ExamGecko
Search Search Login
Home Home / ServiceNow / CIS-RC

ServiceNow CIS-RC Practice Test - Questions Answers, Page 12

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

The Risk Scoring values are entered on the Risk Statement. What records inherits the values from the Risk Statement?
What would you use in order to accommodate a customer’s unique process around policy approvals? For example, each policy needs a second layer of approval.
Which is not a type of key compliance indicator?
Which role(s) has the capability to create Policies? Choose two.)
Control Failure Factor represents the impact of Control Failures on what score?
Where does one go to configure the Regulatory Change Management impact assessment template?
The advanced planning capability enables integration of Advanced Audit with PPM. If the advanced planning capability is selected when the audit plan is created, what extra related lists display on the engagement record in addition to the related lists displayed with basic planning? (Choose three.)
For classic risk assessment, what are the risk components that apply to the Qualitative method? (Choose two.)
An Entity can belong to one or multiple of which of the following?
UCF has a collection of what? Select all UCF terms. (Choose three.)

Question 111

Report
Export
Collapse

Annualized Loss Expectancy is a feature of which risk score method?

A.
Residual
A.
Residual
Answers
B.
Quantitative
B.
Quantitative
Answers
C.
Qualitative
C.
Qualitative
Answers
D.
Inherent
D.
Inherent
Answers
Suggested answer: A

Question 112

Report
Export
Collapse

For a particular risk assessment methodology (RAM), the control effectiveness score is calculated based on an individual assessment of controls. What are options for control identification? (Choose three.)

A.
Controls are identified from library and ad-hoc
A.
Controls are identified from library and ad-hoc
Answers
B.
Controls are identified from indicator results
B.
Controls are identified from indicator results
Answers
C.
Controls are identified from library
C.
Controls are identified from library
Answers
D.
Controls are identified ad-hoc
D.
Controls are identified ad-hoc
Answers
E.
Controls are identified from related issues
E.
Controls are identified from related issues
Answers
Suggested answer: A, C, D

Question 113

Report
Export
Collapse

How does GRC: Policy and Compliance Management track compliance to Authority Documents?

A.
Citations are mapped to entity-scoped controls, which are tested as compliant or non-compliant.
A.
Citations are mapped to entity-scoped controls, which are tested as compliant or non-compliant.
Answers
B.
Authority Documents are mapped to individual policies, which are either marked compliant or non-compliant.
B.
Authority Documents are mapped to individual policies, which are either marked compliant or non-compliant.
Answers
C.
Authority Documents are mapped to control objectives and compliance is checked when controls are tested as compliant or non-compliant.
C.
Authority Documents are mapped to control objectives and compliance is checked when controls are tested as compliant or non-compliant.
Answers
D.
Citations are mapped to control objectives, and compliance is checked when controls are tested as compliant or non-compliant.
D.
Citations are mapped to control objectives, and compliance is checked when controls are tested as compliant or non-compliant.
Answers
Suggested answer: C

Question 114

Report
Export
Collapse

What are some of the features of scoped applications for GRC? (Choose three.)

A.
Requires an entitlement for all environments
A.
Requires an entitlement for all environments
Answers
B.
All components have a namespace prefix for identification
B.
All components have a namespace prefix for identification
Answers
C.
Provides access to all global data
C.
Provides access to all global data
Answers
D.
Ability to view all components from the sys_metadata table
D.
Ability to view all components from the sys_metadata table
Answers
E.
Ability to restrict access to available data
E.
Ability to restrict access to available data
Answers
Suggested answer: A, D, E

Question 115

Report
Export
Collapse

Which of the following tables exist within the GRC: Profiles application scope? (Choose three.)

A.
sn_grc_profile_type
A.
sn_grc_profile_type
Answers
B.
sn_grc_indicator
B.
sn_grc_indicator
Answers
C.
sn_grc_compliance_policy_statement
C.
sn_grc_compliance_policy_statement
Answers
D.
sn_grc_risk_definition
D.
sn_grc_risk_definition
Answers
E.
sn_grc_profile_class
E.
sn_grc_profile_class
Answers
Suggested answer: C, D, E

Question 116

Report
Export
Collapse

Who can move a Policy record from Review into the next state?

A.
The sys admin
A.
The sys admin
Answers
B.
The compliance manager
B.
The compliance manager
Answers
C.
Any reviewer
C.
Any reviewer
Answers
D.
The named policy owner
D.
The named policy owner
Answers
Suggested answer: A

Question 117

Report
Export
Collapse

Which table extends from the Content Table?

A.
Risk Record
A.
Risk Record
Answers
B.
Risk Framework
B.
Risk Framework
Answers
C.
Risk Response Task
C.
Risk Response Task
Answers
D.
Risk Statement
D.
Risk Statement
Answers
Suggested answer: D

Question 118

Report
Export
Collapse

What happens when you assign an Entity Type to a Control Objective?

A.
An assessment is automatically generated to test each Entity listed in the Entity Type
A.
An assessment is automatically generated to test each Entity listed in the Entity Type
Answers
B.
A policy is created automatically for every Entity listed in the Entity Type
B.
A policy is created automatically for every Entity listed in the Entity Type
Answers
C.
A control is automatically generated for every Entity listed in the Entity Type
C.
A control is automatically generated for every Entity listed in the Entity Type
Answers
D.
The Entity Type presents a compliance score and controls tied to it
D.
The Entity Type presents a compliance score and controls tied to it
Answers
Suggested answer: C

Question 119

Report
Export
Collapse

What are some of the baseline tables commonly leveraged in Entity filters? (Choose three.)

A.
Company [core_company]
A.
Company [core_company]
Answers
B.
Services [cmdb_ci_service]
B.
Services [cmdb_ci_service]
Answers
C.
Location [cmn_location]
C.
Location [cmn_location]
Answers
D.
Risk [sn_risk_risk]
D.
Risk [sn_risk_risk]
Answers
E.
Audit Engagement [sn_audit_engagement]
E.
Audit Engagement [sn_audit_engagement]
Answers
Suggested answer: A, B, D

Question 120

Report
Export
Collapse

An external audit team needs to view all of your published policies and controls? Which role can you give the team members?

A.
sn_audit_manager
A.
sn_audit_manager
Answers
B.
sn_compliance_user
B.
sn_compliance_user
Answers
C.
sn_audit.external_auditor
C.
sn_audit.external_auditor
Answers
D.
sn_risk_user
D.
sn_risk_user
Answers
Suggested answer: C
Total 121 questions
Go to page: of 13
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms