ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-200 All Questions

View all questions & answers for the SC-200 exam
Go to Exam

Exam SC-200 topic 3 question 11 discussion

Actual exam question from Microsoft's SC-200
Question #: 11
Topic #: 3
[All SC-200 Questions]

Your company uses Azure Sentinel.
A new security analyst reports that she cannot assign and resolve incidents in Azure Sentinel.
You need to ensure that the analyst can assign and resolve incidents. The solution must use the principle of least privilege.
Which role should you assign to the analyst?

  • A. Azure Sentinel Responder
  • B. Logic App Contributor
  • C. Azure Sentinel Contributor
  • D. Azure Sentinel Reader
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by NoNameP at Aug. 30, 2021, 2:02 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Eltooth
Highly Voted 3 years ago
Roles for working in Azure Sentinel Azure Sentinel-specific roles All Azure Sentinel built-in roles grant read access to the data in your Azure Sentinel workspace. Azure Sentinel Reader can view data, incidents, workbooks, and other Azure Sentinel resources. Azure Sentinel Responder can, in addition to the above, manage incidents (assign, dismiss, etc.) Azure Sentinel Contributor can, in addition to the above, create and edit workbooks, analytics rules, and other Azure Sentinel resources. Azure Sentinel Automation Contributor allows Azure Sentinel to add playbooks to automation rules. It is not meant for user accounts. Correct answer is Azure Sentinel Responder.
upvoted 23 times
...
subhuman
Highly Voted 2 years, 7 months ago
Selected Answer: A
Answer is correct. Using the least privilege principle Microsoft Sentinel Responder is the best role to assign this user
upvoted 5 times
...
Ramye
Most Recent 8 months, 1 week ago
Selected Answer: A
https://learn.microsoft.com/en-us/azure/sentinel/roles
upvoted 1 times
...
chepeerick
1 year ago
Responder
upvoted 1 times
...
stromnessian
2 years, 8 months ago
Selected Answer: A
IMHO the answer is A.
upvoted 1 times
...
NoNameP
3 years, 2 months ago
Correct!
upvoted 1 times
...
somsom
3 years, 2 months ago
correct
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago