Stay ahead of the next cyberthreat with the Microsoft Certified: Information Security Administrator credential.

Keeping up with complex cybersecurity attacks is an ongoing job—and a great area of specialization for IT professionals. Information Protection Administrators, Security Operation Analysts, and those who work to secure identity and access environments can enhance their abilities while also staying one step ahead.

Defensive AI is becoming an integral part of the SOC, augmenting understaffed teams – Despite ‘insufficient personnel’ being considered the greatest inhibitor to defending AI-powered threats, increasing cyber security staff is at the bottom of the priority list for survey participants, with only 11% planning to increase cybersecurity staff in 2025—less than in 2024. (Darktrace State of AI Cybersecurity 2025)

Designed specifically for data security and information protection professionals, this certification validates the skills needed to plan and implement information security for sensitive data by using Microsoft Purview and related services.

Overview

Be the reason your organization survives the next cyberattack.

The Information Security Administrator course equips you with the skills to:

  • to plan and implement information security for sensitive data using Microsoft Purview and related services
  • protect data within Microsoft 365 collaboration environments from internal and external threats.
  • to manage security alerts and respond to incidents by investigating activities, responding to DLP alerts, and managing insider risk cases
  • protect data used by AI services within Microsoft environments and implement controls to safeguard content in these environments.

Cybersecurity is not optional. It’s Operational. Don’t wait for a breach. Build the skills. Earn the badge. Lead the defense. Explore our Top Cybersecurity Skills for Malaysia’s Digital Future campaign.

 

Skills Covered

  • Classify data for protection and governance
  • Review and analyze data classification and protection
  • Create and manage sensitive information types
  • Create and configure sensitivity labels with Microsoft Purview
  • Apply sensitivity labels for data protection
  • Classify and protect on-premises data with Microsoft Purview
  • Understand Microsoft 365 encryption
  • Protect email with Microsoft Purview Message Encryption
  • Prevent data loss with Microsoft Purview
  • Implement endpoint data loss prevention (DLP) with Microsoft Purview
  • Configure DLP policies for Microsoft Defender for Cloud Apps and Power Platform
  • Investigate and respond to Microsoft Purview Data Loss Prevention alerts
  • Understand Microsoft Purview Insider Risk Management
  • Prepare for Microsoft Purview Insider Risk Management
  • Create and manage Insider Risk Management policies
  • Investigate insider risk alerts and related activity
  • Implement Adaptive Protection in Insider Risk Management
  • Understand How to Secure AI Data with Microsoft Purview
  • Secure Microsoft 365 Copilot interactions with Microsoft Purview
  • Secure enterprise and browser-based AI apps with Microsoft Purview
  • Secure developer AI environments with Microsoft Purview
  • Understand retention in Microsoft Purview
  • Implement and manage Microsoft 365 retention and recovery
  • Search and investigate with Microsoft Purview Audit
  • Search for content with Microsoft Purview eDiscovery

Prerequisites

  • Familiarity with Microsoft Purview compliance solutions
  • Basic understanding of data protection and security concepts
  • Foundational knowledge of Microsoft security and compliance technologies
  • Basic knowledge of information protection concepts
  • Basic knowledge of Microsoft 365 data governance capabilities
  • Basic understanding of audit logs and content discovery

If you’re new to Microsoft SCI, consider opting for SC-900: Microsoft Security, Compliance and Identity Fundamentals prior to attending SC-401.

Target Audience

As an Information Security Administrator, you plan and implement information security for sensitive data using Microsoft Purview and related services. You’re responsible for mitigating risks by protecting data within Microsoft 365 collaboration environments from internal and external threats, as well as safeguarding data used by AI services.

Your role involves implementing information protection, data loss prevention (DLP), retention, and insider risk management. You also manage security alerts and respond to incidents by investigating activities, responding to DLP alerts, and managing insider risk cases. In this role, you collaborate with other roles responsible for governance, data, and security to develop policies that address your organization’s information security and risk reduction goals.

You work with workload administrators, business application owners, and governance stakeholders to implement technology solutions that support these policies and controls.

Course Curriculum

Module 1: Protect sensitive data in a digital world

  • Introduction
  • The growing need for data protection
  • The challenges of managing sensitive data
  • Protect data in a Zero Trust world
  • Understand data classification and protection
  • Prevent data leaks and insider threats
  • Manage security alerts and respond to threats
  • Protect AI-generated and AI-processed data
  • Module assessment
  • Summary

Module 2: Classify data for protection and governance

  • Introduction
  • Data classification overview
  • Classify data using sensitive information types
  • Classify data using trainable classifiers
  • Create a custom trainable classifier
  • Module assessment
  • Summary

Module 3: Review and analyze data classification and protection

  • Introduction
  • Review classification and protection insights
  • Analyze classified data with data and content explorer
  • Monitor and review actions on labeled data
  • Module assessment
  • Summary

Module 4: Create and manage sensitive information types

  • Introduction
  • Sensitive information type overview
  • Compare built-in versus custom sensitive information types
  • Create and manage custom sensitive information types
  • Create and manage exact data match sensitive info types
  • Implement document fingerprinting
  • Describe named entities
  • Create a keyword dictionary
  • Module assessment
  • Summary and resources

Module 5: Create and configure sensitivity labels with Microsoft Purview

  • Introduction
  • Sensitivity label overview
  • Create and configure sensitivity labels and label policies
  • Configure encryption with sensitivity labels
  • Implement auto-labeling policies
  • Track and evaluate sensitivity label usage in Microsoft Purview
  • Module assessment
  • Summary

Module 6: Apply sensitivity labels for data protection

  • Introduction
  • Foundations of sensitivity label integration in Microsoft 365
  • Manage sensitivity labels in Office apps
  • Apply sensitivity labels with Microsoft 365 Copilot for secure collaboration
  • Protect meetings with sensitivity labels
  • Apply sensitivity labels to Microsoft Teams, Microsoft 365 groups, and SharePoint sites
  • Module assessment
  • Summary and resources

Module 7: Classify and protect on-premises data with Microsoft Purview

  • Introduction
  • Protect on-premises files with Microsoft Purview
  • Prepare your environment for the Microsoft Purview Information Protection scanner
  • Configure and install the Microsoft Purview Information Protection scanner
  • Run and manage the scanner
  • Enforce data loss prevention policies on on-premises files
  • Module assessment
  • Summary

Module 8: Understand Microsoft 365 encryption

  • Introduction to Microsoft 365 encryption
  • Learn how Microsoft 365 data is encrypted at rest
  • Understand service encryption in Microsoft Purview
  • Explore customer key management using Customer Key
  • Learn how data is encrypted in-transit
  • Summary and knowledge check

Module 9: Protect email with Microsoft Purview Message Encryption

  • Introduction
  • Understand message encryption
  • Plan for Microsoft Purview Message Encryption
  • Configure Microsoft Purview Message Encryption
  • Customize encrypted email branding with Microsoft Purview
  • Control encrypted email access with Advanced Message Encryption
  • Use Microsoft Purview Message Encryption templates in mail flow rules
  • Module assessment
  • Summary and resources

Module 10: Prevent data loss with Microsoft Purview

  • Introduction
  • Data loss prevention overview
  • Plan and design DLP policies
  • Understand DLP policy deployment and simulation mode
  • Create and manage DLP policies
  • Integrate Adaptive Protection with DLP
  • Use DLP analytics (preview) to identify data risks
  • Understand DLP alerts and activity tracking
  • Module assessment
  • Summary and resources

Module 11: Implement endpoint data loss prevention (DLP) with Microsoft Purview

  • Introduction
  • Endpoint data loss prevention (DLP) overview
  • Understand the endpoint DLP implementation workflow
  • Onboard devices for endpoint DLP
  • Configure settings for endpoint DLP
  • Create and manage endpoint DLP policies
  • Deploy the Microsoft Purview browser extension
  • Configure just-in-time (JIT) protection
  • Module assessment
  • Summary and resources

Module 12: Configure DLP policies for Microsoft Defender for Cloud Apps and Power Platform

  • Introduction
  • Configure data loss prevention policies for Power Platform
  • Integrate data loss prevention in Microsoft Defender for Cloud Apps
  • Configure policies in Microsoft Defender for Cloud Apps
  • Manage data loss prevention violations in Microsoft Defender for Cloud Apps
  • Module assessment
  • Summary and resources

Module 13: Investigate and respond to Microsoft Purview Data Loss Prevention alerts

  • Introduction
  • Understand data loss prevention (DLP) alerts
  • Understand the DLP alert lifecycle
  • Configure DLP policies to generate alerts
  • Investigate DLP alerts in Microsoft Purview
  • Investigate DLP alerts in Microsoft Defender XDR
  • Respond to DLP alerts
  • Exercise – Investigate a DLP alert and related incident
  • Module assessment
  • Summary

Module 14: Understand Microsoft Purview Insider Risk Management

  • Introduction
  • What is an insider risk?
  • Microsoft Purview Insider Risk Management overview
  • Microsoft Purview Insider Risk Management features
  • Case study: Protect sensitive data with Insider Risk Management
  • Module assessment
  • Summary

Module 15: Prepare for Microsoft Purview Insider Risk Management

  • Introduction
  • Plan for Insider Risk Management
  • Prepare your organization for Insider Risk Management
  • Configure settings for Insider Risk Management
  • Integrate Insider Risk Management with data sources and tools
  • Module assessment
  • Summary

Module 16: Create and manage Insider Risk Management policies

  • Introduction
  • Understand Insider Risk Management policy templates
  • Compare quick and custom insider risk policies
  • Create a custom Insider Risk Management policy
  • Manage policies in Insider Risk Management
  • Module assessment
  • Summary

Module 17: Investigate insider risk alerts and related activity

  • Introduction
  • Understand insider risk alerts and investigations
  • Manage alert volume in insider risk management
  • Investigate and triage insider risk alerts in Microsoft Purview
  • Analyze alert context with the All risk factors tab
  • Investigate activity details with the Activity explorer tab
  • Review patterns over time with the User activity tab
  • Investigate insider risk alerts in Microsoft Defender XDR
  • Manage and take action on insider risk cases
  • Exercise – Investigate potential data theft using Insider Risk Management
  • Module assessment
  • Summary

Module 18: Implement Adaptive Protection in Insider Risk Management

  • Introduction
  • Adaptive Protection overview
  • Understand and configure risk levels in Adaptive Protection
  • Configure Adaptive Protection
  • Manage Adaptive Protection
  • Summary and knowledge check

Module 19: Understand How to Secure AI Data with Microsoft Purview

  • Introduction
  • Understand AI data security risks
  • Understand how Microsoft Purview secures AI data
  • Evaluate compliance risks for AI usage
  • Identify AI-related data exposure risks
  • Understand how Microsoft Purview controls AI data access
  • Detect and respond to risky AI activity
  • Retain and search Copilot prompts and responses
  • Module assessment
  • Summary

Module 20: Secure Microsoft 365 Copilot interactions with Microsoft Purview

  • Introduction
  • Understand how Microsoft 365 Copilot changes data protection needs
  • Assess Copilot regulatory compliance with Compliance Manager
  • Audit Copilot interactions with Microsoft Purview
  • Analyze Copilot interactions with Communication Compliance
  • Classify and protect Copilot content with sensitivity labels
  • Apply DLP policies to Microsoft 365 Copilot
  • Apply retention policies to Copilot prompts and responses
  • Investigate and delete Copilot activity with eDiscovery
  • Module assessment
  • Summary

Module 21: Secure enterprise and browser-based AI apps with Microsoft Purview

  • Introduction
  • Understand risks from enterprise and non-Microsoft AI tools
  • Assess AI usage for security and compliance
  • Identify policy violations with Communication Compliance
  • Detect risky AI usage with Insider Risk Management
  • Protect sensitive data in AI apps with Microsoft Purview DLP
  • Case study: Use Adaptive Protection to respond to AI-related risk
  • Apply retention policies to AI app prompts and responses
  • Module assessment
  • Summary

Module 22: Secure developer AI environments with Microsoft Purview

  • Introduction
  • Understand risks and responsibilities in AI development environments
  • Discover and assess AI apps with DSPM for AI
  • Classify, restrict, and retain AI prompt data
  • Enforce protections in Azure AI services and Azure AI Foundry
  • Apply controls for Microsoft Entra-registered custom AI apps
  • Secure AI agents built in Copilot Studio
  • Manage data risks in Copilot in Fabric
  • Investigate and respond to risky AI activity
  • Module assessment
  • Summary

Module 23: Understand retention in Microsoft Purview

  • Introduction
  • Overview of retention and the data lifecycle
  • Understand retention labels and retention policies
  • Decide when to apply retention
  • Module assessment
  • Summary

Module 24: Implement and manage Microsoft 365 retention and recovery

  • Introduction
  • Plan for retention and disposition with retention labels
  • Create and publish retention labels
  • Create and manage auto-apply retention labels
  • Create and configure adaptive scopes
  • Create and configure retention policies
  • Understand policy and label precedence in Microsoft Purview
  • Recover content in Microsoft 365 workloads
  • Module assessment
  • Summary

Module 25: Search and investigate with Microsoft Purview Audit

  • Introduction
  • Microsoft Purview Audit overview
  • Configure and manage Microsoft Purview Audit
  • Conduct searches with Audit (Standard)
  • Audit Microsoft Copilot for Microsoft 365 interactions
  • Investigate activities with Audit (Premium)
  • Export audit log data
  • Configure audit retention with Audit (Premium)
  • Module assessment

Module 26: Search for content with Microsoft Purview eDiscovery

  • Introduction
  • Understand eDiscovery and content search capabilities
  • Prerequisites for using eDiscovery in Microsoft Purview
  • Create an eDiscovery search
  • Conduct an eDiscovery search
  • Export eDiscovery search results
  • Module assessment
  • Summary and resources

Dates & Locations

Let’s make it work for you

Can’t find a date that fits? Need to train your whole team? Looking for a discount?
Speak to one of our learning experts today.

x Clear all selections

July 20, 2026 - July 23, 2026

Location: Kuala Lumpur
Modal: ILT
Availability: TBC
Exam:
RM 374
RM 3000

July 20, 2026 - July 23, 2026

Location: Online
Modal: VILT
Availability: TBC
Exam:
RM 374
RM 3000

September 7, 2026 - September 10, 2026

Location: Kuala Lumpur
Modal: ILT
Availability: TBC
Exam:
RM 374
RM 3000

September 7, 2026 - September 10, 2026

Location: Online
Modal: VILT
Availability: TBC
Exam:
RM 374
RM 3000

October 19, 2026 - October 22, 2026

Location: Kuala Lumpur
Modal: ILT
Availability: TBC
Exam:
RM 374
RM 3000

October 19, 2026 - October 22, 2026

Location: Online
Modal: VILT
Availability: TBC
Exam:
RM 374
RM 3000

December 7, 2026 - December 10, 2026

Location: Kuala Lumpur
Modal: ILT
Availability: TBC
Exam:
RM 374
RM 3000

December 7, 2026 - December 10, 2026

Location: Online
Modal: VILT
Availability: TBC
Exam:
RM 374
RM 3000
Trainocate exam and cert

Exam & Certification

Microsoft Certified: Information Security Administrator Associate

As an Information Security Administrator, you plan and implement information security of sensitive data by using Microsoft Purview and related services. You’re responsible for mitigating risks by protecting data inside collaboration environments that are managed by Microsoft 365 from internal and external threats and protecting data used by AI services. You also implement information protection, data loss prevention, retention, insider risk management, and manage information security alerts and activities.

You work with other roles that are responsible for governance, data, and security to evaluate and develop policies to address an organization’s information security and risk reduction goals. You collaborate with workload administrators, business application owners, and governance stakeholders to implement technology solutions that support the necessary policies and controls. This role also participates in responding to information security incidents.

You should be familiar with all Microsoft 365 services, PowerShell, Microsoft Entra, the Microsoft Defender portal, and Microsoft Defender for Cloud Apps.

Training & Certification Guide

Frequently Asked Questions

SC-200T00: Microsoft Security Operations Analyst

In this course you will learn how to mitigate cyberthreats using these technologies. Specifically, you will configure and use Azure Sentinel as well as utilize Kusto Query Language (KQL) to perform detection, analysis, and reporting.

SC-300T00: Microsoft Identity and Access Administrator

This SC-300T00: Microsoft Identity and Access Administrator course explores how to design, implement, and operate an organization’s identity and access management systems by using Azure AD. Learn to manage tasks such as providing secure authentication and authorization access to enterprise applications.

SC-100T00: Microsoft Cybersecurity Architect

This SC-100T00: Microsoft Cybersecurity Architect course prepares students with the background to design and evaluate cybersecurity strategies in the following areas: Zero Trust, Governance Risk Compliance (GRC), security operations (SecOps), and data and applications.

 

Speak to a Training Consultant

All courses are HRD Claimable.
Get in touch with our team via the form or WhatsApp us on +6011-5119 6631

Preferred mode of training
Checkboxes