1. Home
  2. ServiceNow
  3. CIS-SIR

Certified Implementation Specialist - Security Incident Response

Exam Details

  • Exam Code
    :CIS-SIR
  • Exam Name
    :Certified Implementation Specialist - Security Incident Response
  • Certification
    :CIS
  • Vendor
    :ServiceNow
  • Total Questions
    :60 Q&As
  • Last Updated
    :

ServiceNow CIS CIS-SIR Questions & Answers

  • Question 1:

    How do you select which process definition to use?

    A. By selecting the desired process within the Process Definition module

    B. By selecting the desired process within the Process Selection module

    C. By setting the process definition record to Active

    D. By setting the Script Include record to Active

  • Question 2:

    David is on the Network team and has been assigned a security incident response task. What role does he need to be able to view and work the task?

    A. Security Analyst

    B. Security Basic

    C. External

    D. Read

  • Question 3:

    Which of the following State Flows are provided for Security Incidents? (Choose three.)

    A. NIST Open

    B. SANS Open

    C. NIST Stateful

    D. SANS Stateful

  • Question 4:

    What parts of the Security Incident Response lifecycle is responsible for limiting the impact of a security incident?

    A. Post Incident Activity

    B. Detection and Analysis

    C. Preparation and Identification

    D. Containment, Eradication, and Recovery

  • Question 5:

    Which of the following process definitions allow only single-step progress through the process defined without allowing step skipping?

    A. SANS Stateful

    B. NIST Stateful

    C. SANS Open

    D. NIST Open

  • Question 6:

    What is the key to a successful implementation?

    A. Sell customer the most expensive package

    B. Implementing everything that we offer

    C. Understanding the customer's goals and objectives

    D. Building custom integrations

  • Question 7:

    The following term is used to describe any observable occurrence:.

    A. Incident

    B. Log

    C. Ticket

    D. Alert

    E. Event

  • Question 8:

    What is the fastest way for security incident administrators to remove unwanted widgets from the Security Incident Catalog?

    A. Clicking the X on the top right corner

    B. Talking to the system administrator

    C. Can't be removed

    D. Through the Catalog Definition record

  • Question 9:

    Why is it important that the Platform (System) Administrator and the Security Incident administrator role be separated? (Choose three.)

    A. Access to security incident data may need to be restricted

    B. Allow SIR Teams to control assignment of security roles

    C. Clear separation of duty

    D. Reduce the number of incidents assigned to the Platform Admin

    E. Preserve the security image in the company

  • Question 10:

    What plugin must be activated to see the New Security Analyst UI?

    A. Security Analyst UI Plugin

    B. Security Incident Response UI plugin

    C. Security Operations UI plugin

    D. Security Agent UI Plugin

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only ServiceNow exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CIS-SIR exam preparations and ServiceNow certification application, do not hesitate to visit our Vcedump.com to find your solutions here.