Learning Path 1

Implement Microsoft Purview Information Protection
Organizations need effective information protection to prevent data exposure, ensure compliance, and maintain security across cloud and on-premises environments. Microsoft Purview enables classification, labeling, and encryption to safeguard sensitive data across Microsoft 365 services, Exchange, and on-premises storage.

Module 1: Protect sensitive data in a digital world
Discover how Microsoft Purview helps organizations classify, protect, and monitor sensitive data across cloud, endpoint, and AI environments. This module explores strategies for securing data through classification, labeling, encryption, and proactive risk management.

Lessons
The growing need for data protection
The challenges of managing sensitive data
Protect data in a Zero Trust world
Understand data classification and protection
Prevent data leaks and insider threats
Manage security alerts and respond to threats
Protect AI-generated and AI-processed data

Module 2: Classify data for protection and governance
Learn about the information available to help you understand your data landscape and know your data.

Lessons
Data classification overview
Classify data using sensitive information types
Classify data using trainable classifiers
Create a custom trainable classifier
Module assessment

Module 3: Review and analyze data classification and protection
Discover how Microsoft Purview helps organizations monitor and analyze data classification and protection. This module explores how security teams can track classification trends, investigate labeled content, and assess policy effectiveness using Information Protection Reports, Data explorer, Content explorer, and Activity explorer.

Lessons
Review classification and protection insights
Analyze classified data with data and content explorer
Monitor and review actions on labeled data
Module assessment

Module 4: Create and manage sensitive information types
Learn how to use sensitive information types to support your information protection strategy.

Lessons
Sensitive information type overview
Compare built-in versus custom sensitive information types
Create and manage custom sensitive information types
Create and manage exact data match sensitive info types
Implement document fingerprinting
Describe named entities
Create a keyword dictionary

Module 5: Create and configure sensitivity labels with Microsoft Purview
Microsoft Purview sensitivity labels enable you to classify and protect sensitive data throughout your organization, including in the cloud and on devices. This module covers how to classify and protect sensitive information to ensure its security and compliance.

Lessons
Sensitivity label overview
Create and configure sensitivity labels and label policies
Configure encryption with sensitivity labels
Implement auto-labeling policies
Track and evaluate sensitivity label usage in Microsoft Purview

Module 6: Apply sensitivity labels for data protection
Learn about how sensitivity labels are used to classify and protect business data while making sure that user productivity and their ability to collaborate aren’t hindered.

Lessons
Foundations of sensitivity label integration in Microsoft 365
Manage sensitivity labels in Office apps
Apply sensitivity labels with Microsoft 365 Copilot for secure collaboration
Protect meetings with sensitivity labels
Apply sensitivity labels to Microsoft Teams, Microsoft 365 groups, and SharePoint sites

Module 7: Classify and protect on-premises data with Microsoft Purview
Learn how to classify and protect sensitive data stored on-premises using Microsoft Purview. This module guides you through deploying the Information Protection scanner, applying sensitivity labels, and enforcing DLP policies to reduce data exposure risks.

Lessons
Protect on-premises files with Microsoft Purview
Prepare your environment for the Microsoft Purview Information Protection scanner
Configure and install the Microsoft Purview Information Protection scanner
Run and manage the scanner
Enforce data loss prevention policies on on-premises files

Module 8: Understand Microsoft 365 encryption
Learn how Microsoft 365 encrypts data-at-rest and in-transit, securely manages encryption keys, and provides key management options to customers to meet their business needs and compliance obligations.

Lessons
Learn how Microsoft 365 data is encrypted at rest
Understand service encryption in Microsoft Purview
Explore customer key management using Customer Key
Learn how data is encrypted in-transit

Module 9: Protect email with Microsoft Purview Message Encryption
Learn how to configure Microsoft Purview Message Encryption to protect sensitive email, apply encryption with mail flow rules, and customize the recipient experience with branded templates.

Lessons
Understand message encryption
Plan for Microsoft Purview Message Encryption
Configure Microsoft Purview Message Encryption
Customize encrypted email branding with Microsoft Purview
Control encrypted email access with Advanced Message Encryption
Use Microsoft Purview Message Encryption templates in mail flow rules

Learning Path 2

Implement and manage Microsoft Purview Data Loss Prevention
Organizations must prevent data loss and protect sensitive information across cloud and endpoint environments. Microsoft Purview provides data loss prevention (DLP) policies to detect, restrict, and respond to risky activities involving sensitive data. Learn how to plan and configure DLP policies, track policy effectiveness, and analyze data security risks to improve your organization’s protection strategy.

Module 1: Prevent data loss with Microsoft Purview
Microsoft Purview Data Loss Prevention (DLP) helps safeguard sensitive information by monitoring and preventing accidental data leaks across your organization’s digital platforms. In this module, you’ll learn how to plan, deploy, and adjust DLP policies to protect sensitive data in your organization, ensuring security without disrupting daily work.

Lessons
Data loss prevention overview
Plan and design DLP policies
Understand DLP policy deployment and simulation mode
Create and manage DLP policies
Integrate Adaptive Protection with DLP
Use DLP analytics (preview) to identify data risks
Understand DLP alerts and activity tracking

Module 2: Implement endpoint data loss prevention (DLP) with Microsoft Purview
Endpoint DLP in Microsoft Purview helps organizations protect sensitive data on endpoint devices by monitoring, restricting, or allowing actions such as file transfers, copying, and sharing. Learn how to onboard devices, configure settings, and create custom policies to ensure data security across your organization.

Lessons
Endpoint data loss prevention (DLP) overview
Understand the endpoint DLP implementation workflow
Onboard devices for endpoint DLP
Configure settings for endpoint DLP
Create and manage endpoint DLP policies
Deploy the Microsoft Purview browser extension
Configure just-in-time (JIT) protection

Module 3: Configure DLP policies for Microsoft Defender for Cloud Apps and Power Platform
Learn how to configure and implement data loss prevention policies and integrate them with Microsoft Defender for Cloud Apps.

Lessons
Configure data loss prevention policies for Power Platform
Integrate data loss prevention in Microsoft Defender for Cloud Apps
Configure policies in Microsoft Defender for Cloud Apps
Manage data loss prevention violations in Microsoft Defender for Cloud Apps

Module 4: Investigate and respond to Microsoft Purview Data Loss Prevention alerts
Microsoft Purview and Microsoft Defender XDR help organizations detect potential data loss risks and respond quickly to protect sensitive information. Investigation and response activities include reviewing DLP alerts, applying appropriate remediation actions, and documenting findings in a structured and consistent way.

Lessons
Understand data loss prevention (DLP) alerts
Understand the DLP alert lifecycle
Configure DLP policies to generate alerts
Investigate DLP alerts in Microsoft Purview
Investigate DLP alerts in Microsoft Defender XDR
Respond to DLP alerts
Exercise – Investigate a DLP alert and related incident

Learning Path 3

Implement and manage Microsoft Purview Insider Risk Management
Implement Microsoft Purview Insider Risk Management to detect, investigate, and respond to internal risks while protecting data, ensuring compliance, and maintaining employee trust.

Module 1: Understand Microsoft Purview Insider Risk Management
Understand insider risks and discover how Microsoft Purview Insider Risk Management identifies risky activities, analyzes context, and helps organizations protect data while respecting privacy.

Lessons
What is an insider risk?
Microsoft Purview Insider Risk Management overview
Microsoft Purview Insider Risk Management features
Case study: Protect sensitive data with Insider Risk Management

Module 2: Prepare for Microsoft Purview Insider Risk Management
Discover strategies for planning and configuring Microsoft Purview Insider Risk Management to meet organizational needs and protect privacy.

Lessons
Plan for Insider Risk Management
Prepare your organization for Insider Risk Management
Configure settings for Insider Risk Management
Integrate Insider Risk Management with data sources and tools

Module 3: Create and manage Insider Risk Management policies
Create and manage Microsoft Purview Insider Risk Management policies to detect and address potential insider risks while supporting organizational security and privacy.

Lessons
Understand Insider Risk Management policy templates
Compare quick and custom insider risk policies
Create a custom Insider Risk Management policy
Manage policies in Insider Risk Management

Module 4: Investigate insider risk alerts and related activity
Investigate insider risk alerts and manage related cases in Microsoft Purview to assess user behavior, take appropriate action, and coordinate deeper reviews across teams.

Lessons
Understand insider risk alerts and investigations
Manage alert volume in insider risk management
Investigate and triage insider risk alerts in Microsoft Purview
Analyze alert context with the All risk factors tab
Investigate activity details with the Activity explorer tab
Review patterns over time with the User activity tab
Investigate insider risk alerts in Microsoft Defender XDR
Manage and take action on insider risk cases
Exercise – Investigate potential data theft using Insider Risk Management

Module 5: Implement Adaptive Protection in Insider Risk Management
Understand how Adaptive Protection applies machine learning to assess user risk and automatically enforce the right level of security controls. By dynamically assigning Data loss prevention, Data lifecycle management, and Conditional Access policies, it strengthens data security while reducing unnecessary alerts and manual intervention.

Lessons
Adaptive Protection overview
Understand and configure risk levels in Adaptive Protection
Configure Adaptive Protection
Manage Adaptive Protection

Learning Path 4

Secure AI interactions and environments with Microsoft Purview
AI tools such as Microsoft Copilot and custom AI apps can access and generate sensitive content across your organization. You learn how to:
Apply sensitivity labels and data loss prevention policies so AI respects existing protections.
Use Data Security Posture Management for AI and auditing tools to discover and investigate AI-related risks.
Apply eDiscovery and Communication Compliance to manage content generated by AI.
Use Insider Risk Management and Adaptive Protection to respond to risky behavior and reduce oversharing.

Module 1: Understand How to Secure AI Data with Microsoft Purview
Microsoft Purview helps organizations assess how Microsoft 365 Copilot and other AI tools interact with sensitive data. Using Data Security Posture Management (DSPM) for AI, organizations can evaluate exposure risks, understand which AI tools are in use, and identify how sensitive data is accessed during AI interactions. Audit provides visibility into specific Copilot prompts and responses for compliance and investigation scenarios.

Lessons
Understand AI data security risks
Understand how Microsoft Purview secures AI data
Evaluate compliance risks for AI usage
Identify AI-related data exposure risks
Understand how Microsoft Purview controls AI data access
Detect and respond to risky AI activity
Retain and search Copilot prompts and responses

Module 2: Secure Microsoft 365 Copilot interactions with Microsoft Purview
AI tools like Microsoft 365 Copilot create new ways to interact with sensitive data, but they also introduce new risks. Learn how Microsoft Purview helps you apply security and compliance controls that protect data, manage AI activity, and support responsible use at scale.

Lessons
Understand how Microsoft 365 Copilot changes data protection needs
Assess Copilot regulatory compliance with Compliance Manager
Audit Copilot interactions with Microsoft Purview
Analyze Copilot interactions with Communication Compliance
Classify and protect Copilot content with sensitivity labels
Apply DLP policies to Microsoft 365 Copilot
Apply retention policies to Copilot prompts and responses
Investigate and delete Copilot activity with eDiscovery

Module 3: Secure enterprise and browser-based AI apps with Microsoft Purview
AI tools across enterprise and public environments create new opportunities but also introduce data security and compliance risks. Microsoft Purview helps reduce these risks by discovering AI usage, assessing compliance needs, and applying integrated controls for protection, retention, and responsible use.

Lessons
Understand risks from enterprise and non-Microsoft AI tools
Assess AI usage for security and compliance
Identify policy violations with Communication Compliance
Detect risky AI usage with Insider Risk Management
Protect sensitive data in AI apps with Microsoft Purview DLP
Case study: Use Adaptive Protection to respond to AI-related risk
Apply retention policies to AI app prompts and responses

Module 4: Secure developer AI environments with Microsoft Purview
Microsoft Purview provides tools to secure developer AI environments by discovering apps, assessing data access, and applying appropriate protections. This includes detecting generative AI usage, assigning user risk levels, and applying dynamic enforcement based on user behavior and data sensitivity.

Lessons
Understand risks and responsibilities in AI development environments
Discover and assess AI apps with DSPM for AI
Classify, restrict, and retain AI prompt data
Enforce protections in Azure AI services and Azure AI Foundry
Apply controls for Microsoft Entra-registered custom AI apps
Secure AI agents built in Copilot Studio
Manage data risks in Copilot in Fabric
Investigate and respond to risky AI activity

Learning Path 5

Implement and manage Microsoft 365 retention and recovery
Learn how to manage the data lifecycle in Microsoft 365 using retention policies and labels. Understand how to configure and apply retention settings that meet organizational requirements for preserving or deleting content across Microsoft 365 services.

Module 1: Understand retention in Microsoft Purview
Microsoft Purview retention helps organizations manage how long data is kept and when it can be deleted. Learn how to apply retention strategically to meet compliance requirements, reduce risk, and protect important information throughout its lifecycle.

Lessons
Overview of retention and the data lifecycle
Understand retention labels and retention policies
Decide when to apply retention

Module 2: Implement and manage Microsoft 365 retention and recovery
Microsoft Purview provides tools to manage how long content is retained and when it’s deleted across Microsoft 365 services. These retention settings apply lifecycle rules using labels, policies, and adaptive scopes. When content is deleted, recovery options are managed within the individual services, such as SharePoint and Exchange. Together, these tools support compliance and information security by reducing the risk of retaining unnecessary or outdated data.

Lessons
Plan for retention and disposition with retention labels
Create and publish retention labels
Create and manage auto-apply retention labels
Create and configure adaptive scopes
Create and configure retention policies
Understand policy and label precedence in Microsoft Purview
Recover content in Microsoft 365 workloads