Certs Vault
See all results for ""
Home Exams
CRISC ISACA CISSP ISC2 200-301 Cisco SY0-701 CompTIA AZ-104 Microsoft AI-900 Microsoft AIGP IAPP 1Z0-1067-26 Oracle View All Exams →
Sign in Create account

ServiceNow Certified Implementation Specialist - Security Incident Response CIS-SIR Exam Questions

Preparing for the CIS-SIR exam is simple with Certs Vault. We offer easy-to-understand study materials that help you learn the most important exam topics. You can study using our PDF questions, practice online with a real exam-style test, or use the desktop practice software. Choose the study method that works best for you and prepare at your own pace.

At Certs Vault, we keep our CIS-SIR practice questions up to date. Whenever the exam syllabus or objectives change, we update our study materials so you always learn the latest topics. This helps you save time, avoid outdated content, and feel more confident when you take your exam.

Download Exam View Entire Exam
Page: 1 / 1
Question #1 (Topic: demo questions)

The Risk Score is calculated by combining all the weights using

A.
an arithmetic mean
B.
addition
C.
the Risk Score script include
D.
a geometric mean
Correct Answer: A
Explanation:

In ServiceNow Risk Management, the overall Risk Score is calculated by combining all contributing weights using an arithmetic mean, meaning the individual risk factors are averaged based on their weights to produce a single consolidated risk score. This approach ensures that each factor contributes proportionally to the final score rather than being multiplied or geometrically combined.
Question #2 (Topic: demo questions)

The severity field of the security incident is influenced by what?


A.
The cost of the response to the security breach
B.
The impact, urgency and priority of the incident
C.
The time taken to resolve the security incident
D.
The business value of the affected asset
Correct Answer: B
Explanation:

In ServiceNow Security Incident Management, the severity field is determined by how critical the incident is, which is based on a combination of impact (how much the business is affected) and urgency (how quickly it needs to be resolved). These two factors together define the priority and overall severity level, ensuring that incidents affecting critical services or requiring immediate attention are classified with higher severity.
Question #3 (Topic: demo questions)

The following term is used to describe any observable occurrence:

A.
Incident
B.
Log
C.
Ticket
D.
Alert
E.
Event
Correct Answer: E
Explanation:

In IT Service Management terminology, an event is defined as any observable occurrence or change of state that has significance for the management of IT infrastructure or services. Events are typically generated by systems, applications, or monitoring tools and can later be processed into alerts or incidents depending on their impact.
Question #4 (Topic: demo questions)

What is the purpose of Calculator Groups as opposed to Calculators?

A.
To provide metadata about the calculators
B.
To allow the agent to select which calculator they want to execute
C.
To set the condition for all calculators to run
D.
To ensure one at maximum will run per group
Correct Answer: D
Explanation:

In ServiceNow, Calculator Groups are used to organize multiple calculators that evaluate similar conditions, but they enforce a rule that only one calculator within the group can execute at a time. This prevents conflicting calculations and ensures that the most appropriate calculator is applied based on defined conditions, maintaining consistency in how results are determined.
Question #5 (Topic: demo questions)

What makes a playbook appear for a Security Incident if using Flow Designer?

A.

Actions defined to create tasks

B.

Trigger set to conditions that match the security incident

C.

Runbook property set to true

D.

Service Criticality set to High

Correct Answer: B
Explanation:

In Flow Designer Playbooks, a playbook becomes available for a Security Incident when its trigger conditions are configured to match that record type and its attributes. These conditions determine when the playbook is shown and executed, ensuring it only appears for relevant security incidents based on the defined criteria.
Download Exam
Page: 1 / 1
Next Page