Technical Change Management Flashcards
Security+
What is the first step in putting the change management process into action?
Execute the plan.
Why is there no such thing as a simple upgrade in change management?
It can have many moving parts and may require separate events.
What aspect of change is change management primarily concerned with?
The “what” needs to change.
What is the technical team’s primary concern during a change?
The “how” to change it.
What is an allow list?
A list where nothing runs unless it’s approved, making it very restrictive.
How does a deny list work?
Nothing on the “bad list” can be executed, often used in anti-virus and anti-malware applications.
Why is the scope of a change important?
It defines exactly which components are covered by the change.
What does a change approval signify?
It is not a permission to make any change; it is specific to the approved change.
Why might the scope need to be expanded during the change window?
It’s impossible to prepare for all possible outcomes.
What does the change management process determine?
The next steps in making the change successful.
Why is downtime a concern during changes?
Services will eventually be unavailable, and changes can be disruptive.
When is downtime usually scheduled?
During non-production hours.
What is a method to prevent downtime?
Switch to a secondary system, upgrade the primary, then switch back.
How can downtime events be minimized?
The process should be as automated as possible, including having a backout plan.
What is a common requirement after implementing a change?
A restart of the system or service.
What are the two types of services that may require restarts?
Services and applications.
Why are legacy applications challenging?
They are often unsupported by the developer, leaving you as the support team.
What should you do to manage legacy applications?
Document the system and create specific processes and procedures.
What does it mean if A depends on B in change management?
A service will not start without other active services; dependencies must be managed.
Why can modifying one component be challenging?
It may require changing or restarting other components, potentially across systems.
How can documentation become outdated?
Changes can happen rapidly, necessitating regular updates in the change management process.
What types of documentation updates are important?
Updating diagrams and policies/procedures related to network configurations and new systems.
What is version control?
A method to track changes to a file or configuration over time, allowing easy reversion to a previous setting.
What are some areas where version control is applied?
Router configurations, Windows OS patches, and application registry entries.
Why might version control management be complicated?
Some devices and operating systems provide features, while others may require additional management software.
