Certified System Administrator CSA Dumps PDF

InServiceNow, the best practice for managingusers, groups, and rolesis based onrole-based access control (RBAC).

Assign Roles to Groups (Correct)

Instead of assigning roles directly to users, it is abest practice to assign roles to groups.

This ensuresbetter role management, easier administration, and scalability.

Example:

The"IT Support"group has the"itil"role.

All users in this group automatically get theitilrole.

Add Users to Groups (Correct)

Users should be assigned togroupsrather thanroles directly.

Groups inherit roles, so when a user is added to a group, they automatically receivethe appropriate access.

Example:

A new Service Desk agent joins the"Service Desk"group and immediately gets the associated roles (itil,incident_manager, etc.).

A. You should never assign roles to groups(Incorrect)

Incorrect: Assigning roles to groups is therecommended best practice.

Managing roles at thegroup levelmakesaccess control more efficient and scalable.

B. You should assign roles to users(Incorrect)

Incorrect: Assigning roles directly to users isnot a best practicebecause it becomes difficult to manage as the organization grows.

Instead, users should beadded to groupsthat have the necessary roles.

Best Practices for Users, Groups, and Roles:Why Other Options Are Incorrect?

Managing Users, Groups, and Roles

ServiceNow Best Practices for Roles & Groups

Role-Based Access Control (RBAC)

User Administration

References from ServiceNow CSA Documentation:

ServiceNow providesfive primary rolesthat define access and permissions within the platform. These roles help structure user responsibilities and ensure that users only have access to the necessary functions.

Thehighest level of accessin ServiceNow.

Can manage all platform features, applications, data, and configurations.

Has control overusers, security settings, system properties, and scripting capabilities.

Example: A ServiceNow admin configuring new workflows, modifying tables, or setting up instance-wide settings.

Manages specific applications or functionalities within ServiceNow.

Includes roles such as:

knowledge_admin(Manages Knowledge Base)

report_admin(Manages Reports)

catalog_admin(Manages Service Catalog)

Example: A Knowledge Base Administrator controlling access to articles and updating knowledge categories.

Users with theITIL rolewho perform IT Service Management (ITSM) tasks.

Cancreate, update, and resolve recordssuch as incidents, problems, changes, and requests.

Example: A service desk agent handling incidents and requests.

Users with theApprover rolecanapprove or reject requests, such as change requests or access requests.

Can view or modify approval records directed to them but cannot fulfill other ITIL tasks.

Example: A manager approving a new software installation request.

Basic userswith no assigned roles.

Cansubmit requests, view their own tickets, and access public pages(e.g., Knowledge Base, Catalog).

Example: An employee submitting a request for laptop repair via the ServiceNow portal.

1. System Administrator (admin)2. Specialized Administrator3. Fulfiller (ITIL Role)4. Approver5. Requester (Employee Self-Service - ESS)

These roles form thefoundation of role-based access control (RBAC)in ServiceNow.

They ensure that usersonly access the data and functions relevant to their job responsibilities.

Additional roles can be assigned based on business needs, but these five cover the core platform functionalities.

Why These Are the Provided Roles in ServiceNow:

ServiceNow Documentation:User Roles in ServiceNow

CSA Exam Guide:CoversSystem Administrator, Specialized Administrator, Fulfiller, Approver, and Requesteras the standard user roles.

Reference from CSA Documentation:Thus, the correct answer is:

A. System Administrator, B. Specialized Administrator, C. Fulfiller, D. Approver, E. Requester

ServiceNow uses a hierarchical structure to manageService Catalog requests:

REQ (Request Record)

TheRequest (REQ#)is theparent recordthat represents the entire service request submitted by a user.

It groups all requested items and their associated tasks.

Found in thesc_requesttable.

RITM (Requested Item Record)

TheRequested Item (RITM#)is the specificcatalog itemordered by the user within a request.

A singleREQcan have multipleRITMsif the user ordered multiple items in a single request.

Found in thesc_req_itemtable.

TASK (Catalog Task Record)

TheTask (TASK#)is the individual fulfillment action required to complete the requested item.

A singleRITMcan have multipletasks, each assigned to different fulfillment teams.

Found in thesc_tasktable.

Why Answer "C" is Correct:✔️REQ (Number) > RITM (Number) > TASK (Number)

This is thecorrect pathbecause it follows theServiceNow fulfillment structure:

REQ (Request)– Tracks the entire request.

RITM (Requested Item)– Tracks individual items within the request.

TASK (Catalog Task)– Tracks the specific tasks needed to complete the requested item.

This path allows an administrator to drill down from the overallRequest (REQ#)to individualRequested Items (RITM#)and finally to theTasks (TASK#)assigned to fulfill those items.

Why the Other Answers Are Incorrect:A. RITM (Number) > REQ (Number) > PROCUREMENT (Number)

Incorrectbecause theREQ# (Request) comes firstbefore the RITM# (Requested Item).

Also,PROCUREMENT#is not always part of the fulfillment flow unless the item requires procurement (e.g., purchasing hardware).

B. REQ (Number) > RITM (Number) > PROCUREMENT (Number)

Incorrectbecausenot all requests involve procurement.

The last step should beTASK (sc_task), notPROCUREMENTunless it's a procurement-related request.

D. FULFILLMENT (Number) > RITM (Number) > TASK (Number)

Incorrectbecause"FULFILLMENT" is not a standard record typein ServiceNow.

The correct hierarchy starts withREQ# (sc_request), not "FULFILLMENT."

ServiceNow CSA Study Guide – Service Catalog & Request Fulfillment

ServiceNow Docs: Request Fulfillment Process(ServiceNow Documentation)

ServiceNow Tables & Data Model (sc_request, sc_req_item, sc_task)

References from the Certified System Administrator (CSA) Documentation:

InServiceNow,UI Policiesallow administrators todynamically control form fieldsbased on conditions without using scripts. With UI Policies, you can change thebehaviorof a field by making it:

Read-only→ The user canviewthe field butcannot edit it.

Mandatory→ The field becomesrequired, and the usermustfill it out before submitting the form.

Hidden→ The field isremoved from visibilityon the form.

Explanation of Each Option:A. Read-only–Correct

A UI Policy can make a fieldread-only, meaning users canseethe field butcannot modifyits value.

Example: A field likeRequest Number (REQ0001)is typicallyread-onlyafter submission.

B. Write-only–Incorrect

ServiceNowdoes nothave a "write-only" field setting in UI Policies.

If a field iseditable, users canboth read and write; if it’s hidden or read-only, writing is not possible.

C. Necessary–Incorrect

There isno "Necessary"field state in ServiceNow UI Policies.

If the intent is to make a field required, the correct term is"Mandatory".

D. Mandatory–Correct

UI Policies can make a fieldmandatory, requiring the user toenter a valuebefore submitting the form.

Example: AnIncident Descriptionfield might be mandatory before an incident is submitted.

E. Empty–Incorrect

UI Policiescannot directly enforce an "empty" state. However, adefault valuecould be cleared using aclient script, but this isnot a UI Policy feature.

F. Hidden–Correct

UI Policies canhide a field, making it invisible on the form.

Example: A"Manager Approval"field may be hiddenuntila certain condition (e.g., request cost > $1000) is met.

Final Answer:Read-only

Mandatory

Hidden

ServiceNow Docs – UI Policies and UI Policy

ServiceNow Learning – Form Configuration & UI Policies

ServiceNow Developer Portal – Controlling Form Behavior with UI Policies

References from Certified System Administrator (CSA) Documentation: