ServiceNow CIS-SIR - Certified Implementation Specialist - Security Incident Response Exam
Page: 2 / 25
Total 125 questions
Question #6 (Topic: Exam A)
What are two of the audiences identified that will need reports and insight into Security Incident Response reports? (Choose two.)
A. Analysts
B. Vulnerability Managers
C. Chief Information Security Officer (CISO)
D. Problem Managers
Answer: AC
Question #7 (Topic: Exam A)
What three steps enable you to include a new playbook in the Selected Playbook choice list? (Choose three.)
A. Add the TLP: GREEN tag to the playbooks that you want to include in the Selected Playbook choice list
B. Navigate to the sys_hub_flow.list table
C. Search for the new playbook you have created using Flow Designer
D. Add the sir_playbook tag to the playbooks that you want to include in the Selected Playbook choice list
E. Navigate to the sys_playbook_flow.list table
Answer: BCD
Question #8 (Topic: Exam A)
Which improvement opportunity can be found baseline which can contribute towards process maturity and strengthen costumer’s overall security posture?
A. Post-Incident Review
B. Fast Eradication
C. Incident Containment
D. Incident Analysis
Answer: A
Question #9 (Topic: Exam A)
What is the fastest way for security incident administrators to remove unwanted widgets from the Security Incident Catalog?
A. Clicking the X on the top right corner
B. Talking to the system administrator
C. Can't be removed
D. Through the Catalog Definition record
Answer: D
Question #10 (Topic: Exam A)
Select the one capability that retrieves a list of running processes on a CI from a host or endpoint.
A. Get Network Statistics
B. Isolate Host
C. Get Running Processes
D. Publish Watchlist
E. Block Action
F. Sightings Search
Answer: C
