By Fatskills Exam Guides Team — the exam nerds behind 28,500+ quizzes and 2.1M practice questions across 500+ global exams.
220-1102: Objective 4.6: Explain the importance of prohibited content/activity, and privacy, licensing, and policy concepts. Network administrators face several challenges in keeping a network safe and secure. Although many tools and procedures are used to prevent misuse of resources, security incidents are bound to happen. Not all of them come from outside the network. In fact, some of the most perilous threats come from users inside the organization who violate security rules or rules of acceptable use. Managing user content, activity, and privacy is challenging because users and managers do not all understand these concepts in the same way. An organization must create a well-defined policy that spells out what is and is not acceptable use and practice. The policy also must define the consequences of not complying with the organization’s standards while using its equipment. This section details the process of responding to violation incidents.
For the sake of studying the incident response process, prohibited content and activity can be defined as follows: - Any content stored on a company-owned or company-managed computer, mobile device, or network that is contrary to organizational policy - Any activity performed or received by a company-owned or company-managed computer, mobile device, or network that is contrary to organizational policy When someone has been found to have acted inappropriately, having a response and process in place protects both the organization and the users. Incident Response Incident response is the set of procedures that any investigator follows when examining a technology incident. The initial response and documentation are important because the information and evidence gathered guides the rest of the process. First Response When an incident is reported, the responder’s first task is to identify exactly what happened. The responder must first identify whether this is a simple problem that requires troubleshooting or an incident that needs to be escalated. The key to any problem solving is understanding what problem needs to be resolved. For example, if a person has prohibited content on a computer, this can be considered an incident. As part of first response, the incident should be escalated to the violator’s supervisor, with reporting on exactly what was found. Copyrighted information, malware, inappropriate content, and stolen information can all be considered prohibited. After identifying the problem, the incident must be reported through proper channels. Reporting through proper channels might include law enforcement if the incident involves fraud or the security of private customer information. Then steps must be taken to ensure data/device preservation. This often means making a backup of the computer’s image using special software to ensure data integrity and preservation. However, depending on the organization’s policies, a better approach could be to leave everything as is and wait for a computer forensics expert or a security analyst. It is important to preserve the scene so that a specialist can collect evidence. Documentation Documenting everything that is found and anything that happens after the initial report is essential. If the organization does not have set reporting formats, then writing down the details and taking pictures is appropriate. Any and all information should be available to the supervisor. If the first responder is able to fix the problem and no other specialists are required, the documentation process can continue through to the completion of the task (and beyond, while monitoring the system). Documentation should include any processes, procedures, and user training that might be necessary to avoid a similar incident in the future. Chain of Custody If preserving evidence is required, one way of doing this is to set up a chain of custody, the chronological documentation or paper trail of evidence. It should be initiated at the start of any investigation and should include tracking the evidence/documenting process; identifying who had custody of the evidence, all the way up to litigation (if necessary); and verifying that the evidence has not been modified or tampered with. Note: A PC tech normally does not get too involved with investigations, but the A+ exam covers the basic concepts of incident/first response, documentation, and chain of custody. Licensing/Digital Rights Management (DRM)/End-User License Agreement (EULA) All types of software licensing issues can complicate your life as a PC tech. It’s important to realize that carelessness with licensing could put your company in financial and legal jeopardy. The following are some issues to watch out for: - The limitations created by digital rights management (DRM) - End-user license agreements (EULAs) - Open source vs. commercial licenses - Personal vs. enterprise licenses DRM Digital rights management (DRM) is the general term for software or service mechanisms that limit the end user’s rights to copy, transfer, or use software or digital media. The following are some examples of DRM: - Restrictions on digital music playback when the music has been burned to an audio CD, such as with Apple Music - Limits on the number of systems that can use an application at the same time, such as Adobe Creative Cloud or Microsoft Office 365 When upgrading a system that is running DRM-based apps, it is important to determine in advance how the upgrade might affect DRM issues. In some cases, moving to a new OS might be transparent to the DRM system; in other cases, the DRM system might require the user to confirm the license. When removing from service a system that is running DRM-based apps, it is important to determine in advance how to properly move the DRM-based apps or DRM-limited files to another system. Authorization might need to be removed from the system before a new system can be authorized to use the app. EULA An end-user license agreement (EULA) restricts how an app can be used and what transfer rights are available. If an app was preinstalled on a system, its licensing might not allow the app to be moved to another system. Be sure to check the EULA for a particular app or for an operating system with bundled apps to determine what can legally be done with the operating system and apps when the original computer is withdrawn from service or upgraded to a new operating system. Understanding Open Source and Commercial Licenses According to the Open Source Initiative website (https://opensource.org/osd): Generally, open-source software is software that can be freely accessed, used, changed, and shared (in modified or unmodified form) by anyone. Open source software is made by many people, and distributed under licenses that comply with The Open Source Definition.
Linux operating system distributions (known as distros) and Linux apps are some of the most well-known examples of open source software. Open-source software can be used for commercial purposes and can even be sold. However, open-source licenses require the sellers of open source software to not limit the rights of purchasers to use, change, or share the software. For example, the rights obtained when Company A starts using Software X must be passed on to Company B when Company A sells any version of Software X, and so on. These rights include source code. Note: The Open Source Initiative website offers a variety of OSI-approved licenses that can be used as models for licensing; see https://opensource.org/licenses.
Most commercial software other than open source can be called closed source. For example, Microsoft Windows, Apple macOS, Adobe Creative Cloud, and Microsoft Office are examples of operating systems and apps that use commercial licenses. Unlike an open source license, which permits free use, modification, and sharing of source code, commercial licenses do not cover source code (the actual instructions used to make the software). They also limit how licensees can use object code (the program). For example, Adobe Creative Cloud subscriptions can be used on two computers (for example, a work and a home or travel computer), but not at the same time. If a third computer has Adobe Creative Cloud installed, Adobe permits Creative Cloud apps to run on the additional device if the other computers’ licenses are deactivated by Creative Cloud. Personal vs. Enterprise Licenses Personal use licenses are software licenses provided for computers purchased at retail or online stores and downloaded or packaged apps designed for use by individuals. Essentially, these licenses limit the use of the software to one or a very small number of computers in the same household (for example, antivirus utilities designed for up to five Windows, macOS, or mobile devices).
Corporate use licenses can differ from personal software licenses in several ways: - Software covered by enterprise licenses includes management and security features designed for the enterprise. - Software covered by enterprise licenses have much different rules for software upgrades than personal-licensed software. - Software covered by enterprise licenses can be licensed per seat, per device, per processor, or in other ways. - Some personal software licenses, such as for Microsoft Office Home and Student, are specifically restricted from being used in business. The company can face serious fines if software licensing terms are not followed. A supervisor should be notified if a technician is asked to violate the terms of a license. Valid Licenses and Non-expired Licenses A valid license means that the user has agreed to the software developer’s terms of use. This is also known as subscription-based licensing. These terms can include a recurring payment agreement based on time or the number of users. The agreement should also detail how software will become unusable if the subscription is not renewed. An alternative to subscription licensing is a non-expiring license, also known as a perpetual license. This simple license grants the user ongoing permission to an application, with no expiration date. Regulated Data Four types of data are regulated and must be protected by network administrators. They are listed with the acronym first because that is how they are referred to in the field: - PII: Personally identifiable information, such as a person’s name, address, driver’s license number, credit card numbers, and social security number - PCI: Payment Card Industry standards that are in place to protect credit cardholders’ data, including card numbers and address and credit information - GDPR: General Data Protection Regulation, enacted in Europe to protect several types of data, including health, biometrics, genetics, and criminal history - PHI: Protected health information (a part of the HIPAA law), which covers health status as well as payment methods, account numbers, and beneficiaries Any organization that holds or uses this type of information is responsible for protecting it from identity thieves. Many serious (and very expensive) data breach cases have happened in recent history, and some of them have had crippling effects on the companies that lost data.
A computer technician’s role in protecting data includes the following: - Configuring systems to use secure cloud storage instead of locally stored sensitive information on laptops and mobile devices - Configuring and using strong encryption on wireless networks and point-of-sale (POS) systems - Using full-disk encryption such as BitLocker, BitLocker To Go, or similar products on laptops and mobile devices that store or access sensitive data - Configuring hardware and software firewalls to protect sensitive data - Educating users on methods to remove personally identifiable information from documents, photos, and other files that might be shared or posted online
Of course, it is important to protect users and the organization by keeping up with recent developments in both knowledge and application of these policies and best practices. Understanding them is necessary for the A+ exam.
Join 4M+ learners. Unlock unlimited quizzes, wrong-answer tracking, flashcards + reminders, study guides, and 1-on-1 challenges.