CIS-VRM Dumps CIS-VRM Braindumps CIS-VRM Real Questions CIS-VRM Practice Test CIS-VRM Actual Questions ServiceNow CIS-VRM ServiceNow Vendor Risk Management https://killexams.com/pass4sure/exam-detail/CIS-VRM Question: 158 Which of these must be true in order for a vendor risk issue to be visible in the Vendor Portal? A. There must be at least one secondary contact for the vendor B. The primary vendor contact must have the sn_vdr_issues role C. Issues are always visible in the vendor portal D. The Visible in vendor portal field must have a value of true Answer: D Question: 159 What are the features of Vendor Risk Issues? (Choose two.) A. Generate audit tasks for the vendor risk team B. Can only be seen by the customerās vendor risk team C. Provide vendor direct access to update and respond to Issues D. Can be generated on-demand or automatically due to an incorrect answer Answer: A,C,D Question: 160 During the Generating Observations phase of the Vendor Risk Assessment, what action might be taken by the Risk Assessor? A. Create issues from the assessment if necessary B. Update the vendor risk score C. Email the vendor D. Answer questions the vendor forgot to answer Answer: A Question: 161 Vendor Risk Tasks are saved to which one of the following tables? A. [task] B. [planned_task] C. [sn_vendor_risk_task] D. [sn_vdr_risk_asmt_task] Answer: C Question: 162 How are Vendor Risk questionnaires and document requests displayed on the Vendor Portal? A. As separate requests and can be assigned to different vendor contacts B. As separate requests and can only be assigned to the same vendor contact C. As a single assessment assigned to a single vendor contact D. As a single assessment assigned to a single engagement contact Answer: A Question: 163 Which of these options can be used in data cleansing when importing vendor data? (Choose three.) A. Data Policies B. Access Control Lists C. Field Normalization Rules D. Fix Scripts E. Data Import or Data Source Transform F. UI Policies Answer: A,C,D,E Question: 164 What is the definition of āRisk Managementā? A. Policies/Standards/Procedures established to ensure an organization is aligned with corporate strategy and expectations are clearly defined B. The process of conforming to standards, policies, and remediation of audit findings C. The elimination of vulnerable surface area in an enterprise environment D. Process to identify, assess, and respond to risks, threats and vulnerabilities that could compromise the business Answer: D Explanation: Reference: https://www.techtarget.com/searchsecurity/definition/What-is-risk-management-and-why-is-it-important Question: 165 The Vendor records are stored in which table? A. Company [core_company] B. Department [cmn_department] C. Task [task] D. User [sys_user] Answer: A Question: 166 Which statements most accurately describe assignments to vendor contacts? (Choose two.) A. Individual sections in the questionnaire or document request can be assigned B. A questionnaire or document request cannot be assigned to multiple vendor contacts C. A questionnaire can be read by vendor contacts that are not assigned D. A questionnaire can only be completed by assigned vendor contacts Answer: A,C,D Question: 167 What third-party vendor security evaluation solutions are commonly integrated with VRM out-of-the-box? (Choose two.) A. MyScoreMetrics B. Vendor Insights C. Bitsight D. Security Scorecard Answer: A,C,D Question: 168 For each questionnaire template/assessment metric type, how many vendor risk areas can be designated? A. One B. As many as desired C. None D. Two Answer: A Question: 169 Which functions can be performed in the Vendor Portal? (Choose three.) A. Assessment response B. Contact Management C. Issue remediation D. Schedule web meetings E. Requests via virtual agent Answer: A,B,C Question: 170 Where can the score for each Assessment Metric or Metric Category be configured? A. Assessment Metric Category record B. Assessment Template record C. Assessment record D. Assessment Metric Type record Answer: D Question: 171 Roles preceded by sn_vdr_risk are for which scope? A. GRC: Vendor Risk Remediation B. GRC: Vendor Risk Core C. GRC: Risk Management D. GRC: Vendor Risk Management Answer: B Question: 172 Internal roles include: (Choose three.) A. Vendor Contact sn_vdr_risk.vendor_contact B. Vendor Risk Manager sn_vdr_risk_asmt.vendor_risk_manager C. Primary Vendor Contact sn_vdr_risk_asmt.prim_vendor_contact D. Vendor Risk Assessor sn_vdr_risk_asmt.vendor_assessor E. Vendor Risk Reviewer sn_vdr_risk_asmt.vendor_assessment_reviewer Answer: A,B,D,E Question: 173 Who is able to change the password for the vendor contact? (Choose two.) A. Vendor Contract Relationship Manager B. sys_admin C. Vendor contact via the Forgot Password link D. Vendor Risk Reviewer Answer: A,B,C Question: 174 Which statement accurately describes the visibility and audit history of actions and communications in the Vendor Risk Management application? A. The vendor and assessor interactions are captured in the Vendor Risk Issue record and are only visible from the portal view B. The Vendor Risk Issues created and the activity and history are lost from the Vendor Assessment Portal when the associated vendor contact changes C. The Vendor Risk Issues created and the activity and history will remain in the Vendor Assessment Portal even when vendor contacts change D. The vendor and assessor interactions are captured in the Vendor Risk Issue record and are only visible from the platform view Answer: C Question: 175 To what type of assessment record can a vendor contact respond? A. Vendor tiering assessment B. Vendor risk assessment C. Customer assessment D. External monitoring assessment Answer: B Explanation: Reference: https://www.smartsheet.com/content/vendor-assessment-evaluation Question: 176 From an Assessment record, the vendor risk assessor can click on āView Responsesā to see which of the following? A. Issue Responses B. Email Responses C. Task Responses D. Assessment Responses Answer: D Question: 177 Before any changes to the configuration of an application are made, it is recommended that the correct update set and application scope are selected. What role is required for this functionality? A. The Vendor Administrator role is required for this functionality B. The Data Administrator role is required for this functionality C. The User Administrator role is required for this functionality D. The System Administrator role is required for this functionality Answer: D Explanation: Reference: https://www.bmc.com/blogs/sysadmin-role-responsibilities-salary/ 6$03/( 48(67,216 7KHVH TXHVWLRQV DUH IRU GHPR SXUSRVH RQO\ )XOO YHUVLRQ LV XS WR GDWH DQG FRQWDLQV DFWXDO TXHVWLRQV DQG DQVZHUV .LOOH[DPV FRP LV DQ RQOLQH SODWIRUP WKDW RIIHUV D ZLGH UDQJH RI VHUYLFHV UHODWHG WR FHUWLILFDWLRQ H[DP SUHSDUDWLRQ 7KH SODWIRUP SURYLGHV DFWXDO TXHVWLRQV H[DP GXPSV DQG SUDFWLFH WHVWV WR KHOS LQGLYLGXDOV SUHSDUH IRU YDULRXV FHUWLILFDWLRQ H[DPV ZLWK FRQILGHQFH +HUH DUH VRPH NH\ IHDWXUHV DQG VHUYLFHV RIIHUHG E\ .LOOH[DPV FRP $FWXDO ([DP 4XHVWLRQV .LOOH[DPV FRP SURYLGHV DFWXDO H[DP TXHVWLRQV WKDW DUH H[SHULHQFHG LQ WHVW FHQWHUV 7KHVH TXHVWLRQV DUH XSGDWHG UHJXODUO\ WR HQVXUH WKH\ DUH XS WR GDWH DQG UHOHYDQW WR WKH ODWHVW H[DP V\OODEXV %\ VWXG\LQJ WKHVH DFWXDO TXHVWLRQV FDQGLGDWHV FDQ IDPLOLDUL]H WKHPVHOYHV ZLWK WKH FRQWHQW DQG IRUPDW RI WKH UHDO H[DP ([DP 'XPSV .LOOH[DPV FRP RIIHUV H[DP GXPSV LQ 3') IRUPDW 7KHVH GXPSV FRQWDLQ D FRPSUHKHQVLYH FROOHFWLRQ RI TXHVWLRQV DQG DQVZHUV WKDW FRYHU WKH H[DP WRSLFV %\ XVLQJ WKHVH GXPSV FDQGLGDWHV FDQ HQKDQFH WKHLU NQRZOHGJH DQG LPSURYH WKHLU FKDQFHV RI VXFFHVV LQ WKH FHUWLILFDWLRQ H[DP 3UDFWLFH 7HVWV .LOOH[DPV FRP SURYLGHV SUDFWLFH WHVWV WKURXJK WKHLU GHVNWRS 9&( H[DP VLPXODWRU DQG RQOLQH WHVW HQJLQH 7KHVH SUDFWLFH WHVWV VLPXODWH WKH UHDO H[DP HQYLURQPHQW DQG KHOS FDQGLGDWHV DVVHVV WKHLU UHDGLQHVV IRU WKH DFWXDO H[DP 7KH SUDFWLFH WHVWV FRYHU D ZLGH UDQJH RI TXHVWLRQV DQG HQDEOH FDQGLGDWHV WR LGHQWLI\ WKHLU VWUHQJWKV DQG ZHDNQHVVHV *XDUDQWHHG 6XFFHVV .LOOH[DPV FRP RIIHUV D VXFFHVV JXDUDQWHH ZLWK WKHLU H[DP GXPSV 7KH\ FODLP WKDW E\ XVLQJ WKHLU PDWHULDOV FDQGLGDWHV ZLOO SDVV WKHLU H[DPV RQ WKH ILUVW DWWHPSW RU WKH\ ZLOO UHIXQG WKH SXUFKDVH SULFH 7KLV JXDUDQWHH SURYLGHV DVVXUDQFH DQG FRQILGHQFH WR LQGLYLGXDOV SUHSDULQJ IRU FHUWLILFDWLRQ H[DPV 8SGDWHG &RQWHQW .LOOH[DPV FRP UHJXODUO\ XSGDWHV LWV TXHVWLRQ EDQN DQG H[DP GXPSV WR HQVXUH WKDW WKH\ DUH FXUUHQW DQG UHIOHFW WKH ODWHVW FKDQJHV LQ WKH H[DP V\OODEXV 7KLV KHOSV FDQGLGDWHV VWD\ XS WR GDWH ZLWK WKH H[DP FRQWHQW DQG LQFUHDVHV WKHLU FKDQFHV RI VXFFHVV 7HFKQLFDO 6XSSRUW .LOOH[DPV FRP SURYLGHV IUHH [ WHFKQLFDO VXSSRUW WR DVVLVW FDQGLGDWHV ZLWK DQ\ TXHULHV RU LVVXHV WKH\ PD\ HQFRXQWHU ZKLOH XVLQJ WKHLU VHUYLFHV 7KHLU FHUWLILHG H[SHUWV DUH DYDLODEOH WR SURYLGH JXLGDQFH DQG KHOS FDQGLGDWHV WKURXJKRXW WKHLU H[DP SUHSDUDWLRQ MRXUQH\ 'PS .PSF FYBNT WJTJU IUUQT LJMMFYBNT DPN WFOEPST FYBN MJTU .LOO \RXU H[DP DW )LUVW $WWHPSW *XDUDQWHHG