CIS-DF Exam Dumps - ServiceNow CIS-Data Foundations (CMDB and CSDM) Questions and Answers

In a mature CMDB implementation within ServiceNow, CI operational attributes are leveraged to automate ITSM workflows. One of the most important outcomes of accurate Configuration Management is automatic incident routing.

When a CI is selected on an Incident record, ServiceNow evaluates the CI’s Support Group attribute. If populated correctly, the platform automatically copies this value into the Assignment Group field on the Incident. This ensures incidents are routed to the correct resolver group without manual triage, reducing mean time to resolution (MTTR).

The Support Group is a CI attribute, not an incident field that drives workflow directly. The Assignment Group is the operational field used by Incident Management to assign ownership. Managed by Group, Approval Group, and Change Group are used in other governance and lifecycle contexts and are not auto-populated during incident creation.

This behavior is a direct result of Data Foundations best practices: maintaining accurate CI-to-support-group relationships to enable automation and consistency across ITSM processes.

Therefore, the correct answer is C – Assignment Group.

Duplicate identifies data quality issues where the same asset is modeled more than once, violating CMDB trust principles.

Required ensures minimum viable CI creation and update—critical for ingestion and lifecycle integrity.

Orphan highlights broken relationships, which directly impact impact analysis, Service Mapping, and Change Management.

Stale flags CIs that are no longer being refreshed by Discovery or other sources but still exist in the CMDB.

Recommended improves completeness and usability, supporting operational and reporting use cases without being mandatory.

Audit validates data correctness by comparing CI field values against predefined templates or policies.

This exact mapping is what ServiceNow expects in CMDB Health Dashboard–related exam questions and real-world implementations.

The Common Service Data Model (CSDM) prescribes an incremental, maturity-based rollout approach to reduce risk and ensure sustainable adoption. The recommended order is Crawl, Walk, Run, Fly, which aligns implementation effort with increasing organizational capability and value realization.

Crawl focuses on foundational data hygiene: core CI classes, identification rules, reconciliation, basic Discovery ingestion, and CMDB Health basics.

Walk introduces service context, including Business Services, Application Services, and relationships that enable impact analysis for Incident and Change.

Run expands into operational excellence with Service Mapping, service offerings, advanced governance, and process automation.

Fly represents optimization and scale, leveraging analytics, AI/ML, proactive operations, and cross-domain integration (e.g., SecOps, APM, CSM).

This progression ensures teams do not over-model early or introduce complexity before data quality and governance are established. The other options describe generic project lifecycles or organizational categorizations, not the CSDM-recommended adoption path.

Therefore, the correct answer is D – Crawl, Walk, Run, Fly.

In ServiceNow, controlling source precedence when multiple authorized data sources update the same CI attributes is a core responsibility of Identification and Reconciliation Engine (IRE) governance.

The correct and supported method is to assign priority to each data source in reconciliation rules. Reconciliation rules determine which source wins when multiple sources attempt to update the same attribute on a CI. By defining source precedence, the Configuration Manager ensures that the most authoritative system of record (for example, Discovery over manual imports, or HR systems over spreadsheets) consistently controls specific attributes or classes.

Option B is incorrect because manually sequencing data source runs is unreliable, does not scale, and violates Data Foundations best practices. Option C only controls how often data is refreshed, not which source is authoritative. Option D is incorrect because identification rules are used to uniquely identify CIs—not to control attribute-level precedence.

Using reconciliation rules provides deterministic, auditable, and automated control, which is essential for maintaining CMDB trust and avoiding data conflicts.

Therefore, the correct answer is A – Assign a priority to each data source in reconciliation rules.

In ServiceNow, validating whether Configuration Items (CIs) still exist is a core CMDB governance activity. Over time, environments change rapidly—servers are decommissioned, cloud resources are torn down, and applications are replaced. If existence validation is not enforced, the CMDB quickly fills with obsolete or “ghost” CIs.

Attestation policies are specifically designed to address this need. An attestation policy automatically generates and assigns tasks to responsible users or groups, asking them to confirm that a CI still exists and is still relevant. This process focuses on acknowledgment rather than deep data validation, making it lightweight and scalable across large CMDBs.

Certification policies (Option A) are used when specific attributes must be validated, such as lifecycle status, support group, or environment. While important for data correctness, certification is not intended solely to confirm CI existence. Delete (Option B) and Retire (Option C) policies are lifecycle actions that remove or transition records, but they do not validate existence before taking action.

Attestation integrates cleanly with CMDB Workspace, assigns tasks automatically, and supports auditability—ensuring accountability for CI ownership. This makes it the correct and Data Foundations–aligned policy type for validating CI existence.

Therefore, Option D – Attestation is the correct answer.

CSDM is designed to connect technology delivery to business consumption so organizations can answer questions like “who is impacted?” quickly and consistently. In a critical incident, the healthcare provider needs to identify impacted users in business terms—clinicians, admin teams, specific sites, or departments—rather than only listing technical components.

Option D (“Service Offerings by Department or Location”) is the most CSDM-aligned data because it reflects who consumes the service and how that consumption is segmented. In CSDM, a Business Service / Service Offering represents what customers consume, and the offering can be associated with organizational constructs such as department, business unit, or location. For healthcare, this is especially valuable because impact is often location-based (hospital site, clinic) and role-based (patient intake, scheduling, ward operations). Using service offerings and their consumer mapping helps quickly identify likely impacted user groups and prioritize communications and workarounds.

Option A (environment attribute) helps differentiate production vs non-production and can support prioritization, but it does not identify impacted users. Option B is historical context, not a reliable mechanism to determine current impacted users. Option C is useful operationally for listing impacted configuration items, but it is ITSM task data, not specifically CSDM consumer modeling. CSDM’s value here is linking the technical disruption to the business consumer view via service offerings and consumption segmentation.

The CMDB Data Manager capability in ServiceNow is designed to support CMDB governance, specifically around data lifecycle management. Its primary purpose is to ensure that CI records are retained, archived, and deleted in accordance with defined retention policies, regulatory requirements, and organizational data governance standards.

As CMDBs mature, they naturally accumulate obsolete, retired, or decommissioned CIs. If these records are not properly managed, they negatively impact CMDB health, reporting accuracy, discovery reconciliation, and performance. CMDB Data Manager addresses this by automating the archival and deletion of records once lifecycle conditions and retention thresholds are met.

Option A is incorrect because encryption of archived records is handled by platform-level security and data protection features, not CMDB Data Manager. Option B is also incorrect because relationship rule enforcement is managed through CSDM guidance, CMDB relationship rules, and identification/reconciliation logic—not by CMDB Data Manager.

By automating retention-based archival and cleanup, CMDB Data Manager helps organizations maintain a lean, compliant, and high-quality CMDB, which directly supports CMDB Health metrics such as correctness and compliance.

Therefore, the correct and verified answer is Option C.

Managing CI classes and Principal Class designation is a schema-level CMDB activity that directly impacts how CIs appear in ITSM processes such as Incident, Change, and Problem. In ServiceNow, these activities require specific administrative privileges to ensure governance, security, and upgrade safety.

The sn_cmdb_admin role is required because it provides administrative access to CMDB structures, including CI class hierarchy management, Principal Class configuration, and overall CMDB governance. Without this role, users cannot add, remove, or govern CI classes effectively.

The personalize_dictionary role is also required because adding or removing CI classes involves dictionary-level changes. CI classes are implemented as tables that extend the CMDB schema, and modifying the Principal Class filter relies on dictionary metadata. This role grants permission to create, modify, or remove class definitions safely.

The sn_csdm_admin role focuses on managing CSDM constructs (domains, services, lifecycle alignment) but does not grant dictionary or schema modification rights. The cmdb_query_builder role is used only for querying and reporting and does not allow structural changes.

Therefore, the two required roles are personalize.dictionary and sn_cmdb_admin, making Options A and B correct.

Enhancing Incident Management in ServiceNow often involves integrating complementary products that enrich context, prioritization, and decision-making.

Discovery strengthens incident resolution by automatically populating accurate CI data and relationships, allowing responders to quickly understand affected infrastructure and applications.

Hardware Asset Management (HAM) adds visibility into asset lifecycle, ownership, and maintenance actions, which is especially valuable when incidents involve physical devices or failures.

Risk Management (part of IRM) provides insight into business and financial risk exposure, helping teams prioritize incidents based on potential regulatory, safety, or financial impact.

Service Portfolio Management (SPM) connects incidents to the service lifecycle, enabling better understanding of whether an incident affects a live, retiring, or planned service—and improving communication with stakeholders.

Together, these integrations transform Incident Management from a reactive process into a context-rich, business-aligned capability.

The CMDB Data Foundations Dashboard is paired with Get Well Playbooks that guide administrators through structured remediation. The “Services Have Owners Identified” playbook focuses on closing ownership gaps for services, which is a governance and data correction activity.

Fix Data (Option A) is used to correct missing or incorrect values, such as populating owner fields, assigning responsible groups, or updating relationships. In this playbook, Fix Data actions are required to actually remediate the issue by assigning owners to services.

Govern Data (Option D) is also required because ownership is not a one-time correction—it must be enforced and sustained. Govern Data establishes policies, ownership accountability, and controls (such as certifications or attestations) to ensure services continue to have owners over time and do not regress.

Analyze Data (Option B) is used to understand patterns and root causes, but it does not remediate the issue. Report Data (Option C) provides visibility and communication, not corrective action.

Therefore, the remediation plays that apply to the Services Have Owners Identified playbook are Fix Data and Govern Data, making Options A and D correct.