Author: Harri Jaakkonen

Section 8 – Implement data lifecycle and records management – Retain and delete data by using retention labels

Plan for information retention and disposition by using retention labels You can control how long your organization keeps content using two main actions: These actions allow you to configure various retention settings: Benefits of using these retention settings: Create retention…

Continue Reading Section 8 – Implement data lifecycle and records management – Retain and delete data by using retention labels

Section 7 – Implement DLP – Monitor and manage DLP activities

Analyze DLP reports DLP transmits a substantial volume of data to Microsoft Purview, encompassing monitoring, policy matches, user activities, and subsequent actions. To effectively refine your policies and assess actions on sensitive items, you must engage with and respond to…

Continue Reading Section 7 – Implement DLP – Monitor and manage DLP activities

Section 6 – Implement DLP – Implement and monitor Endpoint DLP

Configure advanced DLP rules for devices in DLP policies Supported virtualization You can include virtual machines as monitored devices in the Microsoft Purview compliance portal, and the onboarding procedures remain the same as those listed above. Onboarding Endpoint Data Loss…

Continue Reading Section 6 – Implement DLP – Implement and monitor Endpoint DLP

Section 5 – Implement DLP – Create and configure DLP policies

Design DLP policies based on an organization’s requirements Designing Data Loss Prevention could be based on the regulations of your industry or just internal security principles that should be made to carve the security measure framework in to stone. In…

Continue Reading Section 5 – Implement DLP – Create and configure DLP policies

Section 3 – Implement information protection – Design and implement encryption for email messages

Design and implement encryption for email messages Design an email encryption solution based on methods available in Microsoft 365 Features Feature Description Message Encryption (OME) – Encrypts messages for internal and external recipients. – Allows encrypted messages to any email…

Continue Reading Section 3 – Implement information protection – Design and implement encryption for email messages

Section 2 – Implement information protection – Rest of sensitivity label content and Design

This is the second part of Sensitivity labels. Sensitivity label content continued Configure auto-labeling policies for sensitivity labels Using Auto-labeling policies is called Service-side processing Service-side auto-labeling Auto-labeling on the service side, also known as auto-labeling for data at rest…

Continue Reading Section 2 – Implement information protection – Rest of sensitivity label content and Design

Section 2 – Implement information protection – Implement and manage sensitivity labels

This will be a two part section as there is a lot to talk about Sensitivity labels. Implement and manage sensitivity labels In this section we are talking on how to Protect your data scope. There is a clear story…

Continue Reading Section 2 – Implement information protection – Implement and manage sensitivity labels

Section 1 – Implement information protection – Create and SITs and trainable classifiers

The first section of this Study guide is going to cover Information types and trainable classifiers but maybe first introducing the different trials that you can use to try them out, if you don’t have real licenses available. You can…

Continue Reading Section 1 – Implement information protection – Create and SITs and trainable classifiers

Exam cram for SC-400 – Administering Information Protection and Compliance in M365

Previously I did Study guides for SC-300, AZ-500, SC-100 and SC-200. So now it’s the turn for the Compliance part under the Security umbrella. See here for the previous Study guides. And if you want to have 1to1 mentoring sessions,…

Continue Reading Exam cram for SC-400 – Administering Information Protection and Compliance in M365

Section 15 – Hunt for threats using Microsoft Sentinel

Create custom hunting queries Like stated in the last part, all Gallery content has been Centralized to Content hub. You will see the following notification under Custom hunting rules. https://learn.microsoft.com/en-us/azure/sentinel/sentinel-content-centralize If you need inspiration based on MITRE Framework for your…

Continue Reading Section 15 – Hunt for threats using Microsoft Sentinel