Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Microsoft

SC-400: Manage Insider and Privacy Risk in Microsoft 365

Microsoft via Microsoft Learn

Overview

  • Module 1: Microsoft Purview Communication Compliance is a solution that helps organizations address code-of-conduct policy violations in company communications, while also assisting organizations in regulated industries meet specific supervisory compliance requirements. Communication Compliance uses machine learning to intelligently detect violations across different communication channels such as Microsoft Teams, Exchange Online, or Yammer messages.

    Upon completion of this module, you should be able to:

    • List the enhancements in communication compliance over Office 365 Supervision policies, which it will replace.
    • Explain how to identify and remediate code-of-conduct policy violations.
    • List the prerequisites that need to be met before creating communication compliance policies.
    • Describe the types of built-in, pre-defined policy templates.
  • Module 2: Microsoft Purview Insider Risk Management helps organizations address internal risks, such as IP theft, fraud, and sabotage. Learn about insider risk management and how Microsoft technologies can help you detect, investigate, and take action on risky activities in your organization.

    Upon completion of this module, you should be able to:

    • Explain how Microsoft Purview Insider Risk Management can help prevent, detect, and contain internal risks in an organization.
    • Describe the types of built-in, pre-defined policy templates.
    • List the prerequisites that need to be met before creating insider risk policies.
    • Explain the types of actions you can take on an insider risk management case.
  • Module 3: Adaptive Protection in Microsoft Purview uses machine learning to dynamically apply the most effective data loss prevention (DLP) controls for identified critical risks, enhancing data security and saving time for security teams.

    Upon completion of this module, you should be able to:

    • Describe Adaptive Protection and its role in dynamically mitigating risks.
    • Configure risk level settings and customize risk levels based on your organization's needs.
    • Setup adaptive protection with quick or custom setup.
    • Manage Adaptive Protection to review policy metrics, track in-scope users, and assess risk levels.
  • Module 4: This module examines how Microsoft Purview uses information barriers to restrict communication and collaboration in Microsoft Teams, SharePoint Online, and OneDrive for Business. MS-102

    By the end of this module, you should be able to:

    • Describe how information barriers can restrict or allow communication and collaboration among specific groups of users.
    • Describe the components of an information barrier and how to enable information barriers.
    • Understand how information barriers help organizations determine which users to add or remove from a Microsoft Team, OneDrive account, and SharePoint site.
    • Describe how information barriers prevent users or groups from communicating and collaborating in Microsoft Teams, OneDrive, and SharePoint.
  • Module 5: Learn how to use Microsoft Priva to manage privacy risk policies and subject rights requests.

    Upon completion of this module, the learner will be able to:

    • Create and manage risk management policies for data overexposure, data transfer, and data minimization
    • Investigate and remediate risk alerts
    • Send user notifications
    • Create and manage Subject Rights Requests
    • Estimate and retrieve subject data
    • Review subject data
    • Create subject rights reports
  • Module 6: Privileged access management allows granular access control over privileged admin tasks in Office 365. Privileged access management requires users to request just-in-time access to complete elevated and privileged tasks through a highly scoped and time-bound approval workflow. This configuration gives users just-enough-access to perform the task at hand without risking exposure of sensitive data or critical configuration settings.

    Upon completion of this module, you should be able to:

    • Explain the difference between privileged access management and privileged identity management.
    • Describe the privileged access management process flow.
    • Describe how to configure and enable privileged access management.
  • Module 7: Customer Lockbox supports requests to access data in Exchange Online, SharePoint Online, and OneDrive when Microsoft engineers need to access customer content to determine root cause and fix an issue. Customer Lockbox requires the engineer to request access from the customer as a final step in the approval workflow. This gives organizations the option to approve or deny these requests and provide direct-access control to the customer.

    Upon completion of this module, you should be able to:

    • Describe the Customer Lockbox workflow.
    • Explain how to approve or deny a Customer Lockbox request.
    • Explain how you can audit actions performed by Microsoft engineers when access requests are approved.

Syllabus

  • Module 1: Module 1: Prepare Microsoft Purview Communication Compliance
    • Introduction to communication compliance
    • Plan for communication compliance
    • Identify and resolve communication compliance workflow
    • Introduction to communication compliance policies
    • Knowledge check
    • Case study--Configure an offensive language policy
    • Investigate and remediate communication compliance alerts
    • Summary and knowledge check
  • Module 2: Module 2: Manage insider risk in Microsoft Purview
    • Insider risk management overview
    • Introduction to managing insider risk policies
    • Create and manage insider risk policies
    • Knowledge check
    • Investigate insider risk alerts
    • Take action on insider risk alerts through cases
    • Manage insider risk management forensic evidence
    • Create insider risk management notice templates
    • Summary and knowledge check
  • Module 3: Module 3: Implement Adaptive Protection in Insider Risk Management (preview)
    • Introduction
    • Adaptive Protection Overview
    • Understand and configure risk levels in Adaptive Protection
    • Configure Adaptive Protection
    • Manage Adaptive Protection
    • Summary and knowledge check
  • Module 4: Module 4: Implement Microsoft Purview Information Barriers
    • Introduction
    • Explore Microsoft Purview Information Barriers
    • Configure information barriers in Microsoft Purview
    • Examine information barriers in Microsoft Teams
    • Examine information barriers in OneDrive
    • Examine information barriers in SharePoint
    • Knowledge check
    • Summary
  • Module 5: Module 5: Manage regulatory and privacy requirements with Microsoft Priva
    • Introduction
    • Create and manage risk management policies
    • Investigate and remediate risk management alerts
    • Create rights requests
    • Manage data estimate and retrieval for rights requests
    • Review data from rights requests
    • Get reports from rights requests
    • Knowledge check
    • Summary
  • Module 6: Module 6: Implement privileged access management
    • Introduction to privileged access management
    • Case study--Implementing privileged access management
    • Summary and knowledge check
  • Module 7: Module 7: Manage Customer Lockbox
    • Introduction to Customer Lockbox
    • Manage Customer Lockbox requests
    • Summary and knowledge check

Reviews

Start your review of SC-400: Manage Insider and Privacy Risk in Microsoft 365

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.