SC-400: Monitor and investigate data and activities by using Microsoft Purview

Intermediate
Administrator
Information Protection and Compliance Administrator
Microsoft 365
Microsoft Purview

This learning path provides instruction on managing content search and investigations in Microsoft 365, including how to search for content in the Microsoft Purview compliance portal, Microsoft Purview Audit, and Microsoft Purview eDiscovery. This learning path aligns with exam SC-400: Microsoft Information Protection Administrator.

Prerequisites

  • Foundational knowledge of Microsoft security and compliance technologies
  • Basic knowledge of information protection concepts

Modules in this learning path

This module explores the tools Microsoft 365 provides to help ensure an organization's regulatory compliance, including the Microsoft Purview compliance portal, Compliance Manager, and the Microsoft compliance score.

This module examines how to search for content in the Microsoft Purview compliance portal using Content Search functionality, including how to view and export the search results, and configure search permissions filtering.

This module explores how to use Microsoft Purview eDiscovery (Standard) to create an eDiscovery case and a hold for a case, how to manage case content, and how to close, reopen, and delete a case.

This module explores how to use Microsoft Purview eDiscovery (Premium) to preserve, collect, analyze, review, and export content that's responsive to an organization's internal and external investigations, and communicate with custodians involved in a case.

This module examines how to search for audited activities using the Microsoft Purview Audit (Standard) solution, including how to export, configure, and view the audit log records that were retrieved from an audit log search.

This module explores the differences between Microsoft Purview Audit (Standard) and Audit (Premium), plus the key functionality in Audit (Premium), including setup requirements, enabling audit logging, creating audit log retention policies, and performing forensics investigations.