Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

ServiceNow CIS-SIR - Certified Implementation Specialist - Security Incident Response Exam

ServiceNow CIS-SIR Premium Access     Download Demo    
Page: 1 / 2
Total 60 questions

Security tag used when a piece of information requires support to be effectively acted upon, yet carries risks to privacy, reputation, or operations if shared outside of the organizations involved.

A.

TLP:GREEN

B.

TLP:AMBER

C.

TLP:RED

D.

TLP:WHITE

Using the KB articles for Playbooks tasks also gives you which of these advantages?

A.

Automated activities to run scans and enrich Security Incidents with real time data

B.

Automated activities to resolve security Incidents through patching

C.

Improved visibility to threats and vulnerabilities

D.

Enhanced ability to create and present concise, descriptive tasks

What is calculated as an arithmetic mean taking into consideration different values in the CI, Security Incident, and User records?

A.

Priority

B.

Business Impact

C.

Severity

D.

Risk Score

Which of the following State Flows are provided for Security Incidents? (Choose three.)

A.

NIST Open

B.

SANS Open

C.

NIST Stateful

D.

SANS Stateful

Which of the following are potential benefits for utilizing Security Incident assignment automation? (Choose two.)

A.

Decreased Time to Containment

B.

Increased Mean Time to Remediation

C.

Decreased Time to Ingestion

D.

Increased resolution process consistency

What is the fastest way for security incident administrators to remove unwanted widgets from the Security Incident Catalog?

A.

Clicking the X on the top right corner

B.

Talking to the system administrator

C.

Can't be removed

D.

Through the Catalog Definition record

When a record is created in the Security Incident Phishing Email table what is triggered to create a Security Incident?

A.

Ingestion Rule

B.

Transform flow

C.

Transform workflow

D.

Duplication Rule

When a service desk agent uses the Create Security Incident UI action from a regular incident, what occurs?

A.

The incident is marked resolved with an automatic security resolution code

B.

A security incident is raised on their behalf but only a notification is displayed

C.

A security incident is raised on their behalf and displayed to the service desk agent

D.

The service desk agent is redirected to the Security Incident Catalog to complete the record producer

Which of the following fields is used to identify an Event that is to be used for Security purposes?

A.

IT

B.

Classification

C.

Security

D.

CI

Flow Triggers can be based on what? (Choose three.)

A.

Record changes

B.

Schedules

C.

Subflows

D.

Record inserts

E.

Record views