Which one of the following is true for a Script Include with a Protection Policy value of Protected?

Which one of the following is true for a Script Include with a Protection Policy value of Protected?
A . Any user with the protected_edit role can see and edit the Script Include
B . The Protection policy option can only be enabled by a user with the admin role
C . The Protection Policy is applied only if the glide.app.apply_protection system property value is true
D . The Protection Policy is applied only if the application is downloaded from the ServiceNow App Store

View Answer

Answer: D

Explanation:

https://docs.servicenow.com/bundle/rome-application-development/page/build/applications/concept/c_ScriptProtectionPolicy.html

The following is true for a Script Include with a Protection Policy value of Protected:

The Protection Policy is applied only if the application is downloaded from the ServiceNow App Store. This is true because the Protection Policy is a feature that allows developers to protect their Script Includes from being viewed or modified by other users when they distribute their applications through the ServiceNow App Store. The Protection Policy is only enforced when the application is installed from the App Store, not when it is developed or tested on the instance.

The following are not true for a Script Include with a Protection Policy value of Protected:

Any user with the protected_edit role can see and edit the Script Include. This is false because the protected_edit role is not related to the Protection Policy, but to the Access Control (ACL) rules. The protected_edit role allows users to edit protected fields on a table, such as the script field on the sys_script table, which stores the Business Rules. The Protection Policy does not use roles to control access to the Script Includes, but a cryptographic key that is generated when the application is published to the App Store.

The Protection policy option can only be enabled by a user with the admin role. This is false because the Protection policy option can be enabled by any user who has the application_admin role for the scoped application that contains the Script Include. The application_admin role grants full access to the application development and administration within the scope of the application.

The Protection Policy is applied only if the glide.app.apply_protection system property value is true. This is false because the glide.app.apply_protection system property is not related to the Protection Policy, but to the Application Restricted Caller Access (ARCA) feature. The ARCA feature allows developers to restrict the access to the Script Includes from other applications based on the caller’s scope. The glide.app.apply_protection system property determines whether the ARCA feature is enabled or disabled on the instance.

Reference: Script Includes, Protect Script Includes, Application Restricted Caller Access