Practice SNOW-CSA Application Rules, ACL and Notifications questions with full explanations on every answer.
Start practicing
Application Rules, ACL and Notifications — choose a session length
Free · No account required
Click any question to see the full explanation and answer options, or start a focused practice session above.
A company has a custom table 'u_employee_data' with a before query business rule that sets 'u_department' to 'Engineering' when the current user is in the 'ITIL' role. After the business rule is activated, users in the 'ITIL' role report that when they query the table, they see only records with department 'Engineering'. However, the business rule is intended to set the default department for new records only. What is the most likely cause?
2An administrator creates a new ACL for the 'incident' table with type 'record', operation 'read', condition script 'current.assignment_group == gs.getUser().getMyGroups()', and requires role 'snc_internal'. A user with role 'snc_internal' who is a member of group 'Service Desk' can view incidents assigned to 'Service Desk' but cannot view incidents assigned to 'Network Support'. What is the most likely reason?
3An administrator wants to send an email notification when a change request state changes to 'scheduled'. The notification should be sent to the change manager. Which two fields must be configured in the notification record?
4A junior administrator configures the above business rule and ACL. When a user without any role opens an incident with category 'database' and state 1, the priority is set to 1 correctly. However, the user cannot view the incident record. What is the most likely reason?
5Which TWO conditions must be met for a business rule to execute on a table? (Choose TWO.)
6Which THREE statements about Access Control Lists (ACLs) are true? (Choose THREE.)
7An administrator creates a notification for the 'incident' table to send an email when the state changes to 'resolved'. The notification works for most users, but some users report not receiving the email. What is the most likely cause?
8A company wants to block all update operations on the 'problem' table for users with only the 'itil' role, except for the user who created the record. Which ACL configuration should be used?
9A business rule is set to run on 'before update' on the 'incident' table. The script updates 'current.description' and then calls 'current.update()'. What is the likely outcome?
10Based on the exhibit, who will receive the email notification?
11A notification should be sent to the change manager when a change request is submitted. Which TWO fields must be configured? (Choose TWO.)
12You are a ServiceNow administrator for a large enterprise. The company has a custom application that uses a table 'u_asset_tracking' to track IT assets. The table has a before insert business rule that sets the 'u_assigned_to' field to the current user if the field is empty. Recently, the security team reported that some users are able to view asset records that they should not see. After investigation, you find that the 'u_asset_tracking' table has no ACLs defined, and the default table ACL allows read access to all authenticated users. The business rule is working correctly. You need to restrict read access so that users can only see records where 'u_assigned_to' is themselves or where they are in the same 'u_department' as the record's 'u_department'. You must ensure that the solution does not affect other tables. Which approach should you take?
13A system administrator needs to allow users with the 'incident_manager' role to delete incidents only if the incident state is 'New' or 'Work in Progress'. They create an ACL with the following conditions: type='record', operation='delete', name='incident', condition: gs.hasRole('incident_manager') && current.state == 1 || current.state == 2. After testing, users with the role can delete incidents in any state. What is the most likely cause?
14Which THREE of the following are true regarding business rules and their execution order?
15A ServiceNow administrator is troubleshooting a notification issue. The company has a 'Customer Satisfaction Survey' notification that is supposed to send an email to the 'caller' of an incident when the incident state changes to 'Resolved' (state=6). The notification is configured with table 'incident', condition 'state changes to 6', and recipient 'caller'. However, the email is not being sent. The administrator checks the system log and finds no errors. The notification has an advanced script that checks if the 'caller' has a valid email address. The script is: if (current.caller_id.email == '') { return false; }. The administrator confirms that the caller's email field is populated. What is the most likely reason the notification is not sending?
16Drag and drop the steps to configure an inbound email action in ServiceNow into the correct order.
17Match each ServiceNow module to its function.
18A system administrator needs to prevent users from deleting any records in the 'incident' table. Which method will achieve this most effectively?
19A business rule is configured to run 'before' a record is updated. If the business rule sets a field value and then a subsequent 'after' business rule also updates the same field, what will be the final value stored in the database?
20A notification is not sending emails to the intended recipients. The notification's 'Who will receive' tab is set to 'Event creator' and the event is triggered by a business rule. However, the email recipient list is empty. What is the most likely cause?
21An administrator wants to enforce that when the 'state' field of an incident is set to 'Resolved', the 'resolution_notes' field must be filled. Which approach should be used?
22A company has an advanced business rule running on the 'incident' table with condition 'current.state == 2' (In Progress). The business rule creates a new child incident and also updates a field on the parent. However, when a state changes from 1 to 2 via a sys_created_by script, the child incident is created but the parent field is not updated. What is the most likely reason?
23A system administrator notices that users in the 'itil' role can see the 'cost' field on the 'cmdb_ci_server' table, but the requirement is to hide it from all except users with the 'cmdb_admin' role. The administrator has already created an ACL with 'read' operation, type 'record', condition 'current.cost' (no script) and granted 'no access' to all roles. However, the field is still visible. What is missing?
24Which of the following best describes the purpose of a 'Script Include' in ServiceNow?
25A notification is configured to send an email when a new incident is created. The email template uses the field 'Short Description', but the email shows empty for that field. The template is correct. What is the most likely cause?
26A business rule set to run 'async' is supposed to update a large number of child records. The administrator notices that the updates are not being applied consistently. What is the most likely reason?
27Which TWO of the following are valid ways to control the visibility of a field on a form for specific users?
28Which TWO of the following are best practices when working with ACLs?
29Which THREE of the following are true regarding Business Rules?
30A company has a business rule that runs on the Incident table during update. The rule checks if the state is 'In Progress' and sets a field. However, after saving, the field is not being set. Which of the following is the most likely cause?
31A user is able to view records in the Incident table but cannot edit them. Which ACL type is preventing the edit?
32A notification is configured to send an email when an incident is assigned to a user. However, users are receiving duplicate emails. Which of the following is the most likely cause?
33An ACL on the Incident table has a script condition that returns true if the user is in the role 'incident_manager'. A user with the 'incident_manager' role still cannot update incidents. What could be the issue?
34A before business rule on the Change Request table is supposed to set the 'risk' field based on the 'impact' and 'urgency' fields. The rule uses the current.update() method. However, when the rule runs, it causes a recursive loop. What is the best solution?
35Which table field in a notification record defines the email subject?
36A company wants to allow managers to view all incidents, but only their own direct reports' incidents to be editable. Which ACL approach is most efficient?
37A catalog client script is supposed to show a variable when another variable equals 'Yes'. The script runs on 'onChange' of the first variable. However, the second variable does not appear. What is a possible cause?
38What is the default behavior of an ACL if no ACL record exists for a given operation?
39A business rule is configured to run on 'after' update. Which TWO of the following conditions would cause the rule to execute? (Select two.)
40An ACL on the Task table has a role condition requiring the 'itil' role. A user with the 'itil' role is trying to update a task but is denied. Which TWO factors could be causing this? (Select two.)
41A notification is set to send an email when an incident is updated with 'Urgency' = 'High'. The notification is not sending. Which THREE of the following could be the cause? (Select three.)
42Refer to the exhibit. The business rule is set to run 'before' update. When a user changes the state to 'Resolved' (value 3), the comments field is updated. However, the change does not appear on the form after save. What is the most likely reason?
43Refer to the exhibit. This ACL is applied to the Incident table for 'write' operation. A user is editing their own incident but is still denied. What is the issue?
44Refer to the exhibit. This condition script is used in a notification. For which states will the notification trigger?
45A user reports that they are unable to see any records in the 'incident' table, even though they have the itil role. The administrator checks the ACLs and finds that there are no read ACLs defined for the incident table. What will happen?
46A developer wants to create a Scripted REST API endpoint that returns data from a custom table. The endpoint must only be accessible to users with the 'api_user' role. Which of the following is the best practice to enforce this restriction?
47A notification on the 'incident' table is configured to send an email when the 'state' field changes to 'Resolved'. The condition uses the condition builder with 'State changes to Resolved'. However, the notification also sends when an incident is updated without a state change. What is the most likely cause?
48An administrator is troubleshooting an ACL that grants 'write' access to the 'incident' table for the 'itil' role. Despite the ACL being active, users with the 'itil' role cannot update incidents. The administrator confirms that no other write ACLs exist. What is the most likely reason?
49A business rule runs on 'before update' of the 'incident' table and sets the 'assigned_to' field to the current user if the assignment group is empty. The rule is in the global scope. However, when a user from another application scope updates an incident via a web service, the field is not being set. What is the most likely cause?
50An administrator needs to send an email notification to the manager of the caller when an incident is assigned to a specific group. Which combination of notification configuration is correct?
51An ACL has a condition script that returns true if the user is a member of the 'service_desk' group and the record's 'state' is 'New'. The ACL type is 'read'. A user in the 'service_desk' group reports that they cannot see a record with state 'New'. What is the most likely cause?
52An administrator wants to create a notification that sends an email to the 'Assignment group' members whenever an incident is assigned to that group. Which of the following should the administrator configure in the notification's 'Who will receive' list?
53Which TWO of the following are valid ways to define who receives a notification in ServiceNow? (Choose two.)
54Which THREE of the following statements about ACL evaluation are true? (Choose three.)
55Which TWO of the following are true about business rules in ServiceNow? (Choose two.)
56Your company uses ServiceNow for IT Service Management. The 'incident' table has a custom 'create' ACL that restricts creation of incidents to users with the 'snc_internal' role. However, external users with the 'snc_external' role should also be able to create incidents via a portal. The portal uses a REST message that authenticates as a specific integration user. The integration user has the 'snc_internal' role. Despite the REST API call being successful, external users report that they cannot submit incidents through the portal. The system logs show that the REST API call returns a success, but the incident record is not created. What is the most likely cause?
57Your organization has implemented a notification on the 'incident' table to send an email when an incident's priority is changed. The notification is configured with a condition: 'Priority changes to 1 - Critical' and uses the 'Send email' action. Recently, administrators noticed that for a single incident that was updated multiple times, duplicate emails were sent. The incident record's audit history shows that the priority was only changed once. What is the most likely cause?
58A system administrator is configuring ACLs for a custom table 'u_employee_info' that should be visible to all employees but editable only by HR managers. The administrator creates two ACLs: one read ACL for the 'employee' role with type 'read', and one write ACL for the 'hr_manager' role with type 'write'. However, employees with the 'employee' role report that they cannot see any records in the table. The administrator verifies that the ACLs are active. What is the most likely issue?
59A ServiceNow administrator deployed an Access Control Rule (ACL) to restrict access to the 'u_employee_salary' field on the 'u_employee' table. The ACL is defined as type 'field', with condition 'current.roles.contains("admin")', and 'read' and 'write' operations set to 'requires role'. After activating the ACL, non-admin users with the 'employee' role can still see the 'u_employee_salary' field on forms and lists. The administrator has verified that the 'employee' role does not have any other ACLs granting access to this field. Which of the following is the most likely cause of the issue?
60An organization has a notification configured to send an email to the caller's manager when an incident is resolved. The notification is active, uses the 'Email - Incident' template, and has a condition script: 'current.state.changesTo(6)'. The email properties (SMTP, etc.) are working correctly for other notifications. Recently, managers are not receiving these resolved-incident emails. The administrator checks that the 'Manager' field on the caller's user record is populated for all callers. The notification's 'Who will receive' list is set to 'Caller and caller's manager' and the 'Operation' is 'record updated'. The 'Advanced' view shows that the 'Recipients' tab includes the email field 'mail' for the caller and the manager. What should the administrator investigate next?
61Refer to the exhibit. A user without the admin role attempts to update an incident record where the caller's department is 'Finance'. The user's department is 'IT'. What will happen?
62Refer to the exhibit. An incident is created with state 'New' and assigned_to is empty. Later, the state is changed to 'In Progress' and assigned_to is set to 'user1'. The notification does not fire. Which is the most likely reason?
63Refer to the exhibit. A user with username 'john.doe' tries to view an incident record. What is the outcome?
64Refer to the exhibit. An incident is created with state 'New' (1). The user creating the incident has the role 'itil', not 'admin'. After the business rule runs, what is the value of the priority field?
65Refer to the exhibit. An incident is updated and state changes from 'New' to 'In Progress'. Active is true. The notification is not sent. Which is the most likely cause?
The Application Rules, ACL and Notifications domain covers the key concepts tested in this area of the SNOW-CSA exam blueprint published by ServiceNow. Courseiva provides free domain-focused practice, mock exams, missed-question review, and readiness tracking across all SNOW-CSA domains — no account required.
The Courseiva SNOW-CSA question bank contains 65 questions in the Application Rules, ACL and Notifications domain. Click any question to see the full explanation and answer breakdown.
Start with a 10-question focused session to identify your baseline accuracy in this domain. Read every explanation — even for questions you answer correctly — to understand the reasoning. Once you score consistently above 80%, move to a 20–30 question session to confirm depth before moving to the next domain.
Yes — the session launcher on this page draws questions exclusively from the Application Rules, ACL and Notifications domain. Choose 10, 20, 30, or 50 questions for a focused session, or click individual questions to review them one by one.
Save your results, see per-domain analytics, and get readiness scores — free, for every certification.
Sign Up FreeFree forever · Every certification included