CIS-SIRテスト問題練習試そう!2022年に更新された62問あります [Q24-Q47]

Share

CIS-SIRテスト問題練習試そう!2022年に更新された62問あります

更新された2022年02月プレミアムCIS-SIR試験エンジンPDFで今すぐダウンロード!無料更新された62問あります


ServiceNow CIS-SIR 認定試験の出題範囲:

トピック出題範囲
トピック 1
  • Automate Security Incident Response Overview
  • Security Analyst Workspace (New UI)
トピック 2
  • Security Incident Calculator Groups and Risk Scores
  • Security Incident Creation and Threat Intelligence
トピック 3
  • Managing Pre-Built Integrations
  • Understanding Threat Intelligence
トピック 4
  • Security Incident Automation using Flows and Workflows
  • Explore How to Create Security Incidents
トピック 5
  • Risk Calculations and Post Incident Response
  • Introducing Security IncidentResponse

 

質問 24
Select the one capability that retrieves a list of running processes on a CI from a host or endpoint.

  • A. Isolate Host
  • B. Publish Watchlist
  • C. Sightings Search
  • D. Get Running Processes
  • E. Block Action
  • F. Get Network Statistics

正解: D

 

質問 25
Which one of the following reasons best describes why roles for Security Incident Response (SIR) begin with "sn_si"?

  • A. Because the Security Incident Response application uses a Secure Identity token
  • B. Because ServiceNow checks the instance for a Secure Identity when logging on to this scoped application
  • C. Because ServiceNow tracks license use against the Security Incident Response Application
  • D. Because SIR is a scoped application, roles and script includes will begin with the sn_si prefix

正解: A

解説:
Explanation/Reference:

 

質問 26
The severity field of the security incident is influenced by what?

  • A. The time taken to resolve the security incident
  • B. The business value of the affected asset
  • C. The impact, urgency and priority of the incident
  • D. The cost of the response to the security breach

正解: B

 

質問 27
In order to see the Actions in Flow Designer for Security Incident, what plugin must be activated?

  • A. Performance Analytics for Security Incident Response
  • B. Security Operations Spoke
  • C. Security Incident Spoke
  • D. Security Spoke

正解: B

 

質問 28
Which of the following fields is used to identify an Event that is to be used for Security purposes?

  • A. IT
  • B. Security
  • C. CI
  • D. Classification

正解: D

 

質問 29
The EmailUserReportedPhishing script include processes inbound emails and creates a record in which table?

  • A. sn_si_phishing_email_header
  • B. sn_si_incident
  • C. ar_sn_si_phishing_email
  • D. sn_si_phishing_email

正解: C

 

質問 30
Security tag used when a piece of information requires support to be effectively acted upon, yet carries risks to privacy, reputation, or operations if shared outside of the organizations involved.

  • A. TLP:GREEN
  • B. TLP:RED
  • C. TLP:AMBER
  • D. TLP:WHITE

正解: C

解説:
Explanation
Table Description automatically generated

 

質問 31
What is the name of the Inbound Action that validates whether an inbound email should be processed as a phishing email for URP v2?

  • A. Scan email for threats
  • B. Create Phishing Email
  • C. User Reporting Phishing (for New emails)
  • D. User Reporting Phishing (for Forwarded emails)

正解: D

 

質問 32
Which one of the following reasons best describes why roles for Security Incident Response (SIR) begin with
"sn_si"?

  • A. Because the Security Incident Response application uses a Secure Identity token
  • B. Because ServiceNow checks the instance for a Secure Identity when logging on to this scoped application
  • C. Because ServiceNow tracks license use against the Security Incident Response Application
  • D. Because SIR is a scoped application, roles and script includes will begin with the sn_si prefix

正解: A

 

質問 33
The following term is used to describe any observable occurrence:.

  • A. Log
  • B. Ticket
  • C. Alert
  • D. Event
  • E. Incident

正解: D

 

質問 34
What is the first step when creating a security Playbook?

  • A. Create a Knowledge Article
  • B. Create a Flow
  • C. Set the Response Task's state
  • D. Create a Runbook

正解: B

 

質問 35
David is on the Network team and has been assigned a security incident response task.
What role does he need to be able to view and work the task?

  • A. External
  • B. Security Analyst
  • C. Read
  • D. Security Basic

正解: B

 

質問 36
Which improvement opportunity can be found baseline which can contribute towards process maturity and strengthen costumer's overall security posture?

  • A. Post-Incident Review
  • B. Fast Eradication
  • C. Incident Containment
  • D. Incident Analysis

正解: D

 

質問 37
If the customer's email server currently has an account setup to report suspicious emails, then what happens next?

  • A. the ServiceNow platform ensures that parsing and analysis takes place on their mail server
  • B. the customer should set up a rule to forward these mails onto the ServiceNow platform
  • C. the customer's systems are already handling suspicious emails
  • D. an integration added to Exchange keeps the ServiceNow platform in sync

正解: B

 

質問 38
Select the one capability that retrieves a list of running processes on a CI from a host or endpoint.

  • A. Isolate Host
  • B. Publish Watchlist
  • C. Sightings Search
  • D. Get Running Processes
  • E. Block Action
  • F. Get Network Statistics

正解: D

解説:
Explanation/Reference: https://docs.servicenow.com/bundle/quebec-security-management/page/product/security- operations-common/concept/get-running-processes-capability.html

 

質問 39
Which of the following are potential benefits for utilizing Security Incident assignment automation? (Choose two.)

  • A. Increased Mean Time to Remediation
  • B. Increased resolution process consistency
  • C. Decreased Time to Ingestion
  • D. Decreased Time to Containment

正解: A,B

 

質問 40
What factor, if any, limits the ability to close SIR records?

  • A. Opened related INC records
  • B. Best practice dictates that SIR records should be set to 'Resolved' never to 'Closed'
  • C. All post-incident review question:ers have to be completed first
  • D. Nothing, SIR records could be closed at any time

正解: A

 

質問 41
Joe is on the SIR Team and needs to be able to configure Territories and Skills.
What role does he need?

  • A. Manager
  • B. Security Analyst
  • C. Security Basic
  • D. Security Admin

正解: D

解説:
Explanation/Reference: https://docs.servicenow.com/bundle/quebec-security-management/page/product/security- incident-response/reference/installed-with-sir.html

 

質問 42
Which of the following process definitions allow only single-step progress through the process defined without allowing step skipping?

  • A. SANS Open
  • B. NIST Stateful
  • C. NIST Open
  • D. SANS Stateful

正解: B

 

質問 43
What specific role is required in order to use the REST API Explorer?

  • A. sn_si.admin
  • B. rest_api_explorer
  • C. security_admin
  • D. admin

正解: B,D

 

質問 44
The Risk Score is calculated by combining all the weights using __________.

  • A. a geometric mean
  • B. an arithmetic mean
  • C. the Risk Score script include
  • D. addition

正解: B

解説:
Explanation/Reference: https://docs.servicenow.com/bundle/paris-security-management/page/product/security-incident- response/reference/setup-assistant-reference.html

 

質問 45
Joe is on the SIR Team and needs to be able to configure Territories and Skills. What role does he need?

  • A. Manager
  • B. Security Analyst
  • C. Security Basic
  • D. Security Admin

正解: D

 

質問 46
Which of the following fields is used to identify an Event that is to be used for Security purposes?

  • A. IT
  • B. Security
  • C. CI
  • D. Classification

正解: D

解説:
Explanation/Reference: https://docs.servicenow.com/bundle/paris-it-operations-management/page/product/event- management/task/t_EMManageEvent.html

 

質問 47
......

正真正銘のCIS-SIR問題集には100%合格率練習テスト問題集:https://jp.fast2test.com/CIS-SIR-premium-file.html


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어