A. Because SIR is a scoped application, roles and script includes will begin with the sn_si prefix
B. Because ServiceNow tracks license use against the Security Incident Response Application
C. Because the Security Incident Response application uses a Secure Identity token
D. Because ServiceNow checks the instance for a Secure Identity when logging on to this scoped application
A. A security incident is raised on their behalf but only a notification is displayed
B. The service desk agent is redirected to the Security Incident Catalog to complete the record producer
C. A security incident is raised on their behalf and displayed to the service desk agent
D. The incident is marked resolved with an automatic security resolution code
A. To understand current posture
B. To understand desired outcomes
C. To understand customer's process
D. To understand required tools
A. By setting the process definition record to Active
B. By setting the Script Include record to Active
C. By selecting the desired process within the Process Definition module
D. By selecting the desired process within the Process Selection module
A. Create a Knowledge Article
B. Create a Runbook
C. Create a Flow
D. Set the Response Task's state
A. The analyst assigned to the ticket
B. The Affected User on the incident
C. Any user who has Response Tasks on the incident
D. Any user that adds a worknote to the ticket
