The User Reported Phishing inbound actions available prior to the Security Incident Response 9.0 release are now disabled. Security incidents are no longer created through the disabled inbound actions.
A new Create Phishing Email inbound action is now available.
https://docs.servicenow.com/en-US/bundle/vancouver-security-management/page/product/security-incident-response/concept/urp-about.html
D is correct.
The existing User Reported Phishing email inbound actions (Type = Forward and Type = New) have been disabled.
A new Create Phishing Email inbound action is now available.
ref: https://docs.servicenow.com/bundle/sandiego-security-management/page/product/security-incident-response/concept/urp-about.html
in the course provided SN instance, only the "Create Phishing Email" inbound action is active, both the "User Reported Phishing" (there are 2) have active set to false, additionally, it's calling a script include called "EmailUserReportedPhishing" under the description of that script include record, it states "Email User Reported Phishing V2 details methods to determine if this is a phishing."
So correct answer should be D
This section is not available anymore. Please use the main Exam Page.CIS-SIR Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Alice_the_2nd
7 months, 2 weeks agoSazeka
8 months, 2 weeks agosgawas
10 months, 4 weeks agosephereth
11 months, 2 weeks agoDharshu98
12 months agostophs
1 year ago