ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-200 All Questions

View all questions & answers for the SC-200 exam
Go to Exam

Exam SC-200 topic 6 question 33 discussion

Actual exam question from Microsoft's SC-200
Question #: 33
Topic #: 6
[All SC-200 Questions]

HOTSPOT
-

You have an Azure subscription named Sub1 that contains the resources shown in the following table.



You plan to configure Rule1 to trigger Lapp1 when an incident is generated.

You need to recommend the role-based access control (RBAC) role that you should assign to WS1, and the scope at which should you assign the role. The solution must follow the principle of least privilege.

What should you recommend? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by Optimizor_IT at April 10, 2025, 2:14 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Optimizor_IT
4 weeks, 1 day ago
Role: Microsoft Sentinel Playbook Operator gives WS1 the ability to trigger LApp1 (Microsoft.Logic/workflows/trigger/action), which is exactly what Rule1 needs to invoke the Logic App when an incident fires. Scope: Assigning it to LApp1 limits the permission to just that Logic App, adhering to least privilege by not granting unnecessary access to RG2, RG1, or Sub1. Managed Identity: WS1 likely uses a system-assigned managed identity (common for Sentinel automation). Assigning this role to that identity at LApp1’s scope completes the chain.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago