Exam Details
Exam Code
:CIS-SIRExam Name
:Certified Implementation Specialist - Security Incident ResponseCertification
:CISVendor
:ServiceNowTotal Questions
:60 Q&AsLast Updated
:May 14, 2024
ServiceNow CIS CIS-SIR Questions & Answers
-
Question 31:
A flow consists of one or more actions and a what?
A. Change formatter
B. Catalog Designer
C. NIST Ready State
D. Trigger
-
Question 32:
What is the purpose of Calculator Groups as opposed to Calculators?
A. To provide metadata about the calculators
B. To allow the agent to select which calculator they want to execute
C. To set the condition for all calculators to run
D. To ensure one at maximum will run per group
-
Question 33:
Flow Triggers can be based on what? (Choose three.)
A. Record changes
B. Schedules
C. Subflows
D. Record inserts
E. Record views
-
Question 34:
What role(s) are required to add new items to the Security Incident Catalog?
A. requires the sn_si.admin role
B. requires the sn_si.catalog role
C. requires both sn_si.write and catalog_admin roles
D. requires the admin role
-
Question 35:
What are two of the audiences identified that will need reports and insight into Security Incident Response reports? (Choose two.)
A. Analysts
B. Vulnerability Managers
C. Chief Information Security Officer (CISO)
D. Problem Managers
-
Question 36:
If the customer's email server currently has an account setup to report suspicious emails, then what happens next?
A. an integration added to Exchange keeps the ServiceNow platform in sync
B. the ServiceNow platform ensures that parsing and analysis takes place on their mail server
C. the customer's systems are already handling suspicious emails
D. the customer should set up a rule to forward these mails onto the ServiceNow platform
-
Question 37:
If a desired pre-built integration cannot be found in the platform, what should be your next step to find a certified integration?
A. Build your own through the REST API Explorer
B. Ask for assistance in the community page
C. Download one from ServiceNow Share
D. Look for one in the ServiceNow Store
-
Question 38:
Security tag used when a piece of information requires support to be effectively acted upon, yet carries risks to privacy, reputation, or operations if shared outside of the organizations involved.
A. TLP:GREEN
B. TLP:AMBER
C. TLP:RED
D. TLP:WHITE
-
Question 39:
What is the name of the Inbound Action that validates whether an inbound email should be processed as a phishing email for URP v2?
A. User Reporting Phishing (for Forwarded emails)
B. Scan email for threats
C. User Reporting Phishing (for New emails)
D. Create Phishing Email
-
Question 40:
This type of integration workflow helps retrieve a list of active network connections from a host or endpoint, so it can be used to enrich incidents during investigation.
A. Security Incident Response ?Get Running Services
B. Security Incident Response ?Get Network Statistics
C. Security Operations Integration ?Sightings Search
D. Security Operations Integration ?Block Request
Related Exams:
CIS-SIR
Certified Implementation Specialist - Security Incident ResponseCIS-PPM
Certified Implementation Specialist - Project Portfolio ManagementCIS-SM
Certified Implementation Specialist - Service MappingCIS-CSM
Certified Implementation Specialist - Customer Service ManagementPEGACIS_V6.2
Certified Integration Specialist (CIS) 62V1
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only ServiceNow exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CIS-SIR exam preparations and ServiceNow certification application, do not hesitate to visit our Vcedump.com to find your solutions here.