SC-401 Lab 6 – Configure Endpoint DLP

Enable and validate Endpoint Data Loss Prevention policies to monitor and restrict sensitive data activity on devices.

Tools Used

Microsoft Learn Sandbox
Microsoft Purview Portal
Microsoft 365 Compliance Center
Microsoft Defender Portal

Steps Taken

Signed into Microsoft Purview portal as MOD Administrator.
Navigated to Data Loss Prevention → Endpoint DLP Settings.
Enabled Endpoint DLP and onboarded devices using Defender for Endpoint integration.
Created a new Endpoint DLP policy targeting file copy and print actions.
Configured conditions using sensitive information types and location filters.
Deployed policy and verified enforcement on test device.
Reviewed audit logs and alerts in Microsoft Defender portal.

Outcome

Endpoint DLP successfully configured and validated. Devices now enforce restrictions on sensitive data actions, supporting compliance and insider risk mitigation.

Certification Alignment

SC-401 Domain 1.3 – Implement Data Loss Prevention Solutions

Sandbox Link

Lab 6 – Configure Endpoint DLP