- Module 1: Explore reporting in the Microsoft 365 security services
- List several types of reports that provide insight into how your organization is being protected from attacks using email as the threat vector
- Identify where to access reports generated by EOP and Microsoft Defender for Office 365
- Describe how to access detailed information from reports generated by EOP and Microsoft Defender for Office 365
- Module 2: Learn how compliance works in Exchange Online. Learn how to use retention and data loss prevention policies to keep the data and communications you're required to maintain, how to find that data and communications, and how to ensure you're ready for an audit.
- Explain retention policies.
- Explain data loss prevention policies.
- Explain audit logs.
- Explain content search.
- Module 3: Manage Advanced eDiscovery
- Describe Advanced eDiscovery
- Configure permissions for users in Advanced eDiscovery
- Create cases in Advanced eDiscovery
- Search and prepare data for Advanced eDiscovery
- Module 4: In this module, you will learn about the shared responsibility model and important Compliance Manager concepts.
- Describe the key components of the Compliance Manager user experience.
- List key capabilities available in the various Compliance Manager features.
- Module 5: Learners will know, understand, and be able to describe Data Subject Requests (DSRs). They will also know how to manage DSRs on Azure and Microsoft 365.
- DSRs
- How to use a DSR in Azure Active Directory (Azure AD).
- How to use a DSR for Microsoft accounts.
- How to use a DSR for Office 365 apps.
- How to use a DSR for consumer data and logs.
- Module 6: Communication compliance in Microsoft 365 is a solution that helps organizations address code-of-conduct policy violations in company communications, while also assisting organizations in regulated industries meet specific supervisory compliance requirements. Communication Compliance uses machine learning to intelligently detect violations across different communication channels such as Microsoft Teams, Exchange Online, or Yammer messages.
- List the enhancements in communication compliance over Office 365 Supervision policies, which it will replace.
- Explain how to identify and remediate code-of-conduct policy violations.
- List the prerequisites that need to be met before creating communication compliance policies.
- Describe the types of built-in, pre-defined policy templates.
- Module 7: Insider risk management in Microsoft 365 helps organizations address internal risks, such as IP theft, fraud, and sabotage. Learn about insider risk management and how Microsoft technologies can help you detect, investigate, and take action on risky activities in your organization.
- Explain how insider risk management in Microsoft 365 can help prevent, detect, and contain internal risks in an organization.
- Describe the types of built-in, pre-defined policy templates.
- List the prerequisites that need to be met before creating insider risk policies.
- Explain the types of actions you can take on an insider risk management case.
- Module 8: Information barriers enable administrators to define policies to allow or prevent communications between groups of users in Microsoft Teams chats and channels. When information barrier policies are in place, people who should not communicate with other specific users won't be able to find, select, chat, or call those users. With information barriers, checks are in place to prevent unauthorized communication.
- Describe how information barrier policies can help your organization maintain compliance with relevant industry standards and regulations, and avoid potential conflicts of interest.
- List the types of situations when information barriers would be applicable.
- Explain the process of creating an information barrier policy.
- Explain how to troubleshoot unexpected issues after information barriers are in place.
- Module 9: Privileged access management allows granular access control over privileged admin tasks in Office 365. Privileged access management requires users to request just-in-time access to complete elevated and privileged tasks through a highly scoped and time-bound approval workflow. This configuration gives users just-enough-access to perform the task at hand without risking exposure of sensitive data or critical configuration settings.
- Explain the difference between privileged access management and privileged identity management.
- Describe the privileged access management process flow.
- Describe how to configure and enable privileged access management.
- Module 10: Customer Lockbox supports requests to access data in Exchange Online, SharePoint Online, and OneDrive when Microsoft engineers need to access customer content to determine root cause and fix an issue. Customer Lockbox requires the engineer to request access from the customer as a final step in the approval workflow. This gives organizations the option to approve or deny these requests and provide direct-access control to the customer.
- Describe the Customer Lockbox workflow.
- Explain how to approve or deny a Customer Lockbox request.
- Explain how you can audit actions performed by Microsoft engineers when access requests are approved.
By the end of this module, you will be able to:
At the end of this module, you should be able to:
By the end of this module, you will be able to:
At the end of this module, you should be able to:
By the end of this module, you should know more about:
Upon completion of this module, you should be able to:
Upon completion of this module, you should be able to:
Upon completion of this module, you should be able to:
Upon completion of this module, you should be able to:
Upon completion of this module, you should be able to: