Takaisin

MS-500.4: Administering Microsoft 365 Built-in Compliance

Internal policies and external requirements for data retention and investigation may be necessary for your organization. In this course you will learn about archiving and retention in Microsoft 365 as well as data governance and how to conduct content searches and investigations. Specifically, this course covers data retention policies and tags, in-place records management for SharePoint, email retention, and how to conduct content searches that support eDiscovery investigations.  The course also helps your organization prepare for Global Data Protection Regulation (GDPR).

This course is for the Microsoft 365 security administrator role.  This role collaborates with the Microsoft 365 Enterprise Administrator, business stakeholders and other workload administrators to plan and implement security strategies and ensures that the solutions comply with the policies and regulations of the organization.

This role proactively secures Microsoft 365 enterprise environments. Responsibilities include responding to threats, implementing, managing and monitoring security and compliance solutions for the Microsoft 365 environment. They respond to incidents, investigations and enforcement of data governance.
 
The Microsoft 365 Security administrator is familiar with Microsoft 365 workloads and has strong skills and experience with identity protection, information protection, threat protection, security management and data governance. This role focuses on the Microsoft 365 environment and includes hybrid environments.

After completing this course, learners should be able to:

  • Plan and deploy a data archiving and retention system.
  • Perform assessments in Compliance Manager.
  • Manage email retention through Exchange.
  • Conduct an audit log investigation.
  • Create and manage an eDiscovery investigation.
  • Manage GDPR data subject requests.

Prerequisites: 

Learners should start this course already having the following skills:

  • Basic conceptual understanding of Microsoft Azure
  • Experience with Windows 10 devices
  • Experience with Office 365
  • Basic understanding of authorization and authentication
  • Basic understanding of computer networks
  • Working knowledge of managing mobile devices

Related courses for MS-500: Microsoft 365 Security Administator certification:

Managing Microsoft 365 Identity and Access
Implementing Microsoft 365 Threat Protection
Implementing Microsoft 365 Information Protection

Module 1: Archiving and Retention
This module explains concepts related to retention and archiving of data for Microsoft 365 including Exchange and SharePoint.

  • Archiving in Microsoft 365
  • Retention in Microsoft 365
  • Retention Policies in the Security and Compliance Center
  • Archiving and Retention in Exchange
  • In-place Records Management in SharePoint
  • Lab : Archiving and Retention
  • Create and license users in your organization
  • Configure Retention Tags and Policies
  • MRM Retention Policies

After completing this module, you should be able to:

  • Describe Data Governance in Microsoft 365.
  • Describe the difference between In-Place Archive and Records Management.
  • Explain how data is archived in Exchange.
  • Recognize the benefits of In Place Records Management in SharePoint.
  • Explain the difference between Message Records Management (MRM) in Exchange and Retention in Security and Compliance center.
  • Explain how a retention policy works.
  • Create a retention policy.
  • Enable and disable In-Place Archiving.
  • Create useful retention tags.

Module 2: Data Governance in Microsoft 365
This module focuses on data governance in Microsoft 365. The module will introduce you to Compliance Manager and discuss GDPR.

  • Planning Security and Compliance Needs
  • Building Ethical Walls in Exchange Online
  • Manage Retention in Email
  • Troubleshooting Data Governance
  • Analytics and Telemetry

After completing this module, you should be able to:

  • Plan security and compliance roles.
  • Describe what you need to consider for GDPR.
  • Describe what an ethical wall in Exchange is and how it works.
  • Work with retention tags in mailboxes
  • Describe retention policies with email messages and email folders
  • Explain how the retention age of elements is calculated.
  • Repair retention policies that do not run as expected.

Module 3: Managing Search and Investigations
This module is focused on content searching and investigations. Specifically, it covers how to use eDiscovery to conduct advanced investigations of Microsoft 365 data. It also covers audit logs and discusses GDPR data subject requests.

  • Searching for Content in the Security and Compliance Center
  • Audit Log Investigations
  • Advanced eDiscovery
  • Lab : eDiscovery
  • Create and license users in your organization
  • Investigate your Microsoft 365 Data

After completing this module, you should be able to:

  • Describe how to use content search.
  • Designing your content search.
  • Configuring search permission filtering.
  • Describe what the audit log is and the permissions that are necessary to search the Office 365 audit log.
  • Configure Audit Policies.
  • Enter criteria for searching the audit log.
  • Export search results to a CSV file.
  • Describe what Advanced eDiscovery is and what requirements are needed.
  • Analyze data in Advanced eDiscovery.
  • Viewing the Advanced eDiscovery event log.
  • Use Express Analytics.
Näytä lisää Sulje
Markus Lintuala
Markus Lintuala Senior System Consultant Tämä sähköpostiosoite on suojattu spamboteilta. Tarvitset JavaScript-tuen nähdäksesi sen.

Pitkä ja laaja käytännön kokemus pilvipalveluista, Microsoft 365 ratkaisuista sekä Microsoftin loppukäyttäjä- ja infraratkaisuista.

* Microsoft Certified Azure Solutions Architect Expert
* Microsoft 365 Certified: Enterprise Administration Expert
* Microsoft Certified Trainer

Muut sertifioinnit: https://www.youracclaim.com/users/markus-lintuala/badges
Blogi: https://bloggerz.cloud

Ilmoittaudu kurssille

Tietosuoja

Palvelussa voidaan käsitellä Elisan tietosuojaperiaatteissa kuvattuja henkilötietoja, kuten esimerkiksi nimi, yhteystiedot ja palvelun käyttöön liittyvät tiedot. Elisa on palvelussa käsiteltävien henkilötietojen osalta tietosuojalainsäädännössä tarkoitettu henkilötietojen rekisterinpitäjä.

Elisa käsittelee rekisterinpitäjänä henkilötietoja kulloinkin voimassaolevien tietosuojaperiaatteiden mukaisesti (https://elisa.fi/sopimusehdot) ja (https://elisa.fi/tietosuoja).

Elisalla on oikeus käyttää palveluiden tuottamisessa ja henkilötietojen käsittelyssä alihankkijoita.

English:

When using the service, the following types of personal information may be handled; name and contact information, employee information and other information from the client company, end user information, information related to use of the service and customer satisfaction information. This information is needed for the maintenance and development of the service. In terms of the personal information being handled, the customer is the controller as intended in information protection legislation and the service provider is the handler.

The customer's personal information is to be handled in the manner outlined in the agreement and this service description in order to provide and develop the services. Any other handling of the customer's personal information and its effect on costs in accordance with the General Data Protection Regulation are to be agreed upon separately between the parties to the agreement.

The provider or their subcontractor may collect data for the maintenance, improvement or analysis of the service. The provider reserves the right to use subcontractors in the production of their services and sub-handlers in the handling of personal information. The customer has the right to receive information on the provider's subcontractors and sub-handlers upon request.