SC-401: Information Security Administrator

SC-401: Information Security Administrator is a focused, instructor-led course designed for security professionals responsible for implementing and managing information protection, identity, and access within an organization. This course covers practical strategies to secure data, manage compliance, and enforce security policies across Microsoft 365 and Azure environments.

Participants will learn how to design and implement data governance, deploy identity protection measures, and monitor security operations using Microsoft security tools. This course prepares learners for the Microsoft Certified: Information Protection Administrator Associate certification and equips them to safeguard organizational assets effectively.

Audience Profile

This course is ideal for:

• Information security administrators managing data protection and identity solutions

• IT professionals responsible for compliance, governance, and risk management

• Security analysts implementing Microsoft 365 and Azure security controls

• Individuals preparing for the SC-401 certification exam

Candidates should have experience with Microsoft 365 security and compliance, identity and access management, and foundational security concepts.

Course Outline

Module 1: Implement Information Protection

• Designing data classification and labeling strategies

• Configuring Microsoft Information Protection policies

• Implementing sensitivity labels and data loss prevention (DLP)

Module 2: Manage Identity and Access

• Configuring Azure AD identity protection

• Managing conditional access policies and multi-factor authentication

• Securing privileged access and identity governance

Module 3: Implement Compliance and Governance

• Understanding compliance management in Microsoft 365

• Using Microsoft Compliance Manager and Insider Risk Management

• Designing retention, records management, and audit policies

Module 4: Monitor and Respond to Security Incidents

• Configuring Microsoft Defender for Endpoint and Microsoft Sentinel

• Investigating and responding to security alerts and incidents

• Managing security reports and continuous monitoring

Module 5: Secure Data and Devices

• Implementing endpoint security controls

• Applying encryption and rights management

• Managing device compliance and access

Hands-On Experience

This course features 40% to 50% hands-on activities, providing learners with practical experience in configuring Microsoft information protection, identity security, compliance tools, and incident response workflows.