Free ServiceNow CTA Actual Exam Questions - Question 4 Discussion
specific roles within a ServiceNow instance. Which feature should be utilized?
Yeah, role-based access control is usually separate from encryption itself. Full Disk Encryption (D) and Cloud Encryption (C) won’t help with restricting specific roles at the field level. So maybe it’s about combining encryption with access control somehow?
It’s A too because PI1 Encryption supports role-based access controls along with encryption, which means only certain roles can decrypt and see the sensitive fields—not just blanket field encryption.
It’s B since Column Level Encryption directly protects specific fields, which fits better for controlling access at field level. PI1 is good but mainly for encryption with some access, not as targeted as CLE for fields.
Maybe B, because Column Level Encryption targets specific fields directly, which fits the need for protecting customer data without encrypting everything. The question is about field-level control, so full disk or cloud encryption feels too broad.
Not sure about PI1, but I think B makes more sense here since Column Level Encryption is specifically about protecting data in certain fields. The question says “only accessible to specific roles,” and while encryption helps, it’s the access controls tied to roles that matter most. I don’t think full disk or cloud encryption fit because they work on a broader level, not just specific fields. So, I’d go with B for the targeted field protection combined with role-based access settings.
A, since it’s the only one combining encryption with role-based access control.
It’s A because PI1 Encryption is designed for protecting sensitive data at the field level with granular access controls based on roles. CLE encrypts data but doesn’t control who can see it once decrypted, so it’s more about protecting data at rest than controlling access. The question is about restricting access to specific roles, not just encryption, so PI1 fits better here.
Option B sounds right since it focuses on encrypting specific fields, but does anyone know if CLE supports role-based access directly or just encryption? The question mentions access control, not just encryption.