Explore digital courses

Learn how to identify which Microsoft Purview capabilities cover which AI agent types, discover active agents, assess coverage gaps, and configure agent-specific data security and compliance controls.

Units in this learning path:

• Introduction
• Understand Agent Security Posture
• Map Capability Agent Type
• Discover Agents Assess Gaps
• Decide Agent Specific Configuration
• Configure Agent Data Protection
• Configure Agent Risk Detection
• Verify Agent Compliance Coverage
• Knowledge Check
• Summary

Products: Microsoft Purview

Roles: Administrator

Level: Intermediate

Subjects: Information Protection Governance

Duration: 41 minutes

Learn how to secure identities used by AI workloads in Azure. Build skills in workload identity architecture, access management, Conditional Access, and identity risk response by using Microsoft Entra.

Modules in this learning path:

• Entra AI Understand
• Implement Access Management for Azure Resources
• Plan Implement Administer Conditional Access
• Manage Azure Ad Identity Protection

Products: Entra

Roles: Administrator, Security Engineer, Identity Access Admin

Level: Intermediate

Subjects: Security

Duration: 188 minutes

AI is changing how people work and introduces new risks for data exposure. Explore how Microsoft Purview protects sensitive information in AI-enabled environments across Microsoft 365 Copilot, non-Microsoft AI apps, and developer AI scenarios. This learning path aligns with exam SC-401: Microsoft Information Security Administrator.

Modules in this learning path:

• Purview AI Understand Risks
• Purview AI Secure Copilot
• Purview AI Secure Enterprise Other
• Purview AI Developer Apps

Products: Microsoft Purview, M365, Entra, Microsoft 365 Copilot

Roles: Auditor, Administrator, Ip Admin, Developer

Level: Intermediate

Subjects: Security, Compliance

Duration: 210 minutes

Implement a defense-in-depth security strategy for Azure Key Vault. Configure hardened vault settings, control access through RBAC and just-in-time privilege, manage keys, secrets, and certificates, and detect threats using Microsoft Defender for Key Vault and Defender CSPM.

Modules in this learning path:

• Configure Secure Key Vault
• Manage Keys Secrets Key Vault
• Manage Certificates Monitor Key Vault
• Defend Key Vault Defender Cloud

Products: Azure Key Vault, Defender For Cloud, Azure

Roles: Security Engineer

Level: Intermediate

Subjects: Security, Cloud Security

Duration: 104 minutes

This module shows you how to secure Azure OpenAI workloads in Microsoft Foundry by using centralized governance, managed identities, private networking, content safety controls, and container image protection for compliant enterprise deployments.

Units in this learning path:

• Introduction
• Understand Azure AI Content Safety Architecture
• Configure Content Filters Custom Blocklists
• Exercise Deploy Content Safety Controls Azure
• Knowledge Check
• Summary

Products: Azure, Azure Openai, Azure Sdks, Microsoft Foundry

Roles: Security Engineer, Administrator, Database Administrator, Security Operations Analyst, Devops Engineer

Level: Intermediate

Subjects: Security, Cloud Security, Compliance, Information Protection Governance, Generative AI

Duration: 57 minutes

Implement security controls across Azure application platform services—from container workloads to the API layer. Configure Microsoft Defender for Containers, secure Azure Kubernetes Service (AKS), Azure Container Registry (ACR), Container Instances, and Container Apps. Then apply authentication, network access, and policy controls across Azure Function apps, Logic apps, App Services, Web Application Firewall, and Azure API Management.

Modules in this learning path:

• Detect Container Risks Defender Containers
• Implement Security Controls Aks
• Implement Security Controls Containers
• Implement Security Controls Function Logic Apps
• Implement Security Web Application Firewall
• Implement API Security API Management

Products: Azure, Defender For Cloud, Azure Kubernetes Service, Azure Container Registry, Azure Functions, Azure API Management

Roles: Security Engineer

Level: Intermediate

Subjects: Security, Cloud Security, Containers

Duration: 189 minutes

AI tools like Microsoft 365 Copilot create new ways to interact with sensitive data, but they also introduce new risks. Learn how Microsoft Purview helps you apply security and compliance controls that protect data, manage AI activity, and support responsible use at scale.

Units in this learning path:

• Introduction
• Understand Copilot Protection Needs
• Compliance Manager Copilot
• Audit Copilot
• Communication Compliance Copilot
• Sensitivity Labels Copilot
• Data Loss Prevention Copilot
• Retention Copilot
• Ediscovery Copilot
• Knowledge Check
• Summary

Products: M365, Microsoft Purview, Microsoft 365 Copilot

Roles: Administrator, Auditor, Ip Admin, Risk Practitioner

Level: Intermediate

Subjects: Security, Compliance, Information Protection Governance

Duration: 54 minutes

Learn how to use multifactor authentication with Microsoft Entra ID to harden your user accounts.

Units in this learning path:

• Introduction
• Azure Multi Factor Authentication
• Planning Mfa
• Exercise Mfa
• Configure Authentication Methods
• Summary

Products: Azure, Azure Portal, Entra Id

Roles: Security Engineer, Administrator

Level: Beginner

Subjects: Identity Access

Duration: 38 minutes

Secure Microsoft Foundry environments by applying layered protections across identity, secrets, networks, and diagnostics. This module explains how to manage access with Microsoft Entra ID and project roles, protect credentials with Key Vault, and isolate workloads through private network connections. It also covers enabling diagnostic logging to strengthen visibility and auditing. These practices help you build trusted, compliant AI environments that support collaboration safely.

Units in this learning path:

• Introduction
• Control Access Azure AI Foundry
• Manage Access Foundry Projects
• Secure AI Foundry Secrets
• Isolate Foundry Network
• Enable Foundry Diagnostics
• Knowledge Check
• Summary

Products: Azure, Microsoft Foundry, Defender For Cloud

Roles: Security Engineer, Developer

Level: Intermediate

Subjects: Security, Cloud Security

Duration: 50 minutes

Secure Windows Server DNS

Units in this learning path:

• Introduction
• Implement Split Horizon Dns
• Create Dns Policies
• Implement Dns Policies
• Secure Windows Server Dns
• Implement Dnssec
• Knowledge Check
• Summary

Products: Windows Server

Roles: Administrator, Solution Architect, Technology Manager

Level: Intermediate

Subjects: Security

Duration: 58 minutes

Protect your Active Directory environment by securing user accounts to least privilege and placing them in the Protected Users group. Learn how to limit authentication scope and remediate potentially insecure accounts.

Units in this learning path:

• Introduction
• Configure User Account Rights
• Protect Protected Users Group
• Describe Windows Defender Credential Guard
• Block Ntlm Authentication
• Locate Problematic Accounts
• Knowledge Check
• Summary

Products: Azure, Windows Server

Roles: Administrator

Level: Intermediate

Subjects: Identity Access

Duration: 38 minutes

Secure AI agent identities by applying Conditional Access policies through Microsoft Entra Agent Identity. Map authentication flows, configure CA policies scoped to agents, and control agent access and lifecycle events to reduce identity-based risk.

Units in this learning path:

• Introduction
• Authentication Flow Conditional Access
• Configure Agent Conditional Access Policy
• Control Agent Access Lifecycle
• Knowledge Check
• Summary

Products: Entra Id, Entra

Roles: Security Engineer

Level: Intermediate

Subjects: Security, Identity Access

Duration: 23 minutes