Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertificationsSNOW-CSAExam Questions

ServiceNow · Free Practice Questions · Last reviewed May 2026

SNOW-CSA Exam Questions and Answers

36real exam-style questions organised by domain, each with the correct answer highlighted and a plain-English explanation of why it's right — and why the others are wrong.

60 exam questions
90 min time limit
Pass: 700/1000 / 1000
6 exam domains
OverviewDomain BlueprintStudy GuideAll QuestionsSample by Domain
1. Reporting, SLA and Imports2. Self-Service and Automation3. UI, Navigation and Forms4. Database Administration and CMDB5. Service Catalog and Workflows6. Application Rules, ACL and Notifications
1

Domain 1: Reporting, SLA and Imports

All Reporting, SLA and Imports questions
Q1
easyFull explanation →

A company needs to import user records from a CSV file into the User [sys_user] table. The file contains a 'department' column that should map to the 'department' field in ServiceNow. However, the department values in the CSV are full names (e.g., 'Human Resources'), but the department field in ServiceNow uses a reference to the Department [cmn_department] table. What is the best practice for handling this import?

A

Use a before business rule on the User table to convert the department name after the record is inserted.

B

Create a transform map that maps the source field to the target field, and use a field mapping script to convert the department name to the correct sys_id.

This is the standard method to handle reference field mapping during import.

C

Use the Import Set Row API to programmatically map the values during import.

D

Manually edit the CSV file to replace department names with the corresponding sys_id values.

Why: Option B is correct because Import Set Rows are processed through transform maps, which allow field mapping scripts to convert source values (like 'Human Resources') into the corresponding sys_id in the Department [cmn_department] table. This is the standard, supported approach for handling reference field lookups during imports, ensuring data integrity without manual intervention or post-insert processing.
Q2
mediumFull explanation →

An administrator has configured a report on the Incident table showing the count of incidents by assignment group. The report shows data for the current week, but the numbers seem too low. The administrator suspects that incidents resolved before the current week are not being included. What should the administrator check first?

A

Check the 'Time scale' setting and ensure it is set to 'All' instead of 'Current week'.

B

Check the type of the report (e.g., bar chart vs pie chart) as some types only show aggregated data.

C

Check the condition (prompt) filter of the report to see if there is a time-based filter that limits to the current week.

The filter may be set to 'Created on this week' which excludes older incidents.

D

Check the 'Group by' field to ensure it is set to 'Assigned to' instead of 'Assignment group'.

Why: Option C is correct because the report's condition filter (often called a 'prompt' or 'filter condition') directly controls which records are included. If a time-based condition like 'Opened > Current week' or 'Resolved > Current week' is applied, it would exclude incidents resolved before the current week, causing the low count. The administrator should first inspect the filter conditions to see if such a restriction exists.
Q3
hardFull explanation →

An organization has a Service Level Agreement (SLA) defined on the Incident table with a condition of 'Category is Network' and a duration of 4 hours. The SLA is triggered when the incident state changes from 'New' to 'In Progress'. A network incident is created and assigned to the Network Support group. The incident state is changed to 'In Progress' immediately. After 3 hours, the incident is resolved. However, the SLA shows a breach despite the resolution being within 4 hours. What is the most likely cause?

A

The SLA stop condition is set to 'State is Resolved', but the SLA was paused due to a schedule (e.g., after-hours pause) and the pause time was not counted, causing the actual working time to exceed 4 hours.

If the SLA has a schedule that pauses during non-business hours, the elapsed business time may exceed 4 hours even if real time is less.

B

The SLA is assigned to the Network Support group, but the assignment group was changed during the incident.

C

The SLA duration is defined in business hours, and the incident was created after business hours, so the elapsed time counted only business hours, making the 4-hour window longer in real time.

D

The SLA condition 'Category is Network' was not evaluated correctly because the category field was updated after the SLA was triggered.

Why: Option A is correct because the SLA breach occurred despite the incident being resolved within 4 hours of moving to 'In Progress'. The most likely cause is that the SLA stop condition is set to 'State is Resolved', but the SLA was paused due to a schedule (e.g., after-hours pause) and the pause time was not counted, causing the actual working time to exceed 4 hours. In ServiceNow, SLA schedules define when the clock is running; if the incident was resolved during a pause period, the SLA timer would have stopped only when the schedule resumed, and the elapsed working time could exceed the 4-hour duration.
Q4
easyFull explanation →

A company frequently imports data from an external HR system into the Employee [hr_employee] table using an import set. The import set runs nightly and maps fields correctly. Recently, the import started failing with the error 'Field 'manager' not found in table 'hr_employee''. The manager field exists in the import set rows but not in the target table. What is the most likely cause?

A

The transform map has a field mapping that references 'manager' as a target field, but the hr_employee table does not have a 'manager' column.

The transform map attempts to map to a non-existent field.

B

The import set row table (sys_import_set_row) does not have a 'manager' column.

C

The source CSV file contains a column named 'manager' that is misspelled.

D

The manager field in the target table is of a different data type (e.g., string vs reference).

Why: The error 'Field 'manager' not found in table 'hr_employee'' indicates that the transform map is attempting to map a source field to a target column that does not exist in the hr_employee table. Since the import set rows contain the 'manager' field, the mapping in the transform map must be referencing 'manager' as a target field, but the target table lacks that column. This is the most likely cause because the transform map defines the field-to-field mapping between the import set row and the target table, and if the target field name is incorrect or missing from the table, the import will fail.
Q5
mediumFull explanation →

An administrator is creating a new report to show the average time to resolve incidents for the last quarter. They want the report to automatically update as new incidents are resolved. Which report type should they use?

A

Bar chart report with a condition for resolved incidents.

B

Pivot table report with a 'Average' aggregation.

C

Scorecard report with a metric for average resolution time.

D

List report with a 'Average' aggregation on the 'Resolved' field.

List reports can compute averages and update dynamically.

Why: A List report with an 'Average' aggregation on the 'Resolved' field is the correct choice because it automatically recalculates the average as new records are added or updated, ensuring the report reflects the most current data without manual intervention. List reports in ServiceNow support real-time aggregation on specific fields, making them ideal for dynamic metrics like average resolution time.
Q6
hardFull explanation →

An admin has set up an SLA on the Incident table with a condition 'Priority = 1' and a duration of 1 hour. The SLA is triggered when the incident state becomes 'In Progress'. The SLA definition includes a business schedule that only counts business hours (9 AM to 5 PM, Monday-Friday). An incident with Priority 1 is created at 4:30 PM on Friday and state is changed to 'In Progress' at 4:45 PM. At what time will the SLA breach if it is not resolved?

A

9:45 AM Monday.

Correct calculation based on business hours.

B

5:45 PM Friday.

C

4:45 PM Saturday.

D

4:45 PM Monday.

Why: The SLA has a duration of 1 hour but uses a business schedule that only counts hours between 9 AM and 5 PM, Monday through Friday. The incident entered 'In Progress' at 4:45 PM on Friday, so only 15 minutes of business time remain that day (4:45 PM to 5:00 PM). The remaining 45 minutes of SLA duration must be fulfilled starting Monday at 9:00 AM, pushing the breach time to 9:45 AM Monday.

Want more Reporting, SLA and Imports practice?

Practice this domain
2

Domain 2: Self-Service and Automation

All Self-Service and Automation questions
Q1
easyFull explanation →

A company wants to allow users to submit requests for new software without any manual intervention. Which self-service feature should be used to automate the request process?

A

Record Producer

Record Producers allow users to submit requests that automatically create records.

B

Approval Engine

C

SLA Definition

D

Flow Designer

Why: A Record Producer is the correct self-service feature because it allows users to submit requests for new software through a catalog item without any manual intervention. It automatically creates a record (e.g., a catalog task or request) in the platform based on the user's submission, enabling a fully automated request process.
Q2
mediumFull explanation →

A user reports that a catalog item is not visible to them, but other users in the same department can see it. What is the most likely cause?

A

User criteria restricts visibility

User criteria can limit which users see the item.

B

The item is in a different category

C

The item is out of stock

D

The item is not active

Why: User criteria is a visibility rule applied to catalog items that restricts which users or groups can see the item in the service catalog. If one user cannot see the item while others in the same department can, the most likely cause is that the user criteria on the catalog item excludes that specific user, either by user, role, group, or location criteria.
Q3
hardFull explanation →

During peak usage, the Employee Center portal becomes slow. The administrator wants to improve performance without changing the user interface. What is the best practice approach?

A

Increase the instance size

B

Remove all widgets from the homepage

C

Disable the search feature

D

Enable caching for widgets

Caching reduces server calls and improves load times.

Why: Enabling caching for widgets reduces server load and improves page load times by storing rendered widget output in memory, allowing subsequent requests to serve cached content without re-executing the underlying scripts or queries. This directly addresses performance degradation during peak usage without altering the user interface, making it the best practice approach.
Q4
easyFull explanation →

An administrator wants to automate the fulfillment of a catalog item that requires approval from the user's manager. Which combination of features should be used?

A

Virtual Agent and Flow Designer

B

Record Producer and Virtual Agent

C

Flow Designer with Approval step

Flow Designer can include approval and trigger fulfillment.

D

Approval Engine and Email Notification

Why: Option C is correct because Flow Designer provides a native Approval step that can be configured to route the request to the user's manager via the Manager field on the sys_user record. This allows the entire fulfillment process—including approval and subsequent actions—to be automated within a single Flow, eliminating the need for separate approval engine configurations or manual intervention.
Q5
mediumFull explanation →

A company uses the Employee Center portal. Users report that they cannot find a specific service when using the search bar. The service exists and is active. What is the most likely cause?

A

The service is inactive

B

The search index is not built for that service

Items must be indexed to appear in search results.

C

The service is not in a valid category

D

The service owner has restricted visibility

Why: The Employee Center portal relies on a search index to surface services. Even if a service is active and properly configured, the search index must be built or rebuilt for that specific service to appear in search results. Without an up-to-date index, the search bar will not return the service, which directly matches the reported symptom.
Q6
hardFull explanation →

An administrator is designing a catalog item for software requests. The item must capture the user's department automatically and pre-populate the cost center. Which feature should be used to achieve this?

A

Catalog Client Script

B

UI Policy

C

Variable default value using system properties

Defaults can be set to user's department and cost center from user record.

D

Client Script

Why: Option C is correct because using a variable default value with a system property allows the catalog item to automatically populate the department and cost center fields based on the logged-in user's data. System properties can reference user attributes (e.g., sys_user.department) to dynamically set default values without requiring client-side scripts or UI policies.

Want more Self-Service and Automation practice?

Practice this domain
3

Domain 3: UI, Navigation and Forms

All UI, Navigation and Forms questions
Q1
mediumFull explanation →

A system administrator needs to allow end users to add a 'Mobile Phone' field to the incident form without modifying the form layout for all users. Which feature should be used?

A

Create a new form section

B

Configure a UI policy

C

Set an ACL to allow field addition

D

Enable personalization on the form

Personalization allows users to customize their own form view by adding or removing fields.

Why: Personalization allows individual users to add fields to a form without affecting the form layout for all users. By enabling personalization on the incident form, the system administrator grants end users the ability to add the 'Mobile Phone' field to their own view of the form, which is stored per user in the sys_user_preference table.
Q2
hardFull explanation →

A user reports that after clicking 'New' on the incident module, the form loads but the 'Category' field is missing. Other users see the field. What is the most likely cause?

A

The field is hidden by a UI policy

B

The field is not in the default form view

C

The user has a personal form layout that removed the field

Personalization can cause a field to be missing for an individual user.

D

The user's role does not have read access to the field

Why: Option C is correct because the user's personal form layout can override the default form view, removing fields like 'Category' for that specific user while others see the field. This is a common scenario where a user has customized their own form layout, either intentionally or accidentally, by dragging the field off the form or using the personalization options.
Q3
easyFull explanation →

An administrator wants to create a new module under the 'User Administration' application menu. Which module type should be used to display a list of users?

A

List

A list module shows a list of records from a table.

B

Form

C

URL

D

Report

Why: Option A is correct because a List module type is specifically designed to display a table of records from a specified table, such as the sys_user table for users. When creating a module under the 'User Administration' application menu, selecting List allows the administrator to configure the module to show a list view of user records, including columns, filters, and sorting options.
Q4
mediumFull explanation →

A company has a custom table 'u_asset' and wants the 'Asset' module in the application navigator to show only records where 'active=true'. How can this be achieved?

A

Use an ACL to restrict access

B

Set a condition on the 'Filter' property of the module

The filter property allows defining a condition for the module's list.

C

Create a UI policy on the table

D

Add a client script to the list

Why: Option B is correct because the 'Filter' property on a module in the application navigator allows you to define a condition (e.g., 'active=true') that restricts which records from the underlying table are displayed when the module is clicked. This is the standard method for scoping module results without altering security or user interface behavior globally.
Q5
hardFull explanation →

An administrator needs to ensure that when a user changes the 'State' field to 'Resolved' on an incident form, the 'Resolution Notes' field becomes mandatory. What should be configured?

A

Business rule

B

Client script with onChange event

C

UI policy

UI policies can make fields mandatory based on conditions without scripting.

D

Data policy

Why: A UI policy is the correct choice because it allows you to make a field mandatory based on a condition on the same form without requiring a server round-trip. When the 'State' field changes to 'Resolved', the UI policy can set the 'Resolution Notes' field to mandatory, and it runs client-side in real-time as the user interacts with the form.
Q6
easyFull explanation →

A user wants to quickly find an incident by its number without navigating through menus. Which feature should they use?

A

Navigator filter

Typing the incident number in the navigator filter directly opens the record.

B

Favorites

C

History

D

Global search

Why: The Navigator filter allows users to quickly locate any record, including incidents, by typing its number directly into the filter field at the top of the left-hand navigation pane. This bypasses the need to navigate through menus or modules, providing instant access to the specific record. It is the fastest method for finding a record by its unique identifier without leaving the current view.

Want more UI, Navigation and Forms practice?

Practice this domain
4

Domain 4: Database Administration and CMDB

All Database Administration and CMDB questions
Q1
easyFull explanation →

A ServiceNow administrator notices that a CI record in the CMDB is not being updated by a scheduled discovery job. The CI is a Linux server that is reachable on the network. Which is the most likely cause?

A

The discovery source is not configured for this IP range.

B

The Identification and Reconciliation Engine (IRE) is disabled.

C

The cmdb_ci table ACL is set to private.

D

The CI is classified under a different CI class in the CMDB.

If the CI is misclassified, discovery may update a different record or create a duplicate.

Why: When a CI is classified under a different CI class in the CMDB, the scheduled discovery job may not update it because discovery uses the IRE to match incoming data against existing CIs based on identification rules. If the CI's class differs from what the discovery payload expects, the IRE may fail to reconcile the record, or the update may be directed to a different class table, leaving the original CI unchanged. This is a common cause of apparent update failures when the CI is reachable and the discovery source is correctly configured.
Q2
mediumFull explanation →

A consultant is designing the CMDB for a large enterprise. The company wants to track relationships between business services, applications, and infrastructure components. Which relationship model should be used to represent that a business service depends on an application, which in turn depends on a server?

A

Dependency relationship (structural)

Structural dependency is the correct type for service-dependency modeling.

B

Membership relationship

C

Ownership relationship

D

Connectivity relationship

Why: A dependency relationship (structural) is the correct model because it explicitly captures the directional 'depends on' nature of the chain: a business service relies on an application, which in turn relies on a server. In ServiceNow CMDB, structural dependency relationships (e.g., 'Depends on' or 'Used by') are designed to represent these hierarchical, transitive dependencies between CIs, enabling impact analysis and root cause mapping.
Q3
hardFull explanation →

During a CMDB health review, an administrator finds that many CI records have the same serial number but different names and IP addresses. What is the most likely root cause?

A

The CMDB has a scheduled job that deletes old CIs.

B

The CI class has a unique constraint on the name field.

C

The identification rule for the CI class does not include the serial number.

Without serial number as an identifier, the system creates new records instead of updating existing ones.

D

The reconciliation rule is set to 'Create' instead of 'Update'.

Why: The correct answer is C because the identification rule determines which fields are used to uniquely identify a CI. If the serial number is not included in the identification rule, the CMDB cannot detect duplicates based on serial number, allowing multiple CIs with the same serial number but different names and IP addresses to be created. This is a common misconfiguration that leads to CI proliferation and data inconsistency.
Q4
easyFull explanation →

Which TWO of the following are valid CI relationship types in ServiceNow?

A

Uses

B

Connects to

C

Member of

'Member of' is a standard membership relationship.

D

Owns

E

Depends on

'Depends on' is a standard dependency relationship.

Why: Option C is correct because 'Member of' is a predefined CI relationship type in ServiceNow's CMDB, used to indicate that a CI belongs to a group or cluster, such as a server being a member of a cluster. This relationship is part of the standard CMDB relationship model and is commonly used for grouping CIs like applications, clusters, or business services.
Q5
mediumFull explanation →

Which THREE of the following are required for ServiceNow Discovery to successfully populate the CMDB?

A

The CMDB CI tables with open ACLs

B

Valid credentials for the target devices

Credentials are necessary for authentication.

C

A discovery schedule configured for the IP range

A schedule defines when and what to discover.

D

A MID Server that can reach the target devices

The MID server performs the actual discovery probes.

E

The Identification and Reconciliation Engine (IRE) enabled

Why: Valid credentials (Option B) are required because ServiceNow Discovery uses SNMP, SSH, WMI, or REST to probe target devices. Without correct credentials, the MID Server cannot authenticate to the device, so it cannot read configuration data or populate CI attributes in the CMDB.
Q6
hardFull explanation →

A company wants to ensure that only authorized changes to the CMDB are allowed. Which THREE of the following mechanisms can help enforce this?

A

The Identification and Reconciliation Engine (IRE)

B

CMDB Health Definitions with remediation tasks

Health rules can detect and correct unauthorized changes.

C

Scheduled Discovery jobs

D

Access Control Lists (ACLs) on CMDB tables

ACLs restrict who can read/write CMDB data.

E

Business rules on the cmdb_ci table

Business rules can enforce data integrity and authorization logic.

Why: Option B is correct because CMDB Health Definitions can include remediation tasks that automatically or manually enforce compliance by correcting unauthorized changes to CI attributes. These tasks are triggered when a health score falls below a threshold, ensuring that only authorized modifications persist in the CMDB.

Want more Database Administration and CMDB practice?

Practice this domain
5

Domain 5: Service Catalog and Workflows

All Service Catalog and Workflows questions
Q1
mediumFull explanation →

A company wants to ensure that when a user submits a catalog item for a new laptop, the request is automatically approved if the cost is under $1,000 and the user's department has sufficient budget. What is the best way to implement this requirement?

A

Configure a notification to inform the user of the approval status.

B

Set up a Business Rule to approve all requests under $1,000.

C

Use a Flow to send an approval request to the manager every time.

D

Create an Approval rule with conditions on cost and department budget.

Approval rules can auto-approve based on conditions.

Why: Option D is correct because Approval rules in ServiceNow are specifically designed to automate approval decisions based on conditions like cost and department budget. By creating an Approval rule on the catalog item, you can evaluate the requested cost against a threshold and check the department's budget balance via a condition script or reference to the budget table, enabling automatic approval without manual intervention.
Q2
easyFull explanation →

A Service Catalog item has a variable that asks for the user's manager's email. The variable type is 'Email'. When the user submits the item, the manager should receive a notification. How should the variable be configured to ensure the email is valid?

A

Set the variable as 'Read only' and rely on data from sys_user table.

B

Add a regular expression in the variable's 'Regex' field.

C

Use a 'String' variable and add a client script to check format.

D

Use the 'Email' variable type; it includes validation.

The Email type validates the format upon submission.

Why: The 'Email' variable type in Service Catalog automatically validates that the entered value conforms to a standard email format (e.g., user@domain.com). This built-in validation ensures the manager's email is syntactically correct before the notification is triggered, without requiring additional scripting or regex. Option D is correct because it leverages this native validation, which is the simplest and most reliable method.
Q3
hardFull explanation →

A catalog item uses a 'Catalog Client Script' to hide a variable when another variable is set to 'No'. However, the script is not working. The script is of type 'onChange' and the variable to hide is a 'Single Line Text'. What is the most likely cause?

A

The variable type 'Single Line Text' does not support hiding.

B

The script is missing a 'g_form.setDisplay()' call.

C

The script should be of type 'onSubmit' instead of 'onChange'.

D

The variable's 'Display' property is set to 'Static' or 'Read only'.

If Display is static, client scripts cannot hide it.

Why: Option D is correct because when a variable's 'Display' property is set to 'Static' or 'Read only', the client-side script cannot override that setting via `g_form.setDisplay()`. The catalog client script runs on the client, but the variable's display behavior is enforced by the platform's UI policy layer, which takes precedence over client script calls. This is a common misconfiguration where the variable's display property is locked, preventing the onChange script from hiding it.
Q4
mediumFull explanation →

An administrator needs to create a workflow that sends an email to the approver when a request is approved, and sends a different email when the request is rejected. What is the appropriate workflow component to use for this branching logic?

A

Use a 'Timer' activity to delay and then check state.

B

Use a 'Begin Approval' activity and then a 'Decision' activity.

C

Use an 'Approval' activity with two 'Outcome' branches.

Approval activity provides outcomes for approved and rejected.

D

Use a 'Condition' activity to check the approval state.

Why: Option C is correct because the 'Approval' activity in ServiceNow workflows inherently supports branching via 'Outcome' branches. When an approval is processed (approved or rejected), the workflow engine evaluates the outcome and follows the corresponding branch, allowing you to attach different email notifications to each path without additional logic activities.
Q5
easyFull explanation →

A user complains that when they submit a catalog item, they receive an error: 'The variable is mandatory but has no value.' However, the variable is not marked as mandatory in the item's variable definition. What could be the cause?

A

A Catalog Client Script of type 'onSubmit' sets the variable mandatory.

Client scripts can enforce mandatory before submission.

B

A Business Rule on the request table sets the variable mandatory.

C

A UI Policy on the record producer makes the variable mandatory.

D

The variable is mandatory in the parent catalog category.

Why: Option A is correct because a Catalog Client Script of type 'onSubmit' can dynamically set a variable as mandatory using the `g_form.setMandatory('variable_name', true)` method. This overrides the variable's definition in the catalog item, causing the 'mandatory but has no value' error even when the variable is not marked mandatory in the item's variable definition.
Q6
mediumFull explanation →

Which THREE of the following are true about Service Catalog variables? (Choose three.)

A

All catalog variables are stored in the 'sys_variable' table.

B

Once created, the order of variables cannot be changed.

C

Variables can have default values that reference other variables.

Default values can be scripted to reference other variables.

D

The variable type determines how the variable is displayed on the form.

Each variable type has a specific UI representation.

E

Variables can be reordered using the 'Order' field in the variable list.

The Order field controls display order.

Why: Option C is correct because Service Catalog variables can have default values that reference other variables using syntax like '${variable_name}'. This allows dynamic default values based on user input or system data, which is a key feature for creating adaptive catalog forms.

Want more Service Catalog and Workflows practice?

Practice this domain
6

Domain 6: Application Rules, ACL and Notifications

All Application Rules, ACL and Notifications questions
Q1
mediumFull explanation →

A company has a custom table 'u_employee_data' with a before query business rule that sets 'u_department' to 'Engineering' when the current user is in the 'ITIL' role. After the business rule is activated, users in the 'ITIL' role report that when they query the table, they see only records with department 'Engineering'. However, the business rule is intended to set the default department for new records only. What is the most likely cause?

A

The business rule should be set to 'async' to avoid affecting queries.

B

The business rule is set to run on the client side instead of server side.

C

The business rule is running on 'before query' instead of 'before insert'.

Before query modifies the query for all retrievals, not just new records.

D

The condition script uses 'gs.getUser().hasRole("ITIL")' incorrectly.

Why: The business rule is configured to run on the 'before query' operation, which means it executes every time a query is made against the 'u_employee_data' table. This causes the condition to set the 'u_department' field to 'Engineering' for all records returned by the query, effectively filtering the result set to only those with that department. The intended behavior is to set the default department only when a new record is created, which requires the business rule to run on the 'before insert' operation instead.
Q2
hardFull explanation →

An administrator creates a new ACL for the 'incident' table with type 'record', operation 'read', condition script 'current.assignment_group == gs.getUser().getMyGroups()', and requires role 'snc_internal'. A user with role 'snc_internal' who is a member of group 'Service Desk' can view incidents assigned to 'Service Desk' but cannot view incidents assigned to 'Network Support'. What is the most likely reason?

A

The condition script uses 'current.assignment_group' which returns a sys_id, but 'gs.getUser().getMyGroups()' returns a list of group names.

B

The condition script should use 'current.assignment_group.isOneOf(gs.getUser().getMyGroups())' instead.

C

The user does not have the 'snc_internal' role.

D

Another ACL with higher order denies read access to all incidents not matching the condition.

ACL order matters; a deny rule could be overriding.

Why: Option D is correct because ACLs in ServiceNow are evaluated in order of their 'order' field, and the first matching ACL (either allowing or denying access) determines the outcome. If another ACL with a higher order (lower numeric value) denies read access to incidents not matching the condition, that deny rule will take precedence over the new ACL, preventing the user from viewing incidents assigned to 'Network Support' even though the new ACL would allow it. The user's role and group membership are satisfied, so the issue lies in ACL ordering and a conflicting deny rule.
Q3
easyFull explanation →

An administrator wants to send an email notification when a change request state changes to 'scheduled'. The notification should be sent to the change manager. Which two fields must be configured in the notification record?

A

"Advanced" tab: register an event to trigger the notification

B

"Email template" tab: select an existing template

C

"Who will receive" tab: add 'Change manager' role to 'Recipients'

This ensures the notification is sent to the change manager.

D

"When to send" tab: set condition to 'State changes to scheduled'

This defines the trigger.

Why: Option C is correct because the 'Who will receive' tab allows you to specify the recipients of the notification by role, user, or group. Adding the 'Change manager' role ensures that all users with that role receive the email when the notification triggers. Option D is correct because the 'When to send' tab defines the condition that must be met for the notification to fire; setting it to 'State changes to scheduled' ensures the notification is sent precisely when the change request state transitions to 'scheduled'.
Q4
hardFull explanation →

A junior administrator configures the above business rule and ACL. When a user without any role opens an incident with category 'database' and state 1, the priority is set to 1 correctly. However, the user cannot view the incident record. What is the most likely reason?

A

The ACL condition uses sys_id of assignment group, but the field stores display value.

B

The business rule runs before insert, but the ACL check occurs after insert.

C

The ACL requires a role (empty role list means no role requirement? Actually requires role checked, but no roles listed means any authenticated user, but unauthenticated? The user has no role, and condition fails because assignment group mismatch.

The ACL requires a role and condition fails, so access is denied.

D

The business rule order (100) is too low and another rule overrides the priority.

Why: Option C is correct because the ACL condition checks if the assignment group's sys_id matches a value, but the user has no role and the assignment group field likely stores the display value (group name) rather than the sys_id. This mismatch causes the ACL to deny read access, even though the business rule sets the priority correctly. The empty role list in the ACL means no roles are required, but the condition still fails due to the sys_id vs. display value mismatch.
Q5
mediumFull explanation →

Which TWO conditions must be met for a business rule to execute on a table? (Choose TWO.)

A

The business rule must be associated with a table.

Business rules are table-specific.

B

The condition script must evaluate to true (or be empty).

Unless condition is empty, the rule runs only if condition is true.

C

The business rule must have at least one role specified in the 'Condition' tab.

D

The business rule must have an 'Advanced' script defined.

E

The business rule must have an order less than 100.

Why: Option A is correct because a business rule in ServiceNow is always scoped to a specific table; it cannot execute without being associated with one. The rule's 'Table' field defines the database table on which the rule triggers, and the platform checks this association before any execution logic runs.
Q6
hardFull explanation →

Which THREE statements about Access Control Lists (ACLs) are true? (Choose THREE.)

A

ACLs can be defined for tables, records, fields, and scripts.

ACL types include table, record, field, and script.

B

ACLs can use condition scripts to grant or deny access.

Condition scripts are evaluated to determine access.

C

If 'requires role' is checked and no roles are listed, only users with the 'admin' role can access.

Empty role list with requires role checked means admin only.

D

An ACL can only have one role specified.

E

An ACL must have a script to evaluate conditions.

Why: Option A is correct because in ServiceNow, Access Control Lists (ACLs) can be defined to control access at multiple granularity levels: tables (entire table operations), records (specific rows), fields (individual columns), and scripts (execution of business rules or script includes). This allows administrators to enforce security policies precisely where needed.

Want more Application Rules, ACL and Notifications practice?

Practice this domain

Frequently asked questions

How many questions are on the SNOW-CSA exam?

The SNOW-CSA exam has 60 questions and must be completed in 90 minutes. The passing score is 700/1000.

What types of questions appear on the SNOW-CSA exam?

Scenario-based questions covering exam objectives with detailed answer explanations.

How are SNOW-CSA questions organised by domain?

The exam covers 6 domains: Reporting, SLA and Imports, Self-Service and Automation, UI, Navigation and Forms, Database Administration and CMDB, Service Catalog and Workflows, Application Rules, ACL and Notifications. Questions are weighted by domain — higher-weight domains appear more on your actual exam.

Are these the actual SNOW-CSA exam questions?

No. These are original exam-style practice questions written against the official ServiceNow SNOW-CSA exam objectives. They are not copied from the real exam. Courseiva focuses on genuine understanding, not memorisation of braindumps.

Ready to practice all 60 SNOW-CSA questions?

Courseiva tracks your accuracy per domain and routes you toward weak areas automatically. Free, no account required.

Browse all SNOW-CSA questionsTake a timed practice test