Visit here for our full ServiceNow CSA exam dumps and practice test questions.
Question 1
An administrator needs to restrict access to a table so that only users with a specific role can view records. Which of the following should be configured?
A) Access Control List (ACL)
B) Business Rule
C) Client Script
D) UI Policy
Answer: A
Explanation:
Access control in ServiceNow determines who can view, create, update, or delete records in the platform. Different mechanisms control access at various levels, from table-level permissions to field-level restrictions. Understanding which mechanism enforces read access restrictions is fundamental to ServiceNow security administration.
Access Control Lists (ACLs) provide the correct mechanism for restricting table access based on user roles because ACLs are security rules that control access to data and features within ServiceNow. ACLs define permissions at multiple levels including table-level access controlling create, read, write, and delete operations, field-level access restricting visibility or modification of specific fields, and record-level access providing conditional restrictions based on record values. For restricting table view access to specific roles, administrators create an ACL rule targeting the table with read operation, specifying required roles in the ACL configuration. When users attempt to access table records, ServiceNow evaluates applicable ACLs to determine whether the user possesses required roles. ACLs provide the security foundation for ServiceNow, enforcing permissions before data reaches the user interface. They override other access mechanisms and provide the most secure method for access control. ACL evaluation occurs server-side, preventing unauthorized data access regardless of client-side configurations.
B is incorrect because Business Rules execute server-side logic when database operations occur but don’t control user access to data; they perform actions like data validation, calculations, or workflow automation. C is incorrect because Client Scripts execute in the user’s browser to control form behavior and validation but don’t enforce server-side access restrictions; they can be bypassed by direct API access. D is incorrect because UI Policies control field visibility, mandatory status, and read-only behavior on forms based on conditions but don’t provide security enforcement; they’re presentation-layer controls rather than access controls.
Question 2
A system administrator needs to automatically assign incidents to appropriate groups based on the category field. Which ServiceNow feature should be used?
A) Assignment Rules
B) Business Rules
C) Data Policies
D) Workflow Activities
Answer: A
Explanation:
Automatic record assignment in ServiceNow routes work items to appropriate teams or individuals based on various criteria, improving efficiency and ensuring proper workload distribution. Different features provide automation capabilities, but specific mechanisms are designed for assignment logic that considers multiple conditions and criteria to determine the appropriate assignee or group.
Assignment Rules provide the correct feature for automatically assigning incidents to groups based on category because they’re specifically designed for routing work items to appropriate teams or users. Assignment Rules evaluate conditions against record field values and assign records to groups or users when conditions match. For incident assignment based on category, administrators create Assignment Rules specifying conditions like category equals specific values, then defining the target assignment group for matching records. Assignment Rules support multiple conditions, priority ordering when multiple rules match, and can assign to both groups and individual users. They execute automatically when records are created or updated, providing real-time assignment without requiring separate workflow or scripting. Assignment Rules integrate with other ServiceNow features like workload balancing to distribute assignments evenly across team members. The rules provide a configuration-based approach to assignment logic, allowing non-developers to create and maintain assignment criteria without scripting knowledge.
B is incorrect because while Business Rules can perform assignment through scripting, they require custom code whereas Assignment Rules provide declarative configuration specifically designed for assignment logic. C is incorrect because Data Policies enforce data quality by making fields mandatory or read-only based on conditions but don’t perform record assignment. D is incorrect because Workflow Activities provide process orchestration capabilities that could include assignment steps, but workflows are more complex and heavyweight than Assignment Rules for simple assignment scenarios.
Question 3
An administrator wants to prevent users from submitting a form unless a specific field is populated. Which feature should be configured?
A) UI Policy
B) Data Policy
C) Client Script
D) Business Rule
Answer: B
Explanation:
Data validation in ServiceNow ensures users provide required information before submitting records, maintaining data quality and supporting downstream processes that depend on complete information. Different validation mechanisms operate at various layers of the platform, with some enforcing requirements at the UI level while others provide server-side enforcement that cannot be bypassed.
Data Policies provide the correct feature for preventing form submission without required field population because they enforce mandatory field requirements at the server level regardless of how data enters ServiceNow. Data Policies make fields mandatory or read-only based on conditions, enforcing these requirements when users submit forms, when API calls attempt to create or update records, and when import sets load data. This comprehensive enforcement ensures data quality regardless of entry method. Data Policies evaluate conditions to determine when to apply requirements, allowing dynamic mandatory fields based on record values. For example, making a field mandatory only when specific categories are selected. The server-side enforcement of Data Policies prevents bypassing requirements through API access, integration calls, or browser manipulation. Data Policies display clear error messages indicating which required fields are missing, guiding users to provide necessary information. They provide the most reliable mechanism for ensuring critical data is captured.
A is incorrect because UI Policies control field behavior on forms including mandatory status, but they’re client-side controls that can be bypassed through API access or direct database manipulation; they provide user experience improvements rather than security enforcement. C is incorrect because Client Scripts provide client-side validation that can prevent form submission but can be bypassed by users disabling JavaScript or accessing records through APIs. D is incorrect because Business Rules execute after database operations and can validate data, but they operate after submission rather than preventing it; they can abort transactions but provide a less user-friendly experience than pre-submission validation.
Question 4
A company wants to track the total time an incident has been in the “In Progress” state. Which type of field should be added to the incident table?
A) Duration field
B) Date/Time field
C) Integer field
D) Timer field
Answer: D
Explanation:
ServiceNow provides specialized field types designed for specific data tracking purposes. Understanding which field type automatically calculates and tracks time spent in specific states helps administrators implement business requirements without custom scripting or manual calculations.
Timer fields provide the correct field type for tracking time in specific states because they automatically calculate duration based on start and stop conditions tied to state changes. Timer fields are specifically designed for measuring time intervals where conditions define when timing starts and stops. For tracking incident “In Progress” time, administrators configure a timer field with a start condition triggering when state changes to “In Progress” and a stop condition triggering when state changes to any other value. The timer automatically accumulates time across multiple entries into the tracked state, so if an incident enters and exits “In Progress” multiple times, the timer captures total accumulated time. Timer fields pause when stop conditions are met and resume when start conditions occur again, providing accurate tracking regardless of workflow complexity. They display in user-friendly formats showing days, hours, and minutes. Timer fields also support calculations like SLA tracking and reporting on time spent in various states. The automatic calculation eliminates manual tracking and ensures accuracy.
A is incorrect because Duration fields calculate time between two specific date/time fields but don’t automatically track state-based timing; they require explicitly setting start and end times rather than automatically responding to state changes. B is incorrect because Date/Time fields store specific points in time but don’t calculate durations or respond to state changes; they would require manual updates or scripting to track state timing. C is incorrect because Integer fields store numbers but don’t provide any automatic time tracking functionality; they would require extensive scripting to implement state-based duration calculations.
Question 5
An administrator needs to create a custom field that appears on multiple forms but should only be editable by users with the admin role. What is the BEST approach?
A) Create the field with a write ACL requiring the admin role
B) Use UI Policies to make the field read-only for non-admin users
C) Create a Business Rule to prevent updates by non-admin users
D) Use Client Scripts to disable the field for non-admin users
Answer: A
Explanation:
Field-level security in ServiceNow controls who can view or modify specific fields, providing granular access control beyond table-level permissions. Different mechanisms can restrict field editing, but the most secure and appropriate method depends on whether restrictions should be enforced at the security layer or the presentation layer.
Creating the field with a write ACL requiring the admin role provides the best approach because ACLs enforce security at the database level, preventing unauthorized modifications regardless of how users attempt to update the field. Write ACLs control who can modify field values, evaluating user roles before allowing updates. When a write ACL requires the admin role, only users with that role can change the field value through any method including forms, APIs, scripts, or import sets. This comprehensive protection ensures security cannot be bypassed. ACLs provide consistent enforcement across all access methods, eliminating vulnerabilities from client-side bypasses. They also support conditional logic allowing different users to edit fields under specific circumstances. For fields appearing on multiple forms, a single write ACL applies across all contexts, providing consistent behavior without configuration duplication. ACLs generate appropriate error messages when unauthorized users attempt modifications, clearly communicating security restrictions.
B is incorrect because UI Policies control field presentation on forms but don’t enforce security; they’re client-side controls that can be bypassed through API access, making them appropriate for user experience but not security enforcement. C is incorrect because Business Rules execute after database operations and can prevent updates but provide less elegant user experience than preventing editing through ACLs; they also require scripting versus ACL configuration. D is incorrect because Client Scripts disable fields in the browser but can be bypassed by users manipulating JavaScript or accessing records through APIs, providing no real security enforcement.
Question 6
An organization wants to receive email notifications when high-priority incidents are created. Which ServiceNow feature should be configured?
A) Email Notification
B) Business Rule
C) Event Registration
D) Workflow
Answer: A
Explanation:
ServiceNow notification capabilities inform users about important events, updates, or actions requiring attention. Different notification mechanisms serve various purposes, from simple email alerts to complex multi-step communication workflows. Understanding which feature provides straightforward email notifications for record events helps administrators implement timely communications efficiently.
Email Notifications provide the correct feature for sending emails when high-priority incidents are created because they’re specifically designed for triggered email communications based on record events. Email Notifications define when emails should be sent through conditions evaluated against record data, who should receive emails through recipient specifications, and what content appears in emails through templates supporting dynamic content. For high-priority incident notifications, administrators create a notification with conditions checking incident priority equals high and event type equals record insert, specify recipients such as manager groups or specific users, and customize email content to include relevant incident details. Email Notifications support advanced features including scheduled digests grouping multiple events, subscription mechanisms allowing users to opt in or out, and variable substitution inserting record data into email content. They integrate with ServiceNow’s notification engine providing reliable delivery, retry logic for failures, and delivery tracking. Email Notifications provide declarative configuration without requiring scripting for common notification scenarios.
B is incorrect because while Business Rules can send emails through scripting, they require custom code whereas Email Notifications provide configuration-based notification creation specifically designed for this purpose. C is incorrect because Event Registrations define how the system responds to events but don’t directly send emails; they can trigger notifications but represent a more complex pattern than necessary. D is incorrect because Workflows orchestrate multi-step processes and can include notification activities, but they’re unnecessary complexity for simple email alerts; workflows are better suited for complex approval or task sequences.
Question 7
A system administrator needs to modify the priority field to display different values based on the incident category. Which feature provides this capability?
A) Choice Lists
B) UI Policy
C) Dictionary Override
D) Dynamic Choice List
Answer: D
Explanation:
Choice lists in ServiceNow define dropdown values available for selection in fields, providing controlled vocabularies that ensure data consistency. Some scenarios require choice list values to change based on other field values or record context, displaying only relevant options rather than all possible choices. Understanding which feature enables dynamic choice list behavior helps administrators create intuitive forms that guide users to appropriate selections.
Dynamic Choice Lists provide the capability to modify available field values based on other field selections because they filter choice options dynamically based on reference qualifiers or scripts. Dynamic Choice Lists use dependent value configurations where one field’s selection determines another field’s available options. For modifying priority values based on incident category, administrators configure the priority field’s choice list to filter based on category selection, defining which priority values are valid for each category. This implementation uses reference qualifiers when choices come from reference fields or choice list scripts for custom logic determining available options. Dynamic filtering ensures users only see relevant choices, reducing selection errors and enforcing business rules about valid combinations. The filtering occurs client-side providing immediate response as users change dependent fields. Dynamic Choice Lists support complex scenarios with multiple dependency levels where choices cascade through several fields.
A is incorrect because Choice Lists define the complete set of possible values for a field but don’t inherently provide dynamic filtering based on other fields; they represent static value sets. B is incorrect because UI Policies control field visibility, mandatory status, and read-only behavior but don’t modify the available choices in dropdown fields. C is incorrect because Dictionary Overrides allow customizing field properties in extended tables but don’t provide dynamic choice list filtering capabilities.
Question 8
An administrator wants to prevent deletion of incident records that are in the “Closed” state. What is the BEST method to implement this control?
A) Create a delete ACL with a condition checking the state
B) Create a Business Rule that prevents deletion of closed incidents
C) Use a UI Action to hide the delete button for closed incidents
D) Create a Data Policy preventing deletion
Answer: A
Explanation:
Record deletion controls in ServiceNow prevent users from removing important data, maintaining audit trails and supporting compliance requirements. Different mechanisms can restrict deletion, but the most appropriate method depends on whether restrictions should enforce security policy or implement business logic.
Creating a delete ACL with a condition checking the state provides the best method because ACLs enforce security restrictions at the database level, preventing record deletion through any access method including UI, API, web services, or scripts. Delete ACLs evaluate before deletion operations occur, checking conditions such as record state and user roles to determine whether deletion is permitted. For preventing closed incident deletion, administrators create a delete ACL on the incident table with a script condition checking if the state is closed, returning false to deny deletion. This security-layer enforcement cannot be bypassed by client-side manipulation or API calls. ACLs provide appropriate error messages when deletion is denied, informing users why the operation failed. Conditional ACLs allow sophisticated logic where deletion permissions vary based on record values, user roles, or other factors. The server-side enforcement ensures consistent application of deletion restrictions regardless of how users attempt to delete records.
B is incorrect because Business Rules execute during database operations and can prevent deletion, but ACLs are the appropriate security mechanism for access control; Business Rules are better suited for workflow logic rather than security enforcement. C is incorrect because UI Actions control button visibility but don’t prevent deletion if users access records through other methods like APIs; hiding buttons provides usability improvements not security. D is incorrect because Data Policies enforce field requirements and read-only status but don’t control record deletion; they operate on field-level requirements not record-level operations.
Question 9
A company needs to automatically escalate priority 1 incidents that have been open for more than 4 hours. Which ServiceNow functionality should be used?
A) Service Level Agreement (SLA)
B) Business Rule
C) Scheduled Job
D) Event Management
Answer: A
Explanation:
Time-based automation in ServiceNow ensures timely attention to critical work items by triggering actions when work exceeds acceptable time thresholds. Different features provide time-tracking and automation capabilities, but specific functionality is designed for measuring service delivery times and triggering escalations when commitments are at risk.
Service Level Agreements (SLAs) provide the correct functionality for automatically escalating priority 1 incidents after 4 hours because SLAs track time commitments and trigger actions at specified intervals. SLAs consist of definitions specifying which records they apply to through conditions, target durations defining time commitments, stages marking intermediate milestones before breach, and workflows executing when stages are reached or SLAs breach. For 4-hour escalation of priority 1 incidents, administrators create an SLA with a condition targeting priority 1 incidents, a 4-hour duration, and a workflow or escalation action executing when the SLA reaches critical stage or breaches. SLAs automatically calculate time remaining, pause timing based on schedule configurations such as excluding non-business hours, and resume timing when conditions change. They provide visual indicators on forms showing SLA status and time remaining, dashboard visibility for management oversight, and reporting on SLA compliance. SLAs handle complex scenarios including multiple concurrent SLAs, schedule-based calculation, and retroactive application to existing records.
B is incorrect because Business Rules execute when database operations occur but don’t provide time-based triggering; they would require complex date checking logic and wouldn’t automatically run after specific intervals. C is incorrect because Scheduled Jobs run at fixed intervals and could check for escalation conditions, but they’re inefficient for time-based record processing and require custom scripting versus SLA configuration. D is incorrect because Event Management processes monitoring events and incidents from infrastructure, not time-based escalation of existing incident records.
Question 10
An administrator needs to create a report showing the number of incidents by priority and category. Which ServiceNow feature should be used?
A) Report Designer
B) Performance Analytics
C) Dashboard
D) List View
Answer: A
Explanation:
Reporting capabilities in ServiceNow provide insights into data through visualizations, aggregations, and trends. Different features serve various reporting needs from simple data displays to complex analytics with indicators and benchmarks. Understanding which feature creates basic reports with groupings and aggregations helps administrators deliver information to stakeholders efficiently.
Report Designer provides the correct feature for creating reports showing incident counts by priority and category because it’s specifically designed for building reports with groupings, aggregations, and visualizations. Report Designer allows selecting source tables, defining filters to limit data, choosing fields for grouping and aggregation, and selecting chart types for visualization. For incident counts by priority and category, administrators create a report using the incident table, group by priority and category fields, count records in each grouping, and select appropriate chart types like bar charts or pivot tables. Report Designer supports various aggregation functions including count, sum, average, minimum, and maximum. Reports can be saved, shared with other users, and scheduled for automatic generation and distribution. They integrate with dashboards for consolidated viewing of multiple reports. Report Designer provides an intuitive interface allowing non-technical users to create reports without scripting knowledge.
B is incorrect because Performance Analytics provides advanced analytics with time-series data, indicators, breakdowns, and benchmarking, representing more sophisticated functionality than needed for basic grouping reports. C is incorrect because Dashboards display multiple reports and widgets but don’t create the underlying reports; they’re containers for organizing and presenting existing reports. D is incorrect because List Views display tabular record data with filtering and sorting but don’t provide grouping, aggregation, or visualization capabilities needed for summary reports.
Question 11
A system administrator needs to ensure that certain fields are visible only when specific conditions are met. Which feature should be configured?
A) UI Policy
B) ACL
C) Data Policy
D) Client Script
Answer: A
Explanation:
Dynamic form behavior in ServiceNow adapts the user interface based on record values or conditions, showing relevant fields while hiding unnecessary ones. This improves user experience by simplifying forms and guiding users through appropriate data entry. Different features control form behavior, but specific functionality is designed for declarative configuration of conditional field visibility and properties.
UI Policies provide the correct feature for controlling field visibility based on conditions because they’re specifically designed to dynamically show or hide fields, make fields mandatory or optional, and set fields to read-only based on conditions evaluated against form data. UI Policies consist of conditions defining when the policy applies, such as category equals specific value, and actions specifying field behavior changes like making fields visible, mandatory, or read-only. For showing fields only under specific conditions, administrators create UI Policies with conditions matching the required scenario and actions setting target fields to visible when conditions are met. UI Policies execute client-side providing immediate response as users change form values without server round trips. They support complex conditions with multiple criteria and can affect multiple fields through single policies. UI Policies enhance user experience by presenting relevant fields while hiding irrelevant ones, reducing form complexity and focusing users on appropriate information for their context.
B is incorrect because ACLs control security permissions for reading or writing data but don’t dynamically show or hide fields based on form values; they enforce access control not presentation logic. C is incorrect because Data Policies enforce field requirements like mandatory status but don’t control field visibility; they validate data quality rather than managing form presentation. D is incorrect because while Client Scripts can control field visibility through scripting, UI Policies provide declarative configuration for this common requirement without coding, representing the preferred approach.
Question 12
An organization wants to track and manage problems identified from recurring incidents. Which ITIL process module should be implemented?
A) Incident Management
B) Problem Management
C) Change Management
D) Knowledge Management
Answer: B
Explanation:
IT Service Management processes in ServiceNow support ITIL framework implementation, providing structured approaches to service delivery and support. Different processes address different aspects of IT operations, from handling service disruptions to improving service quality through root cause analysis and prevention.
Problem Management provides the correct ITIL process module for tracking and managing problems from recurring incidents because it’s specifically designed to identify and eliminate root causes of multiple related incidents. Problem Management distinguishes between symptoms (incidents) and underlying causes (problems), focusing on permanent solutions that prevent recurrence. The module supports problem identification through analysis of incident patterns, problem investigation to determine root causes, workaround documentation providing temporary relief, known error registration when causes are identified but solutions aren’t yet implemented, and permanent resolution through change implementation. Problem Management links related incidents to problems, showing relationships and impact. The process reduces incident volume by addressing root causes, improves service quality by eliminating underlying issues, and captures knowledge about problems and solutions. ServiceNow’s Problem Management module includes problem records with fields for root cause analysis, related incident tracking, workaround documentation, and links to changes implementing solutions. It integrates with Incident Management for problem identification and Change Management for solution implementation.
A is incorrect because Incident Management focuses on restoring normal service as quickly as possible after disruptions, handling symptoms rather than identifying and eliminating root causes. C is incorrect because Change Management controls the lifecycle of changes to IT infrastructure but doesn’t identify problems from incident patterns or perform root cause analysis. D is incorrect because Knowledge Management captures and shares organizational knowledge but doesn’t specifically address problem identification, tracking, and resolution through root cause analysis.
Question 13
An administrator needs to import user data from a CSV file into the user table. Which ServiceNow feature should be used?
A) Import Sets
B) Data Source
C) Update Sets
D) Transform Maps
Answer: A
Explanation:
Data import capabilities in ServiceNow enable loading data from external sources into platform tables, supporting migrations, integrations, and batch updates. The import process involves multiple components working together, but understanding which feature initiates and manages the overall import process helps administrators execute data loads successfully.
Import Sets provide the correct feature for importing user data from CSV files because they serve as the entry point and staging area for external data loads. Import Sets create temporary staging tables receiving raw data from various sources including CSV files, Excel spreadsheets, JDBC connections, and web services. The import process begins by creating or selecting an import set table matching the structure of incoming data, uploading or retrieving data from the source, and then transforming staged data into target tables through transform maps. Import Sets preserve original source data allowing multiple transformation attempts if needed, provide error handling and validation before data reaches target tables, and maintain audit trails showing what data was imported and when. For importing users from CSV, administrators create an import set to receive user data, upload the CSV file which populates the staging table, and then run transforms to move data from staging to the user table with appropriate field mappings and data transformations. Import Sets support automated scheduled imports for recurring data loads and manual one-time imports for migrations.
B is incorrect because Data Sources define connections to external systems for pulling data but don’t handle the actual import process; they’re configuration for where data comes from rather than the import mechanism. C is incorrect because Update Sets capture configuration changes for moving between instances but don’t import data records; they handle application configuration not data migration. D is incorrect because Transform Maps define how staging table data maps to target tables but don’t initiate imports; they’re part of the import process but not the starting point.
Question 14
A company needs to ensure that when a user’s department changes, their assignment group memberships are automatically updated. Which feature should be configured?
A) Business Rule
B) Data Policy
C) Workflow
D) Assignment Rule
Answer: A
Explanation:
Automation in ServiceNow maintains data consistency and reduces manual administrative overhead by automatically executing logic when data changes occur. Different automation features serve various purposes, from validating data to orchestrating complex processes. Understanding which feature executes custom logic in response to database events helps administrators implement automated data maintenance.
Business Rules provide the correct feature for automatically updating assignment group memberships when user departments change because they execute server-side scripts in response to database operations on records. Business Rules trigger based on events including before or after insert, update, delete, or query operations, evaluate conditions determining whether to execute, and run scripts performing desired actions like updating related records or calling APIs. For maintaining assignment group memberships based on department changes, administrators create a Business Rule on the user table triggering on update when department field changes, with script logic removing the user from old department groups and adding them to new department groups. Business Rules execute reliably on the server regardless of how data changes occur, whether through UI forms, API calls, import sets, or integration. They provide access to current and previous field values enabling detection of specific changes. Business Rules support async execution for long-running operations, preventing user interface delays.
B is incorrect because Data Policies enforce field requirements and read-only status but don’t execute custom logic or update related records; they validate data rather than perform actions. C is incorrect because Workflows orchestrate multi-step processes with approvals and tasks but represent heavyweight solutions inappropriate for simple automatic updates; they’re better for human-interactive processes. D is incorrect because Assignment Rules route work items to groups or users but don’t maintain group memberships based on user attribute changes; they assign records not update user relationships.
Question 15
An administrator wants to create a custom application accessible only to users with a specific role. What should be configured?
A) Application Menu ACL
B) Module ACL
C) Application Properties
D) User Role Assignment
Answer: B
Explanation:
Application navigation in ServiceNow organizes functionality into applications and modules, providing structured access to platform features. Securing navigation ensures users only see applications and menus relevant to their roles, reducing clutter and preventing access to inappropriate functionality. Different security mechanisms control various aspects of application access, with specific controls governing menu visibility.
Module ACLs provide the correct configuration for restricting custom application access to specific roles because modules represent individual menu items within applications, and ACLs control who can see and access those modules. Module ACLs evaluate user roles before displaying menu items in the application navigator, hiding modules users don’t have permission to access. For custom applications accessible only to specific roles, administrators create ACLs on application modules specifying required roles in the ACL configuration. When users lack required roles, the application and its modules don’t appear in their navigator, providing clean role-based menu presentation. Module ACLs support complex conditions beyond simple role checking, allowing visibility based on user properties, system settings, or custom scripts. They provide security at the navigation level, preventing unauthorized users from even seeing options they shouldn’t access. Module ACLs work in conjunction with table and field ACLs providing defense-in-depth where navigation controls prevent access attempts and data ACLs enforce permissions if navigation is bypassed.
A is incorrect because while Application Menu access can be controlled, Module ACLs provide the specific mechanism for restricting individual application menu items; applications contain multiple modules each requiring separate access control. C is incorrect because Application Properties configure application behavior and appearance but don’t control role-based access to the application. D is incorrect because User Role Assignment determines which roles users possess but doesn’t restrict application access; roles are assigned to users, then ACLs evaluate those roles to control access.
Question 16
A system administrator needs to create a field that automatically calculates the number of days between the incident opened and resolved dates. Which field type should be used?
A) Duration field
B) Script field
C) Calculated field
D) Date field
Answer: A
Explanation:
Calculated values in ServiceNow derive from other field values through formulas or scripts, eliminating manual calculation and ensuring consistency. Different field types provide calculation capabilities with varying levels of complexity and performance characteristics. Understanding which field type efficiently calculates time intervals between dates helps administrators implement requirements without unnecessary scripting.
Duration fields provide the correct field type for automatically calculating days between opened and resolved dates because they’re specifically designed to calculate time intervals between two date/time fields. Duration fields accept start and end date references and automatically compute the difference, displaying results in readable formats like days, hours, and minutes. For calculating incident resolution time, administrators create a duration field specifying the opened date as start and resolved date as end, and the system automatically maintains the calculation. Duration fields update automatically when referenced date fields change, ensuring calculated values stay current. They support various duration formats from seconds to days and handle timezone conversions appropriately. Duration fields provide better performance than script-based calculations because they use database-level computation rather than executing scripts. They also provide consistent calculation logic ensuring all records use identical time difference algorithms. Duration fields integrate with reporting allowing aggregation and analysis of time intervals across records.
B is incorrect because Script fields execute custom scripts to calculate values but require coding and have performance implications from script execution on every field access; they’re appropriate for complex calculations but overkill for simple date differences. C is incorrect because while the concept describes calculated values, ServiceNow doesn’t have a generic “Calculated” field type; duration fields specifically implement date difference calculations. D is incorrect because Date fields store single date/time values but don’t automatically calculate differences between dates; they would require additional fields or scripts to perform calculations.
Question 17
An organization needs to receive notifications when changes are made to configuration items in the CMDB. Which feature should be implemented?
A) Event Registration
B) Business Rule
C) CMDB Query Builder
D) Email Notification with table subscriptions
Answer: D
Explanation:
Change monitoring in ServiceNow enables stakeholders to stay informed about updates to important records, supporting oversight and enabling timely responses to modifications. Different notification mechanisms serve various purposes, with some designed specifically for subscribing to record changes within specific conditions.
Email Notifications with table subscriptions provide the correct feature for receiving notifications about CMDB configuration item changes because they allow users to subscribe to tables and receive emails when records matching specified conditions are inserted, updated, or deleted. Table subscriptions enable individuals to monitor records of interest without requiring administrator configuration for each person’s preferences. For CMDB change notifications, users or administrators create subscriptions to configuration item tables specifying conditions like CI type, assignment group, or location, and selecting trigger events such as updates to specific fields. When subscribed events occur, ServiceNow automatically sends emails to subscribers with details about what changed including old and new values for modified fields. Subscriptions provide personalized monitoring where different users receive notifications about different subsets of records based on their interests. They support digest mode grouping multiple changes into periodic emails rather than individual messages for each change. Table subscriptions empower users to monitor data relevant to them without administrator intervention for each subscription.
A is incorrect because Event Registrations define system responses to events but don’t directly notify users; they trigger workflows or scripts when events occur, representing infrastructure for event processing rather than end-user notification. B is incorrect because Business Rules can send notifications through scripting but require custom code for each notification scenario, whereas table subscriptions provide user-configurable monitoring without scripting. C is incorrect because CMDB Query Builder helps find related configuration items based on relationships but doesn’t provide change notification capabilities; it’s a query tool not a monitoring feature.
Question 18
An administrator needs to prevent users from modifying closed change requests. What is the BEST approach?
A) Create a Business Rule that prevents updates to closed changes
B) Use a UI Policy to make all fields read-only when state is closed
C) Create write ACLs on change table fields checking for closed state
D) Use a Data Policy to make fields read-only when closed
Answer: C
Explanation:
Record modification controls in ServiceNow prevent inappropriate changes to records in specific states, maintaining data integrity and supporting compliance requirements. Different mechanisms can restrict modifications with varying levels of security and flexibility. Understanding which approach provides comprehensive protection that cannot be bypassed helps administrators implement reliable controls.
Creating write ACLs on change table fields checking for closed state provides the best approach because ACLs enforce security at the database level, preventing field modifications through any access method including forms, APIs, integrations, or scripts. Write ACLs evaluate before allowing field updates, checking conditions such as record state and user roles. For preventing closed change modifications, administrators create write ACLs on change table fields with script conditions checking if the state is closed, returning false to deny updates for closed changes. This security-layer enforcement applies regardless of how users attempt modifications, providing comprehensive protection. ACLs allow exceptions for specific roles like administrators who might need to update closed records under certain circumstances, supporting business needs while maintaining general restrictions. The server-side enforcement prevents bypassing through client-side manipulation. ACLs generate appropriate error messages when update attempts are denied, informing users why modifications aren’t permitted.
A is incorrect because while Business Rules can prevent updates through scripting, ACLs represent the appropriate security mechanism for access control; Business Rules are better suited for workflow logic and data validation rather than security enforcement. B is incorrect because UI Policies control form presentation but can be bypassed through API access or direct database updates; they provide user experience improvements not security enforcement. D is incorrect because Data Policies enforce field requirements like mandatory status but don’t provide conditional read-only controls based on record state; they operate at a different layer focused on data quality rather than state-based modification restrictions.
Question 19
A company wants to track all configuration items and their relationships in a structured way. Which ServiceNow component should be used?
A) Configuration Management Database (CMDB)
B) Asset Management
C) Service Catalog
D) Configuration Item Registry
Answer: A
Explanation:
Infrastructure and service component tracking in ServiceNow requires structured repositories that maintain not just item information but also relationships between components. Understanding how components depend on and connect to each other enables impact analysis, change planning, and incident troubleshooting. The platform provides specific components designed for maintaining this complex web of relationships.
The Configuration Management Database (CMDB) provides the correct component for tracking configuration items and their relationships because it’s specifically designed as a centralized repository maintaining information about IT components and their interdependencies. The CMDB stores configuration items representing hardware, software, network devices, applications, services, and other components, along with relationships showing how CIs connect such as runs-on relationships between applications and servers, depends-on relationships between services, or connects-to relationships between network devices. The CMDB supports impact analysis showing what might be affected by changes or incidents, relationship visualization through graphical maps displaying component connections, and service mapping illustrating how business services depend on underlying infrastructure. CMDB data enables informed decision-making about changes by revealing potential impacts, aids incident troubleshooting by showing related components, and supports capacity planning through infrastructure visibility. The CMDB integrates with discovery tools for automatic population, service mapping for application dependency discovery, and event management for correlation. It provides CMDB Health dashboards monitoring data quality and completeness. The CMDB represents the foundation for mature ITSM practices, enabling organizations to understand their IT environments holistically rather than viewing components in isolation.
B is incorrect because Asset Management tracks hardware and software assets focusing on financial and lifecycle aspects like procurement, licensing, and disposal, but doesn’t emphasize the relationship mapping central to CMDB functionality. C is incorrect because Service Catalog presents available services for request by users but doesn’t track infrastructure components or their relationships. D is incorrect because there is no ServiceNow component called Configuration Item Registry; the CMDB serves as the authoritative source for CI information.
Question 20
An administrator needs to automatically create a change request whenever a high-risk problem record is created. Which ServiceNow feature should be configured?
A) Business Rule
B) Workflow
C) Flow Designer
D) Record Producer
Answer: C
Explanation:
Cross-table automation in ServiceNow creates related records, initiates processes, or performs actions in response to events in other tables. Modern ServiceNow provides multiple automation approaches with varying capabilities and complexity levels. Understanding which feature provides the most current, maintainable approach for automated record creation helps administrators implement efficient solutions.
Flow Designer provides the correct feature for automatically creating change requests when high-risk problems are created because it represents ServiceNow’s modern automation platform designed for building flows that respond to events and perform multi-step actions. Flow Designer uses a visual interface where administrators drag and drop actions to build automation logic without extensive scripting. For creating change requests from problems, administrators build a flow triggered when problem records are created with high-risk classification, then add an action creating a change request record with data copied from the problem including description, configuration items, and assignment details. Flow Designer provides built-in actions for common operations including record creation, field updates, approvals, and notifications. Flows execute asynchronously preventing performance impacts, support error handling with retry logic, and include debugging tools showing execution history. Flow Designer represents ServiceNow’s strategic direction for automation, providing intuitive development experience accessible to non-programmers while supporting complex scenarios. Flows maintain better visibility into automation logic than scripts buried in business rules, improving maintainability and documentation.
A is incorrect because while Business Rules can create related records through scripting, they require coding and represent the legacy approach to automation; Flow Designer provides more maintainable declarative automation without extensive scripting. B is incorrect because Workflows provide process orchestration with human interactions, approvals, and tasks, representing heavier solutions more appropriate for multi-step human-involved processes rather than simple automated record creation. D is incorrect because Record Producers enable users to create records through catalog requests with guided forms, not automatic record creation triggered by events; they facilitate user-initiated record creation not event-driven automation.
