CompTIA®A+ Core 2 Exam Notes : Processes for addressing prohibited content/activity, and privacy, licensing, and policy concepts

5. Operational Procedure

5.3 Processes for addressing prohibited content/activity, and privacy, licensing, and policy concepts

Incident Response: In some cases violations may be innocent transgressions attributed the employee's misinterpretation of the rules and in others, they may be flagrant violations with legal implications. In either case, regardless of how you become aware of the violation, it is important that you adhere to the policies that relate to your handling of the situation. You may be tempted to err on the side of leniency in some matters. This is NOT your decision to make. In the worst case, failure to report incidents could make you an accomplice. Every company has slight terminology variations as to what is and is not acceptable use. The fundamental principles will be the same. For example, every company will have an Acceptable Use Policy (AUP) that is part of the employment agreement and is also freely available for employee review. Read it completely and follow it to the letter.

Open source vs. commercial license: Software can be generally classified two ways. Open source (freeware) where the source code is freely available and can be modified by subsequent developers providing that any derivative works remain freely available and there are no fees for its use. This software is developed by and for a community that values the betterment of the product over financial reward.

Types of Licenses

1. Personal License

2. Enterprise licenses

1. Personal License:Licenses are purchased by the company and can be used by any single person within this organization. A Personal license is an option for private individuals who purchase a license with their own funds, and solely for their own use. Personal licenses are not to be purchased, refunded or in any way financed by companies.

2. Enterprise licenses: Enterprise License means a non-exclusive, non-transferable license to install and operate the Software Products, on any applicable media, without quantity or limitation.

Personal license vs. enterprise licenses: When using commercial software the licensing is purchased based on the intended use. Personal use is defined a single user installing the product on the personal devices in his home (domicile). In the corporate environment, products are usually covered under an enterprise site license that grants use to all employees. If the software is particularly expensive or use is confined to a small group or department, a per-seat license may be more cost effective. This license limits the installations to a predetermined number of users.

Regulated data

PII (Personally identifiable information): PII is any piece of information about a user that can be used alone or in combination with other pieces of information to identify an individual user. While it is the responsibility of all organizations to protect PII that they may possess, it is especially important in certain regulated industries such as healthcare and finance.

PCI(Payment Card Industry): PCI encourages and enhances cardholder data security and facilitates broad adoption of consistent data security measures globally.

GDPR (General Data Protection Regulation): The GDPR applies to EU-based organizations that collect or process the personal data of EU residents and to organizations outside the EU that monitor behavior or offer goods and services to EU residents.

PHI(Protected Health Information): PHI, also referred to as electronic protected health information (EPHI or ePHI), is any individually identifiable health information, provides guidelines for implementing the Health Insurance Portability and Accountability Act Security Rule.

Digital Rights Management(DRM): Explains what rights a user has to use a document or media. DRM protection is built into publicly sold media such as DVDs, and also downloaded content such as from the iTunes store.

European User License Agreement(EULA): EULA is a legally binding contract stating that you abide by the terms of use of the software you are about to install. You can only have one active copy on a PC you own, so you cannot run multiple copies at the same time.

An acceptable use policy(AUP): AUP is a document that outlines a set of rules to be followed by users or customers of a set of computing resources, which could be a computer network, website or large computer system. An AUP clearly states what the user is and is not allowed to do with these resources.

An original equipment manufacturer(OEM): Traditionally is defined as a company whose goods are used as components in the products of another company, which then sells the finished item to users.

Utilizing proper power devices is part of a good preventative maintenance plan and helps to protect a computer. You need to protect against several things:

  • Surges

  • Spikes

  • Sags

  • Brownouts

  • Blackouts

A surge in an electrical power means that there is an unexpected increase in the amount of voltage provided. This can be a small increase or a larger increase known as a spike. A spike is a short transient in voltage that can be due to a short circuit, tripped circuit breaker, power outage, or lightning strike.

A sag is an unexpected decrease in the amount of voltage provided. Typically, sags are limited in time and in the decrease in voltage. However, when voltage reduces further, a brownout could ensue. During a brownout the voltage drops to such an extent that it typically causes the lights to dim and causes computers to shut off.

A blackout is when a total loss of power for a prolonged period occurs. Another problem associated with blackouts is the spike that can occur when power is restored. In the New York area, it is common to have an increased amount of tech support calls during July; this is attributed to lightning storms. Quite often this is due to improper protection.

Some devices have specific purposes, and others can protect against more than one of these electrical issues. Few of these devices are

Material Safety Data Sheet (MSDS): Each type of equipment that has a potential environmental risk associated with it has a MSDS. It provides information on hazardous chemicals present in various materials. The topics include composition of ingredients, handling and storage methods, lethal dose information, and toxicology and ecology. The aim of MSDS is to inform people about the adverse effects of various chemicals and how to properly handle these chemicals. You can obtain this sheet from the manufacturer or from the EPA. The Web site is www.epa.gov.

MSTSC: The Microsoft Terminal Services Client, currently known as Remote Desktop Services, is a component of Microsoft Windows that allows users to take control of a virtual machine or remote computer over a network connection.

Previous    Contents    Next


A+ Core 2 Cram Notes Contents

certexams ad

simulationexams ad