CIS-SIR

What is the key to a successful implementation?A . Sell customer the most expensive packageB . Implementing everything that we offerC . Understanding the customer’s goals and objectivesD . Building custom integrationsView AnswerAnswer: C

What field is used to distinguish Security events from other IT events?A . TypeB . SourceC . ClassificationD . DescriptionView AnswerAnswer: C Explanation: Reference: https://docs.servicenow.com/bundle/paris-security-management/page/product/security-incident-response/concept/c_ScIncdUseAlrts.html

Knowledge articles that describe steps an analyst needs to follow to complete Security incident tasks might be associated to those tasks through which of the following?A . Work Instruction PlaybookB . FlowC . WorkflowD . RunbookE . Flow DesignerView AnswerAnswer: D Explanation: Reference: https://docs.servicenow.com/bundle/paris-security-management/page/product/security-incident-response/task/perform-addtl-tasks-on-si.html

Which of the following are potential benefits for utilizing Security Incident assignment automation? (Choose two.)A . Decreased Time to ContainmentB . Increased Mean Time to RemediationC . Decreased Time to IngestionD . Increased resolution process consistencyView AnswerAnswer: B,D

What plugin must be activated to see the New Security Analyst UI?A . Security Analyst UI PluginB . Security Incident Response UI pluginC . Security Operations UI pluginD . Security Agent UI PluginView AnswerAnswer: D

Using the KB articles for Playbooks tasks also gives you which of these advantages?A . Automated activities to run scans and enrich Security Incidents with real time dataB . Automated activities to resolve security Incidents through patchingC . Improved visibility to threats and vulnerabilitiesD . Enhanced ability to create and...

Select the one capability that restricts connections from one CI to other devices.A . Isolate HostB . Sightings SearchC . Block ActionD . Get Running ProcessesE . Get Network StatisticsF . Publish WatchlistView AnswerAnswer: A Explanation: Reference: https://docs.servicenow.com/bundle/paris-security-management/page/product/security-incident-response/task/perform-addtl-tasks-on-si.html

There are several methods in which security incidents can be raised, which broadly fit into one of these categories:. (Choose two.)A . IntegrationsB . Manually createdC . Automatically createdD . Email parsingView AnswerAnswer: B,C Explanation: Reference: https://docs.servicenow.com/bundle/paris-security-management/page/product/security-incident-response/concept/si-creation.html

Which of the following fields is used to identify an Event that is to be used for Security purposes?A . ITB . ClassificationC . SecurityD . CIView AnswerAnswer: B Explanation: Reference: https://docs.servicenow.com/bundle/paris-it-operations-management/page/product/event-management/task/t_EMManageEvent.html

Security tag used when a piece of information requires support to be effectively acted upon, yet carries risks to privacy, reputation, or operations if shared outside of the organizations involved.A . TLP: GREENB . TLP: AMBERC . TLP: REDD . TLP: WHITEView AnswerAnswer: B Explanation: Table Description automatically generated