Service Now Implementation Specialist Vulnerability Response 41 Questions with Verified Answer,100% CORRECT

Document Content and Description Below

Service Now Implementation Specialist Vulnerability Response 41 Questions with Verified Answer With Vulnerability Response you can do the following: - CORRECT ANSWER • Configure vulnerability g ... roups, CI identifiers, notifications, and SLAs. • Update your system from the vulnerability databases on demand or by running userconfigured scheduled jobs. • Configure integrations to import data from internal and external sources. If the Qualys Vulnerability Integration plugin is activated and configured, Vulnerability Response can receive vulnerability data from the Qualys scanner in the form of vulnerabilities and vulnerable items. • Create changes, problems, and security incidents from vulnerability groups. • Edit vulnerable items in bulk. • View the library of Common Weakness Enumeration (CWE) records from the NVD to understand how they relate to the Common Vulnerability and Exposure (CVE) records. Knowledge articles associated with the CWEs are included for reference. • Create and view reports. The Vulnerability Response tasks provides which roles by default? - CORRECT ANSWER a) sn_vul.admin b) sn_vul.vulnerability_read c) sn_vul.vulnerability_write d) sn_vul.vr_import_admin Common Vulnerability and Exposure — a dictionary of publicly known information-security vulnerabilities and exposures. - CORRECT ANSWER CVE Common Vulnerability Scoring System — an open framework for communicating the characteristics and severity of software vulnerabilities. - CORRECT ANSWER CVSS Common Weakness Enumeration — a list of software vulnerabilities - CORRECT ANSWER CWE Software models used to help normalize the software you own by analyzing and classifying models to reduce duplication. - CORRECT ANSWER Discovery Models Calculators used to prioritize and categorize vulnerabilities based on user-defined criteria. - CORRECT ANSWER Vulnerability calculators and calculator groups Vulnerability groups and group rules - CORRECT ANSWER Used to group vulnerable items based on vulnerability, vulnerable item conditions, or filter group. Configure Vulnerability integrations - CORRECT ANSWER A process that pulls report data from a thirdparty system, generally to retrieve vulnerability data. Vulnerabilities - CORRECT ANSWER Records of potentially vulnerable software downloaded from the National Institute of Standards and Technology (NIST) NVD or third party integrations. Vulnerable items - CORRECT ANSWER Pairings of vulnerable entries, downloaded from the NIST NVD or third-party integrations, and potentially vulnerable configuration items and software in your company network. Vulnerability > Vulnerability Group - CORRECT ANSWER Lists all vulnerability groups. Vulnerability > Open - CORRECT ANSWER Lists all open vulnerability groups Vulnerability > Assigned to me - CORRECT ANSWER Lists all vulnerability groups assigned to you. sn_vul_qualys_host_id, sn_vul_qualys_id, , all of the above, none - CORRECT ANSWER When the Qualys Cloud Platform integration is installed, which the following rules are available sn_vul.vulnerability_admin - CORRECT ANSWER What role is required to define a VR email template? sn_vul.vulnerability_admin - CORRECT ANSWER What role is required to define a VR SLA? Asset Management module - CORRECT ANSWER You can compare vulnerability data to CIs and software identified as VR's? Software Asset Management Core Plugin [com.snc.sam.core] - CORRECT ANSWER Provides the base tables for software asset management. Includes software installations, usages, suite calculations, and discovery models. Security Support Orchestration [com.snc.secops.orchestration] - CORRECT ANSWER Provides an integration of Security Operations with Orchestration to allow the facilitation of workflow activities within Security Incident Response, Threat Intelligence, or Vulnerability Response. Vulnerability Response Support [com.snc.security_support.vul] - CORRECT ANSWER Provides support functionality for use within the Vulnerability Response application. 1) Manually 2) Automatically - CORRECT ANSWER How can you create vulnerability groups? Manually, using one of three options, to add vulnerable items to the group. 1) Add vulnerable items to the group by hand. 2) Use a Condition filter that automatically adds vulnerable items to the vulnerability group. 3) Use a Filter group that automatically adds vulnerable items to the vulnerability group. Note: Manually added vulnerable items are not automatically removed from vulnerability groups by vulnerability group rules or group conditions. - CORRECT ANSWER How can you manually create vulnerability groups? True - CORRECT ANSWER T/F - vulnerable item refresh automation applies only to groups created using the Condition filter, Filter group, or vulnerability group rules. If the VIs are added manually, automation does not apply. True - CORRECT ANSWER T/F - If you want vulnerable items to continue being added to the group, regardless of state, disable the Set auto refresh vulnerable items business rule. True - CORRECT ANSWER T/F - If a group is created by a vulnerable group rule, the Refresh associated vulnerable items, on the Vulnerability Group page is hidden. If the group filter type is condition or filter group, then it appears. True - CORRECT ANSWER T/F - Manually created Vulnerability Groups using Condition or Filter Group filter types are refreshed once an hour. True - CORRECT ANSWER T/F - The following process is used for each new or reopened VI: For each vulnerability group rule, the VI is compared to the VGR filter. For each rule where the VGR condition matches, the rule pulls the data from the group key columns on the VI. It builds a group name and key (in this case, High priority: QID-32342: Accounting: Joan Doe - VGR Name, vulnerability name, department, and manager), to see if there is a matching Open vulnerability group. If the group is found, the VI is added to the existing group in the Open state. If no group in the Open state is found, then it creates a High priority: QID-32342: Accounting: Joan Doe group and places the VI in it Add users to the Vulnerability Response group - CORRECT ANSWER When the Request Review feature is used to ignore or close a vulnerable item without requiring a scan, the Vulnerability Response group is notified to approve or reject the request. You can assign the appropriate users. Create a Vulnerability Response group - CORRECT ANSWER Creating a vulnerability group manually is done when you want to group vulnerable items by something other than by the Vulnerability Group Rules criteria. For example, you can create groups for a particular single manager, or for active, new exploits, such as ransomware, that include different vulnerabilities. Create vulnerability group rules - CORRECT ANSWER You can create rules to automatically group vulnerable items based on filter conditions. Before you begin - Role required: admin Procedure - Navigate to User Administration > Groups. Open the Vulnerability Response group. Click the Group Members related list and add the appropriate members to the group. - CORRECT ANSWER How to Add users to the Vulnerability Response group ? Before you begin Role required: sn_vuln.admin If the system property (sn_vul.autocreate_vul_centric_group) is set to true, each vulnerability entry with a vulnerable item creates a group associated with it. If it is set to false, you create groups manually as follows. Procedure Navigate to Vulnerability > Vulnerabilities > Vulnerability Groups. Click New. Fill in the fields on the form, as appropriate. - CORRECT ANSWER How to Create a Vulnerability Response group Groups that come with VR plugin - CORRECT ANSWER Vulnerability Response Which Configuration Compliance administrator role is able to modify application property and configuration. - CORRECT ANSWER sn_vulc.admin Security Incident Vulnerability Read role can see the vulnerable module section and vulnerable softwares - CORRECT ANSWER sn_vul.vulnerability_read Vulnerability administrator is able to modify application property and configuration - CORRECT ANSWER sn_vul.admin VR System import administrator is able to run scheduled job - CORRECT ANSWER sn_vul.vr_import_admin Security Incident Vulnerability Write role can see and edit the vulnerable module section and vulnerable softwares - CORRECT ANSWER sn_vul.vulnerability_write Which roles come with Qualys integration - CORRECT ANSWER - sn_vul_qualys.admin - sn_vul_qualys.read - sn_vul_qualys.user Which role comes with Configuration Compliance - CORRECT ANSWER - sn_vulc.admin - sn_vulc.read - sn_vulc.write [Show More]

Last updated: 2 years ago

Preview 1 out of 6 pages