The system automatically sets which field when an administrator attempts to modify a policy,
application, or module that belongs to another domain higher in the hierarchy?
D
Explanation:
When an administrator attempts to modify a policy, application, or module that belongs to another
domain higher in the hierarchy, the system automatically sets the sys_domain_owner field. This field
ensures that the ownership of the record is correctly attributed to the domain that originally created
or owns the record, maintaining the integrity and separation of data across different domains.
Reference:
•
ServiceNow Domain Separation - Advanced Concepts and Configurations
•
Understanding Domain Separation - Basics
Process Separation is also known as:
D
Explanation:
Process Separation in ServiceNow is also known as domain administration. This concept is part of the
broader domain separation feature, which allows you to separate data, processes, and administrative
tasks into logical groupings called domains. This is particularly useful for Managed Service Providers
(MSPs) or large enterprises that need to manage multiple clients or departments within a single
ServiceNow instance. Domain separation ensures that each domain can have its own set of data,
processes, and administrative controls, providing a high level of customization and security.
For more detailed information, you can refer to the following resources:
•
ServiceNow Support Article on Domain Separation
•
Understanding Domain Separation in ServiceNow
Which role restricts access and allows for managing items in a domain-separated catalog?
D
Explanation:
The role domain_catalog_admin is specifically designed to manage items within a domain-separated
catalog in ServiceNow. This role restricts access and allows for the management of catalog items,
ensuring that only users with the appropriate permissions can make changes within their designated
domain. This is crucial for maintaining data privacy and integrity across different domains, especially
in environments where multiple customers or departments are served by a single ServiceNow
instance.
Reference:
•
ServiceNow Domain Separation and Service Catalog1
•
ServiceNow Product Documentation on Domain Separation2
Which of the following is a good practice to allow Service Providers to view all customer data?
A
Explanation:
Setting up a domain contains relationship is a good practice to allow Service Providers to view all
customer data. This approach leverages ServiceNow’s domain separation capabilities, which enable
data segregation and access control across different domains. By configuring a domain contains
relationship, you can ensure that Service Providers have the necessary visibility into customer data
while maintaining proper data governance and security.
Reference:
•
ServiceNow Domain Separation Documentation
•
ServiceNow Knowledge Base Article
Name the methods available to provide data access to a user outside of their domain hierarchy.
Choose 2 answers
CD
Explanation:
In ServiceNow, providing data access to a user outside of their domain hierarchy can be achieved
through the following methods:
1. Access Control Lists (ACLs): ACLs are used to define permissions for accessing data within
ServiceNow. By configuring ACLs, you can grant specific users or groups access to data outside their
domain hierarchy. This is done by setting up rules that allow or deny access based on various
conditions, such as roles, user attributes, or specific field values1.
2. sys_visibility.domain system property: This system property can be configured to control the
visibility of records across different domains. By setting this property, you can define which domains’
data should be visible to users outside their own domain hierarchy. This allows for more granular
control over data access and visibility2.
These methods ensure that users can access the necessary data while maintaining the integrity and
security of the domain separation model.
1: ServiceNow ACL Documentation
2: ServiceNow Domain Separation Documentation
What does an admin click to view only global domain process while in the global domain?
A
Explanation:
When an admin wants to view only the global domain process while in the global domain, they need
to click on the Global Domain Scope. This option allows the admin to filter and view processes that
are specific to the global domain, ensuring that they are not seeing processes from other domains.
This is particularly useful in a domain-separated environment where maintaining clarity and
separation of processes is crucial.
Reference:
•
ServiceNow Domain Separation - Basics
•
ServiceNow Domain Separation - Advanced Concepts
When an administrator working in a domain modifies a policy that exists in a higher domain or in
global, the system automatically:
C
Explanation:
When an administrator working in a domain modifies a policy that exists in a higher domain or in the
global domain, ServiceNow automatically creates a new record for that administrator’s current
domain and overrides the original policy. This ensures that the changes are specific to the current
domain and do not affect the policies in the higher or global domains. This behavior is part of the
domain separation feature, which allows different domains to have their own customized policies
and configurations without impacting each other.
For more detailed information, you can refer to the following resources:
•
ServiceNow Support Article on Domain Separation
•
Developing Domain-Separated Applications
What is delegated administration?
C
Explanation:
Delegated administration in ServiceNow allows tasks and approvals to be temporarily handled by
another user. This functionality is particularly useful in scenarios where the primary user is
unavailable, ensuring that workflows and processes continue without interruption. It helps maintain
efficiency and continuity in service management by allowing designated users to take over specific
responsibilities temporarily.
Reference:
•
ServiceNow Product Documentation on Delegated Administration1
•
ServiceNow Knowledge Base on Delegated Approvals and Tasks2
To data separate a new table, add a field named:
B
Explanation:
To data separate a new table in ServiceNow, you should add a field named sys_domain with a
reference to the Domain table. This approach leverages ServiceNow’s domain separation
capabilities, which allow for the segregation of data across different domains. By referencing the
Domain table, you ensure that the new table can properly segregate data based on domain,
maintaining data integrity and security.
Reference:
•
ServiceNow Domain Separation Documentation
•
ServiceNow Knowledge Base Article
What is the mechanism for placing records in the Default domain?
B
Explanation:
In ServiceNow, the mechanism for placing records in the Default domain is primarily managed
through the Domain Path. The Domain Path is a hierarchical structure that determines the domain in
which a record resides. When a record is created, it is assigned a domain based on the domain path
of the user or process creating the record. If no specific domain is assigned, the record defaults to the
“Default” domain.
This mechanism ensures that records are correctly categorized and managed within the appropriate
domain, maintaining the integrity of domain separation and data access controls.
For more detailed information, you can refer to the following resources:
•
ServiceNow Domain Separation Documentation
•
ServiceNow Knowledge Base Article
What is the purpose of the Domain Separation Center?
D
Explanation:
The purpose of the Domain Separation Center in ServiceNow is to configure and review domain
configuration audits for errors and warnings. This tool is essential for administrators to ensure that
domain separation is correctly implemented and maintained. It helps in identifying and resolving any
issues related to domain configurations, thereby maintaining the integrity and proper functioning of
the domain-separated environment.
Reference:
•
ServiceNow Domain Separation - Basics
•
ServiceNow Domain Separation - Advanced Concepts
The Default domain should be specifically used for which purposes?
Choose 2 answers
AC
Explanation:
The Default domain in ServiceNow is specifically used for the following purposes:
1. Help identify integrations that are incorrectly creating global data: The Default domain can be used
to track and identify any integrations that are mistakenly creating data in the global domain instead
of the intended specific domain. This helps in maintaining data integrity and ensuring that data is
correctly segregated.
2. Capture records with no domain on tables that should not have global data: The Default domain is
also used to capture records that do not have a domain specified on tables where global data should
not be present. This ensures that such records are not incorrectly placed in the global domain,
maintaining the separation and security of data.
For more detailed information, you can refer to the following resources:
•
ServiceNow Support Article on Domain Separation
•
Developing Domain-Separated Applications
Which represents the direction in the domain hierarchy in which can you see data?
A
Explanation:
In ServiceNow, domain separation allows for hierarchical data visibility. Users in a parent domain can
see data in their child domains, which is referred to as downstream visibility. This ensures that
higher-level domains have access to the data of their subdomains, facilitating centralized
management and oversight. However, users in child domains cannot see data in their parent
domains (upstream) or sibling domains unless explicitly granted access.
Reference:
•
ServiceNow Domain Separation Documentation1
•
ServiceNow Knowledge Base on Domain Separation2
To extend a data separated base table and have the table extension also be data separated, you
must:
A
Explanation:
To extend a data-separated base table and ensure that the table extension is also data-separated,
you must add the sys_domain, sys_overrides, and Domain Path fields. This ensures that the new
table inherits the domain separation properties of the base table, maintaining data integrity and
security across different domains.
•
sys_domain: This field references the Domain table and is essential for domain separation.
•
sys_overrides: This field is used to manage overrides in the domain-separated environment.
•
Domain Path: This field helps in maintaining the hierarchical structure of domains.
Reference:
•
ServiceNow Domain Separation Documentation
•
ServiceNow Knowledge Base Article
Even though the Inbound Actions table has a domain field, records in this table should all be placed
in this single location within the domain hierarchy.
D
Explanation:
In ServiceNow, even though the Inbound Actions table has a domain field, records in this table
should all be placed in the Global domain. This is because inbound actions, such as inbound email
actions, are designed to be accessible across the entire platform, regardless of the specific domain.
By placing these records in the Global domain, ServiceNow ensures that the actions can be executed
and managed universally, without domain-specific restrictions.
For example, if an inbound email action creates an incident, the system creates the incident in the
same domain as the user in the Caller field. If that user is not in the User [sys_user] table, the
incident is placed in the Global domain1.
This approach maintains the integrity and accessibility of inbound actions across the platform.
1: ServiceNow Inbound Email Actions Documentation