The answer is B.
You can create a Playbook in the automation blade of Sentinel. Also, when you are creating the playbook, as part of the process you will create a logic app.
You do NOT need to create an automation rule for creating a playbook. The playbooks can run independent of the automation rule as well.
First create the conditions to trigger the playbook so the selected answer of C should be the correct one.
An automation rule is the first thing to create when needing to create a playbook, the automation rule will determine the conditions to be met before the playbook is triggered. Logic Apps is then used to configure the behavior of the playbook only after it has been triggered.
Confirmed by SC-200 Microsoft Practice Assessment
https://learn.microsoft.com/en-us/credentials/certifications/exams/sc-200/practice/assessment?assessment-type=practice&assessmentId=59
All of comments are wrong
First thing is creating the flow which will trigger the playbook
https://learn.microsoft.com/en-us/azure/sentinel/automate-responses-with-playbooks?ssp=1&darkschemeovr=1&setlang=en&cc=EG&safesearch=moderate#steps-for-creating-a-playbook
Playbooks in Azure Sentinel are created using Logic Apps. To create a new Logic App, click on "Playbooks" in the left-hand menu under "Configuration."
Click the "+ Add" button to create a new playbook.
i'd say from these answers, i think 'logic app'
hunting query makes no sense, automation rule is dependent of a existing logic app, azure functions doesn't make sense.
Azure logic apps are a workflow automation platform that provides a visual designer to model and automate processes as a series of steps or actions. Logic apps can be triggered by events, such as an alert in Microsoft Sentinel, and can perform a variety of actions, such as sending an email or creating a work item in Azure DevOps.
First step in creating a new play book is Select Automation, select Create.
https://learn.microsoft.com/en-us/azure/sentinel/tutorial-respond-threats-playbook?tabs=LAC%2Cincidents
https://learn.microsoft.com/en-us/azure/sentinel/tutorial-respond-threats-playbook?tabs=LAC%2Cincidents when you create automation rule you can provite playbook (logic app) in action tab so firt you must create logic app and then automation rule
upvoted 1 times
...
...
...
This section is not available anymore. Please use the main Exam Page.SC-200 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
PhoenixSlasher
Highly Voted 2 years, 2 months agouser636
Most Recent 8 months agoDChilds
1 year agoRamye
1 year, 1 month agokazaki
1 year, 2 months agochepeerick
1 year, 5 months agoemv
1 year, 7 months agobillo79152718
1 year, 8 months agoevilprime
2 years agoCenos
2 years, 1 month agoantoniokt
2 years, 1 month ago[Removed]
2 years, 1 month agojwkin
2 years, 2 months agojwkin
2 years, 2 months agowyindualizer
2 years, 1 month ago