1. Home
  2. ServiceNow
  3. CIS-SIR

Certified Implementation Specialist - Security Incident Response

Exam Details

  • Exam Code
    :CIS-SIR
  • Exam Name
    :Certified Implementation Specialist - Security Incident Response
  • Certification
    :CIS
  • Vendor
    :ServiceNow
  • Total Questions
    :60 Q&As
  • Last Updated
    :May 14, 2024

ServiceNow CIS CIS-SIR Questions & Answers

  • Question 51:

    For Customers who don't use 3rd-party systems, what ways can security incidents be created? (Choose three.)

    A. Security Service Catalog

    B. Security Incident Form

    C. Inbound Email Parsing Rules

    D. Leveraging an Integration

    E. Alert Management

  • Question 52:

    Incident severity is influenced by the business value of the affected asset. Which of the following are asset types that can be affected by an incident? (Choose two.)

    A. Business Service

    B. Configuration Item

    C. Calculator Group

    D. Severity Calculator

  • Question 53:

    Which improvement opportunity can be found baseline which can contribute towards process maturity and strengthen costumer's overall security posture?

    A. Post-Incident Review

    B. Fast Eradication

    C. Incident Containment

    D. Incident Analysis

  • Question 54:

    Which one of the following users is automatically added to the Request Assessments list?

    A. Any user that adds a worknote to the ticket

    B. The analyst assigned to the ticket

    C. Any user who has Response Tasks on the incident

    D. The Affected User on the incident

  • Question 55:

    What is the first step when creating a security Playbook?

    A. Set the Response Task's state

    B. Create a Flow

    C. Create a Runbook

    D. Create a Knowledge Article

  • Question 56:

    Which ServiceNow automation capability extends Flow Designer to integrate business processes with other systems?

    A. Workflow

    B. Orchestration

    C. Subflows

    D. Integration Hub

  • Question 57:

    Which one of the following reasons best describes why roles for Security Incident Response (SIR) begin with "sn_si"?

    A. Because SIR is a scoped application, roles and script includes will begin with the sn_si prefix

    B. Because the Security Incident Response application uses a Secure Identity token

    C. Because ServiceNow checks the instance for a Secure Identity when logging on to this scoped application

    D. Because ServiceNow tracks license use against the Security Incident Response Application

  • Question 58:

    When a record is created in the Security Incident Phishing Email table what is triggered to create a Security Incident?

    A. Ingestion Rule

    B. Transform flow

    C. Transform workflow

    D. Duplication Rule

  • Question 59:

    The Risk Score is calculated by combining all the weights using.

    A. an arithmetic mean

    B. addition

    C. the Risk Score script include

    D. a geometric mean

  • Question 60:

    What specific role is required in order to use the REST API Explorer?

    A. admin

    B. sn_si.admin

    C. rest_api_explorer

    D. security_admin

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only ServiceNow exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CIS-SIR exam preparations and ServiceNow certification application, do not hesitate to visit our Vcedump.com to find your solutions here.