Section 4: Operational Procedures

Ticketing System

Used to manage requests incidents, and problems that are submitted by the users

Incident

An issue that happened one time or an isolated issue

Problem

An incident that happened multiple times across multiple users/devices

Request

Asking for something from the IT department

Incident

Related to any kind of error or unexpected issue that may arise by an end user when using a system

Asset Management

Systematic approach to the governance and realization of value of things over its life cycle

Change

Addition, modification, or removal that may have a direct or indirect effect on IT services

Standard Changes

Preauthorized and can be implemented without any additional authorization

Normal Changes

Changes where the authorization is gained

Change Schedule

Helps plan the changes and assists in communicating such changes to the stakeholders to avoid conflicts

Acceptable Use Policy (AUP)

A document stipulating constraints and practices that a user must agree to for access to a corporate network or the internet

Splash Screen

Shows up when someone tries to log into a computer

Standard Operating Procedure (SOP)

An inflexible, step-by-step listing of the actions that must be completed for a given task

End-user Termination Checklist and Procedures

Used as part of the employee offboarding process

Incident Report/After Action Report (AAR)

Gathers the opinions of all involved users, customers, technicians, managers, and stakeholders

Network Topology Diagrams

Show exactly how the network was designed

Service Level Agreement (SLA)

A formal contract that defines the level of service a provider must deliver

Internal SLAs

Agreements between departments or teams within the same organization

Full Backup

Creates a complete copy of all selected files, folders, hard drives, or applications in a single operation

Incremental Backup

Only back up things that have changed since the last backup

Differential Backup

Backs up all the data that has been changed since the last backup

Synthetic Backup

Creates a new full backup by merging the last full backup with subsequent incremental backups on the storage server

On-site

The backup storage mechanism is located in the same location as the system they’re backing up

Off-site

Backing up to some system not inside the same physical building where workstations are

Grandfather-Father-Son (GFS)

Tape media rotation scheme that allows some of your backup media to be taken to an offsite storage

3-2-1 Backup Rule

Requires three copies of data, including a production copy on servers, two different types of media, and one copy held offline and off-site

Redundant Power Supply

Enclosure that provides two or more complete power supplies inside of one

Surge

Unexpected increase in the amount of voltage that’s being provided

Spike

A short, transient voltage from a short circuit breaker, a power outage, or even a lighting strike

Sag

An unexpected decrease in the amount of voltage provided

Brownout

Occurs when a voltage drops to such an extent that it causes lights to dim and computers to shut off

Blackout

Occurs when there is a total loss of power for a long period of time

Uninterruptible Power Supply (UPS)

Combines the functionality of a surge suppressor with a battery backup

Backup Generator

An emergency power system used to provide power during an outage of the regular supply from the electric grid

Equipment Grounding

Ensures every electrical device has a path to the ground that provides the least amount of resistance for electrical current to flow away harmlessly

Proper Power Handling

Methods to keep technician safe when working on electrical equipment

Electrostatic Discharge (ESD)

Occurs whenever there’s a path that allows electrons to rush from a statically charged body to a component that has no charge

Material Safety Data Sheet

Contains all the information about the ingredients, health hazards, precautions, and first aid information

AI Policies

Provide formal guidelines for the design, deployment, and use of AI systems

Accountability

Organizations must clearly define who is responsible for the decisions made by AI systems and their outcomes

Bias

AI systems can inadvertently produce biased results due to flaws in training data or algorithm design

Data Privacy

Ensure that this data is collected, stored, and processed responsibly/privately

Transparency

Organizations must ensure that users and stakeholders understand how AI systems function and make decisions

Appropriate Use

Ensures that AI systems are used ethically and align with an organization’s values

Plagiarism

Ensure that AI-generated material respects intellectual property rights and maintains originality

Bias

Can originate from the datasets used to train AI models and it reflects the prejudices or gaps inherent in the data

Hallucination

Occurs when an AI system produces outputs that are entirely fabricated or inaccurate while presenting them as factual

Accuracy

While AI can process vast amounts of data and identify patterns more quickly than humans, it is not always accurate

Public AI

Refers to models and platforms made available to the general public

Private AI

Artificial intelligence use customized for specific organizations and operates within controlled environments

Incident Response

A set of procedures an investigator follows when examining a computer security incident

Identification

Process of recognizing if an event should be classified as an incident or not

Containment

Focused on isolating the incident or problem

Eradicate

To remove the threat or attack

Recovery

Focused on data restoration, system repair, and re-enabling any servers or networks

Lesson Learned

A process used to document the incident response process and make any changes to the procedures and the processes

Chain of Custody

The record of evidence history from collection to court presentation and disposal

Faraday Bag

Shields devices from outside signals to prevent data from being altered, deleted, or added to a new device

Legal Hold

Preserves all relevant information when litigation is reasonably expected to occur

Data Acquisition

Creates a forensically sound copy of the data from a source device

Order of Volatility

Collecting evidence that could be easily tampered or destroyed first

Personal License

Allows one individual user to use a piece of software on their given machine

Corporate License

A license for each individual machine or person who is actively using the license

Active Users

People who are actually logged in at this moment using that piece of software

Licenses

Provide the legal access to use a software, and also the privilege of getting all the updates and security patches

End User License Agreement

Dictates the terms of the license for a software

Digital Rights Management

Ensures copy protection for music and video that is being used in an online or digital manner

Data Classification

Based on its value to the organization and the sensitivity of the information if it were to be disclosed

Public Data

No impact to the company if released and is often on a company’s website

Sensitive Data

Minimal impact if released and includes things like a company’s finances

Confidential Data

Contains items such as trade secrets, intellectual property data, source code, and things that would harm the company if disclosed

Unclassified

Can be released to the public under the Freedom of Information Act

Controlled Unclassified Information (CUI)

Includes unclassified information that should be protected from public disclosure

Secret Data

Includes data such as military deployment plans and other things that would damage national security if disclosed

Top Secret Data

Includes blueprints for weapons or other information that could gravely damage national security if known by those unauthorized to know

Data Retention

Maintains and controls certain data to comply with business policies and applicable laws and regulations

Data Preservation

Keeping information for a specific purpose outside of an organization’s data retention policy

Recovery Point Objective (RPO)

Maximum amount of time that can be lost from a recovery after a disaster, failure, or other event

Data Type

A tag or a label to identify a piece of data under a subcategory of a classification

Health Data

Health Insurance Portability and Accountability Act

Financial Data

Consists of pieces or sets of information related to the financial health of business

Payment Card Industry/Data Security Standard (PCI/DSS)

An agreement that any organization that collects, stores, or processes credit card customer information must abide by

Intellectual Property

A type of data that includes intangible creations of human intellect

Personally Identifiable Information (PII)

Data used to identify, contact, or locate an individual. Information such as SSN, name, date of birth, email address, etc.

Data Format

This is the organization of the information into preset structures or specifications

Non-Disclosure Agreement (NDA)

Defines what data is confidential and cannot be shared outside of a relationship

Memorandum of Understanding (MOU)

Non-binding agreement between two or more organizations to detail what common actions they intend to take

Service-Level Agreement (SLA)

Documents the quality, availability, and responsibilities agreed upon by a service provider and a client

Shell Script

Text-based file that contains commands that can be interpreted and presented to the computer

Batch File (.bat)

Text-based file containing Windows commands and is interpreted from the command line environment

PowerShell (.ps1)

Allows for more complex scripts

Visual Basic Script (.vbs)

Scripting language based on the Visual Basic programming language

Linux Shell Script (.sh)

Works a lot like a batch script inside of Windows

JavaScript File (.js)

Scripting language designed to be implemented inside of a web-based interface

Python (.py)

General-purpose scripting and programming language that is used to develop automation scripts and full-fledged software applications

Network Drive Remapping

Done with normal command line interface using a batch file (.bat) or PowerShell

Telnet (23)

Sends text-based commands to remote devices and is a very old networking protocol

Secure Shell (SSH) (22)

Encrypts everything that is being sent and received between the client and the server

Remote Desktop Protocol (RDP) (3389)

Provides graphical interface to connect to another computer over a network connection

Remote Desktop Gateway (RDG)

Provides a secure connection using the SSL/TLS protocols to the server via RDP