220-1102 Operational Procedures Study Guide for the CompTIA A+ Core Series Exam
Page 1
General Information
Any IT operation must have procedures in place covering safety, communication, professionalism, and environmental impact. These must be standard for all people with access to the system and must be accurately communicated and recorded for reference. The procedures must also be based on industry best practices. The CompTIA A+ 1102 test assesses your knowledge of operational procedures in 22% of the questions. A little over half (about 56%) of the questions about operational procedures will begin with a scenario.
Documentation and Support Systems
Documentation is the final step in the troubleshooting process and is vital to the smooth running of the network and system. Documentation best practices and policies are designed to streamline the running and troubleshooting of a network or system. Questions in this section will be scenario based, and you should be able to implement best practices pertaining to creating and maintaining documentation as well as the support systems involved in the documentation process.
Ticketing Systems
A ticketing system is a system that creates individual tickets or requests for assistance from the IT department. A ticketing system provides a method of tracking, addressing, and recalling instances of issues encountered by users. A ticketing system also provides accountability, reporting, collaboration, remediation, and escalation tracking to ensure that the help desk is running as efficiently and effectively as possible.
User Information
When opening a ticket, the user information is typically the first thing collected. This information is essential for communication between the user and the technician responding to the ticket. User information may include the user name, full name, phone number, and/or email address of the user.
Device Information
Device information is collected to provide the technician with additional insight into what may be the cause of the problem. Examples of device information include device type, model number, OS being used, and network access type, among others.
Description of Problems
The user will be asked to enter a description of the issues encountered. It is important to gather as much information from the user as possible. For example, what is occurring, when does it occur, and what actions the user took to initiate the problem.
Categories
Most ticketing systems have the ability to categorize issues. Categorizing allows for the ticket to be filtered and referred to the person or department that is best suited to address the issues. For example, categories may include database issues, operating system issues, networking issues, or peripheral issues.
Severity
A severity level is assigned to a ticket by the user and the technician to address the urgency of the problem. Keep in mind that when a user is reporting a problem, the user may feel that the issue is more severe and urgent than it actually is. The technician must use their best judgment when assigning severity levels to a ticket.
Escalation Levels
Escalation levels, or levels of support, refer to the structure of the IT department as a whole. While every enterprise structure may vary, they are typically numbered levels 1 to 3, with level 1 responders having basic knowledge, level 2 having advanced knowledge, and level 3 having expert knowledge. If a level 1 technician is unable to address the problem, it can be escalated to the next level.
Clear and Concise Written Communication
Written communication between the user, the technician, and any escalation points should be clear and concise. There are three stages of documentation of communication between the involved parties: the description of the problem, progress notes, and the resolution.
Problem Description
The first stage involves the description of the problem. The problem description should be as clear and understandable as possible so the user, technician, and any other person reading can follow it. Try to avoid using highly technical jargon or references.
Progress Notes
Progress notes should be written to document the steps that are being taken to address or resolve the issue. Progress notes should also document the communications that occur between the user and the technician so that, if reviewed, a clear timeline of actions and interactions is presented, which may be needed for escalation or review.
Problem Resolution
The final part of the written communication documentation is the problem resolution. This should include what steps were taken to resolve the problem, and it should be easy to follow by others, such as another technician who encounters the same issue.
Asset Management
Asset management is the process of keeping track of the fixed tangible assets of a company. Asset management systems track physical assets throughout their lifespan.
Inventory Lists
Inventory lists are a record of all the assets of a company detailing equipment types and quantity. Inventory lists are useful and sufficient for smaller enterprises but may become overwhelming with larger inventories.
Database System
For larger inventories or more complex asset lists, a database system can be created and used. A database system has the ability to store and retrieve asset information quickly and efficiently and can also provide insight into asset usage, value, and trends. Asset management systems are database systems.
Asset Tags and IDs
An asset tag or ID is a method used to track equipment within an asset management system, typically in the form of a scannable barcode with an assigned numeric number. This allows the asset management system to identify all equipment as well as retrieve data associated with the asset tag.
Procurement Life Cycle
The procurement life cycle is the life cycle of an asset within an enterprise. The procurement life cycle for IT typically starts with the purchase of the asset, the deployment of the asset, the continued management of the asset, and the retirement of the asset. The procurement life cycle can be tracked manually or with an asset management system.
Warranty and Licensing
Some assets may come with the manufacturers’ warranties or licensing agreements. The warranty and licensing information can be tracked with asset management as well. Monitoring warranty and licensing information is necessary to stay up to date on potential warranty or licensing expirations that may affect the life cycle of the asset.
Assigned Users
Assigned users are the end users who are responsible for an asset. Assigned users are typically monitored by an IT manager who is ultimately responsible for the assets and users of those assets, such as laptops or cellular phones.
Types of Documents
It’s vital to ensure that you read any required documentation before you begin working on any system. Documentation includes items such as processes and procedures, network diagrams, knowledge base articles (also known as KBs), and much more. It’s also important to document any fixes that have been implemented so they can be referenced later. Another example of documentation includes safety data sheets (SDS), formerly referred to as material safety data sheets (MSDS). The SDS outlines the procedures for disposing of hazardous materials. This should be referenced if there is a question about properly disposing of hazardous material. The SDS is administered by the Occupational Safety and Health Administration (OSHA) within the United States.
Acceptable Use Policy (AUP)
An AUP is a policy put in place by an organization that states which types of actions are acceptable to perform using their equipment. Many organizations implement AUPs that state how employees are allowed to use their company-owned devices. Whenever accessing a public Wi-Fi, such as at a coffee shop, you will have to acknowledge the AUP before getting access to the network.
Network Topology Diagram
Network topology diagrams are extremely helpful for performing any network upgrades or even troubleshooting networking problems. The network topology diagrams will provide a visual representation of how the network is laid out, including both logical and physical information for the devices. Visio is a popular tool used when creating network diagrams.
Regulatory Compliance Requirements
Networks are required to follow specific regulatory requirements, which can be local, state, or federal. Common regulations include the Sarbanes-Oxley Act, which regulates how companies protect and maintain financial records and data. The Health Insurance Portability and Accountability Act (HIPAA), contains federal regulations that protect the privacy of medically related personally identifiable information (PII) and data. The Family Educational Rights and Privacy Act (FERPA) regulates the processing and handling of student data. The Gramm-Leach-Bliley Act (GLBA) protects consumer information gathered by financial institutions.
Splash Screens
Compliance is the process of adhering to all relevant regulations, including local and federally set guidelines. To document compliance, it may be necessary to use screenshots which are generally accepted forms of proof of compliance. A splash screen is a screen capture that can be used to document problems, solutions, and the installation of software. The Windows OS includes the Steps Recorder, which documents each mouse click with a screen capture and information on what was clicked.
Incident Reports
An incident report is a document indicating a situation outside of the norm. Every incident report, like security alerts and indicators of compromise as specified in NIST publication 800-61r2 “Computer Security Incident Handling Guide”, may not require a full incident response and should therefore be verified to ensure an incident has actually occurred prior to executing a full incident response.
Incident Response
Incident response refers to the chain of actions taken and events happening once an incident occurs. An incident is an event that has been identified as having an adverse or potentially adverse effect on an organization, such as a data breach or DDoS attack. A clear incident response plan should be established by the company and followed to ensure a proper response. An incident response plan typically follows the basic steps of detecting or verifying that the incident has actually occurred, then responding, reporting, recovering, remediating, documenting, and reviewing the incident. The NIST publication 800-61r2, “Computer Security Incident Handling Guide,” provides detailed guidelines for creating an Incident Response plan.
Standard Operating Procedures (SOPs)
SOPs document the specified steps that should be followed to comply with policies or regulations set by the company and outside entities. The SOP provides a plan of action for meeting those policies.
Procedures for Custom Installation of Software Package
When installing custom software packages, the entire process should be clearly documented by the initial technician who installed the package. This creates a document and process that can be followed by other technicians for subsequent installations of the package.
New-User Setup Checklist
New employees in a company need to be onboarded, which is commonly coordinated between the IT department and Human Resources. Onboarding is the process of entering the employee into the network, assigning relevant permissions and devices, and informing the new hire about policies and procedures for the company. A new-user setup checklist is helpful in the onboarding process to ensure all necessary actions have been taken. A new-user setup list may include assigning and showing a user how to log in to the network, informing them of AUPs and “bring your own device” (BYOD) policies, and going over email policies and procedures.
End-User Termination Checklist
When an employee leaves a company, the employee will need to be offboarded, which is the process of removing the user from network access and retrieving assigned devices. An end-user termination checklist is a list that provides set actions that need to be taken when an employee is offboarded and ensures that something has not been overlooked during the process.
Knowledge Base Articles
A knowledge base is a repository of information regarding an application or system. When working on a system or troubleshooting an issue, individuals should first visit the system’s knowledge base to see if a solution to their issue already exists.
All Study Guides for the CompTIA A+ Core Series Exam are now available as downloadable PDFs