Overview
Learn how to protect information in your Microsoft 365 deployment. This course focuses on data governance and information protection within your organization. The course covers implementation of data loss prevention policies, sensitive information types, sensitivity labels, data retention policies and Office 365 message encryption among other related topics. The course helps learners prepare for the Microsoft Information Protection Administrator exam (SC-400).
Audience profile
The Information Protection Administrator plans and implements controls that meet organizational compliance needs. This person is responsible for translating requirements and compliance controls into technical implementation. They assist organizational control owners to become and stay compliant. They work with information technology (IT) personnel, business application owners, human resources, and legal stakeholders to implement technology that supports policies and controls necessary to sufficiently address regulatory requirements for their organization. They also work with the compliance and security leadership such as a Chief Compliance Officer and Security Officer to evaluate the full breadth of associated enterprise risk and partner to develop those policies. This person defines applicable requirements and tests IT processes and operations against those policies and controls. They are responsible for creating policies and rules for content classification, data loss prevention, governance, and protection.
Job role: Administrator, Risk Practitioner, Security Engineer
Preparation for exam: SC-400
Accessing your courseware and registering attendance with Microsoft
To access your Official Curriculum (MOC) course materials you will need a Microsoft.com/Learn account. In Learn you will also be able to register your completion of the event and receive your achievement badge. You will be issued with a unique code during your event.
Prerequisites
Important This course may require the use of Multifactor Authentication (MFA). Please read this page and download the Microsoft Authenticator app (or similar app) prior to attending the course:
https://www.qa.com/resources/faqs/mfa-requirements/
Please see the below Microsoft article for further information on reasons for the MFA requirement:
Before attending this course, students should have:
- Foundational knowledge of Microsoft security and compliance technologies.
- Basic knowledge of information protection concepts.
- Understanding of cloud computing concepts.
- Understanding of Microsoft 365 products and services.
Delegates will learn how to
- Explain and use sensitivity labels.
- Configure Data Loss Prevention policies.
- Secure messages in Office 365.
- Describe the information governance configuration process.
- Define key terms associated with Microsoft’s information protection and governance solutions.
- Explain the Content explorer and Activity explorer.
- Describe how to use sensitive information types and trainable classifiers.
- Review and analyze DLP reports.
- Identify and mitigate DLP policy violations.
- Describe the integration of DLP with Microsoft Cloud App Security (MCAS).
- Deploy Endpoint DLP
- Describe records management
- Configure event driven retention
- Import a file plan
- Configure retention policies and labels
- Create custom keyword dictionaries
- Implement document fingerprinting
Outline
Module 1: Implement Information Protection in Microsoft 365
Organizations require information protection solutions to protect their data against theft and accidental loss. Learn how to protect your sensitive information. Learn how Microsoft 365 information protection and governance solutions help you protect and govern your data, throughout its lifecycle – wherever it lives, or wherever it travels. Learn about the information available to help you understand your data landscape and know your data. Learn how to use sensitive information types to support your information protection strategy. Learn about how sensitivity labels are used to classify and protect business data while making sure that user productivity and their ability to collaborate are not hindered.
Lessons
- Introduction to information protection and governance in Microsoft 365
- Classify data for protection and governance
- Create and manage sensitive information types
- Describe Microsoft 365 encryption
- Deploy message encryption in Office 365
- Configure sensitivity labels
- Apply and manage sensitivity labels
Lab : Implement Information Protection
- Assign permissions for compliance
- Manage Office 365 message encryption
- Manage Sensitive Information Types
- Manage Trainable Classifiers
- Manage Sensitivity Labels
After completing this module, students will be able to:
- Describe Microsoft’s approach to information protection and governance.
- List the components of the Data Classification solution.
- Describe how to use sensitive information types and trainable classifiers.
- Implement document fingerprinting
- Create custom keyword dictionaries
- Deploy message encryption in Office 365
Module 2: Implement Data Loss Prevention in Microsoft 365
In this module we discuss how to implement data loss prevention techniques to secure your Microsoft 365 data. Learn how to discover, classify, and protect sensitive and business-critical content throughout its lifecycle across your organization. Learn how to configure and implement data loss prevention policies and integrate them with Microsoft Cloud App Security. Learn how to respond to and mitigate data loss policy violations.
Lessons
- Prevent Data loss in Microsoft 365
- Implement Endpoint data loss prevention
- Configure DLP policies for Microsoft Cloud App Security and Power Platform
- Manage DLP policies and reports in Microsoft 365
Lab : Implement Data Loss Prevention
Manage DLP policies
- Mange Endpoint DLP
- Test DLP policies
- Mange DLP reports
After completing this module, students will be able to:
- Describe the information protection configuration process.
- Articulate deployment and adoption best practices.
- Describe the integration of DLP with Microsoft Cloud App Security (MCAS).
- Configure policies in Microsoft Cloud App Security.
- Review and analyze DLP reports.
- Identify and mitigate DLP policy violations.
- Mitigate DLP violations in MCAS.
Module 3: Implement Information Governance in Microsoft 365
In this module you will learn how to plan and implement information governance strategies for an organization. Learn how to manage your content lifecycle using solutions to import, store, and classify business-critical data so you can keep what you need and delete what you don't. Learn how to manage retention for Microsoft 365, and how retention solutions are implemented in the individual Microsoft 365 services. Learn how to use intelligent classification to automate and simplify the retention schedule for regulatory, legal, and business-critical records in your organization.
Lessons
- Govern information in Microsoft 365
- Manage data retention in Microsoft 365 workloads
- Manage records in Microsoft 365
Lab : Implement Information Governance
- Configure Retention Labels
- Implement Retention Labels
- Configure Service-based Retention
- Use eDiscovery for Recovery
- Configure Records Management
After completing this module, students will be able to:
- Describe the information governance configuration process.
- Articulate deployment and adoption best practices.
- Describe the retention features in Microsoft 365 workloads.
- Configure retention settings in Microsoft Teams and SharePoint Online.
- Implement retention for Exchange Mailbox items.
- Recover content protected by retention settings.
- Regain protected items from Exchange Mailboxes.
- Describe the records management configuration process.
Please note that whilst this course is aligned to the equivalent Microsoft Exam it may not contain all information required to pass the exam. As per Microsoft guidance, further self study and hands on experience is recommended in addition to attendance of this course.
Frequently asked questions
How can I create an account on myQA.com?
There are a number of ways to create an account. If you are a self-funder, simply select the "Create account" option on the login page.
If you have been booked onto a course by your company, you will receive a confirmation email. From this email, select "Sign into myQA" and you will be taken to the "Create account" page. Complete all of the details and select "Create account".
If you have the booking number you can also go here and select the "I have a booking number" option. Enter the booking reference and your surname. If the details match, you will be taken to the "Create account" page from where you can enter your details and confirm your account.
Find more answers to frequently asked questions in our FAQs: Bookings & Cancellations page.
How do QA’s virtual classroom courses work?
Our virtual classroom courses allow you to access award-winning classroom training, without leaving your home or office. Our learning professionals are specially trained on how to interact with remote attendees and our remote labs ensure all participants can take part in hands-on exercises wherever they are.
We use the WebEx video conferencing platform by Cisco. Before you book, check that you meet the WebEx system requirements and run a test meeting (more details in the link below) to ensure the software is compatible with your firewall settings. If it doesn’t work, try adjusting your settings or contact your IT department about permitting the website.
How do QA’s online courses work?
QA online courses, also commonly known as distance learning courses or elearning courses, take the form of interactive software designed for individual learning, but you will also have access to full support from our subject-matter experts for the duration of your course. When you book a QA online learning course you will receive immediate access to it through our e-learning platform and you can start to learn straight away, from any compatible device. Access to the online learning platform is valid for one year from the booking date.
All courses are built around case studies and presented in an engaging format, which includes storytelling elements, video, audio and humour. Every case study is supported by sample documents and a collection of Knowledge Nuggets that provide more in-depth detail on the wider processes.
When will I receive my joining instructions?
Joining instructions for QA courses are sent two weeks prior to the course start date, or immediately if the booking is confirmed within this timeframe. For course bookings made via QA but delivered by a third-party supplier, joining instructions are sent to attendees prior to the training course, but timescales vary depending on each supplier’s terms. Read more FAQs.
When will I receive my certificate?
Certificates of Achievement are issued at the end the course, either as a hard copy or via email. Read more here.