Tijekom treninga polaznici će usvojiti vještine i znanja kako zaštititi informacije u Microsoft 365 okolini, upravljati podacima i zaštiti informacije unutar organizacije.
Ovaj trening obuhvaća implementaciju politike za sprječavanje gubitka podataka (engl. Data Loss Prevention Policies, DLP), definiranje vrsta osjetljivih informacija, oznake osjetljivosti, politike zadržavanja podataka i enkripciju poruka sustava Office 365.
Što ćete naučiti
- Objasniti i koristiti oznake osjetljivosti.
- Konfigurirati pravila za sprječavanje gubitka podataka.
- Kriptirati poruke u Office 365.
- Opisati proces konfiguracije upravljanja informacijama.
- Definirati ključne pojmove povezane s Microsoftovim rješenjima za zaštitu podataka i upravljanje.
- Razumjeti i objasniti pojmove Content explorer i Activity explorer.
- Opisati kako koristiti osjetljive vrste informacija i obučavane klasifikatore.
- Pregledavati i analizirati Data Loss Prevention Policies (DLP) izvješća.
- Identificirati i ublažiti kršenja politike DLP-a.
- Opisati integraciju DLP-a s Microsoft Cloud App Security (MCAS).
- Implementirati Endpoint DLP.
- Upravljati zapisima i informacijama.
- Konfigurirati zadržavanje podataka potaknuto događajima te pravila i oznake zadržavanja.
- Uvesti file plan.
- Izraditi prilagođene rječnike ključnih riječi.
Kome je namijenjeno
Administratorima za zaštitu informacija (engl. Information Protection Administrator) koji planiraju i implementiraju usklađenost (engl. complience) organizacije. Pomažu organizaciji da postane i ostane usklađena, unutar organizacije surađuju s IT profesionalcima, vlasnicima poslovnih aplikacija, ljudskim resursima i pravnom službom kako bi implementirali tehnologiju koja podržava politike i kontrole potrebne za zadovoljavanje regulatornih zahtjeva. Također surađuju sa stručnjacima poput Chief Compliance Officer i Security Officer, kako bi procijenili punu širinu rizika poduzeća u razvoju spomenutih politika. Administrator za zaštitu informacija definira primjenjive zahtjeve i testira IT procese i operacije u odnosu na te politike i kontrole i odgovorna je za kreiranje politika i pravila za klasifikaciju sadržaja, sprječavanje gubitka podataka, upravljanje i zaštitu.
Preduvjeti
- Temeljno znanje o Microsoftovim tehnologijama sigurnosti i usklađenosti (engl. security and complience).
- Osnovno poznavanje kocepata zaštite informacija.
- Razumijevanje koncepta računalstvo u oblaku.
- Razumijevanje Microsoft 365 proizvoda i usluga.
Nastavni plan
Pregledaj
- Module 1: Introduction to information protection and data lifecycle management in Microsoft Purview Learn how Microsoft 365 information protection and data lifecycle management solutions help you protect and govern your data, throughout its lifecycle – wherever it lives, or wherever it travels. After completing this module, students will be able to:
- Discuss information protection and data lifecycle management and why it's important
- Describe Microsoft's approach to information protection and data lifecycle management
- Define key terms associated with Microsoft's information protection and data lifecycle management solutions
- Identify the solutions that comprise information and data lifecycle management in Microsoft Purview
- List the components of the Data Classification solution
- Identify the cards available on the Data Classification overview tab
- Explain the Content explorer and Activity explorer
- Describe how to use sensitive information types and trainable classifiers
- Recognize the difference between built-in and custom sensitivity labels
- Configure sensitive information types with exact data match-based classification
- Implement document fingerprinting
- Create custom keyword dictionaries
- Explain how encryption mitigates the risk of unauthorized data disclosure
- Describe Microsoft data-at-rest and data-in-transit encryption solutions
- Explain how Microsoft 365 implements service encryption to protect customer data at the application layer
- Understand the differences between Microsoft managed keys and customer managed keys for use with service encryption
- Configure Microsoft Purview Message Encryption for end users
- Implement Microsoft Purview Advanced Message Encryption
- Discuss the information protection solution and its benefits
- List the customer scenarios the information protection solution addresses
- Describe the information protection configuration process
- Explain what users will experience when the solution is implemented
- Articulate deployment and adoption best practices
- Apply sensitivity labels to Microsoft Teams, Microsoft 365 groups, and SharePoint sites
- Monitor label usage using label analytics
- Configure on-premises labeling
- Manage protection settings and marking for applied sensitivity labels
- Apply protections and restrictions to email
- Apply protections and restrictions to files
- Discuss the data loss prevention solution and its benefits
- Describe the data loss prevention configuration process
- Explain what users will experience when the solution is implemented
- Describe the integration of DLP with Microsoft Defender for Cloud Apps
- Configure policies in Microsoft Defender for Cloud Apps.
- Review and analyze DLP reports
- Manage permissions for DLP reports
- Identify and mitigate DLP policy violations
- Mitigate DLP violations in Microsoft Defender for Cloud Apps
- Discuss the Data Lifecycle Management solution and its benefits
- List the customer scenarios the Data Lifecycle Management solution addresses
- Describe the Data Lifecycle Management configuration process
- Explain what users will experience when the solution is implemented
- Articulate deployment and adoption best practices
- Describe the retention features in Microsoft 365 workloads
- Configure retention settings in Microsoft Teams, Yammer, and SharePoint Online
- Recover content protected by retention settings
- Regain protected items from Exchange Mailboxes
- Discuss the Microsoft Purview Records Management solution and its benefits
- List the customer scenarios the Microsoft Purview Records Management solution addresses
- Describe the Microsoft Purview Records Management configuration process
- Explain what users will experience when the solution is implemented
- Articulate deployment and adoption best practices
- Describe how Microsoft 365 helps organizations manage risks, protect data, and remain compliant with regulations and standards
- Plan your beginning compliance tasks in Microsoft Purview
- Manage your compliance requirements with Compliance Manager
- Manage compliance posture and improvement actions using the Compliance Manager dashboard
- Explain how an organization's compliance score is determined
- Describe how to use content search in the Microsoft Purview compliance portal
- Design and create a content search
- Preview the search results
- View the search statistics
- Export the search results and search report
- Configure search permission filtering
- Describe how Microsoft Purview eDiscovery (Standard) builds on the basic search and export functionality of Content search
- Describe the basic workflow of eDiscovery (Standard)
- Create an eDiscovery case
- Create an eDiscovery hold for an eDiscovery case
- Search for content in a case and then export that content
- Close, reopen, and delete a case
- Describe how Microsoft Purview eDiscovery (Premium) builds on eDiscovery (Standard)
- Describe the basic workflow of eDiscovery (Premium)
- Create and manage cases in eDiscovery (Premium)
- Manage custodians and non-custodial data sources
- Analyse case content and use analytical tools to reduce the size of search result sets
- Describe the differences between Audit (Standard) and Audit (Premium)
- Identify the core features of the Audit (Standard) solution
- Set up and implement audit log searching using the Audit (Standard) solution
- Export, configure, and view audit log records
- Use audit log searching to troubleshoot common support issues
- List the enhancements in communication compliance over Office 365 Supervision policies, which it will replace
- Explain how to identify and remediate code-of-conduct policy violations
- List the prerequisites that need to be met before creating communication compliance policies
- Describe the types of built-in, pre-defined policy templates
- Explain how Microsoft Purview Insider Risk Management can help prevent, detect, and contain internal risks in an organization
- Describe the types of built-in, pre-defined policy templates
- List the prerequisites that need to be met before creating insider risk policies
- Explain the types of actions you can take on an insider risk management case
- Describe how information barriers can restrict or allow communication and collaboration among specific groups of users
- Describe the components of an information barrier and how to enable information barriers
- Understand how information barriers help organizations determine which users to add or remove from a Microsoft Team, OneDrive account, and SharePoint site
- Describe how information barriers prevent users or groups from communicating and collaborating in Microsoft Teams, OneDrive, and SharePoint
- Create and manage risk management policies for data overexposure, data transfer, and data minimization
- Investigate and remediate risk alerts
- Send user notifications
- Create and manage Subject Rights Requests
- Estimate and retrieve subject data
- Review subject data
- Create subject rights reports
- Explain the difference between privileged access management and privileged identity management
- Describe the privileged access management process flow
- Describe how to configure and enable privileged access management
- Describe the Customer Lockbox workflow
- Explain how to approve or deny a Customer Lockbox request
- Explain how you can audit actions performed by Microsoft engineers when access requests are approved
Povezani certifikati
- Certifikacijski ispit: Exam SC-400: Administering Information Protection and Compliance in Microsoft 365
- Certifikat: Microsoft Certified: Information Protection and Compliance Administrator Associate