Section 1.3 Demonstrate your acquired knowledge about the importance of change management processesand the impact to security. This will demonstrate your proficiency for section 1.3 of the Security+ SY0-701 objectives. 1 / 25 Which tool would help visualize and understand service dependencies before making a network change? Packet sniffer Updated network diagrams Change approval log Intrusion prevention system 2 / 25 Which phase of the change process would test results be reviewed in? Documentation Implementation Maintenance Approval 3 / 25 What process ensures that two teams don’t simultaneously make changes to the same system configuration? Role separation Patch staging Version control Incident response 4 / 25 Why is downtime listed in a change control document? To prepare users and adjust support resources accordingly To evaluate personnel performance To reduce data redundancy To enable patch suppression 5 / 25 Which of the following would be the BEST example of a technical implication requiring security review? A change in CEO A firewall rule modification A printer driver update A lunch policy change 6 / 25 When should a business perform a gap analysis in the context of change management? After data loss Before implementing new systems or security measures After an incident report During employee onboarding 7 / 25 Failing to consider dependencies in a change implementation can lead to: Quicker patching Cascading system failures Better automation Enhanced logs 8 / 25 Why is stakeholder involvement critical in change management? To avoid downtime To ensure that those impacted are informed and involved in the decision-making To validate user credentials To monitor network traffic 9 / 25 What does the term "restricted activity" refer to in change management? Internal-only IP ranges Operations that must not be performed during or after certain changes Limited remote access Expired certificates 10 / 25 What is the security risk of failing to document a service restart requirement in a change plan? Decreased vulnerability scans Poor access control Missed service dependencies causing failure or exposure Redundant user alerts 11 / 25 What does version control primarily help track in security-sensitive environments? User login history Threat actor behavior Changes to system configurations and documentation over time User roles and permissions 12 / 25 Policies and procedures must be updated after a change to ensure: The help desk is notified Operational consistency and compliance User passwords are reset Licensing fees are avoided 13 / 25 What documentation should be updated after a successful change? SLA Network and system diagrams License agreements Time sheets 14 / 25 What is the most likely issue if a system cannot restart due to another program it depends on? Incorrect deny listIncorrect deny list Unmet dependency Faulty access control Inactive SOP 15 / 25 Why are legacy applications considered a risk during change implementation? They may be incompatible with modern security controls or updates They are always patched They support dynamic backups They enforce multifactor authentication 16 / 25 Restarting a service instead of the entire system helps to: Reduce testing time Avoid version mismatches Minimize downtime and disruptions Reboot legacy applications 17 / 25 A deny list is used to: Approve specific updates Block unapproved or malicious applications or IP addresses Log application activity Validate change documentation 18 / 25 Which of the following ensures systems only execute pre-approved software? Patch management Role-based access control Allow list Group policy 19 / 25 Why is a standard operating procedure (SOP) critical for change management? To avoid using test environments To provide consistent steps for applying and documenting changes To replace version control To automate patching 20 / 25 What is the purpose of a maintenance window? A time for administrators to take a break A scheduled period when system changes are applied with minimal user impact A buffer for failed backups A period reserved for vendor patches only 21 / 25 Why is testing important prior to implementing a change in production? It reduces documentation requirements It allows the change window to be skipped It identifies errors or security risks before deployment It validates user training 22 / 25 Which of the following best describes an impact analysis? An audit of old configurations An evaluation of potential effects a change may have on operations and security A rollback strategy A list of required user permissions 23 / 25 Why is a backout plan critical in change management? It helps schedule the next update It allows a system to be restored to its previous state if the change fails It provides a cost estimate It determines stakeholder availability 24 / 25 Who is typically responsible for signing off on change requests that may impact multiple departments? System administrator End user Stakeholder Auditor 25 / 25 What is the primary purpose of the change approval process in a secure IT environment? To reduce downtime during deployment To evaluate risks and authorize the change To assign new owners to systems To escalate security alerts Your score isThe average score is 0% 0% Restart quiz Return to CompTia N+ 10-009 Objectives
