CISSP Question #927: Real Exam Question with Answer & Explanation

The correct answer is B: Promoting programs to production without approval. In a change-controlled environment, processes are put in place to ensure that any changes to production systems-whether they involve software, configuration, or infrastructure-are made in a controlled, authorized manner to avoid introducing errors, security vulnerabilities, or di

Submitted by packet_pusher· Mar 5, 2026Software Development Security

Question

In a change-controlled environment, which of the following is MOST likely to lead to unauthorized changes to production programs?

Options

AModifying source code without approval
BPromoting programs to production without approval
CDevelopers checking out source code without approval
DDevelopers using Rapid Application Development (RAD) methodologies without approval

Explanation

In a change-controlled environment, processes are put in place to ensure that any changes to production systems-whether they involve software, configuration, or infrastructure-are made in a controlled, authorized manner to avoid introducing errors, security vulnerabilities, or disruptions. Promoting programs to production without approval directly violates these change control procedures and is most likely to lead to unauthorized changes.

Topics

#change management#production changes#unauthorized changes

Community Discussion

No community discussion yet for this question.

Full CISSP Practice Browse All CISSP Questions