Note: This course is the replacement of SC-400T00: Administering Information Protection and Compliance in Microsoft 365.

The SC-401: Information Security Administrator course prepares professionals to protect sensitive data and manage information security across Microsoft 365 using Microsoft Purview. Whether you’re new to the role or looking to improve, the SC-401 course equips you to confidently implement policies that guard against both internal and external threats. You’ll learn how to configure data loss prevention (DLP), apply retention labels, manage insider risks, and respond to security incidents. You’ll also explore how to classify and protect data used within AI-driven Microsoft services, an increasingly critical area in today’s compliance landscape. 

This Information Security Admin course is ideal for IT and security administrators responsible for securing data in collaborative environments. You’ll collaborate with governance and compliance teams, manage alerts, conduct audits, and apply best practices for data protection. 

SC-401 - Information Security Administrator Course Objectives 

  • Implement Microsoft Purview to classify, protect, and govern sensitive data.
  • Configure data loss prevention (DLP) policies to prevent unauthorized data sharing.
  • Manage insider risk using Microsoft Purview Insider Risk Management tools.
  • Apply sensitivity labels and encryption to enhance data security in Microsoft 365.
  • Secure AI environments by mitigating risks with Microsoft Purview solutions.

Upcoming Schedules

Exam and Certification

SC-401T00:: Information Security Administrator

Who should attend the SC-401 Training

  • Security Administrator
  • Security Governance and Risk Manager

Prerequisites for Information Security Administrator Training

Required

  • Familarity with all Microsoft 365 services, PowerShell, Microsoft Entra, the Microsoft Defender portal, and Microsoft Defender for Cloud Apps.

Microsoft SC-401 Course Outline

Implement Microsoft Purview Information Protection
arrow iconarrow icon

  • Protect sensitive data in a digital world
    • Describe challenges in protecting sensitive data across cloud and AI environments.
    • Explain how Microsoft Purview enables data classification, labeling, and protection.
    • Identify how data loss prevention (DLP) prevents unauthorized data sharing.
    • Understand how Insider Risk Management helps detect potential threats.
    • Explore security monitoring tools for detecting and responding to data risks.
  • Classify data for protection and governance
    • Explain the importance of data classification for protection and governance.
    • Describe how sensitive information types (SITs) classify structured data.
    • Explain how trainable classifiers identify unstructured data.
    • Create a custom trainable classifier to detect organization-specific content.
  • Review and analyze data classification and protection
    • Interpret Information Protection Reports to assess classification and protection trends.
    • Investigate labeled content using Data explorer and Content explorer to identify classification patterns.
    • Analyze user activity in Activity explorer to detect policy violations and potential security risks.
    • Use Microsoft Purview tools to improve data security, maintain compliance, and refine protection strategies.
  • Create and manage sensitive information types
    • Recognize the difference between built-in and custom sensitivity labels.
    • Configure sensitive information types with exact data match-based classification.
    • Implement document fingerprinting.
    • Create custom keyword dictionaries.
  • Create and configure sensitivity labels with Microsoft Purview
    • Understand the basics of Microsoft Purview sensitivity labels in Microsoft 365.
    • Create and publish sensitivity labels to classify and safeguard data.
    • Configure encryption settings with sensitivity labels for improved data security.
    • Implement auto-labeling for consistent data classification and protection.
    • Use the Microsoft Purview data classification dashboard to monitor sensitivity label usage.
  • Apply sensitivity labels for data protection
    • Understand the foundations of sensitivity label integration in Microsoft 365.
    • Manage sensitivity label use in Office apps for security compliance.
    • Secure Outlook and Teams meetings with sensitivity labels.
    • Apply labels to Microsoft 365 Groups, SharePoint, and OneDrive for data protection.
  • Classify and protect on-premises data with Microsoft Purview
    • Prepare your environment to support the Microsoft Purview Information Protection scanner
    • Configure scanner settings, authentication, and deployment prerequisites
    • Run scans in discovery or enforcement mode
    • Apply sensitivity labels and protection to on-premises files
    • Use data loss prevention (DLP) rules to restrict access or quarantine files based on policy
  • Understand Microsoft 365 encryption
    • Explain how encryption mitigates the risk of unauthorized data disclosure.
    • Describe Microsoft data-at-rest and data-in-transit encryption solutions.
    • Explain how Microsoft 365 implements service encryption to protect customer data at the application layer.
    • Understand the differences between Microsoft managed keys and customer managed keys for use with service encryption.
  • Protect email with Microsoft Purview Message Encryption
    • Enable Microsoft Purview Message Encryption using Azure Rights Management
    • Apply encryption automatically using mail flow rules
    • Customize branding for encrypted messages and the encryption portal
    • Use Advanced Message Encryption to control message expiration and revocation

FAQs on Information Security Administrator Course

What is SC-401 (Information Security Administrator Training)?

down-arrow-icon

The SC-401: Information Security Administrator training is a Microsoft certified course that teaches you how to protect sensitive data and manage risks using Microsoft Purview. As an Information Security Administrator, you’ll learn to implement information protection, data loss prevention (DLP), and insider risk policies across Microsoft 365, helping your organization stay secure and compliant. 

What is the difference between SC-400 and SC-401?

down-arrow-icon

While both SC-400 and SC-401 revolve around Microsoft Purview, their focus areas differ significantly. SC-400 centers on compliance management, data lifecycle governance, and regulatory adherence, helping professionals manage information governance policies across Microsoft 365. 

SC-401 – Information Security Administrator, introduced as its successor, shifts toward a more security-focused approach. It emphasizes information protection, data loss prevention, risk mitigation, and threat response, especially within collaborative Microsoft 365 environments. The SC-401 course builds practical skills for securing sensitive data, managing insider risks, and responding to security incidents, making it essential for professionals responsible for enterprise data protection. 

What does an Information Security Administrator do?

down-arrow-icon

An Information Security Administrator is responsible for protecting an organization’s IT systems and sensitive data. They manage and secure networks, implement data protection policies, monitor security threats, and respond to incidents. Their role ensures the organization’s systems run smoothly, remain compliant, and are safeguarded from internal and external risks. 

Is the SC-401: Information Security Administrator course & certification still relevant in 2025?

down-arrow-icon

Yes, the SC-401course & certification are more relevant than ever in 2025. With the increasing volume of data and the growing threat of cyberattacks, professionals who can implement and manage information protection solutions are critical. The Microsoft Information Security Administrator Associate certification validates the essential skills of an Information Security Administrator, making it a highly sought-after credential for securing enterprise data. 

What kind of post-training support do you provide to ensure our employees pass the SC-401 exam?

down-arrow-icon

Our Microsoft SC-401 - Information Security Administrator training is designed to ensure exam success. We provide access to your e-learning portal, which contains all official courseware and the recorded sessions from your class. This allows employees to review complex topics and prepare for the SC 401 exam at their own pace, even after the live training has concluded.