Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ServiceNow CIS-RCI Exam - Topic 2 Question 40 Discussion

For a particular risk assessment methodology (RAM), the control effectiveness score is calculated based on an individual assessment of controls. What are options for control identification? (Choose three.)
A) Controls are identified from library and ad-hoc
B) Controls are identified from indicator results
C) Controls are identified from library
D) Controls are identified ad-hoc
E) Controls are identified from related issues

ServiceNow CIS-RCI Exam - Topic 2 Question 40 Discussion

Actual exam question for ServiceNow's CIS-RCI exam
Question #: 40
Topic #: 2
[All CIS-RCI Questions]

For a particular risk assessment methodology (RAM), the control effectiveness score is calculated based on an individual assessment of controls. What are options for control identification? (Choose three.)

Show Suggested Answer Hide Answer
Suggested Answer: A

by Lisha at Feb 25, 2023, 03:31 AM

Limited Time Offer

25%

Off

Get Premium CIS-RCI Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Ryan
7 months ago
I’m not sure about using indicator results for control identification.
upvoted 0 times
...
Soledad
7 months ago
Totally agree with A and B!
upvoted 0 times
...
Mitsue
8 months ago
Wait, can you really identify controls ad-hoc? Seems risky.
upvoted 0 times
...
Mendy
8 months ago
I think E makes sense too.
upvoted 0 times
...
Krystina
8 months ago
A and C are solid options!
upvoted 0 times
...
Lizbeth
8 months ago
I’m a bit confused about whether ad-hoc identification counts separately from library identification. Can they be chosen together?
upvoted 0 times
...
Verlene
8 months ago
I feel like we practiced a question similar to this, and I think identifying controls from indicator results was mentioned as a valid option.
upvoted 0 times
...
Ivan
8 months ago
I think controls can definitely be identified from related issues, but I can't recall if that's one of the three choices.
upvoted 0 times
...
Lenna
8 months ago
I remember we discussed how controls can be identified from both libraries and ad-hoc methods, but I'm not sure if both are options here.
upvoted 0 times
...
Tess
8 months ago
I'm pretty confident about this one. CIFS is a Windows file sharing protocol, so I'll select option D.
upvoted 0 times
...
Tambra
8 months ago
This is a good example of the types of agency issues we've been covering. I'll methodically work through the facts and legal principles to arrive at the right conclusion.
upvoted 0 times
...
Desmond
8 months ago
Hmm, the question is a bit confusing. I'm not sure exactly what they're looking for in terms of "hackers" and "interfering" devices.
upvoted 0 times
...
Rima
9 months ago
This seems like a straightforward security question. I'll carefully read through the options and think about the safest approach.
upvoted 0 times
...
Adela
1 year ago
Alright, let's think this through. A, C, and D cover the bases for control identification. Can't go wrong with that, right? Except maybe the library is dusty and the ad-hoc controls are held together with duct tape.
upvoted 0 times
Annamaria
12 months ago
D) Controls are identified ad-hoc
upvoted 0 times
...
Minna
1 year ago
C) Controls are identified from library
upvoted 0 times
...
Donte
1 year ago
A) Controls are identified from library and ad-hoc
upvoted 0 times
...
...
Brock
1 year ago
Haha, this reminds me of that time my boss asked me to identify controls from his crystal ball. Joke's on him, I don't even have one!
upvoted 0 times
Olive
12 months ago
E) Controls are identified from related issues
upvoted 0 times
...
Juan
12 months ago
B) Controls are identified from indicator results
upvoted 0 times
...
Nobuko
1 year ago
A) Controls are identified from library and ad-hoc
upvoted 0 times
...
...
Apolonia
1 year ago
Wait, why can't I choose B and E? Shouldn't we also consider controls from indicator results and related issues? This question is tricky.
upvoted 0 times
Chana
12 months ago
B) Controls are identified from indicator results
upvoted 0 times
...
Cassie
12 months ago
D) Controls are identified ad-hoc
upvoted 0 times
...
Stephania
12 months ago
C) Controls are identified from library
upvoted 0 times
...
Steffanie
12 months ago
A) Controls are identified from library and ad-hoc
upvoted 0 times
...
Antonio
12 months ago
You're right, the question specifically asked for options for control identification. That's why B and E are not included.
upvoted 0 times
...
Genevieve
12 months ago
D) Controls are identified ad-hoc
upvoted 0 times
...
Asuncion
1 year ago
C) Controls are identified from library
upvoted 0 times
...
Dolores
1 year ago
D) Controls are identified ad-hoc
upvoted 0 times
...
Grover
1 year ago
C) Controls are identified from library
upvoted 0 times
...
Georgene
1 year ago
A) Controls are identified from library and ad-hoc
upvoted 0 times
...
Robt
1 year ago
A) Controls are identified from library and ad-hoc
upvoted 0 times
...
...
Jackie
1 year ago
I believe controls can also be identified from related issues, so option E should be considered as well.
upvoted 0 times
...
Arlette
1 year ago
I think the correct options are A, C, and D. Identifying controls from a library and ad-hoc makes sense for a risk assessment methodology.
upvoted 0 times
Alisha
1 year ago
It's important to have a mix of control identification methods to ensure a comprehensive risk assessment.
upvoted 0 times
...
Veronika
1 year ago
I prefer controls identified from indicator results, they provide more specific information.
upvoted 0 times
...
Magdalene
1 year ago
I think controls identified from related issues can also be helpful in the process.
upvoted 0 times
...
Fletcher
1 year ago
I think controls identified from related issues could also be useful in certain situations.
upvoted 0 times
...
Magdalene
1 year ago
I agree, controls from a library and ad-hoc are important for a risk assessment methodology.
upvoted 0 times
...
Elke
1 year ago
I agree, controls from a library and ad-hoc are important for a risk assessment methodology.
upvoted 0 times
...
...
Curtis
1 year ago
I agree with Latia, controls can be identified from library, ad-hoc, and indicator results.
upvoted 0 times
...
Latia
1 year ago
I think options A, C, and D are possible for control identification.
upvoted 0 times
...

Save Cancel