Download Certified Implementation Specialist - Security Incident Response.CIS-SIR.VCEplus.2021-05-28.60q.vcex

ProfExam Suite - Black Friday
Vendor: ServiceNow
Exam Code: CIS-SIR
Exam Name: Certified Implementation Specialist - Security Incident Response
Date: May 28, 2021
File Size: 582 KB
Download Exam

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase
Coupon: EXAMFILESCOM

Discount: 20%

ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator

Demo Questions

Question 1
What makes a playbook appear for a Security Incident if using Flow Designer?
  1. Actions defined to create tasks
  2. Trigger set to conditions that match the security incident
  3. Runbook property set to true
  4. Service Criticality set to High
Correct answer: B
Question 2
What is the purpose of Calculator Groups as opposed to Calculators?
  1. To provide metadata about the calculators
  2. To allow the agent to select which calculator they want to execute
  3. To set the condition for all calculators to run
  4. To ensure one at maximum will run per group
Correct answer: C
Explanation:
Reference: https://docs.servicenow.com/bundle/paris-security-management/page/product/security-incident-response/reference/setup-assistant-reference.html
Reference: https://docs.servicenow.com/bundle/paris-security-management/page/product/security-incident-response/reference/setup-assistant-reference.html
Question 3
The following term is used to describe any observable occurrence: __________.
  1. Incident
  2. Log
  3. Ticket
  4. Alert
  5. Event
Correct answer: E
Question 4
The severity field of the security incident is influenced by what?
  1. The cost of the response to the security breach
  2. The impact, urgency and priority of the incident
  3. The time taken to resolve the security incident
  4. The business value of the affected asset
Correct answer: D
Question 5
The Risk Score is calculated by combining all the weights using __________.
  1. an arithmetic mean
  2. addition
  3. the Risk Score script include
  4. a geometric mean
Correct answer: A
Explanation:
Reference: https://docs.servicenow.com/bundle/paris-security-management/page/product/security-incident-response/reference/setup-assistant-reference.html
Reference: https://docs.servicenow.com/bundle/paris-security-management/page/product/security-incident-response/reference/setup-assistant-reference.html
Question 6
What are two of the audiences identified that will need reports and insight into Security Incident Response reports? (Choose two.)
  1. Analysts
  2. Vulnerability Managers
  3. Chief Information Security Officer (CISO)
  4. Problem Managers  
Correct answer: AB
Explanation:
Reference: https://www.servicenow.com/content/dam/servicenow-assets/public/en-us/doc-type/resource-center/data-sheet/ds-security-operations.pdf
Reference: https://www.servicenow.com/content/dam/servicenow-assets/public/en-us/doc-type/resource-center/data-sheet/ds-security-operations.pdf
Question 7
What three steps enable you to include a new playbook in the Selected Playbook choice list? (Choose three.)
  1. Add the TLP: GREEN tag to the playbooks that you want to include in the Selected Playbook choice list
  2. Navigate to the sys_hub_flow.list table
  3. Search for the new playbook you have created using Flow Designer
  4. Add the sir_playbook tag to the playbooks that you want to include in the Selected Playbook choice list
  5. Navigate to the sys_playbook_flow.list table
Correct answer: BCD
Explanation:
Reference: https://docs.servicenow.com/bundle/paris-security-management/page/product/security-incident-response/concept/sir-new-ui-add-playbook.html
Reference: https://docs.servicenow.com/bundle/paris-security-management/page/product/security-incident-response/concept/sir-new-ui-add-playbook.html
Question 8
Which improvement opportunity can be found baseline which can contribute towards process maturity and strengthen costumer’s overall security posture?
  1. Post-Incident Review
  2. Fast Eradication
  3. Incident Containment
  4. Incident Analysis  
Correct answer: D
Question 9
What is the fastest way for security incident administrators to remove unwanted widgets from the Security Incident Catalog?
  1. Clicking the X on the top right corner
  2. Talking to the system administrator
  3. Can't be removed
  4. Through the Catalog Definition record
Correct answer: D
Question 10
Select the one capability that retrieves a list of running processes on a CI from a host or endpoint.
  1. Get Network Statistics
  2. Isolate Host
  3. Get Running Processes  
  4. Publish Watchlist
  5. Block Action
  6. Sightings Search
Correct answer: C
Explanation:
Reference: https://docs.servicenow.com/bundle/quebec-security-management/page/product/security-operations-common/concept/get-running-processes-capability.html
Reference: https://docs.servicenow.com/bundle/quebec-security-management/page/product/security-operations-common/concept/get-running-processes-capability.html
CONNECT US
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!