ServiceNow cis-vr practice test
Vulnerability Response
Last exam update: Nov 25 ,2025
Page 1 out of 4. Viewing questions 1-15 out of 60
Question 1
Select the three components of a Fitter Condition: Choose 3 answers
-
A.
Field
-
B.
Sum
-
C.
Operator
-
D.
Value
Question 2
SLAs are used to ensure VUL are processed in a timely matter. Which field is used to determine the
expected timeframe for remediating a VlT?
-
A.
Updated
-
B.
Remediation status
-
C.
Remediation target
-
D.
Closed
Question 3
What is the minimum role required to create and change Service Level Agreements for Vulnerability
Response groups?
-
A.
sla_manager
-
B.
admin
-
C.
sn_vul.vulnerability_write
-
D.
sn_vul.admin
Question 4
Changes made within a named Update Set in a different application scope:
-
A.
Will be captured
-
B.
Will throw errors
-
C.
Will not be captured
-
D.
Will be partially captured
Question 5
ServiceNow Vulnerability Response tables typically start with which prefix?
-
A.
snvr_
-
B.
snvuln_
-
C.
vul_
-
D.
sn_vul_
Question 6
in regard to the Security Operations Process, which of the following statements defines the "identify"
phase?
-
A.
What processes and assets need protection?
-
B.
What techniques can identify incidents?
-
C.
What safeguards are available?
-
D.
What techniques can restore capabilities?
-
E.
What techniques can contain impacts of incidents?
Question 7
Which module is used to adjust the frequency in which CVEs are updated?
-
A.
NVD Auto-update
-
B.
Update
-
C.
CVE Auto-update
-
D.
On-demand update
Question 8
A list of software weaknesses is known as:
-
A.
National Vulnerability Database (NVD)
-
B.
Common Vulnerability and Exposure (CVE)
-
C.
National Institute of Science and Technology (NIST)
-
D.
Common Weaknesses Enumeration (CWE)
Question 9
Vulnerability Response can be best categorized as a_______, focused on identifying and remediating
vulnerabilities as early as possible.
-
A.
A proactive process
-
B.
An iterative process
-
C.
A tentative process
-
D.
A reactive process
Question 10
If a customer expects to ingest 2 million vulnerabilities during it's initial load, which instance size
should you recommend?
-
A.
L
-
B.
XL
-
C.
XXL
-
D.
Ultra
Question 11
What Business Rule creates a Configuration Item from a Vulnerable Item record?
-
A.
Create CI from Vulnerable Group Details
-
B.
Create CI from Closed Item Details
-
C.
Determine CI from Network Details
-
D.
Create CI from Vulnerable item Details
Question 12
The components Installed with Vulnerability Response Include:
-
A.
Tables, Scheduled Jobs, Security Operations Common
-
B.
Business Rules, Roles, Workflows
-
C.
Properties, Client Scripts, Wizards
-
D.
Ul Pages. Business Rules, Vulnerability Scanners
Question 13
What is the purpose of Scoped Applications?
-
A.
Suppliers can only charge for applications when they are scoped
-
B.
Scoped applications are scalable. Global applications are not
-
C.
Scoping encapsulates and protects data and functionality
-
D.
An application needs to be scoped in order to be deployed as a plugin
Question 14
What is the ID associated with the Vulnerability Response plugln?
-
A.
com.snc.threat.intelllgence
-
B.
com.snc.vulnerability
-
C.
com.snc.threat.feeds
-
D.
com.snc.securityjncident
Question 15
Where can you find Information related to the Common Vulnerabilities and Exposures (CVE)?
-
A.
Tenable
-
B.
MITRE
-
C.
NIST
-
D.
Qualys