Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Microsoft

SC-200: Mitigate threats using Microsoft Purview

Microsoft via Microsoft Learn

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
  • Module 1: Respond to data loss prevention alerts using Microsoft 365

    Upon completion of this module, the learner will be able to:

    • Describe data loss prevention (DLP) components in Microsoft 365
    • Investigate DLP alerts in the Microsoft Purview compliance portal
    • Investigate DLP alerts in Microsoft Defender for Cloud Apps
  • Module 2: Microsoft Purview Insider Risk Management helps organizations address internal risks, such as IP theft, fraud, and sabotage. Learn about insider risk management and how Microsoft technologies can help you detect, investigate, and take action on risky activities in your organization.

    Upon completion of this module, you should be able to:

    • Explain how Microsoft Purview Insider Risk Management can help prevent, detect, and contain internal risks in an organization.
    • Describe the types of built-in, pre-defined policy templates.
    • List the prerequisites that need to be met before creating insider risk policies.
    • Explain the types of actions you can take on an insider risk management case.
  • Module 3: Use the Microsoft Purview Universal Audit Log (UAL) to investigate threats

    By the end of this module, you'll be able to:

    • Describe the differences between Audit (Standard) and Audit (Premium).
    • Start recording user and admin activity in the Unified Audit Log (UAL).
    • Identify the core features of the Audit (Standard) solution.
    • Set up and implement audit log searching using the Audit (Standard) solution.
    • Export, configure, and view audit log records.
    • Use audit log searching to troubleshoot common support issues.
  • Module 4: This module explores the differences between Microsoft Purview Audit (Standard) and Audit (Premium), plus the key functionality in Audit (Premium), including setup requirements, enabling audit logging, creating audit log retention policies, and performing forensics investigations.

    By the end of this module, you'll be able to:

    • Describe the differences between Audit (Standard) and Audit (Premium).
    • Set up and implement Microsoft Purview Audit (Premium).
    • Create audit log retention policies.
    • Perform forensic investigations of compromised user accounts.
  • Module 5: Investigate threats with Content search in Microsoft Purview.

    By the end of this module, you'll be able to:

    • Describe how to use content search in the Microsoft Purview compliance portal.
    • Design and create a content search.
    • Preview the search results.
    • View the search statistics.
    • Export the search results and search report.
    • Configure search permission filtering.

Syllabus

  • Module 1: Module 1: Respond to data loss prevention alerts using Microsoft 365
    • Introduction
    • Describe data loss prevention alerts
    • Investigate data loss prevention alerts in Microsoft Purview
    • Investigate data loss prevention alerts in Microsoft Defender for Cloud Apps
    • Knowledge check
    • Summary and resources
  • Module 2: Module 2: Manage insider risk in Microsoft Purview
    • Insider risk management overview
    • Introduction to managing insider risk policies
    • Create and manage insider risk policies
    • Knowledge check
    • Investigate insider risk alerts
    • Take action on insider risk alerts through cases
    • Manage insider risk management forensic evidence
    • Create insider risk management notice templates
    • Summary and knowledge check
  • Module 3: Module 3: Investigate threats by using audit features in Microsoft 365 Defender and Microsoft Purview Standard
    • Introduction to threat investigation with the Unified Audit Log (UAL)
    • Explore Microsoft Purview Audit solutions
    • Implement Microsoft Purview Audit (Standard)
    • Start recording activity in the Unified Audit Log
    • Search the Unified Audit Log (UAL)
    • Export, configure, and view audit log records
    • Use audit log searching to investigate common support issues
    • Knowledge check
    • Summary and resources
  • Module 4: Module 4: Investigate threats using audit in Microsoft 365 Defender and Microsoft Purview (Premium)
    • Introduction to threat investigation with Microsoft Purview Audit (Premium)
    • Explore Microsoft Purview Audit (Premium)
    • Implement Microsoft Purview Audit (Premium)
    • Manage audit log retention policies
    • Investigate compromised email accounts using Purview Audit (Premium)
    • Knowledge check
    • Summary
  • Module 5: Module 5: Investigate threats with Content search in Microsoft Purview
    • Introduction
    • Explore Microsoft Purview eDiscovery solutions
    • Create a content search
    • View the search results and statistics
    • Export the search results and search report
    • Configure search permissions filtering
    • Search for and delete email messages
    • Knowledge check
    • Summary

Reviews

Start your review of SC-200: Mitigate threats using Microsoft Purview

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.