encryption and Email Protection

• Understand Microsoft 365 encryption at rest and in transit
• Configure Microsoft Purview Message Encryption
• Customize encrypted email branding
• Control encrypted email access with Advanced Message Encryption

Module 4 – Data Loss Prevention

• Plan and design DLP policies
• Create and manage DLP policies across Microsoft 365
• Implement endpoint DLP and onboard devices
• Configure DLP for Microsoft Defender for Cloud Apps and Power Platform
• Integrate Adaptive Protection with DLP
• Investigate and respond to DLP alerts

Module 5 – Retention and Records Management

• Understand retention labels and retention policies
• Create and manage auto-apply retention labels
• Configure adaptive scopes and retention policies
• Recover content in Microsoft 365 workloads

Module 6 – Insider Risk Management

• Prepare your organization for Insider Risk Management
• Create and manage insider risk policies using templates
• Investigate and triage insider risk alerts
• Manage insider risk cases and take action
• Implement Adaptive Protection based on risk levels

Module 7 – Audit and eDiscovery

• Configure and manage Microsoft Purview Audit
• Conduct searches with Audit Standard and Audit Premium
• Audit Microsoft Copilot interactions
• Search for content with Microsoft Purview eDiscovery
• Export eDiscovery search results

Module 8 – Securing AI and Copilot

• Understand AI data security risks and Microsoft Purview protections
• Assess Copilot regulatory compliance with Compliance Manager
• Apply DLP and retention policies to Copilot prompts and responses
• Secure enterprise and browser-based AI apps with Purview
• Secure developer AI environments and Copilot Studio agents

Frequently Asked Questions