Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Microsoft

MS-500 part 4: Manage Governance and Compliance Features in Microsoft 365

Microsoft via Microsoft Learn

Overview

Limited-Time Offer: Up to 75% Off Coursera Plus!
7000+ certificate courses from Google, Microsoft, IBM, and many more.
  • Module 1: Explore reporting in the Microsoft 365 security services
  • By the end of this module, you will be able to:

    • List several types of reports that provide insight into how your organization is being protected from attacks using email as the threat vector
    • Identify where to access reports generated by EOP and Microsoft Defender for Office 365
    • Describe how to access detailed information from reports generated by EOP and Microsoft Defender for Office 365
  • Module 2: Learn how compliance works in Exchange Online. Learn how to use retention and data loss prevention policies to keep the data and communications you're required to maintain, how to find that data and communications, and how to ensure you're ready for an audit.
  • At the end of this module, you should be able to:

    • Explain retention policies.
    • Explain data loss prevention policies.
    • Explain audit logs.
    • Explain content search.
  • Module 3: Manage Advanced eDiscovery
  • By the end of this module, you will be able to:

    • Describe Advanced eDiscovery
    • Configure permissions for users in Advanced eDiscovery
    • Create cases in Advanced eDiscovery
    • Search and prepare data for Advanced eDiscovery
  • Module 4: In this module, you will learn about the shared responsibility model and important Compliance Manager concepts.
  • At the end of this module, you should be able to:

    • Describe the key components of the Compliance Manager user experience.
    • List key capabilities available in the various Compliance Manager features.
  • Module 5: Learners will know, understand, and be able to describe Data Subject Requests (DSRs). They will also know how to manage DSRs on Azure and Microsoft 365.
  • By the end of this module, you should know more about:

    • DSRs
    • How to use a DSR in Azure Active Directory (Azure AD).
    • How to use a DSR for Microsoft accounts.
    • How to use a DSR for Office 365 apps.
    • How to use a DSR for consumer data and logs.
  • Module 6: Communication compliance in Microsoft 365 is a solution that helps organizations address code-of-conduct policy violations in company communications, while also assisting organizations in regulated industries meet specific supervisory compliance requirements. Communication Compliance uses machine learning to intelligently detect violations across different communication channels such as Microsoft Teams, Exchange Online, or Yammer messages.
  • Upon completion of this module, you should be able to:

    • List the enhancements in communication compliance over Office 365 Supervision policies, which it will replace.
    • Explain how to identify and remediate code-of-conduct policy violations.
    • List the prerequisites that need to be met before creating communication compliance policies.
    • Describe the types of built-in, pre-defined policy templates.
  • Module 7: Insider risk management in Microsoft 365 helps organizations address internal risks, such as IP theft, fraud, and sabotage. Learn about insider risk management and how Microsoft technologies can help you detect, investigate, and take action on risky activities in your organization.
  • Upon completion of this module, you should be able to:

    • Explain how insider risk management in Microsoft 365 can help prevent, detect, and contain internal risks in an organization.
    • Describe the types of built-in, pre-defined policy templates.
    • List the prerequisites that need to be met before creating insider risk policies.
    • Explain the types of actions you can take on an insider risk management case.
  • Module 8: Information barriers enable administrators to define policies to allow or prevent communications between groups of users in Microsoft Teams chats and channels. When information barrier policies are in place, people who should not communicate with other specific users won't be able to find, select, chat, or call those users. With information barriers, checks are in place to prevent unauthorized communication.
  • Upon completion of this module, you should be able to:

    • Describe how information barrier policies can help your organization maintain compliance with relevant industry standards and regulations, and avoid potential conflicts of interest.
    • List the types of situations when information barriers would be applicable.
    • Explain the process of creating an information barrier policy.
    • Explain how to troubleshoot unexpected issues after information barriers are in place.
  • Module 9: Privileged access management allows granular access control over privileged admin tasks in Office 365. Privileged access management requires users to request just-in-time access to complete elevated and privileged tasks through a highly scoped and time-bound approval workflow. This configuration gives users just-enough-access to perform the task at hand without risking exposure of sensitive data or critical configuration settings.
  • Upon completion of this module, you should be able to:

    • Explain the difference between privileged access management and privileged identity management.
    • Describe the privileged access management process flow.
    • Describe how to configure and enable privileged access management.
  • Module 10: Customer Lockbox supports requests to access data in Exchange Online, SharePoint Online, and OneDrive when Microsoft engineers need to access customer content to determine root cause and fix an issue. Customer Lockbox requires the engineer to request access from the customer as a final step in the approval workflow. This gives organizations the option to approve or deny these requests and provide direct-access control to the customer.
  • Upon completion of this module, you should be able to:

    • Describe the Customer Lockbox workflow.
    • Explain how to approve or deny a Customer Lockbox request.
    • Explain how you can audit actions performed by Microsoft engineers when access requests are approved.

Syllabus

  • Module 1: Explore reporting in the Microsoft 365 security services
    • Introduction
    • Examine the Threat Protection Status report
    • Examine the Defender for Office 365 Message Disposition report
    • Examine the File Type and Disposition report
    • Examine the Malware Detections report
    • Examine the Top Malware report
    • Examine the Top Senders and Recipients report
    • Examine the Spoof Mail report
    • Examine the Spam Detections report
    • Examine the Sent and Received Email report
    • Knowledge check
    • Summary
  • Module 2: Manage compliance in Microsoft 365 and Exchange Online
    • Introduction to managing compliance
    • Configure retention policies
    • Configure data loss prevention policies
    • Configure and analyze audit logs
    • Manage journal rules
    • Manage content search
    • Summary and knowledge check
  • Module 3: Manage Advanced eDiscovery
    • Introduction
    • Explore Advanced eDiscovery
    • Implement Advanced eDiscovery
    • Manage a workflow in Advanced eDiscovery
    • Analyze an Advanced eDiscovery workflow example
    • Analyze data in Advanced eDiscovery
    • Knowledge check
    • Summary
  • Module 4: Explore Microsoft Compliance Manager
    • Introduction
    • Configure permissions and automation
    • Review Compliance Manager dashboard
    • Achieve compliance with improvement actions
    • Identify how Microsoft solutions impact compliance
    • See how Compliance Manager simplifies compliance
    • Track adherence to regulations, standards, and policies with assessments
    • Align to your compliance requirements with assessment templates
    • See how to create assessments and monitor progress
    • Knowledge check
    • Summary
  • Module 5: Responding to Data Subject Requests (DSRs)
    • Introduction
    • What is a Data Subject Request?
    • DSRs for Azure AD and Microsoft service accounts
    • DSRs for Office 365 applications
    • Respond to a customer-data DSR
    • Respond to a DSR for system-generated logs
    • Exercise-Responding to a DSR in Azure AD
    • Knowledge check
    • Summary
  • Module 6: Prepare communication compliance in Microsoft 365
    • Introduction to communication compliance
    • Identify and resolve communication compliance workflow
    • Introduction to communication compliance policies
    • Knowledge check
    • Case study--Configure an offensive language policy
    • Investigate and remediate communication compliance alerts
    • Summary and knowledge check
  • Module 7: Manage insider risk in Microsoft 365
    • Insider risk management overview
    • Introduction to managing insider risk policies
    • Create and manage insider risk policies
    • Knowledge check
    • Investigate insider risk alerts
    • Take action on insider risk alerts through cases
    • Summary and knowledge check
  • Module 8: Plan information barriers
    • Introduction to planning information barriers
    • Plan information barriers
    • Sample scenario on information barriers
    • Summary and knowledge check
  • Module 9: Implement privileged access management
    • Introduction to privileged access management
    • Case study--Implementing privileged access management
    • Summary and knowledge check
  • Module 10: Manage Customer Lockbox
    • Introduction to Customer Lockbox
    • Manage Customer Lockbox requests
    • Summary and knowledge check

Reviews

Start your review of MS-500 part 4: Manage Governance and Compliance Features in Microsoft 365

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.