CIS-VR Certified Implementation Specialist - Vulnerability Response Questions and Answers

Aggregations for priority and workload

Drill-down to granularity

Single, clear indicators of organizational health

Up to the minute views

What processes and assets need protection?

What techniques can identify incidents?

What safeguards are available?

What techniques can restore capabilities?

What techniques can contain impacts of incidents?

Assigned To on Vulnerable item

Managed By on CMDB_CI

Assigned To on CMDB_CI Record

Best Practice does not dictate a specific field

Performance Analytics

Event Management

Governance. Risk, and Compliance

Service Mapping

Permanently removes the item from the list of Active Vulnerable items

Move the item to the Slushbucket

Has no impact on the list of Active Vulnerable Items

Temporarily removes the item from the list of Active Vulnerable items

An Implementation Partner

The company that created the Application

ServiceNow Professional Services

ServiceNow Technical Support

snvr_

snvuln_

vul_

sn_vul_

An Approval by default

An Exception Workflow

A GRC integration

A Filter Group

A reason for the exception

Integrations with GRC to handle the exception

Requirement Actions for the exception

A manual approval authority for the exception

Vulnerability groups

Third Party Entries

Vulnerable Items

Vulnerable Software

Will be captured

Will throw errors

Will not be captured

Will be partially captured

NVD Auto-update

Update

CVE Auto-update

On-demand update

Vulnerability

Filter Groups

Condition Builder

Advanced Scripts

sn_vul.autocreate_vul_centric_group

sn_vul.autocreate_groups

sn_vul.autocreate_vul_grouping

sn_vul.create_default_vul_groups

Recommend that the client purchase the full Performance Analytics package.

Ask the CISO.

Work with the customer to identify the things that will be most useful to them.

Use the standard out of the box reports only.