YouTube
shieldCISSP Practice Domain 7 — Security Operations Q107 of 120

Which configuration management practice prevents unauthorized changes from being deployed to production?

A CISSP practice question covering Domain 7: Security Operations. Try answering before reading the explanation below.

Show options & answer
A
Skipping change reviews
B
Formal change management with CAB approval, testing, and rollback plans
✓ Correct answer
C
Sharing root credentials widely
D
Editing live systems directly
Why "Formal change management with CAB approval, testing, and rollback plans" is the right answer

Mature change management gates production changes through review, testing, scheduling, communication, and rollback planning. CAB (Change Advisory Board) reviews risky changes. The other options are anti-patterns.

Study videos for this topic

Want to go deeper on Domain 7? Watch the full breakdown — every video is free, no account, no upsell.

CISSP Domain 7: Digital Forensics & Chain of Custody
Domain 7 — Security Operations
CISSP Domain 7: SIEM, IDS/IPS, Honeypots & UEBA
Domain 7 — Security Operations
CISSP Domain 7: Least Privilege, SoD & Resource Protection
Domain 7 — Security Operations
Take the full CISSP practice test
120 questions, instant explanations, study-video links on every miss. No account.
Start full test →

Other practice tests

All practice tests CISSP videos Glossary