New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

ServiceNow CIS-VR Certified Implementation Specialist - Vulnerability Response Exam Practice Test

Demo: 18 questions
Total 60 questions

Certified Implementation Specialist - Vulnerability Response Questions and Answers

Question 1

To ensure that Vulnerabilities are processed correctly, you can define a Service Level Agreement (SLA) for Vulnerability Response. To achieve this you would:

Options:

A.

Create a custom workflow to monitor the time between States

B.

Log in as a system admin, and using the globally scoped baseline SLA Modules

C.

Have the role of Vulnerability admin, but only in the Vulnerability Scope

D.

Make sure you have at least the sn_vul.vulnerability_write role and using the baseline SLA Application Modules

Question 2

A common Integration point with Vulnerability is:

Options:

A.

Workflow Mappings

B.

Risk Indicators within GRC

C.

Service Catalog

D.

Knowledge Base

Question 3

What is the ID associated with the Vulnerability Response plugln?

Options:

A.

com.snc.threat.intelllgence

B.

com.snc.vulnerability

C.

com.snc.threat.feeds

D.

com.snc.securityjncident

Question 4

What is the ServiceNow application used for process automation?

Options:

A.

Knowledge Base

B.

Workflows

C.

SLAs

D.

Service Catalog

Question 5

Which of the following can NOT be used for building Vulnerability Groups?

Options:

A.

Vulnerability

B.

Filter Groups

C.

Condition Builder

D.

Advanced Scripts

Question 6

Best Practices dictate that when creating a Change task from a Vulnerable Item which of the following fields should be used for assigning the Assigned To field on the Change task?

Options:

A.

Assigned To on Vulnerable item

B.

Managed By on CMDB_CI

C.

Assigned To on CMDB_CI Record

D.

Best Practice does not dictate a specific field

Question 7

If fixing a Vulnerable Item outweighs the benefits, the correct course of action is:

Options:

A.

Mark the CI inactive in the CMDB and notify the CI owner

B.

Record the accepted risk and Close/Defer the Vulnerable Item

C.

Deprioritize the Vulnerable item Records (VlT) to push them further down the list so it can be ignored

D.

Add the Cl to the Vulnerability Scanners exclusions Related List

Question 8

What do Vulnerability Exceptions require?

Options:

A.

An Approval by default

B.

An Exception Workflow

C.

A GRC integration

D.

A Filter Group

Question 9

Which Vulnerability maturity level provides advanced owner assignment?

Options:

A.

Enterprise risk trending

B.

Automated prioritization

C.

Manual operations

D.

Improved remediation

Question 10

Items in the ServiceNow Store are built and supported by:

Options:

A.

An Implementation Partner

B.

The company that created the Application

C.

ServiceNow Professional Services

D.

ServiceNow Technical Support

Question 11

The components Installed with Vulnerability Response Include:

Options:

A.

Tables, Scheduled Jobs, Security Operations Common

B.

Business Rules, Roles, Workflows

C.

Properties, Client Scripts, Wizards

D.

Ul Pages. Business Rules, Vulnerability Scanners

Question 12

Which of the following best describes the Vulnerable item State Approval Workflow?

Options:

A.

It is read-only, you can only change the Assignment Group members for the approval

B.

It exists in the Security Operations Common scope so it can be modified by any Security Operations Admin

C.

It can only be modified by System Adminstrators

D.

It runs against the [sn_vul_change_approval] table

Question 13

Which of the following is a common Integration point between Vulnerability and GRC?

Options:

A.

Security Incident Response

B.

Change

C.

Problem

D.

Risk Indicators

Question 14

A list of software weaknesses is known as:

Options:

A.

National Vulnerability Database (NVD)

B.

Common Vulnerability and Exposure (CVE)

C.

National Institute of Science and Technology (NIST)

D.

Common Weaknesses Enumeration (CWE)

Question 15

In ServiceNow, which plugin needs to be added to enable Vulnerability integration with Qualys, Tenable, or Rapid7?

Options:

A.

Vulnerability Response

B.

Trusted Security Circles

C.

Threat Intelligence

D.

Security Incident Response

Question 16

Managers should have access to which role-based data access and visualizations? Choose 3 answers

Options:

A.

Aggregations for priority and workload

B.

Time period views

C.

Up-to-the-minute views

D.

Drill-down to granularity

Question 17

Which of the following provides a list of software weaknesses?

Options:

A.

Third Party Entries

B.

NVD

C.

CWE

D.

Vulnerable Items

Question 18

After closing the Vulnerable Item (VI), it is recommended to:

Options:

A.

Update the values in the Vulnerability Score Indicator (VSl) based on the criticality of the Vulnerability.

B.

The VI remains active and in place until the Scanner rescans and closes the VI.

C.

Mark the CI as exempt from the Vulnerability if the vulnerability was remediated.

D.

Compare the Vulnerability with subsequent scans.

Demo: 18 questions
Total 60 questions