CSA Exam Dumps - ServiceNow Certified System Administrator Questions and Answers

TheKnowledge Base (KB) Searchfunctionality in ServiceNow is designed to help users find the most relevant articles efficiently. ServiceNow provides various sorting options for search results to ensure that users can access the most useful information.

Sorting Options in Knowledge Base Search:When users search for articles within a Knowledge Base, the results can be sorted using three primary criteria:

Most Recent Update (Option A)

This sorting method ranks articles based on theirlast modified date.

Newer or recently updated articles appear higher in the search results.

This ensures users see the most current information first.

Popularity (Option B)

Popularity is determined byuser interactionssuch as article views, feedback ratings, and usage.

More frequently accessed or positively rated articles are ranked higher.

This helps prioritize articles that have been helpful to other users.

Relevancy (Option C)

The ServiceNow platform uses aninternal search algorithmto determine relevance based on keywords, titles, and content within the article.

More relevant articles appear at the top, ensuring users get the most appropriate answers to their queries.

D. Manager Assignment (Incorrect)

Knowledge articles are not sorted by manager assignment.

Manager assignment applies to workflows and approvals, not to search ranking.

E. Number of Views (Incorrect)

While article popularity is a ranking factor,ServiceNow does not provide a direct "Sort by Number of Views" option.

The "popularity" metric includes views but also considersother engagement factorslike helpfulness ratings.

Why Are the Other Options Incorrect?

Reference from Certified System Administrator (CSA) Documentation:????ServiceNow Docs – Knowledge Management: Search and Filtering

????ServiceNow Knowledge Management Docs

"Knowledge articles can be sorted byrelevance, popularity, or most recent updateto ensure users find the most useful and up-to-date information."

Conclusion:The correct answers are:

A. Most recent update(Sorts by last modified date)

B. Popularity(Sorts based on article usage and engagement)

C. Relevancy(Sorts based on keyword matching and importance)

????Understanding Knowledge Base search sorting is essential for ServiceNow administratorsto help users find the right information efficiently.

Themain UI components of the ServiceNow platformare designed to provide a structured and user-friendly experience for interacting with the system. These core UI elements include:

Banner Frame– Displays key information such as the logo, user profile, settings, and global search.

Application Navigator– Provides access to different modules and applications within ServiceNow.

Content Frame– Displays the main content area where users interact with forms, lists, and dashboards.

A. Banner Navigator– Incorrect terminology; the correct term isBanner Frame.

C. Application Frame– No such UI component exists in ServiceNow.

E. Content Menu– This is not a primary UI component; the correct term isContent Frame.

Why Other Options Are Incorrect:

ServiceNow Documentation:User Interface Overview

CSA Exam Guide:CoversBanner Frame, Application Navigator, and Content Frameas the three primary UI components.

Reference from CSA Documentation:Thus, the correct answer is:

B. Banner Frame, D. Application Navigator, F. Content Frame

InServiceNow,Access Control rules (ACLs)are used torestrict or grant accessto data. Each Access Control rule consists of:

Table-level (Row-Level) ACLs– Control access to the entire record (row).

Field-level ACLs– Control access to specific fields within a record.

Access Control rules are evaluated in a specific orderto determine whether a user has the necessary permissions to perform an action (Read, Write, Create, Delete, etc.).

If both a row-level and a field-level ACL exist for the same table, BOTH must evaluate to "true"before access is granted.

The system checks conditions, scripts, and roles defined in the ACLsto decide whether the user meets the access requirements.

Access Control Rule Evaluation Process:Why is Option C Correct?If both a row-level rule and a field-level rule exist, both must evaluate to "true" for a user to perform an action.

Row-Level ACLscheck if a user can access the record itself.

Field-Level ACLscheck if a user can access specific fields within that record.

If a user failseitherACL check, access is denied.

Why Are the Other Options Incorrect?A. "Rules are evaluated using roles. The role with the most permissions evaluates the rules first."

Access Control rulesare not evaluated based on roles with the most permissions.

Roles are just one factorin ACL evaluation, along with conditions and scripts.

B. "If more than one rule applies to a row, the older rule is evaluated first."

ServiceNow does not prioritize ACL rules based on their creation date.

Instead, ACLs follow a structured evaluation order (general-to-specific).

D. "Rules are evaluated from the general to the specific, so a table rule must be active to continue."

This is partially true but misleading.

ServiceNow evaluates ACLs fromspecific to general(Field → Table).

However,a table-level rule does NOT need to be activefor a field-level ACL to be evaluated.

Reference from Certified System Administrator (CSA) Documentation:????ServiceNow Docs – Access Control Rules (ACLs) Evaluation

????ServiceNow ACL Evaluation Documentation

"If a field-level rule and a row-level rule exist,both must evaluate to truefor the operation to be allowed."

Conclusion:The correct answer isC. If a row-level rule and a field-level rule exist, both rules must be true before an operation is allowed.

????Understanding ACL rule evaluation is critical for managing security in ServiceNow, ensuring that users have the appropriate access while maintaining data integrity.

InServiceNow, theNumber Maintenanceapplication is used toconfigure and modify numbering formats for specific tables. This application allows administrators to control how records are numbered across different modules.

Customization of Number Formats

Administrators can defineprefixes, number sequences, and suffixesfor records in different tables.

Example:INC0001001forIncidents,REQ0002001forRequests.

Resetting or Adjusting Number Sequences

You can manually adjust the numbering sequence if needed.

Example: Resetting incident numbering to start from a specific value.

Supports Multiple Tables

Works for standard tables likeIncidents, Problems, Requests, Change Requests, etc.

Can also be configured forcustom tables.

Application Navigation

Path:

Go toAll → System Definition → Number Maintenance

Locate the table and modify its numbering settings.

Key Features of Number Maintenance:Why Option A (Number Maintenance) is Correct?"Number Maintenance" is the official ServiceNow application for managing number formats per table.

Why Other Options Are Incorrect?B. System Maintenance– Incorrect; no such module in ServiceNow manages numbering formats.

C. Table Maintenance– Incorrect; this does not exist as an application in ServiceNow.

D. Record Maintenance– Incorrect; not a valid ServiceNow feature for modifying number formats.

ServiceNow Docs – Number Maintenance Configurationhttps://docs.servicenow.com

ServiceNow Learning – Customizing Numbering Schemes

ServiceNow System Definition – Number Format Best Practices

References from Certified System Administrator (CSA) Documentation:

Abusiness rulein ServiceNow is a server-side script written inJavaScriptthat executes when a record is inserted, updated, deleted, or queried. Business rules allow for automation and enforcement of business logic without requiring manual intervention.

Business rules arenot tied to formsbut instead runon the server-sidewhen a database operation occurs. They can be configured to execute:

Beforea record is saved (Before Business Rule)

Aftera record is saved (After Business Rule)

Asynchronously(Async Business Rule)

Before a query is run on the database(Query Business Rule)

Explanation of the Correct Answer:B. A business rule can be a piece of JavaScript(Correct)

Business rules are written inJavaScript, allowing administrators to define custom logic that executes on the server.

These scripts can modify data, enforce rules, validate fields, or trigger other workflows.

Example JavaScript snippet for a business rule:

if(current.state=='3'&& current.priority!='1') {

current.priority='1';

gs.addInfoMessage("Priority set to High because state is Resolved.");

}

This rule ensures that if an incident's state is changed toResolved, its priority is automatically set to High.

Why the Other Options Are Incorrect:A. A business rule must run before a database action occurs (Incorrect)

Business rulescan run before a database action occurs, but they can also executeafterorasynchronously.

Business rules have four execution types:

Before– Runs before the record is inserted/updated in the database.

After– Runs after the record is committed to the database.

Async– Runs in the background after the transaction completes.

Query– Runs before data is returned to a user (modifies query results).

C. A business rule must not run before a database action occurs (Incorrect)

This is false because some business rulesdo run beforea database action (e.g., aBefore Business Rulecan validate data before saving).

D. A business rule monitors fields on a form (Incorrect)

Business rulesdo not monitor form fields directly. Instead, they execute based on database operations.

If real-time monitoring of form fields is needed,Client Scripts(not Business Rules) are used for this purpose.

Automaticallyassigning prioritybased on ticket severity.

Preventing updates to certain records if a condition is not met.

Sending email notifications when a record changes.

Modifying data before it is saved to enforce business policies.

Example Use Cases for Business Rules:

n ServiceNow, theList Editorallows users to edit field values directly within a list without opening the record in a form. This feature is particularly useful for making quick modifications to multiple records without the need to open each one individually.

Users navigate to a list view of records (e.g., an incident list).

If a field is editable via the List Editor, clicking on it will allow inline editing.

After making changes, users can pressEnteror click outside the field to save.

Inline Editing:Users can modify fields directly from the list.

Multi-Row Editing:Certain fields support bulk updates.

Security Controls:Admins can control which fields are editable via List Editor through dictionary settings.

Audit and History Tracking:Changes made via List Editor are logged for tracking purposes.

A. Data Editor:No such term as "Data Editor" exists in ServiceNow.

B. Edit Menu:This does not refer to inline editing; instead, it's a general menu for editing options.

D. Form Designer:Used for configuring form layouts, not for inline editing.

ServiceNow Product Documentation → Lists and List Editing

ServiceNow CSA Exam Guide → Covers List Editor as a core feature of instance configuration.

How List Editor Works:Key Features of List Editor:Why Other Options Are Incorrect:Reference from CSA Documentation:This verifies thatList Editoris the correct answer.

TheService Catalogis a core feature in ServiceNow that provides users with a structured interface to request services and products. Thebaseline Service Catalog homepageincludes links to key components that help users navigate and submit requests efficiently. These components are:

Record Producers– These are forms that allow users to create records in tables other than the Request table (e.g., submitting an incident or a change request).

Order Guides– These help users request multiple related items in a single submission, streamlining complex orders.

Catalog Items– These are the individual products or services users can request, such as software installations, hardware requests, or access requests.

Option B: "Order Guides, Item Variables, and Workflows"– Incorrect, becauseItem VariablesandWorkflowsare not direct links on the Service Catalog homepage. Item Variables are attributes of Catalog Items, and Workflows handle backend processing but are not listed as a navigational component.

Option C: "Order Guides, Catalog Items, and Workflows"– Incorrect, because Workflows are not directly linked from the homepage.

Option D: "Record Producers, Order Guides, and Item Variables"– Incorrect, because Item Variables are part of Catalog Items but not a distinct link on the homepage.

ServiceNow Product Documentation - Service Catalog Overview

ServiceNow CSA Study Guide - Service Catalog Fundamentals

ServiceNow Docs: Service Catalog Components

Explanation of Incorrect Options:References from Certified System Administrator (CSA) Documentation:

InServiceNow,Dot-Walkingis a technique used to retrieve information fromreferenced fields across different tables. It allows users to access data stored inrelated records without writing complex scripts.

When a field references another table,dot notation (.)is used totraversethe relationship and retrieve additional information from the referenced table.

It works informs, lists, reports, workflows, business rules, and scripts.

How Dot-Walking Works:Example 1: Retrieving User Information from an Incident RecordLet's say we have anIncidenttable where thecaller_idfield references theUser (sys_user) table.

If we need to retrieve the caller’semail address, we use:

caller_id.email

Here’s how it works:

caller_id→ References thesys_usertable

email→ Retrieves theemail field from the sys_user record

Example 2: Retrieving Department Name of an Incident CallerTo get thedepartmentof the caller, we use:

caller_id.department.name

caller_id→ References theUser table

department→ References theDepartment table

name→ Retrieves thedepartment name

(A) Table-Walking – Incorrect

There isno such termas "Table-Walking" in ServiceNow.

The correct term for referencing related fields isDot-Walking.

(B) Sys_ID Pulling – Incorrect

Thesys_idis a unique identifier for each record in ServiceNow, butpulling sys_ids alone does not retrieve referenced field data.

Dot-Walking allows access to fields in related tables, not just the sys_id.

(C) Dot-Walking – Correct

Dot-Walking is the correct techniqueused in ServiceNow to access referenced fields across tables.

It is used in scripting, reporting, workflows, Business Rules, and UI Policies.

(D) Record-Hopping – Incorrect

There isno such featureas "Record-Hopping" in ServiceNow.

The correct method for referencing data in related tables isDot-Walking.

Explanation of Each Option:

Dot-Walking reduces the need for complex queriesand makes scripting easier.

Use it in filters, reports, and workflowsto dynamically retrieve related data.

Limit excessive Dot-Walking in large tablesto avoid performance issues.

Alternative for scripts: If Dot-Walking does not work in advanced scripts, use GlideRecord queries to retrieve referenced records manually.

Additional Notes & Best Practices:

ServiceNow Docs: Understanding Dot-Walking

https://docs.servicenow.com

ServiceNow Community: Best Practices for Dot-Walking

https://community.servicenow.com

References from Certified System Administrator (CSA) Documentation:

In ServiceNow, reports can be created from multiple locations within the platform. Reports provide insights into data stored within the system and help visualize trends, patterns, and key performance indicators (KPIs). The two correct locations from which reports can be created are:

ServiceNow allows users to create a report directly from a list view.

This feature is useful when working with records in a table, as it enables quick reporting based on the visible columns.

To generate a report from a list view:

Navigate to a list view (e.g., Incidents, Requests, etc.).

Click on acolumn headingto access the context menu.

SelectBar Chart, Pie Chart, or other visualization optionsto generate an instant report.

If needed, refine the report using the reporting interface.

TheView / Run moduleis the primary location for creating and managing reports in ServiceNow.

It allows users tocreate new reports, modify existing reports, and run pre-built reports.

Users can access theReport Designerfrom this module, where they can configure:

Data sources (tables)

Report type (bar chart, pie chart, trend, etc.)

Filters and conditions

Visualization settings

To access it:

Navigate toReports > View / Runin the Application Navigator.

ClickCreate a Reportto start building a new report.

1. List Column Heading (Correct)2. View / Run Module (Correct)Why the Other Options Are Incorrect:B. Metrics module (Incorrect)

TheMetrics modulein ServiceNow is used to track and measure the performance of records over time, but it isnot used to create reports.

Metrics focus on data such astime to resolution, SLA compliance, and process efficiency, but reporting is handled separately in the Reports module.

C. Statistics module (Incorrect)

ServiceNow does not have a dedicatedStatistics modulefor report creation.

While reports can generate statistical insights, this is done within theView / Run moduleand not a standalone "Statistics module."

InServiceNow, anImport Set Tableis atemporary staging areawhere raw data is storedbefore it is transformed and moved into a target table. It is primarily used indata import processesto ensure data integrity and allow transformation before committing data to production tables.

Stores incoming data from external sources(e.g., CSV files, Excel files, APIs, LDAP, etc.).

Acts as a temporary staging areabefore records are mapped and transformed into atarget table(e.g.,incident,cmdb_ci,problem).

Allows validation and error handlingbefore final data migration.

Uses Transform Mapsto determine how fields in the import set relate to fields in the target table.

Key Functions of an Import Set Table:

Data is importedinto anImport Set Tablefrom an external source.

TheImport Set Table temporarily stores the datawithout affecting existing records.

ATransform Mapis applied to move and modify the data before inserting it into the correct table.

Once transformation is complete, the data is transferred to thetarget table, and the Import Set Table can be cleared.

Example Workflow of an Import Set:

(A) A table where data will be placed, post-transformation – Incorrect

Thetarget table(e.g.,incident,cmdb_ci,problem) holds the dataaftertransformation.

TheImport Set Table is only a temporary staging areabefore transformation occurs.

(B) A table that determines relationships – Incorrect

Relationship tables(e.g.,cmdb_rel_ci) definedependencies between recordsbut are not used for data import.

Import Set Tables do not determine relationships between records.

(C) A staging area for imported records – Correct

Import Set Tables temporarily store incoming recordsbefore processing.

The data is transformed and mappedbefore being inserted into the final target table.

This ensuresdata integrity and consistency.

(D) A repository for Update Set information – Incorrect

Update Sets (sys_update_set) store changes to configurations, such as scripts, workflows, and UI policies.

Import Set Tables are used for data imports, not Update Sets.

Explanation of Each Option:

Always review data in the Import Set Table before applying transformationsto avoid incorrect data entry.

Use Transform Mapsto define field mappings between Import Set Tables and target tables.

Monitor Import Logs(sys_import_set_run) for errors or incomplete data.

Delete old Import Set dataperiodically to improve performance and avoid unnecessary storage usage.

Additional Notes & Best Practices:

ServiceNow Docs: Import Set Overview

https://docs.servicenow.com

ServiceNow Community: Best Practices for Import Set Management

https://community.servicenow.com

References from Certified System Administrator (CSA) Documentation:

ServiceNow providesfive primary rolesthat define access and permissions within the platform. These roles help structure user responsibilities and ensure that users only have access to the necessary functions.

Thehighest level of accessin ServiceNow.

Can manage all platform features, applications, data, and configurations.

Has control overusers, security settings, system properties, and scripting capabilities.

Example: A ServiceNow admin configuring new workflows, modifying tables, or setting up instance-wide settings.

Manages specific applications or functionalities within ServiceNow.

Includes roles such as:

knowledge_admin(Manages Knowledge Base)

report_admin(Manages Reports)

catalog_admin(Manages Service Catalog)

Example: A Knowledge Base Administrator controlling access to articles and updating knowledge categories.

Users with theITIL rolewho perform IT Service Management (ITSM) tasks.

Cancreate, update, and resolve recordssuch as incidents, problems, changes, and requests.

Example: A service desk agent handling incidents and requests.

Users with theApprover rolecanapprove or reject requests, such as change requests or access requests.

Can view or modify approval records directed to them but cannot fulfill other ITIL tasks.

Example: A manager approving a new software installation request.

Basic userswith no assigned roles.

Cansubmit requests, view their own tickets, and access public pages(e.g., Knowledge Base, Catalog).

Example: An employee submitting a request for laptop repair via the ServiceNow portal.

1. System Administrator (admin)2. Specialized Administrator3. Fulfiller (ITIL Role)4. Approver5. Requester (Employee Self-Service - ESS)

These roles form thefoundation of role-based access control (RBAC)in ServiceNow.

They ensure that usersonly access the data and functions relevant to their job responsibilities.

Additional roles can be assigned based on business needs, but these five cover the core platform functionalities.

Why These Are the Provided Roles in ServiceNow:

ServiceNow Documentation:User Roles in ServiceNow

CSA Exam Guide:CoversSystem Administrator, Specialized Administrator, Fulfiller, Approver, and Requesteras the standard user roles.

Reference from CSA Documentation:Thus, the correct answer is:

A. System Administrator, B. Specialized Administrator, C. Fulfiller, D. Approver, E. Requester

InServiceNow,Eventsplay a crucial role in theevent-driven architecture, allowing the system to respond dynamically to actions such as record updates, system notifications, and integrations.

There aretwo key componentsinvolved in event handling:

Event Registry

A table thatstores event definitions(i.e., predefined event names).

Defines which events can be triggered in the system.

Events in the registry arenot actual occurrences, but ratherpossible eventsthat can be triggered.

Located in thesys_event_registrytable.

Event Log

A log ofactual generated eventsthat have occurred in the system.

Whenever an event is triggered (e.g., record update, scheduled job, or integration), it gets recorded in theEvent Log.

Helps administrators track and troubleshoot event execution.

Stored in thesys_eventtable.

Why is Option A Correct?"Event Log contains generated Events, the Event Registry is a table of Event definitions."

Event Registry = Defines possible events that can be triggered.

Event Log = Records actual events that have been triggered.

Why Are the Other Options Incorrect?B. "Event Log is formatted in the Log style, the Event Registry displays different fields."

Misleading: While the log and registry have different layouts, the key difference isevent occurrences vs. event definitions, not just formatting.

C. "Event Log lists Events that were triggered by integrations, the Event Registry lists the Events that were triggered during the day (24-hour period)."

Incorrect:The Event Log tracks all triggered events, not just integrations.

TheEvent Registry does not track daily events, it just defines them.

D. "Event Log is the same as the Event Registry."

Completely incorrect:The Event Logrecords actual event occurrences, while the Event Registrydefines possible eventsin the system.

Reference from Certified System Administrator (CSA) Documentation:????ServiceNow Docs – Events and Event Processing

????ServiceNow Event Management Documentation

"TheEvent Registry (sys_event_registry)contains event definitions that specify when an event can be generated. TheEvent Log (sys_event)records events that have actually occurred."

Conclusion:The correct answer isA. Event Log contains generated Events, the Event Registry is a table of Event definitions.

????Understanding the difference between the Event Log and Event Registry is crucial for troubleshooting, automation, and event-driven processing in ServiceNow.

InServiceNow, theService Catalogis the primary module where users canorder services and productsoffered by various departments. The Service Catalog provides acentralized portalfor users to browse and requestIT, HR, Facilities, Finance, and other departmental servicesin a structured and automated way.

TheService Catalogis aself-service interfacewhere users can request predefined services, products, and resources.

It acts as adigital storefrontfor an organization's internal and external services.

Each service request follows aworkflowthat may includeapprovals, task assignments, and fulfillment processes.

Service Offerings:

Users can requesthardware (laptops, mobile devices, monitors), software, access permissions, or HR-related services (e.g., PTO requests, onboarding).

Structured Request Fulfillment:

Each request follows aworkflowwith assigned tasks to the appropriate fulfillment teams.

Example: A request for anew laptopis routed toIT Supportfor approval and processing.

Automation and Approvals:

Some catalog items requiremanagerial or departmental approvalsbefore fulfillment.

Example: Requesting access torestricted applicationsmight need approval from anIT admin.

Integration with Incident, Change, and Asset Management:

The Service Catalog can triggerchange requests, incidents, and asset updatesas part of the fulfillment process.

Access Through the Self-Service Portal:

Users can access theService Catalogvia theSelf-Service Portalfor quick and easy navigation.

What is the Service Catalog?Key Features of the Service Catalog:

Why Option A (Service Catalog) is Correct?TheService Catalogis the correct place toorder services and productsoffered by different departments in ServiceNow.

It provides astructured and automatedway to request, approve, and fulfill service requests.

Why Other Options Are Incorrect?B. Self-Service– TheSelf-Service Portalprovides access to the Service Catalog but is not where services are ordered directly.

C. Service Department– No such module exists in ServiceNow. Departments use theService Catalogto provide services.

D. Customer Service– TheCustomer Service Management (CSM)module is forexternal customers, not internal service requests.

ServiceNow Docs – Service Catalog Overviewhttps://docs.servicenow.com

ServiceNow Learning – Self-Service & Service Catalog Best Practices

References from Certified System Administrator (CSA) Documentation:

ServiceNow supports multiple authentication methods to verify user identities before granting access to an instance. The three valid authentication methods from the given options are:

Local Database Authentication

This is the default authentication method used in ServiceNow.

User credentials (username and password) are stored in the ServiceNow database.

Authentication is handled directly by ServiceNow without relying on external identity providers.

This is useful for small implementations or instances where external authentication is not required.

LDAP (Lightweight Directory Access Protocol)

LDAP allows ServiceNow to integrate withcorporate directory services, such as Microsoft Active Directory, to authenticate users.

Users authenticate using theircorporate credentials, reducing the need to maintain separate user accounts in ServiceNow.

ServiceNow connects to an LDAP server and verifies credentials without storing passwords in the ServiceNow database.

SSO (Single Sign-On)

Single Sign-On enables users to log into ServiceNow using an external identity provider (IdP).

ServiceNow supports various SSO protocols, including:

SAML 2.0 (Security Assertion Markup Language)

OAuth 2.0

OpenID Connect

Kerberos

This allows users to authenticate once and gain access to multiple applications, improving security and user experience.

A. XML feed–

XML feeds are used for data exchange,not authentication.

ServiceNow can consume XML feeds for integrations but does not use XML feeds to authenticate users.

E. FTP authentication–

FTP (File Transfer Protocol) is used for transferring files between systems and isnot a valid authentication methodin ServiceNow.

ServiceNow Docs: User Authentication Methodshttps://docs.servicenow.com/en-US/bundle/utah-platform-administration/page/administer/security/concept/user-authentication-methods.html

ServiceNow CSA Official Training Guide (User Authentication & Security)

Why the Other Options Are Incorrect?References from Certified System Administrator (CSA) Documentation:These references confirm thatLocal Database, LDAP, and SSOare valid authentication methods in ServiceNow.

InServiceNow, the best practice for managingusers, groups, and rolesis based onrole-based access control (RBAC).

Assign Roles to Groups (Correct)

Instead of assigning roles directly to users, it is abest practice to assign roles to groups.

This ensuresbetter role management, easier administration, and scalability.

Example:

The"IT Support"group has the"itil"role.

All users in this group automatically get theitilrole.

Add Users to Groups (Correct)

Users should be assigned togroupsrather thanroles directly.

Groups inherit roles, so when a user is added to a group, they automatically receivethe appropriate access.

Example:

A new Service Desk agent joins the"Service Desk"group and immediately gets the associated roles (itil,incident_manager, etc.).

A. You should never assign roles to groups(Incorrect)

Incorrect: Assigning roles to groups is therecommended best practice.

Managing roles at thegroup levelmakesaccess control more efficient and scalable.

B. You should assign roles to users(Incorrect)

Incorrect: Assigning roles directly to users isnot a best practicebecause it becomes difficult to manage as the organization grows.

Instead, users should beadded to groupsthat have the necessary roles.

Best Practices for Users, Groups, and Roles:Why Other Options Are Incorrect?

Managing Users, Groups, and Roles

ServiceNow Best Practices for Roles & Groups

Role-Based Access Control (RBAC)

User Administration

References from ServiceNow CSA Documentation: