ServiceNow Implementation Specialist
Vulnerability Response Exam UPDATED
ACTUAL QUESTIONS AND CORRECT
ANSWERS
With Vulnerability Response you can do the following: - CORRECT ANSWER •
Configure vulnerability groups, CI identifiers, notifications, and SLAs.
• Update your system from the vulnerability databases on demand or by running
userconfigured
scheduled jobs.
• Configure integrations to import data from internal and external sources.
If the Qualys Vulnerability Integration plugin is activated and configured, Vulnerability
Response can receive vulnerability data from the Qualys scanner in the form of
vulnerabilities and vulnerable items.
• Create changes, problems, and security incidents from vulnerability groups.
• Edit vulnerable items in bulk.
• View the library of Common Weakness Enumeration (CWE) records from the NVD to
understand how they relate to the Common Vulnerability and Exposure (CVE) records.
Knowledge articles associated with the CWEs are included for reference.
• Create and view reports.
The Vulnerability Response tasks provides which roles by default? - CORRECT
ANSWER a) sn_vul.admin
b) sn_vul.vulnerability_read
c) sn_vul.vulnerability_write
d) sn_vul.vr_import_admin
Common Vulnerability and Exposure — a dictionary of publicly known information-security
vulnerabilities and exposures. - CORRECT ANSWER CVE
, Common Vulnerability Scoring System — an open framework for communicating the
characteristics and severity of software vulnerabilities. - CORRECT ANSWER CVSS
Common Weakness Enumeration — a list of software vulnerabilities - CORRECT
ANSWER CWE
Software models used to help normalize the software you own by analyzing and classifying
models to reduce duplication. - CORRECT ANSWER Discovery Models
Calculators used to prioritize and categorize vulnerabilities based on user-defined criteria. -
CORRECT ANSWER Vulnerability calculators and calculator groups
Vulnerability groups and group rules - CORRECT ANSWER Used to group vulnerable
items based on vulnerability, vulnerable item conditions, or filter group.
Configure Vulnerability integrations - CORRECT ANSWER A process that pulls
report data from a thirdparty system, generally to retrieve vulnerability data.
Vulnerabilities - CORRECT ANSWER Records of potentially vulnerable software
downloaded from the National Institute of Standards and Technology (NIST) NVD or third
party integrations.
Vulnerable items - CORRECT ANSWER Pairings of vulnerable entries, downloaded
from the NIST NVD or third-party integrations, and potentially vulnerable configuration
items and software in your company network.
Vulnerability > Vulnerability Group - CORRECT ANSWER Lists all vulnerability
groups.
Vulnerability > Open - CORRECT ANSWER Lists all open vulnerability groups
Vulnerability Response Exam UPDATED
ACTUAL QUESTIONS AND CORRECT
ANSWERS
With Vulnerability Response you can do the following: - CORRECT ANSWER •
Configure vulnerability groups, CI identifiers, notifications, and SLAs.
• Update your system from the vulnerability databases on demand or by running
userconfigured
scheduled jobs.
• Configure integrations to import data from internal and external sources.
If the Qualys Vulnerability Integration plugin is activated and configured, Vulnerability
Response can receive vulnerability data from the Qualys scanner in the form of
vulnerabilities and vulnerable items.
• Create changes, problems, and security incidents from vulnerability groups.
• Edit vulnerable items in bulk.
• View the library of Common Weakness Enumeration (CWE) records from the NVD to
understand how they relate to the Common Vulnerability and Exposure (CVE) records.
Knowledge articles associated with the CWEs are included for reference.
• Create and view reports.
The Vulnerability Response tasks provides which roles by default? - CORRECT
ANSWER a) sn_vul.admin
b) sn_vul.vulnerability_read
c) sn_vul.vulnerability_write
d) sn_vul.vr_import_admin
Common Vulnerability and Exposure — a dictionary of publicly known information-security
vulnerabilities and exposures. - CORRECT ANSWER CVE
, Common Vulnerability Scoring System — an open framework for communicating the
characteristics and severity of software vulnerabilities. - CORRECT ANSWER CVSS
Common Weakness Enumeration — a list of software vulnerabilities - CORRECT
ANSWER CWE
Software models used to help normalize the software you own by analyzing and classifying
models to reduce duplication. - CORRECT ANSWER Discovery Models
Calculators used to prioritize and categorize vulnerabilities based on user-defined criteria. -
CORRECT ANSWER Vulnerability calculators and calculator groups
Vulnerability groups and group rules - CORRECT ANSWER Used to group vulnerable
items based on vulnerability, vulnerable item conditions, or filter group.
Configure Vulnerability integrations - CORRECT ANSWER A process that pulls
report data from a thirdparty system, generally to retrieve vulnerability data.
Vulnerabilities - CORRECT ANSWER Records of potentially vulnerable software
downloaded from the National Institute of Standards and Technology (NIST) NVD or third
party integrations.
Vulnerable items - CORRECT ANSWER Pairings of vulnerable entries, downloaded
from the NIST NVD or third-party integrations, and potentially vulnerable configuration
items and software in your company network.
Vulnerability > Vulnerability Group - CORRECT ANSWER Lists all vulnerability
groups.
Vulnerability > Open - CORRECT ANSWER Lists all open vulnerability groups
