ServiceNow CIS-SIR Practice Verified Answers - Pass Your Exams For Sure! [2021]
Valid Way To Pass Certified Implementation Specialist's CIS-SIR Exam
NEW QUESTION 36
What parts of the Security Incident Response lifecycle is responsible for limiting the impact of a security incident?
- A. Preparation and Identification
- B. Detection & Analysis
- C. Containment, Eradication, and Recovery
- D. Post Incident Activity
Answer: C
Explanation:
Explanation/Reference: https://searchsecurity.techtarget.com/definition/incident-response
NEW QUESTION 37
Which one of the following users is automatically added to the Request Assessments list?
- A. The Affected User on the incident
- B. Any user that adds a worknote to the ticket
- C. The analyst assigned to the ticket
- D. Any user who has Response Tasks on the incident
Answer: D
NEW QUESTION 38
What is calculated as an arithmetic mean taking into consideration different values in the CI, Security Incident, and User records?
- A. Severity
- B. Business Impact
- C. Priority
- D. Risk Score
Answer: B
NEW QUESTION 39
There are several methods in which security incidents can be raised, which broadly fit into one of these categories: __________. (Choose two.)
- A. Automatically created
- B. Email parsing
- C. Integrations
- D. Manually created
Answer: A,D
Explanation:
Explanation/Reference: https://docs.servicenow.com/bundle/paris-security-management/page/product/security-incident- response/concept/si-creation.html
NEW QUESTION 40
A flow consists of one or more actions and a what?
- A. NIST Ready State
- B. Change formatter
- C. Trigger
- D. Catalog Designer
Answer: C
NEW QUESTION 41
What is the first step when creating a security Playbook?
- A. Create a Flow
- B. Set the Response Task's state
- C. Create a Runbook
- D. Create a Knowledge Article
Answer: A
NEW QUESTION 42
David is on the Network team and has been assigned a security incident response task. What role does he need to be able to view and work the task?
- A. Security Analyst
- B. External
- C. Security Basic
- D. Read
Answer: A
NEW QUESTION 43
What is the fastest way for security incident administrators to remove unwanted widgets from the Security Incident Catalog?
- A. Talking to the system administrator
- B. Can't be removed
- C. Through the Catalog Definition record
- D. Clicking the X on the top right corner
Answer: C
NEW QUESTION 44
When a record is created in the Security Incident Phishing Email table what is triggered to create a Security Incident?
- A. Ingestion Rule
- B. Transform workflow
- C. Transform flow
- D. Duplication Rule
Answer: A
NEW QUESTION 45
When a service desk agent uses the Create Security Incident UI action from a regular incident, what occurs?
- A. A security incident is raised on their behalf but only a notification is displayed
- B. The service desk agent is redirected to the Security Incident Catalog to complete the record producer
- C. The incident is marked resolved with an automatic security resolution code
- D. A security incident is raised on their behalf and displayed to the service desk agent
Answer: C
NEW QUESTION 46
A flow consists of one or more actions and a what?
- A. NIST Ready State
- B. Change formatter
- C. Trigger
- D. Catalog Designer
Answer: C
Explanation:
Explanation/Reference: https://docs.servicenow.com/bundle/quebec-servicenow-platform/page/administer/flow- designer/concept/flows.html
NEW QUESTION 47
Which Table would be commonly used for Security Incident Response?
- A. sysapproval_approver
- B. sn_si_incident
- C. sec_ops_incident
- D. cmdb_rel_ci
Answer: B
Explanation:
Explanation/Reference: https://docs.servicenow.com/bundle/quebec-security-management/page/product/security- incident-response/reference/installed-with-sir.html
NEW QUESTION 48
Joe is on the SIR Team and needs to be able to configure Territories and Skills.
What role does he need?
- A. Security Analyst
- B. Security Admin
- C. Manager
- D. Security Basic
Answer: B
Explanation:
Explanation/Reference: https://docs.servicenow.com/bundle/quebec-security-management/page/product/security- incident-response/reference/installed-with-sir.html
NEW QUESTION 49
Using the KB articles for Playbooks tasks also gives you which of these advantages?
- A. Enhanced ability to create and present concise, descriptive tasks
- B. Automated activities to run scans and enrich Security Incidents with real time data
- C. Improved visibility to threats and vulnerabilities
- D. Automated activities to resolve security Incidents through patching
Answer: C
NEW QUESTION 50
What is the name of the Inbound Action that validates whether an inbound email should be processed as a phishing email for URP v2?
- A. Create Phishing Email
- B. User Reporting Phishing (for Forwarded emails)
- C. Scan email for threats
- D. User Reporting Phishing (for New emails)
Answer: B
NEW QUESTION 51
What is the purpose of Calculator Groups as opposed to Calculators?
- A. To ensure one at maximum will run per group
- B. To set the condition for all calculators to run
- C. To allow the agent to select which calculator they want to execute
- D. To provide metadata about the calculators
Answer: B
NEW QUESTION 52
Joe is on the SIR Team and needs to be able to configure Territories and Skills. What role does he need?
- A. Security Analyst
- B. Security Admin
- C. Manager
- D. Security Basic
Answer: B
NEW QUESTION 53
To configure Security Incident Escalations, you need the following role(s):.
- A. sn_si.admin or sn_si.manager
- B. sn_si.admin or sn_si.ciso
- C. sn_si.admin
- D. sn_si.manager or sn_si.analyst
Answer: C
NEW QUESTION 54
......
ServiceNow CIS-SIR Pre-Exam Practice Tests | RealVCE: https://www.realvce.com/CIS-SIR_free-dumps.html