Page 1 1002 Operational Procedures Study Guide for the CompTIA A+ Core Series Exam
How to Prepare for Questions About Operational Procedures on the CompTIA A+ Core Series 1002 Test
Operational procedures generally tell you what to do in all sorts of circumstances, guiding you to the best practices for each situation. Below you will find an outline of the basic concepts in this area that occupies roughly one-fourth (23%) of the CompTIA A+ Core Series 1002 test. Nearly half of the questions in this domain are prefaced by a scenario and the headings for those areas are marked below with (scenario).
It’s vital to ensure that you read any required documentation before you begin working on any system. Documentation includes items such as processes and procedures, network diagrams, knowledge base articles (also known as KBs), and much more. It’s also important to document any fixes that have been implemented so they can be referenced later. Another example of documentation includes Safety Data Sheets (SDS). The SDS outlines the procedures for disposing of hazardous materials. This should be referenced if there is a question about properly disposing of hazardous material. The SDS is administered by the Occupational Safety and Health Administration (OSHA) within the United States.
Network Topology Diagrams
Network topology diagrams are extremely helpful for performing any network upgrades or even to troubleshoot networking problems. The network topology diagrams will provide a visual representation of how the network is laid out, including both logical and physical information for the devices. Visio is a popular tool used when creating network diagrams.
A knowledge base is a repository of information regarding an application or system. When working on a system or troubleshooting an issue, individuals should first visit the systems knowledge base to see if a solution to their issue already exists.
You should adhere to the following order of operations when responding to any incident occurring on your computer network.
First response: The first step is the proper confirmation that an incident has happened, or is taking place. You should gather as much information as possible on the event, and report it through the proper authorized channels at the organization. These items will be outlined in a sound security policy.
Documentation: The next step is to document as much as possible. You can make use of pictures, scratch notes, or event logs to collect and assemble this information.
Chain of custody: Lastly, you want to make sure the information you have is preserved, especially in the event that information changes. Maintaining the integrity of the information is the most important step from this point forward. Any unaccounted changes could call into question the reliability of the information, making any work done since the first step useless.
Regulatory and Compliance Policy
When dealing with a networking environment, there are several regulations to keep in mind. These include: electrical codes for running high/low voltage cabling, environmental codes for disposing of chemicals or hardware, fire prevention codes requiring the specific use of dry or wet systems, and building codes that specify how cabling can be run through a building.
Acceptable Use Policy
An acceptable use policy (AUP) is a policy put in place by an organization that states which types of actions are acceptable to perform using their equipment. Many organizations implement acceptable use policies which state how employees are allowed to use their company-owned devices. Whenever accessing a public wi-fi, such as at a coffee shop like Starbucks™, you will have to acknowledge the AUP before getting access to the network.
Password policies state what is required when creating a password. Weak passwords can lead to data breaches and identity theft. To ensure that users create strong passwords, most password policies will include requirements for length, complexity, and history.
Inventory management is the process of maintaining a database of which devices and systems exist within an organization. Inventory management is often done using a third-party program to keep track of devices within larger organizations.
An asset tag is a method of inventory management. By adding asset tags to devices, it’s easier to keep track of devices, including who has the device and where they are located.
Barcodes are types of asset tags that can be easily scanned to keep track of the devices.
Management Change (scenario)
Management Change (also called Change Management) is the process of addressing changes within an organization. Whenever a change is going to be made in an organization, proper procedures must be followed to ensure that any negative impact on the business or users is minimized.
Documented Business Processes
Any time a change is made within an organization, it’s important to ensure that the business processes are documented. If the change is going to affect the current business processes, it should be evaluated and documented.
Purpose of the Change
Before making any changes, the purpose of the change must be documented. Typically, a cost-benefit analysis will also be done to see if the purpose of the change is worth the cost to implement and re-train staff on the new procedures.
Scope of the Change
Scope refers to the extent of the changes that will be made. While documenting the scope, it should outline exactly which items will be modified and changed through the project.
When making any changes within an environment, new risk will likely be introduced. Before making any changes in the environment, a risk analysis must be done. Upon defining the new risks which may arise, the organization must choose to accept, mitigate, or avoid the risk.
Plan for Change
Whenever implementing changes, it’s also important to plan for changes that may arise throughout that process. Before implementing anything, there should be a plan in place for change.
In order for a successful change, all users must be on board and prepared for the change. User acceptance testing is a common practice in which real users ensure that the change doesn’t negatively affect their ability to perform tasks.
A change advisory board (CAB) is made up of individuals from various departments throughout the organization. The CAB should also include high-level executives and stakeholders. This board will be responsible for approving the changes before they can be implemented. They will also be in charge of overseeing the project through to completion.
With any change, there must be a backout plan in case unexpected issues arise. A backout plan would include a way to revert to a previous version of the system before the change was applied.
One of the most important aspects of the change management process is to document all changes as they are being made. This includes documenting any new processes that must be followed as a result of the change. All challenges that arise as a result of the change should also be documented.
Disaster Prevention and Recovery (scenario)
All organizations should have a business continuity and disaster recovery (BCDR) plan documented and in place. Disaster prevention and recovery refers to the ability to be able to bounce back after any type of disaster, such as a natural disaster or a cyber attack.
Backup and Recovery
Disaster can strike at any time, making it a requirement of information technology teams to have a full set of backups so they can quickly recover after an incident. Organizations should have full backups (which includes a backup of everything) and incremental backups (which includes only what has changed since the previous backup).
An image-level backup creates a full snapshot of the system at a given point in time. This creates more of a full picture of the operating system and all the files included. This is a more complete option than file-level backups.
File-level backups are exactly what they sound like: individual files and folders are selected to be backed up.
Critical applications should always be a priority when performing backups. File backups may not cut it when trying to backup critical applications. Microsoft Exchange servers and SQL servers will require additional work to back up above and beyond what file-level backups can offer.
It’s not enough to perform backups; the backups must also be tested. The test serves to show that the backup files are not corrupt and that they are backing up everything that would need to be restored in the event of a disaster. Backup tests should be conducted regularly.
If servers are not properly shut down, they can be damaged. This means that if there were to be a power outage, the server operating systems or applications may become corrupt. In order to prevent this type of scenario, systems should be plugged into an uninterruptible power supply (UPS). A UPS is an electrical device which provides power to a device in the event that the main power source fails.
Surges occur when there is a spike in voltage or noise along the line. This can cause damage to equipment if the surge reaches the equipment. Surge protectors can counter this and send the excess voltage to the ground.
Cloud Storage vs. Local Storage Backups
Organizations will have to choose whether to use local storage backups (such as tape backups) or to back up to cloud storage. Some organizations may also opt to have both local and cloud storage as a second layer of disaster recovery. One drawback of cloud storage is that the data owner doesn’t have full control over the data or where it is stored in the cloud.
Account Recovery Options
Account recovery options will vary depending on which type of account needs to be recovered. Many online accounts will have a “forgot your password?” option which will allow the user to have a password reset link emailed to them. If local accounts need to be recovered, Windows 10 has built-in features to recover lost passwords.