DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Latest ServiceNow CIS-SIR Exam Questions and Answers, 2025 Update | SPOTO

SPOTO's latest exam dumps on the homepage, with a 100% pass rate! SPOTO delivers authentic Cisco CCNA, CCNP study materials, CCIE Lab solutions, PMP, CISA, CISM, AWS, and Palo Alto exam dumps. Our comprehensive study materials are meticulously aligned with the latest exam objectives. With a proven track record, we have enabled thousands of candidates worldwide to pass their IT certifications on their first attempt. Over the past 20+ years, SPOTO has successfully placed numerous IT professionals in Fortune 500 companies.
Take other online exams
Question #1
What is the name of the Inbound Action that validates whether an inbound email should be processed as a phishing email for URP v2?
A. User Reporting Phishing (for Forwarded emails)
B. Scan email for threats
C. User Reporting Phishing (for New emails)
D. Create Phishing Email
View answer
Correct Answer: A
Question #2
This type of integration workflow helps retrieve a list of active network connections from a host or endpoint, so it can be used to enrich incidents during investigation.
A. ecurity Incident Response – Get Running Services
B. ecurity Incident Response – Get Network Statistics
C. ecurity Operations Integration – Sightings Search
D. ecurity Operations Integration – Block Request
View answer
Correct Answer: B
Question #3
What makes a playbook appear for a Security Incident if using Flow Designer?
A. Actions defined to create tasks
B. Trigger set to conditions that match the security incident
C. Runbook property set to true
D. Service Criticality set to High
View answer
Correct Answer: B
Question #4
What makes a playbook appear for a Security Incident if using Flow Designer?
A. Actions defined to create tasks
B. Trigger set to conditions that match the security incident
C. Runbook property set to true
D. Service Criticality set to High
View answer
Correct Answer: B
Question #5
The severity field of the security incident is influenced by what?
A. The time taken to resolve the security incident
B. The cost of the response to the security breach
C. The business value of the affected asset
D. The impact, urgency and priority of the incident
View answer
Correct Answer: C
Question #6
If a desired pre-built integration cannot be found in the platform, what should be your next step to find a certified integration?
A. uild your own through the REST API Explorer
B. sk for assistance in the community page
C. ownload one from ServiceNow Share
D. ook for one in the ServiceNow Store
View answer
Correct Answer: D
Question #7
What role(s) are required to add new items to the Security Incident Catalog?
A. requires the sn_si
B. requires the sn_si
C. requires both sn_si
D. requires the admin role
View answer
Correct Answer: D
Question #8
The Risk Score is calculated by combining all the weights using .
A. Aan arithmetic mean
B. Baddition
C. Cthe Risk Score script include
D. Da geometric mean
View answer
Correct Answer: A
Question #9
Joe is on the SIR Team and needs to be able to configure Territories and Skills. What role does he need?
A. ecurity Basic
B. anager
C. ecurity Analyst
D. ecurity Admin
View answer
Correct Answer: D
Question #10
Security tag used when a piece of information requires support to be effectively acted upon, yet carries risks to privacy, reputation, or operations if shared outside of the organizations involved.
A. TLP: GREENcorrect
B. TLP: AMBERcorrect
C. TLP: RED
D. TLP: WHITEcorrect
View answer
Correct Answer: ABD
Question #11
What is calculated as an arithmetic mean taking into consideration different values in the CI, Security Incident, and User records?
A. riority
B. usiness Impact
C. everity
D. isk Score
View answer
Correct Answer: B
Question #12
Which one of the following users is automatically added to the Request Assessments list?
A. AAny user that adds a worknote to the ticket
B. BThe analyst assigned to the ticket
C. CAny user who has Response Tasks on the incident
D. DThe Affected User on the incident
View answer
Correct Answer: C
Question #13
If a desired pre-built integration cannot be found in the platform, what should be your next step to find a certified integration?
A. Build your own through the REST API Explorer
B. Ask for assistance in the community page
C. Download one from ServiceNow Share
D. Look for one in the ServiceNow Store
View answer
Correct Answer: D
Question #14
What is the key to a successful implementation?
A. Sell customer the most expensive package
B. Implementing everything that we offer
C. Understanding the customer's goals and objectives
D. Building custom integrations
View answer
Correct Answer: C
Question #15
The Risk Score is calculated by combining all the weights using .
A. an arithmetic mean
B. addition
C. the Risk Score script include
D. a geometric mean
View answer
Correct Answer: A
Question #16
The following term is used to describe any observable occurrence: _____________.
A. Incident
B. Log
C. Ticket
D. Alert
E. Event
View answer
Correct Answer: E
Question #17
Which of the following are potential benefits for utilizing Security Incident assignment automation? (Choose two.)
A. Decreased Time to Containment
B. Increased Mean Time to Remediationcorrect
C. Decreased Time to Ingestion
D. Increased resolution process consistencycorrect
View answer
Correct Answer: BD
Question #18
The severity field of the security incident is influenced by what?
A. The cost of the response to the security breach
B. The impact, urgency and priority of the incident
C. The time taken to resolve the security incident
D. The business value of the affected asset
View answer
Correct Answer: D
Question #19
Which Table would be commonly used for Security Incident Response?
A. sysapproval_approver
B. sec_ops_incident
C. cmdb_rel_ci
D. sn_si_incident
View answer
Correct Answer: D
Question #20
Using the KB articles for Playbooks tasks also gives you which of these advantages?
A. Automated activities to run scans and enrich Security Incidents with real time data
B. Automated activities to resolve security Incidents through patching
C. Improved visibility to threats and vulnerabilitiescorrect
D. Enhanced ability to create and present concise, descriptive tasks
View answer
Correct Answer: C
Question #21
The benefits of improved Security Incident Response are expressed.
A. as desirable outcomes with clear, measurable Key Performance Indicators
B. differently depending upon 3 stages: Process Improvement, Process Design, and Post Go-Live
C. as a series of states with consistent, clear metricscorrect
D. as a value on a scale of 1-10 based on specific outcomes
View answer
Correct Answer: C
Question #22
In order to see the Actions in Flow Designer for Security Incident, what plugin must be activated?
A. erformance Analytics for Security Incident Response
B. ecurity Spoke
C. ecurity Operations Spoke
D. ecurity Incident Spoke
View answer
Correct Answer: C
Question #23
The following term is used to describe any observable occurrence: .
A. Incident
B. Log
C. Ticket
D. Alert
E. Event
View answer
Correct Answer: E
Question #24
When a record is created in the Security Incident Phishing Email table what is triggered to create a Security Incident?
A. Transform workflow
B. Ingestion Rule
C. Duplication Rule
D. Transform flow
View answer
Correct Answer: B
Question #25
What are some of the recommended duties each SIR team should have?
A. Coaching
B. Monitoring activities
C. Testing
D. All of the above
View answer
Correct Answer: D
Question #26
There are several methods in which security incidents can be raised, which broadly fit into one of these categories: . (Choose two.)
A. AIntegrations
B. BManually created
C. CAutomatically created
D. DEmail parsing
View answer
Correct Answer: BC
Question #27
What three steps enable you to include a new playbook in the Selected Playbook choice list? (Choose three.)
A. AAdd the TLP: GREEN tag to the playbooks that you want to include in the Selected Playbook choice list
B. BNavigate to the sys_hub_flow
C. CSearch for the new playbook you have created using Flow Designer
D. DAdd the sir_playbook tag to the playbooks that you want to include in the Selected Playbook choice list
E. ENavigate to the sys_playbook_flow
View answer
Correct Answer: BCD
Question #28
The severity field of the security incident is influenced by what?
A. The cost of the response to the security breach
B. The impact, urgency and priority of the incident
C. The time taken to resolve the security incident
D. The business value of the affected asset
View answer
Correct Answer: D
Question #29
What roles are required to modify Security Incident Catalog items?
A. sn_si
B. (platform) admin and sn_si
C. (platform) admin and sn_si
D. sn_si
View answer
Correct Answer: C
Question #30
Incident severity is influenced by the business value of the affected asset. Which of the following are asset types that can be affected by an incident? (Choose two.)
A. usiness Service
B. onfiguration Item
C. alculator Group
D. everity Calculator
View answer
Correct Answer: AB

View The Updated ServiceNow Exam Questions

SPOTO Provides 100% Real ServiceNow Exam Questions for You to Pass Your ServiceNow Exam!

Get ServiceNow Practice Test

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.