ServiceNow Updated CSA Exam Questions and Answers by brayden

In computing and networking, aclientrefers to anapplication or system that accesses a remote service or another computer system (known as a server). The client-server model is a fundamental concept in computing, where:

A client sends requeststo a server.

The server processes the requestand sends back a response.

This architecture is widely used inweb applications, databases, and ServiceNowitself, whereclients interact with the ServiceNow platform (server) via a web browser or API requests.

In ServiceNow, theclienttypically refers toa user’s browser or an external system making requests via API calls.

Theserveris the ServiceNow instance, which processes requests and returns responses.

Client-side scripts(such asClient ScriptsorUI Policies) run on the user's browser, whileserver-side scripts(such as Business Rules and Script Includes) execute on the ServiceNow server.

How This Relates to ServiceNow:

A. Server→ A serverreceives requestsand processes them but is not the requesting entity.

C. Script→ A script is apiece of codethat executes certain actions but does not represent an entire system accessing a service.

D. Policies→ Policies definerules or behaviors(e.g., UI Policies, Data Policies) but do not access a remote service.

Why Other Options Are Incorrect:

ServiceNow Documentation:Client and Server in ServiceNow

CSA Exam Guide:CoversClient and Server architecturein ServiceNow.

Reference from CSA Documentation:

When a user places an order for an item or service from theService Catalogin ServiceNow, the system generates aRequest (REQ). This is a core component ofRequest Managementwithin the IT Service Management (ITSM) module.

User Places an Order:

The user selects an item from theService Catalog(e.g., a laptop, software, or an access request).

The order may consist of multiple items, depending on the selection.

ServiceNow Generates a Request (REQ):

ThisRequest (REQ#)acts as the umbrella record that tracks the order as a whole.

It is stored in thesc_requesttable.

Creation of Requested Items (RITM#):

Each item within the request generates aRequested Item (RITM#), stored in thesc_req_itemtable.

For example, if the user orders a laptop and a software license, two RITM records are created under the same Request.

Tasks (SCTASK#) Are Created:

Each Requested Item (RITM) may trigger one or moreCatalog Tasks (SCTASK#)in thesc_tasktable.

These tasks define the steps required to fulfill the request (e.g., procurement, approval, and configuration).

A. A Change Request– Incorrect. AChange Request (CHG#)is created only if the requested item involves changes to the infrastructure, such as a server upgrade. Not all catalog items require a change request.

B. An Order Guide– Incorrect. AnOrder Guideis a tool within the Service Catalog that helps users order multiple related items at once. However, it does not get generated when an order is placed.

D. An SLA– Incorrect. AService Level Agreement (SLA)may be associated with the request or tasks, but it is not automatically generated when a request is placed.

ServiceNow Product Documentation → Service Catalog → Request Fulfillment

ServiceNow CSA Study Guide → Service Catalog and Request Management

ServiceNow Tables Reference → sc_request, sc_req_item, sc_task

Understanding the Request Process in ServiceNow:Explanation of Incorrect Answers:References from Certified System Administrator (CSA) Documentation:

InServiceNow Knowledge Management, knowledge articles must be in a specificstatebefore they can be visible to end users. The correct state that allows users to view the article isPublished.

Understanding Knowledge Article StatesKnowledge articles in ServiceNow go through alifecyclethat includes the following states:

Draft– The article is being created or edited and isnot visibleto end users.

Review– The article is under internal review by approvers before publication. It remainshiddenfrom users.

Published– The article isapproved and publicly availableto users who have access to the Knowledge Base.

Retired– The article is no longer relevant or has been replaced. It isnot visibleto end users.

OnlyPublishedarticles appear in the Knowledge Base and can be accessed by users.

Articles inDraft, Review, or Retiredstates arenot visibleto the general audience.

B. Drafted– Articles inDraftare still being written or edited andcannot be accessed by users.

C. Retired– Retired articles are considered obsolete and areno longer displayedin the Knowledge Base.

D. Reviewed– Articles inRevieware under approval butare not yet visibleto users.

ServiceNow Docs: Knowledge Article Stateshttps://docs.servicenow.com/en-US/bundle/utah-servicenow-platform/page/product/knowledge-management/concept/knowledge-article-states.html

ServiceNow CSA Official Training Guide (Knowledge Management Lifecycle & Publishing Workflow)

Why is "Published" the Correct Answer?Why the Other Options Are Incorrect?References from Certified System Administrator (CSA) Documentation:This confirms that aknowledge article must be in the "Published" stateto be visible to users in the Knowledge Base.

Thesix methods available for user authenticationin ServiceNow are:

Local Database– The user authenticates using a username and password stored in theinstance database.

Multifactor Authentication (MFA)– The user provides their username, password, and apasscode(e.g., from Google Authenticator).

LDAP (Lightweight Directory Access Protocol)– The user authenticates using credentials stored in a corporateLDAP directory.

SAML 2.0 (Security Assertion Markup Language)– The user is authenticated via an externalSAML Identity Provider (IdP).

OAuth 2.0– The user authenticates via anOAuth identity provider(such as Google, Microsoft, or Facebook).

Digest Token Authentication– The user authenticates using anencrypted tokenrather than directly submitting a password.

Thus, the correct answer is:

A, B, C, D, E, F

ServiceNow supports multiple authentication methods to provideflexibility, security, and integration capabilitieswith external identity providers.

Local Database Authentication:

ServiceNow storesusernames and passwordsin the internal database.

Users authenticate directly with the instance.

This method is commonly used when no external authentication provider is configured.

Multifactor Authentication (MFA):

Enhances security by requiringtwo authentication factors:

Username and password(stored in the database).

Passcodefrom a registered device (such as Google Authenticator, Microsoft Authenticator).

MFA helpsprevent unauthorized accesseven if credentials are compromised.

LDAP Authentication:

Allows users toauthenticate against an external LDAP directory(such as Microsoft Active Directory).

The user must have amatching record in the ServiceNow user table ([sys_user]).

ServiceNowdoes not store passwordswhen using LDAP; it only validates credentials against the directory.

SAML 2.0 Authentication:

Users authenticate via aSAML Identity Provider (IdP)such asOkta, Microsoft Azure AD, or Ping Identity.

ServiceNow acts as aService Provider (SP)and does not store passwords.

ProvidesSingle Sign-On (SSO)capabilities.

OAuth 2.0 Authentication:

Allows authentication viaOAuth providers(Google, Facebook, Microsoft, etc.).

Users do not need to store passwords in ServiceNow; instead, authentication is delegated to theOAuth identity provider.

Digest Token Authentication:

Uses anencrypted token(instead of a plaintext password) to authenticate users.

Often used forAPI-based authenticationor scenarios where passwords should not be transmitted over the network.

Each method aligns with ServiceNow's authentication mechanisms as per official documentation.

ServiceNow supports a hybrid authentication approach, allowing multiple methods to coexist.

ServiceNow Docs – Authentication Methodshttps://docs.servicenow.com

ServiceNow Security Best Practices – Authentication & Access Controls

ServiceNow Developer Portal – SSO & OAuth Authentication

Why These Are the Correct Methods?References from Certified System Administrator (CSA) Documentation: