SC-400 Microsoft Information Protection

My Tips for taking & passing – SC-400 Microsoft Information Protection Administrator in 2022

The core topics in the SC-400 are.

Implement Information Protection (35-40%)

Implement Data Loss Prevention (30-35%)

Implement Information Governance (25-30%)

Ideally in this exam you should try to be focusing on the areas with 25% rating in this exam there are 3 which is the exam broken down into the 3 areas.

I found this exam to be the most challenging of them all. The reasoning behind this is this exam tests you on your ability to use features in office 365, SharePoint azure being able to integrate the different features and understand how to use them in a best practice is important.

All Values listed above are subject to change in accordance with Microsoft’s Exam Guidelines, unfortunately I cannot guarantee that all information is correct and is based on my experience when I took the exam.

1: get comfortable with using and creating dictionaries within azure, being able to understand how to classify items is key, understanding how to use sensitivity labels is important as the exam test your knowledge on creating configuring and labelling the different sensitivity labels, where possible play around with Microsoft Teams, SharePoint and office 365 as all these features utilize sensitivity labels, especially for content being sent received and posted onto chats.

Understanding how to use encryption where to apply it and how to restrict both on prem and cloud uses is important, try playing around with defender, compliance, and endpoint management. You need to be able implement message encryption in office 365 you also need to understand why you enable it.

2: DLP is a massive part of this exam a whopping 35%, you are most definitely going to be asked how to configure dlp policies in office 365 and exchange online.

You need to be comfortable with setting these kinds of policies up, dlp spans through SharePoint, OneDrive teams chats and cloud app security, my best advice is to setup a test tenant and start understanding how to integrate and setup the policies across the services. What you’ll notice about dlp is that it integrates into Intune which is now known as endpoint management , its critical your able to create policies in Intune for both Hybrid and Cloud only instances , dlp also monitors how Intune manages devices this is complex and does require hours of learning I would suggest you take a look at YouTube and head over to Mark Grimes channel he has some excellent material and is definitely worth the watch.

3:  information protection is also a massive part of the exam it’s a whopping 40%

Understanding conditional access configuring policies for exchange SharePoint OneDrive and teams are tested heavily on this section get familiar with it my doing Microsoft learn , setting up a tenant on office 365 playing and understanding how azure active directory works these will all better assist in the exams and make it more memorable , remember you have gone through allot of material at this stage the sc400 ties up everything in a neat bow use this to your advantage at this stage your just practicing setting up policies.

Configuring endpoints understanding data loss protection practices are all part of this exam , head over look at the Nist Framework this will guide you on best practices , Get experience using Mcas Microsoft cloud app security , if you work in IT You will find this is all procedures you will be doing on a daily basis with Microsoft products and services , utilize your Career as a wat of advancing your learning , practice , practice , practice is key.

4: Information governance is about 30% of the exam , this is all about retention policies for all the services in office 365 again get practice with this , in your lab environment you should be trying to implement some of these features to see how they work , in a real life scenario you will find you would be doing some of this daily like archiving policies for exchange , recovering content for users applying mailbox holds for accounts for audit purposes all these are things that an it pro does on a daily basis get practicing these look at the objectives of the exam and as you feel comfortable with it tick them of then go back and do it again keep doing this until you know you understand it usually your gut will tell you.

5: Remember the sc-400 is the final in the series of security exams but your learning does not stop here, these can all be used to help you in other exams such as the Azure administrator associate and the Azure solutions Architect, if you put in the Time to learning the technology, studying practicing you will have no problem passing this exam.