Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. ServiceNow®
  3. CIS-SIR

ServiceNow® CIS-SIR Exam (page: 2)
ServiceNow® Certified Implementation Specialist - Security Incident Response
Updated on: 11-Dec-2025

Viewing Page 2 of 17
CIS-SIR PDF 125 Questions

What is the fastest way for security incident administrators to remove unwanted widgets from the Security Incident Catalog?

  1. Clicking the X on the top right corner
  2. Talking to the system administrator
  3. Can't be removed
  4. Through the Catalog Definition record

Answer(s): D



Select the one capability that retrieves a list of running processes on a CI from a host or endpoint.

  1. Get Network Statistics
  2. Isolate Host
  3. Get Running Processes
  4. Publish Watchlist
  5. Block Action
  6. Sightings Search

Answer(s): C


Reference:

https://docs.servicenow.com/bundle/quebec-security-management/page/product/security- operations-common/concept/get-running-processes-capability.html



Which Table would be commonly used for Security Incident Response?

  1. sysapproval_approver
  2. sec_ops_incident
  3. cmdb_rel_ci
  4. sn_si_incident

Answer(s): D


Reference:

https://docs.servicenow.com/bundle/quebec-security-management/page/product/security-incident- response/reference/installed-with-sir.html



There are several methods in which security incidents can be raised, which broadly fit into one of these categories:        . (Choose two.)

  1. Integrations
  2. Manually created
  3. Automatically created
  4. Email parsing

Answer(s): B,C


Reference:

https://docs.servicenow.com/bundle/paris-security-management/page/product/security-incident- response/concept/si-creation.html



What is the first step when creating a security Playbook?

  1. Set the Response Task's state
  2. Create a Flow
  3. Create a Runbook
  4. Create a Knowledge Article

Answer(s): B



To configure Security Incident Escalations, you need the following role(s):       .

  1. sn_si.admin
  2. sn_si.admin or sn_si.manager
  3. sn_si.admin or sn_si.ciso
  4. sn_si.manager or sn_si.analyst

Answer(s): A


Reference:

https://docs.servicenow.com/bundle/paris-security-management/page/product/security-incident- response/task/escalate-security-incident.html



Which of the following are potential benefits for utilizing Security Incident assignment automation? (Choose two.)

  1. Decreased Time to Containment
  2. Increased Mean Time to Remediation
  3. Decreased Time to Ingestion
  4. Increased resolution process consistency

Answer(s): B,D



What is the key to a successful implementation?

  1. Sell customer the most expensive package
  2. Implementing everything that we offer
  3. Understanding the customer’s goals and objectives
  4. Building custom integrations

Answer(s): C



Viewing Page 2 of 17



Share your comments for ServiceNow® CIS-SIR exam with other users:

Jay 9/26/2023 8:00:00 AM

link plz for download
UNITED STATES


Leo 10/30/2023 1:11:00 PM

data quality oecd
Anonymous


Blessious Phiri 8/13/2023 9:35:00 AM

rman is one good recovery technology
Anonymous


DiligentSam 9/30/2023 10:26:00 AM

need it thx
Anonymous


Vani 8/10/2023 8:11:00 PM

good questions
NEW ZEALAND


Fares 9/11/2023 5:00:00 AM

good one nice revision
Anonymous


Lingaraj 10/26/2023 1:27:00 AM

i love this thank you i need
Anonymous


Muhammad Rawish Siddiqui 12/5/2023 12:38:00 PM

question # 142: data governance is not one of the deliverables in the document and content management context diagram.
SAUDI ARABIA


al 6/7/2023 10:25:00 AM

most answers not correct here
Anonymous


Bano 1/19/2024 2:29:00 AM

what % of questions do we get in the real exam?
UNITED STATES


Oliviajames 10/25/2023 5:31:00 AM

i just want to tell you. i took my microsoft az-104 exam and passed it. your program was awesome. i especially liked your detailed questions and answers and practice tests that made me well-prepared for the exam. thanks to this website!!!
UNITED STATES


Divya 8/27/2023 12:31:00 PM

all the best
UNITED STATES


KY 1/1/2024 11:01:00 PM

very usefull document
Anonymous


Arun 9/20/2023 4:52:00 PM

nice and helpful questions
INDIA


Joseph J 7/11/2023 2:53:00 PM

i found the questions helpful
UNITED STATES


Meg 10/12/2023 8:02:00 AM

q 105 . ans is d
INDIA


Navaneeth S 7/14/2023 7:57:00 AM

i have interest to get a sybase iq dba certification
UNITED STATES


Aish 10/11/2023 5:27:00 AM

want to pass exm.
INDIA


Anonymous 6/12/2023 7:23:00 AM

are the answers correct?
INDIA


Kris 7/7/2023 9:43:00 AM

good morning, could you please upload this exam again, i need it to test my knowledge in sd-wan with version 7.0.
Anonymous


Meghraj mali 10/7/2023 1:47:00 PM

very nice question
CANADA


Noel 11/1/2022 9:14:00 PM

i have learning disability and this exam dumps allowed me to focus on the actual questions and not worry about notes and the those other study materials.
SOUTH AFRICA


Jas 10/25/2023 6:01:00 PM

165 should be apt
UNITED STATES


Neetu 6/22/2023 8:41:00 AM

please upload the dumps, real need of them
Anonymous


Mark 10/24/2023 1:34:00 AM

any recent feeedback?
UNITED STATES


Gopinadh 8/9/2023 4:05:00 AM

question number 2 is indicating you are giving proper questions. observe and change properly.
Anonymous


Santhi 1/1/2024 8:23:00 AM

passed today.40% questions were new.litwere case study,lots of new questions on afd,ratelimit,tm,lb,app gatway.got 2 set series of questions which are not present here.questions on azure cyclecloud, no.of vnet/vms required for implimentation,blueprints assignment/management group etc
INDIA


Raviraj Magadum 1/12/2024 11:39:00 AM

practice test
INDIA


sivaramakrishnan 7/27/2023 8:12:00 AM

want the dumps for emc content management server programming(cmsp)
Anonymous


Aderonke 10/23/2023 1:52:00 PM

brilliant and helpful
UNITED KINGDOM


Az 9/16/2023 2:43:00 PM

q75. azure files is pass
SWITZERLAND


ketty 11/9/2023 8:10:00 AM

very helpful
Anonymous


Sonail 5/2/2022 1:36:00 PM

thank you for these questions. it helped a lot.
UNITED STATES


Shariq 7/28/2023 8:00:00 AM

how do i get the h12-724 dumps
Anonymous