220-1202 Operational Procedures Study Guide for the CompTIA A+ Core Series Exam

Change Management

Change management is the process of addressing changes within an organization. Whenever a change is going to be made in an organization, proper procedures must be followed to ensure that any negative impact on the business or users is minimized. You will need to be able to explain change management best practices.

Documented Business Processes

Documented business processes provide a high-level overview of what aspects of the business the change is expected to impact. This document states who, how, why, and when interactions occur during the change process.

Rollback Plan

A rollback plan documents the steps that will be taken in case of implementation or primary plan failure. A rollback plan should include a way to revert to a previous version of the system before the change was applied and is focused on reversion of the entire affected system.

Backup Plan

A backup plan, unlike a rollback plan, is primarily focused on remediating the immediate effects of plan failure and is commonly designed for use while the rollback is being implemented.

Sandbox Testing

A sandbox test is done in a separate environment that matches the existing environment. It can be used to test and evaluate the effects of potential changes to a system or network without affecting the real system. Sandbox testing allows for fine-tuning of an implementation plan prior to actual deployment.

Responsible Staff Members

The responsible staff member is the employee designated as responsible for a particular change process. This person oversees the change plan as well as acts as a point of contact for the plan. The responsible staff member should also be able to answer questions related to the change as well as spearhead any subsequent changes to the plan.

Change Management

Effective change management involves precise documentation to record the change management process from conception to implementation. Change management documentation includes all formal records, plans, and processes involved to provide visibility and accountability to all parties and stakeholders involved.

Request Forms

A request form is a form that proposes a change. Request forms typically include information such as what needs to be changed, why the change is needed, and the plan for the change as well as the priority of the change. The request form also includes the rollback plan, the evaluation of the plan, and the time it will take to implement the change.

Purpose of the Change

The purpose of the change is the reason why the change needs to occur. This reason can be new business requirements, regulatory requirements, or technological requirements.

Scope of the Change

The scope of the change lays out what will be affected by the change. The scope may be small, affecting only a few devices, or extensive, affecting the entire network. When detailing scope, specific details should be addressed, such as how many systems and/or employees will be affected and any other direct or indirect consequences of the change.

Change Type

In change management, there are three primary change types that indicate the scope of the change, the potential impact on the networking environment, and the pressing nature of the change.

Standard Change

A standard change commonly refers to a change that has a low risk level, is highly repetitive with preset steps, and is typically pre-authorized. The installation of patches and updates is commonly considered a standard change.

Normal Change

A normal change is generally one that is not pre-authorized, but it will be specifically planned out and have a higher risk factor than a standard change. A normal change relies heavily on the change management process for implementation and oversight. The migration from on-premise storage to a cloud environment is an example of a normal change.

Emergency Change

An emergency change is one that is implemented due to necessity and is commonly on a strict implementation timeline. An emergency change poses a much higher risk than standard and normal changes due to the lack of time to properly investigate potential change repercussions and impacts. For example, if a portion of a network is under attack, isolation of the affected portion would need to be immediate, regardless of potential negative impacts on the entire network.

Date and Time of Change

The data and time of the change specify the temporal timeline of the change and should be chosen to impact the least amount of business function possible.

Change Freeze

A change freeze is a designated period of time during which no changes of any kind are authorized. A change freeze is used to eliminate the potential impact a change may have on a network. For example, a tax preparation enterprise may place a change freeze on all systems for the week of April 15, since that is tax-filing day in the US.

Maintenance Windows

A maintenance window is a designated period of time during which changes are authorized to take place, most commonly during the period of least use. During a maintenance window, disruptions are anticipated. For example, an internet provider may designate a maintenance window from 1:00 a.m. to 4:00 a.m. due to the low number of users present on the network during that time period.

Affected Systems/Impact

Affected systems are the systems that will be impacted by the change in some manner. This document should also include the impact the change will or may have on the affected systems, such as production time lost or how customers may be affected.

Risk Analysis

A risk analysis, or risk assessment, is a detailed evaluation of a potential threat and the risks that could arise if the threat occurs. In the change management process, risk analysis examines the potential failure of a change and the impact that failure may have on the company. Upon defining the new risks that may arise, the organization must choose to accept, mitigate, or avoid the risk.

Risk Level

The risk level is a measurement of the potential impact of failure on the company. Risk levels are commonly assigned by comparing the likelihood of occurrence with the potential impact the occurrence would have on the organization if it did occur. Risk levels commonly include designations of low, medium, or high. The specifics of the risk levels and responses tend to vary between organizations, so be sure to review the pertinent information before performing a risk analysis.

A risk assessment matrix is often used as a visualization tool for assigning the risk level and the most appropriate response. Below is an example of such a risk matrix, one with four levels:

Retrieved from: https://commons.wikimedia.org/wiki/File:IC-Risk-Assessment-Matrix-Template.jpg

Change Board Approvals

The change board is the group of users who are in charge of determining whether to proceed or table a potential change. The change board evaluates the entire change from all perspectives in order to decide the most effective way to proceed to provide the least amount of impact on the company and day-to-day functions.

Implementation

Implementation in change management is the actual process of putting the planned change into action. Implementation takes the change from its prior state to its desired state. Implementation goes beyond the technical aspects and focuses on supporting affected users and employees through the change.

Peer Review

A peer review is an external perspective or evaluation of a planned or implemented change by teams or groups outside of the change management team. Peer reviews are used to identify the effectiveness and potential risks of the intended change, as well as to provide possible insight into possible improvements to the process.

End-User Acceptance

In order for a successful change to occur, all users must be on board and prepared for the change. User acceptance testing is a common practice in which real users ensure that the change doesn’t negatively affect their ability to perform tasks.

Workstation Backup and Recovery

All organizations should have a business continuity and disaster recovery (BCDR) plan documented and in place. Disaster prevention and recovery refers to the ability to bounce back after any type of disaster, such as a natural disaster or a cyberattack. Questions in this section will be scenario based.

Backup

A backup is a stored data clone of a workstation, device, OS, files, or network that can be used in case of disaster or if needed for recovery. The backup provides a recovery point objective (RPO), which is a point in time to which a dataset can be restored. A backup can be a full backup of the entire dataset at a specified point in time or a partial backup of the changes since the previous backup.

Full

A full backup copies the entire dataset at a specific point in time and may include the OS, files, and personalizations. While a full backup can be used to completely restore a dataset in case of complete failure, it is memory-intensive and time-consuming.

Incremental

An incremental backup uses an archive bit set to back up data. It maintains the data written on the archive bit set since the last incremental backup. Once the incremental backup occurs, the archive bit set is reset and ready to store the data captured from the point of the last incremental backup. Fully restoring a dataset after a failure requires both the full backup and all incremental backups.

Differential

A differential backup also employs the use of the archive bit set. Unlike the incremental backup, however, the differential backup does not reset the archive bit set until a full backup is completed. The differential backup grows in size until a new full backup is performed. In case of failure, a full backup would need to be restored, but unlike the incremental backup, only the latest differential backup would need to be restored for the dataset to be complete.

Synthetic Full

A synthetic backup is software that creates a full backup by combining the last full backup with incremental or differential backups to create a complete dataset. This reduces the recovery time objective (RTO), the amount of time it takes to restore a dataset.

Recovery

Recovery is the process of returning a system or network to functional status after an incident occurs. Recovery increases business continuity, reduces downtime, protects data, and mitigates risk.

In-Place/Overwrite

An in-place/overwrite is a recovery technique that applies or installs a backup directly onto the affected hardware. A recovery point is chosen at which the system was known to be in a good state and restored to that previous state. An in-place/overwrite will remove the affected system from use during the recovery process.

Alternative Location

An out-of-place or alternative location recovery occurs when the affected system’s functionality is transferred or moved to a completely different physical location. An out-of-place or alternative location recovery is especially useful in case of catastrophic events that may affect an entire network or system for a significant period of time.

Backup Testing

It’s not enough to perform backups; the backups must also be tested. The test serves to show that the backup files are not corrupt and that they are backing up everything that would need to be restored in the event of a disaster.

Frequency

The frequency of backup testing differs, but it is recommended that backup testing be conducted monthly at a minimum, with highly sensitive or constantly changing dataset backups tested more frequently.

Backup Rotation Schemes

A backup rotation scheme is a schedule used to guide the rotation of long-term data archiving by the backup source and location. Rotation schemes include the type of media used for the backup as well as the physical location of the backup. Backup media types include disk-to-tape, disk-to-disk, and disk-to-cloud.

Onsite vs. Offsite

Onsite backups are physically kept on the same premises as the dataset that they back up. An offsite backup is kept in a different physical location from the dataset. Data backups should be rotated offsite in case of a major disaster.

Grandfather-Father-Son (GFS)

The GFS rotation scheme is a first-in, first-out (FIFO) schedule for rotation. Backups are taken daily. At the end of the week, the last daily backup will become the weekly backup, and at the end of the month, the last weekly backup will become the monthly backup.

3-2-1 Backup Rule

The 3-2-1 backup rule pertains to maintaining both onsite and offsite rotation. To apply this rule, three copies of a backup should be taken, with two copies of the backup kept onsite while the final copy is kept offsite.