Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertificationsSNOW-CSADomainsApplication Rules, ACL and Notifications
SNOW-CSAFree — No Signup

Application Rules, ACL and Notifications

Practice SNOW-CSA Application Rules, ACL and Notifications questions with full explanations on every answer.

65questions

Start practicing

Application Rules, ACL and Notifications — choose a session length

10 questions~10 min20 questions~20 min30 questions~30 min50 questions~50 min

Free · No account required

SNOW-CSA Domains

Reporting, SLA and ImportsSelf-Service and AutomationUI, Navigation and FormsDatabase Administration and CMDBService Catalog and WorkflowsApplication Rules, ACL and Notifications

Practice Application Rules, ACL and Notifications questions

10Q20Q30Q50Q

All SNOW-CSA Application Rules, ACL and Notifications questions (65)

Start session

Click any question to see the full explanation and answer options, or start a focused practice session above.

1

A company has a custom table 'u_employee_data' with a before query business rule that sets 'u_department' to 'Engineering' when the current user is in the 'ITIL' role. After the business rule is activated, users in the 'ITIL' role report that when they query the table, they see only records with department 'Engineering'. However, the business rule is intended to set the default department for new records only. What is the most likely cause?

2

An administrator creates a new ACL for the 'incident' table with type 'record', operation 'read', condition script 'current.assignment_group == gs.getUser().getMyGroups()', and requires role 'snc_internal'. A user with role 'snc_internal' who is a member of group 'Service Desk' can view incidents assigned to 'Service Desk' but cannot view incidents assigned to 'Network Support'. What is the most likely reason?

3

An administrator wants to send an email notification when a change request state changes to 'scheduled'. The notification should be sent to the change manager. Which two fields must be configured in the notification record?

4

A junior administrator configures the above business rule and ACL. When a user without any role opens an incident with category 'database' and state 1, the priority is set to 1 correctly. However, the user cannot view the incident record. What is the most likely reason?

5

Which TWO conditions must be met for a business rule to execute on a table? (Choose TWO.)

6

Which THREE statements about Access Control Lists (ACLs) are true? (Choose THREE.)

7

An administrator creates a notification for the 'incident' table to send an email when the state changes to 'resolved'. The notification works for most users, but some users report not receiving the email. What is the most likely cause?

8

A company wants to block all update operations on the 'problem' table for users with only the 'itil' role, except for the user who created the record. Which ACL configuration should be used?

9

A business rule is set to run on 'before update' on the 'incident' table. The script updates 'current.description' and then calls 'current.update()'. What is the likely outcome?

10

Based on the exhibit, who will receive the email notification?

11

A notification should be sent to the change manager when a change request is submitted. Which TWO fields must be configured? (Choose TWO.)

12

You are a ServiceNow administrator for a large enterprise. The company has a custom application that uses a table 'u_asset_tracking' to track IT assets. The table has a before insert business rule that sets the 'u_assigned_to' field to the current user if the field is empty. Recently, the security team reported that some users are able to view asset records that they should not see. After investigation, you find that the 'u_asset_tracking' table has no ACLs defined, and the default table ACL allows read access to all authenticated users. The business rule is working correctly. You need to restrict read access so that users can only see records where 'u_assigned_to' is themselves or where they are in the same 'u_department' as the record's 'u_department'. You must ensure that the solution does not affect other tables. Which approach should you take?

13

A system administrator needs to allow users with the 'incident_manager' role to delete incidents only if the incident state is 'New' or 'Work in Progress'. They create an ACL with the following conditions: type='record', operation='delete', name='incident', condition: gs.hasRole('incident_manager') && current.state == 1 || current.state == 2. After testing, users with the role can delete incidents in any state. What is the most likely cause?

14

Which THREE of the following are true regarding business rules and their execution order?

15

A ServiceNow administrator is troubleshooting a notification issue. The company has a 'Customer Satisfaction Survey' notification that is supposed to send an email to the 'caller' of an incident when the incident state changes to 'Resolved' (state=6). The notification is configured with table 'incident', condition 'state changes to 6', and recipient 'caller'. However, the email is not being sent. The administrator checks the system log and finds no errors. The notification has an advanced script that checks if the 'caller' has a valid email address. The script is: if (current.caller_id.email == '') { return false; }. The administrator confirms that the caller's email field is populated. What is the most likely reason the notification is not sending?

16

Drag and drop the steps to configure an inbound email action in ServiceNow into the correct order.

17

Match each ServiceNow module to its function.

18

A system administrator needs to prevent users from deleting any records in the 'incident' table. Which method will achieve this most effectively?

19

A business rule is configured to run 'before' a record is updated. If the business rule sets a field value and then a subsequent 'after' business rule also updates the same field, what will be the final value stored in the database?

20

A notification is not sending emails to the intended recipients. The notification's 'Who will receive' tab is set to 'Event creator' and the event is triggered by a business rule. However, the email recipient list is empty. What is the most likely cause?

21

An administrator wants to enforce that when the 'state' field of an incident is set to 'Resolved', the 'resolution_notes' field must be filled. Which approach should be used?

22

A company has an advanced business rule running on the 'incident' table with condition 'current.state == 2' (In Progress). The business rule creates a new child incident and also updates a field on the parent. However, when a state changes from 1 to 2 via a sys_created_by script, the child incident is created but the parent field is not updated. What is the most likely reason?

23

A system administrator notices that users in the 'itil' role can see the 'cost' field on the 'cmdb_ci_server' table, but the requirement is to hide it from all except users with the 'cmdb_admin' role. The administrator has already created an ACL with 'read' operation, type 'record', condition 'current.cost' (no script) and granted 'no access' to all roles. However, the field is still visible. What is missing?

24

Which of the following best describes the purpose of a 'Script Include' in ServiceNow?

25

A notification is configured to send an email when a new incident is created. The email template uses the field 'Short Description', but the email shows empty for that field. The template is correct. What is the most likely cause?

26

A business rule set to run 'async' is supposed to update a large number of child records. The administrator notices that the updates are not being applied consistently. What is the most likely reason?

27

Which TWO of the following are valid ways to control the visibility of a field on a form for specific users?

28

Which TWO of the following are best practices when working with ACLs?

29

Which THREE of the following are true regarding Business Rules?

30

A company has a business rule that runs on the Incident table during update. The rule checks if the state is 'In Progress' and sets a field. However, after saving, the field is not being set. Which of the following is the most likely cause?

31

A user is able to view records in the Incident table but cannot edit them. Which ACL type is preventing the edit?

32

A notification is configured to send an email when an incident is assigned to a user. However, users are receiving duplicate emails. Which of the following is the most likely cause?

33

An ACL on the Incident table has a script condition that returns true if the user is in the role 'incident_manager'. A user with the 'incident_manager' role still cannot update incidents. What could be the issue?

34

A before business rule on the Change Request table is supposed to set the 'risk' field based on the 'impact' and 'urgency' fields. The rule uses the current.update() method. However, when the rule runs, it causes a recursive loop. What is the best solution?

35

Which table field in a notification record defines the email subject?

36

A company wants to allow managers to view all incidents, but only their own direct reports' incidents to be editable. Which ACL approach is most efficient?

37

A catalog client script is supposed to show a variable when another variable equals 'Yes'. The script runs on 'onChange' of the first variable. However, the second variable does not appear. What is a possible cause?

38

What is the default behavior of an ACL if no ACL record exists for a given operation?

39

A business rule is configured to run on 'after' update. Which TWO of the following conditions would cause the rule to execute? (Select two.)

40

An ACL on the Task table has a role condition requiring the 'itil' role. A user with the 'itil' role is trying to update a task but is denied. Which TWO factors could be causing this? (Select two.)

41

A notification is set to send an email when an incident is updated with 'Urgency' = 'High'. The notification is not sending. Which THREE of the following could be the cause? (Select three.)

42

Refer to the exhibit. The business rule is set to run 'before' update. When a user changes the state to 'Resolved' (value 3), the comments field is updated. However, the change does not appear on the form after save. What is the most likely reason?

43

Refer to the exhibit. This ACL is applied to the Incident table for 'write' operation. A user is editing their own incident but is still denied. What is the issue?

44

Refer to the exhibit. This condition script is used in a notification. For which states will the notification trigger?

45

A user reports that they are unable to see any records in the 'incident' table, even though they have the itil role. The administrator checks the ACLs and finds that there are no read ACLs defined for the incident table. What will happen?

46

A developer wants to create a Scripted REST API endpoint that returns data from a custom table. The endpoint must only be accessible to users with the 'api_user' role. Which of the following is the best practice to enforce this restriction?

47

A notification on the 'incident' table is configured to send an email when the 'state' field changes to 'Resolved'. The condition uses the condition builder with 'State changes to Resolved'. However, the notification also sends when an incident is updated without a state change. What is the most likely cause?

48

An administrator is troubleshooting an ACL that grants 'write' access to the 'incident' table for the 'itil' role. Despite the ACL being active, users with the 'itil' role cannot update incidents. The administrator confirms that no other write ACLs exist. What is the most likely reason?

49

A business rule runs on 'before update' of the 'incident' table and sets the 'assigned_to' field to the current user if the assignment group is empty. The rule is in the global scope. However, when a user from another application scope updates an incident via a web service, the field is not being set. What is the most likely cause?

50

An administrator needs to send an email notification to the manager of the caller when an incident is assigned to a specific group. Which combination of notification configuration is correct?

51

An ACL has a condition script that returns true if the user is a member of the 'service_desk' group and the record's 'state' is 'New'. The ACL type is 'read'. A user in the 'service_desk' group reports that they cannot see a record with state 'New'. What is the most likely cause?

52

An administrator wants to create a notification that sends an email to the 'Assignment group' members whenever an incident is assigned to that group. Which of the following should the administrator configure in the notification's 'Who will receive' list?

53

Which TWO of the following are valid ways to define who receives a notification in ServiceNow? (Choose two.)

54

Which THREE of the following statements about ACL evaluation are true? (Choose three.)

55

Which TWO of the following are true about business rules in ServiceNow? (Choose two.)

56

Your company uses ServiceNow for IT Service Management. The 'incident' table has a custom 'create' ACL that restricts creation of incidents to users with the 'snc_internal' role. However, external users with the 'snc_external' role should also be able to create incidents via a portal. The portal uses a REST message that authenticates as a specific integration user. The integration user has the 'snc_internal' role. Despite the REST API call being successful, external users report that they cannot submit incidents through the portal. The system logs show that the REST API call returns a success, but the incident record is not created. What is the most likely cause?

57

Your organization has implemented a notification on the 'incident' table to send an email when an incident's priority is changed. The notification is configured with a condition: 'Priority changes to 1 - Critical' and uses the 'Send email' action. Recently, administrators noticed that for a single incident that was updated multiple times, duplicate emails were sent. The incident record's audit history shows that the priority was only changed once. What is the most likely cause?

58

A system administrator is configuring ACLs for a custom table 'u_employee_info' that should be visible to all employees but editable only by HR managers. The administrator creates two ACLs: one read ACL for the 'employee' role with type 'read', and one write ACL for the 'hr_manager' role with type 'write'. However, employees with the 'employee' role report that they cannot see any records in the table. The administrator verifies that the ACLs are active. What is the most likely issue?

59

A ServiceNow administrator deployed an Access Control Rule (ACL) to restrict access to the 'u_employee_salary' field on the 'u_employee' table. The ACL is defined as type 'field', with condition 'current.roles.contains("admin")', and 'read' and 'write' operations set to 'requires role'. After activating the ACL, non-admin users with the 'employee' role can still see the 'u_employee_salary' field on forms and lists. The administrator has verified that the 'employee' role does not have any other ACLs granting access to this field. Which of the following is the most likely cause of the issue?

60

An organization has a notification configured to send an email to the caller's manager when an incident is resolved. The notification is active, uses the 'Email - Incident' template, and has a condition script: 'current.state.changesTo(6)'. The email properties (SMTP, etc.) are working correctly for other notifications. Recently, managers are not receiving these resolved-incident emails. The administrator checks that the 'Manager' field on the caller's user record is populated for all callers. The notification's 'Who will receive' list is set to 'Caller and caller's manager' and the 'Operation' is 'record updated'. The 'Advanced' view shows that the 'Recipients' tab includes the email field 'mail' for the caller and the manager. What should the administrator investigate next?

61

Refer to the exhibit. A user without the admin role attempts to update an incident record where the caller's department is 'Finance'. The user's department is 'IT'. What will happen?

62

Refer to the exhibit. An incident is created with state 'New' and assigned_to is empty. Later, the state is changed to 'In Progress' and assigned_to is set to 'user1'. The notification does not fire. Which is the most likely reason?

63

Refer to the exhibit. A user with username 'john.doe' tries to view an incident record. What is the outcome?

64

Refer to the exhibit. An incident is created with state 'New' (1). The user creating the incident has the role 'itil', not 'admin'. After the business rule runs, what is the value of the priority field?

65

Refer to the exhibit. An incident is updated and state changes from 'New' to 'In Progress'. Active is true. The notification is not sent. Which is the most likely cause?

Practice all 65 Application Rules, ACL and Notifications questions

Other SNOW-CSA exam domains

Reporting, SLA and ImportsSelf-Service and AutomationUI, Navigation and FormsDatabase Administration and CMDBService Catalog and Workflows

Frequently asked questions

What does the Application Rules, ACL and Notifications domain cover on the SNOW-CSA exam?

The Application Rules, ACL and Notifications domain covers the key concepts tested in this area of the SNOW-CSA exam blueprint published by ServiceNow. Courseiva provides free domain-focused practice, mock exams, missed-question review, and readiness tracking across all SNOW-CSA domains — no account required.

How many Application Rules, ACL and Notifications questions are in the SNOW-CSA question bank?

The Courseiva SNOW-CSA question bank contains 65 questions in the Application Rules, ACL and Notifications domain. Click any question to see the full explanation and answer breakdown.

What is the best way to practice Application Rules, ACL and Notifications for SNOW-CSA?

Start with a 10-question focused session to identify your baseline accuracy in this domain. Read every explanation — even for questions you answer correctly — to understand the reasoning. Once you score consistently above 80%, move to a 20–30 question session to confirm depth before moving to the next domain.

Can I practice only Application Rules, ACL and Notifications questions for SNOW-CSA?

Yes — the session launcher on this page draws questions exclusively from the Application Rules, ACL and Notifications domain. Choose 10, 20, 30, or 50 questions for a focused session, or click individual questions to review them one by one.

Free forever · No credit card required

Track your SNOW-CSA domain progress

Save your results, see per-domain analytics, and get readiness scores — free, for every certification.

Sign Up Free

Free forever · Every certification included

Practice Session

10 questions20 questions30 questions50 questions

Study Resources

All DomainsPractice TestMock ExamFlashcardsStudy Guide