ServiceNow CSA - ServiceNow Certified System Administrator

When importing data intoServiceNow, anImport Setis created, and aTransform Mapis used to map data from the Import Set table to a target table (such asincident,cmdb_ci, oruser).

ATransform Mapdefineshow data from an Import Set is transferred to the target table. One of its key characteristics is that it can beused multiple times on the same import setto reprocess data or correct mapping errors.

Import Set Table:

Temporary storage for incoming data.

Data remains in the Import Set table until transformed.

Transform Map:

Areusable mappingthat determines how fields in the Import Set correspond to fields in the target table.

Can be runmultiple timeson the same Import Set data.

Coalesce Fields:

Usedbefore transformationto determine whether toupdate existing records or create new ones.

Key Characteristics of Importing Data in ServiceNow:

You import a CSV file into anImport Set Table.

You apply aTransform Mapto map data to theUser (sys_user) table.

If an issue occurs, you canrerun the Transform Map on the same Import Setinstead of reimporting the file.

Example Scenario:

A. An existing Transform Map can be used one time on the same import set– Incorrect.

Transform Maps can be reusedmultiple times on the same Import Set data.

B. Coalesce fields are used only after running Transform– Incorrect.

Coalesce fields are used before transformationto determine if a record should be updated or inserted.

C. Any user can manage and set up import sets– Incorrect.

Onlyusers with the appropriate roles(such asimport_adminoradmin) can manage Import Sets.

Explanation of Incorrect Answers:

ServiceNow Product Documentation → Import Sets and Transform Maps

ServiceNow CSA Study Guide → Data Import and Management

ServiceNow Knowledge Base → Understanding Coalesce Fields in Import Sets

References from Certified System Administrator (CSA) Documentation:

Thesix methods available for user authenticationin ServiceNow are:

Local Database– The user authenticates using a username and password stored in theinstance database.

Multifactor Authentication (MFA)– The user provides their username, password, and apasscode(e.g., from Google Authenticator).

LDAP (Lightweight Directory Access Protocol)– The user authenticates using credentials stored in a corporateLDAP directory.

SAML 2.0 (Security Assertion Markup Language)– The user is authenticated via an externalSAML Identity Provider (IdP).

OAuth 2.0– The user authenticates via anOAuth identity provider(such as Google, Microsoft, or Facebook).

Digest Token Authentication– The user authenticates using anencrypted tokenrather than directly submitting a password.

Thus, the correct answer is:

A, B, C, D, E, F

ServiceNow supports multiple authentication methods to provideflexibility, security, and integration capabilitieswith external identity providers.

Local Database Authentication:

ServiceNow storesusernames and passwordsin the internal database.

Users authenticate directly with the instance.

This method is commonly used when no external authentication provider is configured.

Multifactor Authentication (MFA):

Enhances security by requiringtwo authentication factors:

Username and password(stored in the database).

Passcodefrom a registered device (such as Google Authenticator, Microsoft Authenticator).

MFA helpsprevent unauthorized accesseven if credentials are compromised.

LDAP Authentication:

Allows users toauthenticate against an external LDAP directory(such as Microsoft Active Directory).

The user must have amatching record in the ServiceNow user table ([sys_user]).

ServiceNowdoes not store passwordswhen using LDAP; it only validates credentials against the directory.

SAML 2.0 Authentication:

Users authenticate via aSAML Identity Provider (IdP)such asOkta, Microsoft Azure AD, or Ping Identity.

ServiceNow acts as aService Provider (SP)and does not store passwords.

ProvidesSingle Sign-On (SSO)capabilities.

OAuth 2.0 Authentication:

Allows authentication viaOAuth providers(Google, Facebook, Microsoft, etc.).

Users do not need to store passwords in ServiceNow; instead, authentication is delegated to theOAuth identity provider.

Digest Token Authentication:

Uses anencrypted token(instead of a plaintext password) to authenticate users.

Often used forAPI-based authenticationor scenarios where passwords should not be transmitted over the network.

Each method aligns with ServiceNow's authentication mechanisms as per official documentation.

ServiceNow supports a hybrid authentication approach, allowing multiple methods to coexist.

ServiceNow Docs – Authentication Methodshttps://docs.servicenow.com

ServiceNow Security Best Practices – Authentication & Access Controls

ServiceNow Developer Portal – SSO & OAuth Authentication

Why These Are the Correct Methods?References from Certified System Administrator (CSA) Documentation:

InServiceNow,User Impersonationallows anadmin or a user with the appropriate roleto temporarily act as another userwithout needing their password. This is mainly used fortesting and visibility, helping administrators and developers verify user permissions, role-based access, and UI experiences.

Testing Permissions & Roles

Ensures thatusers have the correct access rights(e.g., verifying ITIL user permissions for incident management).

Helps testUI Policies, Business Rules, and ACLs (Access Control Rules)by viewing the system from the perspective of different roles.

Debugging & Troubleshooting

Identifies why a usercannot access certain records or modules.

Helps inresolving permission-related issueswithout affecting live users.

Experience Validation

Ensures userssee the correct menus, fields, and optionsbased on their assigned roles.

Useful when developingnew applications, workflows, or Service Catalog items.

Admins and authorized userscan impersonate by clicking on their name in the top-right corner and selectingImpersonate User.

Once impersonated, all actions are logged for security and compliance.

Primary Functions of User Impersonation:How to Use Impersonation:

(A) Testing and visibility – Correct

The primary function ofuser impersonationis totest and verify what different users can see and doin the system.

It helps withdebugging UI, role-based access, ACLs, and workflow execution.

(B) Activate verbose logging – Incorrect

Verbose loggingis used fordetailed debugging and performance monitoring, butimpersonation does not enable logging features.

(C) View custom perspectives – Incorrect

ServiceNow doesnotuse the term "custom perspectives" in the context of impersonation.

Impersonationshows what a specific user sees based on their roles, but it doesnot create custom perspectives.

(D) Unlock Application master list – Incorrect

There isno such featureas an "Application Master List" that requires impersonation to unlock.

Application access is controlled byroles and permissions, not impersonation.

Explanation of Each Option:

Never impersonate a user without permission, especially in production environments.

All impersonation actions are loggedin the system for security and auditing purposes.

Use impersonation in a sub-production (development or test) instancebefore making changes to production.

Admins should use impersonation instead of logging in with test user accountsto maintain security and accountability.

Additional Notes & Best Practices:

ServiceNow Docs: Impersonating Users

https://docs.servicenow.com

ServiceNow Community: Best Practices for User Impersonation

https://community.servicenow.com

References from Certified System Administrator (CSA) Documentation:

In ServiceNow, user records are stored in theUser [sys_user]table. This table contains all user-related data, including usernames, email addresses, roles, department affiliations, and more.

User ID(user_name) – Unique identifier for the user.

First Name & Last Name(first_name,last_name) – User’s full name.

Email(email) – The user’s email address.

Department(department) – The department to which the user belongs.

Roles(roles) – List of assigned roles that determine access permissions.

Active(active) – Indicates whether the user account is active or inactive.

B. User [sys_user_group]– Incorrect. This table storesgroups, not individual users.

C. User [syst_user_profile]– Incorrect. This table does not exist in ServiceNow.

D. User [user_profile]– Incorrect. There is no such table in ServiceNow.

ServiceNow Docs: User Administration – sys_user Table

ServiceNow CSA Study Guide – User and Group Administration

Key Fields in thesys_userTable:Explanation of Incorrect Options:References from Certified System Administrator (CSA) Documentation:

ARecord ProducerinServiceNowis atype of Catalog Itemthat allows users to create records intables(such as Incidents, Change Requests, or HR Cases) from theService Catalog. It provides asimplified and user-friendly interfacefor users to submit structured data without needing direct access to the actual form or database tables.

Key Features of a Record Producer:✔Creates task-based recordsin the appropriate table (e.g.,incident,sc_task,problem).

✔Uses a simplified forminstead of the standard form view of a record.

✔Can trigger workflows and business ruleswhen submitted.

✔Maps user inputs to table fieldsviaVariable Mappings.

An employee wants toreport a broken laptopbut does not need to see the fullIncident form.

The IT team creates aRecord Producernamed "Report an IT Issue" in theService Catalog.

The Record Producercollects user input(e.g., issue description, urgency, contact information).

Upon submission, itcreates an Incident record (incidenttable)in ServiceNow.

Example Use Case:

Why the Correct Answer is D:D. A Record Producer is a type of a Catalog Item that allows users to create task-based records from the Service Catalog(Correct)

This is the most accurate description of aRecord Producer.

It allows users tocreate recordsin a specifiedtask table (Incident, Change, Request, etc.)through theService Catalog.

Why the Other Options Are Incorrect:A. A Record Producer is a type of Catalog Item that is used for Requests, not Services (Incorrect)

Record Producers are not limited to Requests.

They can create various types of records, including Incidents, Change Requests, and HR Cases.

B. A Record Producer creates user records (Incorrect)

A Record Producerdoes not create user records(users are managed in thesys_usertable).

Instead, itcreates task-based recordsin other tables likeincidentorsc_task.

C. A Record Producer is a type of Catalog Item that provides easy ordering by bundling requests (Incorrect)

Order Guides, not Record Producers, handlebundling multiple Catalog Items into a single request.

ARecord Producer creates a single recordin a defined table.

Comparison: Record Producer vs. Other Catalog ItemsFeature

Record Producer

Standard Catalog Item

Order Guide

Creates a record in a ServiceNow table

Yes

No

No

Used to order physical/digital goods

No

Yes

Yes

Can bundle multiple requests

No

No

Yes

Uses a form-based submission

Yes

Yes

Yes

ServiceNow follows asingle-instance, single-tenant architecture,nota multiple-tenant architecture. This means:

Single-Instance:

Each ServiceNow instance is aunique, independent environmentfor a customer.

All customers have their own dedicated instance with their owncustom configurations, data, workflows, and applications.

ServiceNow instances are hosted in amulti-instance cloud modelrather than a multi-tenant model.

Single-Tenant Model (Multi-Instance Architecture):

Unlikemulti-tenant architectures(where multiple customers share the same application and database), ServiceNow provideseach customer with a separate, isolated instance.

Thisensures data security, performance isolation, and customization flexibility.

Each instance has its owndata storage, configuration, and upgrade schedule, reducing risks associated with shared environments.

Why ServiceNow Uses Multi-Instance Instead of Multi-Tenant:

Security & Data Isolation:Since each customer has an independent instance, there isno risk of data leakagebetween tenants.

Customization & Flexibility:Customers cancustomizetheir instance freely without affecting others.

Performance & Scalability:Each instance can bescaled independently, ensuring optimal performance.

ServiceNow does NOT use a multiple-tenant architecture.

ServiceNow follows a single-instance, single-tenant (multi-instance) model.

Each customer has a dedicated instance with isolated resources and configurations.

A multi-tenant architecturemeans multiple customerssharethe same application/database with logical separation, which is NOT the case in ServiceNow.

ServiceNow instead provides separate instancesfor each customer, meaning it isnota true multi-tenant system.

ServiceNow Product Documentation – Multi-Instance Cloud Modelhttps://docs.servicenow.com

ServiceNow Community – Single-Tenant vs. Multi-Tenant Explained

ServiceNow Best Practices – Security & Instance Architecture

Why Option B (False) Is Correct?Why Option A (True) Is Incorrect?References from Certified System Administrator (CSA) Documentation:

AUI Actionin ServiceNow can be configured toprompt or notify users when an action is completed, such as submitting an Incident. UI Actions are used to createbuttons, links, or context menu itemsthat trigger specific actions.

AUI Action(e.g., a "Submit" button on the Incident form) can be configured with asuccess messageusing thegs.addInfoMessage()function.

This message is displayed after the form submission to inform the user that theirIncident has been successfully submitted.

How UI Actions Can Prompt a Success Message:Example of a UI Action Script:javascript

CopyEdit

gs.addInfoMessage("The incident has been successfully submitted.");

This will display aconfirmation messageat the top of the page when an Incident is submitted.

Why "True" is the Correct Answer:UI Actions can display confirmation messages usinggs.addInfoMessage()or similar methods.

Why "False" is Incorrect:UI Actionscanbe used to provide user feedback, including success messages for actions like submitting an incident.

Abusiness rulein ServiceNow is a server-side script written inJavaScriptthat executes when a record is inserted, updated, deleted, or queried. Business rules allow for automation and enforcement of business logic without requiring manual intervention.

Business rules arenot tied to formsbut instead runon the server-sidewhen a database operation occurs. They can be configured to execute:

Beforea record is saved (Before Business Rule)

Aftera record is saved (After Business Rule)

Asynchronously(Async Business Rule)

Before a query is run on the database(Query Business Rule)

Explanation of the Correct Answer:B. A business rule can be a piece of JavaScript(Correct)

Business rules are written inJavaScript, allowing administrators to define custom logic that executes on the server.

These scripts can modify data, enforce rules, validate fields, or trigger other workflows.

Example JavaScript snippet for a business rule:

if(current.state=='3'&& current.priority!='1') {

current.priority='1';

gs.addInfoMessage("Priority set to High because state is Resolved.");

}

This rule ensures that if an incident's state is changed toResolved, its priority is automatically set to High.

Why the Other Options Are Incorrect:A. A business rule must run before a database action occurs (Incorrect)

Business rulescan run before a database action occurs, but they can also executeafterorasynchronously.

Business rules have four execution types:

Before– Runs before the record is inserted/updated in the database.

After– Runs after the record is committed to the database.

Async– Runs in the background after the transaction completes.

Query– Runs before data is returned to a user (modifies query results).

C. A business rule must not run before a database action occurs (Incorrect)

This is false because some business rulesdo run beforea database action (e.g., aBefore Business Rulecan validate data before saving).

D. A business rule monitors fields on a form (Incorrect)

Business rulesdo not monitor form fields directly. Instead, they execute based on database operations.

If real-time monitoring of form fields is needed,Client Scripts(not Business Rules) are used for this purpose.

Automaticallyassigning prioritybased on ticket severity.

Preventing updates to certain records if a condition is not met.

Sending email notifications when a record changes.

Modifying data before it is saved to enforce business policies.

Example Use Cases for Business Rules:

When a user places an order for an item or service from theService Catalogin ServiceNow, the system generates aRequest (REQ). This is a core component ofRequest Managementwithin the IT Service Management (ITSM) module.

User Places an Order:

The user selects an item from theService Catalog(e.g., a laptop, software, or an access request).

The order may consist of multiple items, depending on the selection.

ServiceNow Generates a Request (REQ):

ThisRequest (REQ#)acts as the umbrella record that tracks the order as a whole.

It is stored in thesc_requesttable.

Creation of Requested Items (RITM#):

Each item within the request generates aRequested Item (RITM#), stored in thesc_req_itemtable.

For example, if the user orders a laptop and a software license, two RITM records are created under the same Request.

Tasks (SCTASK#) Are Created:

Each Requested Item (RITM) may trigger one or moreCatalog Tasks (SCTASK#)in thesc_tasktable.

These tasks define the steps required to fulfill the request (e.g., procurement, approval, and configuration).

A. A Change Request– Incorrect. AChange Request (CHG#)is created only if the requested item involves changes to the infrastructure, such as a server upgrade. Not all catalog items require a change request.

B. An Order Guide– Incorrect. AnOrder Guideis a tool within the Service Catalog that helps users order multiple related items at once. However, it does not get generated when an order is placed.

D. An SLA– Incorrect. AService Level Agreement (SLA)may be associated with the request or tasks, but it is not automatically generated when a request is placed.

ServiceNow Product Documentation → Service Catalog → Request Fulfillment

ServiceNow CSA Study Guide → Service Catalog and Request Management

ServiceNow Tables Reference → sc_request, sc_req_item, sc_task

Understanding the Request Process in ServiceNow:Explanation of Incorrect Answers:References from Certified System Administrator (CSA) Documentation: