ServiceNow CIS Vulnerability
Response
Are Change Requests made out of the Vulnerable Item or Vulnerable Group file? -
ANS-Vulnerability Group
Calculator rule advanced circumstance sorts (three) - ANS-Filter
Filter Group
Script
Common Vulnerabilities and Exposures (CVE) - ANS-A dictionary of publicly known security
vulnerabilities and exposures.
Common Vulnerabilities Scoring System (CVSS) - ANS-An open framework for speaking the
traits and severity of software vulnerabilities.
Common Weakness Enumeration (CWE) - ANS-A listing of software weaknesses.
Describe the function: sn_vul.Remediation_owner - ANS-- contained by way of itil function
- can write vulnerable items/organizations assigned to their companies
- can study inclined entries (NVD, Third Party)
- can read Solution facts
Describe the role: sn_vul.Vr_import_admin - ANS-- capable of run scheduled jobs
- position given to device consumer for integrations
Describe the role: sn_vul.Vulnerability_read - ANS-Permits visibility to the vulnerability utility
menu and modules, prone software, and vulnerable items
Describe the position: sn_vul.Vulnerability_write - ANS-Allow to create and update inclined
gadgets, vulnerability agencies, and so forth
How are Vulnerable Items grouped by using default? - ANS-Vulnerability (CVE)
How do you add a brand new NVD facts feed? - ANS-Vulnerability Response >
Administration > NVD Auto-Update
National Vulnerability Database (NVD) - ANS-Online repository of vulnerability control
statistics, protection checklists, safety related software program flaws, misconfigurations,
product names, and effect metrics.
National Vulnerability Database Entry - ANS-NIST (CVE) vulnerabilities imported from
third-birthday party.
, National Vulnerability Database Entry table - ANS-sn_vul_nvd_entry
Note: extends sn_vul_entry
OOB Vulnerability Dashboards (3) - ANS-Vulnerability Remediation
Vulnerability Management
Vulnerability Management (PA)
Patch Management - ANS-Process to manipulate the pushing of fixes or patches to
structures. Directly associated with Vulnerability Response.
Reporting: what are the records desires of Analysts? - ANS-Up-to-the-minute views
Clear prioritisations
Granularity
Reporting: what are the statistics desires of CIO/CISO? - ANS-High level overviews
Single, clear signs of organisational health and function
Reporting: what are the records wishes of Managers? - ANS-Aggregations for priority and
workload
Drill-down to granularity
Time period views
Roles in Vulnerability Response? (5) - ANS-sn_vul.Admin
sn_vul.Remediation_owner
sn_vul.Vr_import_admin
sn_vul.Vulnerability_read
sn_vul.Vulnerability_write
System Property that defines which CI classes to ignore while walking Security Operations
CMDB CI lookup guidelines? - ANS-sn_sec_cmn.IgnoreCIClass
System Property that specifies the Inbox to be used by vulnerability gear? -
ANS-sn_vul.Email_to
(default: empty)
System Property which determines whether or not a pop-up is displayed while creating a
Problem, Change, or Security Incident? - ANS-sn_vul_popup
(default: True)
System Property which determines whether or not an approval procedure is needed to
transport a prone item right into a terminal state? -
ANS-sn_vul.Vulnerable_item.Approval_required
(default: True)
System Property which determines whether or not to allow automobile introduction of
vulnerability businesses? - ANS-sn_vul.Autocreate_vul_centric_group
(default: True)
Response
Are Change Requests made out of the Vulnerable Item or Vulnerable Group file? -
ANS-Vulnerability Group
Calculator rule advanced circumstance sorts (three) - ANS-Filter
Filter Group
Script
Common Vulnerabilities and Exposures (CVE) - ANS-A dictionary of publicly known security
vulnerabilities and exposures.
Common Vulnerabilities Scoring System (CVSS) - ANS-An open framework for speaking the
traits and severity of software vulnerabilities.
Common Weakness Enumeration (CWE) - ANS-A listing of software weaknesses.
Describe the function: sn_vul.Remediation_owner - ANS-- contained by way of itil function
- can write vulnerable items/organizations assigned to their companies
- can study inclined entries (NVD, Third Party)
- can read Solution facts
Describe the role: sn_vul.Vr_import_admin - ANS-- capable of run scheduled jobs
- position given to device consumer for integrations
Describe the role: sn_vul.Vulnerability_read - ANS-Permits visibility to the vulnerability utility
menu and modules, prone software, and vulnerable items
Describe the position: sn_vul.Vulnerability_write - ANS-Allow to create and update inclined
gadgets, vulnerability agencies, and so forth
How are Vulnerable Items grouped by using default? - ANS-Vulnerability (CVE)
How do you add a brand new NVD facts feed? - ANS-Vulnerability Response >
Administration > NVD Auto-Update
National Vulnerability Database (NVD) - ANS-Online repository of vulnerability control
statistics, protection checklists, safety related software program flaws, misconfigurations,
product names, and effect metrics.
National Vulnerability Database Entry - ANS-NIST (CVE) vulnerabilities imported from
third-birthday party.
, National Vulnerability Database Entry table - ANS-sn_vul_nvd_entry
Note: extends sn_vul_entry
OOB Vulnerability Dashboards (3) - ANS-Vulnerability Remediation
Vulnerability Management
Vulnerability Management (PA)
Patch Management - ANS-Process to manipulate the pushing of fixes or patches to
structures. Directly associated with Vulnerability Response.
Reporting: what are the records desires of Analysts? - ANS-Up-to-the-minute views
Clear prioritisations
Granularity
Reporting: what are the statistics desires of CIO/CISO? - ANS-High level overviews
Single, clear signs of organisational health and function
Reporting: what are the records wishes of Managers? - ANS-Aggregations for priority and
workload
Drill-down to granularity
Time period views
Roles in Vulnerability Response? (5) - ANS-sn_vul.Admin
sn_vul.Remediation_owner
sn_vul.Vr_import_admin
sn_vul.Vulnerability_read
sn_vul.Vulnerability_write
System Property that defines which CI classes to ignore while walking Security Operations
CMDB CI lookup guidelines? - ANS-sn_sec_cmn.IgnoreCIClass
System Property that specifies the Inbox to be used by vulnerability gear? -
ANS-sn_vul.Email_to
(default: empty)
System Property which determines whether or not a pop-up is displayed while creating a
Problem, Change, or Security Incident? - ANS-sn_vul_popup
(default: True)
System Property which determines whether or not an approval procedure is needed to
transport a prone item right into a terminal state? -
ANS-sn_vul.Vulnerable_item.Approval_required
(default: True)
System Property which determines whether or not to allow automobile introduction of
vulnerability businesses? - ANS-sn_vul.Autocreate_vul_centric_group
(default: True)
