CIS-SIR Exam Details

  • Exam Code
    :CIS-SIR
  • Exam Name
    :Certified Implementation Specialist - Security Incident Response
  • Certification
    :ServiceNow Certifications
  • Vendor
    :ServiceNow
  • Total Questions
    :60 Q&As
  • Last Updated
    :Jul 12, 2026

ServiceNow CIS-SIR Online Questions & Answers

  • Question 1:

    There are several methods in which security incidents can be raised, which broadly fit into one of these categories:. (Choose two.)

    A. Integrations
    B. Manually created
    C. Automatically created
    D. Email parsing

  • Question 2:

    Joe is on the SIR Team and needs to be able to configure Territories and Skills. What role does he need?

    A. Security Basic
    B. Manager
    C. Security Analyst
    D. Security Admin

  • Question 3:

    What makes a playbook appear for a Security Incident if using Flow Designer?

    A. Actions defined to create tasks
    B. Trigger set to conditions that match the security incident
    C. Runbook property set to true
    D. Service Criticality set to High

  • Question 4:

    Security tag used when a piece of information requires support to be effectively acted upon, yet carries risks to privacy, reputation, or operations if shared outside of the organizations involved.

    A. TLP:GREEN
    B. TLP:AMBER
    C. TLP:RED
    D. TLP:WHITE

  • Question 5:

    Flow Triggers can be based on what? (Choose three.)

    A. Record changes
    B. Schedules
    C. Subflows
    D. Record inserts
    E. Record views

  • Question 6:

    A flow consists of one or more actions and a what?

    A. Change formatter
    B. Catalog Designer
    C. NIST Ready State
    D. Trigger

  • Question 7:

    What factor, if any, limits the ability to close SIR records?

    A. Opened related INC records
    B. Best practice dictates that SIR records should be set to 'Resolved' never to 'Closed'
    C. Nothing, SIR records could be closed at any time
    D. All post-incident review QUESTION NO:ers have to be completed first

  • Question 8:

    What specific role is required in order to use the REST API Explorer?

    A. admin
    B. sn_si.admin
    C. rest_api_explorer
    D. security_admin

  • Question 9:

    What is the first step when creating a security Playbook?

    A. Set the Response Task's state
    B. Create a Flow
    C. Create a Runbook
    D. Create a Knowledge Article

  • Question 10:

    Which of the following fields is used to identify an Event that is to be used for Security purposes?

    A. IT
    B. Classification
    C. Security
    D. CI

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only ServiceNow exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CIS-SIR exam preparations and ServiceNow certification application, do not hesitate to visit our Vcedump.com to find your solutions here.