CompTIA Security+ · SY0-701
Objective 1.3: Explain the importance of change management processes and the impact to security
Practice questions for Security+ objective 1.3, “Explain the importance of change management processes and the impact to security.” Every question is original, written to the SY0-701 exam objectives, and comes with a full explanation — answer them below to see instant grading.
This objective sits in Domain 1.0: General Security Concepts, which is about 12% of the exam — so mastering it moves your readiness score meaningfully.
1.A company experiences a critical zero-day exploit actively targeting its production web servers. The security team needs to deploy a hotfix immediately but cannot wait for the standard two-week change management approval cycle. What process should they invoke?
2.After deploying a new security configuration to 500 workstations, an administrator discovers that the change has caused an unexpected conflict with an endpoint security agent, causing the agent to crash. Before making any further changes, which step should the administrator take first?
3.An administrator needs to update the allow list on a web application firewall (WAF) to permit traffic from a new third-party service. The change management process for this update would most likely need to include which of the following steps?
4.A company maintains a list of approved applications that are permitted to run on employee workstations. Any application not on this list is automatically blocked from executing. What is this security mechanism called?
5.A security engineer is evaluating the organization's public key infrastructure for several use cases. For each use case, the engineer must select the appropriate key type, length, and algorithm. The use cases are: (A) securing TLS connections to a high-traffic public web server requiring strong security with optimal performance; (B) signing software releases to provide integrity and authenticity assurance to customers who download the software; (C) encrypting a symmetric key for secure transmission to a recipient who will use it to decrypt a large dataset. Which combination of algorithm selections is most appropriate for all three use cases, and what is the key property that makes elliptic curve algorithms particularly suitable for use case A?
Practice every objective, adaptively
CertBench tracks your score on 1.3 and every other objective, then builds a daily plan that targets your weakest spots. Start with the free diagnostic.
Take the free diagnostic