Shop Categories

 [email protected]
Search
View Cart
Checkout

The following CIS-SIR questions are part of our ServiceNow CIS-SIR real exam questions full version. There are 60 in our CIS-SIR full version. All of our CIS-SIR real exam questions can guarantee you success in the first attempt. If you fail CIS-SIR exam with our ServiceNow CIS-SIR real exam questions, you will get full payment fee refund. Want to practice and study full verion of CIS-SIR real exam questions? Go now!

 Get CIS-SIR Full Version

ServiceNow CIS-SIR Exam Actual Questions

The questions for CIS-SIR were last updated on Feb 21,2025 .

Viewing page 1 out of 4 pages.

Viewing questions 1 out of 20 questions

Question#1

When the Security Phishing Email record is created what types of observables are stored in the record? (Choose three.)

A. URLs, domains, or IP addresses appearing in the body
B. Who reported the phishing attempt
C. State of the phishing email
D. IP addresses from the header
E. Hashes and/or file names found in the EML attachment
F. Type of Ingestion Rule used to identify this email as a phishing attempt

Explanation:
Reference: https://docs.servicenow.com/bundle/paris-security-management/page/product/security-incident-response/concept/sighting-searches-on-phishing-attacks.html

Question#2

The benefits of improved Security Incident Response are expressed.

A. as desirable outcomes with clear, measurable Key Performance Indicators
B. differently depending upon 3 stages: Process Improvement, Process Design, and Post Go-Live
C. as a series of states with consistent, clear metrics
D. as a value on a scale of 1-10 based on specific outcomes

Question#3

Knowledge articles that describe steps an analyst needs to follow to complete Security incident tasks might be associated to those tasks through which of the following?

A. Work Instruction Playbook
B. Flow
C. Workflow
D. Runbook
E. Flow Designer

Explanation:
Reference: https://docs.servicenow.com/bundle/paris-security-management/page/product/security-incident-response/task/perform-addtl-tasks-on-si.html

Question#4

Security tag used when a piece of information requires support to be effectively acted upon, yet carries risks to privacy, reputation, or operations if shared outside of the organizations involved.

A. TLP: GREEN
B. TLP: AMBER
C. TLP: RED
D. TLP: WHITE

Explanation:



Table
Description automatically generated

Question#5

Which Table would be commonly used for Security Incident Response?

A. sysapproval_approver
B. sec_ops_incident
C. cmdb_rel_ci
D. sn_si_incident

Explanation:
Reference: https://docs.servicenow.com/bundle/quebec-security-management/page/product/security-incident-response/reference/installed-with-sir.html

Exam Code: CIS-SIRQ & A: 60 Q&AsUpdated:  Feb 21,2025

 Get CIS-SIR Full Version
 About CIS-SIR Questions

TOP Exams