CCNA ITIL Management Practices Questions

75 of 420 questions · Page 1/6 · ITIL Management Practices · Answers revealed

1
MCQmedium

An organization wants to ensure that its IT services meet the agreed performance levels. Which practice is primarily responsible for negotiating and monitoring these targets?

A.Availability Management
B.Supplier Management
C.Service Level Management
D.Capacity and Performance Management
AnswerC

Service Level Management handles SLAs and monitoring of service levels.

Why this answer

Service Level Management negotiates, agrees, and monitors service level targets. Option A is correct. Option B focuses on availability.

Option C is about capacity. Option D is about suppliers.

2
MCQmedium

An IT team wants to prioritize incidents based on business impact and urgency. Which ITIL practice provides the framework for classifying and handling incidents?

A.Problem Management
B.Service Desk
C.Event Management
D.Incident Management
AnswerD

Incident Management includes prioritization and handling of incidents.

Why this answer

Incident Management (D) is the correct ITIL practice because it provides the specific framework for classifying, prioritizing, and handling incidents based on business impact and urgency. This practice defines the lifecycle from detection through resolution, including categorization and prioritization matrices that directly address the scenario's requirement.

Exam trap

The trap here is that candidates confuse the Service Desk (a function) with Incident Management (a practice), or mistakenly think Problem Management handles individual incidents, when in fact Incident Management is the correct practice for classification and handling.

How to eliminate wrong answers

Option A is wrong because Problem Management focuses on identifying and eliminating the root causes of incidents to prevent recurrence, not on classifying and handling individual incidents as they occur. Option B is wrong because the Service Desk is a functional team that provides a single point of contact for users, but it does not define the framework for incident classification and handling—it executes the Incident Management process. Option C is wrong because Event Management monitors and responds to IT events (e.g., alerts, notifications) but does not provide the structured classification and handling framework for incidents; incidents are a subset of events that require the Incident Management practice.

3
MCQeasy

What is the PRIMARY purpose of the Incident Management practice?

A.To manage the lifecycle of all changes to IT services
B.To negotiate and agree on service level targets
C.To find the root cause of incidents and prevent recurrence
D.To restore normal service operation as quickly as possible and minimize business impact
AnswerD

This is the core purpose of Incident Management.

Why this answer

Incident Management aims to restore normal service operation as quickly as possible and minimize the adverse impact on business operations.

4
Multi-Selectmedium

Which TWO of the following are components of the ITIL 4 Service Value System?

Select 2 answers
A.Service Catalogue
B.Known Error Database
C.Configuration Baseline
D.Service Value Chain
E.Guiding Principles
AnswersD, E

The Service Value Chain is a central element of the SVS.

Why this answer

The SVS includes: Guiding Principles, Governance, Service Value Chain, Practices, and Continual Improvement. Service Catalogue and Known Error Database are not components.

5
MCQhard

Which of the following BEST describes the difference between an incident and a service request?

A.Incidents require a workaround; service requests do not
B.Incidents are always resolved within 24 hours; service requests have no time limit
C.Incidents are unplanned disruptions; service requests are routine, pre-approved requests
D.Incidents are handled by the service desk; service requests are handled by change enablement
AnswerC

Why this answer

Incidents are unplanned interruptions or degradation of service quality. Service requests are pre-defined, pre-approved, routine requests that do not involve a disruption.

6
Multi-Selecthard

Which THREE of the following are components of the ITIL 4 Service Value System (SVS)?

Select 3 answers
A.Practices
B.Continual improvement
C.Outcomes
D.Guiding principles
E.Service value chain activities
AnswersA, B, D

Practices are a component of the SVS.

Why this answer

Option A is correct because 'Practices' are a core component of the ITIL 4 Service Value System (SVS). The SVS is defined by the ITIL 4 framework to include the Guiding Principles, Governance, Service Value Chain, Practices, and Continual Improvement. Practices are sets of organizational resources designed for performing work or accomplishing an objective, replacing the ITIL v3 'processes' concept.

Exam trap

The trap here is that candidates confuse the 'Service Value Chain activities' (the six specific activity blocks within the chain) with the 'Service Value Chain' itself as a component of the SVS, leading them to incorrectly select Option E.

7
MCQhard

An IT department is considering replacing a critical server. According to ITIL 4, which type of change should be used if the replacement involves a new, untested model and requires a full risk assessment?

A.Standard change
B.Service request
C.Normal change
D.Emergency change
AnswerC

Normal changes require assessment and authorization.

Why this answer

A normal change requires assessment and authorization by a change authority. Option C is correct. Option A is pre-approved.

Option B is for urgent, emergency situations. Option D is not a change type.

8
MCQeasy

Which ITIL 4 practice involves the 7-step improvement model?

A.Incident Management
B.Continual Improvement
C.Problem Management
D.Change Enablement
AnswerB

Correct. Continual Improvement uses the 7-step model.

Why this answer

The Continual Improvement practice uses the 7-step improvement model.

9
MCQhard

A service desk agent resolves a password reset request after verifying the user's identity. According to ITIL 4, which metrics would be most appropriate to measure the performance of this interaction?

A.Change success rate and backout success
B.Mean Time to Repair (MTTR) and uptime
C.Number of problems and known errors
D.First Contact Resolution (FCR) and Customer Satisfaction (CSAT)
AnswerD

Correct: These are common service desk metrics.

Why this answer

First Contact Resolution (FCR) and Customer Satisfaction (CSAT) are key service desk metrics.

10
Multi-Selectmedium

Which THREE actions are part of Supplier Management?

Select 3 answers
A.Setting SLA targets for internal teams
B.Providing training to supplier staff
C.Managing supplier contracts
D.Monitoring supplier performance
E.Evaluating and selecting suppliers
AnswersC, D, E

Correct: contract management is part of supplier management.

Why this answer

Supplier management includes evaluating suppliers, managing contracts, and monitoring performance. Option A (evaluation), Option C (contract management), and Option D (performance monitoring) are core activities. Option B (setting SLA targets) is service level management.

Option E (providing training to supplier staff) is not a typical supplier management activity.

11
Multi-Selecthard

Which TWO statements correctly describe the difference between Incident Management and Problem Management? (Choose two.)

Select 2 answers
A.Incident management aims to eliminate the root cause of disruptions.
B.Problem management investigates the underlying cause of one or more incidents.
C.Problem management is responsible for logging all service interruptions.
D.Incident management may use a workaround to restore service quickly.
E.Problem management only focuses on known errors after incidents are resolved.
AnswersB, D

Problem management performs root cause analysis to prevent recurrence.

Why this answer

Option B is correct because Problem Management is explicitly tasked with investigating the underlying cause of one or more incidents, aiming to identify the root cause and prevent recurrence. Option D is correct because Incident Management focuses on restoring normal service operation as quickly as possible, often using a workaround to achieve this, which is a key distinction from Problem Management's longer-term analytical focus.

Exam trap

The trap here is confusing the reactive, service-restoration focus of Incident Management with the proactive, root-cause-analysis focus of Problem Management, leading candidates to incorrectly assign 'eliminate root cause' to Incident Management or 'log all interruptions' to Problem Management.

12
Multi-Selecthard

Which THREE of the following are components of the Service Value System (SVS) according to ITIL 4?

Select 3 answers
A.Service Value Chain
B.Outcomes
C.Governance
D.Value Streams
E.Guiding Principles
AnswersA, C, E

One of the five SVS components.

Why this answer

Option A is correct because the Service Value Chain is a core component of the ITIL 4 Service Value System (SVS). It provides an operating model for the creation, delivery, and continual improvement of services through six key activities: plan, improve, engage, design & transition, obtain/build, and deliver & support.

Exam trap

The trap here is that candidates often confuse 'Value Streams' with the 'Service Value Chain' as a component of the SVS, but ITIL 4 explicitly defines the Service Value Chain as the structural component, while value streams are derived from it and are not listed as a separate SVS component.

13
MCQmedium

A configuration baseline is used primarily in which practice?

A.Service Configuration Management
B.IT Asset Management
C.Deployment Management
D.Change Enablement
AnswerA

Correct. Configuration baselines are part of this practice.

Why this answer

Service Configuration Management manages CIs and configuration baselines to support control and auditing.

14
Multi-Selectmedium

Which TWO of the following are components of the ITIL 4 Service Value System?

Select 2 answers
A.Guiding Principles
B.Service Desk
C.Service Value Chain
D.Governance
E.Incident Management
AnswersA, C

Guiding principles are part of the SVS.

Why this answer

The ITIL SVS includes guiding principles, governance, service value chain, practices, and continual improvement. Option A (Guiding Principles) and Option B (Service Value Chain) are correct. Option C is a practice, not a component of the SVS.

Option D is a potential component but not listed as a separate SVS component; the SVS includes 'practices' collectively. Option E is not a component.

15
Multi-Selectmedium

Which TWO statements about the ITIL change enablement practice are CORRECT?

Select 2 answers
A.A change authority is a person or group that authorizes a change.
B.All changes must be approved by a change advisory board (CAB).
C.The change schedule is used to authorize changes.
D.Normal changes can be implemented without authorization if they are low risk.
E.Change enablement aims to ensure that changes are assessed, prioritized, and implemented in a controlled manner.
AnswersA, E

The change authority is defined for each type of change.

Why this answer

Option A is correct because the ITIL 4 definition of a change authority explicitly states it is a person or group responsible for authorizing a change. This aligns with the change enablement practice, which assigns authorization based on the change type and organizational policies, not on a single role like the CAB.

Exam trap

The trap here is that candidates often assume all changes need CAB approval or that low-risk normal changes can bypass authorization, confusing the pre-approved nature of standard changes with the still-required authorization for normal changes.

16
MCQmedium

A change that is low risk, pre-approved, and follows a defined procedure is classified as which type of change?

A.Standard change
B.Service request
C.Normal change
D.Emergency change
AnswerA

Standard changes are pre-approved and low risk.

Why this answer

Standard changes are pre-approved, low risk, and follow a defined procedure. Option A is correct. Normal changes require authorization.

Emergency changes are for urgent issues and require urgent authorization.

17
MCQhard

A Configuration Management Database (CMDB) is maintained by which practice?

A.Monitoring and Event Management
B.Service Desk
C.Service Configuration Management
D.IT Asset Management
AnswerC

Correct. Configuration Management maintains the CMDB.

Why this answer

The Configuration Management Database (CMDB) is the central repository for storing and managing configuration records (CIs) and their relationships. This is the core responsibility of the Service Configuration Management practice, which ensures that accurate and reliable information about CIs is available to support other service management processes.

Exam trap

The trap here is that candidates confuse IT Asset Management with Service Configuration Management because both deal with tracking IT resources, but ITAM focuses on financial lifecycle and ownership (e.g., cost, contract, depreciation) while Service Configuration Management focuses on technical relationships and configuration control (e.g., CI dependencies, versioning).

How to eliminate wrong answers

Option A is wrong because Monitoring and Event Management focuses on detecting and reacting to events (e.g., SNMP traps, syslog messages) and does not maintain a CMDB; it may consume CI data but does not own it. Option B is wrong because the Service Desk is the single point of contact for users and handles incidents and service requests, but it does not maintain the CMDB; it may use CMDB data for context but is not responsible for its accuracy or updates. Option D is wrong because IT Asset Management (ITAM) manages the lifecycle of financial assets (e.g., procurement, depreciation, disposal) and typically uses an Asset Management Database (AMDB) that is separate from the CMDB; while CIs and assets may overlap, the CMDB is specifically for configuration items and their relationships, not financial tracking.

18
MCQeasy

What type of change is pre-authorized and follows a low-risk, standardized procedure?

A.Normal change
B.Service request
C.Emergency change
D.Standard change
AnswerD

Standard changes are pre-authorized and have a low risk.

Why this answer

D is correct because a Standard change is pre-authorized by default and follows a low-risk, standardized procedure, such as applying a routine security patch or provisioning a new user account. This aligns with ITIL 4's definition of a Standard change as one that is well-understood, fully documented, and can be implemented without requiring additional approval each time.

Exam trap

The trap here is that candidates often confuse a Service request (Option B) with a Standard change because both are pre-defined and low-risk, but ITIL 4 explicitly categorizes Service requests as separate from changes, focusing on user-initiated requests like password resets rather than infrastructure modifications.

How to eliminate wrong answers

Option A is wrong because a Normal change requires formal approval from a Change Authority (e.g., CAB) and follows a non-standardized, risk-assessed procedure, not a pre-authorized low-risk one. Option B is wrong because a Service request is a formal request for something (e.g., access, information) that follows a predefined workflow, but it is not a type of change; ITIL distinguishes service requests from change types. Option C is wrong because an Emergency change is used for urgent, high-risk situations (e.g., critical security vulnerability patch) and must be authorized urgently, often via an emergency CAB, not pre-authorized as low-risk.

19
MCQeasy

What is the purpose of a Service Level Agreement (SLA)?

A.To list all services provided by the service desk
B.To define the internal support targets between IT teams
C.To document agreed service targets between the service provider and the customer
D.To define the terms and conditions with external suppliers
AnswerC

An SLA defines the agreed service levels between provider and customer.

Why this answer

An SLA is a documented agreement between a service provider and a customer that defines the level of service expected. Option A is correct. Option B describes OLA.

Option C describes UC. Option D is part of the supplier management process.

20
MCQhard

An IT team is investigating recurring network outages. They identify the root cause as a faulty switch and record the issue as a known error with a workaround. Which ITIL 4 practice is being applied?

A.Supplier Management
B.Service Desk
C.Problem Management
D.Incident Management
AnswerC

Problem Management includes root cause analysis and error control.

Why this answer

Problem Management includes three phases: problem identification, problem control (root cause analysis), and error control (known errors, workarounds). The scenario describes error control. Option B is correct.

Incident Management would not involve root cause analysis. Service Desk would not investigate root cause. Supplier Management is about managing vendors, not internal root cause analysis.

21
MCQhard

After a major incident, the Problem Management team identifies a known error and documents a workaround. According to ITIL 4, which practice is responsible for ensuring the workaround is implemented to restore service?

A.Change Enablement
B.Incident Management
C.Problem Management
D.Service Request Management
AnswerB

Incident Management applies workarounds to restore service as quickly as possible.

Why this answer

Incident Management is responsible for restoring service using workarounds; Problem Management identifies the workaround but does not execute it.

22
MCQhard

A user requests new software to be installed on their company laptop. The installation is pre-approved and follows a standard procedure. According to ITIL 4, this request should be categorized as:

A.A problem
B.An incident
C.An emergency change
D.A service request
AnswerD

Correct. Service requests are for pre-approved, standard items.

Why this answer

D is correct because a service request in ITIL 4 is defined as a formal request from a user for something to be provided – for example, information, advice, access to a service, or a pre-approved standard change. Since the software installation is pre-approved and follows a standard procedure, it fits the definition of a service request, not an incident or problem.

Exam trap

The trap here is that candidates often confuse a 'service request' with a 'standard change' or think any request for a change is a 'change request', but ITIL 4 explicitly categorizes pre-approved, user-initiated requests for standard items as service requests, not changes.

How to eliminate wrong answers

Option A is wrong because a problem is the root cause of one or more incidents, not a request for a standard, pre-approved installation. Option B is wrong because an incident is an unplanned interruption or reduction in quality of an IT service, whereas this is a planned, pre-approved request. Option C is wrong because an emergency change is a change that must be implemented as soon as possible to resolve a major incident or security threat, not a routine, pre-approved software installation.

23
MCQeasy

What is the ITIL 4 Continual Improvement Model?

A.A 7-step process for improvement
B.A 3-step process for problem management
C.A 5-step process for incident handling
D.A 4-step process for change authorization
AnswerA

The model has 7 steps.

Why this answer

The ITIL 4 Continual Improvement Model is a 7-step process that guides improvement initiatives.

24
MCQeasy

What is the PRIMARY purpose of the Incident Management practice?

A.To manage the lifecycle of all changes
B.To find the root cause of incidents
C.To ensure that service levels are met
D.To restore normal service operation as quickly as possible
AnswerD

This is the core purpose of Incident Management.

Why this answer

The primary purpose of Incident Management is to restore normal service operation as quickly as possible and minimize the adverse impact on business operations.

25
MCQhard

Which of the following scenarios BEST illustrates the difference between an incident and a service request?

A.A user reports a system crash (service request) and requests a software upgrade (incident)
B.A user requests a password reset (service request) and later reports that the email system is down (incident)
C.A user requests a new laptop (incident) and reports a printer jam (service request)
D.A user requests access to a database (incident) and reports a network outage (incident)
AnswerB

Correct: password reset is a request, email outage is an incident.

Why this answer

Option A correctly distinguishes: a password reset is a routine, pre-approved service request, while an email outage is an unplanned incident. Option B mixes both as incidents or requests. Option C both are requests.

Option D both are incidents.

26
Multi-Selectmedium

Which TWO of the following are key metrics for the Service Desk practice?

Select 2 answers
A.Mean Time Between Failures (MTBF)
B.First Call Resolution (FCR)
C.Recovery Time Objective (RTO)
D.Customer Satisfaction Score (CSAT)
E.Mean Time to Restore Service (MTTR)
AnswersB, D

FCR measures the percentage of issues resolved on the first call.

Why this answer

First Call Resolution (FCR) is a key metric for the Service Desk practice because it measures the percentage of incidents resolved during the first interaction with the user, without the need for escalation or follow-up. A high FCR directly indicates the efficiency and effectiveness of the Service Desk in resolving issues promptly, reducing user downtime and operational costs. This metric is critical for assessing the quality of first-level support and the knowledge base's adequacy.

Exam trap

The trap here is that candidates confuse operational metrics like MTTR (which is for Incident Management) with Service Desk-specific metrics, or they mistakenly think MTBF (a reliability metric) applies to the Service Desk's daily performance rather than to infrastructure components.

27
MCQmedium

An IT service desk analyst receives a call that users cannot access the CRM system. What should they do FIRST?

A.Log the incident with relevant details
B.Search for a known error in the known error database
C.Escalate to the problem management team
D.Reset users' passwords
AnswerA

Correct: The first step is to log the incident to ensure it is tracked.

Why this answer

The first step in incident management is to log the incident, capturing key details, before proceeding with investigation or escalation.

28
MCQmedium

Which metric is MOST commonly used to measure the efficiency of the Incident Management practice?

A.Availability percentage
B.Mean Time to Resolve (MTTR)
C.First Call Resolution (FCR)
D.Customer Satisfaction Score (CSAT)
AnswerB

MTTR is the key metric for Incident Management.

Why this answer

Mean Time to Resolve (MTTR) measures how quickly incidents are resolved, reflecting efficiency.

29
MCQeasy

What is the purpose of the 'shift-left' strategy in a service desk?

A.To enable users to resolve issues themselves via a portal
B.To resolve more incidents at the first point of contact without escalation
C.To increase system availability by reducing downtime
D.To automate incident resolution using artificial intelligence
AnswerB

Shift-left moves resolution to lower levels, such as the service desk.

Why this answer

Shift-left aims to resolve issues at the earliest possible point, typically at the service desk, reducing escalations. Option A is correct. Option B is about availability.

Option C is about automation. Option D is about self-service.

30
MCQmedium

An IT service desk analyst receives a call that users cannot access the CRM system. What should they do FIRST according to ITIL 4?

A.Inform the customer that it is a known error
B.Submit a change request
C.Log an incident record
D.Escalate to Problem Management
AnswerC

Correct. The analyst should log the incident to start the process.

Why this answer

The first step in Incident Management is to log the incident and attempt to restore service. The analyst should create an incident record.

31
MCQmedium

Which of the following is the correct distinction between Incident Management and Problem Management?

A.Incident Management restores service; Problem Management finds root causes
B.Incident Management finds root causes; Problem Management restores service
C.Incident Management handles change requests; Problem Management manages incidents
D.Incident Management is reactive; Problem Management is always proactive
AnswerA

This is the correct distinction.

Why this answer

Incident Management restores service quickly; Problem Management finds root causes to prevent recurrence. Option C is correct. Option A is wrong because the goal is not to find root cause (Problem Management).

Option B is wrong because Problem Management does not handle incidents directly. Option D is wrong because Problem Management is not about requesting changes.

32
MCQmedium

An IT service desk analyst receives a call that users cannot access the CRM system. What should they do FIRST according to ITIL 4?

A.Submit a change request to fix the system
B.Inform the service level manager to update the SLA
C.Raise a problem record to identify the root cause
D.Log an incident record and attempt to restore service
AnswerD

Incident Management focuses on restoring service quickly.

Why this answer

According to ITIL 4, when users cannot access a service like a CRM system, the first action is to log an incident record and attempt to restore service as quickly as possible. This aligns with the incident management practice, which prioritizes minimizing downtime over root cause analysis or procedural changes. The analyst must capture details, categorize the incident, and apply a workaround or fix to restore normal service operation.

Exam trap

The trap here is that candidates confuse incident management with problem management, assuming root cause analysis should come first, but ITIL 4 explicitly prioritizes restoring service over investigating causes.

How to eliminate wrong answers

Option A is wrong because submitting a change request is a later step that requires authorization and planning, not the immediate response to a service outage; it bypasses the incident management process. Option B is wrong because informing the service level manager to update the SLA is irrelevant—SLAs are contractual targets, not modified reactively for a single incident, and this action does not address the outage. Option C is wrong because raising a problem record to identify the root cause is a proactive step that occurs after incident management has restored service; starting with problem management delays service restoration and violates the incident-first principle.

33
Multi-Selectmedium

Which TWO of the following are activities of the Problem Management practice according to ITIL 4?

Select 2 answers
A.Fulfilling service requests
B.Restoring service by applying a workaround
C.Authorizing changes
D.Performing root cause analysis
E.Identifying and logging problems
AnswersD, E

Root cause analysis is part of problem control.

Why this answer

Problem Management includes problem identification, problem control (root cause analysis), and error control (managing known errors). Logging incidents and fulfilling requests belong to other practices.

34
Multi-Selectmedium

Which TWO are components of the ITIL 4 Service Value System?

Select 2 answers
A.Governance
B.Incident Management
C.Service desk
D.Guiding principles
E.Service portfolio
AnswersA, D

Governance is a component of the SVS.

Why this answer

The SVS includes Guiding Principles, Governance, Service Value Chain, Practices, and Continual Improvement.

35
MCQeasy

What is the PRIMARY purpose of the Incident Management practice?

A.To identify the root cause of incidents
B.To restore normal service operation as quickly as possible
C.To negotiate and agree on service level targets
D.To assess and authorize changes to services
AnswerB

This is the primary purpose of Incident Management.

Why this answer

The primary purpose of Incident Management is to restore normal service operation as quickly as possible and minimize the adverse impact on business operations. This ensures that service availability and quality are maintained, aligning with the ITIL 4 guiding principle of 'Focus on Value' by prioritizing rapid recovery over root cause analysis.

Exam trap

The trap here is that candidates confuse Incident Management with Problem Management, mistakenly thinking root cause analysis is the primary goal, when ITIL 4 explicitly separates the two to emphasize speed of recovery over investigation.

How to eliminate wrong answers

Option A is wrong because identifying the root cause of incidents is the primary purpose of Problem Management, not Incident Management; Incident Management focuses on swift restoration, not deep analysis. Option C is wrong because negotiating and agreeing on service level targets is the responsibility of Service Level Management, which defines and manages SLAs, not Incident Management. Option D is wrong because assessing and authorizing changes to services is the core function of Change Enablement, which controls the lifecycle of changes, while Incident Management handles unplanned interruptions.

36
MCQeasy

What is the primary focus of the Service Desk practice?

A.Monitoring and managing events
B.Providing a single point of contact for users
C.Ensuring services meet agreed capacity levels
D.Managing the lifecycle of all IT assets
AnswerB

Correct. The Service Desk is the SPOC.

Why this answer

The Service Desk practice is defined in ITIL 4 as the entry point and single point of contact for users seeking support, reporting incidents, or requesting services. Its primary focus is on capturing, managing, and resolving user interactions, not on technical infrastructure monitoring or asset lifecycle management.

Exam trap

PeopleCert often tests the distinction between user-facing practices (Service Desk) and infrastructure-focused practices (Event Management, Capacity Management, Asset Management), leading candidates to confuse the Service Desk's role with operational monitoring or asset tracking.

How to eliminate wrong answers

Option A is wrong because monitoring and managing events is the primary focus of the ITIL Event Management practice, which deals with detecting and responding to alerts from infrastructure components, not user-facing interactions. Option C is wrong because ensuring services meet agreed capacity levels is the responsibility of the Capacity and Performance Management practice, which involves monitoring resource utilization and planning for future demand. Option D is wrong because managing the lifecycle of all IT assets is the domain of the IT Asset Management practice, which tracks hardware, software, and other assets from acquisition to disposal.

37
MCQhard

A service provider uses a third-party data center. They want to ensure the data center's availability meets their requirements. Which document should they use to define these requirements?

A.Operational Level Agreement (OLA)
B.Underpinning Contract (UC)
C.Service Level Agreement (SLA)
D.Service Improvement Plan (SIP)
AnswerB

UC is a contract with an external supplier.

Why this answer

An OLA (Operational Level Agreement) is used between internal departments, not with external suppliers. For external suppliers, a contract or UC (Underpinning Contract) is used. Option C is correct.

Option A is wrong because SLA is with the customer. Option B is wrong because OLA is internal. Option D is wrong because SIP is an improvement plan.

38
MCQeasy

Which ITIL 4 practice is responsible for managing the lifecycle of IT assets from acquisition to disposal?

A.IT Asset Management
B.Supplier Management
C.Change Enablement
D.Service Configuration Management
AnswerA

IT Asset Management manages the complete lifecycle of assets.

Why this answer

IT Asset Management manages the lifecycle of IT assets, including financial aspects. Option A is correct. Service Configuration Management manages configuration items and their relationships.

Change Enablement handles changes. Supplier Management manages suppliers.

39
MCQhard

An organization wants to ensure that its IT services are available according to agreed levels. Which practice is PRIMARILY responsible for negotiating and monitoring these levels?

A.IT Asset Management
B.Availability Management
C.Service Level Management
D.Monitoring and Event Management
AnswerC

Why this answer

Service Level Management is the practice of negotiating, agreeing, and monitoring service level agreements (SLAs) with customers, and ensuring that services meet those targets.

40
MCQmedium

Which practice is responsible for ensuring that a service can meet current and future capacity demands?

A.Capacity and Performance Management
B.Monitoring and Event Management
C.IT Asset Management
D.Availability Management
AnswerA

This practice ensures that capacity and performance meet current and future needs.

Why this answer

Capacity and Performance Management ensures that services have the necessary resources to meet agreed performance and demand levels.

41
MCQhard

During a major incident, a temporary workaround is implemented to restore service. Which ITIL 4 practice is responsible for documenting this workaround and managing it until a permanent solution is available?

A.Service Level Management
B.Problem Management
C.Change Enablement
D.Incident Management
AnswerB

Problem Management documents workarounds in known error records and manages them.

Why this answer

Problem Management includes the error control phase, which manages known errors and workarounds. Incident Management resolves incidents but does not formally manage workarounds for known errors. Change Enablement and Service Level Management are not responsible for workarounds.

42
MCQhard

An organization wants to improve its service desk's efficiency by resolving more issues at the first point of contact. Which concept does this describe?

A.Continual improvement
B.Standard change
C.Service level management
D.Shift-left
AnswerD

Correct: Shift-left aims to resolve issues at the first contact.

Why this answer

Shift-left is the correct concept because it refers to moving problem resolution activities earlier in the service lifecycle, specifically to the first point of contact (e.g., service desk). By empowering the service desk with better tools, knowledge, and automation, more incidents can be resolved without escalation, directly improving efficiency and first-contact resolution rates.

Exam trap

The trap here is that candidates often confuse shift-left with continual improvement, but shift-left is a specific operational tactic for moving work to earlier support tiers, not a general improvement philosophy.

How to eliminate wrong answers

Option A is wrong because continual improvement is a broader, ongoing practice of aligning services with changing business needs, not specifically about resolving more issues at the first point of contact. Option B is wrong because a standard change is a pre-approved, low-risk change that follows a defined procedure, not a strategy for improving first-contact resolution. Option C is wrong because service level management focuses on defining, agreeing, and monitoring service level targets (e.g., response times), not on the operational tactic of resolving issues at the first point of contact.

43
MCQmedium

An organization wants to improve first-level resolution rate. Which practice is most directly involved?

A.Service Level Management
B.Service Desk
C.Problem Management
D.Incident Management
AnswerB

The service desk handles initial user contact and first-level resolution.

Why this answer

The service desk is responsible for first-level support and resolution.

44
Multi-Selecteasy

Which THREE are types of changes in Change Enablement?

Select 3 answers
A.Normal
B.Urgent
C.Emergency
D.Standard
E.Minor
AnswersA, C, D

Correct: standard change with approval.

Why this answer

ITIL 4 defines three change types: standard (pre-approved, low risk), normal (assessed and authorized via change advisory board), and emergency (urgent, expedited). Options A, C, and D are correct. Option B (urgent) is not an official type; emergency is.

Option E (minor) is not a separate type.

45
MCQeasy

Which ITIL 4 practice involves negotiating, agreeing, and monitoring service level agreements (SLAs)?

A.Service Level Management
B.Availability Management
C.Supplier Management
D.Service Desk
AnswerA

Correct: This practice manages SLAs.

Why this answer

Service Level Management is the ITIL 4 practice responsible for negotiating, agreeing, and monitoring Service Level Agreements (SLAs). It ensures that the agreed service levels are documented, tracked, and reported, aligning IT services with business expectations. This practice directly manages the lifecycle of SLAs, including their creation, review, and improvement.

Exam trap

The trap here is that candidates confuse the operational role of the Service Desk (handling incidents) with the strategic role of Service Level Management (negotiating and monitoring SLAs), leading them to select Service Desk because they think it 'manages' SLAs through daily interactions.

How to eliminate wrong answers

Option B (Availability Management) is wrong because it focuses on ensuring that IT services meet agreed availability targets, not on negotiating or monitoring SLAs; it uses metrics like uptime percentages and MTBF. Option C (Supplier Management) is wrong because it manages relationships with external suppliers and their contracts, not the SLAs with internal or external customers. Option D (Service Desk) is wrong because it is the single point of contact for incident and service requests, handling operational communication, not the strategic negotiation or monitoring of SLAs.

46
MCQmedium

A change request to replace a server with a newer model is assessed as low risk and follows a defined procedure. Which type of change should this be classified as in ITIL 4?

A.Service request
B.Emergency change
C.Normal change
D.Standard change
AnswerD

Standard changes are low risk, pre-approved, and follow a procedure.

Why this answer

Standard changes are pre-approved, low-risk, and follow a documented procedure. This description matches a standard change.

47
MCQhard

Which ITIL 4 practice involves managing the lifecycle of all IT assets, including financial and contractual components?

A.Service Configuration Management
B.Capacity and Performance Management
C.Supplier Management
D.IT Asset Management
AnswerD

ITAM manages the entire lifecycle of assets, including financial and contractual details.

Why this answer

IT Asset Management covers the full lifecycle of assets, including financial and contractual aspects.

48
Multi-Selectmedium

Which TWO of the following are types of change in ITIL 4?

Select 2 answers
A.Urgent change
B.Normal change
C.Routine change
D.Planned change
E.Standard change
AnswersB, E

Normal changes require assessment and approval.

Why this answer

The three change types are standard, normal, and emergency.

49
MCQmedium

An e-commerce company defines an SLA that its website will be available 99.9% of the time. Which practice is primarily responsible for negotiating and monitoring this agreement?

A.Supplier Management
B.Monitoring and Event Management
C.Service Level Management
D.Availability Management
AnswerC

Service Level Management handles the entire SLA lifecycle.

Why this answer

Service Level Management negotiates, agrees, and monitors SLAs with customers.

50
MCQeasy

What is the role of the Service Desk in ITIL 4?

A.Authorizing and scheduling changes
B.Identifying root causes of incidents
C.Single point of contact for users reporting incidents and requests
D.Monitoring and reporting on service levels
AnswerC

The Service Desk is the SPOC for all user interactions.

Why this answer

The Service Desk acts as a single point of contact (SPOC) for users, handling incidents and service requests. Option A is correct. Option B is the role of Change Enablement.

Option C is part of Problem Management. Option D is part of Service Level Management.

51
Multi-Selectmedium

Which TWO activities are part of the problem identification phase of Problem Management?

Select 2 answers
A.Organizing workarounds into known-error records
B.Trend analysis of incident records
C.Root cause analysis
D.Analyzing incident data for patterns
E.Implementing a known error
AnswersB, D

Correct: helps identify emerging problems.

Why this answer

Problem identification involves proactively identifying potential issues. Option A (trend analysis) and Option D (analyzing incident data) are correct methods. Option B (implementing a known error) is error control.

Option C (root cause analysis) is problem control. Option E (organizing workarounds) is error control.

52
MCQeasy

What is the PRIMARY purpose of the Incident Management practice?

A.To negotiate and agree on service level targets with customers
B.To manage the lifecycle of all hardware and software assets
C.To restore normal service operation as quickly as possible and minimize the adverse impact on business operations
D.To identify the root cause of incidents and prevent recurrence
AnswerC

This is the exact definition from ITIL 4.

Why this answer

The primary purpose of Incident Management is to restore normal service operation as quickly as possible, minimizing the adverse impact on business operations. Option B is correct.

53
MCQmedium

An IT service desk analyst receives a call that users cannot access the CRM system. What should they do FIRST?

A.Submit an emergency change to fix the system
B.Raise a problem record to investigate the root cause
C.Log an incident record and attempt to restore service
D.Inform the users that it is a known issue
AnswerC

This is the correct immediate action for an unplanned service interruption.

Why this answer

The first step is to log the incident to initiate the Incident Management process and restore service.

54
MCQmedium

An IT team is reviewing the configuration baseline of a service to understand what has changed since the last release. Which practice is primarily involved?

A.Service Configuration Management
B.Change Enablement
C.Deployment Management
D.Release Management
AnswerA

Configuration baselines are part of Service Configuration Management.

Why this answer

Service Configuration Management manages configuration baselines and CIs. Deployment Management moves releases into production, but configuration baselines are under Service Configuration Management. Release Management oversees releases.

Change Enablement authorizes changes.

55
MCQmedium

Which of the following is an example of a standard change?

A.Deploying an urgent security patch to fix a zero-day exploit
B.Implementing a new financial system
C.Migrating the data center to a new location
D.Restarting a server after a scheduled patch
AnswerD

A server restart following a patch is a routine, pre-approved activity.

Why this answer

Standard changes are pre-approved, low-risk, frequent changes that follow a defined procedure.

56
MCQeasy

Which of the following is a key activity in the Problem Management practice?

A.Authorizing and scheduling emergency changes
B.Fulfilling a password reset request from a user
C.Restoring service as quickly as possible using a workaround
D.Documenting known errors and workarounds in the Known Error Database
AnswerD

This is part of error control in Problem Management.

Why this answer

Problem Management involves root cause analysis and error control. Option B is correct because documenting known errors and workarounds is part of error control. Option A is an incident management activity; Option C is a change enablement activity; Option D is service request management.

57
MCQeasy

What is the PRIMARY purpose of the Incident Management practice?

A.To restore normal service as quickly as possible and minimize the adverse impact on business operations
B.To identify the root cause of incidents and prevent recurrence
C.To ensure that the service desk is the single point of contact for users
D.To manage the lifecycle of all changes to IT services
AnswerA

This is the definition of Incident Management.

Why this answer

The primary purpose of Incident Management is to restore normal service operation as quickly as possible and minimize the adverse impact on business operations. This is defined in ITIL 4 as the core objective of the practice, focusing on speed of recovery rather than root cause analysis or change control.

Exam trap

The trap here is that candidates confuse Incident Management with Problem Management, mistakenly thinking that finding the root cause is the primary goal, when ITIL explicitly separates the two practices to ensure rapid restoration of service.

How to eliminate wrong answers

Option B is wrong because identifying the root cause of incidents and preventing recurrence is the primary purpose of Problem Management, not Incident Management. Option C is wrong because ensuring the service desk is the single point of contact is a function of the Service Desk, not the Incident Management practice itself. Option D is wrong because managing the lifecycle of all changes to IT services is the primary purpose of Change Enablement, not Incident Management.

58
MCQmedium

An IT manager wants to ensure that a service meets its agreed availability targets. Which practice should they use?

A.Capacity and Performance Management
B.Availability Management
C.IT Asset Management
D.Service Level Management
AnswerB

Correct. Availability Management ensures services meet availability targets.

Why this answer

Availability Management ensures that services are available as agreed, managing planned and unplanned downtime.

59
MCQeasy

What is the PRIMARY purpose of the Incident Management practice?

A.To handle pre-defined, pre-approved service requests from users
B.To identify the root cause of incidents and prevent recurrence
C.To restore normal service operation as quickly as possible and minimize the adverse impact on business operations
D.To assess, authorize, and schedule changes to the IT infrastructure
AnswerC

Incident Management focuses on restoring service quickly, often via workarounds.

Why this answer

Incident Management aims to restore normal service operation as quickly as possible and minimize the adverse impact on business operations, ensuring that agreed levels of service quality are maintained. Option A is correct. Option B describes Problem Management.

Option C is the purpose of Change Enablement. Option D is Service Request Management.

60
MCQhard

An organization is implementing a new IT service management tool. According to ITIL 4, which practice would be primarily responsible for ensuring that the tool's performance meets the agreed demand?

A.Service Configuration Management
B.Capacity and Performance Management
C.Monitoring and Event Management
D.Availability Management
AnswerB

This practice ensures that service performance meets agreed levels and anticipates future demand.

Why this answer

Capacity and Performance Management ensures that services perform at the required level to meet demand. Availability Management focuses on uptime, not performance.

61
MCQhard

An organization notices that the CMDB contains outdated information about several configuration items. Which ITIL 4 practice is primarily responsible for maintaining accurate CI data?

A.Service Configuration Management
B.Deployment Management
C.IT Asset Management
D.Change Enablement
AnswerA

This practice manages the CMDB and configuration baselines.

Why this answer

Service Configuration Management is the ITIL 4 practice responsible for maintaining accurate and reliable information about configuration items (CIs) throughout their lifecycle. It ensures the CMDB reflects the current state of CIs, including relationships and attributes, by controlling updates through defined processes and audits. Outdated CI data directly indicates a failure in this practice's core function of configuration control and status accounting.

Exam trap

The trap here is that candidates confuse IT Asset Management (which tracks financial and contractual data) with Service Configuration Management (which tracks technical configuration data), leading them to choose Option C even though the CMDB's accuracy is a configuration management responsibility, not an asset management one.

How to eliminate wrong answers

Option B is wrong because Deployment Management focuses on moving new or changed hardware, software, or services into production environments, not on maintaining ongoing CI data accuracy in the CMDB. Option C is wrong because IT Asset Management manages the financial, contractual, and lifecycle aspects of assets (e.g., procurement, depreciation, disposal), but it does not own the technical configuration records or their accuracy in the CMDB. Option D is wrong because Change Enablement controls the approval and implementation of changes to services and CIs, but it does not perform the ongoing maintenance or verification of CI data accuracy; it relies on Service Configuration Management to provide reliable CI information.

62
MCQeasy

Which type of change follows a pre-defined, low-risk procedure and is pre-approved?

A.Service request
B.Normal change
C.Standard change
D.Emergency change
AnswerC

Why this answer

Standard changes are routine, pre-approved changes that follow a defined procedure and have low risk, such as password resets or adding a user to a group.

63
Multi-Selecteasy

Which TWO of the following are components of the ITIL 4 Service Value System?

Select 2 answers
A.Service level agreements (SLAs)
B.Guiding principles
C.Outputs
D.Governance
E.Service desk
AnswersB, D

Guiding principles are a key component of the SVS.

Why this answer

The ITIL 4 SVS includes guiding principles, governance, service value chain, practices, and continual improvement. Outputs and SLAs are not components of the SVS.

64
MCQmedium

Which of the following is an example of an emergency change?

A.Updating the service desk knowledge base with new articles
B.Applying a critical security patch to a production server to fix a vulnerability
C.A request to install a new software version for all users next month
D.A password reset for a user
AnswerB

Urgent security fix requires emergency change.

Why this answer

Emergency changes are for urgent situations like security patches; they follow a faster authorization process.

65
MCQmedium

An IT team is reviewing the number of incidents resolved on first contact. Which metric is being measured?

A.Customer Satisfaction Score (CSAT)
B.First Contact Resolution (FCR)
C.Service Level Agreement (SLA) compliance
D.Mean Time to Resolve (MTTR)
AnswerB

FCR measures incidents resolved on first contact.

Why this answer

First Contact Resolution (FCR) measures the percentage of incidents resolved on the first contact with the service desk.

66
Multi-Selecthard

Which THREE of the following are activities of Service Level Management?

Select 3 answers
A.Managing supplier contracts
B.Reporting service performance
C.Monitoring service performance against SLAs
D.Negotiating and agreeing SLAs
E.Defining service metrics
AnswersB, C, D

Reporting is part of SLM.

Why this answer

Service Level Management involves negotiating SLAs, monitoring service performance, and reporting results. Defining service metrics is part of service design, not a direct activity of SLA management.

67
MCQhard

Which of the following is an example of an 'exception' event as defined in Monitoring and Event Management?

A.A disk is nearing capacity
B.A server's CPU usage exceeds 95% and requires immediate attention
C.A user logs into the system
D.A backup job completes successfully
AnswerB

An exception event indicates an abnormal situation requiring action.

Why this answer

Exception events indicate that something is outside normal operation and requires immediate action. Option A is an exception. Option B is informational.

Option C is a warning. Option D is informational.

68
MCQhard

An organization has implemented a change to update the firewall rules. The change was pre-authorized and followed a predefined procedure. What type of change is this?

A.Standard change
B.Normal change
C.Service request
D.Emergency change
AnswerA

A pre-authorized, low-risk change with a defined procedure is a standard change.

Why this answer

In ITIL 4, a standard change is a pre-approved, low-risk change that follows a defined procedure. Option A is correct. Option B (normal change) requires authorization through the change advisory board.

Option C (emergency change) is for urgent issues. Option D (service request) is for routine service requests, not changes.

69
MCQmedium

An event monitoring system detects that a server's disk usage has reached 85%. Which type of event is this?

A.Exception event
B.Critical event
C.Warning event
D.Informational event
AnswerD

85% disk usage is below a critical threshold and indicates normal operation, so it is informational.

Why this answer

An informational event is used to notify that a predefined threshold has been reached but does not require immediate action. In this case, 85% disk usage is a standard monitoring threshold that indicates a normal operational state, not a failure or critical condition. ITIL 4 defines informational events as those that provide awareness of a situation that is within normal operating parameters.

Exam trap

The trap here is that candidates often confuse 'warning' with any threshold alert, but ITIL 4 distinguishes informational events as those that are purely for awareness and do not require a response, unlike warnings which imply potential future risk.

How to eliminate wrong answers

Option A is wrong because an exception event indicates an abnormal or unexpected occurrence that deviates from standard operations, such as a service outage or hardware failure, not a routine threshold alert. Option B is wrong because a critical event signifies a situation that requires immediate intervention to prevent service disruption, such as disk usage at 95% or 100%, not 85%. Option C is wrong because a warning event typically alerts that a threshold is approaching a critical level and may require attention soon, but 85% is often considered a standard informational threshold in many monitoring systems, not a warning.

70
MCQeasy

What is the PRIMARY purpose of the Problem Management practice?

A.To restore normal service operation as quickly as possible
B.To handle service requests from users efficiently
C.To manage the lifecycle of all IT assets
D.To eliminate or reduce the impact of incidents by identifying root causes
AnswerD

Problem management focuses on finding root causes and implementing permanent fixes or workarounds.

Why this answer

Problem management aims to identify the root causes of incidents and prevent recurrence or reduce impact. Restoring service is the purpose of incident management.

71
MCQmedium

Which practice includes the 'ITIL continual improvement model' with seven steps?

A.Continual Improvement
B.Change Enablement
C.Service Level Management
D.Problem Management
AnswerA

Continual Improvement uses the seven-step improvement model.

Why this answer

The ITIL continual improvement model is a structured seven-step process (What is the vision?, Where are we now?, Where do we want to be?, How do we get there?, Take action, Did we get there?, How do we keep the momentum going?) that is explicitly defined within the Continual Improvement practice. This practice is the owner of the model, providing the framework for identifying and executing improvements across all other ITIL practices.

Exam trap

The trap here is that candidates confuse the 'continual improvement model' with a generic improvement concept and incorrectly associate it with Problem Management (which also investigates root causes) or Change Enablement (which also involves steps), but only the Continual Improvement practice formally owns and defines the seven-step model.

How to eliminate wrong answers

Option B is wrong because Change Enablement manages the lifecycle of changes (standard, normal, emergency) and does not include the seven-step continual improvement model; its focus is on risk assessment and authorization of changes. Option C is wrong because Service Level Management deals with negotiating, agreeing, and monitoring service level agreements (SLAs) and does not own the seven-step improvement model; it may use the model but does not define it. Option D is wrong because Problem Management focuses on identifying the root cause of incidents and preventing recurrence through known error records and workarounds, not on the seven-step continual improvement model.

72
MCQmedium

An organization wants to track the lifecycle of its servers, including acquisition, maintenance, and disposal. Which practice should they use?

A.Supplier Management
B.Capacity and Performance Management
C.IT Asset Management
D.Service Configuration Management
AnswerC

This practice manages the full lifecycle of assets.

Why this answer

IT Asset Management manages the lifecycle of assets, including hardware such as servers.

73
MCQhard

A user requests a new laptop because their current one is slow. The request is for a standard configuration. How should this be handled?

A.As a change request
B.As a service request
C.As an incident
D.As a problem
AnswerB

Standard requests are service requests, pre-approved.

Why this answer

A request for a standard configuration item is a service request, as it is pre-approved and follows a defined procedure. Option A is correct. Option B is wrong because an incident is an unplanned interruption.

Option C is wrong because a problem is the cause of incidents. Option D is wrong because a change request is for changes that may require approval.

74
MCQmedium

What is the relationship between a Configuration Management Database (CMDB) and IT Asset Management?

A.IT Asset Management provides financial data for CIs in the CMDB
B.The CMDB replaces IT Asset Management
C.They are the same practice
D.IT Asset Management is a subset of Service Configuration Management
AnswerA

Asset management provides financial and lifecycle information that can be linked to CIs in the CMDB.

Why this answer

IT Asset Management manages the lifecycle of assets (financial and contractual), while the CMDB records configuration items (CIs) and their relationships. They are complementary, with the CMDB often containing asset information but not replacing asset management.

75
MCQeasy

A retail company is experiencing frequent service outages during peak hours due to insufficient capacity. The IT team wants to implement a practice that ensures the service provider has the capacity to meet agreed service level targets cost-effectively and in a timely manner. Which ITIL management practice should they use?

A.Monitoring and event management
B.Capacity and availability management
C.Availability management
D.Service level management and availability management
AnswerB

This practice ensures that capacity meets current and future demands cost-effectively and that services meet agreed availability targets.

Why this answer

Capacity and availability management is the correct practice because it focuses on ensuring capacity meets current and future demands cost-effectively. Option A is wrong because it is not a single practice. Option B is wrong because availability management focuses on uptime, not capacity.

Option D is wrong because monitoring and event management detects incidents but does not plan capacity.

Page 1 of 6 · 420 questions totalNext →

Ready to test yourself?

Try a timed practice session using only ITIL Management Practices questions.