1. Home
  2. ServiceNow
  3. CIS-SIR

Certified Implementation Specialist - Security Incident Response

Exam Details

  • Exam Code
    :CIS-SIR
  • Exam Name
    :Certified Implementation Specialist - Security Incident Response
  • Certification
    :CIS
  • Vendor
    :ServiceNow
  • Total Questions
    :60 Q&As
  • Last Updated
    :May 14, 2024

ServiceNow CIS CIS-SIR Questions & Answers

  • Question 21:

    What is calculated as an arithmetic mean taking into consideration different values in the CI, Security Incident, and User records?

    A. Priority

    B. Business Impact

    C. Severity

    D. Risk Score

  • Question 22:

    What three steps enable you to include a new playbook in the Selected Playbook choice list? (Choose three.)

    A. Add the TLP: GREEN tag to the playbooks that you want to include in the Selected Playbook choice list

    B. Navigate to the sys_hub_flow.list table

    C. Search for the new playbook you have created using Flow Designer

    D. Add the sir_playbook tag to the playbooks that you want to include in the Selected Playbook choice list

    E. Navigate to the sys_playbook_flow.list table

  • Question 23:

    A flow consists of. (Choose two.)

    A. Scripts

    B. Actions

    C. Processes

    D. Actors

    E. Triggers

  • Question 24:

    In order to see the Actions in Flow Designer for Security Incident, what plugin must be activated?

    A. Performance Analytics for Security Incident Response

    B. Security Spoke

    C. Security Operations Spoke

    D. Security Incident Spoke

  • Question 25:

    Why should discussions focus with the end in mind?

    A. To understand desired outcomes

    B. To understand current posture

    C. To understand customer's process

    D. To understand required tools

  • Question 26:

    B. An audit trail

    C. Attachments associated with the security incident

    D. Key incident fields

    E. Performance Analytics reports

  • Question 27:

    Select the one capability that retrieves a list of running processes on a CI from a host or endpoint.

    A. Get Network Statistics

    B. Isolate Host

    C. Get Running Processes

    D. Publish Watchlist

    E. Block Action

    F. Sightings Search

  • Question 28:

    Select the one capability that restricts connections from one CI to other devices.

    A. Isolate Host

    B. Sightings Search

    C. Block Action

    D. Get Running Processes

    E. Get Network Statistics

    F. Publish Watchlist

  • Question 29:

    Knowledge articles that describe steps an analyst needs to follow to complete Security incident tasks might be associated to those tasks through which of the following?

    A. Work Instruction Playbook

    B. Flow

    C. Workflow

    D. Runbook

    E. Flow Designer

  • Question 30:

    What makes a playbook appear for a Security Incident if using Flow Designer?

    A. Actions defined to create tasks

    B. Trigger set to conditions that match the security incident

    C. Runbook property set to true

    D. Service Criticality set to High

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only ServiceNow exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CIS-SIR exam preparations and ServiceNow certification application, do not hesitate to visit our Vcedump.com to find your solutions here.