ServiceNow Updated CSA Exam Questions and Answers by esmee

In ServiceNow, Access Control Rules (ACLs) define the permissions required for users to interact with records, fields, or UI actions. ACLs are enforced at the database level and are evaluated before granting access to a user.

Access Control rules can be configured using three primary permission requirements:

Roles define a set of permissions assigned to users.

Access Control rules can require users to have a specific role (e.g., admin, itil, catalog_admin) to perform an action on a table, field, or record.

Example:

A rule might state: Only users with the itil role can read the Incident table.

Conditional expressions allow access based on a specified condition.

These conditions are evaluated at runtime, and access is granted if they are met.

Example:

A condition could be: "Allow access if the record's 'State' field is 'New'".

This would mean that users can only modify records if their state is "New".

Scripts allow advanced, custom logic to determine access.

ACLs support server-side scripts (written in JavaScript) that use the gs.hasRole(), current object, or other logic to evaluate whether a user should have access.

Example:

1. Roles (Correct - ✅)2. Conditional Expressions (Correct - ✅)3. Scripts (Correct - ✅)javascript

CopyEdit

// Allow access only if the user is the requester of the record

answer = current.requested_for == gs.getUserID();

Scripts provide flexibility by allowing complex access conditions beyond simple roles or expressions.

C. Assignment Rules ❌ (Incorrect)

Assignment Rules are used to automatically assign records to users or groups based on conditions.

They do not define access control permissions.

E. User Criteria ❌ (Incorrect)

User Criteria is used in Service Catalog and Knowledge Base (KB) to control access to catalog items or knowledge articles.

It is not used for ACLs at the table/field level.

F. Groups ❌ (Incorrect)

Groups are collections of users but cannot be directly used in ACLs.

Instead, roles (which are often assigned to groups) are used to define ACL permissions.

Why Other Options Are Incorrect?

ServiceNow Product Documentation - Access Control Rules

Access Control Rules Overview

Defining Access Control Rules

ServiceNow Security Model

Role-Based Access

Scripted ACLs

References from ServiceNow CSA Documentation:

In ServiceNow, Client Scripts are used to execute JavaScript code on the client-side (browser) to control form behavior, validate data, or enhance user interaction.

Types of Client Scripts in ServiceNow:There are four types of Client Scripts supported in ServiceNow:

onLoad (✅ Option D)

Runs when a form loads.

Used to pre-fill fields, hide/show elements, or set default values.

Example: Automatically setting the "Priority" field to High when a new incident is created.

onChange (✅ Option F)

Runs when a specific field value changes.

Used for dynamic form behavior, such as making fields mandatory based on another field's value.

Example: If "Category" is changed to "Hardware," then show the "Hardware Type" field.

onSubmit (✅ Option A)

Runs when the form is submitted.

Used for final validation before allowing submission.

Example: Preventing submission if a mandatory field is left empty.

onCellEdit (✅ Option C)

Runs when a cell value is edited inline in a list view.

Used to trigger immediate validation or updates without opening the full form.

Example: Displaying an alert when a user directly changes an incident's priority from a list view.

Why Are the Other Options Incorrect?❌ B. onUpdate

No "onUpdate" client script type exists in ServiceNow.

"onUpdate" is relevant in Business Rules, not Client Scripts.

❌ E. onEdit

No "onEdit" client script type exists.

Similar functionality can be achieved with "onChange" or "onCellEdit" scripts.

❌ G. onSave

No "onSave" client script type exists.

"onSubmit" handles validation before saving a record.

Reference from Certified System Administrator (CSA) Documentation:???? ServiceNow Docs – Client Scripts???? ServiceNow Client Scripts Documentation

"Client Scripts can be onLoad, onChange, onSubmit, or onCellEdit depending on when they execute."

Conclusion:✅ The correct answers are:

A. onSubmit (Runs when submitting a form)

C. onCellEdit (Runs when editing a list cell)

D. onLoad (Runs when a form loads)

F. onChange (Runs when a field value changes)

In ServiceNow, User Criteria define conditions that determine which users can create, read, write, and retire knowledge articles in a Knowledge Base (KB). User Criteria help enforce access control and ensure that only authorized users can interact with specific knowledge bases.

Control who can read, contribute, edit, or retire knowledge articles.

Based on roles, groups, departments, locations, or custom conditions.

Applied at the Knowledge Base level, affecting all articles within that KB.

Can be combined using "Must match all" or "Match any" logic.

Example 1: Restricting Read Access

A knowledge base for IT Support should be accessible only to IT employees.

User Criteria: Department = IT, OR Role = itil

Only IT employees or ITIL users can read articles in this KB.

Example 2: Controlling Who Can Contribute

Only HR staff should be allowed to create or update HR-related knowledge articles.

User Criteria: Group = HR Team, OR Role = knowledge_manager

Only HR Team members and Knowledge Managers can contribute.

User Criteria is the official term in ServiceNow for defining access control conditions for knowledge articles.

It allows precise control over who can read, create, write, or retire articles.

It is a feature within the Knowledge Management application.

A. User Conditions – Incorrect

No such concept exists in ServiceNow. User Criteria, not "User Conditions," determine knowledge article access.

B. User Info – Incorrect

"User Info" refers to details stored in the sys_user table (e.g., name, email) but does not define knowledge permissions.

D. User Permissions – Incorrect

While permissions exist in ServiceNow (via roles and ACLs), User Criteria specifically manage Knowledge Base access.

ServiceNow Docs: User Criteria for Knowledge Management

ServiceNow CSA Study Guide – Knowledge Management Permissions

ServiceNow Product Documentation: Configuring Knowledge Base Access

Key Features of User Criteria:Examples of User Criteria:Why "C. User Criteria" is the Correct Answer?Explanation of Incorrect Options:References from Certified System Administrator (CSA) Documentation:

In ServiceNow, administrators can check which release version is running on an instance by navigating to the Stats module. This module provides various system statistics, including the current release name, build number, and other important system details.

Navigate to System Diagnostics → Stats (or simply type “Stats” in the navigation filter).

Scroll down to find the Build name and Version fields.

The displayed version follows the standard ServiceNow naming convention (e.g., "Washington DC Patch 2 Hotfix 1").

How to Check the Release Version via Stats Module:

A. Memory Stats module:

This module provides memory consumption details and performance-related information, but it does not show the instance version.

C. System.upgraded table:

While this table records upgrade history and past version changes, it does not display the current version running on the instance.

D. Transactions log:

This log captures user activities and system transactions but does not provide release version details.

Why Other Options Are Incorrect:

ServiceNow Documentation: View system version details

Certified System Administrator (CSA) Study Guide: Covers System Diagnostics → Stats Module as a key method to verify the running release version.

Reference from CSA Documentation: