Implementing information protection and governing AI usage in Microsoft 365
This training is intended for administrators responsible for data security in a Microsoft 365 environment, at a time when the adoption of generative AI is introducing new exposure vectors for organizational content. You will be able to design a data classification and labeling strategy across the suite's various applications, define data loss prevention (DLP) policies tailored to communication channels and endpoints, and configure specific controls to govern data used by AI services, ranging from content access to securing interactions with agents. Participants will also learn to detect and address risky behaviors using internal monitoring tools, and then manage the resulting incidents. The training prepares for the Microsoft Certified: Information Security Administrator Associate certification.
Important note: SC-401 replaces SC-400, which was retired by Microsoft in May 2025. The scope has been refocused on information protection, data security, and securing AI usage. Advanced records management, eDiscovery, and auditing components previously found in SC-400 are no longer covered by this certification.
Is it for you ?
This training is aimed at information security administrators who collaborate with governance, security, and business stakeholders (HR, legal, application owners) to assess and implement data protection strategies. It is also suitable for professionals in security, compliance, or Microsoft 365 administration roles who wish to specialize in information protection and securing AI usage.
Prerequisites
• Experience with Microsoft 365 services (Exchange Online, SharePoint, OneDrive, Teams, Microsoft 365 Apps)
• Concepts of security and data protection
• Zero Trust principles
• Basic knowledge of PowerShell (useful)
What You'll Walk Away With
- ✓ You deploy a data classification and labeling strategy across your Microsoft 365 environment.
- ✓ You design and fine-tune data loss prevention (DLP) policies tailored to your organization’s channels and endpoints.
- ✓ You govern access to sensitive data used by generative AI services and secure interactions with agents.
- ✓ You detect insider risk behaviors and manage data security incidents from end to end.
- ✓ You consolidate your preparation for the Information Security Administrator Associate (SC-401) certification.
Training content
1 Information Fundamentals and Classification
- Introduction to Microsoft Purview and the Microsoft Purview portal
- Data protection model in Microsoft 365
- Discovery and classification of sensitive data
- Predefined and custom Sensitive Information Types (SIT)
- Trainable classifiers
- Exact Data Match (EDM)
- Document Fingerprinting
2 Information Protection and Sensitivity Labels
- Creation, publication, and management of sensitivity labels
- Applying labels in Office, Outlook, SharePoint, OneDrive, and Teams
- Encryption and permissions via labels
- Auto-labeling and recommended labeling
- Container labeling (sites, teams, groups)
- Microsoft Purview Information Protection scanner for on-premises data
- Retention policies and retention labels
- Data lifecycle management in Microsoft 365
3 Data Loss Prevention (DLP) and Protection in the AI Era
- Designing and planning a DLP strategy
- DLP policies for Microsoft 365, Endpoint, and Cloud Apps
- Endpoint DLP (Windows and macOS)
- DLP for Microsoft Teams and Chat
- Adaptive Protection (integration with Insider Risk Management)
- Investigation and tuning of DLP rules
- Protecting data used by Microsoft 365 Copilot and AI services
- Data access and sharing controls in AI environments
- Securing prompts and AI-generated outputs
4 Insider Risk Management and Incident Response
- Configuration and deployment of Insider Risk Management
- Policy models (data leaks, IP theft, departing users)
- Defining indicators, thresholds, and triggers
- Investigation workflow and case management
- Forensic evidence and integration with Microsoft Defender XDR
- Communication Compliance (monitoring risky communications)
- Alert management and data security incident response
- Logging, auditing, and reporting
📌 Practical information
Our training sessions are offered in Montreal or Quebec City, in person or in a virtual classroom. Dates and locations are specified when you select your session below. If you have any questions, check out our FAQ.