CSA Exam Dumps - ServiceNow Certified System Administrator

Access Control rules in ServiceNow define who can create, read, write, or delete records in a table or specific fields. These rules are applied at the table or field level and follow a specific naming convention:

TableName.FieldName

Naming Convention for Access Control Rules:

If an Access Control rule applies to a specific table, its format is TableName (e.g., incident).

If it applies to a specific field, it follows TableName.FieldName (e.g., incident.major_incident).

Major Incident is a field in the Incident table:

The incident table represents the ITSM Incident Management module.

Major Incident is a specific field within the incident table.

To apply an Access Control Rule to this field, the rule name must be incident.major_incident.

A. Incident.Major_Incident: ❌ Incorrect because ServiceNow Access Control rules do not use uppercase table or field names—they are always lowercase.

B. incident=>major_incident: ❌ Incorrect syntax—ServiceNow does not use => in Access Control names.

C. incident<=>major_incident: ❌ Incorrect syntax—ServiceNow does not use <=> in rule naming conventions.

D. incident||major_incident: ❌ Incorrect syntax—ServiceNow does not use || (logical OR) in Access Control naming.

ServiceNow Access Control Rules Guide: ServiceNow Docs

How to Create and Manage Access Control Rules in ServiceNow

Why is the Correct Answer "incident.major_incident"?Why Not the Other Options?References from the Certified System Administrator (CSA) Official Documentation:By using incident.major_incident, we correctly define field-level security for the Major Incident field in the Incident table.

In ServiceNow (and databases in general), data is stored in tables, which consist of:

Columns (Fields): Represent individual data attributes (e.g., Name, Email, Status).

Rows (Records): Represent individual entries in the table (e.g., a specific Incident or User).

Key Concepts:Table

Columns (Fields)

Rows (Records)

Incident

Number, Caller, Priority, Description

Each unique incident entry

User

Name, Email, Role, Department

Each individual user record

A column represents a single field (data attribute), such as "Priority" or "Short Description."

A row represents a record (entry in the table), such as an individual incident or user.

A. A column is a field in the database and a record is one user → ❌ Incorrect

Records are not limited to users; a record could be an Incident, Change, or any other entry.

C. A column is one field and a record is one column → ❌ Incorrect

A record is not a single column; a record consists of multiple fields (columns).

D. A column contains data from one user and a record is one set of fields → ❌ Incorrect

Columns contain data for all users/records, not just one user.

A record is one row, not just a set of fields.

Why is "B. A column is one field and a record is one row" the Correct Answer?Why the Other Options Are Incorrect?

ServiceNow Docs: Understanding Tables and Fieldshttps://docs.servicenow.com/en-US/bundle/utah-platform-administration/page/administer/metadata/concept/c_TablesAndFields.html

References from Certified System Administrator (CSA) Documentation:

In ServiceNow Flow Designer, local flow variables are accessed in the Data Panel as data pills.

Local Flow Variables:

These are temporary variables that store data during the execution of a flow.

Can be used to pass values between actions within the same flow.

Accessing Local Variables in the Data Panel:

The Data Panel contains data pills, which represent stored values.

Flow variables appear as blue data pills that can be dragged and dropped into different actions.

Example: A variable storing User ID can be dragged into an "Assign Task" action to assign a task dynamically.

Why Data Pills?

Data pills act as tokens representing values that update dynamically during flow execution.

Ensures reusability and automation across multiple actions.

How Flow Variables Work in Flow Designer:Why Option D (As data pills) is Correct?✅ Flow variables appear as "data pills" in the Data Panel, which can be dragged into flow actions.

Why Other Options Are Incorrect?❌ A. As newly generated icons → Incorrect

No "icons" are generated; flow variables are represented as data pills.

❌ B. As scratchpad variables → Incorrect

Scratchpad variables exist in Business Rules, but not in Flow Designer.

❌ C. As new tabs → Incorrect

Flow variables do not appear as tabs; they appear in the Data Panel as data pills.

ServiceNow Docs – Flow Designer: Using Data Pillshttps://docs.servicenow.com

ServiceNow Learning – Working with Flow Variables and Data Panel

ServiceNow Developer Portal – Flow Designer Best Practices

References from Certified System Administrator (CSA) Documentation:

ServiceNow provides multiple security-related modules that a System Administrator frequently uses to manage access, authentication, and overall system security.

Why These Options Are Correct?✅ A. System Properties > Security

This module allows administrators to configure general security settings, including password policies, session timeout, and encryption settings.

It helps manage security parameters at a system-wide level.

✅ E. System Security > Access Control (ACL)

Access Control Lists (ACLs) define what data users can access, modify, and delete within the instance.

ACLs operate at the table, field, and record levels, ensuring proper role-based access control (RBAC).

This is one of the most commonly used security modules by admins.

✅ G. System Security > High Security Settings

High Security Settings (previously known as Security Hardening) enforce strict security controls, such as requiring multi-factor authentication (MFA) and enforcing strict password policies.

It is often used for compliance with security regulations like HIPAA, GDPR, and ISO 27001.

Why the Other Options Are Incorrect?❌ B. Utilities > Migrate Security

This option does not exist in ServiceNow. There is no "Migrate Security" under Utilities.

❌ C. System Security > Security

There is no "System Security > Security" module in ServiceNow. The correct structure is System Security > Access Control or System Properties > Security.

❌ D. Self-Service > My Access

This is a self-service module for end users to request and review their access.

It is not a tool that System Administrators use to manage security settings.

❌ F. Password Management > Security Questions

This is used to configure security questions for password recovery but is not a core security module that admins frequently use.

General Security Settings in ServiceNow

ServiceNow Access Control (ACL) Best Practices

ServiceNow System Security and Role Management

References to Official Certified System Administrator (CSA) Documentation:

The Application Navigator in ServiceNow allows users to quickly filter and locate applications, modules, and menus by typing keywords in the filter field.

When you type "service" into the filter field, only modules containing the word "service" in their name or path will be displayed.

Analysis of Each Option:Option

Contains "service"?

Appears in Navigator?

A. Configuration > Business Services

✅ "Business Services" contains "service"

✅ Appears

B. Self-Service > Knowledge

✅ "Self-Service" contains "service"

✅ Appears

C. Service Portal > Widgets

✅ "Service Portal" contains "service"

✅ Appears

D. Incident > Assigned to me

❌ Does NOT contain "service"

❌ Does NOT appear

Since "Incident > Assigned to me" does not contain the word "service", it would NOT appear in the Application Navigator when filtering by "service".

Configuration > Business Services

The "Business Services" module under Configuration includes the word "service".

Self-Service > Knowledge

The "Self-Service" application contains the word "service", so this module appears.

Service Portal > Widgets

The "Service Portal" module contains the word "service", making it visible.

Incident > Assigned to me

This does NOT contain "service" in its path, so it will not appear.

Why the Other Options Appear in the Application Navigator?

ServiceNow Docs: Using the Application Navigatorhttps://docs.servicenow.com/en-US/bundle/utah-platform-user-interface/page/administer/navigation/concept/c_NavigatingThePlatform.html

References from Certified System Administrator (CSA) Documentation:This confirms that "Incident > Assigned to me" would NOT appear in the Application Navigator when filtering by "service".

In ServiceNow Flow Designer, an Application-based trigger is used to initiate a flow based on events from a specific application. Before using an application-based trigger, you must ensure that the necessary application spoke and any required plug-ins are activated.

Application Spokes:

Spokes are pre-built integration modules that allow Flow Designer to interact with different applications within ServiceNow.

Each application that provides triggers typically has its own spoke.

Plug-ins:

Some application spokes rely on additional plug-ins for full functionality.

These plug-ins must be enabled before the application-based triggers can be used.

A. Activate application trigger spoke → Incorrect

There is no generic "Application Trigger Spoke." Instead, each application has its own spoke that must be enabled.

B. Activate trigger security rules → Incorrect

Security rules govern access to triggers, but they do not enable the functionality of application-based triggers.

D. Assign Application trigger role [sn_app_trigger_write] to SME → Incorrect

Roles like sn_app_trigger_write may provide permissions but do not activate the trigger itself.

E. Activate application plugins only → Incorrect

While plug-ins may be necessary, you also need to activate the corresponding spoke.

The correct answer is "Flows", which refers to Flow Designer in ServiceNow.

Flow Designer is a no-code/low-code automation tool that allows users to automate business logic for a specific application or process, such as:

Approvals

Task creation

Notifications

Record operations (such as updating or deleting records)

A Flow is a sequence of automated actions that are triggered by specific events.

It is part of Flow Designer, which is the modern alternative to the legacy Workflow Engine.

It provides trigger-based execution, meaning it can run when a record is created, updated, or upon a specific condition.

B. Action Sequences ❌ (Incorrect)

No such term exists in ServiceNow.

C. Action Sets ❌ (Incorrect)

No such feature exists in ServiceNow.

D. Task Flows ❌ (Incorrect)

This is not a term used in ServiceNow automation.

E. Flow Diagrams ❌ (Incorrect)

While Flow Designer visually represents flows, there is no feature named "Flow Diagrams" in ServiceNow.

Flow Designer Overview:https://docs.servicenow.com/bundle/utah-automation/page/administer/flow-designer/concept/flow-designer.html

How to Create and Use Flows:https://docs.servicenow.com/en-US/bundle/utah-automation/page/administer/flow-designer/task/t_CreateFlow.html

Why "Flows" is the Correct Answer:Explanation of Incorrect Options:Official References from Certified System Administrator (CSA) Documentation: