CAD Exam Dumps : Certified Application Developer - ServiceNow

In ServiceNow, Access Controls (ACLs) determine the permissions required for users to access or modify data. For a user to pass an Access Control, the following conditions must be met:

Conditions configured in the Access Control must evaluate to true: Access Controls can have specific conditions set in the "Condition" field. These conditions are evaluated against the current record, and must return true for the Access Control to grant access.

The user has one of the roles specified in the Required roles related list: Access Controls can specify certain roles that a user must possess to gain access. If the user holds at least one of these roles, this criterion is satisfied.

Scripts configured in the Access Control must evaluate to true: Access Controls can include scripts that perform more granular checks. The script must execute without errors and return true for the user to pass the Access Control.

Option A is incorrect because Business Rules do not grant access; they are server-side scripts that execute based on record operations but do not control security permissions.

Option D is misleading. Each Access Control is evaluated independently. While multiple Access Controls can apply to a single operation, passing one does not inherently grant access unless it is the most specific match.

For more detailed information, refer to the official ServiceNow documentation on Access Controls:

servicenow.com

The Allow configuration Application Access option determines whether users can configure the application tables, such as adding or modifying fields, views, or indexes. The following is true for a table with the Allow configuration option selected:

Out of scope applications can create Business Rules for the table. This is true because the Allow configuration option grants access to the table configuration to any user who has the admin or personalize_dictionary role, regardless of the application scope. This means that users can create Business Rules, which are server-side scripts that run when a record is displayed, inserted, updated, or deleted, for the table from any application.

The following are not true for a table with the Allow configuration option selected:

Only the in scope application’s scripts can create Business Rules for the table. This is false because the Allow configuration option does not restrict the creation of Business Rules to the in scope application, as explained above.

Any user with the application’s user role can modify the application’s scripts. This is false because the Allow configuration option does not grant access to the application scripts, such as client scripts or script includes, to any user who has the application’s user role. To modify the application scripts, users need to have the admin role or the application’s admin role.

Out of scope applications can add new tables to the scoped application. This is false because the Allow configuration option does not allow out of scope applications to add new tables to the scoped application. To add new tables to a scoped application, users need to have the admin role or the application’s admin role and be in the application scope. References: Application Access, Business Rules