CSA Exam Dumps - ServiceNow Certified System Administrator Questions and Answers

In ServiceNow, User Criteria define conditions that determine which users can create, read, write, and retire knowledge articles in a Knowledge Base (KB). User Criteria help enforce access control and ensure that only authorized users can interact with specific knowledge bases.

Control who can read, contribute, edit, or retire knowledge articles.

Based on roles, groups, departments, locations, or custom conditions.

Applied at the Knowledge Base level, affecting all articles within that KB.

Can be combined using "Must match all" or "Match any" logic.

Example 1: Restricting Read Access

A knowledge base for IT Support should be accessible only to IT employees.

User Criteria: Department = IT, OR Role = itil

Only IT employees or ITIL users can read articles in this KB.

Example 2: Controlling Who Can Contribute

Only HR staff should be allowed to create or update HR-related knowledge articles.

User Criteria: Group = HR Team, OR Role = knowledge_manager

Only HR Team members and Knowledge Managers can contribute.

User Criteria is the official term in ServiceNow for defining access control conditions for knowledge articles.

It allows precise control over who can read, create, write, or retire articles.

It is a feature within the Knowledge Management application.

A. User Conditions – Incorrect

No such concept exists in ServiceNow. User Criteria, not "User Conditions," determine knowledge article access.

B. User Info – Incorrect

"User Info" refers to details stored in the sys_user table (e.g., name, email) but does not define knowledge permissions.

D. User Permissions – Incorrect

While permissions exist in ServiceNow (via roles and ACLs), User Criteria specifically manage Knowledge Base access.

ServiceNow Docs: User Criteria for Knowledge Management

ServiceNow CSA Study Guide – Knowledge Management Permissions

ServiceNow Product Documentation: Configuring Knowledge Base Access

Key Features of User Criteria:Examples of User Criteria:Why "C. User Criteria" is the Correct Answer?Explanation of Incorrect Options:References from Certified System Administrator (CSA) Documentation:

In ServiceNow, Client Scripts are used to execute JavaScript code on the client-side (browser) to control form behavior, validate data, or enhance user interaction.

Types of Client Scripts in ServiceNow:There are four types of Client Scripts supported in ServiceNow:

onLoad (✅ Option D)

Runs when a form loads.

Used to pre-fill fields, hide/show elements, or set default values.

Example: Automatically setting the "Priority" field to High when a new incident is created.

onChange (✅ Option F)

Runs when a specific field value changes.

Used for dynamic form behavior, such as making fields mandatory based on another field's value.

Example: If "Category" is changed to "Hardware," then show the "Hardware Type" field.

onSubmit (✅ Option A)

Runs when the form is submitted.

Used for final validation before allowing submission.

Example: Preventing submission if a mandatory field is left empty.

onCellEdit (✅ Option C)

Runs when a cell value is edited inline in a list view.

Used to trigger immediate validation or updates without opening the full form.

Example: Displaying an alert when a user directly changes an incident's priority from a list view.

Why Are the Other Options Incorrect?❌ B. onUpdate

No "onUpdate" client script type exists in ServiceNow.

"onUpdate" is relevant in Business Rules, not Client Scripts.

❌ E. onEdit

No "onEdit" client script type exists.

Similar functionality can be achieved with "onChange" or "onCellEdit" scripts.

❌ G. onSave

No "onSave" client script type exists.

"onSubmit" handles validation before saving a record.

Reference from Certified System Administrator (CSA) Documentation:???? ServiceNow Docs – Client Scripts???? ServiceNow Client Scripts Documentation

"Client Scripts can be onLoad, onChange, onSubmit, or onCellEdit depending on when they execute."

Conclusion:✅ The correct answers are:

A. onSubmit (Runs when submitting a form)

C. onCellEdit (Runs when editing a list cell)

D. onLoad (Runs when a form loads)

F. onChange (Runs when a field value changes)

In ServiceNow Role Management, a role is a collection of permissions that control what users can see and do within the platform.

Role Hierarchy (Role Inheritance)

Roles can contain other roles (known as nested roles).

When a user is assigned a parent role, they inherit all child roles within it.

Example:

The ITIL role includes incident_manager and problem_manager roles.

Assigning ITIL to a user automatically grants them all the permissions of the included roles.

Roles Are Assigned by Administrators

Typically, roles are assigned by a System Administrator or an authorized user.

Role-Based Access Control (RBAC)

ServiceNow uses RBAC to control access to applications, records, and actions.

B. Users can click on the Personalize Role feature to try different roles

Incorrect because users cannot manually switch roles unless they have the impersonation privilege.

C. A role is granted to a user by the System Administrator

Partially correct, but not the best answer because roles can also be assigned via groups or automated processes, not just by a System Administrator.

D. Each user has a role in the ServiceNow platform

Incorrect because not all users must have a role.

Example: A self-service user can access the system without having any specific role.

ServiceNow Docs: Role-Based Access Control (RBAC)https://docs.servicenow.com/en-US/bundle/utah-platform-administration/page/administer/roles/reference/r_RBAC.html

ServiceNow CSA Official Training Guide (User & Role Management)

Key Characteristics of Role Assignment:Why the Other Options Are Incorrect?References from Certified System Administrator (CSA) Documentation:This confirms that roles can contain other roles, and when a user is assigned a role, they inherit all roles within it.

A Related List in ServiceNow is used to display records from other tables that are related to the current record. It helps users view and manage associated records without navigating away from the main record they are working on.

Related Lists appear at the bottom of a form view.

They display records from tables that have a relationship (via reference fields, many-to-many relationships, or database joins) with the current table.

Users can add, remove, or modify related records directly from the Related List, depending on their permissions.

Key Features of Related Lists:Why "D. To present related records" is the correct answer?Related Lists show records from another table that have a relationship with the current record. For example:

An Incident record may have a Related List showing all Tasks associated with it.

A User record may have a Related List displaying Group Memberships.

A Change Request record may have a Related List displaying all related CI (Configuration Items).

Option A: "To create a one-to-many relationship" – Incorrect. While Related Lists often display one-to-many relationships, they do not create them. Relationships are defined through reference fields, many-to-many tables, or database joins.

Option B: "To dot-walk to a core table" – Incorrect. Dot-walking allows users to access related fields from referenced records, but it is not the purpose of a Related List.

Option C: "To present related fields" – Incorrect. Related Lists display related records, not just individual fields. Related fields can be accessed using dot-walking or reference fields but are not the same as Related Lists.

ServiceNow Product Documentation - Related Lists

ServiceNow CSA Study Guide - Configuring Forms and Lists

ServiceNow Docs: Relationships in Tables

Explanation of Incorrect Options:References from Certified System Administrator (CSA) Documentation:

The Configuration Management Database (CMDB) in ServiceNow is a centralized repository that stores information about Configuration Items (CIs), their attributes, and relationships. It plays a crucial role in IT Service Management (ITSM), helping organizations track assets, dependencies, and service impacts.

The four correct concepts associated with the CMDB are:

The CMDB is structured using tables and fields within the ServiceNow database.

Different tables store different types of Configuration Items (CIs) such as servers, applications, and network devices.

Example CMDB Tables:

cmdb_ci (Base CMDB Table)

cmdb_ci_server (Stores server-specific CIs)

cmdb_ci_database (Stores database-related CIs)

Each table has fields that store attributes (e.g., Serial Number, IP Address, Location).

The CMDB is essentially a database that holds detailed information about IT assets and their relationships.

It enables organizations to maintain an accurate inventory of IT infrastructure.

The database helps with incident management, change management, and asset tracking.

Dependency View provides a graphical representation of how Configuration Items (CIs) are related.

This visualization helps IT teams understand dependencies, impact analysis, and root cause analysis.

Example:

If a database server goes down, the Dependency View can show which applications and services will be affected.

The CMDB supports various IT Service Management (ITSM) processes, such as:

Incident Management (linking incidents to affected CIs)

Change Management (analyzing the impact of changes on CIs)

Problem Management (identifying root causes of recurring issues)

The CMDB ensures that these processes operate with accurate and updated asset data.

1. Tables and Fields (✅ Correct)2. A Database (✅ Correct)3. The Dependency View (✅ Correct)4. Service Processes (✅ Correct)

Why the Incorrect Option is Wrong:❌ B. User Permissions (Incorrect)

While user permissions (such as roles and access controls) exist in ServiceNow, they are not a fundamental concept of the CMDB itself.

Permissions (like cmdb_read or admin) control who can access and modify the CMDB, but they are not core CMDB components.

An IT administrator wants to check which business services depend on a specific database server before performing maintenance.

Using the CMDB Dependency View, they see that the database server is linked to an email service and a customer portal.

This insight helps them plan a change request to notify impacted users before the server is taken offline.

Example Use Case:

ServiceNow Documentation: CMDB Overview

ServiceNow Learning Path: CMDB Fundamentals

ServiceNow Docs: Dependency Views in CMDB

References:

In ServiceNow, Dot-Walking is a technique used to retrieve information from referenced fields across different tables. It allows users to access data stored in related records without writing complex scripts.

When a field references another table, dot notation (.) is used to traverse the relationship and retrieve additional information from the referenced table.

It works in forms, lists, reports, workflows, business rules, and scripts.

How Dot-Walking Works:Example 1: Retrieving User Information from an Incident RecordLet's say we have an Incident table where the caller_id field references the User (sys_user) table.

If we need to retrieve the caller’s email address, we use:

caller_id.email

Here’s how it works:

caller_id → References the sys_user table

email → Retrieves the email field from the sys_user record

Example 2: Retrieving Department Name of an Incident CallerTo get the department of the caller, we use:

caller_id.department.name

caller_id → References the User table

department → References the Department table

name → Retrieves the department name

(A) Table-Walking – Incorrect ❌

There is no such term as "Table-Walking" in ServiceNow.

The correct term for referencing related fields is Dot-Walking.

(B) Sys_ID Pulling – Incorrect ❌

The sys_id is a unique identifier for each record in ServiceNow, but pulling sys_ids alone does not retrieve referenced field data.

Dot-Walking allows access to fields in related tables, not just the sys_id.

(C) Dot-Walking – Correct ✅

Dot-Walking is the correct technique used in ServiceNow to access referenced fields across tables.

It is used in scripting, reporting, workflows, Business Rules, and UI Policies.

(D) Record-Hopping – Incorrect ❌

There is no such feature as "Record-Hopping" in ServiceNow.

The correct method for referencing data in related tables is Dot-Walking.

Explanation of Each Option:

Dot-Walking reduces the need for complex queries and makes scripting easier.

Use it in filters, reports, and workflows to dynamically retrieve related data.

Limit excessive Dot-Walking in large tables to avoid performance issues.

Alternative for scripts: If Dot-Walking does not work in advanced scripts, use GlideRecord queries to retrieve referenced records manually.

Additional Notes & Best Practices:

ServiceNow Docs: Understanding Dot-Walking

https://docs.servicenow.com

ServiceNow Community: Best Practices for Dot-Walking

https://community.servicenow.com

References from Certified System Administrator (CSA) Documentation:

In ServiceNow, Table Access Control (ACL) rules define the permissions for accessing records within a table. When a user attempts to access a record, ServiceNow processes ACL rules in a specific order to determine if the user has the necessary permissions.

Specific Table Name ACLs

ServiceNow first checks ACL rules that are defined for the exact table being accessed.

If there are multiple ACL rules for the same table, ServiceNow evaluates them from most specific to least specific (i.e., field-level ACLs before table-level ACLs).

Parent Table Name ACLs (If applicable)

If the table inherits from another table (e.g., Incident inherits from Task), ServiceNow next checks ACL rules on the parent table.

This ensures that inherited rules are properly applied.

Wildcard ACLs (*) (Any table)

If no explicit ACL rule is found for the table or its parent, ServiceNow checks wildcard ACL rules (*), which apply to all tables.

Wildcard ACLs act as a last resort when no table-specific rules exist.

Order of Processing ACL Rules:

(A) any table name (wildcard), parent table name, table name – Incorrect

Wildcard rules (*) are processed last, not first.

(B) table name, parent table name, any table name (wildcard) – Correct

This follows the correct processing order:

First: ACLs for the specific table

Second: ACLs for the parent table (if applicable)

Third: Wildcard ACLs (*)

(C) parent table name, table name, any table name (wildcard) – Incorrect

Parent table ACLs are checked after table-specific ACLs, not before.

(D) any table name (wildcard), table name, parent table name – Incorrect

Wildcard ACLs (*) are always processed last, so this order is incorrect.

Explanation of Each Option:

Field-level ACLs (column-specific) take precedence over table-level ACLs.

If multiple ACL rules apply, all must evaluate to true for access to be granted.

Explicit Deny: If an ACL rule explicitly denies access, the user is denied, even if another ACL grants access.

Always Test ACLs: Use the "Security Debugging" feature (/sys_security_acl_list.do) to verify how ACLs are applied.

Additional Notes & Best Practices:

ServiceNow Docs: How Access Control Rules Work

https://docs.servicenow.com

ServiceNow Community: Understanding ACL Processing Order

https://community.servicenow.com

References from Certified System Administrator (CSA) Documentation:

When a new table is created in ServiceNow by extending another table, it follows table inheritance principles. This means the newly created table (child table) receives all the fields from its parent table. Additionally, the new table can include custom fields that are unique to itself.

Here’s how inheritance works in ServiceNow when a table is extended:

Fields Inheritance:

The child table automatically inherits all fields from its parent table.

These inherited fields cannot be removed from the child table but can be modified or overridden.

The child table can also have additional custom fields that do not exist in the parent table.

Business Rules, Client Scripts, and UI Policies:

Unlike fields, these components are not automatically inherited.

However, they can still affect the child table if they are defined on the parent table using conditions that include the child table.

To apply them specifically to the child table, they need to be explicitly defined for the new table.

Access Control Rules (ACLs):

ACLs are not automatically inherited.

Each table in ServiceNow has its own set of Access Control Rules, which must be explicitly configured for the child table if different permissions are required.

Database Structure:

The child table creates a one-to-one relationship with the parent table, meaning all fields in the parent are available in the child table.

The new table is stored as a separate entity but references the parent table’s structure.

The child table inherits all fields from the parent table. ✅

The child table can also have its own custom fields. ✅

Business Rules, Client Scripts, UI Policies, and ACLs are not automatically inherited, meaning options B and D are incorrect.

The table does not archive the parent table (making option A incorrect).

ServiceNow Product Documentation – Table Inheritance:https://docs.servicenow.com

ServiceNow Fundamentals – Table Relationships

ServiceNow Developer Portal – Extending Tables

ServiceNow Best Practices – Access Controls & Security Rules

Why Option C is Correct?References from Certified System Administrator (CSA) Documentation:

In ServiceNow, the Service Catalog is a structured collection of IT and business services that users can request. It is designed to provide a self-service experience for end-users, streamlining service requests and automating fulfillment processes. The main components of a Service Catalog include:

Record Producers – These are simplified forms that allow users to create records in various tables without requiring direct access to those tables. They enable users to submit requests or incidents through the catalog in a user-friendly manner.

Order Guides – These facilitate the ordering of multiple related catalog items in a single request. For example, when a new employee is onboarded, an order guide can group multiple items such as a laptop, software access, and a phone.

Catalog Items – These are the individual items or services that users can request through the Service Catalog. Examples include hardware (like laptops and monitors), software access, and other business services.

Option A (Order Guides, Exchange Rates, Calendars) –

Exchange Rates and Calendars are not part of the Service Catalog framework in ServiceNow.

While Exchange Rates may be relevant in financial applications, they do not define the core components of the Service Catalog.

Calendars are used for scheduling, but they do not form part of the Service Catalog structure.

Option B (Order Guides, Catalog Items, and Interceptors) –

Interceptors are used to guide users through form-based submissions, but they are not a fundamental component of the Service Catalog.

Order Guides and Catalog Items are correct, but the presence of Interceptors makes this option incorrect.

Option C (Catalog Items, Asset Contracts, Task Surveys) –

Asset Contracts relate to IT Asset Management (ITAM) and are not core Service Catalog components.

Task Surveys are used for feedback collection but are not part of the core structure of a Service Catalog.

ServiceNow CSA Documentation: Service Catalog Overview

ServiceNow CSA Learning Path: Service Catalog Fundamentals

ServiceNow Product Documentation: Order Guides & Record Producers

Why the Other Options Are Incorrect:References:

In ServiceNow, the best practice for managing users, groups, and roles is based on role-based access control (RBAC).

Assign Roles to Groups (Correct ✅)

Instead of assigning roles directly to users, it is a best practice to assign roles to groups.

This ensures better role management, easier administration, and scalability.

Example:

The "IT Support" group has the "itil" role.

All users in this group automatically get the itil role.

Add Users to Groups (Correct ✅)

Users should be assigned to groups rather than roles directly.

Groups inherit roles, so when a user is added to a group, they automatically receive the appropriate access.

Example:

A new Service Desk agent joins the "Service Desk" group and immediately gets the associated roles (itil, incident_manager, etc.).

A. You should never assign roles to groups ❌ (Incorrect)

Incorrect: Assigning roles to groups is the recommended best practice.

Managing roles at the group level makes access control more efficient and scalable.

B. You should assign roles to users ❌ (Incorrect)

Incorrect: Assigning roles directly to users is not a best practice because it becomes difficult to manage as the organization grows.

Instead, users should be added to groups that have the necessary roles.

Best Practices for Users, Groups, and Roles:Why Other Options Are Incorrect?

Managing Users, Groups, and Roles

ServiceNow Best Practices for Roles & Groups

Role-Based Access Control (RBAC)

User Administration

References from ServiceNow CSA Documentation: