CompTIA A+ 1102 Privacy, Licensing, and Policies

Incident Response : Chain of Custody

- control evidence and maintain integrity
- documents everybody who comes into contact with the evidence
- avoid tampering
- use hashes
- label and catalog everything
- use digital signatures

Incident Response : First Response (steps)

1. identify the issue
- logs, monitoring data
2. report to proper channels
3. collect and protect evidence

Software Licenses

- included with most software
- per-seat or concurrent
- may expire or may be perpetual

Personal Software Licenses

perpetual

Corporate Use Software Licenses

- per-seat/per-site
- the software may be installed everywhere
- annual renewals

Free and Open Source (acronym)

FOSS

End User License Agreement (acronym)

EULA

EULA

determines how software can be used

Payment Card Industry Data Security Standard (acronym)

PCI DSS

PCI DSS

- a standard for protecting credit card information
- six control objectives

General Data Protection Regulation (acronym)

GDPR

GDPR

- European union regulation
- data protection and privacy for individuals in the EU
- gives users control of their personal data
- right of erasure

Protected Health Information (acronym)

PHI

PHI

regulated with HIPAA