The Information Security Administrator course equips you with the skills needed to plan and implement information security for sensitive data using Microsoft Purview and related services. The course covers essential topics such as information protection, data loss prevention (DLP), retention, and insider risk management. You learn how to protect data within Microsoft 365 collaboration environments from internal and external threats. Additionally, you learn how to manage security alerts and respond to incidents by investigating activities, responding to DLP alerts, and managing insider risk cases. You also learn how to protect data used by AI services within Microsoft environments and implement controls to safeguard content in these environments.

Audience Profile

As an Information Security Administrator, you plan and implement information security for sensitive data using Microsoft Purview and related services. You're responsible for mitigating risks by protecting data within Microsoft 365 collaboration environments from internal and external threats, as well as safeguarding data used by AI services. Your role involves implementing information protection, data loss prevention (DLP), retention, and insider risk management. You also manage security alerts and respond to incidents by investigating activities, responding to DLP alerts, and managing insider risk cases. In this role, you collaborate with other roles responsible for governance, data, and security to develop policies that address your organization's information security and risk reduction goals. You work with workload administrators, business application owners, and governance stakeholders to implement technology solutions that support these policies and controls.

Course Syllabus

Implement Information Protection

• Protect sensitive data in a digital world
  • Discover how Microsoft Purview helps organizations classify, protect, and monitor sensitive data across cloud, endpoint, and AI environments. This module explores strategies for securing data through classification, labeling, encryption, and proactive risk management.
• Classify data for protection and governance
  • Learn about the information available to help you understand your data landscape and know your data.
• Review and analyze data classification and protection
  • Discover how Microsoft Purview helps organizations monitor and analyze data classification and protection. This module explores how security teams can track classification trends, investigate labeled content, and assess policy effectiveness using Information Protection Reports, Data explorer, Content explorer, and Activity explorer.
• Create and manage sensitive information types
  • Learn how to use sensitive information types to support your information protection strategy.
• Create and configure sensitivity labels with Microsoft Purview
  • Microsoft Purview sensitivity labels enable you to classify and protect sensitive data throughout your organization, including in the cloud and on devices. This module covers how to classify and protect sensitive information to ensure its security and compliance.
• Apply sensitivity labels for data protection
  • Learn about how sensitivity labels are used to classify and protect business data while making sure that user productivity and their ability to collaborate aren't hindered.
• Understand Microsoft 365 encryption
  • Learn how Microsoft 365 encrypts data-at-rest and in-transit, securely manages encryption keys, and provides key management options to customers to meet their business needs and compliance obligations.
• Deploy Microsoft Purview Message Encryption
  • Learn about the different encryption methods Microsoft Purview provides to protect messages.

Implement and manage data loss prevention

• Prevent data loss in Microsoft Purview
  • Microsoft Purview Data Loss Prevention (DLP) helps safeguard sensitive information by monitoring and preventing accidental data leaks across your organization's digital platforms. In this module, you'll learn how to plan, deploy, and adjust DLP policies to protect sensitive data in your organization, ensuring security without disrupting daily work.
• Implement endpoint data loss prevention (DLP) with Microsoft Purview
  • Endpoint DLP in Microsoft Purview helps organizations protect sensitive data on endpoint devices by monitoring, restricting, or allowing actions such as file transfers, copying, and sharing. Learn how to onboard devices, configure settings, and create custom policies to ensure data security across your organization.
• Configure DLP policies for Microsoft Defender for Cloud Apps and Power Platform
  • Learn how to configure and implement data loss prevention policies and integrate them with Microsoft Defender for Cloud Apps.

Implement and manage Microsoft Purview Insider Risk Management

• Understand Microsoft Purview Insider Risk Management
  • Understand insider risks and discover how Microsoft Purview Insider Risk Management identifies risky activities, analyzes context, and helps organizations protect data while respecting privacy.
• Prepare for Microsoft Purview Insider Risk Management
  • Discover strategies for planning and configuring Microsoft Purview Insider Risk Management to meet organizational needs and protect privacy.
• Create and manage Insider Risk Management policies
  • Create and manage Microsoft Purview Insider Risk Management policies to detect and address potential insider risks while supporting organizational security and privacy.
• Investigate insider risk alerts and related activity
  • Investigate insider risk alerts and manage related cases in Microsoft Purview to assess user behavior, take appropriate action, and coordinate deeper reviews across teams.
• Implement Adaptive Protection in Insider Risk Management
  • Understand how Adaptive Protection applies machine learning to assess user risk and automatically enforce the right level of security controls. By dynamically assigning Data loss prevention, Data lifecycle management, and Conditional Access policies, it strengthens data security while reducing unnecessary alerts and manual intervention.

Protect data in AI environments with Microsoft Purview

• Discover AI interactions with Microsoft Purview
  • Microsoft Purview helps organizations discover how Microsoft 365 Copilot and other AI tools interact with data. Using Data Security Posture Management (DSPM) for AI and Audit, security teams can detect AI activity, assess potential risks, and gather insights to support data protection and compliance strategies.
• Protect sensitive data from AI-related risks
  • Microsoft Purview helps organizations protect sensitive data in environments that use AI tools. Learn how to reduce data security risks by applying sensitivity labels, using data loss prevention controls, and deploying recommended protections through DSPM for AI.
• Govern AI usage with Microsoft Purview
  • Learn how to apply policies and manage the lifecycle of AI-generated content using Microsoft Purview. This module shows how to retain, delete, investigate, and review content created in Microsoft 365 Copilot and other AI apps.
• Assess and mitigate AI risks with Microsoft Purview
  • Microsoft Purview includes tools that help detect risky activity and apply policy-based protections in AI environments. This includes detecting generative AI usage, assigning user risk levels, and adjusting enforcement actions based on those levels.

Implement and manage retention and recovery in Microsoft Purview

• Understand retention in Microsoft Purview
  • Microsoft Purview retention helps organizations manage how long data is kept and when it can be deleted. Learn how to apply retention strategically to meet compliance requirements, reduce risk, and protect important information throughout its lifecycle.
• Implement and manage retention and recovery in Microsoft Purview
  • Microsoft Purview helps reduce data exposure by providing tools to control how long content is kept and when it’s permanently deleted. Through retention labels, policies, adaptive scopes, and recovery capabilities, organizations can apply consistent lifecycle rules across Microsoft 365 and reduce the risk of keeping unnecessary or outdated data. This approach supports both compliance and information security goals by minimizing what data is available to unauthorized access or misuse.

Audit and search activity in Microsoft Purview

• Search and investigate with Microsoft Purview Audit
  • Enhance data security and compliance with Microsoft Purview Audit by configuring detailed audits, managing logs, and analyzing access patterns.
• Search for content with Microsoft Purview eDiscovery
  • Use Microsoft Purview eDiscovery to search for content across Microsoft 365. This module covers how to configure cases, define search criteria, and locate messages, files, and other organizational data.