Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

ServiceNow CIS-Discovery (New York): Comprehensive Guide with Q&A, Exams of Web Programming and Technologies

This document offers a detailed explanation of servicenow's cis-discovery feature in the new york version. it provides a structured overview of cloud discovery, serverless discovery, and the discovery dashboard, along with troubleshooting tips and best practices. Numerous questions and answers that clarify key concepts and functionalities, making it an excellent resource for learning and practical application of servicenow's discovery capabilities. it covers topics such as mid server behavior, credential management, and troubleshooting common issues.

Typology: Exams

2024/2025

Available from 05/02/2025

WINGS_TO-FLY
WINGS_TO-FLY 🇺🇸

1

(1)

1.1K documents

1 / 38

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
ServiceNow CIS - Discovery (New York)
Latest Version Rated A+
Cloud Discovery ✔✔Cloud discovery finds resources in AWS and Azure clouds, and then
populates the CMDB with the relevant CIs and relationships.
Two types:
1. Service account cloud discovery
2. Cloud application discovery
Server-less Discovery ✔✔Discovery can find applications on host machines without the need to
discover the host first.
Two types:
1. Standard server-less discovery
2. Host-based server-less discovery
Discovery Dashboard displays ✔✔1. The current progress (status) of the actively running
Discovery schedules.
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26

Partial preview of the text

Download ServiceNow CIS-Discovery (New York): Comprehensive Guide with Q&A and more Exams Web Programming and Technologies in PDF only on Docsity!

ServiceNow CIS - Discovery (New York)

Latest Version Rated A+

Cloud Discovery ✔✔Cloud discovery finds resources in AWS and Azure clouds, and then populates the CMDB with the relevant CIs and relationships.

Two types:

  1. Service account cloud discovery
  2. Cloud application discovery

Server-less Discovery ✔✔Discovery can find applications on host machines without the need to discover the host first.

Two types:

  1. Standard server-less discovery
  2. Host-based server-less discovery

Discovery Dashboard displays ✔✔1. The current progress (status) of the actively running Discovery schedules.

  1. Newly discovered devices and applications, by time discovered.
  2. Existing devices and applications not updated by Discovery.
  3. Errors that occurred during a Discovery schedule that has run.
  4. Credentials that were either not required or unused by a Discovery schedule.

Discovery > Status ✔✔The Discovery Status provides a summary of a Discovery launched from a schedule. You can also cancel a Discovery that is in progress from the Discovery Status form.

What are the Discovery Status reference lists? ✔✔1. Discovery Log: Classification failures, CMDB updates, and authentication failures.

  1. Devices: Summary of all the devices scanned during discovery, and what action sensors took on the CMDB.
  2. ECC Queue: Connected flow of probe and sensor activity, actual XML payload.

Include Alive ✔✔Indicates that this Discovery includes devices on which one port responded to the scan, but no ports are open. Such a device is considered to be alive. If this check box is not selected, only active devices with one or more open ports that Discovery can query are displayed.

Where can you set the Shazzam batch size? ✔✔In the Discovery Schedule.

What is the default batch size for Shazzam? ✔✔ 5000

When NOT to use MID server clusters? ✔✔For performance and reliability reasons, these data sources should not be used with MID Server clusters. These external data sources should only be used with dedicated MID Servers.

1. LDAP

  1. Export sets
  2. JDBC data sources

When can a MID server specifically cause duplicate data? ✔✔If a MID Server in a cluster fails, the fail-over MID Server starts over at the beginning of the ECC queue task even if much of the information from the JDBC data source was already returned. This can result in duplicate data.

What are MID Server Capabilities? ✔✔MID Server capabilities define the specific functions of a MID Server within an IP address range.

Several applications, such as Discovery, Service Mapping, Cloud Management, and Orchestration can use capabilities, IP ranges, and MID Server selection to narrow the pool of MID Servers the applications need.

What MID Server Capabilities are available by default? ✔✔All

Cloud Management

Nmap

PowerShell

Resolve DNS

REST

SNMP

SOAP

SSH

VMware

WMI

Where can you validate Discovery results? ✔✔1. Accessing the ECC queue

  1. Analyzing the XML payload
  2. Checking the Discovery log

What are some high level Discovery troubleshooting areas? ✔✔1. Connectivity

  1. Permissions
  2. Configuration
  3. Probes, Sensors, Process Classifiers

Under which account does the MID server run? ✔✔Local Admin Account

If there are no working credentials for a device, which credentials are used? ✔✔MID Server Service Account

Credentials for SSH are for? ✔✔Unix/Linux

Credentials for SNMP are for? ✔✔Network/Printer Devices

Credentials for Windows are for? ✔✔Windows Devices

Credentials for VMWare vCenter are for? ✔✔VMware vCenter

Credentials for CIM are for? ✔✔CIM servers based on the Common Information Model

Credentials for AWS are for? ✔✔Amazon EC2 Web Services

Where are credentials stored? ✔✔On the instance in the Credentials table.

How does the MID Server use stored credentials? ✔✔The platform stores credentials in an encrypted field on the Credentials [discovery_credentials] table. Once they are entered, they cannot be viewed.

When credentials are requested by the MID Server, the platform decrypts the credentials using the following process:

  1. Decrypted on the instance with the password2 fixed key.
  2. Re-encrypted on the instance with the MID Server's public key.
  3. Encrypted on the load balancer with SSL.
  4. Decrypted on the MID Server with SSL.
  5. Decrypted on the MID Server with the MID Server's private key.

What MID Server Parameter enables automatically falling back to MID Server service credentials if all other credentials fail? ✔✔mid.powershell.local_mid_service_credential_fallback

Type: true | false

Default value: true

What privileges are needed for SSH? ✔✔root or sudo

What parameter needs to be set to use sudo? ✔✔must_sudo = true

How can sudo be configured? ✔✔/etc/sudoers file using the visudo command

How can you test SSH credentials? ✔✔From MID server using PuTTY

Which table is used to view the Device History? ✔✔discovery_device_history

What needs to be enabled to use external storage credentials? ✔✔Discovery External Credential Storage Plugin

What are the requirements for discovering SQL Server? ✔✔MID Server

  1. Install .Net 3.5 and 4 from Microsoft
  2. Install Microsoft SQL Server management lib (SMO)
  3. Install PowerShell v2.0 or above

Microsoft SQL Server Host

  1. Remote Registry Service running
  2. Add Windows user to proper SQL roles

What credentials are needed to discover VMware? ✔✔1. Windows or Linux credentials: Allows Discovery to access the host on which the vCenter server runs.

  1. vCenter credentials: Allows a vCenter probe to explore a vCenter server.

What are CIM credentials are used for? ✔✔Probe CIM servers to discover storage such as; DAS, NAS and SAN.

What is Functionality Definition? ✔✔Defines which protocols to detect.

How to use a behavior in Discovery schedule? ✔✔Drop down on the field, "MID Server selection method" on the Discovery Schedule and select: Use Behavior

What is the default protocol used when classifying in Shazzam probe? ✔✔Windows Management Instrumentation (WMI)

What does the Queue column in the ECC indicate? ✔✔Value = Input --> Sensor

Value = Output --> Probe

Each record is essentially a message from the instance and another system, classified as output, or a message from the external system to the instance, classified as input. ECC queue records provide you with a connected flow of probe and sensor activity, as well as the actual XML payload that is sent to or from an instance.

What can you find in the Shazzam XML Payload? ✔✔1. IP address

  1. Ports open/refused
  1. Banners
  2. Host names

What is a Discovery Pattern? ✔✔A pattern is a series of operations that tell Discovery which CIs to find on your network, what credentials to use, and what tables to populate in the CMDB.

A pattern performs the same function as a probe: it identifies and explores a target CI. Discovery uses patterns only during the last two phases of discovery: Identification and Exploration.

What is kept at Discovery Definition > CI Classification? ✔✔The ability to create CI Classification. A CI Classification allows Discovery to discover most common operating systems, network devices, and processes.

If no data is returned on Port Scan Phase. What could be a reason? ✔✔Connectivity:

Firewalls prevent connection

IP ranges not correctly defined

Incorrect Behavior deployed (SSH only used on Window)

Classification:

What is Reconciliation? ✔✔Reconciliation rules specify which data sources can update a table or a set of table attributes.

Ensure that there is a reconciliation rule for each data source that is authorized to update an attribute - multiple reconciliation rules can exist for the same set of attributes.

How are Datasource Precedences used? ✔✔If multiple data sources are authorized to update the same table or the same table attributes in the CMDB, assign a priority to each of these data sources to prevent them from overwriting each other's updates.

After an attribute is updated by an authorized data source, any subsequent updates are accepted only from the same data source or from a data source with a higher priority. Updates from a data source with a lower priority are rejected. Without data source precedence rules, data sources can overwrite each other's modifications.

Which Encryption ServiceNow uses to store credential in Discover_credential table? ✔✔3 DES Encryption

What is MID Server default thread limit? ✔✔ 25

Custom parsing strategies are? ✔✔JavaScript

Parsing strategies are part of discovery patterns, which Service Mapping and Discovery use to discover and map configuration items (CIs).

Where can you find what classifiers were used and in which order? ✔✔Node Log File Browser

What can you set in Discovery Configuration Console? ✔✔What kind of CIs and CI information you want to discover.

By default, Discovery finds all the information on your network that is specified in probes and patterns. Use the controls in this console to select the data Discovery adds to the CMDB that your organization needs.

You can control these aspects of Discovery:

  1. Entire CI types, such as Windows servers.
  2. Specific CI details, such as OS information.
  3. Software packages containing keyword terms that you add, such as Hotfix or Security Update.

What to check when trouble shooting Exploration Phase and XML payload does not show up on form? ✔✔Custom probe or sensor is not scripted correctly.

Input error records are not uncommon, especially when Discovery is using custom probes and sensors. Input errors usually mean that the system could not parse the XML data returned with the sensor script.

What will be created if duplicated CI are found? ✔✔De-duplication Task (under Identification/Reconciliation)

If the instance encounters duplicate CIs in the identification and reconciliation process, it does not update or insert the CI. Instead, the instance groups each set of duplicate CIs into a de- duplication task for review. Use de-duplication tasks to track the duplicate CIs until they can be resolved.

On what port does SSH run? ✔✔ 22

On what port does WMI run? ✔✔ 135

On what port does SNMP run? ✔✔ 161

What ways can you validate permissions from a MID Server? ✔✔1. PuTTy for SSH

  1. WBEMTest for WMI
  2. iReasoning MIB browser for SNMP

MID Servers in the same cluster should have same capabilities? ✔✔True

How many CI Identifier can we have per CI class? ✔✔ 1

How many CI Identifier entries can we have per CI Identifier? ✔✔No Restriction

In Discovery, which one of the following causes a pattern to fail during discovery? ✔✔No pattern attached to a classification

Which one of the following Discovery phases is the error "No credentials would authenticate, tried" found on? ✔✔Classification