
2022年最新のの問題Certified Implementation SpecialistとCIS-SIRリアル試験問をマスターせよ!
突破受験者のシミュレーションされたCIS-SIR試験PDF問題を試そう
ServiceNow CIS-SIR 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
| トピック 5 |
|
質問 12
The EmailUserReportedPhishing script include processes inbound emails and creates a record in which table?
- A. sn_si_incident
- B. ar_sn_si_phishing_email
- C. sn_si_phishing_email
- D. sn_si_phishing_email_header
正解: B
質問 13
Which of the following fields is used to identify an Event that is to be used for Security purposes?
- A. IT
- B. Classification
- C. CI
- D. Security
正解: B
質問 14
Chief factors when configuring auto-assignment of Security Incidents are.
- A. Agent group membership, Agent location and time zone
- B. Security incident priority, CI Location and agent time zone
- C. Agent location, Agent skills and agent time zone
- D. Agent skills, System Schedules and agent location
正解: C
質問 15
Joe is on the SIR Team and needs to be able to configure Territories and Skills. What role does he need?
- A. Security Admin
- B. Security Analyst
- C. Security Basic
- D. Manager
正解: A
質問 16
Which of the following process definitions are not provided baseline?
- A. NIST Open
- B. SANS Open
- C. SAN Stateful
- D. NIST Stateful
正解: A
質問 17
There are several methods in which security incidents can be raised, which broadly fit into one of these categories: __________. (Choose two.)
- A. Email parsing
- B. Integrations
- C. Manually created
- D. Automatically created
正解: C,D
解説:
Explanation/Reference: https://docs.servicenow.com/bundle/paris-security-management/page/product/security-incident- response/concept/si-creation.html
質問 18
The benefits of improved Security Incident Response are expressed.
- A. as desirable outcomes with clear, measurable Key Performance Indicators
- B. as a series of states with consistent, clear metrics
- C. as a value on a scale of 1-10 based on specific outcomes
- D. differently depending upon 3 stages: Process Improvement, Process Design, and Post Go-Live
正解: B
質問 19
What are two of the audiences identified that will need reports and insight into Security Incident Response reports? (Choose two.)
- A. Vulnerability Managers
- B. Problem Managers
- C. Chief Information Security Officer (CISO)
- D. Analysts
正解: A,D
質問 20
How do you select which process definition to use?
- A. By selecting the desired process within the Process Selection module
- B. By selecting the desired process within the Process Definition module
- C. By setting the process definition record to Active
- D. By setting the Script Include record to Active
正解: A
質問 21
What is the name of the Inbound Action that validates whether an inbound email should be processed as a phishing email for URP v2?
- A. User Reporting Phishing (for Forwarded emails)
- B. Scan email for threats
- C. User Reporting Phishing (for New emails)
- D. Create Phishing Email
正解: A
質問 22
In order to see the Actions in Flow Designer for Security Incident, what plugin must be activated?
- A. Security Incident Spoke
- B. Performance Analytics for Security Incident Response
- C. Security Spoke
- D. Security Operations Spoke
正解: D
解説:
Explanation/Reference: https://docs.servicenow.com/bundle/paris-security-management/page/product/security-incident- response-orchestration/concept/sir-flows-and-templates.html
質問 23
The Risk Score is calculated by combining all the weights using.
- A. an arithmetic mean
- B. the Risk Score script include
- C. addition
- D. a geometric mean
正解: A
質問 24
Knowledge articles that describe steps an analyst needs to follow to complete Security incident tasks might be associated to those tasks through which of the following?
- A. Workflow
- B. Runbook
- C. Flow Designer
- D. Work Instruction Playbook
- E. Flow
正解: B
質問 25
Which one of the following reasons best describes why roles for Security Incident Response (SIR) begin with "sn_si"?
- A. Because ServiceNow checks the instance for a Secure Identity when logging on to this scoped application
- B. Because the Security Incident Response application uses a Secure Identity token
- C. Because SIR is a scoped application, roles and script includes will begin with the sn_si prefix
- D. Because ServiceNow tracks license use against the Security Incident Response Application
正解: B
解説:
Explanation/Reference:
質問 26
Why should discussions focus with the end in mind?
- A. To understand required tools
- B. To understand customer's process
- C. To understand desired outcomes
- D. To understand current posture
正解: C
質問 27
For Customers who don't use 3rd-party systems, what ways can security incidents be created? (Choose three.)
- A. Security Service Catalog
- B. Leveraging an Integration
- C. Alert Management
- D. Inbound Email Parsing Rules
- E. Security Incident Form
正解: A,D,E
質問 28
Joe is on the SIR Team and needs to be able to configure Territories and Skills.
What role does he need?
- A. Security Admin
- B. Security Analyst
- C. Security Basic
- D. Manager
正解: A
解説:
Explanation/Reference: https://docs.servicenow.com/bundle/quebec-security-management/page/product/security- incident-response/reference/installed-with-sir.html
質問 29
The following term is used to describe any observable occurrence:.
- A. Ticket
- B. Event
- C. Alert
- D. Incident
- E. Log
正解: B
質問 30
......
突破受験者のシミュレーションされたCIS-SIR問題集:https://jp.fast2test.com/CIS-SIR-premium-file.html