CERTIFIED-IN-CYBERSECURITY Question #546: Real Exam Question with Answer & Explanation

Question

Why is it important to have a rollback plan in place for organizations that do not have the ability to fully test a change?

Options

• ABecause it allows them to introduce new changes into the environment
• BBecause it allows them to determine the baseline of their system
• CBecause it allows them to roll back to a previous state if necessary
• DBecause it allows them to rely on third-party vendor testing

Explanation

A rollback plan is critical for organizations that cannot fully test a change. This is because a rollback plan provides a safety mechanism that allows the organization to revert to a previous state if the implemented change results in unexpected problems or vulnerabilities (see ISC2 Study Guide, Chapter 5, Module 2). For example, if an organization deploys a new software update that inadvertently causes the system to crash, having a rollback plan in place allows the organization to quickly revert to the previous stable state, minimizing downtime and potential damage. Introducing new changes to the environment is not the primary reason for having a rollback plan. While changes are necessary for growth and improvement, they should be carefully implemented and thoroughly tested to minimize potential risks. Relying on third-party testing can be part of an organization's overall change management strategy, but it doesn't replace the need for a rollback plan. Establishing the baseline of your system is an important part of change management, but there are other reasons for having a rollback plan. After all, a rollback plan is specifically designed to provide a safety net in case changes cause unforeseen problems, not to establish a system's baseline.

No community discussion yet for this question.