---

⭐ Section 1: ITOM Basics (For Freshers)

⭐ ITOM Interview Questions & Answers

1. What is ITOM in ServiceNow?

Answer:
ITOM means managing all IT operations of an organisation — servers, applications, network devices, cloud, alerts, failures, etc.
ServiceNow ITOM helps companies see everything running in IT, track changes, and prevent issues before they happen.

Example:
Imagine you’re running a hotel. ITOM is like a system that shows:

• which rooms are empty
• which rooms are booked
• which AC is not working
• which light is blinking
  This helps you fix problems quickly.

---

2. Why is ITOM used?

Answer:
Because companies want:
✔ Zero downtime
✔ Better visibility
✔ Automatic discovery
✔ Quick root-cause analysis
✔ Reduced manual work

---

3. What are the main components of ITOM?

Answer:
ITOM in ServiceNow mainly includes:

1. Discovery
2. Service Mapping
3. Event Management
4. Orchestration
5. Cloud Management

---

4. What is a CI?

Answer:
CI = Configuration Item
Anything that needs to be tracked in ITOM is a CI.

Example CIs:

• Server
• Laptop
• Database
• Application
• Router

---

5. What is a CMDB?

Answer:
CMDB = Configuration Management Database
It is a big database that stores information about all CIs.

Example:
If a server goes down, CMDB helps you know:

• Which app uses that server
• Who owns the app
• Which network is connected

---

6. What is Discovery?

Answer:
Discovery automatically finds all devices and applications in an organisation and adds them into CMDB.

---

7. Types of Discovery?

Answer:

1. Horizontal Discovery – finds servers, databases, network devices
2. Vertical Discovery (Service Mapping) – finds how apps connect together

---

8. What is a MID Server?

Answer:
MID Server = A bridge between ServiceNow and your company network.
It helps Discovery & Orchestration communicate with internal devices.

Simple Example:
Like a postman delivering messages between ServiceNow and your servers.

---

9. What is Service Mapping?

Answer:
Service Mapping finds the end-to-end flow of an application.

Example:
For an e-commerce website, Service Mapping shows:
User → Web Server → App Server → Database Server → Payment Gateway

---

10. What is an Event?

Answer:
An Event is a signal that something happened.
Example: CPU high, memory down, disk full.

---

⭐ Section 2: ITOM Intermediate (For Both Freshers & Experienced)

11. What is Event Management?

Answer:
Event Management collects alerts from monitoring tools and converts them into events and incidents automatically.

---

12. What is an Alert?

Answer:
Alert = A notification that something is wrong.
Example: “CPU 95% on Server XYZ”

---

13. What is an Alert Rule?

Answer:
Alert Rule tells ServiceNow what to do when an alert comes.

Example rules:

• Create an incident
• Change priority
• Assign to team

---

14. What is Orchestration?

Answer:
Orchestration automates manual work like:

• Reset password
• Restart server
• Create user
• Start/stop services

Think of it as a robot doing IT tasks automatically.

---

15. Difference between Discovery and Service Mapping?

Feature	Discovery	Service Mapping
Purpose	Finds devices	Maps application flow
Scope	Servers, network	End-to-end business service
Depth	Broad	Deep

---

16. What is Identification Rule in CMDB?

Answer:
It defines how ServiceNow identifies two CIs as same or different.

Example:
Two servers with same Serial Number → consider as same CI.

---

17. What is a Reconciliation Rule?

Answer:
When multiple data sources update CMDB, reconciliation rules decide whose data is trusted.

---

18. What is a Pattern in Discovery?

Answer:
A pattern is a template used by Discovery to identify and scan devices.

Example:
Windows pattern
Linux pattern
MySQL pattern

---

19. What is Health Dashboard?

Answer:
It shows CMDB quality:
✔ Duplicate CIs
✔ Missing fields
✔ Orphan CIs
✔ Stale CIs

---

20. What is CI Relationship?

Answer:
It tells how two CIs are connected.

Example:
App Server → runs on → VM
VM → hosted on → ESX Server

---

⭐ Section 3: ITOM Advanced (For Experienced)

21. What is Health Scan in CMDB?

Answer:
Health scan checks accuracy of CMDB based on:

• Completeness
• Correctness
• Compliance

---

22. What is a Topology Map?

Answer:
A visual map showing how servers, applications, and devices interact.

---

23. What is Service Graph?

Answer:
Service Graph extends CMDB with deep relationships and application dependencies.

---

24. What is Metric vs Event?

Type	Meaning	Example
Metric	Continuous measurement	CPU 60%, CPU 70%
Event	Sudden change / alert	CPU suddenly 95%

---

25. What is a Probe and Sensor (older method)?

Probe: Collects raw data
Sensor: Processes the collected data and updates CMDB

Patterns replaced many probes/sensors.

---

26. What is Anomaly Detection?

Answer:
AI-based feature that finds unusual patterns.

Example:
CPU usually 40–50%. Suddenly it becomes 90% → anomaly detected.

---

27. What is Cloud Discovery?

Answer:
Discovery for AWS, Azure, GCP resources like:

• EC2
• S3
• RDS
• Azure VM
• Cloud networks

---

28. Explain Event → Alert → Incident flow.

1. Monitoring tool says “CPU 98%” (Event)
2. ServiceNow receives it (Alert)
3. If rule allows → create Incident

---

29. What is IntegrationHub in ITOM?

Answer:
Used for integrating with tools like:

• SolarWinds
• Zabbix
• Nagios
• AWS/Azure

---

30. What is Application Service?

Answer:
A logical group of CIs that together deliver a business service.

Example:
“Online Banking” includes:

• Web Server
• App Server
• DB Server
• Firewall

---

⭐ Section 4: Scenario-Based Questions (Very Important)

31. If Discovery is showing duplicate servers, how will you fix it?

✔ Check Identification rules
✔ Check serial numbers
✔ Check IPs are unique
✔ Check Duplicate CI Remediation dashboard

---

32. Discovery is failing at “Credentials”. What will you check?

✔ Username/password validity
✔ Firewall rules
✔ SSH/RDP permissions
✔ MID Server reachability

---

33. Alerts are coming but incidents are not created. What will you check?

✔ Alert Rules
✔ Event Rules
✔ Assignment group
✔ Incident creation workflow enabled

---

34. CMDB CI relationships are broken. How to fix?

✔ Run Service Mapping
✔ Check relationship rules
✔ Re-run Discovery
✔ Fix stale records

---

35. Application is down. How do you find root cause using ITOM?

✔ Check Event Management alerts
✔ Check Topology Map
✔ Identify failing CI
✔ Check dependencies
✔ Analyse changes from Change Management

---

⭐ Final Section: Short 1-Line Answers for Quick Interview Revision

1. MID Server = Communication bridge
2. CMDB = Stores CI details
3. Discovery = Finds devices
4. Service Mapping = Maps service flow
5. Event = Something happened
6. Alert = Something wrong
7. Orchestration = Automation
8. CI Relationship = Connection between CIs
9. Pattern = Discovery blueprint
10. Topology = Visual map