CIS-SIR Exam Details

  • Exam Code
    :CIS-SIR
  • Exam Name
    :Certified Implementation Specialist - Security Incident Response
  • Certification
    :ServiceNow Certifications
  • Vendor
    :ServiceNow
  • Total Questions
    :60 Q&As
  • Last Updated
    :Jul 12, 2026

ServiceNow CIS-SIR Online Questions & Answers

  • Question 21:

    Which Table would be commonly used for Security Incident Response?

    A. sysapproval_approver
    B. sec_ops_incident
    C. cmdb_rel_ci
    D. sn_si_incident

  • Question 22:

    Which of the following is an action provided by the Security Incident Response application?

    A. Create Outage state V1
    B. Create Record on Security Incident state V1
    C. Create Response Task set Incident state V1
    D. Look Up Record on Security Incident state V1

  • Question 23:

    The following term is used to describe any observable occurrence:.

    A. Incident
    B. Log
    C. Ticket
    D. Alert
    E. Event

  • Question 24:

    The severity field of the security incident is influenced by what?

    A. The cost of the response to the security breach
    B. The impact, urgency and priority of the incident
    C. The time taken to resolve the security incident
    D. The business value of the affected asset

  • Question 25:

    How do you select which process definition to use?

    A. By selecting the desired process within the Process Definition module
    B. By selecting the desired process within the Process Selection module
    C. By setting the process definition record to Active
    D. By setting the Script Include record to Active

  • Question 26:

    Using the KB articles for Playbooks tasks also gives you which of these advantages?

    A. Automated activities to run scans and enrich Security Incidents with real time data
    B. Automated activities to resolve security Incidents through patching
    C. Improved visibility to threats and vulnerabilities
    D. Enhanced ability to create and present concise, descriptive tasks

  • Question 27:

    Which one of the following users is automatically added to the Request Assessments list?

    A. Any user that adds a worknote to the ticket
    B. The analyst assigned to the ticket
    C. Any user who has Response Tasks on the incident
    D. The Affected User on the incident

  • Question 28:

    What is calculated as an arithmetic mean taking into consideration different values in the CI, Security Incident, and User records?

    A. Priority
    B. Business Impact
    C. Severity
    D. Risk Score

  • Question 29:

    Select the one capability that retrieves a list of running processes on a CI from a host or endpoint.

    A. Get Network Statistics
    B. Isolate Host
    C. Get Running Processes
    D. Publish Watchlist
    E. Block Action
    F. Sightings Search

  • Question 30:

    When a record is created in the Security Incident Phishing Email table what is triggered to create a Security Incident?

    A. Ingestion Rule
    B. Transform flow
    C. Transform workflow
    D. Duplication Rule

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only ServiceNow exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CIS-SIR exam preparations and ServiceNow certification application, do not hesitate to visit our Vcedump.com to find your solutions here.