EMT Practice Test

1. Question Content...


Question List

Question1: Joe is on the SIR Team and needs to be able to configure Territories and Skills. What role does he need?

Question2: Which one of the following reasons best describes why roles for Security Incident Response (SIR) begin with
"sn_si"?

Question3: Why is it important that the Platform (System) Administrator and the Security Incident administrator role be separated? (Choose three.)

Question4: Which one of the following users is automatically added to the Request Assessments list?

Question5: What factor, if any, limits the ability to close SIR records?

Question6: Which of the following process definitions are not provided baseline?

Question7: What specific role is required in order to use the REST API Explorer?

Question8: Which ServiceNow automation capability extends Flow Designer to integrate business processes with other systems?

Question9: A pre-planned response process contains which sequence of events?

Question10: What is the first step when creating a security Playbook?

Question11: Which of the following fields is used to identify an Event that is to be used for Security purposes?

Question12: If the customer's email server currently has an account setup to report suspicious emails, then what happens next?

Question13: To configure Security Incident Escalations, you need the following role(s):.

Question14: Chief factors when configuring auto-assignment of Security Incidents are.

Question15: What field is used to distinguish Security events from other IT events?

Question16: The Risk Score is calculated by combining all the weights using.

Question17: Which of the following State Flows are provided for Security Incidents? (Choose three.)

Question18: If a desired pre-built integration cannot be found in the platform, what should be your next step to find a certified integration?

Question19: What is calculated as an arithmetic mean taking into consideration different values in the CI, Security Incident, and User records?

Question20: What is the name of the Inbound Action that validates whether an inbound email should be processed as a phishing email for URP v2?

Question21: What is the fastest way for security incident administrators to remove unwanted widgets from the Security Incident Catalog?