Complete list of current Q & A>> Download ServiceNow Security Incident Response (CIS-SIR) – Quiz 1 / 15 Category: ServiceNow Security Incident Response (CIS-SIR) 1. What is the key to a successful implementation? A. Sell customer the most expensive package B. Implementing everything that we offer C. Understanding the customer’s goals and objectives D. Building custom integrations 2 / 15 Category: ServiceNow Security Incident Response (CIS-SIR) 2. To configure Security Incident Escalations, you need the following role(s): __________. A. sn_si.admin B. sn_si.admin or sn_si.manager C. sn_si.admin or sn_si.ciso D. sn_si.manager or sn_si.analyst 3 / 15 Category: ServiceNow Security Incident Response (CIS-SIR) 3. What is the first step when creating a security Playbook? A. Set the Response Task's state B. Create a Flow C. Create a Runbook D. Create a Knowledge Article 4 / 15 Category: ServiceNow Security Incident Response (CIS-SIR) 4. There are several methods in which security incidents can be raised, which broadly fit into one of these categories: __________. (Choose two.) A. Integrations B. Manually created C. Automatically created D. Email parsing 5 / 15 Category: ServiceNow Security Incident Response (CIS-SIR) 5. Which Table would be commonly used for Security Incident Response? A. sysapproval_approver B. sec_ops_incident C. cmdb_rel_ci D. sn_si_incident 6 / 15 Category: ServiceNow Security Incident Response (CIS-SIR) 6. Select the one capability that retrieves a list of running processes on a CI from a host or endpoint. A. Get Network Statistics B. Isolate Host C. Get Running Processes D. Publish Watchlist E. Block Action F. Sightings Search 7 / 15 Category: ServiceNow Security Incident Response (CIS-SIR) 7. What is the fastest way for security incident administrators to remove unwanted widgets from the Security Incident Catalog? A. Clicking the X on the top right corner B. Talking to the system administrator C. Can't be removed D. Through the Catalog Definition record 8 / 15 Category: ServiceNow Security Incident Response (CIS-SIR) 8. What three steps enable you to include a new playbook in the Selected Playbook choice list? (Choose three.) A. Add the TLP: GREEN tag to the playbooks that you want to include in the Selected Playbook choice list B. Navigate to the sys_hub_flow.list table C. Search for the new playbook you have created using Flow Designer D. Add the sir_playbook tag to the playbooks that you want to include in the Selected Playbook choice list E. Navigate to the sys_playbook_flow.list table 9 / 15 Category: ServiceNow Security Incident Response (CIS-SIR) 9. Which improvement opportunity can be found baseline which can contribute towards process maturity and strengthen costumer’s overall security posture? A. Post-Incident Review B. Fast Eradication C. Incident Containment D. Incident Analysis 10 / 15 Category: ServiceNow Security Incident Response (CIS-SIR) 10. What are two of the audiences identified that will need reports and insight into Security Incident Response reports? (Choose two.) A. Analysts B. Vulnerability Managers C. Chief Information Security Officer (CISO) C. Chief Information Security Officer (CISO) 11 / 15 Category: ServiceNow Security Incident Response (CIS-SIR) 11. The Risk Score is calculated by combining all the weights using __________. A. an arithmetic mean B. addition C. the Risk Score script include D. a geometric mean 12 / 15 Category: ServiceNow Security Incident Response (CIS-SIR) 12. The severity field of the security incident is influenced by what? A. The cost of the response to the security breach B. The impact, urgency and priority of the incident C. The time taken to resolve the security incident D. The business value of the affected asset 13 / 15 Category: ServiceNow Security Incident Response (CIS-SIR) 13. The following term is used to describe any observable occurrence: __________. A. Incident B. Log C. Ticket D. Alert E. Event 14 / 15 Category: ServiceNow Security Incident Response (CIS-SIR) 14. What is the purpose of Calculator Groups as opposed to Calculators? A. To provide metadata about the calculators B. To allow the agent to select which calculator they want to execute C. To set the condition for all calculators to run D. To ensure one at maximum will run per group 15 / 15 Category: ServiceNow Security Incident Response (CIS-SIR) 15. What makes a playbook appear for a Security Incident if using Flow Designer? A. Actions defined to create tasks B. Trigger set to conditions that match the security incident C. Runbook property set to true D. Service Criticality set to High Your score is 0% Restart quiz Send feedback
