Black Friday Special Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

 
Home > ServiceNow > CIS-Event Management > CIS-EM

CIS-EM Certified Implementation Specialist-Event Management Exam Question and Answers

Question # 4

By default, the Alert Console displays what type of alerts?

A.

All Primary, Open alerts and anomaly alerts with a Severity of Critical, Major, Minor, and Warning that are not in Maintenance mode

B.

All Primary and Secondary Open alerts and anomaly alerts with a Severity of Critical, Major, Minor, and Warning that are not in Maintenance mode

C.

All Primary alerts with a Severity of Critical, Major, Minor, Warning that are not in Maintenance mode

D.

All Primary, Open alerts with a Severity of Critical, Major, Minor, and Warning that are not in Maintenance mode

E.

All Primary and Secondary Open alerts with a Severity of Critical, Major, Minor, and Warning that are not in Maintenance mode

Full Access
Question # 5

What is the minimum role needed to view alerts?

A.

alert_operator

B.

evt_mgmt_user

C.

evt_mgmt_operator

D.

alert_user

Full Access
Question # 6

How would you interpret the following data in the Operational Intelligence Insights Explorer?

A.

win-ces882ierw is one of your hottest Configuration Items (CIs) that is currently experiencing a high probability of anomalies and should be checked immediately

B.

win-ces882ierw is one of your hottest Configuration Items (CIs), but is currently experiencing a low probability of anomalies

C.

win-ces882ierw is one of your customized list of monitored Configuration Items (CIs) that is currently experiencing a high probability of anomalies and should be checked immediately

D.

win-ces882ierw is one of your customized list of monitored Configuration Items (CIs), but is currently experiencing a low probability of anomalies

Full Access
Question # 7

Which attribute is responsible for de-duplication?

A.

Metric_name

B.

Message_key

C.

Short_description

D.

Additional_info

Full Access
Question # 8

A support agent resolves an incident associated with an alert. What is the best method to close the alert?

A.

Set the evt_mgmt.incident_closes_alert

B.

Set the evt_mgmt.alert_closes_incident

C.

Switch over to the alert form and close the alert manually

D.

Create a business rule on the alert table to match the associated Incident with its respective alert

E.

Create a business rule on the incident table

Full Access
Question # 9

If events are not matching to alerts as you would like, what field should be changed?

A.

Resource

B.

Message Key

C.

Node

D.

Metric Name

Full Access
Question # 10

Which are recommended best practices for Event Management? (Choose three.)

A.

Filter out events on ServiceNow Instance for easier consolidation and aggregation.

B.

Promote all events to alerts during initial implementation until you fully understand which should be ignored.

C.

Filter out events at source rather than in the ServiceNow instance.

D.

Base-line “normal-state” events to filter out background noise.

E.

Ignore all non-critical events during initial implementation to streamline processing; add alerts over time as time and resources allow.

Full Access
Question # 11

You have an event that needs to be bound to a non-host CI.

Which attribute needs to be removed from the Transform and Compose tab?

A.

Source Instance

B.

Metric Name

C.

Node

D.

Resource

Full Access
Question # 12

What is Event Management licensing based on?

A.

The number of unique nodes that can send events to the instance

B.

The number of connectors and listeners it will collect data from

C.

The number of connectors it will collect data from

D.

The number of CIs in the CMDB that it will be monitoring

Full Access
Question # 13

Which step in the event rule configuration process enables you to ignore events and prevent alert generation?

A.

Transform and compose alert output

B.

Event filter

C.

Event options

D.

Threshold

Full Access
Copyright myexamcollection.com. All Right Reserved.