SC-400T00: Microsoft Information Protection Administrator

• Implement information protection (25–30%)

• Implement DLP (15–20%)

• Implement data lifecycle and records management (10–15%)

• Monitor and investigate data and activities by using Microsoft Purview (15–20%)

• Manage insider and privacy risk in Microsoft 365 (15–20%)

• Identify sensitive information requirements for an organization's data

• Translate sensitive information requirements into built-in or custom sensitive info types

• Create and manage custom sensitive info types

• Create and manage exact data match (EDM) classifiers

• Implement document fingerprinting

• Identify when to use trainable classifiers

• Design and create a trainable classifier

• Test a trainable classifier

• Retrain a trainable classifier

• Implement roles and permissions for administering sensitivity labels

• Define and create sensitivity labels

• Configure and manage sensitivity label policies

• Configure auto-labeling policies for sensitivity labels

• Monitor data classification and label usage by using Content explorer, Activity explorer, and audit search

• Apply bulk classification to on-premises data by using the Microsoft Purview Information Protection scanner

• Manage protection settings and marking for applied sensitivity labels

• Design an email encryption solution based on methods available in Microsoft 365

• Implement Microsoft Purview Message Encryption

• Implement Microsoft Purview Advanced Message Encryption

• Design DLP policies based on an organization’s requirements

• Configure permissions for DLP

• Create and manage DLP policies

• Interpret policy and rule precedence in DLP

• Configure a Microsoft Defender for Cloud Apps file policy to use DLP policies

• Configure advanced DLP rules for devices in DLP policies

• Configure Endpoint DLP settings

• Recommend a deployment method for device onboarding

• Identify endpoint requirements for device onboarding

• Monitor endpoint activities

• Implement the Microsoft Purview Extension

• Analyze DLP reports

• Analyze DLP activities by using Activity explorer

• Remediate DLP alerts in the Microsoft Purview compliance portal

• Remediate DLP alerts generated by Defender for Cloud Apps

• Plan for information retention and disposition by using retention labels

• Create retention labels for data lifecycle management

• Configure and manage adaptive scopes

• Configure a retention label policy to publish labels

• Configure a retention label policy to auto-apply labels

• Interpret the results of policy precedence, including using Policy lookup

• Create and apply retention policies for SharePoint Online and OneDrive

• Create and apply retention policies for Microsoft 365 groups

• Create and apply retention policies for Teams

• Create and apply retention policies for Yammer

• Create and apply retention policies for Exchange Online

• Apply mailbox holds in Exchange Online

• Implement Exchange Online archiving policies

• Configure preservation locks for retention policies and retention label policies

• Recover retained content in Microsoft 365

• Create and configure retention labels for records management

• Manage retention labels by using a file plan, including file plan descriptors

• Classify records by using retention labels and retention label policies

• Manage event-based retention

• Manage the disposition of content in records management

• Configure records management settings, including retention label settings and disposition settings

• Plan for regulatory compliance in Microsoft 365

• Create and manage assessments

• Create and modify custom templates

• Interpret and manage improvement actions

• Create and manage alert policies for assessments

• Choose between eDiscovery (Standard) and eDiscovery (Premium) based on an organization’s requirements

• Plan and implement eDiscovery

• Delegate permissions to use eDiscovery and Content search

• Perform searches and respond to results from eDiscovery

• Manage eDiscovery cases

• Perform searches by using Content search

• Choose between Audit (Standard) and Audit (Premium) based on an organization’s requirements

• Plan for and configure auditing

• Investigate activities by using the unified audit log

• Review and interpret compliance reports and dashboards

• Configure alert policies

• Configure audit retention policies

• Plan for communication compliance

• Create and manage communication compliance policies

• Investigate and remediate communication compliance alerts and reports

• Plan for insider risk management

• Create and manage insider risk management policies

• Investigate and remediate insider risk activities, alerts, and reports

• Manage insider risk cases

• Manage forensic evidence settings

• Manage notice templates

• Plan for IBs

• Create and manage IB segments and policies

• Configure Teams, SharePoint Online, and OneDrive to enforce IBs, including setting barrier modes

• Investigate issues with IB policies

• Configure and maintain privacy risk management

• Create and manage Privacy Risk Management policies

• Identify and monitor potential risks involving personal data

• Evaluate and remediate alerts and issues

• Implement and manage subject rights requests

Successful Azure Administrators start this role with experience in virtualization, networking, identity, and storage.

• Understanding of on-premises virtualization technologies, including: VMs, virtual networking, and virtual hard disks.

• Understanding of network configurations, including TCP/IP, Domain Name System (DNS), virtual private networks (VPNs), firewalls, and encryption technologies.

• Understanding of Active Directory concepts, including users, groups, and role-based access control.

• Understanding of resilience and disaster recovery, including backup and restore operations.