Overview
This is a detailed 5-day course with hands on labs. The course covers understanding and implementation of Microsoft Purview features for Office 365 (Aka Compliance and Governance). This course is appropriate to anyone interested in any feature available in the Microsoft Purview Compliance Portal. This course covers Office 365 features pertaining to various Office 365 subscriptions: Business, E3, E5.
This course complements Microsoft Information Protection framework of;
- Knowing your Data
- Protecting your Data
- Prevent Data Loss
- Govern Your Data
Target Audience
- Technical Business Decision Makers
- Office 365 IT Professionals
- Anyone who has a business interest in how to Implement Governance Security and Compliance for their organisation in Office 365
Practical Labs
During the course students will create their own Office 365 and have labs which populate their environment with data then implement the features learnt through the course (note due to latency of Microsoft services some labs can take several hours or more to complete) Labs are written so students can choose which labs they want to complete.
Prerequisites
An understanding of Office 365 core technologies and an interest in the business benefits of the Microsoft Office 365 Platform from a Governance Security and Compliance perspective.
Course Outline
Module 1 – Introducing Compliance Standards and Microsoft Commitments
Data Breaches
Data Breach Statistics
Common Compliance Standards
General Data Protection Regulation (GDPR)
- Core Principles of GDPR
- Microsoft 365 GDPR Action Plan
- GDPR Activity Hub
Microsoft’s Commitment to Compliance
- Contractual Commitments
Microsoft Compliance Offerings
What is Microsoft 365 Purview?
Microsoft Azure Purview Features
Microsoft Purview Compliance Portal
Microsoft Purview Compliance PowerShell
Microsoft Purview Compliance Licensing, Roles and Permissions
Purview Compliance features licensing
Licensing Resources
Azure AD Admin Roles
Relationships Between Azure AD Administrative Roles
Azure AD Privileged Identity Management (PIM)
Azure AD Access Reviews
Office 365 Privileged Access Management
Permissions in Microsoft Purview Compliance Portal and Microsoft 365 Defender Portal
Microsoft’s Compliance Model
Microsoft 365 Compliance is Evergreen
Lab 1.1a Sign into Microsoft 365 and Create Sample Users
Lab 1.2 Azure AD Privileged Identity Management
Lab Optional - Uploading Profile Pictures for Sample users
Lab Optional - Using Google Chrome Profiles
Lab Optional - Using Microsoft Edge Profiles
Lab Optional - How to Get 300 days Office 365 for free
Module 2 Microsoft 365 Search Concepts
Introducing Microsoft 365 search concepts
Microsoft Search
Benefits of Using SharePoint to Store Content
- SharePoint Online columns
- SharePoint Online search schema
- SharePoint Online content types
- SharePoint Online columns vs content types
Microsoft Syntex
- Form processing vs content understanding
- Microsoft Syntex classifiers
- Microsoft Syntex extractors
- Syntex and retention labels
- Syntex form processing models
- Microsoft Syntex model analytics
Microsoft Purview Compliance Portal Data Classification
- Trainable classifiers
- Sensitive information types (SIT’s)
- Custom sensitive information types
- Testing sensitive information types
- Exact Data Match (EDM)
Lab 2.1 Content Types
Lab 2.2 SharePoint Online Syntex
Lab 2.3 Exact Data Matching
Module 3 Microsoft 365 Content Search and Microsoft Priva
Microsoft 365 Content Search
- Content Search security
- Configure security filtering for content search
- Running a Content Search
- Search for Teams chat data for on-premises users
- Targeted collection search
- Condition card builder and KQL editor
- Preview sample search results
- Search statistics
- Content Searches in PowerShell
- Export Content Search Results
- Unindexed Items in Content Searches
- Increase download speed when exporting content search results
- Differences between estimated and actual eDiscovery search results
- De-duplication in eDiscovery search results
- Searching for and Deleting Email Messages in an Microsoft 365 Organization
- Using content search to search the mailbox and OneDrive for Business site for a list of users
- Creating, reporting on, and deleting multiple content searches
- Cloning a content search
User Data Search
Microsoft Priva Management
- Priva management delegation
- Priva management settings
- Priva Risk Management
- Discovery and visualization of personal data within an organisation
- Privacy management policies
- Privacy policy alerts and issues
- Subject rights requests
- Creating subject rights requests
- Reviewing subject rights requests
- Automatic detection of priority items
- Data collected review
- Subject rights request content classification
- Completing subject rights request review and reports
- Subject rights request reports
- Subject rights requests – Other tasks
Lab 3.1 Microsoft 365 Content Search
Module 4 Microsoft 365 eDiscovery
Microsoft 365 eDiscovery Tasks
Microsoft 365 eDiscovery Cases
eDiscovery Security
Role Groups for eDiscovery
Compliance Boundaries for eDiscovery Investigations
Creating eDiscovery Cases
Adding Members to an eDiscovery Case
eDiscovery Hold
Content on Hold Preservation
Teams eDiscovery
Exchange Online Litigation Hold
Creating and Running eDiscovery Searches
eDiscovery Exports
Closing and Deleting an eDiscovery Case
Lab 4.1 eDiscovery
Module 5 Premium eDiscovery
Premium eDiscovery Requirements
Licensing – Key Points
Premium eDiscovery Workflow 6
Global Analytics Settings
- Attorney-client Privilege
- Communication Library
- Issuing officer
- Historical Versions
Premium eDiscovery Cases
Identification – Data Custodians
Premium eDiscovery Holds
Premium eDiscovery Communications
Required and optional notifications
Premium eDiscovery Collections
Microsoft Teams Premium eDiscovery
Premium eDiscovery Review Sets
Review Set Collection Options
Content Ingestion Scale
Loading Non-Office 365 Source Data for Premium eDiscovery
Premium eDiscovery Processing
Processing Error Remediation
Review Set Profile Views
Working with Data in a Review Set
Reviewing Set Filters and Queries
Conversational/Threaded Views
Review Sets: Tagging Content
Premium eDiscovery Search and Analytics
Ignoring Text and Optical Character Recognition
Premium eDiscovery Predictive Coding
Exporting Case Data
Module 6 Microsoft 365 Data Retention and Disposal
Microsoft 365 Retention Options
Microsoft 365 Retention Licensing
eDiscovery holds
Retention policies
- Retention policy data behaviour
- Creating retention policies
- Adaptive vs static retention policies
- Adaptive scopes
- Retention policy locations
- Teams retention policy considerations
- Retention options
- Preservation lock
Microsoft 365 Retention Label Administration
Alternative Methods to Auto Apply Retention Labels
- SharePoint – Library or Folder Default Label
- SharePoint – Syntex
- Outlook – Inbox Rules
Single Retention Label per Item
Record Retention Labels
Retention Label Creation
Event Driven Retention
Disposition Reviews
Record Retention Label File Plan Descriptors
Records vs Regulatory Records
Label Publishing and Label Policies
Adaptive Scopes
Static Locations
Retention Label Policies and Locations
Monitoring Retention Labels
Retention Label Auditing
Retention Label PowerShell
Retention Precedence
Retention policy and retention label comparison
Microsoft Retention Flowchart
Inactive Mailboxes
- Recovering or Restoring Inactive Mailboxes
- Recovering and restoring inactive mailbox considerations
- Deleting an inactive mailbox
(Almost) Unlimited archiving
Legacy Retention Functionality
Disposing of Data
Modifying Exchange Online default retention period
SharePoint Online and OneDrive for Business Content Disposal
Microsoft Data Destruction
Lab 6.1 Microsoft 365 Retention Policies
Lab 6.2 Microsoft 365 Retention Labels
Lab 6.3 Exchange Online Archiving
Module 7 Microsoft 365 Authentication
Authentication, Authorisation, and Access Control
Microsoft 365 Authentication Methods
Azure AD Password Protection
Multi-factor Authentication in Microsoft 365
Software Requirements for MFA
Setting up Multifactor Authentication in Microsoft 365
Security Defaults
MFA with conditional access
- Signals (conditions)
- Decisions (actions)
- GPS named location MFA control
- Conditional access filters for devices
MFA User Experience
MFA Authentication App
MFA Number Matching and Additional Context
Module 8 Sharepoint Security
Sharepoint Permissions
SharePoint Team Sites vs Communication Sites
Access Requests
Member Sharing options
Sharepoint Sharing vs Advanced Permission Management
SharePoint Sharing
- Sharing a Site
- Sharing a Document Library/List
- Sharing a Folder or Items
- Item QR Codes
Advanced Permissions (When things get messy)
- Permission levels
- Bespoke Permission Levels
- Granting Explicit Permissions
Permission Inheritance
- Breaking Inheritance
- Broken inheritance visibility
- Enabling and Disabling Permission Inheritance
SharePoint Groups
- Creating additional Sharepoint Groups
- Sharepoint Group Owners
- SharePoint Group Best Practice
- Recommended Sharepoint Group Model
- Special SharePoint Groups
Granting Permissions
Checking Permissions
Modifying and Removing Permissions
Sharepoint Permissions via PowerShell
Sharepoint Permissions Best Practice
SharePoint Site Security Key Takeaway
Lab 8.1 Sharepoint Permissions
Sharepoint Advanced Management Licence features
- Sharepoint Restricted Access Control
- Block download policy for SharePoint sites and OneDrive
- Site lifecycle management
SharePoint Antivirus
- OneDrive Sync Client issues
- Administrator Bypass of Disallowed Infected File Download
- Malware Detection Alerts
Module 9 Sharepoint External Sharing
Authenticated External User sharing
Authenticated External User Link Management
Anonymous Access Links
SharePoint External sharing administration
Tenant Level External Sharing Administration
Azure B2B One Time Passcodes for Guest Users
Pre-Creating Guest Users
Advanced settings for external sharing
File and Folder Links
Outlook External Sharing Link Features
Other Settings
Show to owners the names of people who viewed their files
Site External Sharing Options
PowerShell External Sharing
SharePoint External Sharing Alerts, Auditing, and Reporting
Lab 9.1 SharePoint External Sharing
Module 10 Microsoft 365 Groups and Teams Governance
Understanding Microsoft 365 Groups
Microsoft 365 group building blocks
Microsoft 365 group connectors
Microsoft 365 group creation
Other ways to create Microsoft 365 groups
Deleting a Microsoft 365 group
Microsoft 365 group recovery
- User Microsoft 365 group recovery
- Administrator Microsoft 365 group recovery
Permanently deleting Microsoft 365 groups
Guest access in Microsoft 365 groups
- Controlling Microsoft 365 group guest access
- Removing guest users
- Controlling Microsoft 365 group guest access
- Microsoft 365 Admin Center guest access controls
- Azure AD B2B Controls
- Controlling 365 group guest access by domain
Microsoft 365 groups PowerShell management
Controlling Microsoft 365 group creation
Obsolete Microsoft 365 group expiration and removal
Finding and archiving obsolete Microsoft 365 groups
Microsoft 365 group governance
Microsoft Teams Governance
- Understanding roles and permissions in Microsoft Teams
- Managing user access to Microsoft Teams
- Managing guest access to Teams
- Managing team storage settings
Lab 10.1 Managing Microsoft 365 Groups
Module 11 Microsoft 365 Sensitivity Labels
Sensitivity Labels for Items
Sensitivity labels for files and emails
Sensitivity Label Visual marking, watermarks, headers and footers
Sensitivity Label Protection – Encryption both inside/outside the organisation
Double Key Encryption
Co-authoring of sensitivity label encrypted files
Sensitivity Labels for meetings
Sensitivity Label Client Support
Client ‘Quirks’
Applying File Sensitivity labels
Automatically Applying Sensitivity Labels
Auto labelling Policies
Document Library Default Sensitivity Labels
Sensitivity Labels for Teams, 365 Groups, and SharePoint Sites
Authentication Contexts
Applying a 365 Group or Site Sensitivity Label
Sensitivity Label Priority and Grouping
365 Group and Site vs File and email label ordering
Sublabels
Editing or Deleting a Sensitivity Label
Label Policies
Label Analytics
Data Classification – Activity Explorer
Lab 11.1 Microsoft 365 Sensitivity Labels
Module 12 Microsoft Defender for Cloud Apps
Microsoft Defender for Cloud Apps Overview
Microsoft Defender for Cloud Apps vs Office 365 Cloud App Security
Microsoft Defender for Cloud Apps
Office 365 Cloud App Security
Defender for Cloud Apps Licensing Options
Office 365 Defender for Cloud Apps
Microsoft Defender for Cloud Apps
Microsoft Defender for Cloud Apps updates
Accessing Microsoft 365 Defender for Cloud Apps
Defender for Cloud Apps-specific admin roles
Defender for Cloud Apps network requirements
Connecting Apps
Cloud Discovery Dashboard
User Anonymisation
Cloud App Catalog
App sanctioning
Defender for Cloud Apps Activity Log
Defender for Cloud Apps Activity Privacy
Defender for Cloud Apps investigations
- Files
- Users and accounts
- User governance actions
- Security configuration
- OAuth apps
Microsoft Purview Compliance Portal app reports
Defender for Cloud Apps Policies
Alert integration with Power Automate
Conditional access app control
Deploying conditional access app control
Defender for Cloud Apps policy templates
Policy Alerts
Scoping Defender for Cloud Apps
Integrating Microsoft Defender for Cloud Apps with Generic SIEM, Azure Sentinel, and Power BI
Generic SIEM integration
Azure Sentinel integration
Using Power BI with Defender for Cloud Apps data in Azure Sentinel
Top Tips for Using Defender for Cloud Apps
MDCA Ninja Training
Lab 12.1 Defender for Cloud Apps
Module 13 Managing Insider Risks
Insider Risk Management
- Insider Risk Management Requirements
- Insider Risk Management Process
- Insider Risk Recommended Actions (QuickStart)
- Insider Risk Management scenarios
- Insider Risk Management Settings
- Privacy
- Policy indicators
- Policy timeframes
- Export alerts
- Priority user groups
- Priority physical assets
- Power Automate flows
- Microsoft Teams integration
- Admin notifications
- Inline alert customization
- Insider Risk Management Administration
- User Activity Reports
- Policies
- Policy health and recommendations
- Insider Risk Management Browser Signal Detection
- Alerts
- Cases
- Case actions
- Resolving cases
- Insider Risk Forensic Evidence
- Forensic Evidence Configuration
- Forensic Evidence Client Requirements
- Forensic evidence settings
- Reviewing Forensic Evidence Captures
- Insider Risk Admin auditing
- Insider Risk Management Ninja Training
Communication Compliance
- Communication Compliance policies
- Investigation
- Resolution
- Communication Compliance Ninja Training
Information Barriers
- Information Barriers for OneDrive and SharePoint
- Teams Information Barrier Functionality
- Information Barrier Configuration
- Information Barrier prerequisites
- Segment users in the organisation
- Define OneDrive Segments
- Defining Information Barrier policies
- Applying Information Barrier policies
- Information Barrier Planning Guide
Customer Lockbox
Module 14 Microsoft 365 DLP
Components of DLP Policies
Creating DLP Policies
DLP Document Fingerprinting
Custom DLP Policies
DLP Policy Locations
Endpoint DLP
Microsoft Compliance Extension for Google Chrome
DLP Policy Settings
DLP Conditions/Exceptions
DLP Actions
DLP User Notifications and User Overrides
DLP Incident Reports
DLP PowerShell
DLP PowerShell Key Point
DLP Mark Files as Sensitive by Default
DLP Reports
DLP Activity Explorer
DLP Alerts
Lab 14.1 Data Loss Prevention
Module 15 Microsoft 365 Encryption
Data in Transit
Data at Rest
Encryption in Microsoft 365 Products
Customer Encryption Controls
- Scenario 1: Files are saved on Windows computers
- Scenario 2: Customers want control over the encryption keys used to encrypt your data in Microsoft data centers
- Scenario 3: Files are saved on mobile devices
- Scenario 4: People are communicating via email
- Scenario 5: Users are accessing files using SharePoint or OneDrive for Business
Microsoft 365 Information Protection Ninja Training
Module 16 Microsoft 365 Auditing Alerts Reporting and Compliance Tools
Microsoft 365 Auditing
Audit log permissions
Running an Audit Log Search
Viewing Audit Log Search Results
Exporting audit log search results
Premium Audit in Microsoft 365 Purview
Audit Log Retention Policies
Microsoft 365 Alerts
Reports
Microsoft 365 Management API
Compliance Manager and compliance score
Compliance Manager automated testing
Microsoft Configuration Analyzer for Microsoft Purview (CAMP)
Microsoft 365 Secure Score
Compliance/secure score best practice
Microsoft Service Trust Portal
Microsoft Trust Center
Microsoft Security Site
Lab 16.1 Microsoft 365 Auditing
Lab 16.2 Alerts
Lab 16.3 Compliance Score
Lab 16.4 Secure Score
Frequently asked questions
See all of our FAQsHow can I create an account on myQA.com?
There are a number of ways to create an account. If you are a self-funder, simply select the "Create account" option on the login page.
If you have been booked onto a course by your company, you will receive a confirmation email. From this email, select "Sign into myQA" and you will be taken to the "Create account" page. Complete all of the details and select "Create account".
If you have the booking number you can also go here and select the "I have a booking number" option. Enter the booking reference and your surname. If the details match, you will be taken to the "Create account" page from where you can enter your details and confirm your account.
Find more answers to frequently asked questions in our FAQs: Bookings & Cancellations page.
How do QA’s virtual classroom courses work?
Our virtual classroom courses allow you to access award-winning classroom training, without leaving your home or office. Our learning professionals are specially trained on how to interact with remote attendees and our remote labs ensure all participants can take part in hands-on exercises wherever they are.
We use the WebEx video conferencing platform by Cisco. Before you book, check that you meet the WebEx system requirements and run a test meeting (more details in the link below) to ensure the software is compatible with your firewall settings. If it doesn’t work, try adjusting your settings or contact your IT department about permitting the website.
Learn more about our Virtual Classrooms.
How do QA’s online courses work?
QA online courses, also commonly known as distance learning courses or elearning courses, take the form of interactive software designed for individual learning, but you will also have access to full support from our subject-matter experts for the duration of your course. When you book a QA online learning course you will receive immediate access to it through our e-learning platform and you can start to learn straight away, from any compatible device. Access to the online learning platform is valid for one year from the booking date.
All courses are built around case studies and presented in an engaging format, which includes storytelling elements, video, audio and humour. Every case study is supported by sample documents and a collection of Knowledge Nuggets that provide more in-depth detail on the wider processes.
Learn more about QA’s online courses.
When will I receive my joining instructions?
Joining instructions for QA courses are sent two weeks prior to the course start date, or immediately if the booking is confirmed within this timeframe. For course bookings made via QA but delivered by a third-party supplier, joining instructions are sent to attendees prior to the training course, but timescales vary depending on each supplier’s terms. Read more FAQs.
When will I receive my certificate?
Certificates of Achievement are issued at the end the course, either as a hard copy or via email. Read more here.