Sign In
In this module

AD4.11 Interactive Lab: Data Protection Deployment

5-6 hours · Module 4 · Free

Interactive Lab: Data Protection Deployment

This lab uses the investigation engine to walk you through deploying data protection for Northgate Engineering. You'll design a label taxonomy, create sensitivity labels with encryption, configure SharePoint sharing controls, build DLP policies in simulation mode, review DLP matches for false positives, and move to enforcement — making the decisions that determine whether data protection enhances security without disrupting legitimate work.

What you practised

This lab tested your ability to design a simple label taxonomy, configure encryption that blocks external access without disrupting internal collaboration, tighten SharePoint sharing from anonymous to authenticated, build DLP policies using sensitive information types, tune DLP for false positives using simulation data, and move from audit to enforcement with user communication. The key judgment calls: when to encrypt (Confidential and above), when to allow override (always — with justification logging), and how to handle the marketing site exception (per-site anonymous sharing for genuinely public content).

Connection to Module AD5

With all four security layers operational (identity, email, devices, data), Module AD5 establishes the security monitoring cadence — the structured weekly review that keeps everything running and catches issues before they become incidents.

© 2026 Ridgeline Cyber Defence™ Ltd. Content may not be reproduced or redistributed. Worked artifacts may be adapted for use within your organization.

You're reading the free modules of M365 Security: From Admin to Defender

The full course continues with advanced topics, production detection rules, worked investigation scenarios, and deployable artifacts.

View Pricing See Full Syllabus
← Previous Next →