The objectives for SC-400 have just been updated, with Azure Purview being the new inclusion. It’s important to note that this exam is different in a few ways to the other exams in the SC series. The first major difference is that it really is much more focused on protecting Office 365 workloads, rather than the mix of Microsoft 365 and Azure workloads that the other exams cover. It is also different in that this falls into the compliance side of the compliance and security conversation, so it expects you to have an understanding of the Microsoft technologies that focus on content classification, data loss prevention, governance, and protection.
What these differences potentially mean for those of you who want to do this exam is that if you already have a solid understanding of the compliance related Office 365 Enterprise E5 workloads, and have worked with Azure Information Protection, you are probably at a good starting point. Where does that leave you if that’s not where your skills currently are?
Thankfully these gaps will be pretty easy for you to fill, especially when they are workload related. Make sure that you understand the terms that are used for protection inside of Teams, Exchange, and SharePoint, for example, so that you aren’t getting caught out on feature terminology. You don’t need to be an expert in the individual products just mentioned, instead just make sure you’ve been through some introductory concepts that introduce features and terminology. My suggestion is that use Microsoft Learn modules for this, rather than trying to finding the relevant Microsoft Docs pages.
Implement Information Protection (35-40%)
Create and manage sensitive information types
- select a sensitive information type based on an organization’s requirements
- create and manage custom sensitive information types
- create custom sensitive information types with exact data match
- implement document fingerprinting
- create a keyword dictionary
Create and manage trainable classifiers
- identify when to use trainable classifiers
- create a trainable classifier
- verify a trainable classifier is performing properly
- retrain a classifier
Implement and manage sensitivity labels
- identify roles and permissions for administering sensitivity labels
- create sensitivity labels
- configure and manage sensitivity label policies
- apply sensitivity labels to Microsoft Teams, Microsoft 365 groups, and SharePoint sites
- configure and publish automatic labeling policies (excluding MCAS scenarios)
- monitor data classification and label usage by using label analytics tools such as content explorer and activity explorer
- apply bulk classification to on-premises data by using the AIP unified labelling scanner
- manage protection settings and marking for applied sensitivity labels
- apply protections and restrictions to email including content marking, usage, permission, encryption, expiration, etc.
- apply protections and restrictions to files including content marking, usage, permission, encryption, expiration, etc.
Plan and implement encryption for email messages
- define requirements for implementing Office 365 Message Encryption
- implement Office 365 Advanced Message Encryption
- manage and govern data by using Azure Purview
Implement Data Loss Prevention (30-35%)
Create and configure data loss prevention policies
- recommend a data loss prevention solution for an organization
- configure data loss prevention for policy precedence
- configure policies for Microsoft Exchange email
- configure policies for Microsoft SharePoint sites
- configure policies for Microsoft OneDrive accounts
- configure policies for Microsoft Teams chat and channel messages
- integrate Microsoft Cloud App Security (MCAS) with Microsoft Information Protection
- configure policies in Microsoft Cloud App Security (MCAS)
- implement data loss prevention policies in test mode
Implement and monitor Microsoft Endpoint data loss prevention
- configure policies for endpoints
- configure Endpoint data loss prevention settings
- recommend configurations that enable devices for Endpoint data loss prevention policies
- monitor endpoint activities
Manage and monitor data loss prevention policies and activities
- manage and respond to data loss prevention policy violations
- review and analyze data loss prevention reports
- manage permissions for data loss prevention reports
- manage data loss prevention violations in Microsoft Cloud App Security (MCAS)
Implement Information Governance (25-30%)
Configure retention policies and labels
- create and apply retention labels
- create and apply retention label policies
- configure and publish auto-apply label policies
Manage data retention in Microsoft 365
- create and apply retention policies in Microsoft SharePoint and OneDrive
- create and apply retention policies in Microsoft Teams
- recover content in Microsoft Teams, SharePoint, and OneDrive
- recover content in Microsoft Exchange
- implement retention policies and tags in Microsoft Exchange
- apply mailbox holds in Microsoft Exchange
- implement Microsoft Exchange Online archiving policies
Implement records management in Microsoft 365
- configure labels for records management
- manage and migrate retention requirements with a file plan
- configure automatic retention using File Plan descriptors
- classify records using retention labels and policies
- implement in-place records management in Microsoft SharePoint
- configure event-based retention
- manage disposition of records
intunedin.net 