Exam questions Flashcards
This is used to perform operations on table data when it is displayed, inserted, updated, deleted, or queried. It is API supported and runs ____ side
This is a business rule and it runs server side. Often used to validate data and trigger events
This stores javascript functions and classes for use by ____ side script objects. Each of these includes either a function or an implementation of a ServiceNow class. This only runs when called by a ___ side script
Script includes, runs server side. Often used to enable different components to reuse server code and to make server code available to client-side calls.
These run when specific conditions occur on the system in order to trigger script actions
events, run server side. often used to identify and log when certain conditions are met, such as when an incident is opened or closed.
These run when a specific event is triggered to determine how the system handles it
script actions, run on server, often used to automate a response when a specific event occurs, such as send an email notification when an incident is opened.
Add buttons, links, context menu items on forms and lists to allow users to perform application-specific operations
UI actions, can run server or client side, often used to enable users to perform specific actions such as resolve an incident
Run javascript on the browser to perform operations on form and list data
Client scripts, client side, often used to enforce client side validation requirements, such as making certain an end date is after a start date
Perform operations on form data or fields, such as making fields, mandatory, visible, or read only
UI policies, client side, often used to Enforce data policies from the UI such as make a field required on first entry and then read only afterwards
what is the property that allows administrators to control annotations?
glide.ui.form_annotations, by default this property is set to true to display annotations
What is the roll that allows users to add annotations to forms?
personalize_form role
What defines the set of objects and methods allowed in server-side scripts running in an scoped application.
scoped API
access permissions can apply to any supported ___ ___ call such as REST, JSON, or SOAP
Web service
Where do you set runtime Access to application tables?
edit an application then from the tables related list choose application access then check appropriate boxes
Describe the following Access Control: Can Read
This control allows script objects from other application scopes to read records stored in the protected table. This access is required for all other API record operations
Describe the following Access Control: Can Write
This access allows script objects from other application scopes to modify records stored in a table. Can Read must be allowed for this action to work.
Describe the following Access Control: Can Create
This access allows other applications scopes to create records in this table. Example: a script in another application can insert a new record in this table. Available only when can read is also true.
Describe the following Access Control: Can Delete
This access allows other application scopes to delete records from this table. Only available when can read is true
What does it mean to Allow access to this table via web services
This allows users to make inbound web service queries to a table. This offers both run time and design time protection. The user performing the query must have the correct permissions to access this table, even when this option is selected.
What are the default run time access permission settings on an application?
Accessible from is All application scopes, Can Read is enabled, Allow access to this table via web services is enabled, can create, can update, and can delete are disabled
What are three examples of design time access you can grant or deny permission to create configuration records (also known as application files)
Business Rules, Client Scripts, UI Actions
The following settings will grant access to which configuration records: Accessible from is set to all application scopes Can read is selected
Configuration records: Access Controls, Business Rules
The following settings will grant access to which configuration records: Accessible from is set to all application scopes Can read is selected Allow Configuration is selected
Client scripts, Dictionary entry (new field only), UI actions
What is a scheduled job
an automated piece of work that can be performed at either a particular time or on a recurring schedule.
What are examples of tasks that can be automated as scheduled jobs?
Run and distribute a report, Generate a record (incident, change, configuration item, etc…) from a template, Run a business rule and do whatever the rule contains
What is the name of the tool that displays gs.print() and gs.log() statements as well as server logging information and error messages at the bottom of the content frame
Debug Log (This is automatically activated when you activate Debug Business Rule)
What does system security > “Debug Security Rules” do?
places a debug icon on each field of a form. Point to the icon to see if there are any debug messages for the associated element. Click the icon to expand details about read and write access
What does system security > “Stop Debugging” do?
disables all debugging processes
The following are ways to do what: activate the “Stop Debugging module” (located in system security) log out of the instance The session expires (times out for example) Close the browser
These are ways to de-activate a Server Side debug process
What is the recommended way to debug server-side scripts?
use gs.print statements controlled by system properties
why shouldn’t gs.log() statements be used in scripts?
they can sometimes get left in the code which could cause them to get triggered thousands of times accidentally which would slow down the system
A live feed group that is associated with a record such as an incident or change is a ____ _____
Document Feed - This allows users to work on tasks and other records through the live feed interface
The following are benefits of what: Improving communication between users working on the same record Improving visibility into progress for end users Providing a single place to see updates on multiple records Saving conversation history in the record so that knowledge is not lost in an email chain
The document feed
What are inbound email actions similar to and in what way?
Similar to business rules in that they use both conditions and scripts
If a forwarded message comes in with the following conditions what happens: 1. A subject starting with a recognized forward prefix (even if a watermark or an in-reply-to header is present) 2. From appears anywhere in the email body
Result of Default action: Create New Record Name of Default Action: Create Incident (forwarded)
If a Reply message comes in that matches one of the following conditions what happens: 1. A valid watermark that matches an existing record 2. An In-Reply-To email header (when no watermark is present) that matches an existing record 3. A subject line starting with a recognized reply prefix (when neither a watermark nor an in-reply-to header is present) and a valid record number that matches an existing record
Result of Default action: Update Existing Record Name of Default Action: Update Incident (BP)
If a New email message comes in that does not meet the conditions for either a reply or forward type inbound email action what will happen
Result of Default action: Create New Record Name of Default Action: Create Incident
How does servicenow match an email to an inbound action in the case that more than one potential options exist
First the table is matched, then, if there is more than one inbound action on the resulting table, servicenow uses the order field to determine the order in which the actions run
What do the following prefixes signify: re:, aw:, r:
these are prefixes that the servicenow glide.email.reply_subject_prefix property recognize as an email even when no watermark or in-reply-to header is present
Fuji or later supports what version of apple devices?
all iPhones or iPods running iOS7 and above
What version of Android is supported by ServiceNow?
Andriod version 4.0/Ice Cream Sandwich and above
What version of BlackBerry is supported
Blackberry 10 and above
If the “create module” field is selected when creating a table, what is the new module’s default behavior? a) Display a list of all records from the table. b) Open an empty form so new records can be created. c) Display an empty homepage for the new application. d) Open a link to a wiki article with instructions on how to customize the behavior of the new module.
Display a list of all records from the table
Which of the following are debugged using the JavaScript Debugger? a) All client side scripts. b) Client Scripts and UI Policies only. c) All server side scripts. d) Business Rules and Script Includes only.
Business Rules and Script Includes only
The Application Access settings for a table are? a. Global application scope b.All application scopes c. This application scope d. ServiceNow application scope a) A and B b) B and C c) C and D d) A and C
All application scopes, This Application Scope
Which of the following is not a Report Type in ServiceNow? a) Trend b) Funnel c) Chart d) Pyramid
Chart
Which utility is used to determine if field names in an import set match the field names on the target table when importing data into ServiceNow? a) Transform Maps b) Auto Map Matching Fields c) CI Relationship Builder d) Business Service Management Map
Auto Map Matching Fields
Identify the incorrect statement about the Team Development application in ServiceNow? a) Team Development allows for branching operations including pushing and pulling record versions between instances. b) Team Development uses Git to manage versions. c) Developers can compare a development instance to another development instance. d) The Dashboard is a central location for all team development activities.
Team Development uses Git to manage versions
What is a Record Producer?
A record producer is a specific type of catalog item that allows end users to create task-based records (such as incident records) from the service catalog.
How is data populated on a table using a record producer?
- Create a variable on the record producer with the same name as the field in the target record. (use a variable type that corresponds to the field type) 2. Define a template to assign a static field value for all records created by the record producer 3. Define a script that uses any variable or server-side objects and functions to assign values
Can record producers be created from a table?
yes, starting with the dublin release
What does Team Development provide?
Branching operations including pushing and pulling record versions between instances The ability to compare a development instance to other development instances A central dashboard for all team development activites
UI Policies are not supported on Search Screens (true/false)
True
You can create UI policies for tables in a different scope than the UI policy record (true/false)
False
The following conditions are required to do what? 1. The run scripts check box must be cleared 2. The Global check box must be selected 3. None of the UI policy actions can have visible set to True or set to False (it must be set to Leave Alone)
This is the way to convert a UI Policy to a Data Policy
What is specified in each ACL rule?
The object and operation being secured, The permissions required to access the object
What default ACL restrictions does the system pose on users?
ACL rules to restrict access to all database and configuration options
What role is required to do the following: 1. Create ACL rules to secure new objects 2. Update existing ACL rules to grant or deny users access to objects based on their business requirements 3. Debug ACL rules to determine why users cannot access certain objects
This is done with the Security_admin role
How many operations can be secured by each ACL?
Only one each
What does the admin overrides check box do?
If this is checked the admin automatically passes the ACL and is allowed access to whatever the ACL was protecting
if the table is in the same scope as an acl, you can use a script to evaluate conditions (true/false)
True
if the table is in a different scope as an acl, you can use a script to evaluate conditions(true/false)
False
What is the result of failing an ACL rule on an object for the following operation: execute
The user will be unable to execute scripts on record or UI page
What is the result of failing an ACL rule on an object for the following operation: create
the user cannot see the new UI actions and forms. The user also cannot insert records into a table using API protocols such as web services.
What is the result of failing an ACL rule on an object for the following operation: read
The user cannot see the object in forms or lists. User also cannot retrieve records using API protocols such as web services
What is the result of failing an ACL rule on an object for the following operation: write
User sees a read-only field in forms and lists, and the user cannot update records using API protocols such as web services
What is the result of failing an ACL rule on an object for the following operation: delete
User cannot see the Delete UI action forms. The user also cannot remove records from a table using API protocols such as web services
What is the result of failing an ACL rule on an object for the following operation: edit_task_relations
User cannot define relationships between task tables
What is the result of failing an ACL rule on an object for the following operation: edit_ci_relations
User cannot define relationships between configuration item [cmdb_ci] tables
What is the result of failing an ACL rule on an object for the following operation: save_as_template
User cannot control the fields that should be saved when a template is created
What is the result of failing an ACL rule on an object for the following operation: add_to_list
User cannot view or personalize specific columns in the list mechanic
What is the result of failing an ACL rule on an object for the following operation: list_edit
User cannot update records (rows) from a list
What is the result of failing an ACL rule on an object for the following operation: report_on
User cannot create reports on the object
What is the result of failing an ACL rule on an object for the following operation: personalize_choices
User cannot right-click a choice list field and select Configure Choices (Personalize Choices in versions prior to Fuji)
What happens if a user fails a field ACL rule but passes a table ACL rule?
the user is denied access to the field described by the ACL rule but has access to the rest of the table
What happens if a user fails a table ACL rule?
The user is denied access to all fields in the table even if the user previously passed a field ACL rule
In order to get access to a record object a user must pass what two ACL rules?
the first ACL rule matching a field (if any exist) and the first ACL rule matching the table (if any exist)
What does field level ACL debugging do?
When enabled this shows a small bug icon beside each field with an ACL rule. Clicking the icon will list the ACL rules that apply for the field and the evaluation results of the ACL
what is a solution to the following error or symptom regarding ACL rules: You cannot access records from a custom table
Create a table ACL rule for the custom table granting users access to the table. Witout an explicit table ACL rule users must pass the permissions in the table wildcard (*) ACL rule which by default restricts access to admins only. Enable debugging and determine what ACL rules are evaluated for the custom table.
what is a solution to the following error or symptom regarding ACL rules: You create a custom ACL rule that does not work properly
The most likely problem is that another rule is taking precedence over your custom rule in the processing order or that the user does not meet all the permission requirements for the object type. Enable debugging and verify that the ACL rule is being evaluated
what is a solution to the following error or symptom regarding ACL rules: Your field ACL rule does not work properly
There is likely a table ACL rule that the user has not met. Enable debugging and determine what ACL rules are evaluated for the field. Verify that there is not a conflicting table ACL rule or duplicate field ACL rule.
what is a solution to the following error or symptom regarding ACL rules: Your table ACL rule does not work properly
there is either an ACL rule higher in th eprocessing order or a duplicate table ACL rule interfering with the table ACL rule. Enable debugging and determine what ACL rules evaluated for the table.
You can see a field in a list but not in a form
It is possible that the ACL rule conditions or script are being triggered in the list but not in the form. Enable debugging and determine when the ACL rules evaluate to true. Update the conditions or script to have the same behavior on the list and form.
You receive an error message when trying to execute a processor or client-callable script include
There is an ACL rule for the processor or client-callable script include that the user has not met. If the user should have access to the object, enable debugging and determine what ACL rules are evaluated for the processor or script include. Update the ACL rule or the user roles as needed to access the object.
What are the “object types” for ACL rules?
they can be client-callable script includes, Processors, UI pages, and records
What is a script include? what does it do?
A script include is a way to store a JavaScript function or class for use by a server script. Each script include defines either an object class or a function.
What are the following an example of: Data modeled in a database, Use of forms to interact with data, provide reporting, need a workflow to manage process, extend functionality via javascript, replace: spreadsheets, macros, lotus notes, clarify sharepoint, reservations
These are conditions under which it makes sense to create an application
What are the following an example of: Data is unstructured such as audio or video, requires low level programmatic libraries, multiplayer games or extreme graphics, no process flow through application
These are conditions under which it does not make sense to create an application
can an applications scope be changed after creation?
No, scope is not changeable
What do extended tables inherit?
email notifications, Business Rules, Client Scripts, Script Includes, UI Policies, and Scheduled Jobs. (not forms)
What can be used to display details of tables and their relationships
Schema Map
What does REST stand for?
REpresentational State Transfer
What is a URI
This is a universal resource indicator that is unique to each resource in a REST call
What are the operations used in REST calls
GET (retrieve a record), POST (create a new record), PUT (modify a record), PATCH (update a record), DELETE
What are the advantages of RESTful web services
support for different http methods to perform different actions, Detailed response codes and header information, Pagination support for large data sets, Streaming data on GET requests
what is the following used for: Table API
used to perform CRUD (create, read, update, delete) operations on existing tables
What is the following used for: Aggregate API
used to compute aggregate statistics about existing table and column data
What is the following used for: Import set API
used to provide a REST interface for import set tables
What is the following used for: Performance Analytics API
used to query data about Performance Analytics scorecards
What are the methods that conform to the REST standard that are available in ServiceNow
GET (retrieve a record), POST (create a new record), PUT (modify a record), PATCH (update a record), DELETE
What is a CRUD operation? (referring to REST api)
Create, Read, Update, Delete
What are the permissions associated with the rest_service role
can use the REST API to perform REST web service operations such as querying or inserting records
What are the permissions associated with the web_service_admin
Can assess the System Web Services application menu and the REST modules
What are the two REST headers?
Accept: (application/json, application/xml) content-type: (application/json, application/xml)
which REST calls require you to provide both headres
Post, Put, and Patch
Which REST operations only require the Accept header?
Get, Delete
(True/False) User credentials are required in a REST request
True
is allowing accesses via web services in apps the same as clicking the access box fields controlling CRUD operations
No, in order to allow web service API’s (outside data) you must use the Allow access to this table via web services box which is different than the CRUD boxes which are local control only.
What is OAuth and how does it integrate with REST
OAuth or Open Authorization has two potential uses: OAuth providor scenario - Your instance provides an endpoint for third party clients to pull data from the instance OAuth consumer scenario - Your instance pulls data from a third-party provider In either of these instances you can pass credentials once then use a token for subsequent requests thus preventing secure information to be needed each time
What does the following REST response mean (message and details): 200
Success - success with response body
What does the following REST response mean (message and details): 201
Created - Success with response body
What does the following REST response mean (message and details): 204
Success - Success with no response body
What does the following REST response mean (message and details): 400
Bad Request - The request URI does not match the APIs in the system, or the operation failed for unknown reasons. Invalid headers can also cause this error
What does the following REST response mean (message and details): 401
Unauthorized - The user is not authorized to use the API
What does the following REST response mean (message and details): 403
Forbidden - The requested operation is not permitted for the user. This error can also be caused by ACL failures, or business rule or data policy constraints
What does the following REST response mean (message and details): 404
Not found - The requested resource was not found. This can be caused by an ACL constraint or if the resource does not exist.
What does the following REST response mean (message and details): 405
Method not allowed - The HTTP action is not allowed for the requested REST API, or it is not supported by any API
can inherited fields be deleted
No, only user defined fields can be deleted
Are table records deleted when a field is deleted?
no
what does g_form.showFieldMsg() do?
prints a message on a blue background below that field
What does g_form.addInfoMessage() do?
prints a message on a blue background on the top of the form
what does g_form.addErrorMessage() do?
prints a message on a red background at the top of the form
How do you change the experience of forms for different personas?
by using views
Forms and fields are managed on which side of scripting
Client Side
Business rules are handled on which side of scripting
Server Side
When does client script run relative to UI policy
Before
GlideForm (g_form) are run on which side
Client
that Access Control “Table.None” applies to what
a tables records (involves rows)
The Access Control Table.* applies to what?
every field on a record where there is no field-specific ACL (columns)
the Access Control Table.field applies to what?
applies only to one field
between ACLs and UI policies which are more secure and which run first
ACLs are both more secure and the first to run
where are events most commonly handled
Business Rules or Workflows or Scripts
Which weight of notifications always send, if there are notifications with the weights: 0, 10, 20, 30 which would send
0’s always send and the highest always sends so in this example the notifications sent would be the 0 and the 30.
what is the “splash page” and what is its purpose
The splash page is a lightweight landing page that gives users the ability to cancel the homepage load
What does system security > “Debug Business Rule” do?
displays messages about business rules including when they are started ==>, finished
