CIS-SIR試験無料問題集（62題）「ServiceNow Certified Implementation Specialist

出題：1

Why should discussions focus with the end in mind?

A. To understand current posture

B. To understand desired outcomes

C. To understand customer's process

D. To understand required tools

正解：B 解答を投票する

出題：2

The following term is used to describe any observable occurrence:.

A. Incident

B. Ticket

C. Alert

D. Event

E. Log

正解：D 解答を投票する

出題：3

Which improvement opportunity can be found baseline which can contribute towards process maturity and strengthen costumer's overall security posture?

A. Fast Eradication

B. Post-Incident Review

C. Incident Containment

D. Incident Analysis

正解：D 解答を投票する

出題：4

Which of the following tag classifications are provided baseline? (Choose three.)

A. Block from Sharing

B. Escalation Level

C. Enrichment whitelist/blacklist

D. IoC Type

E. Severity

F. Cyber Kill Chain Step

G. Traffic Light Protocol

正解：C,D,G 解答を投票する

出題：5

When the Security Phishing Email record is created what types of observables are stored in the record?
(Choose three.)

A. Who reported the phishing attempt

B. State of the phishing email

C. IP addresses from the header

D. Hashes and/or file names found in the EML attachment

E. Type of Ingestion Rule used to identify this email as a phishing attempt

F. URLs, domains, or IP addresses appearing in the body

正解：C,D,F 解答を投票する

出題：6

What are two of the audiences identified that will need reports and insight into Security Incident Response reports? (Choose two.)

A. Problem Managers

B. Analysts

C. Vulnerability Managers

D. Chief Information Security Officer (CISO)

正解：B,C 解答を投票する

CIS-SIR試験無料問題集「ServiceNow Certified Implementation Specialist - Security Incident Response 認定」