Microsoft Security Operations Analyst Associate SC-200 Practice Question
You have an Azure subscription that contains a Log Analytics workspace. You enable Microsoft Sentinel on the workspace and create an Azure AD security group named SecOps. Members of SecOps must be able to create and modify analytic rules and view incidents, but they must not be able to delete the workspace or change workspace-wide settings. Which built-in role should you assign to SecOps?
The Microsoft Sentinel Contributor role grants permissions to create, edit, and delete content within Microsoft Sentinel, including analytic rules, hunting queries, workbooks, and playbooks, and to view and manage incidents. It does not grant permissions to delete the Log Analytics workspace or change its settings, which remain protected by the Log Analytics Contributor or Owner roles.
Microsoft Sentinel Responder is limited to incident management actions and cannot create or edit analytic rules.
Log Analytics Contributor provides broad rights to modify workspace configuration, exceeding the required scope.
Microsoft Sentinel Reader is read-only and cannot create or modify analytic rules. Therefore, Microsoft Sentinel Contributor best satisfies the requirement.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the difference between the Microsoft Sentinel Contributor and Responder roles?
Open an interactive chat with Bash
What is a Log Analytics workspace and why is it protected from changes by the Microsoft Sentinel Contributor role?
Open an interactive chat with Bash
Can the Microsoft Sentinel Reader role be upgraded to manage incidents or analytic rules?
Open an interactive chat with Bash
Microsoft Security Operations Analyst Associate SC-200
Manage a security operations environment
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .