CompTIA Security+ Practice Test of the Day 260630

Welcome to today’s CompTIA Security+ practice test!

This practice test uses our new UI!

Today’s practice test is based on Subdomain 1.3 (Explain the importance of change management processes and the impact to security) from the CompTIA Security+ SY0-701 objectives.

This beginner-level practice test is inspired by the CompTIA Security+ (SY0-701) exam and is designed to help you reinforce key cybersecurity concepts on a daily basis.

These questions are not official exam questions, nor are they brain dumps, but they reflect topics and scenarios relevant to the Security+ certification. Use them to test your knowledge, identify areas for improvement, and build daily cybersecurity habits.

Note: CompTIA and Security+ are registered trademarks of CompTIA. This content is not affiliated with or endorsed by CompTIA.

To choose CompTIA Security+ practice tests based on specific domains/subdomains, click that link.

CompTIA Security+ Practice Test of the Day 260630

10 questions • Single best answer

Question 1

A change advisory board at a cloud hosting provider reviews a major platform upgrade. Members want assurance that the team can revert all systems to their prior state if the deployment causes failures. Which element addresses this concern?

A. Maintenance window B. Backout plan C. Impact analysis D. Standard operating procedure

Question 2

An IT operations lead schedules a firmware update for production servers during predefined off-peak hours. The team wants the change to occur when business activity is lowest to limit user disruption. What is this scheduled period called?

A. Backout plan B. Approval process C. Maintenance window D. Service restart

Question 3

A systems administrator at a hospital wants to push a configuration change to clinical workstations. Policy requires formal sign-off from designated authorities before any modification proceeds. Which change management element enforces this requirement?

A. Approval process B. Ownership C. Impact analysis D. Version control

Question 4

Before approving a network segmentation change, a security manager wants to understand how the modification could affect dependent systems and overall security posture. The goal is to evaluate consequences in advance. Which activity provides this insight?

A. Backout plan B. Test results C. Maintenance window D. Impact analysis

Question 5

A project manager preparing a change request must identify everyone affected by or interested in a proposed system update, including business units and security teams. She needs the right parties consulted before proceeding. What are these parties called?

A. Owners B. Stakeholders C. Approvers D. Auditors

Question 6

A security engineer implements a change permitting only pre-approved applications to execute on endpoints while blocking all others by default. The team wants tight control over which software can run. Which technical control achieves this?

A. Deny list B. Version control C. Service restart D. Allow list

Question 7

While planning a database server upgrade, an administrator discovers several applications rely on that server to function. Failing to account for these relationships could break connected services. What must be assessed before proceeding?

A. Dependencies B. Backout plan C. Maintenance window D. Ownership

Question 8

During a change rollout, a team encounters older software that cannot support modern encryption or patches but remains business-critical. These systems complicate the planned update. What term best describes such software?

A. Shadow IT B. Restricted activities C. Legacy applications D. Standard operating procedure

Question 9

A DevOps team needs to track every modification to configuration files and roll back to prior revisions when changes cause issues. They want a documented history of all changes over time. Which practice supports this?

A. Backout plan B. Version control C. Impact analysis D. Approval process

Question 10

A change record must clearly designate who is accountable for a proposed modification and its outcome. Auditors flagged that recent changes lacked an identified responsible individual. Which element resolves this gap?