CheapestExamDumps!

Microsoft Exam Syllabus

SC-400 syllabus, skills measured, and exam topics

The SC-400 exam measures Implement information protection, Implement DLP, and Implement data lifecycle and records management. Use this page to review the current official syllabus, major domains, and source links before exam day.

Open the practice page

Skills measured by domain

Use the weighting table to decide where to spend the most study time.

Domain Weight
Implement information protection 25–30%
Implement DLP 15–20%
Implement data lifecycle and records management 10–15%
Monitor and investigate data and activities by using Microsoft Purview 15–20%
Manage insider and privacy risk in Microsoft 365 15–20%

What to know before you study

These sections explain the role, audience, and exam framing behind the outline.

Purpose of this document

  • This study guide should help you understand what to expect on the exam and includes a summary of the topics the exam might cover and links to additional resources. The information and materials in this document should help you focus your studies as you prepare for the exam.
  • Useful links: Description
  • Review the skills measured as of August 22, 2023: This list represents the skills measured AFTER the date provided. Study this list if you plan to take the exam AFTER that date.
  • Review the skills measured prior to August 22, 2023: Study this list of skills if you take your exam PRIOR to the date provided.
  • Change log: You can go directly to the change log if you want to see the changes that will be made on the date provided.
  • How to earn the certification: Some certifications only require passing one exam, while others require passing multiple exams.
  • Certification renewal: Microsoft associate, expert, and specialty certifications expire annually. You can renew by passing a free online assessment on Microsoft Learn.
  • Your Microsoft Learn profile: Connecting your certification profile to Microsoft Learn allows you to schedule and renew exams and share and print certificates.
  • Exam scoring and score reports: A score of 700 or greater is required to pass.
  • Exam sandbox: You can explore the exam environment by visiting our exam sandbox.
  • Request accommodations: If you use assistive devices, require extra time, or need modification to any part of the exam experience, you can request an accommodation.
  • Take a free Practice Assessment: Test your skills with practice questions to help you prepare for the exam.

Updates to the exam

  • Our exams are updated periodically to reflect skills that are required to perform a role. We have included two versions of the Skills Measured objectives depending on when you are taking the exam.
  • We always update the English language version of the exam first. Some exams are localized into other languages, and those are updated approximately eight weeks after the English version is updated. While Microsoft makes every effort to update localized versions as noted, there may be times when the localized versions of an exam are not updated on this schedule. Other available languages are listed in the Schedule Exam section of the Exam Details webpage. If the exam isn't available in your preferred language, you can request an additional 30 minutes to complete the exam.
  • The bullets that follow each of the skills measured are intended to illustrate how we are assessing that skill. Related topics may be covered in the exam.
  • Most questions cover features that are general availability (GA). The exam may contain questions on Preview features if those features are commonly used.

Skills measured as of August 22, 2023

  • Candidates for this exam are information protection and compliance administrators who plan and implement risk and compliance controls in the Microsoft Purview compliance portal.
  • The information protection and compliance administrator translates an organization’s risk and compliance requirements into technical implementation. They are responsible for implementing and managing solutions for content classification, data loss prevention (DLP), information protection, data lifecycle management, records management, privacy, risk, and compliance.
  • The information protection and compliance administrator works with other roles that are responsible for governance, data, and security to evaluate and develop policies to address an organization's risk reduction and compliance goals. This role assists workload administrators, business application owners, human resources departments, and legal stakeholders to implement technology solutions that support the necessary policies and controls.
  • Candidates should have experience with Microsoft 365 services, including Microsoft 365 Apps, Microsoft Exchange Online, Microsoft SharePoint, Microsoft OneDrive, and Microsoft Teams. They should also be familiar with PowerShell.
  • Implement information protection (25–30%)
  • Implement DLP (15–20%)
  • Implement data lifecycle and records management (10–15%)
  • Monitor and investigate data and activities by using Microsoft Purview (15–20%)
  • Manage insider and privacy risk in Microsoft 365 (15–20%)

Detailed outline

Scan each section as a working study checklist instead of one long wall of text.

Implement information protection (25–30%)

  • Identify sensitive information requirements for an organization's data
  • Translate sensitive information requirements into built-in or custom sensitive info types
  • Create and manage custom sensitive info types
  • Create and manage exact data match (EDM) classifiers
  • Implement document fingerprinting
  • Identify when to use trainable classifiers
  • Design and create a trainable classifier
  • Test a trainable classifier
  • Retrain a trainable classifier
  • Implement roles and permissions for administering sensitivity labels
  • Define and create sensitivity labels
  • Configure and manage sensitivity label policies

Implement DLP (15–20%)

  • Design DLP policies based on an organization’s requirements
  • Configure permissions for DLP
  • Create and manage DLP policies
  • Interpret policy and rule precedence in DLP
  • Configure a Microsoft Defender for Cloud Apps file policy to use DLP policies
  • Configure advanced DLP rules for devices in DLP policies
  • Configure Endpoint DLP settings
  • Recommend a deployment method for device onboarding
  • Identify endpoint requirements for device onboarding
  • Monitor endpoint activities
  • Implement the Microsoft Purview Extension
  • Analyze DLP reports

Implement data lifecycle and records management (10–15%)

  • Plan for information retention and disposition by using retention labels
  • Create retention labels for data lifecycle management
  • Configure and manage adaptive scopes
  • Configure a retention label policy to publish labels
  • Configure a retention label policy to auto-apply labels
  • Interpret the results of policy precedence, including using Policy lookup
  • Create and apply retention policies for SharePoint and OneDrive
  • Create and apply retention policies for Microsoft 365 groups
  • Create and apply retention policies for Teams
  • Create and apply retention policies for Yammer
  • Create and apply retention policies for Exchange Online
  • Apply mailbox holds in Exchange Online

Monitor and investigate data and activities by using Microsoft Purview (15–20%)

  • Plan for regulatory compliance in Microsoft 365
  • Create and manage assessments
  • Create and modify custom templates
  • Interpret and manage improvement actions
  • Create and manage alert policies for assessments
  • Choose between eDiscovery (Standard) and eDiscovery (Premium) based on an organization’s requirements
  • Plan and implement eDiscovery
  • Delegate permissions to use eDiscovery and Content search
  • Perform searches and respond to results from eDiscovery
  • Manage eDiscovery cases
  • Perform searches by using Content search
  • Choose between Audit (Standard) and Audit (Premium) based on an organization’s requirements

Manage insider and privacy risk in Microsoft 365 (15–20%)

  • Plan for communication compliance
  • Create and manage communication compliance policies
  • Investigate and remediate communication compliance alerts and reports
  • Plan for insider risk management
  • Create and manage insider risk management policies
  • Investigate and remediate insider risk activities, alerts, and reports
  • Manage insider risk cases
  • Manage forensic evidence settings
  • Manage notice templates
  • Plan for IBs
  • Create and manage IB segments and policies
  • Configure Teams, SharePoint, and OneDrive to enforce IBs, including setting barrier modes