1 / 11

ServiceNow CIS-Security Incident Response CIS-SIR Exam Questions

PassQuestion provides the latest ServiceNow CIS-Security Incident Response CIS-SIR Exam Questions which will be asked in the actual exam.

examquestionsonline
Download Presentation

ServiceNow CIS-Security Incident Response CIS-SIR Exam Questions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CIS-SIR Free Questions CIS-SIR Free Questions Certified Implementation Specialist Certified Implementation Specialist -Security Incident Response Exam -Security Incident Response Exam https://www.passquestion.com/CIS-SIR.html https://www.passquestion.com/CIS-SIR.html

  2. Question 1 Question 1 What does a flow require? What does a flow require? A. Security orchestration flows A. Security orchestration flows B. Runbooks B. Runbooks C. CAB orders C. CAB orders D. A trigger D. A trigger Answer: D Answer: D

  3. Question 2 Question 2 A flow consists of one or more actions and a what? A flow consists of one or more actions and a what? A. Change formatter A. Change formatter B. Catalog Designer B. Catalog Designer C. NIST Ready State C. NIST Ready State D. Trigger D. Trigger Answer: D Answer: D

  4. Question 3 Question 3 Select the one capability that restricts connections from one CI to other devices. Select the one capability that restricts connections from one CI to other devices. A. Isolate Host A. Isolate Host B. Sightings Search B. Sightings Search C. Block Action C. Block Action D. Get Running Processes D. Get Running Processes E. Get Network Statistics E. Get Network Statistics F. Publish Watchlist F. Publish Watchlist Answer: A Answer: A

  5. Question 4 Question 4 There are several methods in which security incidents can be raised, which There are several methods in which security incidents can be raised, which broadly fit into one of these categories:. (Choose two.) broadly fit into one of these categories:. (Choose two.) A. Integrations A. Integrations B. Manually created B. Manually created C. Automatically created C. Automatically created D. Email parsing D. Email parsing Answer: B,C Answer: B,C

  6. Question 5 Question 5 A pre-planned response process contains which sequence of events? A pre-planned response process contains which sequence of events? A. Organize, Analyze, Prioritize, Contain A. Organize, Analyze, Prioritize, Contain B. Organize, Detect, Prioritize, Contain B. Organize, Detect, Prioritize, Contain C. Organize, Prepare, Prioritize, Contain C. Organize, Prepare, Prioritize, Contain D. Organize, Verify, Prioritize, Contain D. Organize, Verify, Prioritize, Contain Answer: A Answer: A

  7. Question 6 Question 6 What is the key to a successful implementation? What is the key to a successful implementation? A. Sell customer the most expensive package A. Sell customer the most expensive package B. Implementing everything that we offer B. Implementing everything that we offer C. Understanding the customer’s goals and objectives C. Understanding the customer’s goals and objectives D. Building custom integrations D. Building custom integrations Answer: C Answer: C

  8. Question 7 Question 7 Which of the following are potential benefits for utilizing Security Incident Which of the following are potential benefits for utilizing Security Incident assignment automation? (Choose two.) assignment automation? (Choose two.) A. Decreased Time to Containment A. Decreased Time to Containment B. Increased Mean Time to Remediation B. Increased Mean Time to Remediation C. Decreased Time to Ingestion C. Decreased Time to Ingestion D. Increased resolution process consistency D. Increased resolution process consistency Answer: B,D Answer: B,D

  9. Question 8 Question 8 Why should discussions focus with the end in mind? Why should discussions focus with the end in mind? A. To understand desired outcomes A. To understand desired outcomes B. To understand current posture B. To understand current posture C. To understand customer’s process C. To understand customer’s process D. To understand required tools D. To understand required tools Answer: A Answer: A

  10. Question 9 Question 9 Chief factors when configuring auto-assignment of Security Incidents are. Chief factors when configuring auto-assignment of Security Incidents are. A. Agent group membership, Agent location and time zone A. Agent group membership, Agent location and time zone B. Security incident priority, CI Location and agent time zone B. Security incident priority, CI Location and agent time zone C. Agent skills, System Schedules and agent location C. Agent skills, System Schedules and agent location D. Agent location, Agent skills and agent time zone D. Agent location, Agent skills and agent time zone Answer: D Answer: D

  11. Question 10 Question 10 Which of the following fields is used to identify an Event that is to be used for Security Which of the following fields is used to identify an Event that is to be used for Security purposes? purposes? A. IT A. IT B. Classification B. Classification C. Security C. Security D. CI D. CI Answer: B Answer: B

More Related