Alerts and Tasks Questions

Alert records, scheduled jobs, alert management rules, priority scores, incident creation, correlation rules, aggregation, and Service Operations Workspace

18 total questions2 free questions

All CIS-EM Questions

About Alerts and Tasks

Alerts and Tasks is the largest exam domain by weight, focusing on alert management rules, scheduled jobs, alert clustering, correlation, and automated response actions including incident creation and remediation.

Why This Matters for Your Exam

Alert management is where Event Management delivers value by automating responses to IT issues. Understanding alert rules, clustering, correlation, and synchronization with alert grouping is essential for the exam and real-world implementations.

Key Concepts to Master

Alert Management Rules (sn_em_arm) determine responses to alerts such as opening incidents, running subflows, or launching remediation actions. Rules are evaluated every 11 seconds by scheduled jobs and run only on open alerts. Alert clustering using key values groups related alerts based on CI attributes like location or supplier. For enhanced performance, use subflows instead of workflows. Users with evt_mgmt_admin can create rules; evt_mgmt_operator can manually run them.

Exam Tips

Practice Questions

18 questions available

knowledge

How often are alert management rules checked by default in Event Management?

AEvery 5 seconds

BEvery 11 seconds

CEvery 30 seconds

DEvery 60 seconds

👆 Click an option above to select your answer

understandingSelect all that apply

Which two roles can interact with Alert Management Rules? (Choose two.)

Aevt_mgmt_admin - can create and customize rules

Bevt_mgmt_operator - can manually run rules

Citil - can approve rule changes

Devt_mgmt_user - can delete rules

👆 Click an option above to select your answer