CCNA ITIL Management Practices Questions

75 of 420 questions · Page 4/6 · ITIL Management Practices · Answers revealed

226
MCQeasy

Which of the following is a key metric for the Service Desk practice?

A.Percentage of changes implemented successfully
B.First Call Resolution (FCR) rate
C.Service level agreement (SLA) compliance
D.Mean Time to Restore Service (MTTR)
AnswerB

FCR measures how often the Service Desk resolves an issue on the first call.

Why this answer

First Call Resolution (FCR) is a common metric for Service Desk effectiveness. Option C is correct. MTTR is for Incident Management.

SLA compliance is for Service Level Management. Uptime is for Availability Management.

227
Multi-Selecthard

Which THREE of the following are characteristics of a service request?

Select 3 answers
A.It is pre-approved and follows a defined procedure
B.It is a request for information or access
C.It involves an unplanned service disruption
D.It requires a change request to fulfill
E.It is often fulfilled by the service desk
AnswersA, B, E

Service requests are typically pre-approved and have standard procedures.

Why this answer

Service requests are predefined, pre-approved, low-risk, and typically involve standard procedures. Incidents are unplanned, and service requests are separate from changes.

228
MCQmedium

An IT service desk analyst receives a call that users cannot access the CRM system. The analyst verifies the issue and suspects it may be related to a recent change. What should the analyst do FIRST according to ITIL 4?

A.Immediately reverse the recent change
B.Create a service request to restore access
C.Log an incident record and begin initial diagnosis
D.Log a problem record to investigate the root cause
AnswerC

An incident should be logged first to manage the unplanned interruption.

Why this answer

The first step is to log the disruption as an incident to initiate restoration of service, even if the cause is suspected to be a change.

229
MCQhard

Which statement BEST distinguishes a service request from an incident?

A.Incidents are only technical issues, while service requests are for information
B.Service requests always require a change, while incidents never do
C.Service requests are not logged, while incidents are always logged
D.Service requests are pre-defined and pre-approved, while incidents are unplanned service disruptions
AnswerD

This is the key distinction: service requests follow a standard process; incidents are unplanned.

Why this answer

Incidents are unplanned service interruptions; service requests are pre-defined, pre-approved requests from users. Option A is correct. Option B is wrong because both may involve changes.

Option C is wrong because service requests can be related to information. Option D is wrong because both are logged.

230
MCQeasy

In the ITIL 4 Service Value System, which component provides governance and guidance?

A.Guiding Principles
B.Continual Improvement
C.Service Value Chain
D.Governance
AnswerD

Governance provides direction and control through policies and decision-making.

Why this answer

In the ITIL 4 Service Value System (SVS), the Governance component is specifically responsible for defining the direction, policies, and control mechanisms that ensure the organization's activities align with its objectives. It provides the overarching framework for decision-making and accountability, guiding how all other SVS components operate. Without governance, the SVS would lack the necessary oversight to ensure value co-creation is achieved in a controlled and compliant manner.

Exam trap

The trap here is that candidates often confuse the Guiding Principles (Option A) with governance because both provide 'guidance,' but the Guiding Principles are broad, flexible recommendations, whereas Governance is a formal, authoritative component that enforces policies and controls.

How to eliminate wrong answers

Option A is wrong because Guiding Principles are recommendations that guide an organization in its work, but they do not provide the formal governance and authority structure; they are a component of the SVS that supports decision-making, not governance itself. Option B is wrong because Continual Improvement is a practice and a component that ensures the SVS is constantly optimized, but it is a method for improvement, not a governance mechanism that provides direction and control. Option C is wrong because the Service Value Chain is an operating model that outlines the key activities to create value, but it is a framework for workflows, not a governance body that sets policies and ensures compliance.

231
MCQhard

An organization is reviewing its IT service management practices. They find that the same recurring incident is being logged multiple times without investigation. Which practice should address this to prevent recurrence?

A.Change Enablement
B.Incident Management
C.Problem Management
D.Service Desk
AnswerC

Problem Management aims to find root cause and eliminate recurring incidents.

Why this answer

Problem Management is responsible for identifying the root cause of incidents and preventing recurrence. Option A is correct. Incident Management focuses on restoring service, not preventing recurrence.

Service Desk logs incidents. Change Enablement manages changes.

232
MCQhard

Which of the following BEST differentiates a normal change from an emergency change?

A.Normal changes are always low-risk; emergency changes are high-risk
B.Emergency changes are implemented without any approval
C.Normal changes are assessed and approved through standard procedures; emergency changes require urgent handling to avoid business impact
D.Emergency changes are only used for security incidents
AnswerC

This accurately captures the key difference in process and urgency.

Why this answer

Emergency changes are for urgent situations where delays would cause significant business impact, and they follow an expedited process. Normal changes follow standard assessment and approval.

233
Multi-Selectmedium

Which TWO of the following are considered service management practices in ITIL 4?

Select 2 answers
A.Service Desk
B.IT Asset Management
C.Capacity and Performance Management
D.Supplier Management
E.Service Level Management
AnswersA, E

Service Desk is a service management practice.

Why this answer

Service Desk is correct because ITIL 4 defines it as a key service management practice that provides a single point of contact between the service provider and users for managing incidents, service requests, and communication. It is explicitly listed in the ITIL 4 service management practices, focusing on operational support and user interaction.

Exam trap

The trap here is that candidates often confuse general management practices (like IT Asset Management) or technical management practices (like Capacity and Performance Management) with service management practices, because ITIL 4 reorganized the categories from ITIL v3's processes, leading to misclassification.

234
Multi-Selectmedium

Which TWO of the following are phases of Problem Management?

Select 2 answers
A.Incident Resolution
B.Problem Identification
C.Event Classification
D.Problem Control
E.Service Desk
AnswersB, D

This is the first phase.

Why this answer

Problem Identification is a core phase of Problem Management because it involves detecting and logging problems before they are analyzed. In ITIL 4, Problem Management consists of three phases: Problem Identification, Problem Control, and Error Control. Problem Identification ensures that problems are formally recognized, often through trend analysis of incidents or proactive monitoring, so that root causes can be addressed.

Exam trap

The trap here is that candidates confuse the phases of Problem Management with other ITIL practices, such as Incident Management or Event Management, because all involve handling issues but have distinct objectives and workflows.

235
Multi-Selectmedium

Which TWO of the following are types of events in Monitoring and Event Management?

Select 2 answers
A.Incident
B.Problem
C.Service request
D.Informational
E.Warning
AnswersD, E

Correct. Informational events provide awareness.

Why this answer

In ITIL 4, Monitoring and Event Management defines three types of events: Informational, Warning, and Exception. Option D (Informational) is correct because informational events indicate normal, expected operations (e.g., a scheduled backup completed successfully) and do not require any action beyond logging.

Exam trap

The trap here is that candidates confuse the ITIL event types (Informational, Warning, Exception) with other ITIL practices (Incident, Problem, Service Request), leading them to incorrectly select Incident or Problem as event types.

236
Multi-Selectmedium

Which TWO of the following are characteristics of a service request compared to an incident?

Select 2 answers
A.They require root cause analysis
B.They cause unplanned service interruption
C.They are typically low-risk
D.They are pre-approved processes
E.They are always urgent
AnswersC, D

Service requests are low-risk and pre-approved.

Why this answer

Service requests are pre-approved and typically follow a standard fulfillment process, while incidents are unplanned disruptions.

237
MCQmedium

An IT organization wants to improve first-contact resolution (FCR) rates. According to ITIL 4, which practice is most directly associated with this metric?

A.Problem Management
B.Service Level Management
C.Incident Management
D.Service Desk
AnswerD

FCR is a common measure of service desk effectiveness.

Why this answer

First-contact resolution is a key performance indicator for the service desk, reflecting its ability to resolve issues on the first interaction.

238
Multi-Selectmedium

Which THREE are components of the ITIL 4 Service Value System?

Select 3 answers
A.Service Level Agreements
B.Guiding Principles
C.Configuration Management Database
D.Governance
E.Service Value Chain
AnswersB, D, E

Guiding Principles are part of the SVS.

Why this answer

The Service Value System includes the Guiding Principles, Governance, Service Value Chain, Practices, and Continual Improvement.

239
MCQmedium

A major incident occurs. The IT team implements a workaround to restore service. Which practice is responsible for ensuring that the workaround does not become a permanent solution?

A.Change Enablement
B.Service Level Management
C.Problem Management
D.Incident Management
AnswerC

Problem Management aims to find root causes and eliminate workarounds through permanent fixes.

Why this answer

Problem Management will investigate the root cause and identify a permanent fix; Incident Management focuses on restoration.

240
MCQmedium

Which metric is most commonly used to measure the effectiveness of the Service Desk?

A.SLA compliance
B.Mean Time to Repair (MTTR)
C.Number of changes
D.First Contact Resolution (FCR)
AnswerD

FCR measures the percentage of issues resolved on first contact.

Why this answer

First Contact Resolution (FCR) is a key service desk metric.

241
MCQhard

An IT team is investigating a recurring network outage. They have identified the root cause as a faulty router configuration. In which phase of Problem Management are they operating?

A.Error Control
B.Problem Identification
C.Incident Management
D.Problem Control
AnswerD

Problem Control is the phase that includes root cause analysis and identifying the cause.

Why this answer

Problem Control is the phase where root cause analysis is performed and the root cause is identified. Problem Identification is the first phase (detecting problems), and Error Control is the phase where known errors are managed and workarounds are created.

242
Multi-Selectmedium

Which TWO of the following are types of events in Monitoring and Event Management?

Select 2 answers
A.Exception
B.Warning
C.Informational
D.Exception
E.Emergency
.Standard
AnswersB, C

Warning events indicate a potential issue.

Why this answer

In ITIL 4, Monitoring and Event Management defines three types of events: Informational, Warning, and Exception. A Warning event (Option B) indicates a condition that may require attention before it becomes critical, such as a disk usage threshold being exceeded. An Informational event (Option C) is a routine notification that does not require action, like a successful backup completion.

Exam trap

The trap here is that candidates confuse 'Exception' (a valid ITIL event type) with 'Emergency' (a change model), and fail to notice that 'Exception' is duplicated in the options, leading them to select it twice instead of recognizing the correct pair of Warning and Informational.

243
MCQmedium

An IT service desk analyst receives a call that users cannot access the CRM system. What should they do FIRST according to ITIL 4?

A.Inform the users that the issue will be resolved within 24 hours
B.Submit a change request to modify the CRM system
C.Escalate the issue to Problem Management for root cause analysis
D.Log an incident record and attempt to restore service
AnswerD

Logging the incident is the first step, then attempts to restore service.

Why this answer

The first step is to log the incident, as this captures the disruption and initiates the process to restore service.

244
Multi-Selectmedium

Which TWO are phases of the Problem Management practice?

Select 2 answers
A.Service restoration
B.Problem control
C.Problem identification
D.Incident resolution
E.Change authorization
AnswersB, C

Correct. This phase involves root cause analysis.

Why this answer

ITIL 4 describes three phases: problem identification, problem control (root cause analysis), and error control (known errors).

245
MCQhard

A service desk agent fulfills a password reset request for a user. According to ITIL 4, which practice does this activity belong to?

A.Change Enablement
B.Incident Management
C.Problem Management
D.Service Request Management
AnswerD

Password resets are standard service requests.

Why this answer

Password resets are pre-approved, routine requests, typical of Service Request Management.

246
MCQmedium

An IT service desk analyst receives a call that users cannot access the CRM system. According to ITIL 4, what should they do FIRST?

A.Notify the service level manager of a potential SLA breach
B.Submit a change request to implement a permanent fix
C.Log an incident and attempt to restore service as quickly as possible
D.Initiate a problem record to identify the root cause
AnswerC

Incident Management aims to restore normal service ASAP.

Why this answer

The first priority is to restore service as quickly as possible, which is the purpose of Incident Management. Option B is correct. Option A is a Problem Management activity; Option C is Change Enablement; Option D is Service Level Management.

247
MCQmedium

An organization wants to improve first-level resolution rates. Which practice should they focus on?

A.Service Desk
B.Problem Management
C.Service Level Management
D.Incident Management
AnswerA

The service desk aims to resolve incidents at first contact (FCR).

Why this answer

Improving first-level resolution rates is a key objective for the service desk, often achieved through shift-left strategies. Option B is correct. Option A is wrong because service level management focuses on SLAs, not resolution rates.

Option C is wrong because incident management is about restoring service, not necessarily first-level resolution. Option D is wrong because problem management focuses on root cause.

248
MCQeasy

What is the primary measure of success for Incident Management?

A.Mean Time to Restore Service (MTTR)
B.First Call Resolution (FCR)
C.Customer Satisfaction Score (CSAT)
D.Mean Time Between Failures (MTBF)
AnswerA

MTTR measures how quickly service is restored after an incident.

Why this answer

Incident Management is measured by Mean Time to Restore Service (MTTR). Option B is correct. Option A (FCR) is a Service Desk metric.

Option C (CSAT) is customer satisfaction. Option D (MTBF) is used in Availability Management.

249
MCQmedium

During a major outage, a team implements a temporary workaround to restore service. Which ITIL 4 practice is primarily responsible for this action?

A.Problem Management
B.Incident Management
C.Change Enablement
D.Service Desk
AnswerB

Incident Management focuses on restoring service quickly, often using workarounds.

Why this answer

Incident Management is responsible for restoring service as quickly as possible, even with a workaround. Option A is correct. Problem Management would later diagnose the root cause.

Service Desk may log the incident but the restoration action is Incident Management.

250
MCQhard

An organization has identified that a recurring incident is caused by a specific software bug. The bug has been documented, and a workaround is known. What phase of Problem Management is this?

A.Problem Identification
B.Problem Control
C.Error Control
D.Incident Management
AnswerC

Error Control manages known errors and workarounds.

Why this answer

The phase where known errors are documented and workarounds are maintained is Error Control. Option C is correct. Option A (Problem Identification) detects problems.

Option B (Problem Control) analyzes root causes. Option D (Incident Management) is not a phase of Problem Management.

251
Multi-Selecteasy

Which THREE of the following are ITIL 4 management practices?

Select 3 answers
A.Financial Management
B.Service Desk
C.Incident Management
D.Project Management
E.Problem Management
AnswersB, C, E

Service Desk is a practice.

Why this answer

Service Desk, Incident Management, and Problem Management are ITIL 4 management practices. Project Management and Financial Management are not part of the ITIL 4 practices list.

252
MCQmedium

An IT service desk analyst receives a call that users cannot access the CRM system. According to ITIL 4, what should they do FIRST?

A.Investigate the root cause of the access issue
B.Log an incident and categorize it appropriately
C.Submit a change request to modify the CRM system
D.Create a service request for the users to regain access
AnswerB

The immediate action is to log and categorize the incident to initiate the resolution process.

Why this answer

The first step in Incident Management is to log and categorize the incident. This ensures that the issue is recorded and can be properly prioritized and escalated. Option A is incorrect because root cause analysis belongs to Problem Management, which occurs after incidents are logged.

Option C is incorrect because a change request would be appropriate only after a solution is identified. Option D is incorrect because service requests are for pre-approved, routine needs.

253
MCQmedium

An organization wants to improve customer satisfaction when users contact the service desk. Which metric is most appropriate to measure?

A.Customer Satisfaction (CSAT)
B.Mean Time to Restore Service (MTRS)
C.Number of incidents logged
D.First Call Resolution (FCR)
AnswerA

Correct. CSAT directly measures user satisfaction.

Why this answer

CSAT (Customer Satisfaction) directly measures user satisfaction with service desk interactions.

254
MCQhard

In ITIL 4, which practice is primarily responsible for managing the lifecycle of all IT assets?

A.Capacity Management
B.Service Configuration Management
C.IT Asset Management
D.Supplier Management
AnswerC

Correct. ITAM manages the entire lifecycle of assets.

Why this answer

IT Asset Management (ITAM) manages the lifecycle of IT assets from acquisition to disposal.

255
MCQhard

A company is designing a new service and wants to ensure that all IT services are described in a consistent manner. Which practice provides the framework for documenting service descriptions, including their functional and operational characteristics?

A.Service Catalog Management
B.Service Configuration Management
C.Service Level Management
D.IT Asset Management
AnswerA

Service Catalog Management ensures the service catalog contains accurate and consistent information about all services.

Why this answer

Service Catalog Management is the correct practice because it provides the single source of consistent information on all agreed services, ensuring that every service is described with its functional and operational characteristics in a standardized format. This practice defines the service catalog structure, which includes service descriptions, service level agreements, and operational details, enabling consistent documentation across the IT organization.

Exam trap

The trap here is that candidates often confuse Service Catalog Management with Service Configuration Management, thinking that documenting service characteristics is about managing configuration items, but the key distinction is that the catalog describes the service as a product, while configuration management tracks the underlying components.

How to eliminate wrong answers

Option B (Service Configuration Management) is wrong because it focuses on managing the configuration items (CIs) that support services, not on documenting the service descriptions themselves; it deals with relationships and attributes of CIs, not the functional/operational characteristics of services. Option C (Service Level Management) is wrong because it is concerned with negotiating, agreeing, and monitoring service level targets, not with the consistent documentation of service descriptions; it uses service descriptions but does not provide the framework for creating them. Option D (IT Asset Management) is wrong because it manages the lifecycle of tangible and intangible assets (e.g., hardware, software licenses), not the documentation of service characteristics; it tracks financial and contractual aspects, not functional or operational service details.

256
MCQmedium

A service desk wants to improve first contact resolution (FCR) rate. Which practice should be primarily involved in defining and monitoring this metric?

A.Problem Management
B.Service Level Management
C.Service Desk
D.Incident Management
AnswerC

FCR is a key performance indicator for the service desk.

Why this answer

Service Desk practice is responsible for FCR and other service desk metrics.

257
MCQhard

Which type of change is typically pre-approved and follows a predefined procedure?

A.Normal change
B.Emergency change
C.Service request
D.Standard change
AnswerD

Correct. Standard changes are pre-approved and follow a predefined procedure.

Why this answer

Standard changes are pre-approved and follow a predefined procedure because they are low-risk, routine, and well-understood. ITIL 4 defines a standard change as one that is implemented through a documented, repeatable process, such as applying a security patch or provisioning a new user account, without requiring additional authorization each time.

Exam trap

The trap here is that candidates confuse a service request with a standard change, but ITIL 4 explicitly separates them: service requests are for predefined user needs (e.g., password reset), while standard changes are for predefined infrastructure or application modifications.

How to eliminate wrong answers

Option A is wrong because a normal change requires assessment and approval from the Change Authority before implementation, as it involves moderate to high risk and does not follow a predefined procedure. Option B is wrong because an emergency change is implemented urgently to resolve a major incident or security breach, but it still requires expedited approval and is not pre-approved. Option C is wrong because a service request is a formal request from a user for something like information or access, which may follow a predefined procedure but is not a type of change; it is handled through the service request management process, not change management.

258
MCQmedium

A change request to replace a server is categorized as a 'standard change'. What does this mean?

A.The change does not require any documentation or assessment
B.The change requires authorization from the Change Advisory Board (CAB)
C.The change must be implemented as soon as possible due to a critical incident
D.The change is low-risk and follows a predefined, approved procedure
AnswerD

Standard changes are well-understood, low-risk, and pre-authorized.

Why this answer

A standard change is pre-approved and follows a low-risk, predefined procedure. Option B is correct. Option A describes a normal change.

Option C describes an emergency change. Option D is incorrect because standard changes still require assessment but are pre-authorized.

259
MCQhard

A user requests a new laptop because their current one is slow. After investigation, the service desk determines the laptop is under warranty and a replacement can be ordered. According to ITIL 4, how should this request be classified?

A.Incident, because the user is experiencing poor performance
B.Service request, because it is a request for a new laptop that can be fulfilled through a standard process
C.Problem, because slow performance may indicate an underlying issue
D.Normal change, because a laptop replacement requires authorization
AnswerB

Service requests are pre-approved and typically involve standard changes.

Why this answer

This is a service request because it is a pre-defined, pre-approved request for a new laptop (fulfillment of a standard change). It is not an incident because the laptop is still functional, just slow.

260
Multi-Selecteasy

Which TWO of the following are true about a service request?

Select 2 answers
A.It is predefined and pre-approved
B.It can be fulfilled via the service catalogue
C.It is an unplanned interruption to a service
D.It is always caused by a known error
E.It requires a change authority approval
AnswersA, B

Correct. Service requests are typically predefined.

Why this answer

Option A is correct because a service request is defined as a standardized, pre-defined request from a user for something that is already approved as part of normal service delivery. ITIL 4 states that service requests are typically low-risk, frequently recurring, and do not require additional authorization because they are pre-approved by the service provider. This allows for efficient fulfillment without the need for a formal change approval process.

Exam trap

The trap here is that candidates often confuse a service request with an incident or a change, mistakenly thinking that all user requests require formal approval or are caused by errors, when in fact service requests are predefined, low-risk, and pre-approved by design.

261
MCQmedium

A change request to upgrade the email server is assessed and authorized by the Change Advisory Board (CAB). After testing, it is scheduled for the next weekend. What type of change is this?

A.Emergency change
B.Normal change
C.Service request
D.Standard change
AnswerB

Correct: A normal change follows the full assessment and authorization process.

Why this answer

Normal changes require assessment and authorization by the CAB, unlike standard (pre-approved) or emergency (urgent) changes.

262
MCQhard

A company wants to improve its incident resolution time. Which practice would be most relevant to analyze recurring incidents and identify underlying causes?

A.Problem Management
B.Continual Improvement
C.Incident Management
D.Change Enablement
AnswerA

Problem Management identifies root causes and can lead to permanent fixes that reduce incident recurrence.

Why this answer

Problem Management is the ITIL practice specifically designed to analyze recurring incidents by performing root cause analysis (RCA) and identifying underlying causes. By using techniques such as trend analysis, Kepner-Tregoe, or 5 Whys, Problem Management proactively reduces incident volume and resolution time, directly addressing the company's goal.

Exam trap

The trap here is confusing Incident Management (which restores service quickly) with Problem Management (which finds and fixes root causes), leading candidates to pick Incident Management because they focus on 'resolution time' rather than 'analyzing recurring incidents.'

How to eliminate wrong answers

Option B (Continual Improvement) is wrong because it focuses on overall service improvement through the CSI approach (Plan-Do-Check-Act) and does not specialize in analyzing recurring incidents or performing root cause analysis. Option C (Incident Management) is wrong because its primary goal is to restore normal service operation as quickly as possible, not to investigate underlying causes; it handles symptoms, not root causes. Option D (Change Enablement) is wrong because it manages the lifecycle of changes (RFCs, CAB approvals) to minimize risk, not to analyze incident patterns or identify root causes.

263
MCQmedium

A user contacts the service desk to request a new laptop because their current one is broken. The service desk analyst creates a ticket and arranges for a replacement. According to ITIL 4, what type of record should be raised?

A.Incident record
B.Change request
C.Problem record
D.Service request
AnswerD

The user is requesting a standard item (replacement laptop) that is pre-approved and can be fulfilled via a service request.

Why this answer

This is a service request because it is a pre-defined, pre-approved request for a standard item (replacement laptop for a broken one).

264
MCQmedium

According to ITIL 4, which practice is responsible for ensuring that services are available as agreed with the customer?

A.Service Level Management
B.Availability Management
C.Capacity and Performance Management
D.Incident Management
AnswerB

Availability Management is responsible for ensuring services are available as agreed.

Why this answer

Availability Management ensures that services are available as agreed, managing planned and unplanned downtime.

265
MCQeasy

What is the PRIMARY purpose of the Incident Management practice?

A.Manage the lifecycle of all Changes
B.Identify the root cause of incidents and prevent recurrence
C.Restore normal service as quickly as possible
D.Provide a single point of contact for users
AnswerC

This is the primary purpose of Incident Management.

Why this answer

Incident Management aims to restore normal service operation as quickly as possible and minimize adverse impact on business operations.

266
MCQmedium

A service desk team is implementing a 'shift-left' strategy. What is the PRIMARY goal of this approach?

A.To automate incident resolution using AI and chatbots
B.To ensure all calls are logged before escalation
C.To resolve more incidents and requests at the first point of contact without escalation
D.To increase empathy and customer satisfaction
AnswerC

Shift-left aims to handle issues at the service desk level, reducing escalation.

Why this answer

The primary goal of a 'shift-left' strategy in ITIL 4 is to resolve more incidents and service requests at the first point of contact (tier 0 or tier 1) without escalating to higher support levels. This reduces mean time to resolution (MTTR), lowers operational costs, and improves user satisfaction by minimizing handoffs. While automation and empathy can support shift-left, they are enablers, not the core objective.

Exam trap

The trap here is that candidates confuse the enablers (automation, empathy) with the primary goal, which is strictly about resolving incidents and requests at the first point of contact without escalation.

How to eliminate wrong answers

Option A is wrong because automating incident resolution with AI and chatbots is a tactic to enable shift-left, not its primary goal; the goal is resolution at first contact, not the tool used. Option B is wrong because logging all calls before escalation is a procedural requirement for tracking, but shift-left focuses on avoiding escalation altogether, not just logging. Option D is wrong because increasing empathy and customer satisfaction is a desired outcome of shift-left, but the primary goal is operational: resolving incidents and requests without escalation.

267
MCQhard

An organization has a change policy that requires all changes to be assessed and authorized by the Change Authority. A pre-approved change that has a low risk and follows a defined procedure is known as which type of change?

A.Normal change
B.Emergency change
C.Service request
D.Standard change
AnswerD

Standard changes are pre-approved, low risk, and follow a defined procedure.

Why this answer

A standard change is a pre-approved, low-risk change that follows a defined procedure, such as a password reset or server patch cycle. The ITIL 4 framework defines it as a change that does not require individual assessment or authorization by the Change Authority because its risk is well-understood and the implementation steps are documented in a standard operating procedure (SOP). This matches the description in the question exactly.

Exam trap

The trap here is that candidates confuse 'pre-approved' with 'normal change' because they think all changes need individual authorization, but ITIL 4 explicitly separates standard changes as pre-approved by definition, not requiring per-change authorization.

How to eliminate wrong answers

Option A is wrong because a normal change is any change that is not standard or emergency, and it requires assessment and authorization by the Change Authority on a case-by-case basis, not pre-approved. Option B is wrong because an emergency change is a high-risk, urgent change that must be implemented quickly to resolve a major incident or security threat, and it follows a separate expedited authorization process, not a low-risk pre-approved procedure. Option C is wrong because a service request is a formal request from a user for something to be provided (e.g., access, information), not a change to an IT service, and it is handled through the service request management process, not the change management process.

268
MCQhard

An organization has a CMDB that contains information about all configuration items (CIs) and their relationships. Which practice is primarily responsible for maintaining this information?

A.Service Catalog Management
B.Service Configuration Management
C.IT Asset Management
D.Deployment Management
AnswerB

This practice is responsible for the CMDB, CIs, and configuration baselines.

Why this answer

Service Configuration Management is responsible for maintaining the CMDB and ensuring accurate CI data. Option B is correct. Option A manages the lifecycle of assets, but the CMDB is focused on configuration.

Option C manages services. Option D manages deployments.

269
MCQmedium

A problem has been identified and root cause analysis is underway. According to ITIL 4, which phase of Problem Management is this?

A.Problem control
B.Problem identification
C.Incident control
D.Error control
AnswerA

Problem control includes root cause analysis.

Why this answer

Problem control involves root cause analysis and resolution.

270
MCQhard

Which statement correctly distinguishes between a service request and an incident?

A.Service requests are managed by Problem Management, while incidents are managed by Incident Management
B.Service requests are always urgent, while incidents have varying priority
C.Service requests are for pre-approved, routine services; incidents are unplanned interruptions
D.Service requests are always initiated by the service desk, while incidents are initiated by users
AnswerC

This is the key distinction.

Why this answer

Service requests are for pre-defined, pre-approved services (standard changes or information requests), while incidents are unplanned interruptions or reductions in service quality.

271
MCQmedium

A team is using the ITIL continual improvement model. After defining the vision, what is the NEXT step?

A.Define measurable targets
B.Create an improvement plan
C.Identify the improvement opportunities
D.Assess the current state
AnswerD

After defining vision, the next step is to assess the current state (Where are we now?).

Why this answer

The ITIL continual improvement model defines a sequence of steps: 'What is the vision?', 'Where are we now?', 'Where do we want to be?', 'How do we get there?', 'Take action', 'Did we get there?', and 'How do we keep the momentum?'. After defining the vision (step 1), the next step is to assess the current state (step 2) to establish a baseline before setting measurable targets or creating an improvement plan.

Exam trap

The trap here is that candidates often confuse the order of the ITIL continual improvement model steps, mistakenly thinking that identifying improvement opportunities or setting targets comes immediately after defining the vision, rather than assessing the current state first.

How to eliminate wrong answers

Option A is wrong because defining measurable targets occurs after assessing the current state, as you need a baseline to set meaningful targets. Option B is wrong because creating an improvement plan comes later in the model, after you have identified where you want to be and how to get there. Option C is wrong because identifying improvement opportunities is part of the 'Where do we want to be?' step, which follows the current state assessment.

272
MCQeasy

Which practice is responsible for being the single point of contact (SPOC) between the service provider and users?

A.Incident Management
B.Change Enablement
C.Service Desk
D.Service Level Management
AnswerC

The service desk acts as the SPOC for users.

Why this answer

The service desk is the single point of contact for users to report incidents, submit service requests, and seek guidance.

273
Multi-Selecthard

Which THREE of the following are types of events in Monitoring and Event Management?

Select 3 answers
A.Emergency
B.Informational
C.Exception
D.Warning
E.Standard
AnswersB, C, D

Informational events indicate normal operation.

Why this answer

In ITIL 4, Monitoring and Event Management categorizes events into three types: Informational, Warning, and Exception. An Informational event (Option B) is a routine notification that indicates normal operation, such as a scheduled task completion or a configuration change log entry, requiring no immediate action.

Exam trap

The trap here is that candidates often confuse event types with incident priority levels (like Emergency) or change categories (like Standard), leading them to select options that are valid in other ITIL practices but not in Monitoring and Event Management.

274
MCQhard

An organization is experiencing repeated incidents due to a software bug. The problem manager has identified the root cause and documented a known error with a workaround. According to ITIL 4, in which phase of problem management are they operating?

A.Incident resolution
B.Error control
C.Problem identification
D.Problem control
AnswerB

Error control manages known errors, including workarounds and planning permanent fixes.

Why this answer

Error control is the phase where known errors are managed, workarounds are documented, and resolution is pursued. Problem identification is the first phase, and problem control involves root cause analysis.

275
Multi-Selecthard

Which THREE of the following are key activities of Problem Management?

Select 3 answers
A.Restoring service as quickly as possible
B.Problem identification
C.Creating known error records
D.Authorizing changes
E.Root cause analysis
AnswersB, C, E

Correct.

Why this answer

Problem identification (B) is a key activity of Problem Management because it involves detecting and logging problems before they cause major incidents. This proactive approach relies on analyzing incident trends, monitoring alerts, and reviewing known error data to identify underlying issues. Without problem identification, the process cannot initiate root cause analysis or create known error records.

Exam trap

The trap here is confusing the activities of Problem Management with those of Incident Management or Change Enablement, as candidates often mistakenly select 'restoring service' (an Incident Management goal) or 'authorizing changes' (a Change Enablement task) as Problem Management activities.

276
Multi-Selectmedium

Which TWO of the following are key activities of Service Level Management?

Select 2 answers
A.Monitoring and reporting on service levels
B.Identifying root causes of problems
C.Restoring service after an incident
D.Approving standard changes
E.Negotiating and agreeing on SLAs
AnswersA, E

Key activity.

Why this answer

Option A is correct because Service Level Management (SLM) is responsible for monitoring actual service performance against agreed targets and producing reports to demonstrate compliance or identify gaps. This activity ensures that both the service provider and the customer have visibility into whether service levels are being met, enabling informed decisions about improvements or corrective actions.

Exam trap

The trap here is that candidates confuse the monitoring and reporting activities of Service Level Management with the reactive, restoration-focused activities of Incident Management or the diagnostic work of Problem Management, leading them to select options that describe other ITIL practices.

277
MCQmedium

Which type of change is pre-approved and follows a defined procedure with minimal risk?

A.Normal change
B.Urgent change
C.Emergency change
D.Standard change
AnswerD

Standard changes are pre-approved and low-risk, following a defined procedure.

Why this answer

A standard change is pre-approved by the change authority and follows a defined, low-risk procedure. It does not require a separate change advisory board (CAB) meeting for each occurrence, as its risk is well-understood and the implementation steps are documented and repeatable.

Exam trap

The trap here is that candidates confuse 'standard change' with 'normal change' because both are routine, but standard change is the only one that is pre-approved and follows a low-risk, predefined procedure without requiring a new CAB decision each time.

How to eliminate wrong answers

Option A is wrong because a normal change requires approval from the change authority (e.g., CAB) and is not pre-approved; it follows a full assessment and authorization process. Option B is wrong because an urgent change is not a recognized ITIL 4 category; the correct term for a high-priority, time-sensitive change is 'emergency change'. Option C is wrong because an emergency change is implemented urgently to resolve a major incident or critical issue, carries higher risk, and requires expedited approval (often via an emergency CAB), not pre-approval.

278
MCQeasy

What is the PRIMARY purpose of the Incident Management practice?

A.To identify the root cause of incidents and prevent recurrence
B.To restore normal service operation as quickly as possible and minimize the adverse impact on business operations
C.To handle predefined, pre-approved service requests from users
D.To assess, authorize, and schedule changes to IT services
AnswerB

This is the definition of Incident Management's purpose.

Why this answer

The primary purpose of Incident Management is to restore normal service operation as quickly as possible and minimize the adverse impact on business operations. This practice focuses on resolving incidents (unplanned interruptions or reductions in quality) to return the service to its agreed service level, rather than analyzing root causes or handling routine requests.

Exam trap

The trap here is confusing Incident Management with Problem Management, as both deal with incidents, but Incident Management focuses on speed of restoration, not root cause analysis.

How to eliminate wrong answers

Option A is wrong because identifying root causes and preventing recurrence is the purpose of Problem Management, not Incident Management, which deals with immediate restoration. Option C is wrong because handling predefined, pre-approved service requests is the purpose of Service Request Management, which covers standard changes and user requests, not unplanned incidents. Option D is wrong because assessing, authorizing, and scheduling changes is the purpose of Change Enablement, which manages the lifecycle of changes to IT services, not incident resolution.

279
MCQhard

A service desk agent resolves a password reset request within 5 minutes. The customer is satisfied. Which two metrics are most relevant to measure this?

A.Customer Satisfaction (CSAT) and Mean Time to Respond
B.Mean Time Between Failures (MTBF) and Customer Satisfaction (CSAT)
C.Mean Time to Resolve (MTTR) and First Call Resolution (FCR)
D.First Call Resolution (FCR) and Customer Satisfaction (CSAT)
AnswerD

FCR and CSAT are key service desk metrics.

Why this answer

First Call Resolution (FCR) measures whether the issue is resolved on the first contact, and Customer Satisfaction (CSAT) measures satisfaction. MTTR is for incidents, not service requests. Mean time between failures (MTBF) is an availability metric.

Mean time to respond is not a standard ITIL metric.

280
MCQmedium

An IT service desk analyst receives a call that users cannot access the CRM system. What should they do FIRST according to ITIL 4?

A.Escalate the incident to the problem management team
B.Inform the users that the issue will be fixed within 24 hours
C.Try to resolve the incident using a known workaround
D.Log the incident and categorize it
AnswerD

The first action is to log and categorize the incident to begin the incident management process.

Why this answer

According to ITIL 4, the first action for any incident is to log and categorize it. This ensures the incident is formally recorded, prioritized, and routed correctly. Without logging, no structured resolution, escalation, or reporting can occur.

Option D is correct because it follows the ITIL 4 incident management practice's initial step.

Exam trap

The trap here is that candidates often think resolving the incident immediately (Option C) is the first priority, but ITIL 4 mandates logging and categorization before any diagnostic or resolution action to ensure process compliance and data integrity.

How to eliminate wrong answers

Option A is wrong because escalating to problem management is premature; the incident must first be logged and categorized to determine if it requires problem management. Option B is wrong because promising a fix within 24 hours violates ITIL 4's principle of providing realistic, agreed-upon service targets and may breach SLAs. Option C is wrong because attempting a workaround without first logging and categorizing the incident bypasses the required process and risks missing critical information for root cause analysis.

281
MCQmedium

An IT service desk analyst receives a call that users cannot access the CRM system. According to ITIL 4, what should the analyst do FIRST?

A.Log an incident record with the details provided by the user
B.Assign the issue to Problem Management for root cause analysis
C.Send a service request to the infrastructure team
D.Search the known error database for a workaround
AnswerA

The immediate priority is to record the incident formally.

Why this answer

The first step in Incident Management is to log the incident. The analyst should record the details of the disruption before taking any further action. Option B is correct.

Option A (assign to problem management) is premature; Option C (search known errors) may be part of investigation but after logging; Option D (send a service request) is incorrect because this is an incident.

282
MCQhard

A service desk analyst resolves an incident by providing a workaround from the Known Error Database. According to ITIL 4, this activity is part of which practice?

A.Problem Control
B.Error Control
C.Service Request Management
D.Incident Management
AnswerD

Applying a workaround to restore service is an incident management activity.

Why this answer

Using a known error workaround during incident resolution is part of Incident Management. Option B is correct. Option A is incorrect because problem control identifies the root cause; Option C is incorrect as error control is about documenting known errors; Option D is incorrect.

283
MCQmedium

An IT service desk analyst receives a call that users cannot access the CRM system. What should they do FIRST according to ITIL 4?

A.Implement a known workaround from the known error database
B.Perform a root cause analysis
C.Log an incident record with all relevant details
D.Escalate the issue to the problem management team
AnswerC

Why this answer

The first step in Incident Management is to log the incident. All details should be captured before proceeding with triage or escalation.

284
MCQeasy

Which practice involves detecting and classifying events such as informational, warning, and exception?

A.Monitoring and Event Management
B.Incident Management
C.Change Enablement
D.Service Desk
AnswerA

This practice detects and classifies events.

Why this answer

Monitoring and Event Management is responsible for detecting and classifying events. Option D is correct.

285
Multi-Selecthard

Which THREE of the following are components of the ITIL 4 Service Value System?

Select 3 answers
A.Guiding principles
B.ITIL maturity model
C.Service value chain
D.Service catalogue
E.Governance
AnswersA, C, E

Part of SVS.

Why this answer

The SVS includes guiding principles, governance, service value chain, practices, and continual improvement.

286
MCQhard

An organization wants to improve the user experience for password reset requests. Currently, users call the service desk for each password reset, resulting in high call volume. According to ITIL 4, which practice should be applied to streamline this process?

A.Incident Management, because password reset is a disruption
B.Problem Management, to find the root cause of forgotten passwords
C.Change Enablement, because resetting a password changes the user account
D.Service Request Management, by offering a self-service password reset option through the service catalogue
AnswerD

Service requests are pre-approved, routine tasks; self-service reduces call volume.

Why this answer

Password resets are typically pre-approved, routine requests best handled as service requests via self-service. Option D is correct. Option A is for unplanned disruptions; Option B for changes; Option C for incidents.

287
MCQmedium

An IT team discovers a recurring pattern of errors in a financial application. According to ITIL 4, which practice should be initiated to investigate the root cause?

A.Problem Management
B.Change Enablement
C.Service Request Management
D.Incident Management
AnswerA

Correct: Problem Management focuses on root cause analysis.

Why this answer

Problem Management identifies the root cause of incidents to prevent recurrence.

288
Multi-Selectmedium

Which THREE of the following are phases of the ITIL Continual Improvement Model?

Select 3 answers
A.What is the vision?
B.Where are we now?
C.How do we get there?
D.What is the budget?
E.Who is responsible?
AnswersA, B, C

This is the first step.

Why this answer

The ITIL Continual Improvement Model includes 7 steps: What is the vision?, Where are we now?, Where do we want to be?, How do we get there?, Take action, Did we get there?, How do we keep the momentum going?

289
MCQhard

An event indicating that a server's CPU usage has exceeded 90% for 5 minutes is classified as which type?

A.Exception
B.Critical
C.Informational
D.Warning
AnswerD

Warning events indicate a condition that may lead to an exception.

Why this answer

An event that signals a potential service degradation is a warning event.

290
MCQeasy

What is the PRIMARY purpose of the Incident Management practice?

A.To identify the root cause of incidents
B.To restore normal service operation as quickly as possible
C.To fulfil service requests from users
D.To prevent all incidents from occurring
AnswerB

This is the core purpose of incident management.

Why this answer

The primary purpose of Incident Management is to restore normal service operation as quickly as possible and minimize the adverse impact on business operations. Option B is correct. Option A is inaccurate because the goal is not to prevent incidents but to restore service.

Option C is wrong because finding root cause is problem management. Option D is wrong because fulfilling requests is service request management.

291
Multi-Selectmedium

Which TWO of the following are types of changes in ITIL 4 Change Enablement?

Select 3 answers
A.Normal
B.Planned
C.Emergency
D.Standard
E.Routine
AnswersA, C, D

Normal changes require assessment and authorization.

Why this answer

Standard, normal, and emergency are the three types. But here we ask for two, so normal and emergency are correct.

292
MCQmedium

Which practice is responsible for negotiating and agreeing service level targets with customers?

A.Supplier Management
B.Service Level Management
C.Service Desk
D.Business Relationship Management
AnswerB

Service Level Management handles SLA negotiations and monitoring.

Why this answer

Service Level Management is responsible for negotiating, agreeing, and monitoring SLAs.

293
MCQeasy

A software company is experiencing frequent production outages due to unauthorized changes. Which practice should be implemented to improve control over changes?

A.Deployment Management
B.Release Management
C.Change Enablement
D.Service Validation and Testing
AnswerC

Change Enablement controls changes with authorization and review.

Why this answer

Change Enablement (option C) is the correct practice because it specifically governs the lifecycle of changes, including authorization, review, and control of changes to prevent unauthorized modifications. In a software company experiencing production outages due to unauthorized changes, implementing Change Enablement ensures that every change is assessed, approved, and logged before deployment, directly addressing the root cause of the outages.

Exam trap

PeopleCert often tests the distinction between 'doing the change' (Deployment/Release Management) and 'controlling the change' (Change Enablement), causing candidates to confuse the operational execution of changes with the governance and authorization of changes.

How to eliminate wrong answers

Option A (Deployment Management) is wrong because it focuses on moving new or changed components from development to production environments, not on authorizing or controlling the changes themselves; unauthorized changes can still occur if deployment processes are bypassed. Option B (Release Management) is wrong because it deals with the planning, scheduling, and controlling of releases (a set of changes) through production, but it does not enforce the initial authorization of individual changes; unauthorized changes can still be included in a release. Option D (Service Validation and Testing) is wrong because it ensures that a service or change meets its intended outcomes and quality criteria after implementation, but it does not prevent unauthorized changes from being made in the first place; testing cannot catch changes that were never authorized.

294
MCQmedium

In ITIL 4, which practice is responsible for maintaining the Configuration Management Database (CMDB)?

A.Change Enablement
B.IT Asset Management
C.Deployment Management
D.Service Configuration Management
AnswerD

Service Configuration Management maintains the CMDB.

Why this answer

Service Configuration Management (D) is the ITIL 4 practice responsible for maintaining the Configuration Management Database (CMDB). It ensures that accurate and reliable information about configuration items (CIs) and their relationships is available when and where needed, supporting all other service management practices.

Exam trap

The trap here is that candidates confuse the practice that uses the CMDB (Change Enablement or IT Asset Management) with the practice that is responsible for maintaining it, but ITIL 4 explicitly assigns CMDB maintenance to Service Configuration Management.

How to eliminate wrong answers

Option A is wrong because Change Enablement manages the lifecycle of changes to services and CIs, but it does not own or maintain the CMDB; it uses the CMDB to assess change impact. Option B is wrong because IT Asset Management focuses on managing the financial, contractual, and lifecycle aspects of IT assets (e.g., procurement, depreciation), not the logical configuration data stored in the CMDB. Option C is wrong because Deployment Management handles the movement of new or changed components to live environments, but it does not maintain the CMDB; it may update CI statuses as part of deployment, but the CMDB's ongoing maintenance is the responsibility of Service Configuration Management.

295
Multi-Selectmedium

Which TWO of the following are characteristics of a Standard Change?

Select 2 answers
A.Requires urgent implementation
B.Low risk and well-understood
C.Requires individual approval each time
D.Requires a change advisory board (CAB) meeting
E.Pre-approved by change authority
AnswersB, E

Standard changes are low risk and routine.

Why this answer

Standard changes are pre-approved, low risk, and follow a defined procedure. Options A and D are correct. Option B describes emergency changes; Option C describes normal changes; Option E is false as standard changes are pre-approved.

296
MCQmedium

A user requests a new software installation that is already approved and listed in the service catalogue. According to ITIL 4, how should this request be classified?

A.As an incident
B.As a normal change
C.As an emergency change
D.As a service request
AnswerD

Service requests are for pre-defined, standard items that follow a procedure. The service catalogue lists them.

Why this answer

Service requests are predefined, pre-approved, and typically low-risk. This matches the description of a standard change, but in ITIL 4, service requests are a distinct practice separate from changes.

297
Multi-Selectmedium

Which TWO of the following are key components of the ITIL 4 Service Value System (SVS)?

Select 2 answers
A.Continual improvement
B.Guiding principles
C.ITIL Maturity Model
D.Value
E.The Deming Cycle (Plan-Do-Check-Act)
AnswersA, B

Continual improvement is a component of the SVS.

Why this answer

The SVS includes guiding principles, governance, service value chain, practices, and continual improvement. Options A and E are correct. Option B is a model, not a component.

Option C is a process in some frameworks, not a component. Option D is a potential outcome, not a component.

298
Multi-Selecteasy

Which TWO of the following are types of changes defined in ITIL 4?

Select 2 answers
A.Urgent change
B.Major change
C.Emergency change
D.Standard change
E.Minor change
AnswersC, D

Changes that must be implemented urgently.

Why this answer

ITIL 4 defines three types of changes: standard, emergency, and normal. Emergency changes (Option C) are those that must be implemented as soon as possible to resolve an incident or security vulnerability, following a specific emergency change process with reduced testing and approval. Standard changes (Option D) are pre-authorized, low-risk, and follow a defined procedure, such as password resets or server patching.

Exam trap

PeopleCert often tests the distinction between 'urgent' and 'emergency' changes, where candidates mistakenly select 'urgent' because it sounds similar, but ITIL 4 explicitly uses the term 'emergency change' for changes requiring immediate implementation.

299
Multi-Selectmedium

Which TWO of the following are components of the ITIL 4 Service Value System?

Select 2 answers
A.Organizational Culture
B.Service Value Chain
C.ITIL Best Practices
D.Guiding Principles
E.Service Level Agreements
AnswersB, D

The Service Value Chain is a central component of the SVS.

Why this answer

The ITIL 4 Service Value System (SVS) is a model representing how all components and activities of an organization work together to facilitate value creation. The Service Value Chain (B) is the central operating model of the SVS, outlining six key activities (Plan, Improve, Engage, Design & Transition, Obtain/Build, Deliver & Support) that guide the creation of value. The Guiding Principles (D) are the core recommendations that guide an organization in all circumstances, applicable to all roles and initiatives within the SVS.

Exam trap

The trap here is that candidates often confuse the components of the SVS (Guiding Principles, Governance, Service Value Chain, Practices, Continual Improvement) with other ITIL elements like organizational culture, best practices, or specific process outputs, leading them to select distractors that are related but not formal SVS components.

300
MCQmedium

An event that indicates a breach of a threshold is classified as which type?

A.Critical event
B.Exception event
C.Warning event
D.Informational event
AnswerC

Warning events indicate a threshold has been breached or is near, requiring attention.

Why this answer

Warning events indicate a threshold is near or has been breached, requiring attention. Option B is correct. Option A is for routine information.

Option C is for actions that must be taken. Option D is not a standard classification.

← PreviousPage 4 of 6 · 420 questions totalNext →

Ready to test yourself?

Try a timed practice session using only ITIL Management Practices questions.