Microsoft Security Operations Analyst Associate SC-200 Practice Question
A security operations center (SOC) engineer must be able to create, edit, enable, and disable automation rules in Microsoft Sentinel and troubleshoot playbook executions that those rules trigger. The engineer must not be able to view raw log data, modify analytics rules, or change resource-level access control. You need to assign the minimum built-in Azure role at the Sentinel workspace scope to meet these requirements.
The Microsoft Sentinel Automation Contributor role is designed for users who manage automation in Microsoft Sentinel. It lets them create, modify, enable, or disable automation rules and manage playbooks (because it includes the actions of the Logic App Operator role). The role purposely excludes permissions to read raw data in the Log Analytics workspace, change analytics rules, or assign Azure RBAC roles, satisfying the stated restrictions.
Microsoft Sentinel Contributor would allow management of analytics rules, which is disallowed. Microsoft Sentinel Responder can update incidents but cannot modify automation rules or playbooks. Logic App Contributor applies to Logic Apps but grants broader permissions than required and does not cover Sentinel automation rules.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the role of Microsoft Sentinel Automation Contributor?
Open an interactive chat with Bash
How does the Logic App Operator role contribute to automation in Microsoft Sentinel?
Open an interactive chat with Bash
Why can't Microsoft Sentinel Contributor or Responder roles be used in this scenario?
Open an interactive chat with Bash
Microsoft Security Operations Analyst Associate SC-200
Manage a security operations environment
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .