30% Topic 5 – Database Management & Platform Security

Question 1

What is a table in ServiceNow?

Answer 1

[Exam Weight: 30%] A collection of records and fields

Question 2

What uniquely identifies a record?

Answer 2

[Exam Weight: 30%] sys_id

Question 3

Can a sys_id be changed?

Answer 3

[Exam Weight: 30%] No

Question 4

What is a base table?

Answer 4

[Exam Weight: 30%] A table that does not extend another table

Question 5

What is an extended table?

Answer 5

[Exam Weight: 30%] A table that inherits from another table

Question 6

What does table extension provide?

Answer 6

[Exam Weight: 30%] Inherited fields and functionality

Question 7

What base table do incidents extend?

Answer 7

[Exam Weight: 30%] task

Question 8

Do extended tables inherit ACLs?

Answer 8

[Exam Weight: 30%] Yes

Question 9

What prefix identifies a custom table?

Answer 9

[Exam Weight: 30%] u_

Question 10

Where is table schema defined?

Answer 10

[Exam Weight: 30%] Dictionary entries

Question 11

What table stores dictionary definitions?

Answer 11

[Exam Weight: 30%] sys_dictionary

Question 12

What is the purpose of an ACL?

Answer 12

[Exam Weight: 30%] Control access to data

Question 13

What does an ACL control?

Answer 13

[Exam Weight: 30%] Read, write, create, delete

Question 14

What are the two main ACL types?

Answer 14

[Exam Weight: 30%] Table-level and field-level

Question 15

If both row and field ACLs exist, what must happen?

Answer 15

[Exam Weight: 30%] Both must evaluate to true

Question 16

In what order are ACLs evaluated?

Answer 16

[Exam Weight: 30%] Table → Parent → Wildcard

Question 17

What wildcard is used for global ACLs?

Answer 17

[Exam Weight: 30%] *

Question 18

When are wildcard ACLs evaluated?

Answer 18

[Exam Weight: 30%] Last

Question 19

What happens if no ACL exists?

Answer 19

[Exam Weight: 30%] Access is granted

Question 20

What role is commonly required to create ACLs?

Answer 20

[Exam Weight: 30%] security_admin

Question 21

What feature helps troubleshoot ACL behavior?

Answer 21

[Exam Weight: 30%] Security Debugging

Question 22

What is the purpose of the CMDB?

Answer 22

[Exam Weight: 30%] Store configuration items and their relationships

Question 23

What does CMDB stand for?

Answer 23

[Exam Weight: 30%] Configuration Management Database

Question 24

What is a Configuration Item (CI)?

Answer 24

[Exam Weight: 30%] A component required to deliver a service

Question 25

What base table do most CIs extend?

Answer 25

[Exam Weight: 30%] cmdb_ci

Question 26

What types of assets are stored in the CMDB?

Answer 26

[Exam Weight: 30%] Tangible and intangible assets

Question 27

Give an example of a tangible CI.

Answer 27

[Exam Weight: 30%] Server

Question 28

Give an example of an intangible CI.

Answer 28

[Exam Weight: 30%] Software application

Question 29

What is the purpose of CI relationships?

Answer 29

[Exam Weight: 30%] Show dependencies for impact analysis

Question 30

Where are CI relationships stored?

Answer 30

[Exam Weight: 30%] cmdb_rel_ci

Question 31

Why is CMDB data accuracy important?

Answer 31

[Exam Weight: 30%] Reliable impact analysis and decision-making

Question 32

What tool automatically populates CMDB data?

Answer 32

[Exam Weight: 30%] Discovery

Question 33

What tool maps application dependencies?

Answer 33

[Exam Weight: 30%] Service Mapping

Question 34

What does CMDB Health measure?

Answer 34

[Exam Weight: 30%] Data quality

Question 35

What are the three CMDB Health metrics?

Answer 35

[Exam Weight: 30%] Completeness, correctness, compliance

Question 36

What is an Import Set?

Answer 36

[Exam Weight: 30%] A staging area for imported data

Question 37

Where is import data stored initially?

Answer 37

[Exam Weight: 30%] Import Set table

Question 38

What defines how import data moves to target tables?

Answer 38

[Exam Weight: 30%] Transform Map

Question 39

What is coalescing used for?

Answer 39

[Exam Weight: 30%] Identify existing records

Question 40

What happens when a coalesce match is found?

Answer 40

[Exam Weight: 30%] Existing record is updated

Question 41

What happens when no coalesce match is found?

Answer 41

[Exam Weight: 30%] New record is created

Question 42

Where is coalesce configured?

Answer 42

[Exam Weight: 30%] Transform Map field mapping

Question 43

Do Business Rules run during imports?

Answer 43

[Exam Weight: 30%] Yes

Question 44

Do Client Scripts run during imports?

Answer 44

[Exam Weight: 30%] No

Question 45

What CSA mistake is common with coalescing?

Answer 45

[Exam Weight: 30%] Expecting new records when matches exist

Question 46

What is a table in ServiceNow?

Answer 46

[Exam Weight: 30%] [Database Management (CORE CSA)] A collection of records stored in the database.

Question 47

What does a record represent?

Answer 47

[Exam Weight: 30%] [Database Management (CORE CSA)] A row in a table.

Question 48

What does a field represent?

Answer 48

[Exam Weight: 30%] [Database Management (CORE CSA)] A column in a table.

Question 49

What table stores user records?

Answer 49

[Exam Weight: 30%] [Database Management (CORE CSA)] sys_user.

Question 50

What table stores groups?

Answer 50

[Exam Weight: 30%] [Database Management (CORE CSA)] sys_user_group.

Question 51

What table stores roles?

Answer 51

[Exam Weight: 30%] [Database Management (CORE CSA)] sys_user_role.

Question 52

What are the three key attributes of every field?

Answer 52

[Exam Weight: 30%] [Database Management (CORE CSA)] Field Label, Field Name, Value.

Question 53

What is a reference field?

Answer 53

[Exam Weight: 30%] [Database Management (CORE CSA)] A field that points to a record in another table.

Question 54

What happens when you add a reference field to a form?

Answer 54

[Exam Weight: 30%] [Database Management (CORE CSA)] Fields from the referenced table become available.

Question 55

Can a reference field point to multiple tables?

Answer 55

[Exam Weight: 30%] [Database Management (CORE CSA)] No, only one table.

Question 56

What is a dictionary record?

Answer 56

[Exam Weight: 30%] [Database Management (CORE CSA)] A record that defines a field’s properties.

Question 57

What is a table extension?

Answer 57

[Exam Weight: 30%] [Database Management (CORE CSA)] A child table that inherits fields from a parent table.

Question 58

What table do most task-based tables extend?

Answer 58

[Exam Weight: 30%] [Database Management (CORE CSA)] task.

Question 59

What is the benefit of table extension?

Answer 59

[Exam Weight: 30%] [Database Management (CORE CSA)] Shared fields and consistent behavior.

Question 60

What is a schema map?

Answer 60

[Exam Weight: 30%] [Database Management (CORE CSA)] A visual representation of table relationships.

Question 61

What is a choice list?

Answer 61

[Exam Weight: 30%] [Database Management (CORE CSA)] A predefined list of selectable field values.

Question 62

Where are choice values stored?

Answer 62

[Exam Weight: 30%] [Database Management (CORE CSA)] sys_choice table.

Question 63

What happens when a choice list value is removed?

Answer 63

[Exam Weight: 30%] [Database Management (CORE CSA)] Existing records retain the old value.

Question 64

Access Control (ACL)

Answer 64

[Exam Weight: 30%] [Platform Security (VERY HIGH YIELD)] A rule that controls access to data and actions.

Question 65

ACL

Answer 65

[Exam Weight: 30%] [Platform Security (VERY HIGH YIELD)] Access Control List.

Question 66

What can ACLs protect?

Answer 66

[Exam Weight: 30%] [Platform Security (VERY HIGH YIELD)] Tables, records, fields, and UI actions.

Question 67

What are the two main parts of an ACL rule?

Answer 67

[Exam Weight: 30%] [Platform Security (VERY HIGH YIELD)] Object and operation.

Question 68

What are common ACL operations?

Answer 68

[Exam Weight: 30%] [Platform Security (VERY HIGH YIELD)] read, write, create, delete.

Question 69

What does an ACL check first: role or script?

Answer 69

[Exam Weight: 30%] [Platform Security (VERY HIGH YIELD)] Role.

Question 70

What happens if a user fails a table ACL?

Answer 70

[Exam Weight: 30%] [Platform Security (VERY HIGH YIELD)] Field ACLs are not evaluated.

Question 71

What does “Requires role” mean in an ACL?

Answer 71

[Exam Weight: 30%] [Platform Security (VERY HIGH YIELD)] The user must have the specified role to pass.

Question 72

What is the purpose of scripting in ACLs?

Answer 72

[Exam Weight: 30%] [Platform Security (VERY HIGH YIELD)] To add conditional logic for access.

Question 73

What role allows editing high-risk security settings?

Answer 73

[Exam Weight: 30%] [Platform Security (VERY HIGH YIELD)] security_admin.

Question 74

Does an admin automatically have security_admin?

Answer 74

[Exam Weight: 30%] [Platform Security (VERY HIGH YIELD)] No.

Question 75

How does an admin gain security_admin privileges?

Answer 75

[Exam Weight: 30%] [Platform Security (VERY HIGH YIELD)] By elevating to security_admin.

Question 76

Is security_admin elevation permanent?

Answer 76

[Exam Weight: 30%] [Platform Security (VERY HIGH YIELD)] No, it is session-based.

Question 77

What is authentication?

Answer 77

[Exam Weight: 30%] [Platform Security (VERY HIGH YIELD)] Verifying a user’s identity.

Question 78

What is authorization?

Answer 78

[Exam Weight: 30%] [Platform Security (VERY HIGH YIELD)] Determining what a user can access.

Question 79

What authentication method uses external identity providers?

Answer 79

[Exam Weight: 30%] [Platform Security (VERY HIGH YIELD)] External Single Sign-On (SSO).

Question 80

What authentication method uses credentials stored in ServiceNow?

Answer 80

[Exam Weight: 30%] [Platform Security (VERY HIGH YIELD)] Local database authentication.

Question 81

What authentication method uses an encrypted digest?

Answer 81

[Exam Weight: 30%] [Platform Security (VERY HIGH YIELD)] Digest Token authentication.

Question 82

What authentication method uses a one-time passcode?

Answer 82

[Exam Weight: 30%] [Platform Security (VERY HIGH YIELD)] Multi-factor authentication (MFA).

Question 83

What is the purpose of MFA?

Answer 83

[Exam Weight: 30%] [Platform Security (VERY HIGH YIELD)] To add an extra layer of security.

Question 84

What is application scope?

Answer 84

[Exam Weight: 30%] [Database Management Application & Data Protection] A security boundary that controls access to application resources.

Question 85

What is the default scope for custom applications?

Answer 85

[Exam Weight: 30%] [Database Management Application & Data Protection] Private scope.

Question 86

What does application scope prevent?

Answer 86

[Exam Weight: 30%] [Database Management Application & Data Protection] Naming conflicts and unauthorised cross-app access.

Question 87

What defines cross-scope access rules?

Answer 87

[Exam Weight: 30%] [Database Management Application & Data Protection] Application access settings.

Question 88

What is data separation?

Answer 88

[Exam Weight: 30%] [Database Management Application & Data Protection] Isolating data between applications or users.

Question 89

What protects sensitive data at rest?

Answer 89

[Exam Weight: 30%] [Database Management Application & Data Protection] Encryption.

Question 90

What protects sensitive data in transit?

Answer 90

[Exam Weight: 30%] [Database Management Application & Data Protection] HTTPS / TLS.

Question 91

What is a role best practice for security?

Answer 91

[Exam Weight: 30%] [Database Management Application & Data Protection] Assign roles to groups, not users.

Question 92

What happens when a user is removed from a group?

Answer 92

[Exam Weight: 30%] [Database Management Application & Data Protection] They lose all roles granted by that group.

Question 93

What logs record impersonation activity?

Answer 93

[Exam Weight: 30%] [Database Management Application & Data Protection] System logs.

Question 94

Are impersonation actions audited?

Answer 94

[Exam Weight: 30%] [Database Management Application & Data Protection] Yes.

Question 95

What portal do users without roles access by default?

Answer 95

[Exam Weight: 30%] [Database Management Application & Data Protection] Employee Center.