CH4: Access Controls

Question 1

What are the “CRUD” operations that can be preformed by an end user?

Answer 1

Create, Read, Update, Delete

Question 2

True or False: In order to preform “CRUD” operations, an end user must be provided access to: User Authentication/Login, Application / Module Access, and Database Access.

Answer 2

TRUE

Question 3

What does ACL stand for in regards to elevated user access?

Answer 3

Access Control List

Question 4

True or False: An elevated privelege role only lasts for the duration of your user session.

Answer 4

True - Session timeout, logout, or impersonating another user removes the role.

Question 5

When elevated privileges are activated, an ____________ will appear next to your user avatar.

Answer 5

Arrow

Question 6

True or False: All admins having the security_admin role IS a best practice.

Answer 6

FALSE

Question 7

___________ is a security rule defined to restrict the permissions of a user from viewing and interacting with data.

Answer 7

Acces Control

Question 8

Acces control maye be set at the _____ level and/or the _______ level.

Answer 8

Row, Column

Question 9

True or False: Most security settings are implemented using Access Controls.

Answer 9

TRUE

Question 10

True or False: In addition to restricting CRUD operations, Access Controls can restrict ServiceNow-specefic operations on tables and fields.

Answer 10

TRUE

Question 11

True or False: In the base system, all users with the admn role can impersonate security_admin.

Answer 11

False - only the default System Administrator

Question 12

True or False: With System-created Access Controls, it is rare to have a table with no access control rules.

Answer 12

TRUE

Question 13

Each Access Control rule specifies: A valid ________ - a valid action the system can take.

Answer 13

Operation

Question 14

Each Access Control rule specifies: The ______ being secured.

Answer 14

Object

Question 15

Each Access Control rule specifies: The ________ required to access the object.

Answer 15

Permissions

Question 16

True or False: Access Control rules are defined for and applied to a specific table to that the rule is within the context of the table and the type of data stored.

Answer 16

TRUE

Question 17

Access Control Rules: table.–None– applies to __________.

Answer 17

The entire table

Question 18

Access Control Rules: table.field applies to _________________________.

Answer 18

One specific field on the table.

Question 19

Access Control Rules: table.* applies to ____________________.

Answer 19

All other fields in the table not defined with a table.field rule (house.*)

Question 20

True or False: When creating a .* access control, also creating a .–None– access control is a best practice as only the .–None– control grants access to records.

Answer 20

TRUE

Question 21

True or False: When writing an ACL that mostly grants access, using only .–none– is a best practice.

Answer 21

TRUE

Question 22

True or False: When writing an ACL that mostly denies access, using .–none– and .* is the best practice.

Answer 22

TRUE

Question 23

True or False: A user only needs to pass either table or field ACL rules to access a record object.

Answer 23

False - A user most pass both

Question 24

True or False: ACL rules for parent tables apply to any table that extends the parent table

Answer 24

TRUE

Question 25

True or False: ACL rules for fields in a parent table apply to any table that extends the parent table

Answer 25

TRUE