Microsoft Information Security Administrator Associate (SC-401) Cert Prep by Microsoft Press
6h 4mIntermediate2026-03-11
Authors

Microsoft Press
Microsoft

Sarah Young
Course details
The Microsoft Information Security Administrator Associate (SC-401) certification validates your ability to protect sensitive data, manage compliance, and reduce risk in Microsoft 365 environments. This course prepares you for the exam by covering data classification, sensitivity labels, and data loss prevention policies in Microsoft Purview. Along the way, learn how to deploy security policies across Windows, file shares, and Exchange; manage insider risk; and monitor alerts and activities to maintain a strong compliance posture. By the end of this course, you’ll be equipped with the skills you need to tackle the SC-401 exam and effectively manage information security in your organization.
Learning objectives
Implement information protection.
Implement data loss prevention and retention.
Manage risks, alerts, and activities.
Learning objectives
Implement information protection.
Implement data loss prevention and retention.
Manage risks, alerts, and activities.
Concepts
Introduction
- Exam SC-401 administering information security in Microsoft 365 - Introduction
Implement and Manage Data Classification
- Module introduction
- Learning objectives
- Identify sensitive information requirements for an organization s data
- Translate requirements into built-in or custom sensitive info types
- Create and manage custom sensitive info types
- Implement document fingerprinting
- Create and manage exact data match (EDM) classifiers
- Create and manage trainable classifiers
- Monitor classification with data explorer and content explorer
- Configure optical character recognition (OCR) support for sensitive info types
Implement and Manage Sensitivity Labels in Microsoft Purview
- Learning objectives
- Implement roles and permissions for sensitivity labels
- Define and create sensitivity labels for items and containers
- Configure protection settings and content marking for sensitivity labels
- Configure and manage publishing policies for sensitivity labels
- Configure and manage autolabeling policies for sensitivity labels
- Apply sensitivity labels to containers, such as Microsoft Teams, Microsoft 365 Groups, Microsoft Power BI, and Microsoft SharePoint
- Apply sensitivity labels by using Defender for Cloud Apps
Implement Information Protection for Windows, File Shares, and Exchange
- Learning objectives
- Implement protection for Windows, file shares, and Exchange
- Plan and implement the Purview Information Protection client
- Manage files using the Purview client
- Apply bulk classification to on-premises data by using the Microsoft Purview Information Protection scanner
- Design and implement Microsoft Purview Message Encryption
- Design and implement Microsoft Purview Advanced Message Encryption
Create and Configure Data Loss Prevention (DLP) Policies
- Module introduction
- Learning objectives
- Design DLP policies based on an organization s requirements
- Implement roles and permissions for DLP
- Create and manage DLP policies
- Configure DLP policies for Adaptive Protection
- Interpret policy and rule precedence in DLP
- Create file policies in Microsoft Defender for Cloud Apps by using a DLP policy
Implement and Monitor Microsoft Purview Endpoint DLP
- Learning objectives
- Specify device requirements for Endpoint DLP, including extensions
- Configure advanced DLP rules for devices in DLP policies
- Configure Endpoint DLP settings
- Configure just-in-time protection
- Monitor endpoint activities
Implement and Manage Retention
- Learning objectives
- Plan for information retention and disposition by using retention labels
- Create, configure, and manage adaptive scopes
- Create retention labels for data lifecycle management
- Configure retention label policies (publish autoapply)
- Interpret the results of policy precedence, including using policy lookup
- Create and configure retention policies
- Recover retained content in Microsoft 365
Implement and Manage Microsoft Purview Insider Risk Management
- Module introduction
- Learning objectives
- Implement roles and permissions for Insider Risk Management
- Plan and implement Insider Risk Management connectors
- Plan and implement integration with Microsoft Defender for Endpoint
- Configure and manage Insider Risk Management settings
- Configure policy indicators
- Select an appropriate policy template
- Create and manage Insider Risk Management policies
- Manage forensic evidence settings
- Enable and configure insider risk levels for Adaptive Protection
- Manage insider risk alerts and cases
- Manage Insider Risk Management workflow, including notice templates
Manage Information Security Alerts and Activities
- Learning objectives
- Assign Microsoft Purview Audit (Premium) user licenses
- Investigate activities by using Microsoft Purview Audit
- Configure audit retention policies
- Analyze Purview activities by using activity explorer
- Respond to data loss prevention alerts in the Microsoft Purview portal
- Investigate insider risk activities by using the Microsoft Purview portal
- Respond to Purview alerts in Microsoft Defender XDR
- Respond to Defender for Cloud Apps file policy alerts
- Perform searches by using Content search
Protect Data Used by AI Services
- Learning objectives
- Implement controls in Microsoft 365 workloads to protect content in an environment that uses AI services
- Implement prerequisites for Data Security Posture Management (DSPM) for AI
- Manage roles and permissions for DSPM for AI
- Configure DSPM for AI policies
- Monitor activities in DSPM for AI
- Implement controls in Microsoft Purview to protect content in an environment that uses AI services
Conclusion
- Course summary
Related courses
- Microsoft 365 Security Administrator Associate (MS-500) Cert Prep: 3 Implement and Manage Information Protection
- Microsoft 365 Enterprise Administrator Expert (MS-101) Cert Prep: 2 Manage Security and Threats by using Microsoft 365 Defender
- Microsoft Managing Modern Desktop (MD-101) Cert Prep: 2 Windows Devices, Apps, and Data
- SharePoint Online Admin Essential Training
- Microsoft 365: Health and Security (2019)
- Windows 10: Configure Storage
- Microsoft Azure: Security Concepts (2021)
- Information Management: Document Security
Related learn paths
- Prepare for the Microsoft 365 Security Administration (MS-500) Exam
- Advance Your Skills as an IT Help Desk Specialist
- Network Administration: Build Core Skills for Network Management and Security
- Prepare for the MTA: Networking Fundamentals Exam (98-366)
- Develop Your Skills in Agile Software Development
- Getting Started as an Azure Developer
- Getting Started with DevOps
- Infrastructure Management on Microsoft Azure: Top Skills for IT Professionals