SC-400: Microsoft Information Protection Administrator
SC-400: Microsoft Information Protection Administrator is the requirements for the Microsoft Certified: Information Protection Administrator Associate
Exam requirements
The official exam document are published here: https://docs.microsoft.com/en-us/learn/certifications/exams/sc-300
Exam preparation
Books covering the exam
Video training for the exam
Online training
Microsoft Learn (free)
- SC-400 part 1 – Implement Information Protection in Microsoft 365
https://docs.microsoft.com/en-us/learn/paths/implement-information-protection/ - SC-400 part 2 – Implement Data Loss Prevention
https://docs.microsoft.com/en-us/learn/paths/implement-data-loss-prevention/
- SC-400 part 3 – Implement Information Governance in Microsoft 365
https://docs.microsoft.com/en-us/learn/paths/implement-information-governance/
Instructor-led training
Microsoft Learning Partner
- TBA
Exam Objectives
Implement Information Protection (35-40%)
- Create and manage sensitive information types
- select a sensitive information type based on an organization’s requirements
- create and manage custom sensitive information types
- create custom sensitive information types with exact data match
- implement document fingerprinting
- create a keyword dictionary
- Create and manage trainable classifiers
- identify when to use trainable classifiers
- create a trainable classifier
- verify a trainable classifier is performing properly
- retrain a classifier
- Implement and manage sensitivity labels
- identify roles and permissions for administering sensitivity labels
- create sensitivity labels
- configure and manage sensitivity label policies
- apply sensitivity labels to Microsoft Teams, Microsoft 365 groups, and SharePoint sites
- configure and publish automatic labeling policies (excluding MCAS scenarios)
- monitor label usage by using label analytics
- apply bulk classification to on-premises data by using the AIP unified labelling scanner
- manage protection settings and marking for applied sensitivity labels
- apply protections and restrictions to email including content marking, usage, permission, encryption, expiration, etc.
- apply protections and restrictions to files including content marking, usage, permission, encryption, expiration, etc.
- Plan and implement encryption for email messages
- define requirements for implementing Office 365 Message Encryption
- implement Office 365 Advanced Message Encryption
Implement Data Loss Prevention (30-35%)
- Create and configure data loss prevention policies
- recommend a data loss prevention solution for an organization
- configure data loss prevention for policy precedence
- configure policies for Microsoft Exchange email
- configure policies for Microsoft SharePoint sites
- configure policies for Microsoft OneDrive accounts
- configure policies for Microsoft Teams chat and channel messages
- integrate Microsoft Cloud App Security (MCAS) with Microsoft Information Protection
- configure policies in Microsoft Cloud App Security (MCAS)
- implement data loss prevention policies in test mode
- Implement and monitor Microsoft Endpoint data loss prevention
- configure policies for endpoints
- configure Endpoint data loss prevention settings
- recommend configurations that enable devices for Endpoint data loss prevention policies
- monitor endpoint activities
- Manage and monitor data loss prevention policies and activities
- manage and respond to data loss prevention policy violations
- review and analyze data loss prevention reports
- manage permissions for data loss prevention reports
- manage data loss prevention violations in Microsoft Cloud App Security (MCAS)
Implement Information Governance (25-30%)
- Configure retention policies and labels
- create and apply retention labels
- create and apply retention label policies
- configure and publish auto-apply label policies
- Manage data retention in Microsoft 365
- create and apply retention policies in Microsoft SharePoint and OneDrive
- create and apply retention policies in Microsoft Teams
- recover content in Microsoft Teams, SharePoint, and OneDrive
- recover content in Microsoft Exchange
- implement retention policies and tags in Microsoft Exchange
- apply mailbox holds in Microsoft Exchange
- implement Microsoft Exchange Online archiving policies
- Implement records management in Microsoft 365
- configure labels for records management
- manage and migrate retention requirements with a file plan
- configure automatic retention using File Plan descriptors
- classify records using retention labels and policies
- implement in-place records management in Microsoft SharePoint
- configure event-based retention
- manage disposition of records