This course begins by examining the Microsoft Copilot for Microsoft 365 design. Its main focus, however, is on the security and compliance features that administrators must configure in their Microsoft 365 tenant to protect their company's organizational data before they implement Copilot for Microsoft 365.

Target audience

This course is designed for administrators, Microsoft 365 administrators, or persons aspiring to the Microsoft 365 Administrator role who have completed at least one of the Microsoft 365 role-based administrator certification paths.

Module 1: Examine the Copilot for Microsoft 365 design. Describe the prerequisites for Copilot for Microsoft 365. Explain how Copilot for Microsoft 365 works. Understand the Copilot for Microsoft 365 service and tenant logical architecture. Describe how to extend Copilot for Microsoft 365 using Microsoft Graph connectors.

Module 2: Implement Copilot for Microsoft 365. Identify the prerequisites for Copilot for Microsoft 365. Prepare your data for Copilot for Microsoft 365 searches. Assign your Copilot for Microsoft 365 licenses. Identify Microsoft 365 security features that control oversharing of data in Copilot for Microsoft 365. Drive adoption by creating a Copilot Center of Excellence.

Module 3: Examine data security and compliance in Copilot for Microsoft 365 Describe how Copilot for Microsoft 365 uses proprietary business data. Understand how Copilot for Microsoft 365 protects sensitive business data. Describe how Copilot for Microsoft 365 uses Microsoft 365 isolation and access controls. Understand how Copilot for Microsoft 365 meets regulatory compliance mandates.

Module 4: Manage secure user access in Microsoft 365 Manage user passwords. Create Conditional Access policies. Enable security defaults. Describe pass-through authentication. Enable multifactor authentication. Describe self-service password management. Implement Microsoft Entra Smart Lockout.

Module 5: Manage roles and role groups in Microsoft 365.Understand how roles are used in the Microsoft 365 ecosystem. Describe the Azure role-based access control permission model used in Microsoft 365. Identify the key tasks assigned to the common Microsoft 365 admin roles. Identify best practices when configuring admin roles. Delegate admin roles to partners. Implement role groups in Microsoft 365. Manage permissions using administrative units in Microsoft Entra ID. Elevate privileges to access admin centers by using Microsoft Entra ID Privileged Identity Management.

Module 6: Explore threat intelligence in Microsoft Defender XDR Describe how threat intelligence in Microsoft 365 is powered by the Microsoft Intelligent Security Graph. Create alerts that can identify malicious or suspicious events. Understand how the automated investigation and response process works in Microsoft Defender XDR. Describe how threat hunting enables security operators to identify cybersecurity threats. Describe how Advanced hunting in Microsoft Defender XDR proactively inspects events in your network to locate threat indicators and entities.

Module 7: Implement data classification of sensitive information. Explain the benefits and pain points of creating a data classification framework. Identify how data classification of sensitive items is handled in Microsoft 365. Understand how Microsoft 365 uses trainable classifiers to protect sensitive data. Create and then retrain custom trainable classifiers. Analyze the results of your data classification efforts in Content explorer and Activity explorer. Implement Document Fingerprinting to protect sensitive information being sent through Exchange Online.

Module 8: Explore sensitivity labels Describe how sensitivity labels let you classify and protect your organization's data Identify the common reasons why organizations use sensitivity labels Explain what a sensitivity label is and what they can do for an organization Configure a sensitivity label's scope Explain why the order of sensitivity labels in your admin center is important Describe what label policies can do

Module 9: Implement sensitivity labels Describe the overall process to create, configure, and publish sensitivity labels Identify the administrative permissions that must be assigned to compliance team members to implement sensitivity labels Develop a data classification framework that provides the foundation for your sensitivity labels Create and configure sensitivity labels Publish sensitivity labels by creating a label policy Identify the differences between removing and deleting sensitivity labels.

An understanding of Copilot.