CompTIA Security+ Practice Test of the Day 090325

Welcome to today’s CompTIA Security+ practice test!

This practice test uses our new UI!

Today’s practice test is based on Subdomain 1.3 (Explain the importance of change management processes and the impact to security) from the CompTIA Security+ SY0-701 objectives.

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, nor are they brain dumps, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To choose CompTIA Security+ practice tests based on specific domains/subdomains, click that link.

CompTIA Security+ Practice Test of the Day 090325

10 questions • Single best answer

Question 1

An organization's change management policy requires that before any security change is approved, all affected teams — including IT, compliance, and business unit leaders — must be consulted during planning. Which change management element ensures these groups are identified and engaged?

A. Ownership B. Standard operating procedure C. Stakeholders D. Impact analysis

Question 2

After applying a new GPO in a test environment, a security administrator documents that the policy correctly enforced workstation lockout settings without breaking any application functionality. This documentation is submitted as part of the formal change request. Which change management element does this represent?

A. Backout plan B. Test results C. Impact analysis D. Standard operating procedure

Question 3

A healthcare organization planning an EHR migration discovers the legacy system uses a proprietary database format no longer supported by modern tools, making integration with newer security controls difficult. Which technical implication of change management BEST describes this situation?

A. Dependencies B. Downtime C. Legacy applications D. Restricted activities

Question 4

A change management review determines that direct production database modifications by administrators are prohibited outside the formal approval workflow. The policy explicitly lists these actions as requiring prior authorization. Which technical implication of change management BEST describes this restriction?

A. Downtime B. Legacy applications C. Dependencies D. Restricted activities

Question 5

After deploying a new firewall rule set, an organization updates its security policy documents to reflect the new traffic restrictions, the business justification for the change, and the updated rule review schedule. Which change management documentation element BEST describes this activity?

A. Updating diagrams B. Version control C. Updating policies/procedures D. Standard operating procedure

Question 6

A web application must be fully stopped and restarted for security configuration changes to take effect. The change management documentation notes this requirement, and the operations team plans accordingly. Which technical implication of change management BEST describes this requirement?

A. Downtime B. Service restart C. Restricted activities D. Dependencies

Question 7

A company documents a step-by-step patching procedure so any technician can perform monthly patch cycles consistently and in the correct order, regardless of who is on shift. Which change management concept BEST describes this documented procedure?

A. Backout plan B. Maintenance window C. Standard operating procedure D. Impact analysis

Question 8

During a change review meeting, the team discovers a planned firewall upgrade also requires updates to three connected IPS sensors due to shared signature databases — a dependency not in the original change request. Which technical implication of change management does this scenario illustrate?

A. Legacy applications B. Restricted activities C. Downtime D. Dependencies

Question 9

A network engineer applies a security patch to a production router. Thirty minutes later, BGP routing tables behave unexpectedly. The engineer executes a pre-documented procedure to roll the firmware back to the previous version, restoring normal routing within minutes. Which change management element enabled the rapid recovery?

A. Impact analysis B. Backout plan C. Standard operating procedure D. Maintenance window

Question 10

A junior administrator attempts to deploy an unauthorized software update to a production server without submitting a change request. The change management system blocks the deployment and alerts the security team. The policy explicitly lists direct production deployments as requiring formal approval. Which change management concept does this represent?