Last week the skills outline for SC-400 was updated, with a few new additions that you need to know before sitting the exam. The new additions include the Purview extension, Power BI sensitivity labels, adaptive scopes and preservation locks, and some other tweaks to the wording in other areas that don’t change the focus of the exam.
It’s important to note that this exam is different in a few ways to the other exams in the SC series. The first major difference is that it really is much more focused on protecting Office 365 workloads, rather than the mix of Microsoft 365 and Azure workloads that the other exams cover. The inclusion of Azure Purview means that some additional Azure knowledge is going to be required, but at this point in the exam’s life, this isn’t a heavily weighted area.
It is also different in that this falls into the compliance side of the compliance and security conversation, so it expects you to have an understanding of the Microsoft technologies that focus on content classification, data loss prevention, governance, and protection.
What these differences potentially mean for those of you who want to do this exam is that if you already have a solid understanding of the compliance related Office 365 Enterprise E5 workloads, and have worked with Azure Information Protection, you are probably at a very good starting point. Where does that leave you if that’s not where your skills currently are?
Thankfully these gaps will be pretty easy for you to fill, especially when they are workload related. Make sure that you understand the terms that are used for protection inside of Teams, Exchange, and SharePoint, for example, so that you aren’t getting caught out on feature terminology. You don’t need to be an expert in the individual products just mentioned, instead just make sure you’ve been through some introductory concepts that introduce features and terminology. My suggestion is that use Microsoft Learn modules for this, rather than trying to finding the relevant Microsoft Docs pages.
Implement Information Protection (35-40%)
Create and manage sensitive information types
- plan for sensitive information types
- select a sensitive information type based on an organization’s requirements
- create and manage custom sensitive information types
- create custom sensitive information types with exact data match
- implement document fingerprinting
- create a keyword dictionary
Create and manage trainable classifiers
- identify when to use trainable classifiers
- design create a trainable classifier
- test a trainable classifier
- retrain a classifier
Implement and manage sensitivity labels
- design and implement roles and permissions for administering sensitivity labels
- design and create sensitivity labels
- configure and manage sensitivity label policies
- apply sensitivity labels to Microsoft Teams, Microsoft 365 groups, Microsoft Power BI and SharePoint sites
- configure and publish automatic labeling policies
- monitor data classification and label usage by using label analytics tools such as Content explorer and Activity explorer
- apply bulk classification to on-premises data by using the AIP unified labelling scanner
- manage protection settings and marking for applied sensitivity labels
- Administer reporting, tracking, and access of sensitivity labels and protected content
- Create or extend existing sensitivity labels to Azure Purview
Design and implement encryption for email messages
- Design an email encryption solution based on methods available in Microsoft 365
- Implement Office 365 Message Encryption
- implement Office 365 Advanced Message Encryption
Implement Data Loss Prevention (30-35%)
Create and configure data loss prevention (DLP) policies
- Recommend a DLP solution for an organization
- Configure permissions for DLP
- Create, test, and tune DLP policies
- Configure DLP for policy and rule precedence
- Configure DLP policies for Microsoft Exchange Online, Microsoft SharePoint Online, Microsoft OneDrive, Microsoft Teams, Microsoft Power BI, and on-premises repositories
- Configure DLP policies for use in Microsoft Defender for Cloud Apps
- Configure file policies in Microsoft Defender for Cloud Apps to use DLP policies
Implement and monitor Microsoft Endpoint DLP
- create and maintain DLP policies for endpoints
- configure Endpoint DLP settings
- specify a deployment method for device onboarding
- Identify endpoint requirements for device onboarding
- monitor endpoint activities
- implement Microsoft Compliance Extension
Analyze and respond to data loss prevention policies and activities
- analyze data loss prevention reports
- Analyze data loss prevention activities by using Activity explorer
- remediate data loss prevention policy violations in the Microsoft 365 compliance center
- remediate data loss prevention violations in Microsoft Defender for Cloud Apps
Implement Information Governance (25-30%)
Retain and delete data by using retention labels
- plan for information retention and disposition by using retention labels
- create retention labels
- Configure and manage adaptive scopes
- configure and publish retention label policies
- configure and publish auto-apply label policies
Manage data retention in Microsoft 365
- create and apply retention policies for Microsoft SharePoint and OneDrive
- create and apply retention policies for Microsoft Teams
- configure preservation locks
- recover retained content in Microsoft 365
- implement retention policies and tags in Microsoft Exchange Online
- apply mailbox holds in Microsoft Exchange
- implement Microsoft Exchange Online archiving policies
Implement records management in Microsoft 365
- plan for records management
- configure labels for records management
- manage retention requirements with a file plan
- configure automatic retention using File Plan descriptors
- classify records using retention labels and policies
- implement in-place records management in Microsoft SharePoint
- manage event-based retention
- manage disposition of records
intunedin.net 