SC-200: Mitigate threats using Microsoft Purview

Learning Path
4 Modules

At a glance

Level

Intermediate
Skill

 
Product

Microsoft 365 Microsoft Purview Microsoft Defender
Role

Security Operations Analyst
Subject

Compliance Information protection and governance Insider risk Security Threat protection

In this Learning Path we focus on Microsoft Purview's risk and compliance solutions that assist security operations analysts detect threats to organizations and identify, classify, and protect sensitive data, as well as monitor and report on compliance. This learning path aligns with exam SC-200: Microsoft Security Operations Analyst.

Prerequisites

Fundamental understanding of Microsoft security, compliance, and identity products
Basic understanding of Microsoft Defender XDR

Modules in this learning path

Investigate and respond to Microsoft Purview Data Loss Prevention alerts

Microsoft Purview and Microsoft Defender XDR help organizations detect potential data loss risks and respond quickly to protect sensitive information. Investigation and response activities include reviewing DLP alerts, applying appropriate remediation actions, and documenting findings in a structured and consistent way.

Investigate insider risk alerts and related activity

Investigate insider risk alerts and manage related cases in Microsoft Purview to assess user behavior, take appropriate action, and coordinate deeper reviews across teams.

Search and investigate with Microsoft Purview Audit

Enhance data security and compliance with Microsoft Purview Audit by configuring detailed audits, managing logs, and analyzing access patterns.

Search for content with Microsoft Purview eDiscovery

Use Microsoft Purview eDiscovery to search for content across Microsoft 365. This module covers how to configure cases, define search criteria, and locate messages, files, and other organizational data.