CAD Exam - Certified Application Developer-ServiceNow

NEW QUESTION 1
Which of the following statements must evaluate to true for a user to pass an Access Control?
Choose 3 answers

• A. Other matching Access Controls for the records evaluate to true.
• B. Conditions configured in the Access Control must evaluate to true.
• C. The user must be granted access through a business rule.
• D. The user has one of the roles specified in the Required roles related list.
• E. Scripts configured in the Access Control must evaluate to true.

Answer: BDE

Explanation:
The statements that must evaluate to true for a user to pass an Access Control are:
✑ Conditions configured in the Access Control must evaluate to true.
✑ The user has one of the roles specified in the Required roles related list.
✑ Scripts configured in the Access Control must evaluate to true.
An Access Control is a rule that determines whether a user can access a particular object or operation in ServiceNow. An Access Control consists of three elements: Conditions, Roles, and Script. Each element specifies a requirement that the user must meet to access the object or operation. If any of these elements return false, the Access Control denies access and stops evaluating the remaining elements. Therefore, for a user to pass an Access Control, all three elements must evaluate to true.
The other statements are not required for a user to pass an Access Control. Other matching Access Controls for the records do not need to evaluate to true, as only one matching Access Control needs to return true for access to be granted. The user does not need to be granted access through a business rule, as business rules are not part of Access Controls and do not affect their evaluation. Reference: Access control rules, Access Controls

NEW QUESTION 2
Which one of the following is true regarding Application Scope?

• A. All applications are automatically part of the Global scope
• B. Applications downloaded from 3rd party ServiceNow application developers cannot have naming conflicts
• C. Any developer can edit any application
• D. Developers can choose the prefix for a scope’s namespace

Answer: B

Explanation:
https://docs.servicenow.com/bundle/rome-application- development/page/build/applications/concept/c_ApplicationScope.html
The correct statement regarding Application Scope is that applications downloaded from 3rd party ServiceNow application developers cannot have naming conflicts. Application Scope is a feature that identifies and isolates applications and their related artifacts from other applications. Each scoped application has a unique namespace identifier that consists of a prefix and a scope name. This prevents cross-application name collisions and ensures that only authorized scripts can access or modify data in a scoped application. References: [Product Documentation | ServiceNow], [How To Create a Scoped App in ServiceNow - YouTube]

NEW QUESTION 3
You are developing the MyApp application that has a table, Table A. When the MyApp application is installed on an instance, you want Table A's records to be installed as part of the application.
Table A's records will be installed when:

• A. Table A is active and extends the Task table
• B. Table A's records are added to the application record using the Create Application Files context menu item
• C. Table A has an automatic number counter for new records
• D. Table A is not included in the System Clone > Exclude Tables list

Answer: B

Explanation:
https://docs.servicenow.com/bundle/tokyo-application-development/page/build/applications/task/t_IncludeApplicationData.html

NEW QUESTION 4
Why create Applications in ServiceNow?
A) To replace outdated inadequate custom business applications and processes
B) To extend service delivery and management to all enterprise departments
C) To allow users full access to all ServiceNow tables, records and fields
D) To extend the value of ServiceNow

• A. a b and c
• B. a b c and d
• C. b c and d
• D. a b and d

Answer: D

NEW QUESTION 5
When evaluating Access Controls, ServiceNow searches and evaluates:

• A. Only for matches on the current table
• B. Only for matches on the current field
• C. From the most specific match to the most generic match
• D. From the most generic match to the most specific match

Answer: C

Explanation:
When evaluating Access Controls, ServiceNow searches and evaluates:
✑ From the most specific match to the most generic match. This is the correct answer because ServiceNow follows a top-down approach when evaluating Access Control (ACL) rules, which are used to restrict the access to the data and functionality of the ServiceNow platform based on the user’s roles and conditions. ServiceNow starts with the most specific match, which is the field-level ACL rule, then moves to the table-level ACL rule, and finally to the global or * ACL rule. ServiceNow grants access if any of the ACL rules evaluates to true, and denies access if all of the ACL rules evaluate to false.
The following are not correct descriptions of how ServiceNow searches and evaluates Access Controls:
✑ Only for matches on the current table. This is not correct because ServiceNow does not only look for matches on the current table, but also on the parent tables and the global or * table. For example, if there is no ACL rule for the incident table, ServiceNow will look for an ACL rule for the task table, which is the parent table of the incident table, and then for the global or * table, which is the parent table of all tables.
✑ Only for matches on the current field. This is not correct because ServiceNow does not only look for matches on the current field, but also on the table that contains the field and the global or * table. For example, if there is no ACL rule for the short_description field on the incident table, ServiceNow will look for an ACL rule for the incident table, and then for the global or * table.
✑ From the most generic match to the most specific match. This is not correct because ServiceNow does not follow a bottom-up approach when evaluating Access Controls, but a top-down approach, as explained
above. References: Access Control Rules, ACL Evaluation Order
https://developer.servicenow.com/dev.do#!/learn/learning-plans/paris/new_to_servicenow/app_store_learnv2_securingapps_paris_access_controls_ evaluation_order

NEW QUESTION 6
How must Application Access be configured to prevent all other private application scopes from creating configuration records on an application’s data tables?

• A. You must create Access Controls to prevent all other application scopes from creating configuration records on an application’s data tables rather than using Application Access
• B. Set the Accessible from field value to All application scopes and de-select the Can create option
• C. Set the Accessible from field value to This application scope only and de-select the Allow access to this table via web services option
• D. Set the Accessible from field value to This application scope only

Answer: D

Explanation:
Application Access is a feature that allows you to control the access level of other application scopes to your application’s data tables. By setting the Accessible from field value to This application scope only, you can restrict the access to your data tables to only your application scope. This means that other application scopes cannot create, read, write, or delete records on your data tables, unless they have explicit permissions through Access Controls or other means.
References:
✑ Application Access
✑ [Application scope]
https://developer.servicenow.com/dev.do#!/learn/learning- plans/rome/new_to_servicenow/app_store_learnv2_securingapps_rome_application_acces s
https://docs.servicenow.com/bundle/rome-application- development/page/build/applications/concept/c_ExampleDenyingAllDesignAccess.html

NEW QUESTION 7
How can an application link to a repository behind a firewall?

• A. This option is not supported.
• B. Link an application to source control through a MID Server.
• C. Link an application to source control through an access token.
• D. Link an application to source control with multi-factor authentication.

Answer: B

Explanation:
"Use an existing MID Server to connect to a Source Control repository. Linking or importing an application through a MID Server enables access to repositories behind a firewall." https://docs.servicenow.com/bundle/tokyo-application- development/page/build/applications/concept/c_SourceControlIntegration.html

NEW QUESTION 8
Which one of the following is true for a Script Include with a Protection Policy value of Protected?

• A. Any user with the protected_edit role can see and edit the Script Include
• B. The Protection policy option can only be enabled by a user with the admin role
• C. The Protection Policy is applied only if the glide.app.apply_protection system property value is true
• D. The Protection Policy is applied only if the application is downloaded from the ServiceNow App Store

Answer: D

Explanation:
https://docs.servicenow.com/bundle/rome-application-development/page/build/applications/concept/c_ScriptProtectionPolicy.html
The following is true for a Script Include with a Protection Policy value of Protected:
✑ The Protection Policy is applied only if the application is downloaded from the ServiceNow App Store. This is true because the Protection Policy is a feature that allows developers to protect their Script Includes from being viewed or modified by other users when they distribute their applications through the ServiceNow App Store. The Protection Policy is only enforced when the application is installed from the App Store, not when it is developed or tested on the instance.
The following are not true for a Script Include with a Protection Policy value of Protected:
✑ Any user with the protected_edit role can see and edit the Script Include. This is false because the protected_edit role is not related to the Protection Policy, but to the Access Control (ACL) rules. The protected_edit role allows users to edit protected fields on a table, such as the script field on the sys_script table, which stores the Business Rules. The Protection Policy does not use roles to control access to the Script Includes, but a cryptographic key that is generated when the application is published to the App Store.
✑ The Protection policy option can only be enabled by a user with the admin role.
This is false because the Protection policy option can be enabled by any user who has the application_admin role for the scoped application that contains the Script Include. The application_admin role grants full access to the application development and administration within the scope of the application.
✑ The Protection Policy is applied only if the glide.app.apply_protection system property value is true. This is false because the glide.app.apply_protection system property is not related to the Protection Policy, but to the Application Restricted Caller Access (ARCA) feature. The ARCA feature allows developers to restrict the access to the Script Includes from other applications based on the caller’s scope. The glide.app.apply_protection system property determines whether the ARCA feature is enabled or disabled on the instance. References: Script Includes, Protect Script Includes, Application Restricted Caller Access

NEW QUESTION 9
What are some of the benefits of extending an existing table such as the Task table when
creating a new application?
a)You can repurpose existing fields by simply changing the label. b)Use existing fields with no modifications.
c)Existing logic from the parent table will be automatically applied to the new table. d)All of the parent table records are copied to the new table.

• A. a, b, c, and d
• B. a and b
• C. b and c
• D. a, b, and c

Answer: D

Explanation:
Extending an existing table such as the Task table when creating a new application has several benefits, such as:
✑ You can repurpose existing fields by simply changing the label. For example, you can change the Short description field to Summary or Title for your new table.
✑ You can use existing fields with no modifications. For example, you can use the Assigned to, Priority, and State fields for your new table without changing anything.
✑ Existing logic from the parent table will be automatically applied to the new table.
For example, you can inherit the Business Rules, Client Scripts, and UI Policies from the Task table for your new table.
The only option that is not true is d) All of the parent table records are copied to the new table. Extending a table does not copy any records from the parent table to the new table. It only creates a new table that inherits the fields and logic from the parent table.
References:
✑ [Extend a table]
✑ [Task table]

NEW QUESTION 10
Which one of the following is true for this script fragment? g_user.hasRole(,x_my_app_user');

• A. The method returns true if the currently logged in user has the x_my_app_user role or the admin role
• B. The method returns false only if the currently logged in user has the x_my_app_user role
• C. There is no g_user.hasRole() method
• D. The method returns true only if the currently logged in user has the x_my_app_user role

Answer: A

Explanation:
The statement that is true for this script fragment is that the method returns
true if the currently logged in user has the x_my_app_user role or the admin role. The g_user.hasRole() method is a client-side method that checks whether the current user has a specified role or set of roles. If no role is specified, it returns true if the user has any role. If one or more roles are specified, it returns true if the user has any one of the specified roles. However, this method always returns true if the user has the admin role, regardless of the role parameter. Therefore, in this case, the method returns true if the user has either the x_my_app_user role or the admin role. Reference: User Object Cheat Sheet, Checking user permissions

NEW QUESTION 11
Why would you build a custom app?

• A. To fulfill is specific use case on internal processes.
• B. To avoid using a code repository like GiotHub or GitLab
• C. To create a custom integration for a 3rd party system
• D. To replace servieNow base tables

Answer: A

Explanation:
A possible reason to build a custom app is to fulfill a specific use case on internal processes. For example, you may want to digitize a manual process that is not covered by an existing ServiceNow solution, such as managing inventory, tracking expenses, or scheduling events. Building a custom app on the Now Platform can help you automate workflows, improve data quality, and provide better user experiences. The other options are not valid reasons to build a custom app. To avoid using a code repository like GitHub or GitLab is not a reason to build a custom app, as you can still use source control integration with your custom app development. To create a custom integration for a 3rd party system is not a reason to build a custom app, as you can use integration tools such as IntegrationHub or REST APIs to connect with external systems without creating an app. To replace ServiceNow base tables is not a reason to build a custom app, as it is not recommended to modify or delete base tables that are essential for ServiceNow functionality. Reference: Build Custom Apps in ServiceNow – eBook

NEW QUESTION 12
What records are used to track cross-scope applications or scripts that request access to an application, application resource, or event?

• A. Restricted caller access records
• B. Caller tracking records
• C. Access control level records
• D. Cross-scope access records

Answer: A

Explanation:
"Restricted caller access [sys_restricted_caller_access] records track cross-scope applications or scripts that request access to an application, application resource, or event in the Now Platform." <<== this is the third sentence down in the following link: https://docs.servicenow.com/bundle/tokyo-application- development/page/build/applications/concept/restricted-caller-access-privilege.html

NEW QUESTION 13
Which source control operation is available from BOTH Studio and the Git Repository?

• A. Create Branch
• B. Apply Remote Changes
• C. Stash Local Changes
• D. Edit Repository Configurations

Answer: A

Explanation:
The Create Branch operation is available from both Studio and the Git Repository. This operation allows you to create a new branch from an existing branch in your Git repository. You can use branches to work on different features or versions of your application without affecting the main branch. Reference: [Create a branch]

NEW QUESTION 14
Which of the following are true for reports in ServiceNow? (Choose three.)

• A. Any user can see any report shared with them.
• B. Can be a graphical representation of data.
• C. All users can generate reports on any table.
• D. Can be run on demand by authorized users.
• E. Can be scheduled to be run and distributed by email.

Answer: BDE

Explanation:
https://docs.servicenow.com/bundle/rome-platform-administration/page/administer/reference-pages/task/schedule-report.html Generate and distribute scheduled reports via email.
A report is a graphical representation of data from one or more tables in ServiceNow. The following are true for reports in ServiceNow:
✑ Can be a graphical representation of data. This is true because reports can use
various chart types, such as pie, bar, line, or gauge, to visualize data in a meaningful way.
✑ Can be run on demand by authorized users. This is true because reports can be
accessed from the Reports menu or the Report Navigator and run by users who have the appropriate roles and permissions to view the data.
✑ Can be scheduled to be run and distributed by email. This is true because reports
can be configured to run at a specific time and frequency and send the results to one or more email recipients.
The following are not true for reports in ServiceNow:
✑ Any user can see any report shared with them. This is false because users can only see reports that are shared with them if they also have access to the data source of the report. For example, a user who does not have the itil role cannot see a report based on the incident table, even if the report is shared with them.
✑ All users can generate reports on any table. This is false because users can only generate reports on tables that they have access to and that are enabled for reporting. For example, a user who does not have the admin role cannot generate reports on the sys_user table, which is the table for user
records. References: Reports, Report Security

NEW QUESTION 15
When a ServiceNow instance requests information from a web service, ServiceNow is the web service:

• A. Publisher
• B. Specialist
• C. Provider
• D. Consumer

Answer: D

Explanation:
When a ServiceNow instance requests information from a web service, ServiceNow is the web service consumer. A web service consumer is an application that sends requests to a web service provider and receives responses from it. A web service provider is an application that exposes its functionality as web services. A web service publisher is a person or organization that publishes web services for others to use. A web service specialist is a person who has expertise in developing or using web services. Reference: Web services
Reference: https://docs.servicenow.com/bundle/orlando-application- development/page/integrate/web-services/ reference/r_AvailableWebServices.html

NEW QUESTION 16
Here is the Business Rule script template:

This type of JavaScript function is known as:

• A. Constructor
• B. Scoped
• C. Anonymous
• D. Self-invoking

Answer: D

Explanation:
Self-invoking. Learn JavaScript!
This type of JavaScript function is known as self-invoking or immediately-invoked function expression (IIFE). It is a function that is defined and executed at the same time, without being assigned to a variable or being called by another function. It is often used to create a local scope for variables and avoid polluting the global namespace. References: [W3Schools - JavaScript Function Definitions], [MDN Web Docs - Immediately-invoked function expressions]

NEW QUESTION 17
What are Application Files in a ServiceNow application?

• A. An XML export of an application's table records
• B. ServiceNow artifacts comprising an application
• C. XML exports of an application's Update Set
• D. CSV files containing data imported into an application

Answer: B

Explanation:
Application Files are ServiceNow artifacts comprising an application. An application is a group of files and data that work together to provide a service or functionality. An application file is a specific type of file that belongs to an application, such as a table, a script, a form, a business rule, a UI action, etc. Application files define the structure, logic, and interface of the application. An XML export of an application’s table records, XML exports of an application’s Update Set, and CSV files containing data imported into an application are not examples of application files, as they are data formats that can be used to transfer or store information related to an application, but not the application itself. Reference: Application Files

NEW QUESTION 18
What is the best UX format to use for lists and forms?

• A. Forms
• B. Lists
• C. Standard
• D. Classic

Answer: D

Explanation:
there are only two types of UX options: Mobile and Classic. Classic is defined as "manage records via lists and form"

NEW QUESTION 19
Which Application Access configuration field(s) are NOT available if the Can read configuration field is NOT selected?

• A. All access to this table via web services
• B. Can create, Can update, and Can delete
• C. Can read does not affect the availability of other Application Access fields
• D. Allow configuration

Answer: B

Explanation:
"You must first select read access to grant any other API record operation." https://docs.servicenow.com/bundle/tokyo-application- development/page/build/applications/reference/r_TableApplicationAccessFields.html
The Application Access configuration fields control the access level for an application and its tables. The following Application Access configuration fields are not available if the Can read configuration field is not selected:
✑ Can create. This field determines whether users can create records on the
application tables.
✑ Can update. This field determines whether users can update records on the application tables.
✑ Can delete. This field determines whether users can delete records on the application tables.
These fields are not available because they depend on the Can read field, which determines whether users can view records on the application tables. If users cannot read records, they cannot create, update, or delete them either.
The following Application Access configuration fields are available regardless of the Can read configuration field:
✑ All access to this table via web services. This field determines whether users can access the application tables using web services, such as REST or SOAP.
✑ Allow configuration. This field determines whether users can configure the application tables, such as adding or modifying fields, views, or indexes. References: Application Access, Certified Application Developer (CAD) Learning Path

NEW QUESTION 20
Application developers can specify which ServiceNow page a user sees after submitting a new record using the Record Producer Ul. How is the page specified?

• A. Write an after Business Rule script for the Record Producer's table: window.redirect = "<URL>";
• B. Create an application property to store the URL
• C. Write a script in the Record Producer's Script field: producer.redirect = "<URL>";
• D. Configure the page in the Module that opens the Record Producer Ul

Answer: C

Explanation:
Application developers can specify which ServiceNow page a user sees after submitting a new record using the Record Producer UI by writing a script in the Record Producer’s Script field: producer.redirect = “<URL>”;. This script sets the redirect property of the producer object to the URL of the desired page. For example, producer.redirect = “home.do”; will redirect the user to the homepage after submitting the record. The other options are not valid ways to specify the redirect page for a Record Producer.
Reference: Populate record producer data and redirect users

NEW QUESTION 21
......