CCNA Key Concepts of IT Service Management Questions

20 questions · Key Concepts of IT Service Management · All types, answers revealed

1
MCQmedium

A company is experiencing frequent service outages due to unauthorized changes to the production environment. Which ITIL practice would be most effective in preventing these issues?

A.Incident management
B.Change enablement
C.Problem management
D.Service desk
AnswerB

Change enablement controls the lifecycle of all changes, enabling beneficial changes with minimal disruption.

Why this answer

Change enablement is the ITIL practice that ensures all changes to the production environment are properly assessed, authorized, and controlled before implementation. By enforcing a standardized change management process—including change requests, approvals, and review boards—this practice directly prevents unauthorized modifications that cause service outages.

Exam trap

The trap here is that candidates often confuse incident management (fixing outages) with change enablement (preventing outages by controlling changes), leading them to select incident management because they focus on the symptom (outages) rather than the root cause (unauthorized changes).

How to eliminate wrong answers

Option A is wrong because incident management focuses on restoring normal service operation after an outage has occurred, not on preventing unauthorized changes from happening in the first place. Option C is wrong because problem management aims to identify and eliminate the root causes of incidents, but it does not control or authorize changes to the production environment. Option D is wrong because the service desk acts as the single point of contact for users reporting issues, not as a governance mechanism for approving or rejecting changes.

2
MCQeasy

An organization wants to improve its service desk performance. Which metric would best indicate that the service desk is effectively restoring service?

A.Customer satisfaction score
B.Mean Time to Restore Service (MTRS)
C.Number of tickets closed per agent
D.First Call Resolution (FCR) rate
AnswerB

MTRS measures the average time taken to restore a service after a failure.

Why this answer

Mean Time to Restore Service (MTRS) directly measures the average time taken to fully restore a service after a failure, making it the best metric for assessing how effectively the service desk restores service. ITIL 4 defines MTRS as the elapsed time from when a service fails to when it is fully restored, including diagnosis, repair, and verification. A lower MTRS indicates faster restoration, which is the core objective of incident management.

Exam trap

PeopleCert often tests the distinction between efficiency metrics (like FCR or tickets closed) and effectiveness metrics (like MTRS), trapping candidates who confuse 'restoring service' with 'resolving on first contact' or 'closing tickets quickly.'

How to eliminate wrong answers

Option A is wrong because customer satisfaction score measures overall perception of service quality, not the specific effectiveness of restoring service; it can be influenced by factors like politeness or communication unrelated to restoration speed. Option C is wrong because number of tickets closed per agent measures agent productivity and throughput, not the quality or speed of service restoration; an agent could close many tickets quickly but fail to fully restore service. Option D is wrong because First Call Resolution (FCR) rate measures the percentage of incidents resolved on the first contact, which is a quality metric for efficiency but does not capture the total time to restore service, especially for complex incidents requiring multiple interactions or escalations.

3
MCQmedium

A service desk agent resolves an incident by resetting a password. The agent documents the resolution in the ticket. Which practice is being performed?

A.Change enablement
B.Problem management
C.Incident management
D.Service request management
AnswerC

The agent is handling an incident (e.g., unable to log in) and restoring service.

Why this answer

Resetting a password is a standard incident resolution activity within the incident management practice, as defined by ITIL 4. The agent is restoring normal service operation (user access) after an unplanned interruption (forgotten or locked password). Documenting the resolution in the ticket is a key step in the incident management process to ensure auditability and closure.

Exam trap

The trap here is that candidates confuse a password reset with a service request because it is a common, low-risk action, but ITIL 4 classifies it as an incident when it is performed in response to an unplanned interruption (user cannot log in), not as a standard request for something new.

How to eliminate wrong answers

Option A is wrong because change enablement manages the lifecycle of all changes to IT services (e.g., deploying a new software version or modifying a network configuration), not the restoration of service after an unplanned interruption like a password reset. Option B is wrong because problem management focuses on identifying and eliminating the root cause of recurring incidents (e.g., analyzing why multiple users experience password lockouts), not on resolving a single, isolated password reset. Option D is wrong because service request management handles pre-defined, standard user requests for information, advice, or access (e.g., requesting a new account or software installation), but a password reset is typically triggered by an unplanned interruption (user cannot log in), making it an incident, not a standard request.

4
MCQeasy

A customer requests a new software installation that is pre-approved and follows a standard procedure. Which practice should handle this request?

A.Incident management
B.Change enablement
C.Service request management
D.Problem management
AnswerC

Service request management manages the lifecycle of service requests.

Why this answer

A pre-approved software installation that follows a standard procedure is a classic service request, not a change or incident. Service request management handles predefined, low-risk requests where the approval and process are already established, such as installing approved software via a self-service catalog. This aligns with the ITIL 4 definition of a service request as a standardized, pre-authorized demand from a user.

Exam trap

The trap here is confusing a pre-approved standard change with the change enablement practice, when ITIL 4 explicitly assigns standard changes to service request management to streamline low-risk, repeatable requests.

How to eliminate wrong answers

Option A is wrong because incident management focuses on restoring normal service operation after an unplanned interruption or degradation, not on fulfilling a pre-approved request. Option B is wrong because change enablement handles changes that require assessment, authorization, and planning to manage risk, but a pre-approved standard installation is explicitly excluded from the change process as it follows a predefined, low-risk procedure. Option D is wrong because problem management aims to identify and eliminate the root cause of incidents, not to fulfill user requests for new software.

5
MCQmedium

A company has implemented a new configuration management database (CMDB). Which ITIL practice is most directly supported by an accurate CMDB?

A.Problem management
B.Incident management
C.Change enablement
D.Service configuration management
AnswerD

Service configuration management maintains information about configuration items and their relationships.

Why this answer

The service configuration management practice is directly responsible for maintaining accurate configuration information, including the CMDB. An accurate CMDB provides the single source of truth for configuration items (CIs) and their relationships, which is the core purpose of this practice. Without a reliable CMDB, the practice cannot fulfill its objective of supporting other ITIL practices with trustworthy data.

Exam trap

The trap here is that candidates confuse the tool (CMDB) with the practice (service configuration management), or they assume any practice that uses the CMDB is 'most directly supported,' when the question asks which practice is directly supported by an accurate CMDB, which is the practice that owns and maintains it.

How to eliminate wrong answers

Option A is wrong because problem management uses the CMDB to identify the root cause of incidents, but the CMDB itself is not the primary practice; problem management focuses on analyzing and resolving the underlying causes. Option B is wrong because incident management relies on the CMDB for context during restoration, but the CMDB is a tool, not the practice; incident management's core is restoring normal service operation as quickly as possible. Option C is wrong because change enablement uses the CMDB to assess the impact of changes, but the practice itself is about controlling the lifecycle of changes, not maintaining configuration data.

6
Multi-Selecthard

Which THREE of the following are purposes of the 'service desk' practice?

Select 3 answers
A.Identifying root causes of incidents
B.Being the single point of contact for users
C.Capturing demand for incident resolution and service requests
D.Managing the lifecycle of all changes
E.Providing a channel for communication with users
AnswersB, C, E

The service desk is the SPOC.

Why this answer

Option B is correct because the 'service desk' practice is explicitly defined in ITIL 4 as the single point of contact (SPOC) between the service provider and users. This ensures that all user interactions, whether for incidents, service requests, or general inquiries, are funneled through a consistent channel, reducing confusion and improving response times.

Exam trap

The trap here is that candidates confuse the service desk's role as a single point of contact with the more analytical or lifecycle-oriented practices like problem management or change enablement, leading them to incorrectly select options A or D.

7
MCQhard

A multinational retail company has recently migrated its e-commerce platform to a new cloud infrastructure. The IT operations team consists of 15 members distributed across three regions (Americas, EMEA, APAC). They use a centralized service desk tool that logs all incidents and service requests. Over the past month, the number of incidents has increased by 30%, primarily related to authentication failures and slow page load times. The service desk has been creating workarounds for each incident but has not yet identified any root causes. The IT manager wants to reduce the incident volume and improve service stability. The team is also under pressure to keep costs low. Which course of action should the IT manager take first?

A.Hire additional service desk agents to handle the increased incident volume
B.Implement a problem management practice to analyze recurring incidents and find root causes
C.Conduct a training session for all IT staff on incident management best practices
D.Upgrade the service desk tool to automate incident resolution
AnswerB

Problem management will identify why authentication failures and slow load times occur, leading to permanent fixes.

Why this answer

Option B is correct because the IT manager should first implement a problem management practice to systematically analyze the recurring authentication failures and slow page load times. This aligns with ITIL 4's guiding principle of 'focus on value' by addressing root causes rather than symptoms, reducing incident volume long-term without additional cost. The 30% incident increase and lack of root cause identification indicate a reactive approach, and problem management directly targets this gap to improve service stability.

Exam trap

The trap here is that candidates often choose to 'upgrade the tool' or 'hire more staff' as a quick fix, overlooking that ITIL 4 prioritizes proactive problem management to reduce incident volume and costs, not just faster incident resolution.

How to eliminate wrong answers

Option A is wrong because hiring additional service desk agents only addresses the symptom of increased incident volume without resolving the underlying root causes, leading to continued high costs and no improvement in stability. Option C is wrong because conducting a training session on incident management best practices does not address the specific technical issues (authentication failures and slow page loads) or the lack of root cause analysis; it may improve handling but not reduce incident volume. Option D is wrong because upgrading the service desk tool to automate incident resolution treats incidents as isolated events and fails to identify or eliminate the root causes, potentially automating a flawed process and increasing costs without achieving stability.

8
MCQmedium

The exhibit shows a service level agreement (SLA) target and current performance. Which action should be taken to address this?

A.Penalize the service provider financially
B.Ignore the gap as it is within acceptable tolerance
C.Renegotiate the SLA to lower the target
D.Investigate and implement improvements to increase availability
AnswerD

Improving availability aligns with the target.

Why this answer

The correct action is to investigate and implement improvements to increase availability because the current performance (e.g., 97.5%) is below the SLA target (e.g., 99.9%), and the gap is not within any defined tolerance. ITIL 4 emphasizes continuous improvement, so the service provider should analyze root causes (e.g., using incident management data) and apply corrective measures to meet the agreed target.

Exam trap

The trap here is that candidates may assume a small gap is acceptable (Option B) or that renegotiation (Option C) is a quick fix, but ITIL 4 requires evidence-based decisions and prioritizes improving service performance over adjusting targets.

How to eliminate wrong answers

Option A is wrong because financial penalties are a punitive measure typically reserved for repeated or severe breaches, not a first response to a performance gap, and ITIL 4 prioritizes improvement over punishment. Option B is wrong because ignoring the gap assumes it is within acceptable tolerance, but the exhibit shows a clear deficit below the SLA target with no tolerance band indicated, so inaction would violate the SLA commitment. Option C is wrong because renegotiating the SLA to lower the target would reduce service quality without addressing the underlying issue, contradicting the ITIL principle of aligning services with business needs and continuous improvement.

9
MCQmedium

A financial services firm uses a legacy on-premise system for customer account management. The IT team is small, with three administrators responsible for all changes, incidents, and problems. Recently, a change to the system's database schema caused a major outage lasting 4 hours. The post-mortem revealed that the change was not properly tested and was implemented without approval. The IT manager wants to prevent such incidents in the future while maintaining agility. The team often needs to make urgent changes to fix critical bugs. What should the IT manager do?

A.Implement a change enablement practice with standard, normal, and emergency change types
B.Require all changes to go through a change advisory board (CAB) meeting
C.Document the incident but take no further action to avoid bureaucracy
D.Restrict change implementation to only the senior administrator
AnswerA

This provides appropriate controls for different change types, including fast-tracking emergency changes.

Why this answer

Option A is correct because implementing a change enablement practice with standard, normal, and emergency change types provides a structured yet flexible framework. Standard changes (pre-approved, low-risk) allow routine tasks to proceed quickly, normal changes require approval and testing, and emergency changes can be fast-tracked with post-implementation review. This balances agility with control, directly addressing the root cause (untested, unapproved change) while enabling urgent bug fixes.

Exam trap

The trap here is that candidates may assume a CAB meeting is always required for all changes, overlooking that ITIL 4 allows standard and emergency change types to maintain agility while ensuring proper testing and approval for high-risk changes.

How to eliminate wrong answers

Option B is wrong because requiring all changes to go through a CAB meeting introduces unnecessary bureaucracy and delays, especially for urgent bug fixes, and would hinder the team's agility. Option C is wrong because documenting the incident but taking no further action fails to prevent recurrence, leaving the same risk of untested, unapproved changes causing future outages. Option D is wrong because restricting changes to only the senior administrator creates a single point of failure and bottleneck, reducing agility and increasing risk if that administrator is unavailable or makes an error.

10
Multi-Selectmedium

Which THREE of the following are dimensions of service management?

Select 3 answers
A.Partners and suppliers
B.Information and technology
C.Finance and accounting
D.Security and compliance
E.Organizations and people
AnswersA, B, E

Partners and suppliers is a dimension.

Why this answer

Partners and suppliers is a correct dimension because ITIL 4 defines it as one of the four dimensions of service management, covering relationships with external organizations that provide services or components. This dimension ensures that dependencies on third parties are managed to maintain service quality and continuity.

Exam trap

The trap here is that candidates often confuse operational processes or functional areas (like finance or security) with the four core dimensions, leading them to select options that are not part of the ITIL 4 framework.

11
MCQeasy

Which ITIL concept represents the perceived benefits, usefulness, and importance of something?

A.Value
B.Cost
C.Outcome
D.Risk
AnswerA

Value is the perceived benefits, usefulness, and importance of something.

Why this answer

In ITIL 4, value is defined as the perceived benefits, usefulness, and importance of a service or product from the stakeholder's perspective. It is a core concept that drives all service management activities, emphasizing that value is co-created through the use of services and is subjective to the consumer.

Exam trap

The trap here is that candidates often confuse 'outcome' with 'value', but an outcome is a measurable result (e.g., reduced downtime) while value is the subjective perception of that outcome's importance to the business.

How to eliminate wrong answers

Option B is wrong because cost represents the amount of money, resources, or effort spent on a service, not the perceived benefits or importance. Option C is wrong because an outcome is a result or consequence of using a service, such as increased efficiency, but it is not the perception of usefulness itself. Option D is wrong because risk refers to the possibility of loss or negative impact, which is a separate concept from the positive perception of benefits and importance.

12
MCQeasy

A service provider wants to ensure that a new IT service aligns with the business strategy. Which concept describes the formal documentation of the service's value proposition?

A.Service offering
B.Business case
C.Service portfolio
D.Service level agreement (SLA)
AnswerA

Service offering includes the formal description of the service and its value proposition.

Why this answer

The service offering is the formal description of one or more services designed to address the needs of a target consumer group, including the value proposition, costs, and outcomes. In ITIL 4, the service offering explicitly documents the value proposition—the benefits and utility that the service provides to the business—ensuring alignment with business strategy. This is distinct from a business case, which justifies investment, or a service portfolio, which catalogs all services.

Exam trap

The trap here is that candidates often confuse the 'service offering' with the 'service portfolio' or 'business case', because all three relate to service planning, but only the service offering formally documents the value proposition as a defined ITIL 4 concept.

How to eliminate wrong answers

Option B is wrong because a business case is a decision-support tool that justifies the investment in a new service by analyzing costs, benefits, risks, and ROI, but it does not formally document the service's value proposition as a standalone concept. Option C is wrong because the service portfolio is a comprehensive catalog of all services managed by the provider, including pipeline, live, and retired services, but it does not specifically document the value proposition of a single new service. Option D is wrong because a service level agreement (SLA) is a contract that defines measurable performance targets (e.g., uptime, response times) and responsibilities, not the value proposition or strategic alignment of the service.

13
MCQhard

An IT team is designing a new service. They need to ensure that the service delivers value to customers by addressing their needs. Which ITIL guiding principle is most directly applied?

A.Focus on value
B.Keep it simple and practical
C.Progress iteratively with feedback
D.Collaborate and promote visibility
AnswerA

Focus on value is the guiding principle that emphasizes delivering value from the customer's perspective.

Why this answer

The ITIL guiding principle 'Focus on value' is directly applied because the team is designing a new service specifically to address customer needs and deliver value. This principle ensures that every activity, from requirements gathering to service design, is aligned with what the customer perceives as valuable, rather than focusing on internal processes or technology for its own sake.

Exam trap

The trap here is that candidates often confuse 'Focus on value' with 'Collaborate and promote visibility' because both involve stakeholders, but the former is specifically about aligning service design with customer-defined outcomes, not just improving communication.

How to eliminate wrong answers

Option B is wrong because 'Keep it simple and practical' emphasizes minimizing complexity and avoiding unnecessary steps, but it does not directly address the core requirement of ensuring the service meets customer needs. Option C is wrong because 'Progress iteratively with feedback' focuses on incremental development and continuous improvement through feedback loops, which is a method for refining the service but not the primary principle for ensuring value delivery from the start. Option D is wrong because 'Collaborate and promote visibility' stresses teamwork and transparency across stakeholders, which supports value delivery indirectly but is not the most direct principle for aligning the service with customer needs.

14
MCQhard

A company is experiencing a high number of recurring incidents due to a known error in a software application. Which ITIL practice should be used to permanently fix the underlying problem?

A.Problem management
B.Incident management
C.Service request management
D.Change enablement
AnswerA

Problem management focuses on diagnosing root causes and initiating permanent fixes.

Why this answer

Problem management is the ITIL practice responsible for identifying the root cause of incidents and implementing permanent fixes to prevent recurrence. Since the question describes a known error causing recurring incidents, problem management's role is to analyze the underlying problem and coordinate a permanent resolution, such as a code fix or configuration change.

Exam trap

The trap here is that candidates confuse incident management (restoring service quickly) with problem management (permanently fixing the root cause), especially when the question mentions 'recurring incidents' and 'known error' — the latter is a direct trigger for problem management, not incident management.

How to eliminate wrong answers

Option B is wrong because incident management focuses on restoring normal service operation as quickly as possible after an incident, not on permanently fixing the underlying cause. Option C is wrong because service request management handles pre-defined, low-risk user requests (e.g., password resets, access requests), not the resolution of recurring technical errors. Option D is wrong because change enablement manages the lifecycle of changes (e.g., approving, scheduling, and deploying the fix), but it does not perform the root cause analysis or determine the permanent fix itself.

15
MCQhard

An organization is planning to outsource its IT support. Which ITIL concept describes the relationship between the organization and the external service provider?

A.Supplier management
B.Service relationship
C.Service portfolio
D.Service level agreement (SLA)
AnswerB

Service relationship is the cooperation between provider and consumer to co-create value.

Why this answer

The correct answer is B because the ITIL 4 concept of a 'service relationship' formally describes the mutual interactions between a service provider and a service consumer. In this outsourcing scenario, the organization is the consumer and the external IT support provider is the producer, and their co-creation of value is governed by the terms of their service relationship. This concept is foundational to ITIL 4's Service Value System (SVS), which emphasizes that all services are delivered through relationships.

Exam trap

The trap here is that candidates often confuse the concrete artifact (SLA) with the abstract concept (service relationship), leading them to pick D because they see a direct link to outsourcing contracts, but ITIL 4 specifically uses 'service relationship' as the umbrella term for the value co-creation dynamic.

How to eliminate wrong answers

Option A is wrong because 'supplier management' is a specific practice (not a core concept) that focuses on managing suppliers of goods and services, but it does not define the fundamental nature of the interaction between the organization and the external provider. Option C is wrong because 'service portfolio' is a management tool that describes all services managed by a provider, not the relationship between two parties. Option D is wrong because a 'service level agreement (SLA)' is a documented contract that defines specific performance targets, but it is a component of the service relationship, not the overarching concept that describes the relationship itself.

16
MCQhard

The exhibit shows details of a resolved incident. Based on the resolution code, what should the service desk do next?

A.Close the incident and archive it
B.Create a problem record to investigate the underlying cause
C.Reassign the incident to change management
D.Update the resolution code to 'Permanent Solution'
AnswerB

A workaround indicates a known error should be logged, and problem management should investigate.

Why this answer

The resolution code indicates a 'Workaround' was applied, meaning the incident was resolved temporarily but the root cause remains unknown. According to ITIL 4, when a workaround is used, the service desk should create a problem record to investigate the underlying cause and prevent recurrence. Simply closing the incident would leave the root cause unaddressed, risking future incidents.

Exam trap

PeopleCert often tests the misconception that a resolved incident should always be closed immediately, but the trap here is that a 'Workaround' resolution code mandates problem record creation before closure, as per ITIL 4's process integration rules.

How to eliminate wrong answers

Option A is wrong because closing and archiving the incident without addressing the root cause violates ITIL 4's incident management practice, which requires problem management initiation when a workaround is applied. Option C is wrong because change management is only involved when a permanent fix requires a change; the resolution code 'Workaround' does not trigger a change request. Option D is wrong because updating the resolution code to 'Permanent Solution' would be inaccurate—the incident was resolved with a workaround, not a permanent fix, and this would misrepresent the resolution status.

17
Multi-Selecteasy

Which TWO of the following are ITIL guiding principles?

Select 2 answers
A.Increase speed
B.Focus on value
C.Manage risk
D.Collaborate and promote visibility
E.Reduce cost
AnswersB, D

Focus on value is a guiding principle.

Why this answer

Option B is correct because 'Focus on value' is one of the seven ITIL 4 guiding principles, which emphasizes that all activities and processes should directly contribute to value creation for stakeholders. This principle ensures that every service management decision is aligned with delivering measurable outcomes, not just completing tasks.

Exam trap

The trap here is that candidates often confuse common IT management goals (like increasing speed or reducing cost) with the actual ITIL 4 guiding principles, which are specifically defined as 'Focus on value', 'Start where you are', 'Progress iteratively with feedback', 'Collaborate and promote visibility', 'Think and work holistically', 'Keep it simple and practical', and 'Optimize and automate'.

18
Multi-Selectmedium

Which TWO of the following are components of the ITIL Service Value System (SVS)?

Select 2 answers
A.Service value chain
B.Service level agreements
C.Service desk
D.Guiding principles
E.Configuration management database
AnswersA, D

The service value chain is a component of the SVS.

Why this answer

The ITIL Service Value System (SVS) is a model that describes how all components and activities of an organization work together to facilitate value creation. The service value chain is correct because it is a core operating model within the SVS that outlines the key activities (plan, improve, engage, design & transition, obtain/build, deliver & support) required to respond to demand and facilitate value creation. Guiding principles are also correct as they are a fundamental component of the SVS, providing universal recommendations that guide an organization in all its work, regardless of changes in its goals, strategies, type of work, or management structure.

Exam trap

The trap here is that candidates often confuse operational tools or outputs (like SLAs, service desks, or CMDBs) with the high-level structural components of the SVS, leading them to select these as SVS components instead of recognizing that the SVS is a strategic framework composed of principles, governance, and a value chain model.

19
MCQeasy

The exhibit shows a change request. What is the next step in the change enablement process for this change?

A.Submit the change to the change authority for approval
B.Roll back the change
C.Implement the change immediately
D.Close the change record
AnswerA

The change authority must review and approve the change before implementation.

Why this answer

The exhibit shows a change request that has been assessed and authorized for implementation. According to the ITIL 4 change enablement practice, after a change is assessed and authorized, the next step is to submit it to the change authority for approval. This ensures that the change is reviewed by the appropriate authority before implementation, maintaining control and minimizing risk.

Exam trap

The trap here is that candidates may confuse 'authorization' with 'approval' or think that implementation can proceed immediately after assessment, ignoring the critical step of formal approval by the change authority.

How to eliminate wrong answers

Option B is wrong because rolling back the change is a step taken after implementation if the change fails or causes issues, not before approval. Option C is wrong because implementing the change immediately bypasses the required approval step, which could lead to unauthorized changes and increased risk. Option D is wrong because closing the change record occurs after the change has been implemented and reviewed, not before approval.

20
MCQmedium

An IT department wants to improve the speed of service restoration. Which practice is primarily responsible for this?

A.Change enablement
B.Incident management
C.Problem management
D.Service level management
AnswerB

Incident management is responsible for rapid restoration of service.

Why this answer

Incident management is primarily responsible for restoring normal service operation as quickly as possible and minimizing the adverse impact on business operations. In the context of improving service restoration speed, this practice owns the lifecycle of all incidents, from detection through resolution, and its key metrics (e.g., Mean Time to Restore Service - MTRS) directly measure restoration performance.

Exam trap

The trap here is that candidates often confuse 'restoring service' with 'fixing the root cause' and incorrectly choose problem management, but ITIL 4 explicitly separates the urgent restoration goal of incident management from the long-term prevention goal of problem management.

How to eliminate wrong answers

Option A is wrong because change enablement manages the lifecycle of changes to IT services, not the restoration of service after an incident; its goal is to ensure changes are assessed, authorized, and implemented with minimal risk, not to speed up recovery. Option C is wrong because problem management focuses on identifying and eliminating the root causes of incidents to prevent recurrence, not on the immediate restoration of service; its primary metric is Mean Time to Resolve (MTR) problems, not restoration speed. Option D is wrong because service level management defines, negotiates, and monitors service level agreements (SLAs) and targets, but it does not execute the operational steps to restore service; it sets the targets for restoration speed but relies on incident management to achieve them.

Ready to test yourself?

Try a timed practice session using only Key Concepts of IT Service Management questions.