Introduction
Information security administrators often need to investigate incidents involving sensitive or improperly shared content. Whether responding to a data leak, regulatory inquiry, or internal policy violation, the ability to locate and analyze content quickly is essential.
In this module, you take on the role of an information security administrator using Microsoft Purview eDiscovery to search for content across Microsoft 365 services. You'll work within an eDiscovery case to define data sources, build targeted queries, and validate search results before taking further action.
In this module, you:
- Assign roles and permissions needed to access eDiscovery
- Create a case and configure search criteria
- Search across Microsoft 365 workloads using keywords, conditions, and Copilot-assisted query generation
- Review and validate search results using samples or statistics
By the end of this module, you'll be able to locate content across Microsoft 365, evaluate the results, and prepare for next steps like exporting or adding data to a review set.