Crucial Exams

Microsoft Security Operations Analyst Associate SC-200 Practice Question

Your organization uses Microsoft Purview Insider Risk Management. A security operations analyst opens a high-severity insider risk alert in the Microsoft Defender portal but cannot preview the SharePoint documents that triggered the alert; the viewer displays "Preview not available." You must ensure the analyst can see full file and email content during future investigations without giving unnecessary additional rights. Which role group should you assign to the analyst?

  • eDiscovery Manager

  • Insider Risk Management Analysts

  • Compliance Data Administrator

  • Insider Risk Management Investigators

Microsoft Security Operations Analyst Associate SC-200
Manage incident response
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot