4.1 – Documentation and Support Systems - Document Types

Questions and Answers

An employee is found to be using company-owned mobile devices for personal business, violating the stipulated usage guidelines. Which document would primarily help in addressing this situation and provide a reference for potential disciplinary actions?

• Standard Operating Procedure (SOP)
• Network Topology Diagram
• Acceptable Use Policy (AUP) (correct)
• Incident Report

A network administrator is troubleshooting an email server connectivity issue. Which document would be most helpful in understanding the server's place within the network infrastructure and its communication pathways?

• Compliance Report
• Network Topology Diagram (correct)
• Incident Report
• Acceptable Use Policy (AUP)

A healthcare organization needs to demonstrate adherence to data protection regulations. What kind of processes would they implement?

• Acceptable Use Policy (AUP)
• Network Topology Diagram
• Standard Operating Procedure (SOP)
• Compliance process (correct)

A user encounters a notification upon launching a financial application, reminding them about the appropriate handling of sensitive financial data. What is the term for this notification?

Splash Screen (C)

A company suspects a data breach on one of its servers. Which document should be immediately created to record the details, actions taken, and facilitate further investigation?

Incident Report (C)

During a routine system update, a critical server experiences unexpected downtime. Which document provides a step-by-step guide for the IT team to follow in order to resolve the issue and restore services?

Standard Operating Procedure (SOP) (C)

An IT department wants to ensure that new employees receive all the necessary resources and access rights on their first day. Which documented process would they typically follow?

Onboarding Process (C)

An employee is leaving the company. What formal process needs to be followed?

Offboarding Process (A)

An IT support team is repeatedly facing the same issue with a particular software application. To improve efficiency and reduce resolution time, what internal resource should they develop and maintain?

Knowledge Base (B)

An organization identifies a regulation that requires them to take action. What is the process to take?

Compliance (A)

What is the description of an AUP?

Documentation that outlines all of the different assets that employee can use and the appropriate way to use them (D)

What is the description of a network topology diagram?

Shows us a logical view of how devices are connected together (C)

What can be included on the splash screen? (Select all that apply)

All of the above (D)

What is the purpose of formal incident reports?

Ongoing documentation when these types of issues occur (A)

Why is it important to document standard operating procedures?

Ensure everyone knows the process that should be followed (A)

What can the consequences be if organizations do not comply with regulations?

All of the above (D)

What is the purpose of a knowledge base?

Save a lot of time when troubleshooting (D)

Which document ensures a smooth transition when onboarding new employees?

Onboarding Process (A)

In the context of IT and data security, what is the primary goal of an offboarding process?

To secure company data and assets by deactivating accounts and retrieving hardware. (A)

A company's IT department experiences a repeated issue with a software application, causing workflow disruption. What step can they take to prevent the same issue from causing disruption again?

Implement a knowledge base to document problems and resolutions. (B)

Flashcards

Acceptable Use Policies (AUP)

Documentation outlining assets employees can use and how to use them properly.

Network Topology Diagram

A diagram that illustrates the arrangement of devices in a network, logically or physically.

Compliance

Adherence to laws and regulations, including documented processes and procedures.

Splash Screen

A message displayed when software starts, informing users about data usage or updates.

Incident Report

Formal documentation created when a security breach or other issue occurs.

Standard Operating Procedures (SOPs)

Documented procedures that outline steps to be followed for specific tasks or processes.

Onboarding

The process of integrating a new employee into the organization.

Offboarding

Checklist followed when an employee leaves the organization.

Knowledge Base

Internal or external repository of information for troubleshooting and documentation.

Study Notes

• Study notes on organizational security policies, procedures, and documentation are below

Acceptable Use Policies (AUP)

• AUPs are documents outlining how employees can use organizational assets appropriately.
• AUPs may cover the use of the internet, mobile devices, computers, and other company-owned assets.
• AUPs provide documentation in case of employee dismissal for asset misuse, which could help with legal issues.

Network Topology Diagram

• Network topology diagrams provide a logical view of how devices connect.
• These diagrams can also be physical, showing rack layouts and installed devices.
• They help determine traffic flows for communication, such as between email and database servers.

Compliance Processes

• Organizations must follow laws and regulations, necessitating a formal compliance process.
• This process ensures the company understands and meets compliance requirements specific to its industry.
• Industries like healthcare and finance have distinct compliance regulations.
• Non-compliance can result in fines, job loss, or incarceration.
• International businesses may have completely different compliance regulations.

Splash Screens

• Splash screens appear when users launch applications, explaining data usage guidelines.
• Users usually must agree to the information on the screen before proceeding.
• Splash screens can display informational messages such as software updates or maintenance schedules.
• They may also contain legal or administrative reminders about the proper use of the application and its data.

Incident Reports

• Incident reports are formal documents, as specified in security policies.
• Security policies should detail when and how to create incident reports.
• Incident reports provide ongoing documentation of security issues.
• They track device breaches, inform relevant parties, and guide the resolution process.
• Incident reports help identify trends and understand how similar problems were previously resolved.

Standard Operating Procedures (SOP)

• SOPs document standard processes, ensuring everyone knows the proper steps.
• SOPs guide employees, regardless of their tenure.
• SOPs can cover maintenance procedures, notifying relevant parties about issues like cooling system failures.
• SOPs are often deployed when deploying software, following testing and change control processes.

SOP Documentation

• SOP documentation should detail every step, residing on a company intranet or accessible resource.
• Onboarding is a good example of a SOP, ensuring new hires have what they need on their first day.
• Onboarding steps may include signing IT agreements, creating user accounts, assigning permissions, and purchasing necessary equipment.

Offboarding Process

• Offboarding is a formal checklist followed when someone leaves an organization.
• The offboarding process includes retrieving hardware, securing data, and deactivating user accounts.

Knowledge Base

• A knowledge base contains information about internal processes or software to save time when troubleshooting.
• It grows over time as problems occur and solutions are documented.
• The knowledge base serves as a reference for resolving recurring issues.