Weekend Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = simple70

Home
ServiceNow
CIS-Security Incident Response
CIS-SIR
Certified Implementation Specialist - Security Incident Response Exam Questions and Answers

Pass the ServiceNow CIS-Security Incident Response CIS-SIR Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.

Exam CIS-SIR Premium Access

View all detail and faqs for the CIS-SIR exam

Go to Exam

537 Students Passed

88% Average Score

91% Same Questions

Viewing page 1 out of 2 pages

Viewing questions 1-10 out of questions

Questions # 1:

Why is it important that the Platform (System) Administrator and the Security Incident administrator role be separated? (Choose three.)

Options:

Access to security incident data may need to be restricted

Allow SIR Teams to control assignment of security roles

Clear separation of duty

Reduce the number of incidents assigned to the Platform Admin

Preserve the security image in the company

Answer

B, C, D

Questions # 2:

How do you select which process definition to use?

Options:

By selecting the desired process within the Process Definition module

By selecting the desired process within the Process Selection module

By setting the process definition record to Active

By setting the Script Include record to Active

Answer

Explanation

[Reference: https://docs.servicenow.com/bundle/paris-security-management/page/product/security-incident- response/reference/setup-assistant-reference.html, ]

Questions # 3:

What plugin must be activated to see the New Security Analyst UI?

Options:

Security Analyst UI Plugin

Security Incident Response UI plugin

Security Operations UI plugin

Security Agent UI Plugin

Answer

Questions # 4:

What is calculated as an arithmetic mean taking into consideration different values in the CI, Security Incident, and User records?

Options:

Priority

Business Impact

Severity

Risk Score

Answer

Questions # 5:

The benefits of improved Security Incident Response are expressed.

Options:

as desirable outcomes with clear, measurable Key Performance Indicators

differently depending upon 3 stages: Process Improvement, Process Design, and Post Go-Live

as a series of states with consistent, clear metrics

as a value on a scale of 1-10 based on specific outcomes

Answer

Questions # 6:

Which of the following State Flows are provided for Security Incidents? (Choose three.)

Options:

NIST Open

SANS Open

NIST Stateful

SANS Stateful

Answer

A, C, D

Questions # 7:

Chief factors when configuring auto-assignment of Security Incidents are.

Options:

Agent group membership, Agent location and time zone

Security incident priority, CI Location and agent time zone

Agent skills, System Schedules and agent location

Agent location, Agent skills and agent time zone

Answer

Explanation

[Reference: https://docs.servicenow.com/bundle/paris-security-management/page/product/security-incident- response/task/t_ConfigureSIM.html, ]

Questions # 8:

Select the one capability that restricts connections from one CI to other devices.

Options:

Isolate Host

Sightings Search

Block Action

Get Running Processes

Get Network Statistics

Publish Watchlist

Answer

Explanation

[Reference: https://docs.servicenow.com/bundle/paris-security-management/page/product/security-incident- response/task/perform-addtl-tasks-on-si.html, ]

Questions # 9:

What are two of the audiences identified that will need reports and insight into Security Incident Response reports? (Choose two.)