The severity field of the security incident is influenced by what?
A. The cost of the response to the security breach
B. The impact, urgency and priority of the incident
C. The time taken to resolve the security incident
D. The business value of the affected asset
Which of the following process definitions are not provided baseline?
A. NIST Open
B. SAN Stateful
C. NIST Stateful
D. SANS Open
Using the KB articles for Playbooks tasks also gives you which of these advantages?
A. Automated activities to run scans and enrich Security Incidents with real time data
B. Automated activities to resolve security Incidents through patching
C. Improved visibility to threats and vulnerabilities
D. Enhanced ability to create and present concise, descriptive tasks
When the Security Phishing Email record is created what types of observables are stored in the record? (Choose three.)
A. URLs, domains, or IP addresses appearing in the body
B. Who reported the phishing attempt
C. State of the phishing email
D. IP addresses from the header
E. Hashes and/or file names found in the EML attachment
F. Type of Ingestion Rule used to identify this email as a phishing attempt
The benefits of improved Security Incident Response are expressed.
A. as desirable outcomes with clear, measurable Key Performance Indicators
B. differently depending upon 3 stages: Process Improvement, Process Design, and Post Go-Live
C. as a series of states with consistent, clear metrics
D. as a value on a scale of 1-10 based on specific outcomes
A pre-planned response process contains which sequence of events?
A. Organize, Analyze, Prioritize, Contain
B. Organize, Detect, Prioritize, Contain
C. Organize, Prepare, Prioritize, Contain
D. Organize, Verify, Prioritize, Contain
Chief factors when configuring auto-assignment of Security Incidents are.
A. Agent group membership, Agent location and time zone
B. Security incident priority, CI Location and agent time zone
C. Agent skills, System Schedules and agent location
D. Agent location, Agent skills and agent time zone
Which of the following tag classifications are provided baseline? (Choose three.)
A. Traffic Light Protocol
B. Block from Sharing
C. IoC Type
D. Severity
E. Cyber Kill Chain Step
F. Escalation Level
G. Enrichment whitelist/blacklist
There are several methods in which security incidents can be raised, which broadly fit into one of these categories:. (Choose two.)
A. Integrations
B. Manually created
C. Automatically created
D. Email parsing
To configure Security Incident Escalations, you need the following role(s):.
A. sn_si.admin
B. sn_si.admin or sn_si.manager
C. sn_si.admin or sn_si.ciso
D. sn_si.manager or sn_si.analyst
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only ServiceNow exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CIS-SIR exam preparations and ServiceNow certification application, do not hesitate to visit our Vcedump.com to find your solutions here.