ServiceNow cis-vr practice test

Certified Implementation Specialist - Vulnerability Response Exam

Last exam update: Jul 16 ,2024
Page 1 out of 4. Viewing questions 1-15 out of 60

Question 1

What is the best way to develop a complete list of Vulnerability Reports?

  • A. Recommend that the client purchase the full Performance Analytics package.
  • B. Ask the CISO.
  • C. Work with the customer to identify the things that will be most useful to them.
  • D. Use the standard out of the box reports only.
Mark Question:
Answer:

B

User Votes:
A 1 votes
50%
B 1 votes
50%
C 6 votes
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 2

The three levels of users you will likely encounter that will need access to data displayed in the
Vulnerability Response dashboard are: Choose 3 answers

  • A. Security Analysts
  • B. Customers
  • C. CIO/CISO
  • D. Fulfillers
Mark Question:
Answer:

A

User Votes:
A 6 votes
50%
B 5 votes
50%
C 5 votes
50%
D 4 votes
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

What type of data would the CIO/CISO want on the dashboard?

  • A. Aggregations for priority and workload
  • B. Drill-down to granularity
  • C. Single, clear indicators of organizational health
  • D. Up to the minute views
Mark Question:
Answer:

A

User Votes:
A 1 votes
50%
B 1 votes
50%
C 4 votes
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

To get useful reporting regarding the most vulnerable CI's, which statement applies?

  • A. You must purchase a separate PA module.
  • B. Your CI population must be huge.
  • C. You must have good KPi's defined.
  • D. Your CMDB must be up to date and useful.
Mark Question:
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D 5 votes
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5

Managers should have access to which role-based data access and visualizations? Choose 3 answers

  • A. Aggregations for priority and workload
  • B. Time period views
  • C. Up-to-the-minute views
  • D. Drill-down to granularity
Mark Question:
Answer:

D

User Votes:
A 3 votes
50%
B 4 votes
50%
C 2 votes
50%
D 3 votes
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6

What role Is required to view the Vulnerability Overview Dashboard?

  • A. sn_vuI.vulnerability.read
  • B. sn_vuI.manager
  • C. sn_vul.ciso
  • D. sn_vul.vulnerability.wnte
Mark Question:
Answer:

A

User Votes:
A 3 votes
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 7

To ensure that Vulnerabilities are processed correctly, you can define a Service Level Agreement
(SLA) for Vulnerability Response. To achieve this you would:

  • A. Create a custom workflow to monitor the time between States
  • B. Log in as a system admin, and using the globally scoped baseline SLA Modules
  • C. Have the role of Vulnerability admin, but only in the Vulnerability Scope
  • D. Make sure you have at least the sn_vul.vulnerability_write role and using the baseline SLA Application Modules
Mark Question:
Answer:

B

User Votes:
A
50%
B 2 votes
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

Which of the following best describes the Vulnerable item State Approval Workflow?

  • A. It is read-only, you can only change the Assignment Group members for the approval
  • B. It exists in the Security Operations Common scope so it can be modified by any Security Operations Admin
  • C. It can only be modified by System Adminstrators
  • D. It runs against the [sn_vul_change_approval] table
Mark Question:
Answer:

C

User Votes:
A
50%
B
50%
C 1 votes
50%
D 2 votes
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 9

What is the ServiceNow application used for process automation?

  • A. Knowledge Base
  • B. Workflows
  • C. SLAs
  • D. Service Catalog
Mark Question:
Answer:

B

User Votes:
A
50%
B 2 votes
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

Which of the following is a common Integration point between Vulnerability and GRC?

  • A. Security Incident Response
  • B. Change
  • C. Problem
  • D. Risk Indicators
Mark Question:
Answer:

D

User Votes:
A 2 votes
50%
B
50%
C
50%
D 2 votes
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 11

A common Integration point with Vulnerability is:

  • A. Workflow Mappings
  • B. Risk Indicators within GRC
  • C. Service Catalog
  • D. Knowledge Base
Mark Question:
Answer:

A

User Votes:
A
50%
B 4 votes
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 12

If fixing a Vulnerable Item outweighs the benefits, the correct course of action is:

  • A. Mark the CI inactive in the CMDB and notify the CI owner
  • B. Record the accepted risk and Close/Defer the Vulnerable Item
  • C. Deprioritize the Vulnerable item Records (VlT) to push them further down the list so it can be ignored
  • D. Add the Cl to the Vulnerability Scanners exclusions Related List
Mark Question:
Answer:

A

User Votes:
A
50%
B 3 votes
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 13

Filter groups can be used In Vulnerability Response to group what type of vulnerability records?

  • A. Vulnerability groups
  • B. Third Party Entries
  • C. Vulnerable Items
  • D. Vulnerable Software
Mark Question:
Answer:

C

User Votes:
A
50%
B
50%
C 3 votes
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 14

Which of the following can NOT be used for building Vulnerability Groups?

  • A. Vulnerability
  • B. Filter Groups
  • C. Condition Builder
  • D. Advanced Scripts
Mark Question:
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D 2 votes
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 15

Where in the platform can you create Filter Groups?

  • A. Vulnerability > Administration > Filter Groups
  • B. Vulnerability > Groups > Filter Groups
  • C. Security Operations > Administration > Filter Groups
  • D. Security Operations > Groups > Filter Groups
Mark Question:
Answer:

D

User Votes:
A
50%
B
50%
C 1 votes
50%
D 1 votes
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2