CompTIA Updated SY0-701 Exam Questions and Answers by bentley

Effective change management requires structured planning, testing, review, approval, deployment, and rollback capabilities. According to CompTIA Security+ SY0-701, one of the most critical components of change management is having a backout plan, which allows the organization to safely revert changes if the update or patch causes issues, operational disruption, or security instability. A proper backout plan reduces downtime, maintains system availability, and protects against unexpected failures.

Approving a change after deployment (A) violates standard change management protocols. Approval must occur before live implementation. Using a spreadsheet (C) is not considered an effective or secure change management mechanism. Automatic bypassing of change controls (D) is dangerous, even for security patches, because changes must be tested to avoid service outages or unintended vulnerabilities.

Therefore, the best description of effective change management is B: Having a backout plan when a patch fails.

Detailed Explanation:A simulated failover tests the disaster recovery site ' s ability to handle a full transition of services. This ensures all systems can function as expected during an actual disaster. Reference: CompTIA Security+ SY0-701 Study Guide, Domain 5: Security Program Management, Section: " Disaster Recovery and Business Continuity Planning " ​​.

The best answer is B. Update user guidance to include suspicious incident reporting.

The phishing simulation results show that users were not fooled, which means awareness training is already helping them avoid credential theft. However, the employees deleted the email without reporting it. That means the organization missed an opportunity to:

investigate the message further

identify other recipients

block similar messages

improve incident response visibility

update defensive controls quickly

The most valuable next step is to train or guide users to report suspicious emails, not just ignore or delete them.

Why the other options are incorrect:

A. Implement a strict password reset policy for all senior managers after a security event.This does not address the gap identified by the exercise.

C. Conduct end-user training regarding spear-phishing attempts to raise awareness.The results already show awareness was effective enough to prevent users from falling for the message. The missing behavior is reporting.

D. Require remote workers to use a VPN when connecting to the organization ' s networks.This is unrelated to the phishing exercise outcome.

From a Security+ perspective, user awareness programs should teach employees to identify and report suspicious messages. Therefore, B is the best answer.

This situation is an example of smishing, which is a type of phishing that uses text messages (SMS) to entice individuals into providing personal or sensitive information to cybercriminals. The best responses to this situation are to add a smishing exercise to the annual company training and to issue a general email warning to the company. A smishing exercise can help raise awareness and educate employees on how to recognize and avoid smishing attacks. An email warning can alert employees to the fraudulent text message and remind them to verify the identity and legitimacy of any requests for information or money. References = What Is Phishing | Cybersecurity | CompTIA, Phishing – SY0-601 CompTIA Security+ : 1.1 - Professor Messer IT Certification Training Courses