CIS-SIR Exam Details

  • Exam Code
    :CIS-SIR
  • Exam Name
    :Certified Implementation Specialist - Security Incident Response
  • Certification
    :ServiceNow Certifications
  • Vendor
    :ServiceNow
  • Total Questions
    :60 Q&As
  • Last Updated
    :Jul 12, 2026

ServiceNow CIS-SIR Online Questions & Answers

  • Question 31:

    What is the key to a successful implementation?

    A. Sell customer the most expensive package
    B. Implementing everything that we offer
    C. Understanding the customer's goals and objectives
    D. Building custom integrations

  • Question 32:

    Which ServiceNow automation capability extends Flow Designer to integrate business processes with other systems?

    A. Workflow
    B. Orchestration
    C. Subflows
    D. Integration Hub

  • Question 33:

    What parts of the Security Incident Response lifecycle is responsible for limiting the impact of a security incident?

    A. Post Incident Activity
    B. Detection and Analysis
    C. Preparation and Identification
    D. Containment, Eradication, and Recovery

  • Question 34:

    The Risk Score is calculated by combining all the weights using.

    A. an arithmetic mean
    B. addition
    C. the Risk Score script include
    D. a geometric mean

  • Question 35:

    Why is it important that the Platform (System) Administrator and the Security Incident administrator role be separated? (Choose three.)

    A. Access to security incident data may need to be restricted
    B. Allow SIR Teams to control assignment of security roles
    C. Clear separation of duty
    D. Reduce the number of incidents assigned to the Platform Admin
    E. Preserve the security image in the company

  • Question 36:

    Which of the following tag classifications are provided baseline? (Choose three.)

    A. Traffic Light Protocol
    B. Block from Sharing
    C. IoC Type
    D. Severity
    E. Cyber Kill Chain Step
    F. Escalation Level
    G. Enrichment whitelist/blacklist

  • Question 37:

    A pre-planned response process contains which sequence of events?

    A. Organize, Analyze, Prioritize, Contain
    B. Organize, Detect, Prioritize, Contain
    C. Organize, Prepare, Prioritize, Contain
    D. Organize, Verify, Prioritize, Contain

  • Question 38:

    Which of the following are potential benefits for utilizing Security Incident assignment automation? (Choose two.)

    A. Decreased Time to Containment
    B. Increased Mean Time to Remediation
    C. Decreased Time to Ingestion
    D. Increased resolution process consistency

  • Question 39:

    Incident severity is influenced by the business value of the affected asset. Which of the following are asset types that can be affected by an incident? (Choose two.)

    A. Business Service
    B. Configuration Item
    C. Calculator Group
    D. Severity Calculator

  • Question 40:

    What is the name of the Inbound Action that validates whether an inbound email should be processed as a phishing email for URP v2?

    A. User Reporting Phishing (for Forwarded emails)
    B. Scan email for threats
    C. User Reporting Phishing (for New emails)
    D. Create Phishing Email

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only ServiceNow exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CIS-SIR exam preparations and ServiceNow certification application, do not hesitate to visit our Vcedump.com to find your solutions here.