4.6 - CompTIA A+ Core 2

Incident response

• Incident response: The process of managing the aftermath of a security breach or cyberattack, with the goal of minimizing damage, reducing recovery time, and preventing future incidents.

Chain of custody

• Chain of custody: Refers to the process of maintaining and documenting the handling of evidence related to an incident to ensure its integrity and admissibility in legal proceedings.

Informing management/law enforcement as necessary

• First response (incident response): Identify the issue (logs, monitoring data), and report to proper channels, including internal management and law enforcement.

Copy of drive (data integrity and preservation)

• Copy of drive (incident response): This involves copying the contents of a drive (via imaging software), and preserving the drive using hashes to maintain data integrity.

Incident documentation

• Documentation (incident response): Involves creating a log of all findings during the incident response process - includes an event summary, detailed information on data acquisition, findings, and conclusion.

Order of volatility

• Order of volatility: Refers to how stored data can last without changing - some media is more volatile than others, and data should be gathered in the order of most volatile to least volatile to preserve data integrity.

Licensing/digital rights management (DRM)/end-user license agreement (EULA)

Valid licenses

• Valid licenses: These licenses grant the user the right to use software or access content under specific conditions, ensuring that intellectual property rights are respected. These can be per-seat or concurrent.

Perpetual license agreement

• Perpetual license agreements: Licenses that operate via ongoing subscriptions or payments, allowing users to maintain access to the software indefinitely (the license only stops when the user stops paying).

Personal-use license vs. corporate-use license

• Personal-use license: Software license agreement designed for the home user - usually associated with a single device or a small group of devices. Typically a one-time only purchase.

• Corporate-use license: Software license agreement intended for businesses, allowing installation and use on multiple devices or users within an organization, often requiring volume purchasing and providing additional support or updates. Requires annual renewals.

Open-source license

• Open-source license: Software licensing model that allows users to freely modify the source code of an executable and create their own software.

Non-disclosure agreement (NDA)/mutual non-disclosure agreement (MNDA)

• Non-disclosure agreement (NDA): A legally binding contract that establishes a confidential relationship between parties, ensuring that sensitive information shared during business discussions remains protected from unauthorized disclosure (e.g., trade secrets, business activities).

• Mutual non-disclosure agreement (MNDA): A legally binding contract that ensures that both parties involved in a business relationship protect each other's confidential information, similar to an NDA, while allowing for the exchange of valuable insights or data.

Regulated data

Credit card payment information

• Credit card payment information: Information related to digital credit/debit card payments - regulated via PCI DSS standards.

Personal government-issued information

• Personal government-issued information: Information such as Social Security numbers, passport numbers, or driver's license details that must be protected/stored in compliance with various privacy regulations.

PII

• Personally Identifiable Information (PII): Any data that can identify an individual. Check privacy policies to find how PII is handled.

Healthcare data

• Protected Health Information/Healthcare data: Health information associated with an individual (e.g., health status, payments for health care). Protected via HIPAA regulations.

Data retention requirements

• Data retention requirements: Refers to the regulations and policies that dictate the duration for which data must be stored and the conditions under which it can be accessed, modified, or disposed of, ensuring compliance with legal standards.

Acceptable use policy (AUP)

• Acceptable use policies (AUP): Policies that dictate the acceptable use of company assets (e.g., workstations, company-issued phones).

Regulatory and business compliance requirements

Splash screens

• Splash screens: A message, logo, or graphic shown during startup or login - can be used for branding, information, or to require compliance.