SC-400: Manage Insider and Privacy Risk in Microsoft 365

Information Protection and Compliance Administrator
Microsoft Priva
Microsoft Purview

Discover how to manage internal risks and privacy policies using Microsoft Purview Insider Risk Management and Microsoft Priva. This learning path aligns with exam SC-400: Microsoft Information Protection Administrator.


  • Foundational knowledge of Microsoft security and compliance technologies
  • Basic knowledge of information protection concepts

Modules in this learning path

Microsoft Purview Communication Compliance is a solution that helps organizations address code-of-conduct policy violations in company communications, while also assisting organizations in regulated industries meet specific supervisory compliance requirements. Communication Compliance uses machine learning to intelligently detect violations across different communication channels such as Microsoft Teams, Exchange Online, or Yammer messages.

Microsoft Purview Insider Risk Management helps organizations address internal risks, such as IP theft, fraud, and sabotage. Learn about insider risk management and how Microsoft technologies can help you detect, investigate, and take action on risky activities in your organization.

Adaptive Protection in Microsoft Purview uses machine learning to dynamically apply the most effective data loss prevention (DLP) controls for identified critical risks, enhancing data security and saving time for security teams.

This module examines how Microsoft Purview uses information barriers to restrict communication and collaboration in Microsoft Teams, SharePoint Online, and OneDrive for Business.

Learn how to use Microsoft Priva to manage privacy risk policies and subject rights requests.

Privileged access management allows granular access control over privileged admin tasks in Office 365. Privileged access management requires users to request just-in-time access to complete elevated and privileged tasks through a highly scoped and time-bound approval workflow. This configuration gives users just-enough-access to perform the task at hand without risking exposure of sensitive data or critical configuration settings.

Customer Lockbox supports requests to access data in Exchange Online, SharePoint Online, and OneDrive when Microsoft engineers need to access customer content to determine root cause and fix an issue. Customer Lockbox requires the engineer to request access from the customer as a final step in the approval workflow. This gives organizations the option to approve or deny these requests and provide direct-access control to the customer.