CIS-VR Practice Exam — 123 Free ServiceNow Questions

Join Us Among the Stars

Sign Up & unlock 100% of Exam Questions

Log in / Sign up

No Strings Attached!

123Practice Questions

3Study Modes

Free

TopicSort

Question 1

Product Line Specific

When an approval is rejected for a Vulnerable Item exception, what happens to the State field for that record?

A It reverts to ‘Analysis’
B It is set to ‘New’
C It is set to ‘In Review’
D It will be set back to its previous value

Question 2

Prerequisites

Question 3

Additional Recommended

Question 4

Prerequisites

Question 5

Prerequisites

Question 6

Additional Recommended

Question 7

Prerequisites

Question 8

Prerequisites

Question 9

Additional Recommended

Question 10

Product Line Specific

Question 11

Product Line Specific

Question 12

Additional Recommended

Question 13

Product Line Specific

Question 14

Prerequisites

Question 15

Prerequisites

Question 16

Product Line Specific

Question 17

Prerequisites

Question 19

Prerequisites

Question 20

Prerequisites

Question 22

Additional Recommended

Question 23

Prerequisites

Question 24

Prerequisites

Question 25

Prerequisites

Question 26

Prerequisites

Question 27

Prerequisites

Page 1 of 5 • Questions 1-25 of 123

1 2 3 4 5

→

Know a question that should be here? Contribute to this exam

Which of the following best describes a Vulnerability Group?

A Groups VIs using a Filter against Vulnerable Item Fields
B A Filter defining a sub-set of CIs to be treated as a group
C The User Group assigned to resolving the Vulnerable Item
D Must have a corresponding filter group

To ensure that Vulnerabilities are processed correctly, you can define a Service Level Agreement (SLA) for Vulnerability Response. To achieve this, you would:

A Create a custom workflow to monitor the time between States
B Log in as a system admin, and using the globally scoped baseline SLA Modules
C Have the role of Vulnerability admin, but only in the Vulnerability Scope
D Make sure you have at least the sn_vul.vulnerability_write role and using the baseline SLA Application Modules

What role is required to view the Vulnerability Overview Dashboard?

A sn_vul.vulnerability.read
B sn_vul.manager
C sn_vul.ciso
D sn_vul.vulnerability.write

Managers should have access to which role-based data access and visualizations? (Choose three.)

A Aggregations for priority and workload
B Time period views
C Up-to-the-minute views
D Drill-down to granularity

Question 6

Additional Recommended

Question 7

Prerequisites

Question 8

Prerequisites

Question 9

Additional Recommended

Question 10

Product Line Specific

Question 11

Product Line Specific

Question 12

Additional Recommended

Question 13

Product Line Specific

Question 14

Prerequisites

Question 15

Prerequisites

Question 16

Product Line Specific

Question 17

Prerequisites

Question 19

Prerequisites

Question 20

Prerequisites

Question 22

Additional Recommended

Question 23

Prerequisites

Question 24

Prerequisites

Question 25

Prerequisites

Question 26

Prerequisites

Question 27

Prerequisites

After closing the Vulnerable Item (VI), it is recommended to:

A Update the values in the Vulnerability Score Indicator (VSI) based on the critically of the Vulnerability
B The VI remains active and in place until the Scanner rescans and closes the VI
C Mark the CI as exempt from the Vulnerability if the vulnerability was remediated
D Compare the Vulnerability with subsequent scans

What must Vulnerability Exceptions be supplied by default?

A A reason for the exception
B Integrations with GRC to handle the exception
C Requirement Actions for the exception
D A manual approval authority for the exception

What system property allows for the auto creation of Vulnerability Groups based on the Vulnerable Item’s Vulnerability?

A sn_vul.autocreate_vul_filter_group
B sn_vul.autocreate_vul_approval_group
C sn_vul.autocreate_vul_group_item
D sn_vul.autocreate_vul_centric_group

Which of the following is a common integration point between Vulnerability and GRC?

A Security Incident Response
B Change
C Problem
D Risk Indicators

Which module within the Vulnerability Response application could be used to get information from the National Vulnerability Database (NVD) at any moment?

A On-Demand Update
B NVD Auto-Update
C Vulnerable Software
D NVD Patch

Where in the platform can you create Filter Groups?

A Vulnerability > Administration > Filter Groups
B Vulnerability > Groups > Filter Groups
C Security Operations > Administration > Filter Groups
D Security Operations > Groups > Filter Groups

This functionality provides a simple way to build criteria once, which can be reused in other platform areas.

A Conditions
B Favorites
C Filter Group
D Filters

In regard to the Security Operations Process, which of the following statements defines the “Identify” phase?

A What processes and assets need protection?
B What techniques can identify incidents?
C What safeguards are available?
D What techniques can restore capabilities?
E What techniques can contain impacts of incidents?

If a customer expects to ingest 2 million vulnerabilities during its initial load, which instance size should you recommend?

A L
B XL
C XXL
D Ultra

What Business Rule creates a Configuration Item from a Vulnerable Item record?

A Create CI from Vulnerable Group Details
B Create CI from Closed Item Details
C Determine CI from Network Details
D Create CI from Vulnerable Item Details

What is the ID associated with the Vulnerability Response plugin?

A com.snc.threat.intelligence
B com.snc.vulnerability
C com.snc.threat.feeds
D com.snc.security_incident

Select the three components of a Filter Condition: (Choose three.)

A Field
B Sum
C Operator
D Value

To facilitate the remediation of a Vulnerable Item what type of item is most commonly used?

A Create a Problem
B Create a Security Incident
C Create a KB article
D Create a Change

What do Vulnerability Exceptions require?

A An Approval by default
B An Exception Workflow
C A GRC integration
D A Filter Group

Where can you find information related to the Common Vulnerabilities and Exposures (CVE)?

A Tenable
B MITRE
C NIST
D Qualys

What is the purpose of Scoped Applications?

A Suppliers can only charge for applications when they are scoped
B Scoped applications are scalable, Global applications are not
C Scoping encapsulates and protects data and functionality
D An application needs to be scoped in order to be deployed as a plugin

What is the minimum role required to create and change Service Level Agreements for Vulnerability Response groups?

A sla_manager
B admin
C sn_vul.vulnerability_write
D sn_vul.admin

Which module is used to adjust the frequency in which CVEs are updated?

A NVD Auto-update
B Update
C CVE Auto-update
D On-demand update

Changes made within a named Update Set in a different application scope:

A Will be captured
B Will throw errors
C Will not be captured
D Will be partially captured

Filter Groups provide a way to:

A Decouple the use of the grouping from the definition of the grouping
B Build criteria once
C Reuse criteria in a variety of places
D All of the above

Join Us Among the Stars

CIS-VRPreview

About the CIS-VR Exam

Mode Selection

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

Question 13

Question 14

Question 15

Question 16

Question 17

Question 19

Question 20

Question 22

Question 23

Question 24

Question 25

Question 26

Question 27

Question 6

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

Question 13

Question 14

Question 15

Question 16

Question 17

Question 19

Question 20

Question 22

Question 23

Question 24

Question 25

Question 26

Question 27