Table Access Control rules are processed in the following order:
any table name (wildcard), parent table name, table name
table name, parent table name, any table name (wildcard)
parent table name, table name, any table name (wildcard)
any table name (wildcard), table name, parent table name
In ServiceNow,Table Access Control (ACL) rulesdefine the permissions for accessing records within a table. When a user attempts to access a record, ServiceNow processesACL rules in a specific orderto determine if the user has the necessary permissions.
Specific Table Name ACLs
ServiceNowfirst checks ACL rulesthat are defined for the exact table being accessed.
If there are multiple ACL rules for the same table, ServiceNow evaluates themfrom most specific to least specific(i.e., field-level ACLs before table-level ACLs).
Parent Table Name ACLs(If applicable)
If the table inherits from another table (e.g.,Incident inherits from Task), ServiceNownext checks ACL ruleson theparent table.
This ensures that inherited rules are properly applied.
Wildcard ACLs (*)(Any table)
If no explicit ACL rule is found for the table or its parent, ServiceNow checkswildcard ACL rules (*), which apply toall tables.
Wildcard ACLs act as alast resortwhen no table-specific rules exist.
Order of Processing ACL Rules:
(A) any table name (wildcard), parent table name, table name – Incorrect
Wildcard rules (*) areprocessed last, not first.
(B) table name, parent table name, any table name (wildcard) – Correct
This follows the correctprocessing order:
First:ACLs for the specific table
Second:ACLs for the parent table (if applicable)
Third:Wildcard ACLs (*)
(C) parent table name, table name, any table name (wildcard) – Incorrect
Parent table ACLs arechecked aftertable-specific ACLs, not before.
(D) any table name (wildcard), table name, parent table name – Incorrect
Wildcard ACLs (*) arealways processed last, so this order is incorrect.
Explanation of Each Option:
Field-level ACLs(column-specific) take precedence overtable-level ACLs.
If multiple ACL rules apply,all must evaluate totruefor access to be granted.
Explicit Deny:If an ACL rule explicitlydenies access, the user is denied, even if another ACL grants access.
Always Test ACLs:Use the " Security Debugging " feature (/sys_security_acl_list.do) to verify how ACLs are applied.
Additional Notes & Best Practices:
ServiceNow Docs: How Access Control Rules Work
ServiceNow Community: Understanding ACL Processing Order
References from Certified System Administrator (CSA) Documentation:
Which are states that you can make a field on a form using UI Policy?
read-only
write-only
Necessary
Mandatory
Empty
Hidden
InServiceNow,UI Policiesallow administrators todynamically control form fieldsbased on conditions without using scripts. With UI Policies, you can change thebehaviorof a field by making it:
Read-only→ The user canviewthe field butcannot edit it.
Mandatory→ The field becomesrequired, and the usermustfill it out before submitting the form.
Hidden→ The field isremoved from visibilityon the form.
Explanation of Each Option:A. Read-only–Correct
A UI Policy can make a fieldread-only, meaning users canseethe field butcannot modifyits value.
Example: A field likeRequest Number (REQ0001)is typicallyread-onlyafter submission.
B. Write-only–Incorrect
ServiceNowdoes nothave a " write-only " field setting in UI Policies.
If a field iseditable, users canboth read and write; if it’s hidden or read-only, writing is not possible.
C. Necessary–Incorrect
There isno " Necessary " field state in ServiceNow UI Policies.
If the intent is to make a field required, the correct term is " Mandatory " .
D. Mandatory–Correct
UI Policies can make a fieldmandatory, requiring the user toenter a valuebefore submitting the form.
Example: AnIncident Descriptionfield might be mandatory before an incident is submitted.
E. Empty–Incorrect
UI Policiescannot directly enforce an " empty " state. However, adefault valuecould be cleared using aclient script, but this isnot a UI Policy feature.
F. Hidden–Correct
UI Policies canhide a field, making it invisible on the form.
Example: A " Manager Approval " field may be hiddenuntila certain condition (e.g., request cost > $1000) is met.
Final Answer:Read-only
Mandatory
Hidden
ServiceNow Docs – UI Policies and UI Policy
ServiceNow Learning – Form Configuration & UI Policies
ServiceNow Developer Portal – Controlling Form Behavior with UI Policies
References from Certified System Administrator (CSA) Documentation:
Which of the following can be customized through the Basic Configuration UI 16 module? (Choose three.)
Banner Image
Record Number Format
Browser Tab Title
System Date Format
Form Header Size
TheBasic Configuration UI 16 modulein ServiceNow allows administrators to make basic UI customizations without needing to modify code or system properties manually. These settings apply to theoverall look and feelof the instance.
Banner Image (Option A)
Allows admins to change theServiceNow banner logoat the top of the page.
This is useful for branding the instance with a company’s logo.
Browser Tab Title (Option C)
Changes thetitle displayed on the browser tabwhen accessing the ServiceNow instance.
Helps customize the instance’s branding for different user environments (e.g., " IT Service Portal " instead of " ServiceNow " ).
System Date Format (Option D)
Allows admins toset the date formatdisplayed across the instance.
Helps standardize date display based on organizational or regional preferences (e.g.,MM/DD/YYYY vs. DD/MM/YYYY).
Customizable Elements via Basic Configuration UI 16:
Why Are the Other Options Incorrect?B. Record Number Format
Incorrect:The format of record numbers (such asINC0010001 for incidents) is controlled viaSystem Definition → Number MaintenanceandNOTin Basic Configuration UI 16.
E. Form Header Size
Incorrect:The form header size isnot directly customizable through Basic Configuration UI 16.
Form layout and styling changes are managed throughUI Policies, Client Scripts, or custom CSS configurations.
Reference from Certified System Administrator (CSA) Documentation:???? ServiceNow Docs – Basic Configuration UI 16
???? ServiceNow UI Customization Documentation
" Basic Configuration UI 16 provides a simple way to modifybanner images, browser titles, and system-wide date formats. "
Conclusion:The correct answers are:
A. Banner Image(Customizes the instance’s logo)
C. Browser Tab Title(Changes the browser tab text)
D. System Date Format(Sets the instance-wide date format)
???? Understanding Basic Configuration UI 16 is important for ServiceNow administratorsto quickly apply branding and instance-wide display settings without modifying system properties manually.
Which one of these applications is available to all users?
Change
Incident
Facilities
Self-Service
In ServiceNow, access to applications is controlled byroles. Most applications, such asIncident, Change, and Facilities, require specific roles to access them. However, theSelf-Serviceapplication is available to all users, including those with the base " ess " (Employee Self-Service)role, which is assigned to every user by default.
Why " D. Self-Service " is the correct answer?TheSelf-Serviceapplication is designed for general users (end users, employees, customers) who do not have elevated permissions. It provides access to:
TheService Catalog(to request IT services, software, and hardware).
TheKnowledge Base(to search for articles and solutions).
Viewing and tracking submitted requests and incidents.
Submitting new incidents or requests.
Since it is meant forall users, it does not require any additional roles beyond the default ones given to employees or customers.
A. Change– Incorrect. TheChange Managementapplication is typically restricted toITIL users(users with theitilrole) and change managers. End users do not have access to this module.
B. Incident– Incorrect. While end users can create and view their own incidents viaSelf-Service, theIncident Managementmodule itself is restricted to IT support staff (users with theitilrole or higher).
C. Facilities– Incorrect. TheFacilitiesapplication, which includes asset tracking and work orders, is typically restricted to users managing physical assets or facility-related tasks. It is not available to all users by default.
ServiceNow Product Documentation - Self-Service Application Overview
ServiceNow CSA Study Guide - User Roles and Permissions
ServiceNow Docs: Access Control and Application Scope
Explanation of Incorrect Options:References from Certified System Administrator (CSA) Documentation:
Copyright © 2021-2026 CertsTopics. All Rights Reserved